Turrist Omnia 3.11, problemy a ziadosti o zmenu

Updatoval som Ommniu na verziu 3.11. V nasledovnom prispevku uverejnujem moje zistenia.

Moja konfiguracia je:
1.NAS s mSata radicom na dvoch HDD WDC WD4003FFBX.
WD4003FFBX: 4TB, 7200 rpm, Sector Sizes: 512 bytes logical, 4096 bytes physical,
SATA Version is: SATA 3.2, 6.0 Gb/s (current: 3.0 Gb/s),
mSata radic: (lspci) 03:00.0 SATA controller: ASMedia Technology Inc. ASM1062 Serial ATA Controller (rev 01).
2.File system btrFS s RAID1.
3.Kedze som kupil Ommniu v obchode za plnu cenu, vsetky sluzby navyse som zastavil.
Najbezpecnejsia je taka sluzba, ktora vobec nebezi na routry a nesposobuje zaraz navyse.

DHCP.
V /etc/cofig/dhcp pribudli nove parametre:
list interface ‘br-lan’
list notinterface ‘lo’.

Co je chvalihodne, ale nemaju podporu v luci interface. Ak urobite zmenu cez luci
stratite tieto nastavenia. Neboli zaclenene do menu v luci!

SAMBA 4.
a)Namerane rychlosti s Fast Copy v.361 su nasledovne:

Total R\W: 11,160 MiB
Files: 8

Download:
TotalTime: 1:56s
Trans Rate: 95,9MiB/s (766,4MiBit/s)

Upload:
TotalTime: 2:18s
Trans Rate: 80,5MiB/s (644MiBit/s)

Pri prenose suborov pomocou samby 4 pri tychto rychlostiach
sa vam bude zdat ze vam zatuhlo PC :slight_smile: ale pravda je ze nema
klient samby na nacitanie zdielanych adresarov
alebo aj inych sluzieb http, atd pasmo.

Jedine ako zaistite potrebne pasmo pre ine sluzby je dat QOS na LAN.
Paradoks? … ano je!
Z dostupnych a uzivatelsky prijemnych, som pouzil FIREQOS na https://firehol.org/.
Kedze mame verziu na Ommnii OpenWRT 15.05 je mozne stiahnut
z https://github.com/firehol/packages/releases/download/2017-09-17-1424/firehol_3.1.5-1_all_chaos_calmer.ipk
balicek.
Skoro vsetky podporne programy uz mate nainstalovane. Je to script, ktory sa raz spusti a nastavi tc. Existuje aj verzia
18.06 co je pre TO 4 vhodne. Moja aktualna konfiguracia je nasledovna:


cat fireqos.conf
#Set this appropriately for your system (internet link)
DEVICE=br-lan

#my speed is 12200kbit down, 890 up
#I use only 85% of down and 95% of up
INPUT_SPEED="$((940000 * 95 / 100))kbit"
OUTPUT_SPEED="$((940000 * 95 / 100))kbit"

#adsl = ATM overheads calculation
#local = I run pppoe on this linux box
#pppoe-llc = ADSL encapsulation as reported by ADSL modem
#LINKTYPE=“adsl local pppoe-llc”
#LINKTYPE=“adsl local pppoe-llc mtu 1492”
LINKTYPE=“ethernet”

#------------- CUSTOM SERVICES -------------
#unlike FireHOL, only server ports are needed.
#all the services used but not defined here, are defined internally in FireQOS.

#netdata
server_netdata_ports=“tcp/19999”

#VoIP RTP ports.
#As configured in /etc/asterisk/rtp.conf
server_rtp_ports=“udp/10000:10100”

#League of Legends match, for my kids
server_lol_ports=“udp/5000:5500 tcp/8393:8400,2099,5223,5222,8088”

#My OpenVPN servers
server_openvpn_ports=“any/1195:1198”

#Torrent client configured to listen at a fixed port
server_mytorrent_ports=“any/51413”

#dlna
server_dlna_ports=“tcp/8200”

#------------- INTERFACES ------------- qdisc htb

interface $DEVICE lan bidirectional $LINKTYPE input rate $INPUT_SPEED output rate $OUTPUT_SPEED qdisc htb # balanced

    class voip pfifo min 10% max 90%  pfifo
            #0 priority: VoIP

            client surfing                          # tcp/0:1023
            client http
            client https
            client dlna
            client dns
            client ssh

            client microsoft_ds
            client netbios_ns
            client netbios_dgm
            client netbios_ssn

            client netdata
            client icmp

           #client sip
           #client stun                             # udp/3478 udp/3479
           #client teamviewer                       # tcp/5938
           #client lol                              # udp/5000:5500 tcp/8393:8400,2099,5223,5222,8088

    class interactive min 10% max 90%
            #1 priority: ICMP, DNS, SSH

            server dlna
            server icmp limit 10%                   # icmp/any
            server dns                              # udp/53 tcp/53
            server ssh                              # tcp/22

