Author Topic: Securing and stabilizing the Vera by taking it off the grid  (Read 18428 times)

Online rafale77

  • Community Beta
  • Hero Member
  • ******
  • Posts: 1686
  • Karma: +91/-27
  • HA ≠ IoT as a blue sky is cloudless.
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #195 on: February 12, 2019, 05:40:26 pm »
Well, once it is setup right, on my iphone it is about unlocking the phone, launch the openvpn app. turn on VPN and you are in business... One extra app to launch... but the responsiveness, security and reliability is so much greater! :)
openLuup (78 devices, 141 scenes, 19 apps) master to VeraPlus (142 zwave nodes, 8 Zigbee nodes, 221 devices,  20 scenes , 2 apps) +  Hubitat (15 Zigbee nodes) + Home-Assistant (API Integrations). Bridged to Siri and Alexa. Homewave. VeraPlus ExtRooted and mios server independent.

Offline HSD99

  • Sr. Member
  • ****
  • Posts: 337
  • Karma: +16/-0
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #196 on: February 12, 2019, 07:05:02 pm »
Well, once it is setup right, on my iphone it is about unlocking the phone, launch the openvpn app. turn on VPN and you are in business... One extra app to launch... but the responsiveness, security and reliability is so much greater! :)

I use OpenVPN and have a VPN server in-house for all the reasons mentioned by @rafele77. The latest version of the OpenVPN app (iOS) will automatically start and connect if you set "Connect" in the App on ON. For me it's seamless; when I leave the house and the phone switches to LTE, the VPN automatically comes up.

Offline Catman

  • Sr. Member
  • ****
  • Posts: 253
  • Karma: +8/-0
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #197 on: February 13, 2019, 01:45:11 am »
Thanks, both.  May well give this some thought.

C

Offline Mike Yeager

  • Hero Member
  • *****
  • Posts: 597
  • Karma: +11/-12
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #198 on: February 14, 2019, 06:56:06 am »
I simply chose to move to another platform to avoid all of this. I'm still using my Vera for Alexa integration at the moment, as it works great, but that's pretty much it. A few virtual switches to keep things in sync and it's all good. Even if the Vera reboots, things will sync up as soon as it comes back up. I do admire the work that you've put in to this though...

Online rafale77

  • Community Beta
  • Hero Member
  • ******
  • Posts: 1686
  • Karma: +91/-27
  • HA ≠ IoT as a blue sky is cloudless.
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #199 on: February 15, 2019, 02:53:38 am »
I got to the bottom of my last luup reload... It was due to my aeon HEM Gen2 somehow sending crap data. After the luup reload, the vera ignored all the data from the HEM. I power cycled the HEM and it is back up and running. I don't think I have rebooted the HEM in at least a year. I can't really blame the vera alone on this one.
openLuup (78 devices, 141 scenes, 19 apps) master to VeraPlus (142 zwave nodes, 8 Zigbee nodes, 221 devices,  20 scenes , 2 apps) +  Hubitat (15 Zigbee nodes) + Home-Assistant (API Integrations). Bridged to Siri and Alexa. Homewave. VeraPlus ExtRooted and mios server independent.

Offline Catman

  • Sr. Member
  • ****
  • Posts: 253
  • Karma: +8/-0
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #200 on: February 15, 2019, 03:54:46 am »
I got to the bottom of my last luup reload... It was due to my aeon HEM Gen2 somehow sending crap data. After the luup reload, the vera ignored all the data from the HEM. I power cycled the HEM and it is back up and running. I don't think I have rebooted the HEM in at least a year. I can't really blame the vera alone on this one.

How do you work out why a reload happened?  Just curious

C

Online rafale77

  • Community Beta
  • Hero Member
  • ******
  • Posts: 1686
  • Karma: +91/-27
  • HA ≠ IoT as a blue sky is cloudless.
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #201 on: February 15, 2019, 10:18:00 am »
first I get notifications on my phone whenever I get a luup reload. It is something I did with my startup lua.
2 things to track: I usually look at the logs but they sometimes get wiped out and I see every thing which happened after the reload but nothing just before. In this case, I have setup grafana with historian and noticed that my HEM stopped reporting any update at the very same time the reload occured. I have been noticing it go a little quirky lately creating a 3rd "ghost" phase occasionaly by sending some strange data to the vera.
The problem is also for vera to handle this a little better... poping a message instead of reloading luup which helps nothing would have been much better.
openLuup (78 devices, 141 scenes, 19 apps) master to VeraPlus (142 zwave nodes, 8 Zigbee nodes, 221 devices,  20 scenes , 2 apps) +  Hubitat (15 Zigbee nodes) + Home-Assistant (API Integrations). Bridged to Siri and Alexa. Homewave. VeraPlus ExtRooted and mios server independent.

