Everyone seems to be losing their minds over the Windows XP Professional Key

algorithm being cracked.

But of course, how does that help me?

Unironically, I had purchased this for a whopping £4.68

No, really here’s the receipt. What a bargain!

Of course this is a legit copy with a legit key. But the online activation servers are all gone, and it looks like I’d have to call someone asking about my 22 year old copy of Windows, that I’ll load up and quickly forget.

Since I’m going to use QEMU, 0.90 with pcap support I thought I’d share the startup options:

set loopback=\Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473}
set vmnet1=\Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323}
qemu -m 512 -L pc-bios ^
-hda xphome.vmdk ^
-soundhw es1370 ^
-net nic,model=pcnet,macaddr=52:24:00:33:00:01 ^
-net pcap,devicename=%loopback% ^
%1 %2 %3 %4 %5 %6

I had high hopes for this thing. Clearly misplaced ambitions.

First up, it’s an upgrade version. So that means instead of installing XP I had to waste my time installing NT Workstation 3.51, then installing XP. Yuck. And of course it just want small FAT disks of the 2/4 gigabyte boundary type as it’s 1994. Not the bright future of 2002’s Windows XP.

I don’t know why Qemu 0.90 has issues with XP detecting the CD-ROM drive, but yeah that sucked. I wanted to load up some more insane SNA experiments, but there is no DLC / 802.2 driver for XP Home. wow.

At least once it’s satisfied, we can format the disk as one big happy partition, and we can get on with our lives.

Installation is rather uneventful, however we are instantly reminded that we have only 30 days to go. Since we have that nasty CD-ROM issue that means shutting down, and booting back up, but with this fun program on an ISO image, xp_activate.

I did try to make a call, to activate my Windows, but the connection was terrible and I’m not even sure if these numbers were right. No I mean I know they didn’t work.

So I did what all legit users end up doing, using the crack for my 21 year old copy of Windows.

And just a few clicks later, it was done.

Windows XP Home is activated.

I don’t know if it’s even really going to last, I didn’t try anything else, actually I already deleted it. And the XP folio is back on the bookshelf.

Not only is there no DLC, did you know you can’t uninstall TCP/IP? At least you can unbind it from your NIC. While it does have IPX/SPX there is no built in Netware client. When they said HOME they meant it!

Ghosts in the mainframe!

There is a LOT going on in this image, and I’ll try to explain it, but yeah “it’s complicated”.

SNA networking & Hercules has always been a goal for a lot of people, including me as we always wanted to setup some SNA server of some kind. Especially on RISC platforms, as there is only so much fun on SQL server.

Okay I know the practical among you will say, doesn’t it support telnet 3270? Isn’t that good enough? Yes for day to day mundane stuff, absolutely. But I’m not all that interested in that, I wan’t to have the whole ancient network, and I wan’t it self contained and on my desk! Or on a laptop, as I see fit.

What started this whole adventure was a simple image from 9track.net, showing that being able to connect physical devices to Hercules was indeed possible!

Image from https://www.9track.net/hercules/dlsw/

This is a physical IBM 3178 & 3179 terminals talking to TK4- , a MVS3.8j pre-configured system!

The magic that makes this all possible, is a cisco router, running enterprise IOS, with dlsw support.

My setup is going to be inspired by this setup, but not exactly 100% But this is what I’m going to use on Windows 10

  • Dynamips for the cisco router, running JS-M 12.2(25)S8
  • Qemu 0.90 with PCAP running Windows NT 3.51 Server along with SNA Server 2.1
  • Qemu 0.90 running Windows 3.1 and XVision
  • VMware Player
  • WireShark
  • Microsoft Loopback adapter
  • WSLv1

I had originally wanted to run the NT server on VMware but for some reason it just hangs trying to initialise the NT kernel. I didn’t bother trying to troubleshoot it, I just jumped to Qemu. Even service pack 5 didn’t help. VMware left me with the virtual network that will NAT if needed, and of course let me telnet to the Dynamips program. The SNA traffic is isolated to the MS Loopback adapter, which will let pcap programs talk to each other.

The first thing I did was run ‘hdwwiz’ on Windows 10, and added in the KM-TEST loopback adapter

We know what we want, so go to the manuall selection

Network adapters

And select the KM-TEST Loopback Adapter

Next I changed the protocols available on the loopback, as I don’t want my Windows 10 host interfering with the SNA network at all.

