Yes, I know there is a network monitoring project called Ganglia. That’s not this. Move along now.
I’ve dreamed about building this for about 20 years now (see earlier post). It’s a musical/sound sculpture instrument that consists of 10-20 noise makers distributed around a room. Many of them will have the ability to play back audio samples, but other will have the ability to physically make noise.
I’m thinking stepper motors, solenoids and relays as a start for the physical aspects. I am not planning on trying to trigger actual musical instruments but instead try and use the natural sound of the device.
It’s all controlled by a central machine that generates the composition. My first attempt is going to be strictly prescriptive where I compose the piece beforehand and play it back. I’m curious about some of the generative and reactive libraries but I worry about it not being something I like.
I also need to compose a piece that works for my brain. I have a migraine disorder and lots of loud noise hurts. So one of my experiments is how to effectively use dead space without boring the listener.
I got frustrated trying to figure out the best way to drive some solenoids. I was looking for something foolproof that I didn’t need to design myself. I’m trying to build as much as I can with JLCPCB Assembly which limits parts. I settled on the Infineon BTS724G. It’s an automotive part that has all the protections you can think of. Good for an unmonitored art installation.
But I was torn on the circuit design. Do I need decoupling caps? Do I need my own snubber diodes or will the chip handle it?
In a moment of frustration I just made a circuit board and figured I would measure and test it.
First off, the data sheet states the traces should be designed for max short circuit current of 12A. Ooops, my power traces are 20mils with 1oz copper. My little firestarter :).
Let’s wire up the scope and see what we have. I have two 0.9A solenoids running at 12V. Powered by some random power supply I had in the bin.
Ok. Some ripple. Don’t know if it’s bad or not. Let’s try throwing a filter capacitor on the power input and see what we get.
I tried first with 47uF and it got worse. Tried 660 and it got even worse worse. Ugh. Totally not what I expected.
Grabbed a 10,000uF cap from an old power supply, that’s more like it.
What I theorize was happening was the filter cap was so small it was getting completely drained trying to power the solenoid. When the solenoid moved and went to constant power, the cap needed to refill, which caused that bigger transient as an empty cap wants to fill up quickly. The big cap showed that filter caps can help if they are big enough.
This leaves me in a quandary. I was hoping to power a voltage regulator off this 12V line to feed back to the ESP32. I am using a Lolin D32 Pro and I think I need to feed it 5V which is then regulated down. Maybe 2 voltage regulators will do it?
The piece was a fantastic little music box about 4 inches by 6 inches. It was filled with a microcontroller and all sorts of electromechanical fun. It played a song with no traditional instruments. I loved it but lost track of the artist years ago. I wanted to make something similar, but fill a room not a box.
I’m curious about firewalls. I have a Protectli FW4B along with a backup edge router ER-X and decided to do some testing. There are a handful of different ideas I wanted to explore.
The first had to do with the value of the next-generation firewall capabilities like threat protection. Practically, it doesn’t matter that much for me, it’s just my wife and I, but I was curious if it would be a valuable thing to deploy for my mom and how difficult they would be to be useful.
I’m also interested in separating my crappy Internet of things devices from various no-name manufacturers off onto their own network for privacy and security reasons. I already have some of the network hardware, but I need a router that supports VLANs (they all do) and mDNS repeater software so devices on my secure lan (like my homepod and my phone) can find them.
I currently have 100 Mb symmetrical service at home. Due to the nature of my work, I’m often uploading large files to and from our corporate artifactory. Because I often saturate the network connection, I need to use something like fq_codel help keep my video and audio conference quality high even while moving around large files.
I also wanted to choose a system that could potentially scale to gigabit fiber. We are working on a project at work that might make it a lot more valuable for me to have that kind of connection when remote. That said, it’s not even clear my work VPN concentrator can handle that throughput.
Finally, I use CenturyLink which does not have native dual stack IPV6. I’m curious about using 6RD to enable that, but all my experiments with pfSense ended badly (very degraded download performance). Not sure if that’s a me thing or a them thing 😊.
