Nov 26, 2013

Asus Transformer (TF101) bootloader fix

Playing with different ROMs or flashing funny stuff might cause your tablet to not boot correctly or always try to boot on recovery.

How to power it up?

You can try to power the tablet bypassing the bootloader with the following steps:
  1. Turn on the tablet using Vol Down + Power
  2. The tablet should display a couple of white text lines in the top, to let you know that you need to push Vol Up to enter recovery. Just wait there for it to timeout (its around 5 seconds)
  3. In the following screen, the tablet should show two icons (wipe data and android), make sure android is selected and either wait 10 seconds or hit the volume key to select it.
  4. The tablet should start normally again.
This is a workarround, so if you don't fix the problem, you will need to do all steps again every time you power up the tablet.

Whats the problem?

Most of the time, the issue is that the first string of the bootloader partition is corrupted or changed and the tablet either runs recovery or doesn't know what to run at all. To check if this is your table's issue, you need either adb or a terminal app in your device.

$ su
# cat /dev/block/mmcblk0p3
(more gibberish)

The solution

First of all, do this at your own risk. Second, check if the output of your boot partition has the 'boot-recovery' string, if it has any other string, this might not work at all. Now with the steps of the solution:

  1. Use either adb or a terminal/shell app with root.
    echo boot | dd of=/dev/block/mmcblk0p3 bs=1 seek=0
  2. Check again your boot partition, you should have something like the following
    cat /dev/block/mmcblk0p3
    (more gibberish)
  3. Reboot
The tablet should reboot now without problem as well as it should let you enter recovery without issues.

Nov 15, 2013

Restoring chat messages in LINE

As LINE and WhatApp user, I find the lack from LINE to be able to backup your chat history a big draw. Luckily for us, there's a workaround to fix this issue.

What do we need?

  • A rooted Android phone
  • Titanium Backup
  • SQLite Editor

Any other similar app should also do the trick. Before changing your phone, ROM or whatever, you need to create a backup of the LINE app, so we have the saved data of the app before doing anything.

How to restore

  1. Do a fresh install of LINE from the App Store, but don't open it right away.
  2. Restore LINE app data from the Titanium Backup backup.
  3. Open SQLite Editor and in the apps tab select LINE app.
  4. SQLite should open the app and show you the available .db files, select naver_line
  5. You should now see all the tables inside that .db file, select setting
  6. Once you're inside the table, seeing all the data it contains, select Menu > Delete All
  7. Open LINE app and login with your username
  8. You will receive a pop-up telling that the previous account will be deleted along with the chat history. Just click OK.
  9. Follow the rest of the setup process
  10. Once finished, you should be able to see all your saved chat history.
And that is, we now have our restored data in LINE.

Update: Another way to do it

If the above doesn't work for you, there's another way to do it with SQLite Manager
  1. As before, do a previous backup.
  2. Restore your backup on your new phone or ROM
  3. Use a root file explorer to go to /data/data/
  4. Copy naver_line to your PC and rename it as naver_line_old
  5. Do a fresh install and do the whole setup process
  6. Again use a root explorer to get the new version of naver_line and save it as naver_line_new on your PC
  7. In your PC, open naver_line_old and export chat_history table to a file.
  8. In your PC, open naver_line_new and import the exported file.
  9. Copy naver_line_new to /data/data/
  10. Restart your phone.
With these steps, you should have all your chat history restored, but it won't be visible until the people in your chat conversations message you again.

Nov 6, 2013

Task management with Cron + Anacron

What is Anacron

Anacron is used to execute commands periodically, with a frequency specified in days. Its a good partner of any machine with cron jobs that it isn't running 24/7. For each job, Anacron checks if it has been executed in the last n days, where n is the period specified for that job. If the job hasn't been executed, Anacron will execute it.

Anacron configuration

Anacron configuration file is located in /etc/anacrontab and looks like this:
# format: period delay job-identifier command
## If you turn any of the following on, make sure that the
## regular cron daemon does not run them also. This could
## lead to double execution of the jobs.
1       5       cron.daily      run-parts /etc/cron.daily
7       10      cron.weekly     run-parts /etc/cron.weekly
30      15      cron.monthly    run-parts /etc/cron.monthly 

Tasks are represented in the following format:
period  delay   job-identifier  command

The job identifier should be unique for each job, as Anacron uses that name to create a file in /var/spool/anacron with the timestamp of the last time that task was executed.