So the next thing to do is to get your network GUID’s. ethlist.exe from the Dynamips download will get you that:

C:\dynamips>ethlist.exe
Network devices:
  Number       NAME                                     (Description)
  0  \Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473} (loopback)
  1  \Device\NPF_{D9FBD118-B9DF-4C3C-BD9E-07A0E34D8F75} (Local Area Connection* 8)
  2  \Device\NPF_{F5057901-6A30-413A-80E4-4765DA794B7C} (Local Area Connection* 7)
  3  \Device\NPF_{E3D3EC8D-29C3-4B70-B01C-600D3F9ED1D6} (Local Area Connection* 6)
  4  \Device\NPF_{82EEDBC1-899D-416F-BD51-3DBE2287257F} (VMware Network Adapter VMnet8)
  5  \Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323} (VMware Network Adapter VMnet1)
  6  \Device\NPF_{DDF1FA94-7488-414F-A41A-EC88C1FB0DE4} (Ethernet)
  7  \Device\NPF_{E7CA8F40-4639-410D-B5CA-F402FE69AF5D} (Ethernet 2)

I want the cisco router to have two interfaces, one with TCP/IP for me to be able to telnet into it (maybe other management as well?!) and the other one for the SNA traffic.

Setting up Dynamips

As mentioned above I’m going to use the VMnet1 for TCP/IP to the router, and the loopback adapter for SNA traffic. To try to make things a little easier to read I setup a small batch file that let’s me plug in variables to Dynamips:

set loopback=\Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473}
set vmnet1=\Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323}
set IOS=c7200-js-mz.122-25.S8.bin
set NPE=npe-200
..\dynamips.exe -P 7200 %IOS%  ^
-t %NPE%  ^
-p 0:C7200-IO-FE ^
-s0:0:gen_eth:%vmnet1% ^
-p 1:PA-4E  ^
-s1:0:gen_eth:%loopback% ^
-p2:PA-4T+

The caret symbol will break up lines on NT, much like the ampersand will on Unix. And this let’s me use clear variables for the networks, IOS & NPE type so it’s nowhere near as complicated to edit.

This will create a cisco 7200 with an NPE-200, with the following cards:

The next thing is what ip address is bound to VMnet1? This is mine:

Ethernet adapter VMware Network Adapter VMnet1:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::c3d2:c891:b7e0:6797%5
   IPv4 Address. . . . . . . . . . . : 192.168.199.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :

So all my TCP/IP in this example will be using 192.168.199.0/24

As mentioned on the 9track page, all the magic happens on the cisco router. I’ve made a few changes as I may want to try the SDLC in the future to perhaps some other experiment if I can find an emulator that’ll drive it over serial, but for now let’s just get to the config:

!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname dlsw
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
ip subnet-zero
!
!
no ip domain-lookup
!
ip cef
no mpls traffic-eng auto-bw timers frequency 0
call rsvp-sync
!
!
!
!
!
!
!
source-bridge ring-group 1
dlsw local-peer peer-id 192.168.199.10
dlsw remote-peer 0 tcp 192.168.199.1
dlsw mac-addr 4000.1020.0100 remote-peer ip-address 192.168.199.1
dlsw udp-disable
dlsw transparent switch-support
!
interface FastEthernet0/0
 ip address 192.168.199.10 255.255.255.0
 duplex half
 no clns route-cache
!
interface Ethernet1/0
 no ip address
 duplex half
 no clns route-cache
 dlsw transparent redundancy-enable 5555.5555.5000
 dlsw transparent map local-mac 4000.1020.0100  remote-mac 4000.0999.0100
!
interface Ethernet1/1
 no ip address
 shutdown
 duplex half
 no clns route-cache
!
interface Ethernet1/2
 no ip address
 shutdown
 duplex half
 no clns route-cache
!
interface Ethernet1/3
 no ip address
 shutdown
 duplex half
 no clns route-cache
!
interface Serial2/0
 no ip address
 encapsulation sdlc
 no keepalive
 serial restart-delay 0
 clockrate 64000
 no clns route-cache
 sdlc role primary
 sdlc vmac 4000.0999.0100
 sdlc address C1
 sdlc xid C1 01700019
 sdlc partner 4000.1020.1000 C1
 sdlc dlsw C1
!
interface Serial2/1
 no ip address
 shutdown
 serial restart-delay 0
 no clns route-cache
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
 no clns route-cache
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
 no clns route-cache
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 session-timeout 35791
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 password cisco
 login
!
!
end