Offline Catman

  • Sr. Member
  • ****
  • Posts: 253
  • Karma: +8/-0
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #202 on: February 15, 2019, 10:39:17 am »
Thanks. I did wonder if it was possible with the inbuilt functionality.  Seems not really. Agreed. Failing catastrophically without any reporting is pretty poor.

C

Offline martynwendon

  • Full Member
  • ***
  • Posts: 115
  • Karma: +15/-1
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #203 on: February 19, 2019, 08:51:20 am »
Hey @rafale77

Are the VeraMods files in posts 165 / 166 up to date?  I'm just waiting on a USB SSD drive to arrive and am going to try this on a Vera Secure in the next day or so - should it work OK on a Secure?

Similarly, is the extroot.sh in your other thread up to date and should that work OK on a Secure too?

Also, how does this mod and the extroot mod impact on future firmware updates?  Should they just apply over the top and not mess up any of these changes?

And finally for backup / restore, should that work OK too?

My intention is to "prepare" some Secure using your mods and extroot scripts and then restore backups from my live Vera (a mixture of Edge, Plus & Secure) - do you foresee any issues with that?


Your best guess is fine, I have access to several units for testing so I'm not too worried about bricking them ..... I can also provide any info you may need beforehand for the Secure (partition layouts, versions, etc).

Online rafale77

  • Community Beta
  • Hero Member
  • ******
  • Posts: 1686
  • Karma: +91/-27
  • HA ≠ IoT as a blue sky is cloudless.
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #204 on: February 19, 2019, 11:22:46 am »
Hi Martyn:

The latest version of the script is in post 175-176. It is the 3 file version.

The order by which you should apply the script is:

1. extroot (I believe I have only left one version on the forum and deleted all the older ones so it should be up to date)
2. VeraMods.

I have tested them quite extensively on my spare unit having run and bricked the vera quite a few times and recovered as many times. I believe it should work on the secure as well given it is basically the same unit. with a dual core CPU and more memory. Just to be sure though, I would appreciate if you could post the banner you see as you login (I want to check what version of openWRT it is running) and the output of "dmesg" and "df -h" right after a boot so I can map the flash drive.
Not critical but just in case.
openLuup (78 devices, 141 scenes, 19 apps) master to VeraPlus (142 zwave nodes, 8 Zigbee nodes, 221 devices,  20 scenes , 2 apps) +  Hubitat (15 Zigbee nodes) + Home-Assistant (API Integrations). Bridged to Siri and Alexa. Homewave. VeraPlus ExtRooted and mios server independent.

Offline martynwendon

  • Full Member
  • ***
  • Posts: 115
  • Karma: +15/-1
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #205 on: February 19, 2019, 11:54:27 am »
Ah yeah post 175-176 that's what I mean, I was just too lazy to go back and check when I wrote the post :-)

Here's the output:

Code: [Select]
BusyBox v1.19.4 (2017-01-30 10:11:42 UTC) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M

 ---------------------------------------------------
      BARRIER BREAKER (Bleeding Edge, r39638)
 ---------------------------------------------------
  ***      MiOS LTD. ( www.mios.com )        ***
  ***                                        ***
  ***               WARNING :                ***
  *** Any changes made to the system without ***
  *** guidance from MiOS support will VOID   ***
  *** your future Support requests           ***
 ---------------------------------------------------

