Everyone seems to be losing their minds over the Windows XP Professional Key

algorithm being cracked.

But of course, how does that help me?

Unironically, I had purchased this for a whopping £4.68

No, really here’s the receipt. What a bargain!

Of course this is a legit copy with a legit key. But the online activation servers are all gone, and it looks like I’d have to call someone asking about my 22 year old copy of Windows, that I’ll load up and quickly forget.

Since I’m going to use QEMU, 0.90 with pcap support I thought I’d share the startup options:

set loopback=\Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473}
set vmnet1=\Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323}
qemu -m 512 -L pc-bios ^
-hda xphome.vmdk ^
-soundhw es1370 ^
-net nic,model=pcnet,macaddr=52:24:00:33:00:01 ^
-net pcap,devicename=%loopback% ^
%1 %2 %3 %4 %5 %6

I had high hopes for this thing. Clearly misplaced ambitions.

First up, it’s an upgrade version. So that means instead of installing XP I had to waste my time installing NT Workstation 3.51, then installing XP. Yuck. And of course it just want small FAT disks of the 2/4 gigabyte boundary type as it’s 1994. Not the bright future of 2002’s Windows XP.

I don’t know why Qemu 0.90 has issues with XP detecting the CD-ROM drive, but yeah that sucked. I wanted to load up some more insane SNA experiments, but there is no DLC / 802.2 driver for XP Home. wow.

At least once it’s satisfied, we can format the disk as one big happy partition, and we can get on with our lives.

Installation is rather uneventful, however we are instantly reminded that we have only 30 days to go. Since we have that nasty CD-ROM issue that means shutting down, and booting back up, but with this fun program on an ISO image, xp_activate.

I did try to make a call, to activate my Windows, but the connection was terrible and I’m not even sure if these numbers were right. No I mean I know they didn’t work.

So I did what all legit users end up doing, using the crack for my 21 year old copy of Windows.

And just a few clicks later, it was done.

Windows XP Home is activated.

I don’t know if it’s even really going to last, I didn’t try anything else, actually I already deleted it. And the XP folio is back on the bookshelf.

Not only is there no DLC, did you know you can’t uninstall TCP/IP? At least you can unbind it from your NIC. While it does have IPX/SPX there is no built in Netware client. When they said HOME they meant it!

Ghosts in the mainframe!

There is a LOT going on in this image, and I’ll try to explain it, but yeah “it’s complicated”.

SNA networking & Hercules has always been a goal for a lot of people, including me as we always wanted to setup some SNA server of some kind. Especially on RISC platforms, as there is only so much fun on SQL server.

Okay I know the practical among you will say, doesn’t it support telnet 3270? Isn’t that good enough? Yes for day to day mundane stuff, absolutely. But I’m not all that interested in that, I wan’t to have the whole ancient network, and I wan’t it self contained and on my desk! Or on a laptop, as I see fit.

What started this whole adventure was a simple image from 9track.net, showing that being able to connect physical devices to Hercules was indeed possible!

Image from https://www.9track.net/hercules/dlsw/

This is a physical IBM 3178 & 3179 terminals talking to TK4- , a MVS3.8j pre-configured system!

The magic that makes this all possible, is a cisco router, running enterprise IOS, with dlsw support.

My setup is going to be inspired by this setup, but not exactly 100% But this is what I’m going to use on Windows 10

  • Dynamips for the cisco router, running JS-M 12.2(25)S8
  • Qemu 0.90 with PCAP running Windows NT 3.51 Server along with SNA Server 2.1
  • Qemu 0.90 running Windows 3.1 and XVision
  • VMware Player
  • WireShark
  • Microsoft Loopback adapter
  • WSLv1

I had originally wanted to run the NT server on VMware but for some reason it just hangs trying to initialise the NT kernel. I didn’t bother trying to troubleshoot it, I just jumped to Qemu. Even service pack 5 didn’t help. VMware left me with the virtual network that will NAT if needed, and of course let me telnet to the Dynamips program. The SNA traffic is isolated to the MS Loopback adapter, which will let pcap programs talk to each other.

The first thing I did was run ‘hdwwiz’ on Windows 10, and added in the KM-TEST loopback adapter

We know what we want, so go to the manuall selection

Network adapters

And select the KM-TEST Loopback Adapter

Next I changed the protocols available on the loopback, as I don’t want my Windows 10 host interfering with the SNA network at all.

So the next thing to do is to get your network GUID’s. ethlist.exe from the Dynamips download will get you that:

C:\dynamips>ethlist.exe
Network devices:
  Number       NAME                                     (Description)
  0  \Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473} (loopback)
  1  \Device\NPF_{D9FBD118-B9DF-4C3C-BD9E-07A0E34D8F75} (Local Area Connection* 8)
  2  \Device\NPF_{F5057901-6A30-413A-80E4-4765DA794B7C} (Local Area Connection* 7)
  3  \Device\NPF_{E3D3EC8D-29C3-4B70-B01C-600D3F9ED1D6} (Local Area Connection* 6)
  4  \Device\NPF_{82EEDBC1-899D-416F-BD51-3DBE2287257F} (VMware Network Adapter VMnet8)
  5  \Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323} (VMware Network Adapter VMnet1)
  6  \Device\NPF_{DDF1FA94-7488-414F-A41A-EC88C1FB0DE4} (Ethernet)
  7  \Device\NPF_{E7CA8F40-4639-410D-B5CA-F402FE69AF5D} (Ethernet 2)

I want the cisco router to have two interfaces, one with TCP/IP for me to be able to telnet into it (maybe other management as well?!) and the other one for the SNA traffic.