           #server sip                              # udp/5060
           #server rtp                              # udp/10000:20000

    class chat min 1%  max 10%
            #2 priority: chat and conferencing

            client facetime                         # udp/3478:3497 udp/16384:16387 udp/16393:16402
            #client hangouts
            #client gtalk                            # tcp/5222 tcp/5228
            #client jabber                           # tcp/5222 tcp/5223 tcp/5269

            #server hangouts                         # udp/19302:19309 tcp/19305:19309

    class vpns min 20% max 90%
            #3 priority: my VPNs

            server pptp                             # tcp/1723
            server GRE                              # 47/any
            server openvpn                          # any/1195:1198

    class servers min 20% max 90%
            #4 priority: the servers I run

            match tcp port 8080
            server http                             # tcp/80
            server https                            # tcp/443
            server netdata                          # tcp/19999

    class samba prio keep min 10% max 500000kbit
            #4 priority (prio keep): samba

            server microsoft_ds                     # tcp/445
            server netbios_ns                       # udp/137
            server netbios_dgm                      # udp/138
            server netbios_ssn                      # tcp/139

    class surfing prio keep min 5% max 90%
            #Again 4 priority (prio keep): Internet Surfing

            client rsync                            # tcp/873 udp/873

    class synacks min 5% max 90%
            #5 priority: SYNs and small ACKs for the rest of the traffic

            match tcp syn
            match tcp ack

    class default min 10% max 90%
            #6 priority: default
            #unclassified traffic ends up in the 'default' class
            #no need to match anything here

    class torrents min 9% max 90%
            #7 priority: torrents

            client torrents                         # tcp/6881:6999 udp/6881:6999
            server mytorrent prio 1
            match sports 16384:65535 dports 16384:65535

Ak budu zaujemci napisem navod. Skusenejsi uzivatelia to zvladnu aj samy ;-)!

Nezlaknite sa sucastou ipk je aj FireHole co je firewal, ale tento nebudete spustat.
Od toho isteho autora je aj program NetData co je monitorovaci program a nativne
podporuje aj QOS. NetData je obsiahnuty v repozitory Ommnii.

Ale spat…

b)Balicek samba4-libs obsahuje kniznice ktore sa nainstalovali do adresara /usr/lib. Podla inych
instalacii samby4 by sa mal nainstalovat do /usr/lib/samba/.
Ak zadate prikaz smbd -b na konci vypisu je zoznam modulov vfs:
Builtin modules:
vfs_default vfs_posixacl auth_builtin auth_sam auth_unix auth_script pdb_smbpasswd pdb_tdbsam
vfs_fruit vfs_shadow_copy2 vfs_recycle vfs_fake_perms vfs_readonly vfs_cap vfs_offline
vfs_crossrename vfs_catia vfs_streams_xattr vfs_xattr_tdb vfs_acl_xattr vfs_acl_tdb.

Tieto moduly boli prelozene, ale nikde ich nemozem najst. Nie su sucastou balicku samba4-libs.

c)Updater vam bude posielat spravu, ze chce nainstalovat spat sambu3-server. Potvrdil som ze beriem na vedomie
vo forise a dal uz pokoj.
Zial nie prisla my nasledovna sprava:

Subject: Upozornění od Vašeho routeru

#####Oznámení o chybách#####

Updater failed:

[string "transaction"]:323: [string "transaction"]:149: Collisions:

• /usr/sbin/smbd: samba4-server (existing-file), samba36-server (new-file)
• /etc/samba/smb.conf.template: samba4-server (existing-file), samba36-server (new-file)

d)Ak nakonfigurujete zdielany adresar je mozne zvolit ci bude len RW alebo R pre cely zdielany adresar v sambe4.
Lepsie by bolo keby sa dalo zvolit, kto bude mat pravo RW a kto len R pre zdielany adresar. Toto je flexibilnejsie!

Preto navrhujem pridat polozku “read list” a “write list” v luci samby, ktorymi sa bude definovat uzivatelia, ktory budu mat pravo
zapisu a citania pre dany adresar.
Kedze tento balicek spravuje spravca balickou, nemal by byt ziadny problem s jeho upravou.

Viem ze teraz finisujete s TO 4 (na vyvoji HW a zjednoteni OS), takze ste na roztrhanie a je vas STALE malo!
Tak sa ponukam ze to vykonam a otestujem a predam vam upravene programy. … ak ste za?

Mam este v plane preverit dalsie programy ako minidlna a nut.

Vela zdravia pri prechode na TO 4.

1 Like