I dont like advertisements… PI-Hole for Smartphones!

Well… I recently bought some PS3s because they’re cheap and the last console-generation (to my knowledge) that is (comparatively) easy to jailbreak. But thats another story. Its just the reason that made me do the things i want to tell now. I started youtube on my PS3 and… got advertisements.

Disclaimer on the beginning: I didnt manage to completely block youtube-ads with Pihole, so if thats your goal: dont bother reading further.

As i was trying to block youtube, i noticed its pretty effective against mobile advertisements on my phone.

There were several problems: The PI was only running behind a NAT in my LAN, and my phone isnt rooted so i couldnt set DNS-Resolvers globaly.

The first problem was resolved by me remembering a virtual server i have rented, and installing pihole there:

51.38.191.141

On that IP i am running the pihole now. After solving that problem, i quickly noticed another problem: PiHole doesnt seem to be able to block malicious clients, so i nearly instantaneously got traffic from two clients demanding IPs for “.” and “sl”.

I blocked them manually and havent got any problems with it so far, and i am unsure if it was just stupidity or malicious. Whatever – manually blocking ips doesnt scale well so i am happy that there were only two.

The second problem i had was, as mentioned above, that my phone isnt rooted and i couldnt simply change my DNS-Resolvers globally. I got around that problem by finding… an APP (who would have guessed).

The Problem is that i wanted to use pihole for more privacy and to use just the first that changes dns-servers isnt the best idea, probably as its possible for those to get quite some insight in my surfing (and app) habbits.

In the end i found the DNSChanger for IPv4/IPv6 Open source and ad-free (quite a name) from Frostnerd (https://play.google.com/store/apps/details?id=com.frostnerd.dnschanger&hl=en&gl=US) that seems to be what it sais.

At least its open-source and adfree, and i had a (very) short glance into the code and it wasnt obviously harmfull.

The technique is quite interesting:

The app opens a (local) vpn and tunnels the traffic through that (locally) to change the DNS for all traffic. Quite elegant to circumvent the rooting-need. (Lets be honest: The only reason you cant just change your DNS is because of phone-advertisements, BUT in many regions VPNs are needed to not be hanged for watching porn or being gay while on your phone, so even the advertising-industry (google) left this loophole to get every bit of traffic through.)

Now i have an ad-free phone. I wonder how long (see the unanticipated problem) pihole will be running.

P.S.: Of course you can use my PI-Hole if you want – as long as its there. 😉

Simple one-liner to generate secure passwords in linux

I recently checked my firefox-account and my logins and passwords.

Bad idea…

I noticed that i use pretty weak passwords in general, but i dont want to use a password-manager (anymore).

So… i wrote a simple line to get me random characters from /dev/random and put it into my .bashrc.

Here it is:

echo \ && head -c 100 /dev/urandom | tr -cd '[:alnum:]' | head -c 18 && echo \ && echo \ 

The echos at the beginning and end are for line-breaks to make the output more distinguishable from the rest in the terminal. head gives you the first (in this case) 100 characters from /dev/random, tr filters them, and the next head gives you a nice alphanumerical password of the length 18. its unlikely to not get at least 18 alphanum characters out of 100 random ones, so it works. you can tweak the length yourself, but remember to make the input (100) longer if you change your output-length!

After that i put it into my .bashrc to be able to run it from my terminal anytime. An easy way to do that is:

echo "alias passgen='echo \ && head -c 100 /dev/urandom | tr -cd '[:alnum:]' | head -c 18 && echo \ && echo \ '" >> .bashrc

Now i am able to just type “passgen” into my terminal and i get 18 random characters for me to use!

Quite nice.

vnstat is good

not long ago i was surfing on my notebook while outdoors (yes, in winter, i am a little bit insane on that regard – like him… https://stallman.org/favorite-photos.html ) and suddenly my mobile data was used up (that happens in germany because its really expensive – about 5€ a month per 1 GB data -so we generally dont have much data) and i couldnt surf anymore… if i had known, would have surfed less. the problem is that my provider only lets me check my data in the browser and books the traffic for that (about 2MB every time) from my available data…

so i had an idea:

I am using vnstat (https://wiki.archlinux.org/index.php/vnStat) for years now on my server(s).

Why not on my notebook?

I have to say: its working flawlessly and as long i only use my mobile-data-stick with my notebook it should be accurate…

TL/DR: Use vnstat – it is very good! Not only on your server but also on your mobile devices 😉

X-forwarding with XPRA

I have a server, as some maybe know. I am using mosh for ssh connections, and as a “normal” admin i was using vnc for remote graphical connections.

The problem: Its shit.

Maybe i was using it wrong all those years, but my client informed me quite often that an 8 character password was the best the server could do.