Setting up Dynamips

As mentioned above I’m going to use the VMnet1 for TCP/IP to the router, and the loopback adapter for SNA traffic. To try to make things a little easier to read I setup a small batch file that let’s me plug in variables to Dynamips:

set loopback=\Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473}
set vmnet1=\Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323}
set IOS=c7200-js-mz.122-25.S8.bin
set NPE=npe-200
..\dynamips.exe -P 7200 %IOS%  ^
-t %NPE%  ^
-p 0:C7200-IO-FE ^
-s0:0:gen_eth:%vmnet1% ^
-p 1:PA-4E  ^
-s1:0:gen_eth:%loopback% ^
-p2:PA-4T+

The caret symbol will break up lines on NT, much like the ampersand will on Unix. And this let’s me use clear variables for the networks, IOS & NPE type so it’s nowhere near as complicated to edit.

This will create a cisco 7200 with an NPE-200, with the following cards:

The next thing is what ip address is bound to VMnet1? This is mine:

Ethernet adapter VMware Network Adapter VMnet1:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::c3d2:c891:b7e0:6797%5
   IPv4 Address. . . . . . . . . . . : 192.168.199.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :

So all my TCP/IP in this example will be using 192.168.199.0/24

As mentioned on the 9track page, all the magic happens on the cisco router. I’ve made a few changes as I may want to try the SDLC in the future to perhaps some other experiment if I can find an emulator that’ll drive it over serial, but for now let’s just get to the config:

!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname dlsw
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
ip subnet-zero
!
!
no ip domain-lookup
!
ip cef
no mpls traffic-eng auto-bw timers frequency 0
call rsvp-sync
!
!
!
!
!
!
!
source-bridge ring-group 1
dlsw local-peer peer-id 192.168.199.10
dlsw remote-peer 0 tcp 192.168.199.1
dlsw mac-addr 4000.1020.0100 remote-peer ip-address 192.168.199.1
dlsw udp-disable
dlsw transparent switch-support
!
interface FastEthernet0/0
 ip address 192.168.199.10 255.255.255.0
 duplex half
 no clns route-cache
!
interface Ethernet1/0
 no ip address
 duplex half
 no clns route-cache
 dlsw transparent redundancy-enable 5555.5555.5000
 dlsw transparent map local-mac 4000.1020.0100  remote-mac 4000.0999.0100
!
interface Ethernet1/1
 no ip address
 shutdown
 duplex half
 no clns route-cache
!
interface Ethernet1/2
 no ip address
 shutdown
 duplex half
 no clns route-cache
!
interface Ethernet1/3
 no ip address
 shutdown
 duplex half
 no clns route-cache
!
interface Serial2/0
 no ip address
 encapsulation sdlc
 no keepalive
 serial restart-delay 0
 clockrate 64000
 no clns route-cache
 sdlc role primary
 sdlc vmac 4000.0999.0100
 sdlc address C1
 sdlc xid C1 01700019
 sdlc partner 4000.1020.1000 C1
 sdlc dlsw C1
!
interface Serial2/1
 no ip address
 shutdown
 serial restart-delay 0
 no clns route-cache
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
 no clns route-cache
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
 no clns route-cache
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 session-timeout 35791
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 password cisco
 login
!
!
end

This sets up the router so I can telnet to it from my desktop at 192.168.199.10, and allows it to talk to the base Windows machine on 192.168.199.1

All the magical MAC addresses come from 9track.net, as he wrote the dlsw hooks, so I just copied that. There is probably a great deal that could be cleaned up, but once I saw the two talking I kind of froze what I was doing.

With that much in place I then jumped to WSL,and built the emulator from github. I cloned it, and renamed that to herc-dlsw. At least for me this was pretty straightforward. The Hercules fork will build with Visual Studio as well, but I knew I was going to need some kind of tn3270 emulator, and I wanted to use x3270, and I had just recently bought this discounted copy of XVision, so of course I wanted to use that.

Despite this catastrophic defect that wasn’t disclosed in the auction.

I downloaded and extracted the TK4- latest distro on WSL. I just created a ‘herc’ directory in my home to house the tk4- release. The next thing to do is overlay your dlsw enabled exe’s and libraries.

cd ~/herc-dlsw/.libs
mkdir x
cp * x
cd x
rm *.o *.lai
cp *.so $HOME/herc/hercules/linux/64/lib/hercules
cp *.la $HOME/herc/hercules/linux/64/lib/hercules
rm *.so *.la
cp * $HOME/herc/hercules/linux/64

Now with the binaries in place, I do need to setup the Xvision VM so I can receive the X11. Of course there is so many other ways to do this, but this is mine:

qemu.exe -L pc-bios -m 64 -hda xvision.vmdk -net nic,model=ne2k_isa -net user -redir tcp:6000::6000

The important thing is that tcp port 6000 is redirected inwards, and that I’m using the NE2000 card, which on my weird fork will print out the hardware config, so I know how to find the nic.