This sets up the router so I can telnet to it from my desktop at 192.168.199.10, and allows it to talk to the base Windows machine on 192.168.199.1

All the magical MAC addresses come from 9track.net, as he wrote the dlsw hooks, so I just copied that. There is probably a great deal that could be cleaned up, but once I saw the two talking I kind of froze what I was doing.

With that much in place I then jumped to WSL,and built the emulator from github. I cloned it, and renamed that to herc-dlsw. At least for me this was pretty straightforward. The Hercules fork will build with Visual Studio as well, but I knew I was going to need some kind of tn3270 emulator, and I wanted to use x3270, and I had just recently bought this discounted copy of XVision, so of course I wanted to use that.

Despite this catastrophic defect that wasn’t disclosed in the auction.

I downloaded and extracted the TK4- latest distro on WSL. I just created a ‘herc’ directory in my home to house the tk4- release. The next thing to do is overlay your dlsw enabled exe’s and libraries.

cd ~/herc-dlsw/.libs
mkdir x
cp * x
cd x
rm *.o *.lai
cp *.so $HOME/herc/hercules/linux/64/lib/hercules
cp *.la $HOME/herc/hercules/linux/64/lib/hercules
rm *.so *.la
cp * $HOME/herc/hercules/linux/64

Now with the binaries in place, I do need to setup the Xvision VM so I can receive the X11. Of course there is so many other ways to do this, but this is mine:

qemu.exe -L pc-bios -m 64 -hda xvision.vmdk -net nic,model=ne2k_isa -net user -redir tcp:6000::6000

The important thing is that tcp port 6000 is redirected inwards, and that I’m using the NE2000 card, which on my weird fork will print out the hardware config, so I know how to find the nic.

added SLIRP
adding a [GenuineIntelC♣] family 5 model 4 stepping 3 CPU
added 64 megabytes of RAM
trying to load video rom pc-bios/vgabios-cirrus.bin
added parallel port 0x378 7
added NE2000(isa) 0x320 10
pci_piix3_ide_init PIIX3 IDE
ide_init2 [0] s->cylinders 203 s->heads 16 s->sectors 63
ide_init2 [1] s->cylinders 0 s->heads 0 s->sectors 0
ide_init2 [0] s->cylinders 2 s->heads 16 s->sectors 63
ide_init2 [1] s->cylinders 0 s->heads 0 s->sectors 0
added PS/2 keyboard
ps2.c added PS/2 mouse handler
added Floppy Controller 0x3f0 irq 6 dma 2
installing PS/2 mouse in CMOS
  Bus  0, device   0, function 0:
    Host bridge: PCI device 8086:1237
  Bus  0, device   1, function 0:
    ISA bridge: PCI device 8086:7000
  Bus  0, device   1, function 1:
    IDE controller: PCI device 8086:7010
      BAR4: I/O at 0xffffffff [0x000e].
  Bus  0, device   1, function 3:
    Class 0680: PCI device 8086:7113
      IRQ 0.
  Bus  0, device   2, function 0:
    VGA controller: PCI device 1013:00b8
      BAR0: 32 bit memory at 0xffffffff [0x01fffffe].
      BAR1: 32 bit memory at 0xffffffff [0x00000ffe].

And in this case it’s 0x320 IRQ 10. XVision being it’s own level of disappointment, I’ll have to cover it further, and later but suffice to say it at least catches the x3270 so I can get onto the console.

Setting up Hercules

Editing conf/tk4-_default.cnf is pretty easy as it’s on Linux and you can use VI.