Here’s the big table of all these capabilities:
Easy Threat Intelligence
sort of (Sensei subscription)
BSD vs Linux
I have an underpowered device for gigabit on BSD. The Protectli FW4B has a Celeron J3160 processor. While this does have AES-NI, it doesn’t support PCI Passthrough when running in virtualization. I learned very quickly that trying to run pfSense under virtualization couldn’t support 100Mb/s uploads.
This matters to me because I do a lot of uploading of large single files with a single connection over PPPoE.
The Linux based routers do not have this problem. They introduce multithreading at a lower layer, and therefore all cores can participate in PPPoE handling. It’s possible you’ll still saturate the system. If it takes almost 2 cores just to deal with PPPoE that’s might not be a lot of headroom depending what else you are running.
That leaves me with the choice of either upgrading my hardware to something based on the i3-6100U or better (single thread CPU mark of 1361 vs 624 with the Celeron I have) or using Linux if I want to route gigabit. The i3 also has the benefit of support PCI passthrough, though that’s less valuable because of the PPPoE single core restrictions. (perf on i3: https://forum.netgate.com/topic/138926/realtek-nic-pppoe-gig-cpu-usage-seems-odd)
Support for Internet of Crap (Things) VLAN
I’m slowly adopting more and more cheap Internet devices for controlling things around my house. Some of them I write the software for myself, others are provided by the vendor and probably have both security and privacy issues associated with them. Instead of identifying the devices one by one and putting firewall rules on them, I am going to create a separate wireless network for all of them and lock it down.
The crux is that once you’ve locked them down on their own network, your primary network with your iPhone can’t talk to them in less you use a mDNS (aka Bonjour) repeater between the networks. There is a free one named Avahi used in standalone form or bundled with the router.
Untangle and the Sophos products do not support this in their offering. You’ll be stuck setting one up manually either on the firewall itself (gulp) or on a separate device.
By far the easiest set up and the best dashboards out of the box. There is a free version; $50 annual subscription; and $150 annual subscription. The free version does simple routing. Configuring fq_codel was dead simple. To do IPSEC VPN you need the $50 subscription, Wireguard is $150. OpenVPN is free but I worry about performance.
If they supported mDNS repeating I would be using this.
These tools let you do anything and have a tremendous amount of third-party packages available for them. Configuring them is a pain (especially tools like fq_codel) as all that flexibility comes at a cost. They are also the most popular solutions out there in terms of finding free support and reference documentation.
But using them is a challenge in my use case. Due to the performance issues around PPPoE and my cheap hardware I don’t have a cheap clean upgrade path if I increase my network connection speed.
IPFire makes efficient use of the underlying hardware. Its initial set up is pretty awkward as it forces you to switch between a text only and keyboard only mode for the basic configuration before allowing you to use a web browser. Certain changes aren’t available in the web UI (i.e. changing you from 2 to 3 networks) and force you to drop into the command line and rerun the text only tool. Graphing is not live.
The primary author has some very strong opinions about what capabilities should and should not be in a firewall. His arguments are well reasoned and forced me to reevaluate the some of my preconceived notions (i.e. using a VPN vs an http proxy). But at the same time his viewpoint hasn’t been adopted by the community at large. That makes implementing privacy enhancing controls at a network level more difficult (for example most commercial proxy providers don’t target privacy enhancement). See this discussion for more details: https://community.ipfire.org/t/protect-users-who-get-spammy-phishing-links-in-emails/4111/8
I’m just going to clump UTM and XG together. UTM is their older product that they are sunsetting but supports fq_codel but NOT 6rd. XG is the newer product line that does not support fq_codel but does support 6rd. I love the fact that they offer both of these free for home users. UTM only supports 50 devices and it wasn’t clear to me that it has a bypass mode like Untangle does.
I’m giving IPFire a shot. I plan on reusing Blue (Wireless) as my IoT network. The default configuration has it separated with its own DHCP server so its 90% of the way there for my needs.