added SLIRP
adding a [GenuineIntelC♣] family 5 model 4 stepping 3 CPU
added 64 megabytes of RAM
trying to load video rom pc-bios/vgabios-cirrus.bin
added parallel port 0x378 7
added NE2000(isa) 0x320 10
pci_piix3_ide_init PIIX3 IDE
ide_init2 [0] s->cylinders 203 s->heads 16 s->sectors 63
ide_init2 [1] s->cylinders 0 s->heads 0 s->sectors 0
ide_init2 [0] s->cylinders 2 s->heads 16 s->sectors 63
ide_init2 [1] s->cylinders 0 s->heads 0 s->sectors 0
added PS/2 keyboard
ps2.c added PS/2 mouse handler
added Floppy Controller 0x3f0 irq 6 dma 2
installing PS/2 mouse in CMOS
  Bus  0, device   0, function 0:
    Host bridge: PCI device 8086:1237
  Bus  0, device   1, function 0:
    ISA bridge: PCI device 8086:7000
  Bus  0, device   1, function 1:
    IDE controller: PCI device 8086:7010
      BAR4: I/O at 0xffffffff [0x000e].
  Bus  0, device   1, function 3:
    Class 0680: PCI device 8086:7113
      IRQ 0.
  Bus  0, device   2, function 0:
    VGA controller: PCI device 1013:00b8
      BAR0: 32 bit memory at 0xffffffff [0x01fffffe].
      BAR1: 32 bit memory at 0xffffffff [0x00000ffe].

And in this case it’s 0x320 IRQ 10. XVision being it’s own level of disappointment, I’ll have to cover it further, and later but suffice to say it at least catches the x3270 so I can get onto the console.

Setting up Hercules

Editing conf/tk4-_default.cnf is pretty easy as it’s on Linux and you can use VI.

# NCP VTAM
#
0660 3705 lport=${N660PORT:=37051} locncpnm=N07 rmtncpnm=N08 …
          unitsz=252 ackspeed=1000
0661 3705 lport=${N661PORT:=37052} locncpnm=N10 rmtncpnm=N11 …
          idblk=017 idnum=00018 locsuba=10 rmtsuba=11 unitsz=252 …
          ackspeed=1000
0662 3705 lport=${N662PORT:=37053} debug=yes dlsw=yes locncpnm=N12 …
          rmtncpnm=N13 idblk=017 idnum=00019 locsuba=12 rmtsuba=13 …
          unitsz=252 ackspeed=1000
0663 3705 lport=${N663PORT:=37054} locncpnm=N14 rmtncpnm=N15 idblk=017 …
          idnum=0001a locsuba=14 rmtsuba=15 unitsz=252 ackspeed=1000

And it’s simple, just assign the dlsw to the 0662 3705 controller.

The real fun is in the VTAM configuration. Which had been stumping me for well over a year. But then I found this Bradrico Rigg article aptly titled : Run your own mainframe using Hercules mainframe emulator and MVS 3.8j tk4, and it gave me the confidence to get this DONE. Thanks Bradrico!

First get MVS up and running. You have to run the ‘console_mode’ script to see what is going on.

cd herc/unattended
./set_console_mode
cd ..
./mvs

It’s not all that difficult XVision is using SLiRP, so it’s listening on all my IP addresses so I just do a simple

export DISPLAY=192.168.1.72:0
nohup x3270 &

And the emulator will pop up in Qemu. Just connect to localhost:3270 and you’ll be greeted by the login pannel:

Credentials are HERC01 / CUL8TR

I would HIGHLY recommend following the tutorial to get used to submitting a simple COBOL program. It walks through the key concepts of locating a file, and viewing it on MVS. Something that up until yesterday was out of my league.

We need to edit the file S3705 on SYS1.VTAMLST

Basically it’s 1,3,4 from the main pannel:

or RFE, Utilities, DSLIST

Type in the Volume name, then tab over to the left of the volume and put in V to view

Now we will get a list of all the files. We want to edit S3705, so you can tab/arrow down, but sure to put an `E’ next to it, then hit enter so we can edit the file

F7/F8 will page down/page up as needed. As mentioned we are interested in Subarea 13, PU type 2.

The line we are changing is the MAXDATA or MTU size for this unit. Since we are doing dlsw, or an emulated serial link, we need to knock it down to 256. Notice all the plus signs on the right hand? THOSE ARE IMPORTANT! Not only do they need to exist, but they also have to be on the far right.

For those wondering the MTU sizes on the client side by media type are as follows: And notice that the host size is different, as this takes in account of packet headers.

Making sure to overtype the 3780, to a 256, and ensuring the + sign hasn’t moved you can hit enter, cursor to the top and type in SAVE.

We can then edit the N13 file, changing line 35 to have MAXLU=3

Hopefully this clears up editing VTAM files.

As mentioned the easiest way to regen the system is to delete the old object files. So hit f3 a few times and get back to the dataset list

This time we want the VTAMOBJ set. Go and ‘V’iew it like last time and we will get the list of files:

Now we are going to put a ‘d’ next to N13 and S3705. This will flag them for deletion. Hit enter!

The files are now gone! On the next boot they will be rebuilt.

I just hit F3 a bunch of times and it’ll drop to some TSO shell

From here you can shutdown the system. It’ll take a few minutes, but you can start it up again just the same way you brought it up. Remember to attach your console.

Setting up SNA Server

Just like Dynamips, I setup a batch file, as the default one is just far too long to read:

@echo you need to figure out your nic name..
@echo something like
@echo \Device\NPF_{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
set loopback=\Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473}
set vmnet1=\Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323}
qemu -m 64 -L pc-bios ^
-hda SBS15.vmdk ^
-soundhw sb16,adlib ^
-net nic,model=pcnet,macaddr=52:24:00:22:00:01 ^
-net pcap,devicename=%loopback% ^
%1 %2 %3 %4 %5 %6

This will setup a small machine with 64MB of ram, a single AMD PCNet adapter on the loopback interface. I installed Windows NT 3.51 from the Small Business Server 1.5 setup. I don’t know why VMware + NT 3.51 didn’t get along, maybe it’s my Erying, Or maybe it just plain doesn’t work, I’m not sure, and far too impatient to troubleshoot it.