Conflicts between Cron and Anacron

If the PC is restarted and Cron executes its daily/weekly/monthly routines, it is possible to execute them twice if also Anacron tries to execute them. To avoid this conflict, we can create a file inside the cron folders to update the timestamp of Anacron tasks and avoid running them again.

The simplest example should be to create a script called 0anacron, inside the cron.daily directory, that runs Anacron with the -u option, just to update the timestamps of Anacron's tasks:
/usr/sbin/anacron -u

If you have Anacron configured to execute different tasks in different time frames (such as one daily and one weekly), it is possible to append the task name or job-identifier to the -u option, so Anacron will only refresh that task. This way we can create one script in cron.daily to reflesh the daily Anacron task and one script in cron.weekly to refresh the weekly task.

Anacron on Suspend

Anacron will run automatically everytime you turn on (or reboot) your PC, but what happens when you just suspend it? Anacron won't run when you wake your PC from suspend, but there are a couple of things you can do to avoid this issue:

Use Cron

This might not be the most elegant solution but it works, just create an entry in your crontab that calls Anacron every X hours, where X should be a period short enough that would grant that your PC will be online in at least one period of a whole day. That way all daily tasks should be able to run without problems, for example:
# Run Anacron every two hours
* */2 * * * /usr/sbin/anacron -s

Use pm-utils

You need to configure pm-utils on your kernel, but it is possible to control several events, including wake from suspend. With a custom script on wake from suspend events, we could make a call to Anacron each time the PC wakes up, so we can ensure that all tasks run without problems. You should create a new executable script in /etc/pm/sleep.d. Any script found there on sleep or wake-up routines will be executed, so you can create a script like the following to execute Anacron each time the PC wakes up:
case $1 in
    /usr/sbin/anacron -s

Oct 22, 2013

Moving on to syslog-ng 3.4 (I)

syslog-ng is an open source implementation of the Syslog protocol for Unix and Unix-like systems. It extends the original syslogd model with content-based filtering, rich filtering capabilities, flexible configuration options and adds important features to syslog.

Upgrading to version 3.4 is as good as any other excuse to create a custom configuration and fit syslog-ng to our needs.

The basics

syslog-ng configuration file is pretty forward, the idea behind it is to set what you want to monitor, how you want to do it and where you want to save it. This is a basic configuration example:
@version: 3.4

# Global options
options {
# Create new dirs if needed
# log a MARK line every hour.
# log a STATS line every hour.
# Enable multi-thread

# Sources
source s_all { system(); internal(); };

# Destinations
destination d_syslog { file("/var/log/messages"); };

# Log
log { source(s_all); destination(d_syslog); };

Lets split the configuration in its respective parts to make it easier to understand.

Global Options

The global options configure syslog-ng basic features and behaviours. Its wise to read them all and add them to your configuration file if you want to configure something different from the default behaviour. You can check all available options in Chapter 9.2 of the Administration Guide.


Configure where does syslog-ng need to look, the basic configuration is the following:
source <name> { <source_type> };
Being <source_type> one of the following: internal(), file(), pacct(), pipe(), program(), sun-stream(), sun-streams(), syslog(), system(), tcp(), tcp6(), udp(), udp6(), unix-dgram(), unix-stream(). You can check what does each one do in Table 6.2 of the Administration Guide.


They aren't included in the example, but you can create filters to filter by facility, level, program or source amongst others. This will let you divide all the messages from the same source between the log files you want. For example, if you want to filter all ftp messages, you can create a filter like this:
filter f_ftp { facility(ftp); };
Then you could use that filter in a log statement to save those logs in the destination you choose.


Where you want to save your logs, either local or remote. In this case, we're gonna use a local file instead, but you can check all possible destinations (including SMTP) in Table 7.1 of the Administrator Guide.


Log statements assemble one or more of all the following statements (sources, filters and destinations) to build the chain that will be followed for every log we want. As said before, the basic is to select where to get the log (source), you can select how to parse it (filter) and where to store it (destination).

So, finishing our FTP monitor example, this should be the resulting code to create a log for FTP:
source s_all { system(); internal(); };
filter f_ftp { facility(ftp); };
destination d_ftp { file("/var/log/ftp.log"); };
log { source(s_all); filter(f_ftp); destination(d_ftp); };

Aug 26, 2013

Synchronizing savegames on Windows

For all of us that like to play the same game in different computers, there's a simple way to keep or game progress synced between computers and even backed on the cloud. The good thing about this approach is that you don't need any other software (if you already have the client of your favourite cloud provider) and its kinda simple to setup for a couple of games.


The idea is to have the save games stored in the cloud, linked to our cloud client's directory, so when they're modified, they will be updated in the cloud as well as the other devices we're playing from.