Code: [Select]
[    5.136000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[    5.136000] [DBG] BOFFSET: 0, BREPEAT: 0
[    5.136000] cdc_xr_usb_serial 1-2.2:1.0: This device cannot do calls on its own. It is not a modem.
[    5.152000] cdc_xr_usb_serial 1-2.2:1.0: ttyXR_USB_SERIAL0: USB XR_USB_SERIAL device
[    5.180000] VFS: Mounted root (squashfs filesystem) readonly on device 31:5.
[    5.196000] Freeing unused kernel memory: 228K (82447000 - 82480000)
[    5.252000] usb 1-2.3: new full-speed USB device number 5 using xhci-hcd
[    5.304000] usb 1-2.3: New USB device found, idVendor=04e2, idProduct=1420
[    5.320000] usb 1-2.3: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[    5.336000] usb 1-2.3: Product: Exar USB UART
[    5.344000] usb 1-2.3: Manufacturer: Exar Corp.
[    5.352000] usb 1-2.3: SerialNumber: D162257002
[    5.376000] add_ep parameters, dev_speed 2, is_in 1, isTT 1, ep_type 3, maxp 64, interval 64, burst 0, mult 0, ep 0x9beea300, ep_ctx 0xa1c24240, sch_ep 0x9bf01a80
[    5.408000] check tt_intr_bw interval 8, frame_idx 0
[    5.420000] check tt_intr_bw interval 8, frame_idx 1
[    5.428000] check OK............
[    5.436000] [DBG] BPKTS: 1, BCSCOUNT: 3, BBM: 1
[    5.436000] [DBG] BOFFSET: 8, BREPEAT: 0
[    5.436000] add_ep parameters, dev_speed 2, is_in 0, isTT 1, ep_type 2, maxp 64, interval 1, burst 0, mult 0, ep 0x9beea280, ep_ctx 0xa1c24120, sch_ep 0x9bf01800
[    5.464000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[    5.464000] [DBG] BOFFSET: 0, BREPEAT: 0
[    5.464000] add_ep parameters, dev_speed 2, is_in 1, isTT 1, ep_type 2, maxp 64, interval 1, burst 0, mult 0, ep 0x9beea2ac, ep_ctx 0xa1c24140, sch_ep 0x9bf01580
[    5.496000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[    5.496000] [DBG] BOFFSET: 0, BREPEAT: 0
[    5.496000] cdc_xr_usb_serial 1-2.3:1.0: This device cannot do calls on its own. It is not a modem.
[    5.516000] cdc_xr_usb_serial 1-2.3:1.0: ttyXR_USB_SERIAL1: USB XR_USB_SERIAL device
[    6.808000] Button Hotplug driver version 0.4.1
[    6.844000] JFS: nTxBlock = 4019, nTxLock = 32158
[    6.868000] SCSI subsystem initialized
[    6.880000] usbcore: registered new interface driver usb-storage
[    7.468000] 78:FFFFFF94:FFFFFFB4:FFFFFFF7:FFFFFF85:53
[    7.476000] Raeth v3.1 (Tasklet)
[    7.488000] phy_free_head is 0x1c3a000!!!
[    7.496000] phy_free_tail_phy is 0x1c3bff0!!!
[    7.504000] txd_pool=a1c40000 phy_txd_pool=01C40000
[    7.516000] ei_local->skb_free start address is 0x9be526dc.
[    7.528000] free_txd: 01c40010, ei_local->cpu_ptr: 01C40000
[    7.540000]  POOL  HEAD_PTR | DMA_PTR | CPU_PTR
[    7.548000] ----------------+---------+--------
[    7.560000]      0xa1c40000 0x01C40000 0x01C40000
[    7.568000]
[    7.568000] phy_qrx_ring = 0x01c39000, qrx_ring = 0xa1c39000
[    7.584000]
[    7.584000] phy_rx_ring0 = 0x01c3c000, rx_ring0 = 0xa1c3c000
[    7.624000] MT7530 Reset Completed!!
[    7.632000] change HW-TRAP to 0x17ccf
[    7.640000] set LAN/WAN LLLLW
[    7.652000] GMAC1_MAC_ADRH -- : 0x00007894
[    7.660000] GMAC1_MAC_ADRL -- : 0xb4f78553
[    7.676000] CDMA_CSG_CFG = 81000000
[    7.680000] GDMA1_FWD_CFG = 20710000
[   10.196000] ESW: Link Status Changed - Port4 Link UP
[   11.144000] jffs2: notice: (380) jffs2_build_xattr_subsystem: complete building xattr subsystem, 1 of xdatum (1 unchecked, 0 orphan) and 48 of xref (0 dead, 37 orphan) found.
[   11.644000] ra2880stop()...Done
[   11.656000] Free TX/RX Ring Memory!
[   12.600000]
[   12.600000] set gpio 30 input
[   12.616000]
[   12.616000] set gpio 33 input
[   12.628000]
[   12.628000] set gpio 23 output
[   12.636000]
[   12.636000] set gpio 22 output
[   12.644000]
[   12.644000] set gpio 23 to 0
[   12.652000]
[   12.652000] set gpio 22 to 0
[   20.628000] NTFS driver 2.1.30 [Flags: R/O MODULE].
[   20.664000] loop: module loaded
[   20.676000] gre: GRE over IPv4 demultiplexor driver
[   20.688000] ip_gre: GRE over IPv4 tunneling driver
[   20.716000] u32 classifier
[   20.720000]     input device check on
[   20.728000]     Actions configured
[   20.736000] Mirror/redirect action on
[   20.748000] usbcore: registered new interface driver btusb
[   20.764000] usbcore: registered new interface driver ark3116
[   20.776000] usbserial: USB Serial support registered for ark3116
[   20.796000] usbcore: registered new interface driver cdc_acm
[   20.804000] cdc_acm: USB Abstract Control Model driver for USB modems and ISDN adapters
[   20.824000] usbcore: registered new interface driver cdc_wdm
[   20.836000] usbcore: registered new interface driver ch341
[   20.852000] usbserial: USB Serial support registered for ch341-uart
[   20.868000] usbcore: registered new interface driver cp210x
[   20.880000] usbserial: USB Serial support registered for cp210x
[   20.896000] usbcore: registered new interface driver ftdi_sio
[   20.912000] usbserial: USB Serial support registered for FTDI USB Serial Device