It’s very important that you do add the DLC Protocol during setup. It’s in the ‘Add Software’ part. I kept my NT very simple with only NetBEUI and DLC protocols. At the moment I’m not that interested in actually networking the NT, and if I was, I would add a second NIC, just like what I did for Dynamips.

Setting up NT isn’t that interesting, but SNA server is. I did use the 2.11 on the Back Office CD, but for completeness sake of testing I tried the oldest one I could find, and 2.1 beta from June, Build 2.1.0.216.

I left the network name & control point name blank as I just want terminal, I’m not even going to think that LU6.2 applications on such an ancient version of MVS was even possible.

This is pretty much default, the Link service basically sets itself up as we only have the one NIC.

Take note of the remote network address. 400010200100 which came from above the address we directly point to the dlsw. Also it’s form the 9track blog.

Insert a 3270 LU for us to try to talk to Hercules.

I’m pretty sure it was hard coded to be a model 2.

I turned off the ability for the model to be overwitten.

Create a pool, I called it swimming, because of ‘reasons’. I made it a type 2 pool and added the terminal to it.

Next I added the EVERYONE user, and gave them access to the SWIMMING pool

Finally we are ready to save the config, and do the hand holding and start up. If the stars aligned you will see them go ACTIVE/ACTIVE and the terminal will go Available.

Sadly the terminal won’t go live, it’s stuck in SSCP.

And this is as far as I can go. I have to think that with either something far older protocol wise for the PC, such as IBM Personal Communications/3270 for Windows V2.0 (v4 didnt work either), or a far newer Mainframe software version would support whatever it is SNA server wants to give us the crazy dream of running SNA self contained.

Running Wireshark on the loopback network I see this message:

UNSUPPORTED FUNCTION

Sadly this is as far as I can take you. I do want to give a special thanks to Vinatron & blackbit for trying to troubleshoot this with me. Best we can figure is that TK4- is just too old.

Troubleshooting

From the cisco router try dlsw commands like this:

dlsw>sho dlsw circuits
Index           local addr(lsap)    remote addr(dsap)  state          uptime
2281701660      4a24.0044.0080(04)  0200.9099.8000(04) CONNECTED      00:02:23
Total number of circuits connected: 1

This does show the connection. Notice that ‘show bridge’ will show nothing in this config.

Be sure to check peers as well:

dlsw>show dlsw peers
Peers:                state     pkts_rx   pkts_tx  type  drops ckts TCP   uptime
 TCP 192.168.199.1   CONNECT         10        13  conf      0    1   0 00:05:07
Total number of connected peers: 1
Total number of connections:     1

Make sure your interfaces are ‘up/up’ and passing traffic

FastEthernet0/0 is up, line protocol is up
  Hardware is DEC21140, address is ca00.48f4.0000 (bia ca00.48f4.0000)
  Internet address is 192.168.199.10/24
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Half-duplex, 100Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 1000 bits/sec, 2 packets/sec
  5 minute output rate 2000 bits/sec, 2 packets/sec
     12768 packets input, 1439279 bytes
     Received 3609 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog
     0 input packets with dribble condition detected
     9999 packets output, 1037736 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
dlsw>show int eth1/0
Ethernet1/0 is up, line protocol is up
  Hardware is AmdP2, address is ca00.48f4.001c (bia ca00.48f4.001c)
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:02, output 00:00:02, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     52426 packets input, 5148287 bytes, 0 no buffer
     Received 12336 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     36383 packets output, 2465490 bytes, 0 underruns
     0 output errors, 0 collisions, 3 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
dlsw>

And of course check WireShark to see if there is any handshake:

And of course check the Hercules logs to make sure your VTAM rebuilt, look for ERROR or anything related to S3705 or N13.

Adding multiple PCnet NIC’s to a Windows NT 4.0 Terminal server under Qemu

So this is probably nothing that exciting for most people, but for me, I wanted to have a Terminal Server onto a DECnet network. Sure I could have probably just done one nice with tun/tap, dumped all the protocols on there, and called it even. But for some reason I wanted 2 NICs to keep the IP on one side, and DECnet on the other.

One thing I wanted was an internal bridge for DECnet only traffic, and since I just need MSRDP access, SLiRP can handle a single TCP port redirect.

The flags are as always pretty simple once you work them out:

qemu -vga std -cpu pentium -m 384 -vnc :0 -net none \
-hda nt4tse.vmdk \
-device pcnet,netdev=slback \
-device pcnet,netdev=decback \
-netdev tap,ifname=tap1,id=decback,script=/root/nt4tse-up,downscript=/root/nt4tse-down \
-netdev user,id=slback,hostfwd=tcp::3389-10.0.2.15:3389 \
-cdrom Windows\ NT\ 4\ All-In-One\ (Workstation\,\ Server\,\ Terminal\,\ Enterprise).iso

And the two network scripts starting with nt4tse-up:

#!/bin/bash
echo starting $1
ip tuntap add mode tap tap1
ifconfig tap1 up
ifconfig tap1
brctl addif decnet0 tap1
brctl show decnet0
echo done with tuntap

And the nt4tse-down:

