by ·0 Comments

iodineI’ve had some troubles getting Iodine-server to work under CentOS 7. So iv’e decided to write an article how I’ve managed to get it to work.

This instruction is based on a setup using iptables instead of firewalld, because I run iptables on all my servers since forever.

DNS setup

For iodine to work there are two records required. An A-record and an NS record. I’ve used the same naming as the iodine documentation, to keep it as simple as possible.
First add an A-record with the name t1ns that points to the ip of your server that will run the iodine server. The ip used here for the example should be replaced by your ip.
A: t1ns.<<yourdomain>> → 374.263.291.194

Then add an NS record with the name t1 that points to the A-record you’ve just made;
NS: t1.<<youdomain>> → t1ns.<<yourdomain>>

That’s all there is required for iodine to work with your domain.

Installing iodine

Firstly, make sure the EPEL repository is installed:
yum -y install epel-release

Then install iodine-server:
yum -y install iodine-server

Next is configuring iodine by editing /etc/sysconfig/iodine-server.
Make sure the line that starts with OPTIONS look something like this:
OPTIONS="-f -c -P <<yourpassword>> 10.1.1.1 t1.<<yourdomain>>"
Replace <<yourpassword>> with the password you wish to use, and <<yourdomain>> with the domain you are using for iodine.

Then, start iodine-server and enable it at boot:
systemctl start iodine-server
systemctl enable iodine-server

Configure traffic routing

Allow DNS and NAT traffic trough iptables:
iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -o eth0 -j MASQUERADE
iptables -t filter -A INPUT -p udp -m multiport --dports 53 -j ACCEPT
iptables -t filter -A INPUT -i dns0 -j ACCEPT
iptables -t filter -A OUTPUT -o dns0 -j ACCEPT
iptables -t -A OUTPUT -p udp -m multiport --dports 53 -j ACCEPT
iptables -t filter -A FORWARD -i dns0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -t filter -A FORWARD -i eth0 -o dns0 -m state --state RELATED,ESTABLISHED -j ACCEPT

And save the new ruleset:
iptables-save > /etc/sysconfig/iptables

Next, allow ipv4 packet forwarding and restart the network service to apply this change:
echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/ip_forward.conf
systemctl restart network

Conclusion

That’s it. You should be able to connect with iodine to your server by using the address t1.<<yourdomain>>.

An Android client that seems to work pretty good and I use is AndIodine, and is available via the F-Droid catalogue.

Please leave a comment if this post was helpfull in any way.

by ·0 Comments

When I tried to compile my own Android ROM, I got the following error:

CHK     include/linux/version.h
target Executable: skia_gm (/media/ssd/buildout//target/product/i9100/obj/EXECUTABLES/skia_gm_intermediates/LINKED/skia_gm)
target Executable: skia_test (/media/ssd/buildout//target/product/i9100/obj/EXECUTABLES/skia_test_intermediates/LINKED/skia_test)
target Executable: test-opengl-configdump (/media/ssd/buildout//target/product/i9100/obj/EXECUTABLES/test-opengl-configdump_intermediates/LINKED/test-opengl-configdump)
CC      scripts/mod/empty.o
/bin/sh: 1: /home/ted/prebuilt/linux-x86/toolchain/arm-eabi-4.4.3/bin/arm-eabi-gcc: not found
make[4]: *** [scripts/mod/empty.o] Error 127
make[3]: *** [scripts/mod] Error 2
make[2]: *** [scripts] Error 2
make[2]: *** Waiting for unfinished jobs....

The problem was that the arm toolchain wasn’t installed. After installing the toolchain compiling succeeded.

Installing the toolchain can be done with the following command:
git clone https://android.googlesource.com/platform/prebuilt

After that, run the following command to add the toolchain to the PATH variable:
export PATH=$(pwd)/prebuilt/linux-x86/toolchain/arm-eabi-4.4.3/bin:$PATH

Compiling should now succeed without the previous error.

I’ve found this information on http://source.android.com/source/building-kernels.html, a very helpful information source for Android development.

by ·0 Comments

I wanted to flash a custom firmware on an HTC Desire S because I didn’t like the Sense interface HTC installed on the device. It felt sluggish and I think it was ugly.

CyanogenMod logoI have unlocked the bootloader on htcdev.com, rooted the device, and installed ClockworkMod (cwm). I chose a rom that seemed usefull (in this case CyanogenMod), and copied the cwm image (.zip file) to my sd-card, and booted into recovery. Here I made a backup of the current rom, did a full wipe, and flashed the image. After this I rebooted the device, expecting to see my new rom boot.
Instead of booting, all I saw was a white screen with the letters HTC in green on an white background. This state is named bootloop.
After flashing back the original rom, the device booted without problems.

I have tried several roms, all with exacly the same problem. After a lot of online research i have finally a booting custom rom. The solution was to flash the correct boot.img file for your rom to the device with the fastboot utility. The file boot.img is in the .zip file of the rom you chose. Flashing the boot.img can be done this way:

  1. Boot the HTC in fastboot mode by powering on the device while holding the Volume – button, and choosing fastboot
  2. Connect the phone to your computer with an micro-USB cable
  3. Flash the boot.img you extracted from the custom firmware:

    fastboot flash boot <path to boot.img>

  4. Reboot the phone

After these steps your HTC Desire S should boot the custom rom as expected!