[   20.932000] pegasus: v0.9.3 (2013/04/25), Pegasus/Pegasus II USB Ethernet driver
[   20.948000] usbcore: registered new interface driver pegasus
[   20.964000] Error: Driver 'pl2303' is already registered, aborting...
[   21.108000] Ralink APSoC Hardware Watchdog Timer
[   21.124000] usbcore: registered new interface driver sierra
[   21.136000] usbserial: USB Serial support registered for Sierra USB modem
[   21.180000] xt_time: kernel timezone is -0000
[   21.188000] usbcore: registered new interface driver asix
[   21.204000] usbcore: registered new interface driver ax88179_178a
[   21.220000] usbcore: registered new interface driver cdc_eem
[   21.232000] usbcore: registered new interface driver cdc_ether
[   21.244000] usbcore: registered new interface driver cdc_ncm
[   21.260000] usbcore: registered new interface driver cdc_subset
[   21.272000] ip_tables: (C) 2000-2006 Netfilter Core Team
[   21.284000] Type=Restricted Cone
[   21.304000] nf_conntrack version 0.5.0 (8039 buckets, 32156 max)
[   21.328000] usbcore: registered new interface driver option
[   21.340000] usbserial: USB Serial support registered for GSM modem (1-port)
[   21.360000] Error: Driver 'pl2303' is already registered, aborting...
[   21.388000] PPP generic driver version 2.4.2
[   21.400000] PPP MPPE Compression module registered
[   21.412000] NET: Registered protocol family 24
[   21.420000] usbcore: registered new interface driver qmi_wwan
[   21.436000] usbcore: registered new interface driver sierra_net
[   21.448000] usbcore: registered new interface driver smsc95xx
[   21.468000] usbcore: registered new interface driver cdc_mbim
[   21.484000] Error: Driver 'pl2303' is already registered, aborting...
[   21.524000] Error: Driver 'pl2303' is already registered, aborting...
[   24.208000] jffs2: notice: (1882) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   37.320000] 78:FFFFFF94:FFFFFFB4:FFFFFFF7:FFFFFF85:53
[   37.332000] Raeth v3.1 (Tasklet)
[   37.344000] phy_free_head is 0x1c3a000!!!
[   37.352000] phy_free_tail_phy is 0x1c3bff0!!!
[   37.360000] txd_pool=a1c40000 phy_txd_pool=01C40000
[   37.372000] ei_local->skb_free start address is 0x9be526dc.
[   37.380000] free_txd: 01c40010, ei_local->cpu_ptr: 01C40000
[   37.392000]  POOL  HEAD_PTR | DMA_PTR | CPU_PTR
[   37.404000] ----------------+---------+--------
[   37.412000]      0xa1c40000 0x01C40000 0x01C40000
[   37.420000]
[   37.420000] phy_qrx_ring = 0x01c39000, qrx_ring = 0xa1c39000
[   37.436000]
[   37.436000] phy_rx_ring0 = 0x01c3c000, rx_ring0 = 0xa1c3c000
[   37.480000] MT7530 Reset Completed!!
[   37.488000] change HW-TRAP to 0x17ccf
[   37.496000] set LAN/WAN LLLLW
[   37.508000] GMAC1_MAC_ADRH -- : 0x00007894
[   37.516000] GMAC1_MAC_ADRL -- : 0xb4f78553
[   37.524000] CDMA_CSG_CFG = 81000000
[   37.528000] GDMA1_FWD_CFG = 20710000
[   37.548000] device eth0.2 entered promiscuous mode
[   37.556000] device eth0 entered promiscuous mode
[   37.588000] br-wan: port 1(eth0.2) entered forwarding state
[   37.600000] br-wan: port 1(eth0.2) entered forwarding state
[   39.604000] br-wan: port 1(eth0.2) entered forwarding state
[   40.064000] ESW: Link Status Changed - Port4 Link UP
[   44.056000]
[   44.056000] set gpio 23 to 0
[   44.068000]
[   44.068000] set gpio 23 to 1
[   44.820000] usb 1-2.4: new high-speed USB device number 6 using xhci-hcd
[   44.848000] usb 1-2.4: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   44.868000] usb 1-2.4: New USB device found, idVendor=058b, idProduct=0041
[   44.884000] usb 1-2.4: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.900000] add_ep parameters, dev_speed 3, is_in 1, isTT 0, ep_type 3, maxp 512, interval 1024, burst 0, mult 0, ep 0x9afdf400, ep_ctx 0xa1c49080, sch_ep 0x9b6d1c80
[   44.932000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   44.932000] [DBG] BOFFSET: 0, BREPEAT: 0
[   44.932000] add_ep parameters, dev_speed 3, is_in 1, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9afdf380, ep_ctx 0xa1c49100, sch_ep 0x9b6d1a00
[   44.964000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   44.964000] [DBG] BOFFSET: 0, BREPEAT: 0
[   44.964000] add_ep parameters, dev_speed 3, is_in 0, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9afdf3ac, ep_ctx 0xa1c490a0, sch_ep 0x9b6d1800
[   44.996000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   44.996000] [DBG] BOFFSET: 0, BREPEAT: 0
[   44.996000] cdc_acm 1-2.4:1.0: This device cannot do calls on its own. It is not a modem.
[   45.012000] cdc_acm 1-2.4:1.0: ttyACM0: USB ACM device
[   46.412000] usb 1-2.4: USB disconnect, device number 6
[   47.412000] usb 1-2.4: new high-speed USB device number 7 using xhci-hcd
[   47.444000] usb 1-2.4: config 1 has too many interfaces: 6, using maximum allowed: 4
[   47.464000] usb 1-2.4: New USB device found, idVendor=1bc7, idProduct=0026
[   47.476000] usb 1-2.4: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   47.496000] usb 1-2.4: Product: 6 CDC-ACM Data Only