#!/bin/bash
echo shutting down $1
ifconfig tap1 down
brctl delif decnet0 tap1
brctl show decnet0
ip tuntap del mode tap tap1
echo done shutting down $1

for completeness here is the bridge config in /etc/netplan/50-cloud-init.yaml

network:
    ethernets:
        ens3:
            addresses:
            - SOMETHING/24
            gateway4: SOMETHING
            match:
                macaddress: 00:f4:c1:56:40:7e
            nameservers:
                addresses:
                - 1.1.1.1
                - 8.8.8.8
    bridges:
      br0:
        dhcp4: no
        addresses: [192.168.23.1/24]
      decnet0:
        dhcp4: no
    version: 2

This way I have an IP bound bridge for things that talk IP, and a raw bridge, decnet0 that has my non IP decnet stuff on there. Naturally it’ll have my SIMH VAX on there:

# brctl show decnet0
bridge name     bridge id               STP enabled     interfaces
decnet0         8000.aede9f227e7b       no              tap0
                                                        tap1

Also the ability to mount directories as fake fat drives had it’s syntax change as well

 -drive file=fat:rw:win95cd

into something like this:

-drive file=fat:rw:dos,id=fat32,format=raw,if=none -device ide-hd,drive=fat32

Running the SWGEMU server on WSL

All alone

The topic had come up again about running Core3 aka the Star Wars Galaxies EMUlated server at home. It’s always been a somewhat involved setup, but with the advent of the Windows Subsystem for Linux, there exists the ability to export and import filesystems as if they were containers. With that in hand I went ahead and set one up.

I initially targeted the older WSL v1, as it supports far more hardware, and I didn’t want to leave so many behind. The added benefit of targeting v1, is that the end user can upgrade the filesystem to v2 if they so choose. The only real difference in this project between v1 & v2 is that v1 cannot run the needed MySQL instance. This isn’t a showstopper however as there exists MySQL & MariaDB native versions for Windows.

Obviously, you’ll need Windows 10 or 11 to do this. From what I can tell even the home version of Windows 10 has WSL capabilities, so this doesn’t pose any problems. Simply open the legacy control panel (Windows+R then type in ‘control’), and go to the Programs.

and then ‘Turn Windows features on or off’, scroll down and select ‘Windows Subsystem for Linux’.

Hit OK, and it’ll download what is needed from the internet.

This shouldn’t take too long, then it’ll want to reboot the computer.

Now you just have to wait for Windows to reboot.

Now you’ll need to download the filesystem. I’ve put it on archive.org for the time being right here: wslv1-SWGEMU_Ubuntu20.22 directory listing (archive.org)

At a minimum you’ll need the files:

  • swgemu-ubuntu.tar.gz
  • mariadb-10.10.2-winx64.msi

Keep in mind that the filesystem is 4.8GB. It will take some time to download. If the torrent servers are functioning I would highly recommend that.

Once it’s installed and it’s generated it’s own databases it’ll need just under 7GB of disk space. So figure that you need 15GB free for this fun experiment.

The first step is to install the database server. We will need to know the settings in order to configure the swgemu server.

You can use any MySQL, but Maria is fully GPL, and small, and more importantly doesn’t involve Oracle.

The install is pretty striaghtfoward.

GNU software requires it reproduce the license sooo here we are.

I would HIGHLY recommend use the default option of install everything.

It will ask for a root password. In this example I’m using ‘password’, of course you can use anything you want, as long as you remember it. You don’t have to allow remote machine access to the database as WSLv1 runs in the same userspace on Windows, so it’ll effectively be connecting to itself.

I use TCP port 10000 as I want the default port 3306 for another insance. Again it’s all up to you but you will have to remember what port you put it on. Ports below 1000 are highly NOT recommended as they need special permission. I left the buffer pool as default

With those options set we can let it do the install.

Now the database is installed, and we can go onto restoring the WSL image, and then configuring the core3 server

Firstly we need place to put it, On the machine I built it on it was the D: drive, but for this re-deploy on a new machine I’m using the C: drive. It’s all up to you but it MUST be a locally attached disk, no USB disks.

Simply create the target directory and run the import command something like this:

md c:\starwars
wsl --import swgemu c:\starwars Downloads\swgemu-ubuntu.tar.gz
I only have the one disk on this VM

This will take a while.

Once it’s done you can check the subsystem status:

C:\Users\Administrator>wsl --list -v
  NAME      STATE           VERSION
* swgemu    Stopped         1

You may have more than one installed, so we’ll refer to this one by it’s name ‘swgemu’.

You can start the instance with wsl -d swgemu:

C:\Users\Administrator>wsl -d swgemu
Welcome to Ubuntu 22.04.1 LTS (GNU/Linux 4.4.0-19041-Microsoft x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Thu Dec  8 09:02:39 EST 2022

  System load:    0.5185546875   Processes:             7
  Usage of /home: unknown        Users logged in:       0
  Memory usage:   28%            IPv4 address for eth0: 198.46.174.160
  Swap usage:     0%


0 updates can be applied immediately.



This message is shown once a day. To disable it please create the
/root/.hushlogin file.

You will need to edit the script to create the databases. I like using vi, but you may not. The easiest way is to just browse to the location and open it up in notepad. The path to browse is:

C:\starwars\rootfs\root\starwars\sql

You can drag/drop re-init.sh on notepad, or make the file association, it’s all up to you.