# NCP VTAM
#
0660 3705 lport=${N660PORT:=37051} locncpnm=N07 rmtncpnm=N08 …
          unitsz=252 ackspeed=1000
0661 3705 lport=${N661PORT:=37052} locncpnm=N10 rmtncpnm=N11 …
          idblk=017 idnum=00018 locsuba=10 rmtsuba=11 unitsz=252 …
          ackspeed=1000
0662 3705 lport=${N662PORT:=37053} debug=yes dlsw=yes locncpnm=N12 …
          rmtncpnm=N13 idblk=017 idnum=00019 locsuba=12 rmtsuba=13 …
          unitsz=252 ackspeed=1000
0663 3705 lport=${N663PORT:=37054} locncpnm=N14 rmtncpnm=N15 idblk=017 …
          idnum=0001a locsuba=14 rmtsuba=15 unitsz=252 ackspeed=1000

And it’s simple, just assign the dlsw to the 0662 3705 controller.

The real fun is in the VTAM configuration. Which had been stumping me for well over a year. But then I found this Bradrico Rigg article aptly titled : Run your own mainframe using Hercules mainframe emulator and MVS 3.8j tk4, and it gave me the confidence to get this DONE. Thanks Bradrico!

First get MVS up and running. You have to run the ‘console_mode’ script to see what is going on.

cd herc/unattended
./set_console_mode
cd ..
./mvs

It’s not all that difficult XVision is using SLiRP, so it’s listening on all my IP addresses so I just do a simple

export DISPLAY=192.168.1.72:0
nohup x3270 &

And the emulator will pop up in Qemu. Just connect to localhost:3270 and you’ll be greeted by the login pannel:

Credentials are HERC01 / CUL8TR

I would HIGHLY recommend following the tutorial to get used to submitting a simple COBOL program. It walks through the key concepts of locating a file, and viewing it on MVS. Something that up until yesterday was out of my league.

We need to edit the file S3705 on SYS1.VTAMLST

Basically it’s 1,3,4 from the main pannel:

or RFE, Utilities, DSLIST

Type in the Volume name, then tab over to the left of the volume and put in V to view

Now we will get a list of all the files. We want to edit S3705, so you can tab/arrow down, but sure to put an `E’ next to it, then hit enter so we can edit the file

F7/F8 will page down/page up as needed. As mentioned we are interested in Subarea 13, PU type 2.

The line we are changing is the MAXDATA or MTU size for this unit. Since we are doing dlsw, or an emulated serial link, we need to knock it down to 256. Notice all the plus signs on the right hand? THOSE ARE IMPORTANT! Not only do they need to exist, but they also have to be on the far right.

For those wondering the MTU sizes on the client side by media type are as follows: And notice that the host size is different, as this takes in account of packet headers.

Making sure to overtype the 3780, to a 256, and ensuring the + sign hasn’t moved you can hit enter, cursor to the top and type in SAVE.

We can then edit the N13 file, changing line 35 to have MAXLU=3

Hopefully this clears up editing VTAM files.

As mentioned the easiest way to regen the system is to delete the old object files. So hit f3 a few times and get back to the dataset list

This time we want the VTAMOBJ set. Go and ‘V’iew it like last time and we will get the list of files:

Now we are going to put a ‘d’ next to N13 and S3705. This will flag them for deletion. Hit enter!

The files are now gone! On the next boot they will be rebuilt.

I just hit F3 a bunch of times and it’ll drop to some TSO shell

From here you can shutdown the system. It’ll take a few minutes, but you can start it up again just the same way you brought it up. Remember to attach your console.

Setting up SNA Server

Just like Dynamips, I setup a batch file, as the default one is just far too long to read:

@echo you need to figure out your nic name..
@echo something like
@echo \Device\NPF_{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
set loopback=\Device\NPF_{3DF0EC5D-7FBE-46DF-ACF8-EF5D8679A473}
set vmnet1=\Device\NPF_{3BC364F4-5A15-405D-926C-C594383F0323}
qemu -m 64 -L pc-bios ^
-hda SBS15.vmdk ^
-soundhw sb16,adlib ^
-net nic,model=pcnet,macaddr=52:24:00:22:00:01 ^
-net pcap,devicename=%loopback% ^
%1 %2 %3 %4 %5 %6

This will setup a small machine with 64MB of ram, a single AMD PCNet adapter on the loopback interface. I installed Windows NT 3.51 from the Small Business Server 1.5 setup. I don’t know why VMware + NT 3.51 didn’t get along, maybe it’s my Erying, Or maybe it just plain doesn’t work, I’m not sure, and far too impatient to troubleshoot it.

