setup ethernet connection on startup

[littlewhywhat]

use information from these links:
https://itsfoss.com/how-to-find-what-devices-are-connected-to-network-in-ubuntu/
https://raspberrypi.stackexchange.com/questions/43560/raspberry-pi-3-eth0-wrongfully-named-enx
android-rpi/device_brcm_rpi3#71
https://raspberrypi.stackexchange.com/questions/57464/ssh-connection-refused-via-ethernet-cable
https://serverfault.com/questions/475717/iptables-block-incoming-on-eth1-and-allow-all-from-eth0
https://serverfault.com/questions/244767/enable-iptables-on-one-interface

list commands to run on host and on remote, find a way to run them at startup - for example, put in init.rc

[littlewhywhat]

I ran on remote (ubuntu 14.04) the following (to revert if necessary)

echo 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth0", NAME="eth0"' > /etc/udev/rules.d/70-persistent-net.rules
sudo ip link set eth0 up
sudo ip route add default via 192.168.1.1 dev eth0
sudo ip addr add 192.168.1.11/24 dev eth0

while on host (raspberry pi):

sudo ip link set eth0 up
sudo ip route add default via 192.168.1.1 dev eth0
sudo ip addr add 192.168.1.10/24 dev eth0
# and something like that with iptables to accept input on eth0
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# probably
iptables -A INPUT -i eth0 -p all -j ACCEPT

[littlewhywhat]

I have no idea how these commands work... try ifconfig to understand a bit

[littlewhywhat]

using cheatsheet of RedHat for ip https://access.redhat.com/sites/default/files/attachments/rh_ip_command_cheatsheet_1214_jcs_print.pdf

command ip addr on adb shell through wifi:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1
    link/sit 0.0.0.0 brd 0.0.0.0
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether b8:27:eb:e4:d6:6b brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.17/24 brd 192.168.0.255 scope global wlan0
       valid_lft forever preferred_lft forever
    inet6 fe80::ba27:ebff:fee4:d66b/64 scope link 
       valid_lft forever preferred_lft forever
4: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether b8:27:eb:b1:83:3e brd ff:ff:ff:ff:ff:ff

So DOWN and NO-CARRIER... what is NO-CARRIER?

[littlewhywhat]

no info for NO-CARRIER so far

Trying to use:

ip link set eth0 up

[littlewhywhat]

trying this https://askubuntu.com/a/116680/347374

[littlewhywhat]

ip route shows linkdown

on rpi

10.0.0.0/24 dev eth0  proto kernel  scope link  src 10.0.0.10 linkdown 

on ubuntu

10.0.0.0/24 dev enx00133b9cb36a  proto kernel  scope link  src 10.0.0.20 linkdown

[littlewhywhat]

what is this https://unix.stackexchange.com/questions/398810/default-route-with-linkdown?

[littlewhywhat]

'$route' for ubuntu:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.0.1     0.0.0.0         UG    600    0        0 wlp2s0
10.0.0.0        *               255.255.255.0   U     0      0        0 enx00133b9cb36a
link-local      *               255.255.0.0     U     1000   0        0 wlp2s0
192.168.0.0     *               255.255.255.0   U     600    0        0 wlp2s0

and for rpi

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        *               255.255.255.0   U     0      0        0 eth0
192.168.0.0     *               255.255.255.0   U     0      0        0 wlan0

[littlewhywhat]

it works through the router by assigning ip address to Raspberry PI and router ip as getaway.

[littlewhywhat]

but after reboot it issues error no route to host

[littlewhywhat]

https://www.linuxquestions.org/questions/linux-networking-3/setting-up-a-direct-lan-between-2-pcs-358657/
after applying this without route command I get empty ping

[littlewhywhat]

I tried after to clean iptables with https://serverfault.com/questions/200635/best-way-to-clear-all-iptables-rules. doesn't work.

# flush all chains
iptables -F
iptables -t nat -F
iptables -t mangle -F
# delete all chains
iptables -X

[littlewhywhat]

etc/init contains all rc files... that is interesting

[littlewhywhat]

nmap -v -Pn 10.0.0.1

Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-20 23:13 CEST
Initiating Parallel DNS resolution of 1 host. at 23:13
Completed Parallel DNS resolution of 1 host. at 23:13, 0.01s elapsed
Initiating Connect Scan at 23:13
Scanning 10.0.0.1 [1000 ports]
Connect Scan Timing: About 15.50% done; ETC: 23:16 (0:02:49 remaining)
Connect Scan Timing: About 30.50% done; ETC: 23:16 (0:02:19 remaining)
Stats: 0:01:19 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 39.00% done; ETC: 23:16 (0:02:04 remaining)
Connect Scan Timing: About 54.50% done; ETC: 23:16 (0:01:31 remaining)
Connect Scan Timing: About 69.50% done; ETC: 23:16 (0:01:01 remaining)
Connect Scan Timing: About 84.50% done; ETC: 23:16 (0:00:31 remaining)
Completed Connect Scan at 23:16, 201.30s elapsed (1000 total ports)
Nmap scan report for 10.0.0.1
Host is up.
All 1000 scanned ports on 10.0.0.1 are filtered

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 201.34 seconds

seems like ports are filtered

[littlewhywhat]

with adb shell running through wifi:

nmap -v -Pn -p 5555 10.0.0.1

Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-20 23:26 CEST
Initiating Parallel DNS resolution of 1 host. at 23:26
Completed Parallel DNS resolution of 1 host. at 23:26, 0.03s elapsed
Initiating Connect Scan at 23:26
Scanning 10.0.0.1 [1 port]
Completed Connect Scan at 23:26, 2.00s elapsed (1 total ports)
Nmap scan report for 10.0.0.1
Host is up.
PORT     STATE    SERVICE
5555/tcp filtered freeciv

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 2.05 seconds

[littlewhywhat]

there is some problem with firewall. if i could save iptables settings somehow...

[littlewhywhat]

using this:

iptables -A OUTPUT -j ACCEPT -m comment --comment "Accept all outgoing"
iptables -A INPUT -j ACCEPT -m comment --comment "Accept all incoming"

I have this:

# iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             /* Accept all incoming */

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             /* Accept all outgoing */

[littlewhywhat]

still doesn't work - seems like iptables is not restarted and there is no script to do so with restart.

[littlewhywhat]

there is a FirewallController.cpp in system/netd/server folder. it has some methods to enable firewall

[littlewhywhat]

https://github.com/ukanth/afwall/wiki/IPtables

[littlewhywhat]

so it's somehow with netd service that i should modify somehow