I had set the SQLHOST to the LAN IP I have, you should set it to 127.0.0.1 . The PUBLIC address is the one that you’ll be connecting to. You can set it to your LAN address, or a public one if you know it (you’ll have to setup NAT), or if you are running it all on one machine for testing, it’s fine to be 127.0.0.1.

Save the file re-init.sh and now you have to run it.

root@DESKTOP-E4F55FE:~# cd starwars/sql/
root@DESKTOP-E4F55FE:~/starwars/sql# ./re-init.sh
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1008 (HY000) at line 1: Can't drop database 'swgemu'; database doesn't exist
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
root@DESKTOP-E4F55FE:~/starwars/sql#

The first SQL query will attempt to drop the swgemu database. In this case it doesn’t exist, so the first error is expected. Nothing to worry about. That gives us the database, now it’s time to configure the server.

You can use explorer to browse to:

C:\starwars\rootfs\root\starwars\conf

Now open/drop on notepad the file config.lua

Again change the DBHost, and MantisHost to 127.0.0.1, and update the password for root, if you have changed it. You may also want to change the DBSecret, but since this is all for fun, I’m leaving it stock.

Now it’s time to run the server.

root@DESKTOP-E4F55FE:~/starwars/sql# cd ..
root@DESKTOP-E4F55FE:~/starwars# ./core3
(0 s) [Core] Server start, pid: 105, time: Thu Dec  8 09:11:54 2022
(0 s) [ConfigManager] Did not find conf/config-local.lua
(0 s) [DatabaseManager] converting database objects to new format
(0 s) [DatabaseManager] finished converting data to new format

There will be a lot of messages going on, and this will take a few minutes. During the first run Windows will ask for network access permissions. Be sure to check both boxes allowing WAN and LAN access.

Check both boxes!

I have a Lenovo C20 and it takes about 2 minutes, depending on your config it may take longer or shorter.

One thing to point out is that I have configured Core3 for all the worlds, and this will need more than 8GB of ram to start up. So if you get something like this:

If this happens, you’ll have to try a minimal config, commenting out the areas from the config. On this test system, it only has 8GB of RAM, and that isn’t enough to have everything. However the minimal of the training & Tatooine fits no problem:

On the machine I originally set this up on, it has 32GB of RAM, so the processes needing just under 7GB of RAM wasn’t an issue. However an 8GB machine just isn’t enough as I found out the hard way re-producing my install.

Since we have previously allowed the Core3 application LAN/WAN access you should be able to connect. If you set the public address to something public, you will need to setup your firewall to forward the following ports to the machine hosting Core3

Otherwise you’ll need to open the following ports and protocols:

TCP 44419
TCP 44455
UDP 44453
UDP 44462
UDP 44463

Again making this a WSLv1 setup makes this easier as Windows runs core3 in the same memory space.

With any luck you should now be able to connect to the address you have specified as your PUBLIC address. If you want to change, you can either update the re-init.sh script and re-run it, destroying everything, or run the HeidiSQL tool, and just update it.

I had to set it to use libmysql.dll . As always remember your root password, and what Port you used to setup MariaDB. With the profile saved you can open it up.

The address field tells the clients what IP address they can find the server on, so it can the the LAN if you are staying at home, or it has to be a Publicly accessible one. Another alternative is something like Hamachi, which lets you create your own virtual network of machines. It’s great, but not all that cheap, but the added benefit is that your server isn’t a public resource, so you know exactly who is connecting.

If you want to be open but in control I’ve used this in the past to great success.

If you do change the IP you have to restart the core3 program.

Simply type in ‘exit’ at the console and it’ll start to gracefully shutdown.

Then simply start it again with a ./core3

If you want to enable the god mode, I assume you have read how what changes to make on the client side, and the table to edit is the accounts table, once you have logged in, it’ll create your record, and you can find it on HeidiSQL and change the admin_level field to 15. With this set the next character you create will be a ‘god’.

I’m not going to go into setting up the client, installing the SWGEMU stuff and how to add custom servers, as I assume you already know how to do so. This is more to let people run their own instances at home, or among friends.

On building core3 for yourself, be aware that by default it’ll use a ‘native’ config option that tunes the compiler to generate code as fast as possible for YOUR processor. So if you want to run it somewhere else, it has a good chance of not running. I had to edit the following files:

./CMakeLists.txt
./utils/engine3/MMOEngine/CMakeLists.txt

And change NATIVE to NO.

I also had issues with the SQL not having a default setting for timestamps, and it would fail to create accounts. Look for stuff like this:

TIMESTAMP NOT NULL,

and replace it with

TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,

And as of this current rev I had some issues with malloc hooks, which I just commented out:

$ diff -ruN AllocationHook.cpp_ utils/engine3/MMOEngine/src/system/mm/AllocationHook.cpp
--- AllocationHook.cpp_ 2022-12-06 07:59:42.160402900 +0000
+++ utils/engine3/MMOEngine/src/system/mm/AllocationHook.cpp 2022-12-06 08:00:22.510402900 +0000
@@ -50,6 +50,7 @@
        instance = this;

 #ifndef PLATFORM_MAC
+#if 0
        __saved_malloc_hook = __malloc_hook;
        __saved_free_hook = __free_hook;
        __saved_realloc_hook = __realloc_hook;
@@ -58,6 +59,7 @@
        __malloc_hook = mallocHook;
        __free_hook = freeHook;
        __realloc_hook = reallocHook;
+#endif

 #else
        malloc_zone_t *dz = malloc_default_zone();
@@ -91,9 +93,11 @@

 void AllocationHook::uninstall() {
 #ifndef PLATFORM_MAC
+#if 0
        __malloc_hook = __saved_malloc_hook;
        __free_hook = __saved_free_hook;
        __realloc_hook = __saved_realloc_hook;
+#endif
 #else
        malloc_zone_t *dz = malloc_default_zone();

$

Yes it’s terrible, but I was in a rush so.. yeah.

