Yealink vs. Entega MediaNet

Posted on Feb 12, 2022 in Misc

My impression is that in Germany the standard router brand is FritzBox! These routers have also analogue phone sockets, so analogue phones can still be used even if Deutsche Telecom upgraded all lines to IP phone (SIP). I wanted to use my own router, which has no analogue phone connectors. So we bought an IP phone: the Yealink T41. It took some time to make it work, e.g. in the first step I set up SIP client on the PC, to see if, what and how it works, and then tried to set up the same on the phone.

But it works now, so here are the settings for future reference.

Account settings:

  • Label: the local phone number (without prefix)
  • Display Name: empty
  • Register Name: full phone number starting with the land prefix: 49606…
  • Username: the same as the Register Name
  • Password: the one provided by Entega MediaNet
  • Server Host: voip.entega-medianet.de Port: 5060
  • Transport: UDP

Network settings:

  • To be on the safe side IPv4 only
  • DHCP
  • NAT: everything is disabled (Manual NAT, ICE, STUN, TURN)

However, as it is a private network behind the router, on the router I also had to change a setting:

  • SIP ALG (application level gateway): enabled
Read More

Debian update – continued

Posted on Jan 24, 2022 in Linux

Since I was already updating the server, I though I’d install munin as well. I have used munin 20 years ago at the dormitory and I realized, why I liked it. 🙂 Anyway, while I was installing, and checking, I saw that apache started to max out the CPU. After experimenting with it for a while, it turned out that somehow it is related to HTTPs and mod_gnutls. It turned out that I was not the only one with this problem:

Debian Bug report logs – #942737
libapache2-mod-gnutls: mod_gnutls consumes 100% cpu

So one more thing in the server maintenance backlog…

Read More

Debian update

Posted on Jan 23, 2022 in Linux

Finally I found some time to update the vanyi.org server. The first step: move from Debian Stretch, before the support expires in June 2022 to Buster. The update was quite uneventful:
# apt-get update
# apt-get dist-upgrade
I’m still checking, but it looks like only 3 things needed manual update in configuration:

  • dovecot (IMAP server)
  • apache
  • ejabberd

Dovecot replaced ssl_parameters with ssl_dh. To fix the configuration I just followed this page. Actually quite simple. First create a dh.pem (can take several minutes, which was at least half an hour in my case);
# openssl dhparam -out /etc/dovecot/dh.pem 4096
Then you need to update /etc/dovecot/dovecot.conf:
ssl_dh=</etc/dovecot/dh.pem
After a restart dovecot works again.

For apache it is even easier, as it is documented on this page. Just enable the socache_dbm module:
# a2enmod socache_dbm

For ejabberd I have not had the time yet.

Read More

Non-functioning drivers after BIOS update

Posted on Jul 6, 2021 in Linux

It looks like that the BIOS update on the HP 250 G7 removes the Machine Owner Key (MOK), so it has to be added again, as described here: https://wiki.debian.org/SecureBoot. Otherwise the custom drivers (like the 8821ce) will not be loaded, if SecureBoot is on.

Fixing it is actually only one step:
# mokutil --import MOK.der

Read More

Running Viber on Debian 10

Posted on May 1, 2020 in Misc

Usually I work, browse, email on a PC and not on a smartphone. However I use viber and I had it only on the phone. As there is a PC version, I thought I give it a try. On the download page there is of course the windows version, but there are also two packages for linux: one .deb for Ubuntu and .rpm for Fedora. I tried to install the .deb, but it has some dependencies on an older libssl. So what I did, I just unpacked it with
dpkg -x viber.deb out/
and then manually moved to /opt. When trying to start I got some error message that I could not interpret, but using strace to figure out, what was going on, I saw that some libraries were missing. Installing them solved the issue:
apt-get install libxcb-icccm4 libxcb-image0 libxcb-keysyms1 libxcb-randr0 libxcb-render-util0 libxcb-xkb1 libxkbcommon-x11-0
Now it runs, and seems to be working.