Setup (only needed once)

First of all, make a backup of your save game folder (just in case), then follow these steps:
  1. Create a folder inside Google Drive's folder for your save games.
  2. Find your game's save game location. (Google is your friend)
  3. Copy the save game folder to the one created in Google Drive.

Per-Computer setup

We have to do the following in every computer we want to have synced with the save games:
  1. Go to your game's save location and rename or delete the folder.
  2. Open a command window in the same location and type the following:
    mklink /J <Save game Folder> <GDrive Folder>
Example for Civilization V:
mklink /J "C:\Users\<User>\Documents\My Games\Civilization V\Saves"
"D:\Google Drive\Savegames\Civilization V\Saves"

You can change Google Drive for Dropbox or use another client.

Aug 13, 2013

Work behind a proxy with authentication

If you work in a big company you can find mostly all the times that you're required to pass through a proxy with a given personal user and password to be able to access the internet. Many times is as easy as configuring all the parameters in the browser's options, but for aplications limited to just use proxy or not, you might have some trouble making them work. This is when Cntlm comes handy.

Whats Cntlm?

Cntlm is an NTLM authenticating proxy, that can work as middle man between your PC and the company's proxy. This way you can let Cntlm handle the authentication with the proxy while you just point your aplications to Cntlm address.


First of all, you need to open the cntlm.ini file, located in C:\Program Files\Cntlm and complete the following:
Username    test_user
Domain      company_domain
Password    user_password
Proxy       proxyaddress:port
Save the file and start or restart Cntlm service.

Cntlm should be working by now, but the user password isn't really secure since its inside a plain text filed... To avoid taking risks, we can use Cntlm to encode our password using the following:
C:\Program Files\Cntlm>cntlm -M
Config profile  1/4... OK (HTTP code: 302)
----------------------------[ Profile  0 ]------
Auth            NTLMv2
PassNTLMv2      98D6986BCFA9999E41698C1686B58A09
Copy/paste last two lines and comment (add # before) the password line.

Now we have our local proxy running in, so we just need to change the browser and/or aplication options to point to our local proxy instead.

Apr 26, 2013

Disable Windows 7 Teredo

Have you ever found your router with several entries in its NAT table labeled as Teredo? Windows is so awesome that it tries to create them using UPnP and will create another one if the first one didn't respond. Since my router has two interfaces and the working one is the second, Windows tries to use the default (the first one) and since it isn't configured and won't respond, it can make my NAT table quite lenghty over time.

Whats Teredo?

According to Wikipedia, Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts which are on the IPv4 Internet but which have no direct native connection to an IPv6 network. So if you don't plan to use IPv6, you can disable Teredo without problems.

How to avoid this behaviour?

Its quite easy, disable or unconfigure Teredo. IPv6 is needed for Windows Homegroups, so if your using them you can just redirect Teredo to localhost to avoid unnecessary garbage in your router's NAT table.

Open a command prompt (cmd) and use the following to redirect Teredo:
netsh interface>teredo
netsh interface teredo>set state type=client

If you want to disable it, just type:
netsh interface teredo>set state disabled

Also you can check the current state with:
netsh interface teredo>show state

Teredo Parameters
Type                    : client
Server Name             : 0:0:0:0:0:0:0:1
Client Refresh Interval : 30 seconds
Client Port             : unspecified
State                   : offline
Error                   : failed to resolve server name

Apr 17, 2013

Compile Zotac MCE remote in Gentoo

Update (28/08/2013): This patch has been merged with the main portage tree as of lirc version 0.9.0-r3

If you own a Zotac ZBOX or similar hardware with the included MCE remote, you can find that upon compiling lirc in Gentoo, that the remote is not fully configured and not all buttons work. In this case you have two choices: configure the remote as default an map the buttons manually or use information in this post to compile lirc with zotac remote support and enable all buttons.

I've already filled a bug in Gentoo's Bugzilla to add the source to the main portage tree in order to avoid the following steps. The files you will need right now are: lirc_ebuild.patch and zotac.patch use left-click + save target as... These files will add the needed sources to compile the zotac remote and patch the actual portage ebuild of lirc, letting you reinstall it with the new added sources.
  • lirc_ebuild.patch: This patch needs to be applied to the current app-misc/lirc portage ebuild, you can find it in /usr/portage/app-misc/lirc, in order to apply the patch run the following:
    cd /usr/portage/app-misc/lirc
    patch -p1 lirc_ebuild.patch
  • zotac.patch: This patchs needs to be copied to the files folder in app-misc/lirc:
    cp zotac.patch
  • Manifest: Once the new files are copied, we need to rebuild the manifest file:
    cd /usr/portage/app-misc/lirc
    ebuild lirc-0.9.0-r2.ebuild manifest
Then we have the patches configured, we can define lirc devices as zotac in our make.conf file:

Once finished with the patchs and configuration, we can recompile lirc. The new version of lirc will have the zotac remote compiled and all the buttons mapped. This works almost out of the box on XBMC and I'm sure it works also in similar systems.

