Press "Enter" to skip to content

Category: Uncategorized

Product Review: USB-C Hub w/ Ethernet, USB-A, HDMI for MBP 14 2021

March 20, 2022
Leave a Comment

(This is not a sponsored post. I purchased this item on my own and have had no contact with the manufacturer/vendor at the time of writing this post.)

I just recently picked up a MacBook Pro 14 Inch (ASIN B09JQL8KP9). It replaced my older MacBook Pro 13 Inch 2020 (ASIN B08N5LH3F7) that I had some concerns about with the screen.

It’s a great laptop – bright screen, lots of power under the hood, good amount of storage space, decent amount of USB-C/Thunderbolt ports. However, it lacks some common ports I need from time to time – like gigabit ethernet and USB-A (for things like USB flash drives).

I toiled around a bit, and found this USB hub (in purple, of course, ASIN B09LCHDRP9) with halfway decent reviews. It’s made by a company I’ve not heard from, UtechSmart. They make a bunch of different USB-C style hubs, a gaming mouse, and a gaming mouse pad.

Ordered one, and it came a few days ago.

The UtechSmart 6 In 1 USB C HDMI/Ethernet Hub

So, not bad, off to a good start. It’s metal with a rubberized cord that feels nice and not flimsy. Lets see how it looks to macOS when we plug it in.

macOS 12 System Info

Of particular interest is the AX88179A device, which is the gigabit Ethernet controller. Luckily its fully supported out of the box with no extra drivers needed. It’s also fully supported under iPadOS on my iPad Pro 11inch 2020.

iPadOS 15.4 General Settings -> Ethernet Page

I’ve confirmed that the Ethernet port does work as expected. I haven’t experienced any latency or performance issues that I can see (yet).

The one final thing I needed to verify, was that it would pass USB C PD power through correctly, since it claims to be able to pass up to 100W through.

Plugged directly in, my Apple supplied 65W USB C PD charger supplies 65W:

Directly connected Apple 65W supply

But, when connected through the USB C hub:

Through the USB C hub

So, a little bit of a power drop through the USB C hub. I’m assuming this is to be expected.

All in all, it seems to be a decent device. As I use more of its features, I’ll add to this review. If you have your own experience with this device, let me know in the comments!

Understanding IN, OUT, and LOCAL in Ubiquiti EdgeRouter and Unifi Firewall ACLs

September 6, 2021
Leave a Comment

EdgeRouter and Unifi routers are built on top of Linux with Netfilter/iptables. This gives them quite a bit of flexibility compared to other routing platforms systems based on proprietary operating systems.

Understanding how rules are applied in the netfilter stack are important in building an effective firewall.

IN and OUT Target Direction

IN and OUT rules are specifically for routing and only apply to packets that are going through the router, not originating from the router.

IN is processed first, and is the direction you should be using when trying to control what packets coming in on an interface should be doing.

For example, if you want to prevent your GUEST (eth2) network on 172.16.1.0/24 from communicating with your LAN (eth1) on 192.168.1.0/24…

set firewall name GUEST-IN rule 10 action drop
set firewall name GUEST-IN rule 10 description 'Drop traffic from GUEST to LAN'
set firewall name GUEST-IN rule 10 log disable
set firewall name GUEST-IN rule 10 protocol all
set firewall name GUEST-IN rule 10 source address 172.16.1.0/24
set firewall name GUEST-IN rule 10 destination address 192.168.1.0/24
set interfaces ethernet eth2 firewall in name GUEST-IN

Basically, you want to act on packets as early on in the stack as possible.

OUT rules are handled in the same way as IN rules and handled after IN rules. Because they are both handled in the netfilter FORWARD chain, they are technically handled in the same way and mostly are separated just for the benefit of the user.

LOCAL Target Direction

LOCAL rules are specifically for controlling traffic directed at the router and have no impact on routed traffic.

For example, if you wanted to restrict access to SSH from the WAN (eth0)…

set firewall name WAN-IN rule 10 action drop
set firewall name WAN-IN rule 10 description 'Drop SSH connections from WAN'
set firewall name WAN-IN rule 10 log disable
set firewall name WAN-IN rule 10 protocol tcp
set firewall name WAN-IN rule 10 destination port 22
set interfaces ethernet eth0 firewall in name WAN-IN

LOCAL rules are applied to the netfilter INPUT chain. There is no way to add rules to the netfilter OUTPUT chain unless you directly insert them in via iptables.

‘Official’ Documents Fraud: “Records Division” dmpoptout.com, Direct Mail Processing LLC

March 18, 2020
3 Comments

Got an interesting bit of mail today, pretending to be ‘time sensitive’ ‘second notice’ ‘important documents’:

The Envelope

The from is ‘Records Division’, P.O. Box 2910, Kennesaw, GA 30156-9843.

Inside, there was a document labeled ‘T-2’ and titled ‘2020 Benefit Information For Idaho Citizens Only’.

The Insert Meant To Look Like A Tax Document

Looks an awful lot like an IRS or state tax document, right?

Of course, after all of the official looking (but fake) text, they include ‘Not affiliated with or endorsed by any government agency.’ in small letters.

There’s also a web address, dmpoptout.com.

Where To Send It To

This fake ‘tax’ document is supposed to be mailed back to Direct Mail Processing, LLC P.O. Box 100080, Kennesaw, GA 30156-9912.

A quick google of dmpoptout.com brings up some interesting background on this company. ScamPulse in particular has some interesting reports – most of them about misleading mailings targeting elderly victims.

dmpoptout.com makes dubious claims of not being involved with the scam mailings they are handling:

Their Website Claims

Protect yourself and your friends and family by making sure they can recognize these scams. As always, if you believe you have been the victim of a scam, contact your state’s consumer protection agency.

Installing The Unifi Controller On Debian Buster

January 28, 2020
Leave a Comment

IHere’s what you need to do to run the Unifi Controller on Debian Buster:

Add the following to /etc/apt/sources.list:

deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/3.4 main

Do:

wget -qO - https://www.mongodb.org/static/pgp/server-3.4.asc | apt-key add -

(thx u/theinvisibleman_ for the key update info on his post here)

Grab:

http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb
http://security.debian.org/debian-security/pool/updates/main/o/openjdk-8/openjdk-8-jre-headless_8u232-b09-1~deb9u1_amd64.deb

Do:

 dpkg -i <package deb file>

To install both of those packages. Then:

 apt-get update

And install the mongodb packages:

 apt-get install mongodb-org-server mongodb-org-tools mongodb-org-shell

This should give you all you need to install the controller deb.

If I missed any depends, let me know as I threw this together after the fact and may have forgotten something.

IODD 2531 – The Better Way To Do USB Boot Media

January 26, 2020
Leave a Comment

I’ve had one of the IODD USB storage devices for a while – specifically the IODD 2531.

It’s a great little device – an external USB enclosure with a display that allows you to select ISO images to ‘insert’ into a virtual USB CD-ROM drive. It can also emulate a USB Floppy Disk drive.

Since it doesn’t come with a hard drive included, you can put your own 2.5in SATA drive in. I used an old 120GB SSD which makes for extremely fast installs of Windows, Linux, etc.