Read More

Debian Linux on a HP 250 G7

Posted on Apr 25, 2020 in Linux

After several years the time has come to replace our aging Thinkpad Edge330. Our choice was a HP 250 G7 with Core i7, 512GB SSD and 16GB RAM. Regarding the OS, there was no question: Debian. At the time of installing it was Debian 10 (“buster”). Below some points regarding the installation:

  1. Installation worked out of the box, even with SecucreBoot enabled, no problems with the netinst image, with two exceptions:
    • Wireless LAN is not working (Realtek RTL8821CE)
    • Brightness control keys are not working
  2. There is a solution for the wireless driver, works as described on several forums:
    • install the tools:
      apt-get install git dkms build-essential
    • get the source:
      git clone https://github.com/tomaspinho/rtl8821ce
    • build the kernel module:
      cd rtl8821ce
      chmod +x dkms-install.sh
      chmod +x dkms-remove.sh
      ./dkms-install.sh
  3. To keep using SecureBoot the driver must be signed as described on https://wiki.debian.org/SecureBoot. Otherwise you get the following error message:
    Apr 24 22:58:55 hp250 kernel: [ 3762.662396] Lockdown: Loading of unsigned modules is restricted; see https://wiki.debian.org/SecureBoot
    You can disable SecureBoot so it will work with the following warning in the kernel log:
    Apr 25 13:22:40 hp250 kernel: [ 3.402154] 8821ce: loading out-of-tree module taints kernel.
    Apr 25 13:22:40 hp250 kernel: [ 3.402917] 8821ce: module verification failed: signature and/or required key missing - tainting kernel

    I suggest to sign the driver, it can be done quickly based on the instructions in the Debian Wiki.
  4. Brightness control works via power settings, or via the battery icon, for the keys I’m looking for a solution. In the kernel log I see these error messages:

Some further notes:
$lspci
00:00.0 Host bridge: Intel Corporation Device 3e34 (rev 0c)
00:02.0 VGA compatible controller: Intel Corporation UHD Graphics 620 (Whiskey Lake) (rev 02)
00:04.0 Signal processing controller: Intel Corporation Skylake Processor Thermal Subsystem (rev 0c)
00:08.0 System peripheral: Intel Corporation Skylake Gaussian Mixture Model
00:12.0 Signal processing controller: Intel Corporation Cannon Point-LP Thermal Controller (rev 30)
00:14.0 USB controller: Intel Corporation Cannon Point-LP USB 3.1 xHCI Controller (rev 30)
00:14.2 RAM memory: Intel Corporation Cannon Point-LP Shared SRAM (rev 30)
00:16.0 Communication controller: Intel Corporation Cannon Point-LP MEI Controller (rev 30)
00:17.0 RAID bus controller: Intel Corporation 82801 Mobile SATA Controller [RAID mode] (rev 30)
00:1d.0 PCI bridge: Intel Corporation Cannon Point-LP PCI Express Root Port (rev f0)
00:1d.1 PCI bridge: Intel Corporation Device 9db1 (rev f0)
00:1d.4 PCI bridge: Intel Corporation Device 9db4 (rev f0)
00:1f.0 ISA bridge: Intel Corporation Cannon Point-LP LPC Controller (rev 30)
00:1f.3 Audio device: Intel Corporation Cannon Point-LP High Definition Audio Controller (rev 30)
00:1f.4 SMBus: Intel Corporation Cannon Point-LP SMBus Controller (rev 30)
00:1f.5 Serial bus controller [0c80]: Intel Corporation Cannon Point-LP SPI Controller (rev 30)
01:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)
02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE 802.11ac PCIe Wireless Network Adapter
03:00.0 Non-Volatile memory controller: Sandisk Corp WD Black 2018/PC SN520 NVMe SSD (rev 01)

Read More