Also I have access to a Windows 2019 Server which is Windows 10 1809 based, and it doesn’t support the import-export of filesystems. So this won’t be a clean install, I guess it’d be easier to copy files over from Windows 10, and install Ubuntu 20.22 from the store.

Good Luck!

pptp always ignoring localip on Ubuntu

I don’t know how the other various linux distros handle this but I found this by accident:

Nov 17 12:04:25 ukweb pppd[4943]: Using interface ppp0
Nov 17 12:04:25 ukweb pppd[4943]: Connect: ppp0 <--> /dev/pts/0
Nov 17 12:04:25 ukweb pptpd[4942]: GRE: Bad checksum from pppd.
Nov 17 12:04:25 ukweb systemd-udevd[4944]: Using default interface naming scheme 'v249'.
Nov 17 12:04:25 ukweb pppd[4943]: peer from calling number 1.1.1.1.1 authorized
Nov 17 12:04:25 ukweb pppd[4943]: MPPE 128-bit stateless compression enabled
Nov 17 12:04:27 ukweb systemd-networkd[592]: ppp0: Link UP
Nov 17 12:04:27 ukweb systemd-networkd[592]: ppp0: Gained carrier
Nov 17 12:04:27 ukweb pppd[4943]: found interface br0 for proxy arp
Nov 17 12:04:27 ukweb pppd[4943]: local  IP address 192.168.0.1
Nov 17 12:04:27 ukweb pppd[4943]: remote IP address 192.168.23.10
Nov 17 12:05:28 ukweb systemd[1]: Stopping PoPToP Point to Point Tunneling Server...
Nov 17 12:05:28 ukweb pppd[4943]: Terminating on signal 15
Nov 17 12:05:28 ukweb pppd[4943]: Connect time 1.1 minutes.
Nov 17 12:05:28 ukweb pppd[4943]: Sent 0 bytes, received 6937 bytes.
Nov 17 12:05:28 ukweb systemd-networkd[592]: ppp0: Link DOWN
Nov 17 12:05:28 ukweb systemd-networkd[592]: ppp0: Lost carrier

With the emphasis on “local IP address 192.168.0.1”. Which is *NOT* in my config. I went as far as adding a bridge to satisfy the proxy arp! Netplan is some yaml thing and yeah not a big fan.

    ethernets:
        eth0:
            addresses:
            - PUBLICIP/24
            gateway4: GATEWAY
            match:
                macaddress: AA:BB:CC:00:00:01
            nameservers:
                addresses:
                - 1.1.1.1
                - 8.8.8.8
    bridges:
      br0:
        dhcp4: no
        addresses: [192.168.23.1/24]
    version: 2

my /etc/ppp/pptpd.conf had the options set, but no matter what it *ALWAYS* went to 192.168.0.1

option /etc/ppp/pptpd-options
logwtmp
localip 192.168.24.1
remoteip 192.168.23.30-250

And then I found it after doing what i should have done, and grep around to find out that pptpd.conf should actually live in /etc

Yeah that’s right, there is 2 of them although they should be the same. A symlink and a restart later, and now I get this:

Nov 17 12:19:56 ukweb kernel: [  112.718861] PPP MPPE Compression module registered
Nov 17 12:19:56 ukweb pppd[1002]: MPPE 128-bit stateless compression enabled
Nov 17 12:19:58 ukweb systemd-networkd[599]: ppp0: Link UP
Nov 17 12:19:58 ukweb systemd-networkd[599]: ppp0: Gained carrier
Nov 17 12:19:58 ukweb pppd[1002]: found interface br0 for proxy arp
Nov 17 12:19:58 ukweb pppd[1002]: local  IP address 192.168.23.1
Nov 17 12:19:58 ukweb pppd[1002]: remote IP address 192.168.23.10

MUCH much better. I don’t know if this is anything worth wriging about, but if I can save someone else an hour of wondering why the config isn’t working and why their pptp is always defaulting to 192.168.0.1 and why it’s wreaking havoc with any default home router, where here it is.

Networking on AIX 4.3

Well oslevel says 4.3.3.0, but you get the idea.

You’ll need to have the ethernet driver handy, or better loaded. Since I had disabled the NIC on install it’s not loaded. And since I’m still using a cellphone for internet I extracted the file somewhere else and copied in some patches. I’ve managed to reproduce this twice now, so I guess it’s good to go. Apparently, this just works in later versions, but this is very touchy.

To start how I’m running qemu:

./qemu-build/ppc-softmmu/qemu-system-ppc -M 40p -bios q40pofw-serial.rom -serial telnet::4441,server -hda disk0.vmdk-post-install -vga none -nographic -net none -device pcnet,netdev=ne -netdev user,id=ne,hostfwd=tcp::42323-:23 -cdrom /mnt/c/temp/pcnet-aix.iso

With aix booted, extract the tar file from the cdrom:

mount /cdrom
mkdir /pcnet
cd pcnet
tar -xvf /cdrom/pci.tar

Fix your terminal up… if needed (it probably is)

export TERM=vt100
stty erase ^?
export LIBPATH=$LIBPATH:/usr/lib
export PATH=/usr/local/bin:$PATH

Now run smitty -> devices -> after ipl

Change the directory to /pcnet , and let it run It will give errors but thats okay. All being well it won’t crash AIX, otherwise you’ll want to restore your hardisk. You did make a backup beforehand right?!