However – i was running a graphical programm for quite some time, when i was notified that i was disconnected because of too many connection attempts.

I had to kill the vnc-server and the running programm with it – and restart it.

Apparantly i am on some kind of list now, because i had too many failed attempts again, a short while later.

Thats when i thought about ssh with x forwarding.

Problem: The program stops when the pipe is broken.

Solution: Xpra ( https://xpra.org/ )

Its a program to forward an X-Display and you can detach and reattach whenever you want.

From the site:

xpra start ssh:SERVERHOSTNAME --start=xterm

To start a terminal (for test purposes, but you can start firefox as well, if you want)

xpra attach ssh:serverhostname

To reattach a running window.

Quite handy!

SSHFS – a useful tool

I got my NAS up and running.

To use the files remote (via internet) as if they were on my computer, i discovered a nice tool for mounting the filesystem via terminal and ssh, so no extra configuration is needed.

Here is the link to a wiki-page:

https://wiki.archlinux.org/index.php/SSHFS

And here is my line:

sshfs -o reconnect -o sshfs_sync $myserver:/path/to/mount /local/mountpoint

The reconnect option is useful if the internet isnt THAT stable ( or youre changing locations, for example when using a notebook) and sshfs_sync enables write-sync, so that the progressbar while copying is showing whats really already written, and its not put into some buffer or something and synced in the background. For using it over the internet with my notebook its useful, because you can tell if its already done, and know whats left to copy.

So… Nice tool!

How to use aurutils

I dont want to search for my own post just to go to reddit and hope, so:

Search for packages:

aur search $yourpackagename

Install Packages:

aur sync $yourpackagename
sudo pacman -S $yourpackagename

Updating aur:

aur sync -u
sudo pacman -Syu (Updates all packages)

Easy enough… So far…

Setting up Archlinux: aurutils

As i want to have “all” the packages for arch, i want to use the aur-repos with the user-maintained packages.

it is discouraged to use a utility for that because one should be able to fix and edit problems with those packages by themselves should some arise.

but… i am really lazy and after using gentoo (and after that arch) for some years, i think i will be able to at least google fo a solution.

having said that: aurutils…

i had to install them manually, obviosly, as i didnt have aurutils to install packages from aur.

Here is a guide for manual installation: https://wiki.archlinux.org/index.php/Arch_User_Repository#Installing_and_upgrading_packages

I used the following site to configure aurutils: https://gist.github.com/geosharma/afe1ea9ebe58cb67aaaba62a0d47bc7a

Some guidence on how to use aurutils may be found at https://www.reddit.com/r/archlinux/comments/bf4rvm/aurutils_guidance/ .

After that it worked and i could easily install packages from aur, without manually installing them via git.

Setting up Archlinux: dmenu

I installed i3 for archlinux and i could not start applications with “$mod+d”.

It was really stupid of me, but i nevertheless decided to drop some lines on that.

TL/DR: Install dmenu with “sudo pacman -S dmenu”

Turns out: when you install i3 on arch, it only installes i3 and the absolutely necessary packages for that. dmenu isnt necessary.

So i wasted about 10 minutes googleing the problem until i found some old comment in a forum and then installed dmenu.

Have fun!

Setting up Archlinux: Changing Backlight via Keypress

To change the brightness via keypress i hacked some scripts together (some time ago) because it was easier (faster) to do that than to do it properly.

Here are the scripts: https://github.com/d13g4/brightnesshack

In the i3 config i had to add the following lines to the end:

bindcode 233 exec .config/bright_inc.sh
bindcode 232 exec .config/bright_dec.sh

Your keycodes may be different, so make sure to get the right ones for you. These codes are the F5 (dec) and F6 (inc) keys on my (thinkpad a275 – german version) keyboard.

Setting up Archlinux: Touchpad Tapping

So… as I want to have tapping on my touchpad, i had to enable it via synclient.

I followed the instructions on https://wiki.archlinux.org/index.php/Touchpad_Synaptics .

To enable tapping i used the command: “synclient TapButton1=1”.

After that tapping worked for me… too good. So whenever i typed, i pressed a button. To fix that i had to use “synclient PalmDetect=1” and for it to work properly “synclient PalmMinWidth=8”.

After that it worked for me (on my thinkpad a275).

To make the changes permanant i had to edit the config file located in

“/usr/share/X11/xorg.conf.d/70-synaptics.conf”

The touchpad section config was edited like that:

Section "InputClass"
        Identifier "touchpad catchall"
        Driver "synaptics"
        MatchIsTouchpad "on"
		Option "TapButton1=1"
		Option "PalmDetect=1"
		Option "PalmMinWidth=8"

So after that the touchpad was working with tapping and i could move on to config the other things.