Review und Test of the D-Link DNS-325 ShareCenter Shadow – First Pictures

D-Link DNS-325 A few days ago i’ve written about the announcement of the D-Link DNS-325 “ShareCenter Shadow”. I was lucky and got the DNS-325 a few days before the release (which is today). So i made a few pictures which i wanted to share with you.
Continue reading Review und Test of the D-Link DNS-325 ShareCenter Shadow – First Pictures

Installation and Configuration of MySQL on Fonz fun_plug

German version of this tutorial

This tutorial is deprecated and should only be used with fonz fun_plug 0.5!
Please check the tutorial page for updated tutorials on this topic!

MySQL is an open source database management system (RDBMS) provided by a commercial company acquired by Oracle. Although the software is free, the company provides commercial support and consultancy (this is a similar model to certain Linux distributions).

Logo of MySQL
Logo of MySQL
An RDBMS is a software tool to store, access and update (often large) amounts of data structured as interrelated tables. Originally, databases were typically used for adminstrative purposes such as storing employee- or inventory information. Nowadays, databases are also widely used to store the raw content from which dynamic web sites are generated. This allows the same information to be presented in different ways. Because SQL is a standardized language to update or access an RDBMS, it also avoids relying on proprietary storage formats with associated risks of obsolescence or lock-in to particular software.

Although there are various other open source and commercial RDBMS systems available, MySQL is commonly used in web development in conjunction with Linux, Apache (or lighttpd), and php. Wikipedia, for example, runs on MediaWiki software written in PHP and uses a MySQL database.

Contents

Setting up MySQL

Installation

Uli kindly provided a packaged version of MySQL for the NAS in his repository.

MySQL is not installed as part of fun_plug by default, but you should already have downloaded a copy as part of the general tutorial on how to download, install and upgrade packages. Let’s first make sure you still have the latest version (as Uli upgrades his repository regularly).

Note that the installation command below could take a while:

funpkg -i /ffp/pkg/additional/*/mysql-*.tgz

If you have a version of mysql installed that is outdated, you will need to run in upgrade mode instead (see here for help):

funpkg -u /ffp/pkg/additional/*/mysql-*.tgz

Configuration

MySQL can be configured with a file called my.cnf. After installation you can configure several MySQL settings by copying an example-file from /ffp/etc/examples/mysql/ to /ffp/etc/:

cp /ffp/etc/examples/mysql/my-small.cnf /ffp/etc/my.cnf

Directories

MySQL stores the data of its databases in files which are in turn stored in a directory named /srv/mysql/. Instead of creating the directory at that location, you may prefer to create a symbolic link from /srv/ to the target-directory of your choice.
First we create it:

mkdir -p /ffp/opt/srv/mysql
mkdir -p /ffp/opt/srv/tmp/mysql

Now we link it to /srv/:

ln -s /ffp/opt/srv/ /srv

This link will be lost after rebooting the device, so you have to add the following two lines to the end of the file /ffp/etc/fun_plug.init to recreate the link every time the NAS boots. You can edit this file using an editor like nano:

# create custom link to the server-folder
ln -s /ffp/opt/srv/ /srv

Initialization

MySQL needs some internal databases for the initial startup which can be installed by issuing the mysql_install_db command:

cd /srv/
ls -al
/ffp/bin/mysql_install_db
ls -al

This results in several warnings (which you can ignore) about adjusted sizes system- and help tables. Typical partial output:

081116 22:05:32 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295
081116 22:05:32 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295
081116 22:05:32 [Warning] option 'myisam_max_extra_sort_file_size': unsigned value 2147483648 adjusted to 2147483647
081116 22:05:32 [Warning] option 'thread_stack': unsigned value 65536 adjusted to 131072

Now we manually start the MySQL server for further configuration:

sh /ffp/start/mysqld.sh start

Note that you will have to press Enter to get your prompt back (unlike other daemons).

After the first start, we have to secure the installation:

/ffp/bin/mysql_secure_installation

You will be asked several questions (shown below in abridged form) and can answer Y(es) for each of them.
For "Enter current password for root (enter for none):" you press enter because the default root password is empty.
For the new root password, it is best to use a different password than the user root of the system: this is just for owning the administration rights to the database and is unrelated to overall control over the machine.