[   47.504000] usb 1-2.4: Manufacturer: Telit
[   47.512000] usb 1-2.4: SerialNumber: 354678055800986
[   47.524000] add_ep parameters, dev_speed 3, is_in 1, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9b7b0580, ep_ctx 0xa1c48080, sch_ep 0x9b6d1c00
[   47.556000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.556000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.556000] add_ep parameters, dev_speed 3, is_in 0, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9b7b05ac, ep_ctx 0xa1c48060, sch_ep 0x9b6d1900
[   47.584000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.584000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.584000] add_ep parameters, dev_speed 3, is_in 1, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9bd20500, ep_ctx 0xa1c480c0, sch_ep 0x9b6d1d00
[   47.616000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.616000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.616000] add_ep parameters, dev_speed 3, is_in 0, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9bd2052c, ep_ctx 0xa1c480a0, sch_ep 0x9afdf100
[   47.644000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.644000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.644000] add_ep parameters, dev_speed 3, is_in 1, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9ac7cf00, ep_ctx 0xa1c48100, sch_ep 0x9b5dc700
[   47.676000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.676000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.676000] add_ep parameters, dev_speed 3, is_in 0, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9ac7cf2c, ep_ctx 0xa1c480e0, sch_ep 0x9b6d1700
[   47.708000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.708000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.708000] add_ep parameters, dev_speed 3, is_in 1, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9b581600, ep_ctx 0xa1c48140, sch_ep 0x9b5dce80
[   47.740000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.740000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.740000] add_ep parameters, dev_speed 3, is_in 0, isTT 0, ep_type 2, maxp 512, interval 1, burst 0, mult 0, ep 0x9b58162c, ep_ctx 0xa1c48120, sch_ep 0x9b5dcc00
[   47.768000] [DBG] BPKTS: 1, BCSCOUNT: 0, BBM: 1
[   47.768000] [DBG] BOFFSET: 0, BREPEAT: 0
[   47.804000] option 1-2.4:1.0: GSM modem (1-port) converter detected
[   47.816000] usb 1-2.4: GSM modem (1-port) converter now attached to ttyUSB0
[   47.840000] option 1-2.4:1.1: GSM modem (1-port) converter detected
[   47.856000] usb 1-2.4: GSM modem (1-port) converter now attached to ttyUSB1
[   47.876000] option 1-2.4:1.2: GSM modem (1-port) converter detected
[   47.896000] usb 1-2.4: GSM modem (1-port) converter now attached to ttyUSB2
[   47.912000] option 1-2.4:1.3: GSM modem (1-port) converter detected
[   47.924000] usb 1-2.4: GSM modem (1-port) converter now attached to ttyUSB3
[   49.672000] jffs2: notice: (3331) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   51.012000] Bluetooth: hci0 urb 9b4cf500 failed to resubmit (2)
[   51.024000] Bluetooth: hci0 urb 9accbf00 failed to resubmit (2)
[   57.824000]
[   57.824000] led off GPIO_LED_ZIGBEE         
[   60.380000]
[   60.380000] led off GPIO_LED_SERVICE         
[   60.660000]
[   60.660000] led off GPIO_LED_LPRF           
[   61.428000]
[   61.428000] led on GPIO_LED_ZIGBEE         
[   61.924000]
[   61.924000] led on GPIO_LED_ZWAVE           
[   62.252000]
[   62.252000] led on GPIO_LED_LPRF           
[   62.468000]
[   62.468000] led on GPIO_LED_LPRF           
[   62.732000]
[   62.732000] led on GPIO_LED_POWER           
[   62.792000]
[   62.792000] led on GPIO_LED_ZWAVE           
[   63.120000]
[   63.120000] led on GPIO_LED_ZIGBEE         
[   63.416000]
[   63.416000] led on GPIO_LED_SERVICE         
[   63.680000]
[   63.680000] led on GPIO_LED_3G             
[   64.120000]
[   64.120000] led off GPIO_LED_ZIGBEE         
[   64.268000]
[   64.268000] led off GPIO_LED_LPRF           
[   64.436000]
[   64.436000] led off GPIO_LED_SERVICE         
[   64.564000]
[   64.564000] led off GPIO_LED_3G             
[   65.620000]
[   65.620000] led on GPIO_LED_BLUETOOTH       
[   67.744000]
[   67.744000] led on GPIO_LED_WIFI           
[   67.864000]
[   67.864000] led on GPIO_LED_BLUETOOTH       
[   71.992000]
[   71.992000] led off GPIO_LED_ZIGBEE         
[   74.184000]
[   74.184000] led off GPIO_LED_LPRF           
[   74.240000]
[   74.240000] led off GPIO_LED_SERVICE         
[   74.628000]
[   74.628000] led on GPIO_LED_ZIGBEE         
[   74.736000]
[   74.736000] led on GPIO_LED_ZWAVE           
[   74.844000]
[   74.844000] led on GPIO_LED_LPRF           
[   74.956000]
[   74.956000] led on GPIO_LED_LPRF           
[   75.064000]
[   75.064000] led on GPIO_LED_ZWAVE           
[   75.164000]
[   75.164000] led on GPIO_LED_ZIGBEE         
[   75.276000]
[   75.276000] led on GPIO_LED_SERVICE         
[   75.388000]
[   75.388000] led on GPIO_LED_3G               