It’s very important that you do add the DLC Protocol during setup. It’s in the ‘Add Software’ part. I kept my NT very simple with only NetBEUI and DLC protocols. At the moment I’m not that interested in actually networking the NT, and if I was, I would add a second NIC, just like what I did for Dynamips.

Setting up NT isn’t that interesting, but SNA server is. I did use the 2.11 on the Back Office CD, but for completeness sake of testing I tried the oldest one I could find, and 2.1 beta from June, Build 2.1.0.216.

I left the network name & control point name blank as I just want terminal, I’m not even going to think that LU6.2 applications on such an ancient version of MVS was even possible.

This is pretty much default, the Link service basically sets itself up as we only have the one NIC.

Take note of the remote network address. 400010200100 which came from above the address we directly point to the dlsw. Also it’s form the 9track blog.

Insert a 3270 LU for us to try to talk to Hercules.

I’m pretty sure it was hard coded to be a model 2.

I turned off the ability for the model to be overwitten.

Create a pool, I called it swimming, because of ‘reasons’. I made it a type 2 pool and added the terminal to it.

Next I added the EVERYONE user, and gave them access to the SWIMMING pool

Finally we are ready to save the config, and do the hand holding and start up. If the stars aligned you will see them go ACTIVE/ACTIVE and the terminal will go Available.

Sadly the terminal won’t go live, it’s stuck in SSCP.

And this is as far as I can go. I have to think that with either something far older protocol wise for the PC, such as IBM Personal Communications/3270 for Windows V2.0 (v4 didnt work either), or a far newer Mainframe software version would support whatever it is SNA server wants to give us the crazy dream of running SNA self contained.

Running Wireshark on the loopback network I see this message:

UNSUPPORTED FUNCTION

Sadly this is as far as I can take you. I do want to give a special thanks to Vinatron & blackbit for trying to troubleshoot this with me. Best we can figure is that TK4- is just too old.

Troubleshooting

From the cisco router try dlsw commands like this:

dlsw>sho dlsw circuits
Index           local addr(lsap)    remote addr(dsap)  state          uptime
2281701660      4a24.0044.0080(04)  0200.9099.8000(04) CONNECTED      00:02:23
Total number of circuits connected: 1

This does show the connection. Notice that ‘show bridge’ will show nothing in this config.

Be sure to check peers as well:

dlsw>show dlsw peers
Peers:                state     pkts_rx   pkts_tx  type  drops ckts TCP   uptime
 TCP 192.168.199.1   CONNECT         10        13  conf      0    1   0 00:05:07
Total number of connected peers: 1
Total number of connections:     1

Make sure your interfaces are ‘up/up’ and passing traffic

FastEthernet0/0 is up, line protocol is up
  Hardware is DEC21140, address is ca00.48f4.0000 (bia ca00.48f4.0000)
  Internet address is 192.168.199.10/24
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Half-duplex, 100Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 1000 bits/sec, 2 packets/sec
  5 minute output rate 2000 bits/sec, 2 packets/sec
     12768 packets input, 1439279 bytes
     Received 3609 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog
     0 input packets with dribble condition detected
     9999 packets output, 1037736 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
dlsw>show int eth1/0
Ethernet1/0 is up, line protocol is up
  Hardware is AmdP2, address is ca00.48f4.001c (bia ca00.48f4.001c)
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:02, output 00:00:02, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     52426 packets input, 5148287 bytes, 0 no buffer
     Received 12336 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     36383 packets output, 2465490 bytes, 0 underruns
     0 output errors, 0 collisions, 3 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
dlsw>

And of course check WireShark to see if there is any handshake:

And of course check the Hercules logs to make sure your VTAM rebuilt, look for ERROR or anything related to S3705 or N13.

Adding multiple PCnet NIC’s to a Windows NT 4.0 Terminal server under Qemu

So this is probably nothing that exciting for most people, but for me, I wanted to have a Terminal Server onto a DECnet network. Sure I could have probably just done one nice with tun/tap, dumped all the protocols on there, and called it even. But for some reason I wanted 2 NICs to keep the IP on one side, and DECnet on the other.

One thing I wanted was an internal bridge for DECnet only traffic, and since I just need MSRDP access, SLiRP can handle a single TCP port redirect.