I don’t think it matters but I run this afterwards:

odmchange -o CuAt -q "name=ent0 and attribute=busio" /cdrom/lance_ch.asc
odmget -q "name=ent0 and attribute=busio" CuAt
shutdown -h now
halting does take forever

As tempting as it is to kill the emulator, wait for it to complete. Otherwise you may have to do the whole thing agian.

For me the value attribute was never preserved, so we get to do it again on reboot/restart:

odmget -q "name=ent0 and attribute=busio" CuAt
mount /cdrom
odmchange -o CuAt -q "name=ent0 and attribute=busio" /cdrom/lance_ch.asc
rmdev -l ent0
mkdev -l ent0
ifconfig en0 10.0.2.15
ping -c 1 10.0.2.2

If everything went well this time you should get a ping reply! Great! Now to configure the system for real.

smitty -> communication -> tcpip -> minimum -> en0

simple slirp

As always I configure my system for slirp. We’re almost there! Now to pad the DNS records for slirp:

cat >> /etc/hosts
10.0.2.2 slirp
10.0.2.3 slirpdns
^D

And now you can reboot!

If everything goes well, you will have a patched up pcnet driver that works (well mine does)

It works!

The big test is to of course reboot. Then you’ll know for sure.

I have tried this a few times, and yeah it can crash when adding the drivers, so I had to restore a few times. I would say 1/3 times worked flawlessly. So be patient. And backup!

Windows scp to remote machines with spaces in the directories

Well one nice thing about Windows 10 is that it has a built in ssh/scp client! Although telnet is optional, I get that it’s insecure but jeez what is a retro user to do?

Anyways the subject at hand is copying files from somewhere that has spaces in the path. In this case I need a copy of OS X Snow Leopard from my Mac Pro cylinder to this junk Fujitsu Celsius. I’m still having USB issues, but I’d like to get my data off of an external disk formatted in HFS+. And for ‘reasons’ I wanted to use something “native” but I don’t feel like building a Hackintosh. While not a strict tutorial on getting Snow Leopard running, I did upload my old download of Empire EFI on archive.org as this kind of stuff is damned near impossible to find.

So back to the matter at hand, I have this VM setup on my Mac Pro, and I want it on this Windows machine. You’d think it would be something like this:

scp -C [email protected]:"/Users/neozeed/Virtual Machines.localized/OSX 10.6/*" .
Password:
scp: /Users/neozeed/Virtual: No such file or directory
scp: Machines.localized/OSX: No such file or directory
scp: 10.6/*: No such file or directory

Okay so double quotes didn’t work. How about a Unix style escape for spaces? I mean it *is* scp after all, maybe it doesn’t know it’s on Windows.

C:\osx>scp -C [email protected]:"/Users/neozeed/Virtual\ Machines.localized/OSX\ 10.6/*" .
Password:
scp: /Users/neozeed/Virtual: No such file or directory
scp: Machines.localized/OSX: No such file or directory
scp: 10.6/*: No such file or directory

Well maybe it parses it like C, so you need double backslash? NO that doesn’t work either. Talk about frustrating. So, in an act of insanity, I tried single quoting the interior spaces around double quotes, something idiotic like a bash variable:

C:\osx>scp -C [email protected]:"/Users/neozeed/Virtual' 'Machines.localized/OSX' '10.6/*" .
Password:
Mac OS Snow Leopard.vmdk                                                               69%   11GB  16.0MB/s   05:16 ETA

And yes, now it’s transferring. I’m just using a cheap 50zt 5 port 100Mbit dumb switch. It’s good enough and it’ll probably take some 30 minutes to transfer all the bits, but it’s working.

So there you go. You may not need it now, or tomorrow but it’ll save you the 20 minutes of frustration!

Web Rendering Proxy – Full Page Scrolling

(This is a guest post by Antoni Sawicki aka Tenox)

Due to a popular demand I have added an option of generating full page height screenshot and allowing client browser to do the scrolling.

https://youtu.be/lDqrPxkOFlI

This makes the browsing experience much smoother, you have resources for it. Beware, a full page screenshot can be several MB in size encoded as gif/png and much more as a decoded raw bitmap on the client. I managed to crash Mosaic and OmniWeb a few times. Fortunately typical Wikipedia page is under 1 MB so for most part is should be fine. To activate just put 0 in page Height.

I have drafted a pre-release on github for testing. Please let me know any feedback. I’m also thinking whether enable this by default, or not.

WRP 4.0 Preview

(This is a guest post from Antoni Sawicki aka Tenox)

Welcome a completely new and absolutely insane mode of Web Rendering Proxy. ISMAP on steroids!

While v3.0 was largely just a port from Python/Webkit to GoLang/Chromedp, the new version is a whole new game. Previously WRP worked by walking the DOM and making a clickable imagemap out of <A HREF> nodes. Version 4.0 works by using x,y coordinates obtained from ISMAP to perform a simulated mouse click in Chrome browser. This way you can click on any element of the page. From annoying cookie warnings, to various drop down menus and even play some online games. Also pagination has been replaced with a clickable scroll bar.

Enough talking, you can watch this video:

Or download the new version and try it yourself!

Please report bugs on github.com. Thank you!