Setting up a Huawei E3276-150 4G/LTE USB modem on Ubuntu Server/Desktop

I just received an unlocked Huawei E3276s-150 4G/LTE USB modem/surfstick I bought on eBay the other day. I went for the E3276s-150 because the 150 seemed to be the most compatible option for European 4G mobile networks. There are even cheaper Huawei E3276 models like the E3276-920 which you can buy for less than 20 bucks. However, the 920 seems to be frequency-optimized for Asian mobile networks and may not perform as well as a E3276s-150 in Western Europe.
huawei_e3276_lte_cat4_usb_dongle
To my great surprise, setting up the Huawei E3276 on Ubuntu 15.04 Desktop was literally plug & play. After a few seconds after plugging it in, I was greeted with a “Connection Established” message. Nicely done, Canonical!

On Ubuntu Server, like most Huawei modems, the stick is recognised as a memory card reader. It has to be switched to a USB modem device first using the usb_modeswitch command in order to establish a mobile network connection. If it’s not already installed, usb_modeswitch can be installed using apt-get -y install usb-modeswitch.

Memory card reader mode:

drfalken@wopr:~# lsusb
Bus 001 Device 007: ID 12d1:1f01 Huawei Technologies Co., Ltd.

To turn the E3276 into a modem:

drfalken@wopr:~# usb_modeswitch -v 12d1 -p 1f01 -M '55534243123456780000000000000011062000000101000100000000000000'

If the change was successful, lsusb shows a different USB product id now:

drfalken@wopr:~# lsusb
Bus 001 Device 007: ID 12d1:14db Huawei Technologies Co., Ltd.

At the same time, dmesg should output something like this:

drfalken@wopr:~# dmesg -T
[Fri May 29 20:55:41 2015] usb 1-1: New USB device found, idVendor=12d1, idProduct=14db
[Fri May 29 20:55:41 2015] usb 1-1: New USB device strings: Mfr=2, Product=1, SerialNumber=0
[Fri May 29 20:55:41 2015] usb 1-1: Product: HUAWEI Mobile
[Fri May 29 20:55:41 2015] usb 1-1: Manufacturer: HUAWEI Technology
[Fri May 29 20:55:41 2015] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-0000:00:14.0-1, CDC Ethernet Device, 57:2d:70:33:22:10

Since the modem registered itself on eth1 (the name depends on the number of network devices, it doesn’t HAVE to be on eth1), we now simply fetch an IP address from the modem using:

drfalken@wopr:~# dhclient -v eth1
Internet Systems Consortium DHCP Client 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth1/57:2d:70:33:22:10
Sending on   LPF/eth1/57:2d:70:33:22:10
Sending on   Socket/fallback
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 3 (xid=0x3b73326b)
DHCPREQUEST of 192.168.1.100 on eth1 to 255.255.255.255 port 67 (xid=0x3b73326b)
DHCPOFFER of 192.168.1.100 from 192.168.1.1
DHCPACK of 192.168.1.100 from 192.168.1.1
bound to 192.168.1.100 -- renewal in 36557 seconds.

Yay, the modem has made itself available on 192.168.1.100 (it even has a web interface on port 80) with a /24 prefix and a gateway at 192.168.1.1.
By the way, make sure none of your local networks use 192.168.1.0/24 or it will collide with the Huawei’s local network.

Depending on a few factors dhclient may or may not have changed the default gateway. If the default gateway points to the modem, it will be at 192.168.1.1 on eth1:

drfalken@wopr:~# ip route show | grep default
default via 192.168.1.1 dev eth1

If this is not the case, you may have to remove the existing default gateway and replace it using:

drfalken@wopr:~# ip route del default ; ip route add default via 192.168.1.1

And… connected!

drfalken@wopr:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=22.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=57 time=34.9 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=57 time=39.7 ms

Make sure /etc/resolv.conf contains a valid nameserver if you can’t resolve domain names.