The flags are as always pretty simple once you work them out:

qemu -vga std -cpu pentium -m 384 -vnc :0 -net none \
-hda nt4tse.vmdk \
-device pcnet,netdev=slback \
-device pcnet,netdev=decback \
-netdev tap,ifname=tap1,id=decback,script=/root/nt4tse-up,downscript=/root/nt4tse-down \
-netdev user,id=slback,hostfwd=tcp::3389-10.0.2.15:3389 \
-cdrom Windows\ NT\ 4\ All-In-One\ (Workstation\,\ Server\,\ Terminal\,\ Enterprise).iso

And the two network scripts starting with nt4tse-up:

#!/bin/bash
echo starting $1
ip tuntap add mode tap tap1
ifconfig tap1 up
ifconfig tap1
brctl addif decnet0 tap1
brctl show decnet0
echo done with tuntap

And the nt4tse-down:

#!/bin/bash
echo shutting down $1
ifconfig tap1 down
brctl delif decnet0 tap1
brctl show decnet0
ip tuntap del mode tap tap1
echo done shutting down $1

for completeness here is the bridge config in /etc/netplan/50-cloud-init.yaml

network:
    ethernets:
        ens3:
            addresses:
            - SOMETHING/24
            gateway4: SOMETHING
            match:
                macaddress: 00:f4:c1:56:40:7e
            nameservers:
                addresses:
                - 1.1.1.1
                - 8.8.8.8
    bridges:
      br0:
        dhcp4: no
        addresses: [192.168.23.1/24]
      decnet0:
        dhcp4: no
    version: 2

This way I have an IP bound bridge for things that talk IP, and a raw bridge, decnet0 that has my non IP decnet stuff on there. Naturally it’ll have my SIMH VAX on there:

# brctl show decnet0
bridge name     bridge id               STP enabled     interfaces
decnet0         8000.aede9f227e7b       no              tap0
                                                        tap1

Also the ability to mount directories as fake fat drives had it’s syntax change as well

 -drive file=fat:rw:win95cd

into something like this:

-drive file=fat:rw:dos,id=fat32,format=raw,if=none -device ide-hd,drive=fat32

Unicos CD-ROM’s found!

Okay, so it’s old news. But it was news to me!

So over on Modular Circuits, Andras had posted a promising ‘UNICOS Update‘ which had detailed that 2 CD-ROM’s of Unicos had surfaced on archive.org cray-cd1 & cray-cd2. Along with posting the updated source to github, so I had no choice to replicate the experiment!

First the install is INSANELY slow. It requires you to setup a Linux (or unix) machine with rsh. Surprisingly there is a rsh-server package for Ubuntu 22.04. Basically it boils down to following the instructions. Although with WSLv2 I ended up making the bridge manually with:

brctl addbr craybr
ip tuntap add mode tap tap1
ifconfig tap1 up
brctl addif craybr tap1
ifconfig craybr 172.16.0.1 netmask 255.255.255.0

It’s coded in the example configs to use tap1, but there you go. It’s a pretty straightfoward install but the decompression on the cray side takes the installation hours. As an experiment I changed the commands from rcp to remsh to gzip -dc the files locally on my PC, which had the benefit of of being much faster, and not taking up space.

I went ahead and uploaded both of my installs for anyone wanting to play OS tourist enough to check out UNICOS but not wanting to sit through the install.

The C compiler is.. ancient. and very touchy. You’ll need to add /usr/gen/bin to the path, and explicitly add the path for the linker like this:

/usr/gen/bin/cc zap.c -L/usr/gen/lib

Although the breakage is.. pretty epic. I had pretty much no luck bringing over any of my favorites. There should be a much better / modernish C compiler and Fortran compiler, although I’m not sure if it’s on these CD-ROM’s or I’m just massively ignorant of UNICOS, because I never got a chance to be anywhere near a legit supercomputer.