Code: [Select]
Filesystem                Size      Used Available Use% Mounted on
rootfs                    8.0M      4.5M      3.5M  56% /
/dev/root                10.5M     10.5M         0 100% /rom
tmpfs                   251.2M      7.5M    243.7M   3% /tmp
/dev/mtdblock6            8.0M      4.5M      3.5M  56% /overlay
overlayfs:/overlay        8.0M      4.5M      3.5M  56% /
tmpfs                   512.0K         0    512.0K   0% /dev
/dev/mtdblock10          50.0M     11.5M     38.5M  23% /storage
/dev/mtdblock10          50.0M     11.5M     38.5M  23% /etc/cmh-firmware
/dev/mtdblock10          50.0M     11.5M     38.5M  23% /etc/cmh-backup
/dev/mtdblock9           10.0M     10.0M         0 100% /mios


Offline martynwendon

  • Full Member
  • ***
  • Posts: 115
  • Karma: +15/-1
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #206 on: February 19, 2019, 11:56:08 am »
Also added a ps output:

Code: [Select]
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  1.6  0.1   1436   672 ?        S    16:46   0:04 /sbin/procd
root         2  0.0  0.0      0     0 ?        S    16:46   0:00 [kthreadd]
root         3  0.2  0.0      0     0 ?        S    16:46   0:00 [ksoftirqd/0]
root         4  0.0  0.0      0     0 ?        S    16:46   0:00 [kworker/0:0]
root         5  0.0  0.0      0     0 ?        S<   16:46   0:00 [kworker/0:0H]
root         6  0.0  0.0      0     0 ?        S    16:46   0:00 [kworker/u4:0]
root         7  0.1  0.0      0     0 ?        S    16:46   0:00 [migration/0]
root         8  0.0  0.0      0     0 ?        S    16:46   0:00 [rcu_bh]
root         9  0.6  0.0      0     0 ?        S    16:46   0:01 [rcu_sched]
root        10  1.3  0.0      0     0 ?        S    16:46   0:03 [migration/1]
root        11  0.1  0.0      0     0 ?        S    16:46   0:00 [ksoftirqd/1]
root        12  0.0  0.0      0     0 ?        S    16:46   0:00 [kworker/1:0]
root        13  0.0  0.0      0     0 ?        S<   16:46   0:00 [kworker/1:0H]
root        14  0.0  0.0      0     0 ?        S<   16:46   0:00 [khelper]
root        15  0.0  0.0      0     0 ?        S    16:46   0:00 [kworker/u4:1]
root       103  0.0  0.0      0     0 ?        S<   16:46   0:00 [writeback]
root       105  0.0  0.0      0     0 ?        S<   16:46   0:00 [bioset]
root       107  0.0  0.0      0     0 ?        S<   16:46   0:00 [kblockd]
root       115  0.2  0.0      0     0 ?        S    16:46   0:00 [khubd]
root       127  1.2  0.0      0     0 ?        S    16:46   0:03 [kworker/1:1]
root       150  0.0  0.0      0     0 ?        S    16:46   0:00 [kswapd0]
root       151  0.0  0.0      0     0 ?        SN   16:46   0:00 [ksmd]
root       152  0.0  0.0      0     0 ?        S    16:46   0:00 [fsnotify_mark]
root       153  0.0  0.0      0     0 ?        S<   16:46   0:00 [crypto]
root       259  0.6  0.0      0     0 ?        S    16:46   0:01 [kworker/0:1]
root       289  0.0  0.0      0     0 ?        S<   16:46   0:00 [krfcommd]
root       293  0.0  0.0      0     0 ?        S<   16:46   0:00 [deferwq]
root       305  0.0  0.0      0     0 ?        S    16:46   0:00 [kworker/u4:2]
root       321  0.0  0.0      0     0 ?        S    16:46   0:00 [jfsIO]
root       322  0.0  0.0      0     0 ?        S    16:46   0:00 [jfsCommit]
root       323  0.0  0.0      0     0 ?        S    16:46   0:00 [jfsCommit]
root       324  0.0  0.0      0     0 ?        S    16:46   0:00 [jfsSync]
root       339  0.0  0.0      0     0 ?        S<   16:46   0:00 [kworker/1:1H]
root       340  0.0  0.0      0     0 ?        S<   16:46   0:00 [kworker/0:1H]
root       381  0.6  0.0      0     0 ?        SN   16:47   0:01 [jffs2_gcd_mtd6]
root       501  0.1  0.0    892    92 ?        S    16:47   0:00 /sbin/ubusd
root       502  0.0  0.0    768    80 ttyS1    Ss+  16:47   0:00 /sbin/askfirst ttyS1 /bin/ash --login
root      1883  5.5  0.0      0     0 ?        SN   16:47   0:13 [jffs2_gcd_mtd10]
root      2075  0.2  0.0   1048   356 ?        S    16:47   0:00 /sbin/logd -S 16
root      2080  0.1  0.1   3672   624 ?        S    16:47   0:00 /usr/bin/btn_g550 -c /etc/config/button_g550.ini -d
