Your very own SMS – Internet gateway with Arduino

October 9th, 2012 No comments

There are plenty of SMS services on the web to link SMS and the Web together. However especially if you need a local SMS number in an unsupported country like Malawi or simply want to DIY, then this Arduino-based solution might be your right choice. For sure you could also go big-scale with your own full-blown SMS gateway like Kannel. But where is the tinkering fun?

Combining an Arduino Uno, a GSM/GPRS shield like the one from Seeedstudio, and an Ethernet shield is all you need besides a SIM card. Now simply stack everything together and upload this Sketch.

Process incoming SMS
Depending on your requirements you might want to modify the code. E.g. one obvious case would be an SMS-to-Email forwarder, but for the typically free email service like gmail.com the Arduino lacks resources and power to process their TLS/SSL security. But other ways are possible. The code is already prepared to post an incoming text message right into a Google Spreadsheet with a way described on open-electronics. Or you could notify your own web app with a custom HTTP request. Or simply forward the incoming text message to another mobile number. Or what else can you think of?

As the SoftwareSerial library is used the code also inherits its default buffer size of 64 bytes. Not too much even in the context of SMS. Better patch the Arduino code (argh!) and increase it to something like 128 bytes as I’ve done. Still not the full size of a SMS, but enough for my purpose. Carefully check the documentation – it can save you days!

Process incoming HTTP requests
For the opposite way of sending text messages to mobile phones from the Internet you could use a provider specific solution. E.g. some (many?) providers offer email addresses like @smsmail.eplus.de. Every incoming mail is forwarded to the corresponding text phone as a text message. Just check if you can find information about your specific provider. But in case where your provider doesn’t provide this solution, or you need to find a generic way across different providers, or you want to do it via HTTP requests rather than emails, this Arduino Sketch can also be used.

As the sketch will run a little local HTTP server, you might need to change the current IP (192.168.1.177) to fit your needs. Once the system is available in the local network you can use a simple HTTP post to send out a text message, e.g. with curl:

curl --data "number=&message=innovative message" 192.168.1.177/sendsms

Of course you should protect the access to it as otherwise you might invite hitchhikers to misuse your airtime.

Feel free to have a look and use this code the way you want.

Note that the code uses the SimpleTimer library so make sure this is installed locally first.

Categories: Programming stuff

Rooting stock Kindle Fire 6.3 for Dummies

April 20th, 2012 Comments off

So, it turned out that I eventually couldn’t leave my hands off the Kindle Fire. Of course I can claim that I need this toy to be evaluated for my job. But after buying it with my German credit card I found out that it is heavily locked into the Amazon hemisphere. Too bad that they accept my German credit card to buy the device, but not to get any content or apps from the Amazon App Store. So there is of course the natural motivation to free this from all this stuff. This is f’ed up – you Mofos.

Unfortunately it seems that the rooting exercise is a pretty big mess. During my first night I thought I already totally bricked my Fire. However after tons of ‘research’ (fancy word for reading too many articles which only contain part of the truth) I finally got the real summary. This and a fresh new Windows system finally brought my Fire back to life. And if this doesn’t help, a physical USB Factory cable like this one should almost always do the trick.

Now I can explore the unlocked Android world and it might even be that I eventually really use this as a low-cost, high-quality remote data collection tool for my job. If not, I have at least one more blog post…

Categories: Misc

pfSense: Self-registration for Captive Portal

February 14th, 2012 Comments off

Managing your users is good. But the work that comes with creating user accounts upfront is tedious and boring. At one point we got lost in trying to hook up each system manually to our WiFi. So we decided to outsource this to our users so that they have to register their devices by themselves.

Luckily pfSense proves to be extremely flexible, so with a custom portal page and some additional scripts we are able to get the important information we need. We ask the user to provide

  • User
  • Email address (to get in touch with the user) and
  • Accept our Acceptable use policy.