So yeah, pretty exciting stuff!

pptp always ignoring localip on Ubuntu

I don’t know how the other various linux distros handle this but I found this by accident:

Nov 17 12:04:25 ukweb pppd[4943]: Using interface ppp0
Nov 17 12:04:25 ukweb pppd[4943]: Connect: ppp0 <--> /dev/pts/0
Nov 17 12:04:25 ukweb pptpd[4942]: GRE: Bad checksum from pppd.
Nov 17 12:04:25 ukweb systemd-udevd[4944]: Using default interface naming scheme 'v249'.
Nov 17 12:04:25 ukweb pppd[4943]: peer from calling number 1.1.1.1.1 authorized
Nov 17 12:04:25 ukweb pppd[4943]: MPPE 128-bit stateless compression enabled
Nov 17 12:04:27 ukweb systemd-networkd[592]: ppp0: Link UP
Nov 17 12:04:27 ukweb systemd-networkd[592]: ppp0: Gained carrier
Nov 17 12:04:27 ukweb pppd[4943]: found interface br0 for proxy arp
Nov 17 12:04:27 ukweb pppd[4943]: local  IP address 192.168.0.1
Nov 17 12:04:27 ukweb pppd[4943]: remote IP address 192.168.23.10
Nov 17 12:05:28 ukweb systemd[1]: Stopping PoPToP Point to Point Tunneling Server...
Nov 17 12:05:28 ukweb pppd[4943]: Terminating on signal 15
Nov 17 12:05:28 ukweb pppd[4943]: Connect time 1.1 minutes.
Nov 17 12:05:28 ukweb pppd[4943]: Sent 0 bytes, received 6937 bytes.
Nov 17 12:05:28 ukweb systemd-networkd[592]: ppp0: Link DOWN
Nov 17 12:05:28 ukweb systemd-networkd[592]: ppp0: Lost carrier

With the emphasis on “local IP address 192.168.0.1”. Which is *NOT* in my config. I went as far as adding a bridge to satisfy the proxy arp! Netplan is some yaml thing and yeah not a big fan.

    ethernets:
        eth0:
            addresses:
            - PUBLICIP/24
            gateway4: GATEWAY
            match:
                macaddress: AA:BB:CC:00:00:01
            nameservers:
                addresses:
                - 1.1.1.1
                - 8.8.8.8
    bridges:
      br0:
        dhcp4: no
        addresses: [192.168.23.1/24]
    version: 2

my /etc/ppp/pptpd.conf had the options set, but no matter what it *ALWAYS* went to 192.168.0.1

option /etc/ppp/pptpd-options
logwtmp
localip 192.168.24.1
remoteip 192.168.23.30-250

And then I found it after doing what i should have done, and grep around to find out that pptpd.conf should actually live in /etc

Yeah that’s right, there is 2 of them although they should be the same. A symlink and a restart later, and now I get this:

Nov 17 12:19:56 ukweb kernel: [  112.718861] PPP MPPE Compression module registered
Nov 17 12:19:56 ukweb pppd[1002]: MPPE 128-bit stateless compression enabled
Nov 17 12:19:58 ukweb systemd-networkd[599]: ppp0: Link UP
Nov 17 12:19:58 ukweb systemd-networkd[599]: ppp0: Gained carrier
Nov 17 12:19:58 ukweb pppd[1002]: found interface br0 for proxy arp
Nov 17 12:19:58 ukweb pppd[1002]: local  IP address 192.168.23.1
Nov 17 12:19:58 ukweb pppd[1002]: remote IP address 192.168.23.10

MUCH much better. I don’t know if this is anything worth wriging about, but if I can save someone else an hour of wondering why the config isn’t working and why their pptp is always defaulting to 192.168.0.1 and why it’s wreaking havoc with any default home router, where here it is.

Networking on AIX 4.3

Well oslevel says 4.3.3.0, but you get the idea.

You’ll need to have the ethernet driver handy, or better loaded. Since I had disabled the NIC on install it’s not loaded. And since I’m still using a cellphone for internet I extracted the file somewhere else and copied in some patches. I’ve managed to reproduce this twice now, so I guess it’s good to go. Apparently, this just works in later versions, but this is very touchy.