root      2083  0.0  0.0      0     0 ?        S    16:47   0:00 [kworker/1:2]
root      2156  0.2  0.1   1584   756 ?        S    16:47   0:00 /sbin/netifd
root      2360  0.0  0.0   1768   364 ?        S    16:47   0:00 udhcpc -p /var/run/udhcpc-br-wan.pid -s /lib/netifd/dhcp.script -f -t 0 -i br-wan -C
root      2747  0.0  0.0   1772   376 ?        S    16:47   0:00 /usr/sbin/crond -f -c /etc/crontabs -l 5
root      2781  0.0  0.2   4068  1160 ?        S    16:47   0:00 /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf
root      2786  0.0  0.1   1736   588 ?        Ss   16:47   0:00 /usr/sbin/dbus-daemon --system
root      2962  0.0  0.0   1104   300 ?        Ss   16:47   0:00 /usr/sbin/ntpclient -c 6 -i 600 -s -l -D -p 123 -h 3.openwrt.pool.ntp.org
root      3395  0.0  0.0      0     0 ?        S<   16:47   0:00 [kworker/u5:0]
root      3396  0.0  0.0      0     0 ?        S<   16:47   0:00 [hci0]
root      3397  0.0  0.0      0     0 ?        S<   16:47   0:00 [hci0]
root      3400  0.0  0.0      0     0 ?        S<   16:47   0:00 [kworker/u5:1]
root      3401  0.0  0.0      0     0 ?        S<   16:47   0:00 [kworker/u5:2]
root      3458  0.0  0.0   1768   364 ?        S    16:47   0:00 /usr/sbin/ntpd -n -p 0.openwrt.pool.ntp.org 1.openwrt.pool.ntp.org 2.openwrt.pool.ntp.org 3.openwrt.pool.ntp.org
root      3490  0.0  0.1   1780   524 ?        S    16:47   0:00 /bin/sh /usr/bin/Start_LuaUPnP.sh
root      3611  0.0  0.0   1768   432 ?        S    16:47   0:00 /bin/sh /usr/bin/Start_serproxy.sh
root      3629  0.2  0.2   3364  1452 ?        S    16:47   0:00 /usr/bin/bluetoothd -n -E
root      3653  0.0  0.0      0     0 ?        S    16:47   0:00 [kworker/0:2]
root      3686  0.0  0.0      0     0 ?        S    16:47   0:00 [kworker/1:3]
root      3886  0.0  0.1   1944   600 ?        S    16:47   0:00 /bin/sh /usr/bin/cmh-ra-daemon.sh 127.0.0.1 80 vera-us-oem-relay41.mios.com 30656 SOME REDACTED STUFF
root      3927  0.2  0.0   1232   352 ?        S    16:47   0:00 ssh -p 232 -T -y -i /etc/cmh-ra/keys/cmh-ra-key.priv -R 30656:127.0.0.1:80 cmh-ra@vera-us-oem-relay41.mios.com
root      3965  0.0  0.0   1772   464 ?        S    16:47   0:00 /bin/sh /usr/bin/Start_NetworkMonitor.sh
root      3985  0.0  0.1   1780   520 ?        S    16:47   0:00 /bin/sh /usr/bin/StreamingTunnelsManager.sh
root      4074  0.0  0.0   1792   500 ?        S    16:47   0:00 /bin/sh /usr/bin/Start_WanFailover.sh
root      4102  0.3  0.7   8404  3796 ?        Sl   16:47   0:00 /usr/bin/NetworkMonitor
nobody    4368  0.0  0.0    960   336 ?        S    16:47   0:00 /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf -k
root      5213  5.0  2.0  75636 10640 ?        Sl   16:47   0:10 /usr/bin/LuaUPnP
root      5456  0.0  0.0   1148   352 ?        S    16:48   0:00 /usr/sbin/dropbear -F -P /var/run/dropbear.1.pid -p 22 -K 300
root      5750  0.0  0.0   1024   340 ?        S    16:48   0:00 /usr/bin/serproxy 127.0.0.1 127.0.0.1 SOME REDACTED STUFF
root      7463  0.8  0.1   1212   536 ?        Rs   16:49   0:01 /usr/sbin/dropbear -F -P /var/run/dropbear.1.pid -p 22 -K 300
root      7556  0.0  0.0   1772   508 pts/0    Ss   16:49   0:00 -ash
root      9337  0.0  0.0   1760   116 ?        S    16:50   0:00 sleep 60
root      9368  0.0  0.0   1760   116 ?        S    16:50   0:00 sleep 58
root      9822  0.1  0.1   1600   596 ?        S    16:51   0:00 /usr/sbin/pppd nodetach ipparam 3g ifname 3g-3g lcp-echo-interval 5 lcp-echo-failure 3 +ipv6 nodefaultroute usepeerdns persist maxfail 1 connect USE_APN=m2m005229.attz DIALNUMBER=*99# /usr/sbin/chat -t5 -v -E -f /etc/chatscripts/3g.cha
root      9906  1.0  0.1   1952   676 ?        S    16:51   0:00 /bin/sh /usr/bin/WanFailover_Watch.sh --3g-iface 3g-3g
root      9930  0.0  0.1   1952   564 ?        S    16:51   0:00 /bin/sh /usr/bin/WanFailover_Watch.sh --3g-iface 3g-3g
root      9934  0.0  0.0   1764   368 ?        S    16:51   0:00 ping -I br-wan -q -w 3 -c 1 98.139.183.24
root      9941  0.0  0.0   1296   336 pts/0    R+   16:51   0:00 ps aux