To avoid rewriting the modified version of lirc, add it to the masked packages:
echo "app-misc/lirc >> /etc/portage/package.mask"
This way it won't be recompiled when you update the portage tree.

Mar 29, 2013

Separate WLAN in DD-WRT

If you have a DD-WRT device, you can configure the WLAN to be completely separate from the LAN while still granting it internet connection. That means that the WLAN subnet won't be able to access any device in the LAN subnet, but it will be able to passthrough the router/modem to get internet access.

The basic configuration consists on the following:
  1. Create a new bridge with a new subnet address that will contain the WLAN interface.
  2. Add DHCP service to the new subnet if needed.
  3. Configure the firewall settings to setup the WLAN.
The first two are self-explanatory, but for the third one you have to insert the following in the firewall rules, save it and apply it:

iptables -t nat -I POSTROUTING -o `get_wanface`
 -j SNAT --to `nvram get wan_ipaddr`
iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j
 TCPMSS --clamp-mss-to-pmtu
iptables -I FORWARD -i br1 -d `nvram get 
lan_ipaddr`/`nvram get lan_netmask` -m state
--state NEW -j DROP
iptables -t nat -I POSTROUTING -o br0 -j 
SNAT --to `nvram get lan_ipaddr`
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT
TCA="tc class add dev br1" 
TFA="tc filter add dev br1" 
TQA="tc qdisc add dev br1" 
SFQ="sfq perturb 10" 
tc qdisc del dev br1 root 
tc qdisc add dev br1 root handle 1: htb 
tc class add dev br1 parent 1: classid 1:1 htb rate 1024kbit 
$TQA parent 1:1 handle 10: $SFQ 
$TFA parent 1:0 prio 2 protocol ip handle 10 fw flowid 1:1 
iptables -t mangle -A POSTROUTING -d -j
MARK --set-mark 10 
TCAU="tc class add dev imq0" 
TFAU="tc filter add dev imq0" 
TQAU="tc qdisc add dev imq0" 
insmod imq 
insmod ipt_IMQ 
ip link set imq0 up 
tc qdisc del dev imq0 root 
tc qdisc add dev imq0 root handle 1: htb 
tc class add dev imq0 parent 1: classid 1:1 htb rate 512kbit 
$TQAU parent 1:1 handle 10: $SFQ 
$TFAU parent 1:0 prio 2 protocol ip handle 10 fw flowid 1:1 
iptables -t mangle -A PREROUTING -s -j
MARK --set-mark 10

With the above rules we're doing the following:
  • Allowing the WLAN subnet to access internet.
  • Allowing the WLAN subnet to access to DNS and DHCP servers.
  • Limiting WLAN bandwidth to 1024kbit/512kbit download/upload speed.
Take note that in the example above, the bridge with the WLAN interface is named br1 and the bridge with the rest of internaces is br0, also the WLAN subnet is

Mar 26, 2013

Wake from USB

Trying to suspend and wake up your system again can be a little painfull with newest kernel under Linux. Thats mainly because ACPI directory under /proc is deprecated and changes made to /sys are cleared with a reboot. With this in mind, we're gonna see how can we set up an USB device to wake the PC from suspend and how to make that change so it won't be cleared on reboot or shutdown.

If you're using kernel 3+ its better if you compile the deprecated /proc/acpi into the kernel, to make things easier:

Power management and ACPI options  --->
  [*] Power Management support
    [*] ACPI (Advanced Configuration and Power Interface) Support  --->
      [*] Deprecated /proc/acpi files

Enabling a device to wake up the system
To enable a device to wake up the system, you need to set the device in both /proc/acpi/wakeup and /sys/bus/usb/devices/[usb_num]/power/wakeup. You can get the usb_num of your device by either testing one by one or by lsusb. Take note that if you swap your device or connect it to another USB port on your computer, you need to change here the number as well.