To switch the Huawei E3276 into a modem at boot time, create /etc/udev/rules.d/70-usb-modeswitch.rules and insert this line:

ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="1f01", RUN+="/usr/sbin/usb_modeswitch -v 12d1 -p 1f01 -M '55534243123456780000000000000011062000000101000100000000000000'"

To automatically add a valid nameserver in /etc/resolv.conf when eth1 comes up, add these lines to /etc/dhcp/dhclient.conf:

interface "eth1" {
  prepend domain-name-servers 8.8.8.8;
  request subnet-mask, broadcast-address, time-offset, routers,
          domain-name, domain-name-servers, domain-search, host-name,
          dhcp6.name-servers, dhcp6.domain-search,
          netbios-name-servers, netbios-scope, interface-mtu,
          rfc3442-classless-static-routes, ntp-servers,
          dhcp6.fqdn, dhcp6.sntp-servers;
  require routers, domain-name-servers;
}

If you don’t want to run dhclient manually, you can either add an eth1 dhcp section in /etc/network/interfaces or add the dhclient eth1 command to /etc/rc.local.

Just FYI: I’ve been using Vivid Vervet’s (Ubuntu 15.04) 3.19 kernel in Ubuntu Server 14.04 LTS. Vivid’s newer kernel can be installed using apt-get install linux-image-generic-lts-vivid. Not sure if it makes a difference compared to 14.04’s default kernel though.

strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH

I prefer strongSwan over Openswan because it’s still in active development, easier to setup and doesn’t require a L2TP daemon. I prefer a simple IKEv1 setup using PSK and XAUTH over certificates. If you plan to share your VPN server with your friends it’s also a lot easier to setup for them without certificates. I haven’t tried the VPN configuration below with non-Apple clients but it works well with iOS and OS X clients. Make sure to use the Cisco IPSec VPN profile, not the L2TP over IPSec profile you need for Openswan. While strongSwan works well with KVM and Xen containers, it probably won’t work with non-virtualised containers like OpenVZ or LXC. Continue reading

How to auto backup a Gmail account to a QNAP NAS

It’s pretty straightforward to (incrementally) backup all emails in a Gmail account to a QNAP NAS. There’s a QNAP NAS solution using Getmail but it comes with some limitations. I prefer to use Gmail-Backup. It doesn’t need any configuration files and it doesn’t have a 100 messages per session limit. It stores all mails in the .eml format, which not only works on Windows PCs but is compatible with Apple Mail as well. You can even restore deleted emails using Gmail-Backup from the NAS back to a Gmail account.

Here’s how I installed Gmail-Backup on my QNAP TS-439 PRO II+. This tutorial should work with all Intel-based QNAP TS-* models but obviously I only have the 439 to test with. I’m looking forward for your feedback if it works on your QNAP NAS model as well. Please make sure you enabled IMAP in your Gmail account settings. Gmail-Backup works for “Gmail for your domain” (it’s part of “Google Apps” now) accounts as well.

The tutorial is divided into three parts. The first part shows how to install the Optware QPKG on the NAS. This package installer is needed in order to (easily) install Python on the NAS. The 2nd part deals with the installation of Gmail-Backup and the third shows how to automate the backup using cron. It probably is helpful to have some command line skills. Continue reading

How to merge/combine/join multiple .mp4 videos on the Mac

I have a whole bunch of photography tutorials I converted from Flash video format (.flv) to .mp4 so I can watch them on my iPad. Since those tutorials are broken down into a myriad of .mp4 episodes it makes it much harder to watch them in the right order. I needed to find a way to merge several episodes into large movies. This is where Squared 5’s MPEG StreamClip for Mac comes in handy. While this free video conversion tool allows you to convert alls sorts of video formats to .mp4, it also allows you to merge multiple .mp4 videos. Here’s how to do it. Continue reading

How to convert .flv Flash video to .mp4 on the Mac

I have a bunch of photography tutorials in the Flash video .flv format which I want to watch on my iPad. As you may be aware, everything with the name Flash in it doesn’t play too well on Apple’s iOS devices. VLC Media Player for iOS is able to play the .flv format but Apple doesn’t allow 3rd party software devs to use the built-in H.264 hardware acceleration for video playback. As as result, .flv videos usually don’t play very well on iOS devices. Besides, I prefer to manage my video collection in iTunes instead of dragging every clip onto an app icon.