Online rafale77

  • Community Beta
  • Hero Member
  • ******
  • Posts: 1686
  • Karma: +91/-27
  • HA ≠ IoT as a blue sky is cloudless.
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #207 on: February 19, 2019, 12:06:49 pm »
Thank you! Very helpful.

I cracked up at the rootfs partition... 8MB!! come on mios... what were you thinking?
Vera Lite 11MB, Vera Edge 10MB, Vera Plus 8.6MB, Vera Secure 8MB... The more we upgrade the less storage we have.

Unfortunately the output of your dmesg is a bit tardy in the process (it starts after 5s) so I cannot map the drive but I think I have enough information.
It runs the exact same kernel as the Vera Plus so you can run all the scripts the exact same way. It is even more critical for you to start with extroot.

The ps output is also helpful. The secure seems to have a couple of extra scripts for 3G failover which obviously the VeraMod scripts will not disable.
« Last Edit: February 19, 2019, 12:11:54 pm by rafale77 »
openLuup (78 devices, 141 scenes, 19 apps) master to VeraPlus (142 zwave nodes, 8 Zigbee nodes, 221 devices,  20 scenes , 2 apps) +  Hubitat (15 Zigbee nodes) + Home-Assistant (API Integrations). Bridged to Siri and Alexa. Homewave. VeraPlus ExtRooted and mios server independent.

Offline martynwendon

  • Full Member
  • ***
  • Posts: 115
  • Karma: +15/-1
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #208 on: February 19, 2019, 01:35:45 pm »
Sounds good, SSD's should be here tomorrow so will take a crack at it.

The ps output is also helpful. The secure seems to have a couple of extra scripts for 3G failover which obviously the VeraMod scripts will not disable.

I've actually been running all my Vera "mostly" disconnected from Vera Cloud for the last three or four years using some simple scripts to kill off most Cloud connectivity aside from logs and alerts and a few other bits .... I forget now, it was ages ago that I figured it all out, but I run all my Vera behind hardware firewalls so it's easy to see what they are trying to connect to.  The one benefit of my simple scripts is that you can run stop / start at will which is handy if you find you need to connect back up to the Cloud for something.


Your mods obviously go much further though!

Offline martynwendon

  • Full Member
  • ***
  • Posts: 115
  • Karma: +15/-1
Re: Securing and stabilizing the Vera by taking it off the grid
« Reply #209 on: Today at 09:07:13 am »
So far so good with the extroot on the Secure :-)

Unfortunately I think running VeraMods has killed it tho :-(

After the reboot there's only a few things running (no LuaUPnP process for example).

Here's the log output from running VeraMods, seems quite a few errors there?