Login

u/martinkrafft

▲ 13 r/hardwarehacking

Trying to run Grub or Debian Installer over serial causes all characters to get written only to the left-most column. What is going on, and how may I gain access to the device?

Hello,

I am trying to get control of a headless device with a serial console. It starts just fine and when I connect screen or minicom to /dev/ttyS0,38400n8, I get the POST messages and can interact with the comBIOS on the device.

But when I try booting from USB (Debian installer, with serial console configured), all output characters are confined to the left-most column, eventually overwriting the previous in the lower left-hand corner, as shown in the animated GIF.

This is unfortunately unusable. I spent two hours trying to make an automatic, unattended installer, but it fails at some step, and I cannot debug this sensibly.

I am a bit at a loss as to what I can do. Do you have an idea of what is going on and how to get output to be displayed properly?

Thank you, martin

u/martinkrafft — 12 days ago
▲ 1 r/hardwarehacking

Trying to run Grub or Debian Installer over serial causes all characters to get written only to the left-most column. What is going on, and how may I gain access to the device?

Hello,

I am trying to get control of a headless device with a serial console. It starts just fine and when I connect screen or minicom to /dev/ttyS0,38400n8, I get the POST messages and can interact with the comBIOS on the device.

But when I try booting from USB (Debian installer, with serial console configured), all output characters are overwriting the previous in the lower left-hand corner, as shown in the animated GIF.

This is unfortunately unusable. I spent two hours trying to make an automatic, unattended installer, but it fails at some step, and I cannot debug this sensibly.

I am a bit at a loss as to what I can do. Do you have an idea of what is going on and how to get output to be displayed properly?

Thank you, martin

u/martinkrafft — 12 days ago
▲ 2 r/OpenVPN

We operate a VPN and I would like to place different users into different networks/VLANs so that I can restrict their access better. For instance, ext_partner1 should only be able to access 192.0.2.64/25 but employees should be able to access 192.0.2.0/24.

On the Web, I see plenty suggestions to run different OpenVPN instances on different ports, but that isn't really an option for us here.

Furthermore, static address assignment via CCD is also not an option, as it doesn't scale at all…

Instead, I found --vlan-pvid, which can be set via CCD, and it works nicely in that now I have packets from ext_partner1 tagged with VLAN ID 123 and packets from employees tagged with VLAN ID 456.

But now what? All clients get IPs from the same pool, but they are on different VLANs. How do I now firewall and route packets on the OpenVPN server? I seem to be hitting a mental block.

Packets come in on iface vpn with the tags:

09:32:06.782616 42:90:6a:b4:2c:e2 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 14, p 0, ethertype ARP (0x0806), Request who-has 192.168.220.193 tell 192.168.220.194, length 28

but obviously, 192.168.220.193, which is the OpenVPN server listening on iface vpn won't answer that due to the VLAN tag.

So I tried:

ip link add link vpn name vpn.14 type vlan id 14
ip link set vpn.14 up
ip addr add 192.168.220.193/32 dev vpn.14

but this doesn't work and seems like a gross hack anyway.

The problem seems to be that while I can successfully assign VPN tags to individual clients, the various VLANs all have the same IP subnet, and this is where my mind blanks.

Have you got a working approach?

reddit.com
u/martinkrafft — 22 days ago