Continue reading

FRITZ!Box 7390 – Firmware-Aktualisierung für auf Deutschland umgestellte internationale Versionen

Wie bereits in einem anderen Beitrag erwähnt, lässt sich eine in der Schweiz gekaufte AVM FRITZ!Box 7390 mit der internationalen Firmware auf die deutsche Version patchen. Dadurch lassen sich beispielsweise die neusten deutschen Firmwares aus dem AVM Labor einspielen, was bei der internationalen Version der Box nicht möglich ist. Am Ende des Beitrages stellte ich die Hypothese auf, dass neuere Firmwares sich nach wie vor über die Benutzeroberfläche einspielen lassen sollten. Ich habe dies heute mit der neusten Laborversion 84.04.86-18419 getestet. Continue reading

FRITZ!Box 7390 in der Schweiz – aktuellste Firmware einspielen (inkl. Laborversionen)

This topic is irrelevant to my English readers. So, for a change this post will be entirely in German.

Wie bereits schon mal in einem anderen Post erwähnt, besitze ich seit ein paar Wochen eine AVM FRITZ!Box 7390 und betreibe diese erfolgreich an einem Swisscom VDSL2 Anschluss (siehe auch hier). Es handelt sich dabei um die internationale “avme” Version. Diese Version unterscheidet sich von der deutschen Version zum einen in den zusätzlichen Sprachbundles (z.B. Englisch) sowie auch der Möglichkeit, die Box an einem Annex A Anschluss zu betreiben. Letzteres ist die Voraussetzung um die 7390 an einem analogen Anschluss mit DSL zu betreiben in der Schweiz. Die internationale Version kann im Gegensatz zur deutschen Version zwischen Annex A und Annex B in der Konfigurationsoberfläche umgestellt werden. Die deutsche Version wird nur mit Annex B ausgeliefert.

Das grosse Problem bei der internationalen Version ist, dass sie der deutschen Version Monate hinterher hinkt. Aktuell verfügbar für Deutschland ist der Firmware-Stand 84.04.86 (bzw. es gibt bereits eine neuere Laborversion der .86er Firmware), während die internationale Version derzeit noch mit einem Firmware-Stand vom letzten April ausgeliefert wird (84.04.83). Die internationale 7390 lässt sich über die Benutzeroberfläche nicht mit einer deutschen Firmware updaten, weshalb allen Besitzern der internationalen Version viele tolle Features bis zum Erscheinen einer aktuelleren, internationalen Firmware verwehrt bleiben (z.B. WLAN Gastnetz, IPv6 support, Photo-bei-Anruf, HTTP-NAS-Oberfläche, DNSsec usw.). Grundsätzlich wird bei der deutschen Version nur Annex B unterstützt, was in der Schweiz und Österreich zu grösseren Problem führt, weil die Box so nicht an einem analogen Anschluss mit DSL synct. Auch auf Anfrage konnte AVM keinen Termin für das Erscheinen einer aktualisierten, internationalen Firmware-Version nennen.

Für alle wagemutigen Update-Junkies mit einer CH/A Version, die nicht auf eine aktualisierte, internationale Firmware warten wollen oder gerne mal die deutsche Laborversion aufspielen möchten, zeige ich hier eine Lösung, die trotz der deutschen Firmware Annex A fähig ist und damit mit Swisscom VDSL2 am analogen Anschluss einwandfrei funktioniert. Continue reading

How to setup a FRITZ!Box WLAN 7390 on Swisscom’s VDSL network

I just got myself an AVM FRITZ!Box Fon WLAN 7390 (CH-edition) router to replace a rather aged Swisscom branded Netopia 7347-84 VDSL router I received for my internet subscription. The FRITZ!Box 7390 really is the jack of all trades:

  • ADSL/VDSL modem
  • WLAN 802.11n/b/g/a (including the 5 GHz frequency band)
  • DECT base station for up to 6 cordless phones
  • Telephone system for Internet and fixed-line network phones
  • Answering machine
  • Fax receiver
  • Network attached storage (NAS)
  • UPnP-AV media server
  • Gigabit ethernet
  • DynDNS support
  • A ton of configuration options (a must have for the true gadgeteer!)