But I’m not thrilled with any of my choices. I like to tinker. Untangle and IPFire are not great for tinkering but work well on my hardware. Sophos XG is difficult and allows tinkering, but no fq_codel (therefore if I upgrade to gigabit could be a contender). Ideally I would have a pfSense that worked well on my hardware. The VyOS commandline would make me cranky.
Hmm. I wonder if Untangle in Proxmox would work well enough that I could run a separate VM for Avahi…
I recently switched from pfSense to https://www.ipfire.org and got to learn the hoops needed for PPPoE over a vlan like Centurylink needs.
In IPFire this is considered a VDSL connection and isn’t available during the guided setup. But overall it’s a pretty easy process. You’ll need your PPPoE username and password from centurylink to get started.
During initial setup select the Dialup option (even though you are on Fiber 🙂 ).
Go ahead with the rest of the setup, you’ll finish up later.
After restarting and logging into the device via your browser go to System->Dialup
Then switch the type to VDSL and fill out as follows:
That’s it. Go back to the main page System->Home and you’ll see the connection there (if not, wait a few seconds and refresh the page).
I take medications. I’m also very sensitive to medications therefore I take them in liquid form so I can get the dosing dialed and just right. But I have a dilemma. They all look very similar, several of them even begin with the same letter, but I take them at different times of day. After a recent incident where I accidentally took the wrong one in the evening, and took five times my normal dose I decided to build this contraption to help remind me if I try and take out the wrong one at the wrong time of day.
DoIT ESP32 board
A handful of lever arm switches
Custom 3d printed shell
A far too loud beeper
I2C RTC Chip in case Wifi goes down
The device works by connecting to my local Wi-Fi to grab the current time. I then hardcoded what times the various medications are allowed to be out of their slots. If I pull out a medication at the wrong time an alarm goes off
I’ve been struggling with running my radio cables through the wall. For many years I drilled some holes in the frame that held our cat door, but as you can see below, we stopped using the cat door. With the recent bout of horrible wildfire smoke here in Seattle I was forced to remove the cat door and hole up inside and was unable to use my radio. That prompted me to finally get up the courage to drill a hole in the wall of my house.
I used some electrical conduit, a demarcation box off ebay, plenty of caulk, and a 3D printed adapter for the inside of the wall to make this all work. One thing I didn’t figure out beforehand was what the minimum bend radius was on some of my cabling, which made things a little awkward. Thankfully I had some cabling that worked with 1 inch min bend radius, but that wasn’t the cable I was planning on using.
I have an MFJ-1788 Mag Loop antenna. I can tune it very easily by using my RSPdx to view the waveform. In the picture attached you’ll notice that the antenna is tuned a little bit high for my current frequency. This makes it super easy to tune without worrying about having to put signal out on the antenna. But I kept having a problem where I was neglecting to change the frequency in SDRuno to match the one on my radio, and then inadvertently tuned the antenna to the wrong frequency. Attempting to transmit into that did not make my radio happy.
Therefore I wanted SDRuno to follow my IC-7300 but not the other way around as I like the freedom to poke around in the band in SDRuno without changing the radio. This guide walks through how you would set up everything with Ham Radio Deluxe and some other tools. Honestly, this is partially my own documentation so I don’t forget this in the future as it was hard-won knowledge.
There are a lot of little knobs to turn.
You use HRD as the primary connection to the IC-7300.
Create a virtual serial connection between two serial ports
Then enable a 3rd Party Serial Port in HRD. That exposes a ‘Kenwood’ serial port that does simple frequency rig control. Connect that to one end of the virtual ports.
Configure OmniRig to connect to the other end of the virtual serial port
Configure SDRuno to use OmniRig with a Virtual Reciever
Attach that Virtual Receiver to OmniRig
Create a virtual serial connection between two serial ports
If you mess this up and only have Stop bits == 1, SDRuno will miss the occasional frequency change.
A quick call out on the picture above as there is a lot going on. 1) You bring up RX Settings by clicking on SETT. 2) You need to scroll the tabs to get to ORIG (short for OmniRig) 3) After you configure the ORIG panel and close it click on RSYN1 as that assigns OmniRig to this VRX.