ZOTAC ~ # cat /proc/acpi/wakeup

Device  S-state   Status   Sysfs node
P0P8      S3    *disabled  pci:0000:00:1e.0
USB0      S3    *enabled   pci:0000:00:1d.0
USB1      S3    *enabled   pci:0000:00:1d.1
USB3      S3    *enabled   pci:0000:00:1d.3
echo enabled > /sys/bus/usb/devices/usb3/power/wakeup

Making the setting persistent
To make the settings persistent you can do two things: Use a local.d script or create a initscript. Since the script will be just one line, I've decided to go with the local.d option. The idea is to just set the enable flag in the device so it will be always enabled


echo enabled > /sys/bus/usb/devices/usb3/power/wakeup

Jan 31, 2013

How to deodex

Whats an odex file?
Android packages or apks contain certain .odex files, whose supposed function is to save space. These files are collections of parts of an application that are optimized before booting. These files are actually collections of parts of an application that are optimized before booting. Doing so speeds up the boot process, as it preloads part of an application. On the other hand, it also makes hacking those applications difficult because a part of the coding has already been extracted to another location before execution.

What are the benefits of deodexing?
The main benefit is to be able to modify any apk. This could be from editing and entire apk from scratch to apply themes or other patches.

What are the disadvantages?
In theory you shouldn't experience any big disadvantage. The main thing you could experience is that the phone will take a little more to boot on the first boot, as the dalvik cache gets populated. Once populated, the rest of the boots should take less time until you wipe your dalvik cache.

What do we need

  • Java (JRE)
  • Android SDK
  • smali/baksmali jars from GoogleCode
  • any zip program

How to deodex

  1. Get the framework and apps you want to deodex from your phone or update zip.
  2. Use baksmali to disassemble and deodex the app or framework.
    java -Xmx1024 -jar baksmali.jar -a <api_level>
    -d <framework_dir> -x <odex_file>
    You can check valid api_levels in wikipedia.
  3. Use smali to assemble them back in a single file (classes.dex).
    java -Xmx1024 -jar smali.jar out -o classes.dex
  4. Use the zip program to open the app or framework and add the result file of point 3.
Once we have the app or framework file deodexed, we can delete the old .odex files.

Jan 14, 2013

Stock ROMs and bloatware

Updating your Android device and having the latest stable version is always a good thing to do and its really recommended when you upgrade versions (4.0.4 to 4.1 for example). The only downside is that some stock ROMs bring a preinstaller apk that will not only install some random junk (depending on the country of origin of the ROM), it will also install it in /system so you can't uninstall it.

This might seem a downside when updating our Android device, but knowing how to create our own update packages, when can create a script that will delete the apk before it installs all the bloatware. With some little tools, we could be able to know what's packaged inside the ROM and create our script to clean all the bloatware we want. The tricky part is that once the stock ROM is flashed, we need to restart the phone in recovery mode before it restarts in normal mode. If the phone restarts normally, it will execute the preinstaller apk.

In Samsung Galaxy's case, we can extract the stock ROM file and open it via DiskInternals to see what apks are present and know the names of the ones we want to delete. Just remember to delete PreloadInstaller.apk and PreloadInstaller.odex

Jan 12, 2013

Signing Android aplications

If we want to be able to create our own ROM packages or updates as a flashable zip via custom recovery, we need to be able to sign them, so the recovery will install them without problems. There are several scripts that will let you sign your packages, but here you will learn to create your own signature so you can use it for signing your packages.

As the basic requirement, we need to have a JDK installation with keytool and jarsigner binaries. If we have them in our PATH we won't need to reference them with their full path. If you don't have the binaries in your path don't worry, you will just need to provide the full path to the binary, for example: "C:\Program Files\JDK\bin\keytool"

Creating our own signature
We will be creating a keystore file that will have our signature saved, so we can use it afterwards to sign our packages. To create a keystore, we use the following command:
keytool -genkey -v -keystore file.keystore -alias key_alias
-keyalg RSA -keysize 2048 -validity 10000
This command will create us a keystore named file.keystore with the alias key_alias that will last 10000 days. Once we hit enter, it will ask for the details of the keystore. You can complete it with the default values or just add yours.

Signing things!
Once we've got our keystore file, we can use it to either sign applications (.apk) or packages (.zip).

  • Signing applications:
    jarsigner -verbose -keystore file.keystore
    example_app.apk key_alias
  • Signing packages:
    jarsigner -verbose -keystore file.keystore
    -signedjar key_alias
Once signed, we can verify the signature with the following command:
jarsigner -verify [ example_app.apk | ]
Now we're able to either modify applications and then sign them back or create our custom packages or ROMs and then install them from recovery without signature problems.