From there the system automatically detects

  • MAC address (for device identification)
  • Initial IP during registration (the subnet from where the users connects tells us roughly from which geographical area the devices is connected to)
  • Date of registration
  • Hostname

Every time a new devices is connected to the network, the system redirects the very first HTTP request to our custom portal page. After entering the required fields and hitting ‘Register’ the system automatically detects MAC address and system hostname and creates a new user in our FreeRADIUS installation. If successful, the user is granted access to the network. If the system connects again, it uses RADIUS MAC authentication to see whther the user is already registered. If yes, then access is permitted. If not, the user is redirected to the portal page again.

(Note: Using solely the MAC address makes the system vulnerable to spoofing attacks. However our users typically don’t have this knowledge. At least not yet.)

During this self-signup, the user is only granted access with restricted traffic limits (we make use of pfSense’ WISPr-Bandwidth-Max-Down and WISPr-Bandwidth-Max-Up capability with low initial values). From there the admins can promote the system to higher traffic caps if found eligible.

The whole configuration/deployment process is a little bit more complex. If someone wants to dive deep into it, make sure to check out our project page.

Categories: Admin stuff

pfSense: Shows ‘Users last connected’ to Captive Portal

February 7th, 2012 Comments off

Using pfSense with the built-in FreeRADIUS can give you quite a lot of information; they are just not always visible through the Web UI.

For instance if Radius logging is turned on you can keep track of all Captive Portal sessions by accessing the log files. This is particular useful when the users have the ability to create their own accounts on the fly through a custom portal page based on their MAC addresses. But you might want to clean old and unused accounts once in a while.

In order to spot accounts that have been inactive for some time, you need to know who connected when for the last time. With shell access, simply copy and invoke this script. This compiles a CSV list of all users ever registered with their MAC addresses together with the last time they have been connected through the Captive Portal. Import the CSV into Excel, filter and sort by the last connected column to see which accounts are ready for removal.

The result looks like this:

MAC;TYPE;NAME;EMAIL;HOSTNAME;INITIAL_IP;REGISTERED;LAST_SEEN
904ce5a76256;apzu;Public_IT;abc@pih.org;APZU-30;2011-09-15;20120128
904ce5a76249;apzu;Public_IT;abc@pih.org;APZU-33;2011-09-16;20111019
001217dfc379;priv;user1;abc@pih.org;APZU-DFA08FCD6D;2011-09-16;20120128
001a7367b7ff;priv;user2abc@pih.org;;2011-09-18;20120127

(Note that part of the above dump has some custom information as it is tight to they way we use pfSense with a self-register capability for new users. But it should be straight forward to customize this.)

It would be simple to do this automatically (e.g. delete every account not connected in the last 3 months), but as I have some VIP users that I don’t want to clear, I just do this once in a while manually. Additionally it could be run as a cronjob every now and then and I guess you could automatically publish it through a web page or mail it to someone. Let me know if you did this, then I can steal it from you ,)

Categories: Admin stuff

pfSense: Sending emails through gmail

February 1st, 2012 Comments off

It seems troublesome to send email especially through gmail accounts from *nix systems. Using pfSense as our Captive Portal box running on top of FreeBSD is no exception. So that’s what we did to get pfSense sending us emails through shell scripts.

I’ve tried a couple of things, but eventually sticked to a perl module (including the BSD packages mailx and msmtp), but they all didn’t work in one way or another. I came pretty far, but at the end figured out that TLS/SSL support is not build-in. And compiling the packages on the pfSense box seemed not advisable. After all it is a firewall.

To install it, simply invoke this from the shell:

pkg_add -r p5-Net-SMTP-TLS

In case you have a sligthly outdated pfSense installation like I do and this command fails, you might need to tune the package repository a little bit.

setenv PACKAGESITE ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/Latest/

Afterwards use this script as an example on how to send mails through the perl module.

Don’t forget to put your gmail password in a file called send_gmail_config.txt (just the password, nothing else) and well protect it.

Categories: Admin stuff

Shell perls

January 29th, 2012 Comments off

As I always forget them, I just put them down right now right here (they were sitting for too long in my Drafts folder). And I might update them as I go.