To start how I’m running qemu:

./qemu-build/ppc-softmmu/qemu-system-ppc -M 40p -bios q40pofw-serial.rom -serial telnet::4441,server -hda disk0.vmdk-post-install -vga none -nographic -net none -device pcnet,netdev=ne -netdev user,id=ne,hostfwd=tcp::42323-:23 -cdrom /mnt/c/temp/pcnet-aix.iso

With aix booted, extract the tar file from the cdrom:

mount /cdrom
mkdir /pcnet
cd pcnet
tar -xvf /cdrom/pci.tar

Fix your terminal up… if needed (it probably is)

export TERM=vt100
stty erase ^?
export LIBPATH=$LIBPATH:/usr/lib
export PATH=/usr/local/bin:$PATH

Now run smitty -> devices -> after ipl

Change the directory to /pcnet , and let it run It will give errors but thats okay. All being well it won’t crash AIX, otherwise you’ll want to restore your hardisk. You did make a backup beforehand right?!

I don’t think it matters but I run this afterwards:

odmchange -o CuAt -q "name=ent0 and attribute=busio" /cdrom/lance_ch.asc
odmget -q "name=ent0 and attribute=busio" CuAt
shutdown -h now
halting does take forever

As tempting as it is to kill the emulator, wait for it to complete. Otherwise you may have to do the whole thing agian.

For me the value attribute was never preserved, so we get to do it again on reboot/restart:

odmget -q "name=ent0 and attribute=busio" CuAt
mount /cdrom
odmchange -o CuAt -q "name=ent0 and attribute=busio" /cdrom/lance_ch.asc
rmdev -l ent0
mkdev -l ent0
ifconfig en0 10.0.2.15
ping -c 1 10.0.2.2

If everything went well this time you should get a ping reply! Great! Now to configure the system for real.

smitty -> communication -> tcpip -> minimum -> en0

simple slirp

As always I configure my system for slirp. We’re almost there! Now to pad the DNS records for slirp:

cat >> /etc/hosts
10.0.2.2 slirp
10.0.2.3 slirpdns
^D

And now you can reboot!

If everything goes well, you will have a patched up pcnet driver that works (well mine does)

It works!

The big test is to of course reboot. Then you’ll know for sure.

I have tried this a few times, and yeah it can crash when adding the drivers, so I had to restore a few times. I would say 1/3 times worked flawlessly. So be patient. And backup!

Re-visiting the SUN-2 emulator: Adding SLiRP!

While I’ve covered Brad Parker (lisper)’s ‘emulator-sun-2before, booting into SunOS isn’t anything that new.

However, with the latest updates, from github, adding in a prior botched attempt, and some messing around, and finally, I got it to ping at first, then it was a matter of where to place the ‘slirp tick’. I first though putting it on the interface poll was a good spot, but for some reason the machine causes a deadlock/stall on boot before the PROM can even initialize. I’m not sure why. Searching further I found a good timer portion and injected the code. And sure enough I was greeted with the login banner:

I’ve been able to paste in about 100kb of a uuencoded tar file, and it didn’t lock the VM, and I was able to uudecode it, and actually build the source (Infotaskforce ’87 if anyone cares). So I’m at the point I think it’s stable enough to shove into the world, although I guess until I revisit it again.

You can download it on sourceforge: sun2.zip

Web Rendering Proxy – Full Page Scrolling

(This is a guest post by Antoni Sawicki aka Tenox)

Due to a popular demand I have added an option of generating full page height screenshot and allowing client browser to do the scrolling.

This makes the browsing experience much smoother, you have resources for it. Beware, a full page screenshot can be several MB in size encoded as gif/png and much more as a decoded raw bitmap on the client. I managed to crash Mosaic and OmniWeb a few times. Fortunately typical Wikipedia page is under 1 MB so for most part is should be fine. To activate just put 0 in page Height.

I have drafted a pre-release on github for testing. Please let me know any feedback. I’m also thinking whether enable this by default, or not.

WRP 4.0 Preview

(This is a guest post from Antoni Sawicki aka Tenox)

Welcome a completely new and absolutely insane mode of Web Rendering Proxy. ISMAP on steroids!

While v3.0 was largely just a port from Python/Webkit to GoLang/Chromedp, the new version is a whole new game. Previously WRP worked by walking the DOM and making a clickable imagemap out of <A HREF> nodes. Version 4.0 works by using x,y coordinates obtained from ISMAP to perform a simulated mouse click in Chrome browser. This way you can click on any element of the page. From annoying cookie warnings, to various drop down menus and even play some online games. Also pagination has been replaced with a clickable scroll bar.

Enough talking, you can watch this video:

Or download the new version and try it yourself!

Please report bugs on github.com. Thank you!