Here’s how to setup the FRITZBox 7390 router for Swisscom’s VDSL network. Continue reading

Enable AirPrint printer sharing for iOS 4.2 and higher for iPad or iPhone

To use Apple AirPrint on an iOS device like the iPad or iPhone you either need an AirPrint enabled printer or a printer that’s connected to a Mac. Here’s how to use a printer that’s connected to a Mac. In order to be seen by any iOS device, the printer needs to be shared on your local network. Go to System Preferences -> Sharing and activate the checkbox for “Printer Sharing”. Click the “Open Print Preferences” button. In my example, I’m going to share my Lexmark C530 laser printer. Continue reading

Capture Flash .flv streams with RTMPDump on the Mac

RTMPDump is a very powerful software to download/capture Flash streams. It’s incredibly useful for sites that don’t let you download Flash videos for offline usage. And you know what, it’s free to use (GPLv2)! RTMPDump is command line only though so if you’re looking for a nice user interface, RTMPDump may not be for you.
If you want to use the latest version of RTMPDump you need to compile it on the Mac as there’s no official version provided for Mac OS X. Compiling RTMPDump is pretty easy even though you need to modify a Makefile in order to build the binary. You also need a build environment like Apple Xcode. If you decide to download my binary of RTMPDump you can skip the next section about compiling it. The RTMPDump binary runs pretty well on Snow Leopard 10.6.4 but may not do so on earlier version of Mac OS X. Continue reading

How-to: NFS mount a Dreambox from a Mac

Gosh, it ain’t that easy to mount a remote NFS share from a Mac. At least not if the NFS server is a Dreambox DM800 sat/cable tuner.

Connecting to a NFS share using Mac OS X is usually pretty easy: open Finder, hit Command-K and enter the remote NFS share address:

My Dreambox is running at 192.168.1.35 but you have to provide your own address or hostname. In my case, the Dreambox also resolves with the hostname dm800.local. If you’re unable to connect using Finder and you’re sure there’s an NFS server running in your Dreambox you will have to do some tricks with Terminal to make it work.

Use the showmount command to see the exported NFS shares:

showmount -e 192.168.1.35
Exports list on 192.168.1.35:
/media/hdd                    Everyone

If you see a NFS share using showmount, let’s try to connect to it from the command line:

sudo mount -t nfs 192.168.1.35:/media/hdd /Volumes

You may get an output like this:

mount_nfs: bad MNT RPC: RPC: Timed out
mount_nfs: can't access /media/hdd/: Permission denied

or

mount_nfs: /Volumes: Operation not permitted

If this is the case, you will have to apply two changes to your Dreambox’s NFS server configuration in order to be able to connect using Finder. Continue reading

How-to: Change all internal WordPress links from www to non-www

I recently changed my website’s WordPress URL from its www-version to the non www-version: www.trick77.com changed to just trick77.com. As this may will confuse search engines and thus lower your visibility in organic searches, it’s recommended to configure a 301 (permanently moved) redirect from the old domain name to the new one. There’s lots of SEO information about redirecting domain names using mod_rewrite and .htaccess to be found on the web.

Now, some SEO experts claim that it’s important to change the internal links on a web site as well. As I’m occasionally linking to my own WordPress posts within my web site, all those links still point to the old www version of the domain name. So, is there an easy way to change all internal links from one domain name to another on a WordPress site at once? Continue reading

How-to: FTP-Backup a Linux server with Duply

My Linux root server’s hosting price plan includes a 50 GB backup storage option. The backup server can only be reached using FTP, unsecured. Even though the backup server is only visible from within my server provider’s local network, I still don’t want to expose all my server settings, accounts and databases in clear text to a man in the middle. Or, I don’t want an untrustworthy subject with access to the backup server’s file system to be able to read my backup. Also, I don’t want to send my entire site to the backup storage every day as this would eat up my 50 GB within days.

This is where Duply (formerly known as FTPlicity) comes in handy. Duply claims to make your incremental encrypted backups on non-trusted spaces a child’s play. It manages backup job settings in profiles and allows to batch execute commands. It supports symmetric and asymmetric encryption using GPG.

Duply is not limited to FTP, you can also send your backups to a IMAP, WebDAV or ssh destination (and even more!). I haven’t tried the IMAP method but in theory you could send your encrypted backup to a free Google mail account as long as you don’t exceed the 7 GB provided by Gmail. However, in this sample, I’m using a FTP scenario with asymmetric encryption.

Continue reading