Read more…

Categories: Admin stuff

pfSense: Lessons learned

January 29th, 2012 Comments off

In my current role as the ‘IT guy’ for Partners In Health I’m also managing the whole IT including our networks in Malawi (note: It is only a rumor that ‘IT guy’ translates to everything that has a power plug…). We not only provide Internet access to our employees, but also for the government including the local Ministry of Health. As our project has grown a lot in the last few years, so did the numbers of computers that are connected to the network.

Currently we are have connect 20+ access points and with this roughly ~100 devices are connected to the network every day (designed partially on top of this). And all of them squeeze through our tiny satellite link. We came a long way with adding network management tools and traffic shaping to manage the scarce bandwidth better, but at the end we also depend on the fairness of the users: If someone (or his/her system) is misbehaving, it impacts everyone else. With this it is crucial to know who is using the network and how: Welcome to the world of pfSense.

Throughout the upcoming months some of the important lessons learned and findings are shared here. This will include topics like

With all this I guess we may run one of the biggest (if not _the_ biggest) freely available public hotspot in Malawi. I like my work in the low-resource settings…

Categories: Admin stuff

Calculate MySQL database size

July 8th, 2011 Comments off

Not sure anymore where I found this, but this is a nice script to see which MySQL tables take how much space.

SELECT NOW(), VERSION();
# Per Schema Queries
SET @schema = IFNULL(@schema,DATABASE());
# One Line Schema Summary
SELECT table_schema,
 SUM(data_length+index_length)/1024/1024 AS total_mb,
 SUM(data_length)/1024/1024 AS data_mb,
 SUM(index_length)/1024/1024 AS index_mb,
 COUNT(*) AS tables,
 CURDATE() AS today
FROM information_schema.tables
WHERE table_schema=@schema
GROUP BY table_schema;
# Schema Engine/Collation Summary
SELECT table_schema,engine,table_collation,
 COUNT(*) AS tables
FROM information_schema.tables
WHERE table_schema=@schema
GROUP BY table_schema,engine,table_collation;
# Schema Table Usage
SELECT table_schema,table_name,engine,row_format, table_rows, avg_row_length,
 (data_length+index_length)/1024/1024 as total_mb, 
 (data_length)/1024/1024 as data_mb, 
 (index_length)/1024/1024 as index_mb,
 CURDATE() AS today
FROM information_schema.tables 
WHERE table_schema=@schema
ORDER BY 7 DESC;
# Schema Table BLOB/TEXT Usage
select table_schema,table_name,column_name,data_type 
from information_schema.columns 
where table_schema= @schema
and ( data_type LIKE '%TEXT' OR data_type like '%BLOB');
set @schema = NULL;
Categories: Programming stuff

WiFi Performance FAQ

April 18th, 2011 4 comments

I’m by no means an expert in WiFi network planning and installation, but over the past year I have collected some knowledge and best guesses on how things work in terms of performance. Here is an open call for everyone to correct my views and not so obvious elements that impact the speed of your wireless network.

Read more…

Categories: Admin stuff

Do-it-yourself WiFi Catcher

August 1st, 2010 Comments off

Ever had to track down a client devices in an area covered by many (unmanaged) WiFi Access Points?

If tools like kismet/kismac are not working for you to track computers (e.g. because of unsupported hardware, crashes, bad wifi antenna on your laptop, then just build it yourself.

All you need is a flashable consumer-level wifi access point (like a Linksys WRT54) and flash it with dd-wrt. This can put the router in monitor mode and together with the addon wi-viz you get an overview over all wireless activity.

And in case you want it mobile, simply put a bunch of batteries, e.g. 8 AA batteries with 1.5V each in a row and connect it to the router. Finally connect your laptop with an Ethernet cable, stuff everything in a little bag and walk around. If you know the MAC address of the devices your are looking for (laptop, handheld,…) just see very you have the strongest signal and walk in that direction. And voilĂ , you are able to geographically localize every WiFi device. Regardless of it’s connection to a specific access point. Welcome wiFi Catcher. Welcome Jack Bauer.

Categories: Admin stuff