Enter current password for root (enter for none):
OK, successfully used password, moving on...
 
Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
 
Remove anonymous users? [Y/n] Y
 
Disallow root login remotely? [Y/n] Y
 
Remove test database and access to it? [Y/n] Y
 
Reload privilege tables now? [Y/n] Y
 
All done!

To activate this service permanently on every boot you need to enter this command:

chmod a+x /ffp/start/mysqld.sh

Testing MySQL

After MySQL has started, you can test your installation using the following ways:

Command-line

Enter the following command on the command-line:

mysql -p

This will open a special mysql-command-line, where you can enter regular SQL-Commands. Now change to the database “mysql”:

USE mysql;

Then select the Host, User and Passwort from the Database:

SELECT Host, User, Password FROM user;

Finally exit the mysql-command-line:

exit;

A sample output will look like this:

root@CH3SNAS:/srv/mysql# mysql -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.0.67 Source distribution
 
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
 
mysql> USE mysql;
 
Database changed
mysql> SELECT Host, User, Password FROM user;
 
+-----------+------+-------------------------------------------+
| Host      | User | Password                                  |
+-----------+------+-------------------------------------------+
| localhost | root | *8D2414F01991E3B0B86E14D2469EACA0B6D78B99 |
| CH3SNAS   | root | *8D2414F01991E3B0B86E14D2469EACA0B6D78B99 |
| 127.0.0.1 | root | *8D2414F01991E3B0B86E14D2469EACA0B6D78B99 |
+-----------+------+-------------------------------------------+
3 rows in set (0.01 sec)
 
mysql> exit;
Bye

By the way: As you can see, passwords are crypted (in this case it was “nas-tweaks.net“).

PHP

For the following, you need to install lighttpd and php in case you haven’t already done so.
You also need to enable the mysql module of lighttpd by editing the /ffp/etc/php.ini file:

; Linux extensions
extension=calendar.so
;extension=ctype.so
;extension=ftp.so
;extension=gd.so
;extension=mbstring.so
extension=mysql.so
;etc

Make sure you define the folder which contains all the above modules in line 536 of the php.ini file. Usually it should be:

extension_dir = "/ffp/lib/php/extensions/no-debug-non-zts-20060613/"

You will need to restart the web server if you enabled the my-sql extension, or changed the extension_dir using:

sh /ffp/start/lighttpd.sh restart

Then place a file called testmysql.php in the document-root (as configured here e.g. /srv/www/pages) with the following content (replace YOURROOTPASS with the password of mysql user root):

<?php
// Connect to the database
mysql_connect("localhost", "root","YOURROOTPASS");
// Select the database "mysql"
mysql_select_db("mysql");
// Query the database for the Users:
$result = mysql_query("SELECT Host, User, Password FROM user;");
// Print the results
while($row = mysql_fetch_object($result))
{
	echo $row->User . "@" . $row->Host . " has the encrypted password: " . $row->Password;
}
// Close the connection to the database
mysql_close();
?>

If opening this page in your browser doesn’t give the expected results, check the password, and if needed close and open the browser again.

When you are done, you may want remove the root password (or delete this .php file) to avoid exposing the mysql password in the line mysql_connect("localhost", "root","YOURROOTPASS");.

Users and privileges

Adding additional Users

As you should never use the root-password of your database, you can add additional users in the mysql-command-line (enter “mysql -uroot -p” on the command-line).
Please consult the mysql-manual for more examples.

  • A User with all privileges, who can only connect from localhost:
    GRANT ALL PRIVILEGES ON *.* TO 'YOURUSERNAME'@'localhost' IDENTIFIED BY 'YOURPASSWORD' WITH GRANT OPTION;
  • A User with limited privileges, who can only connect from localhost:
    GRANT SELECT,INSERT,UPDATE,DELETE ON *.* TO 'YOUROTHERUSERNAME'@'localhost' IDENTIFIED BY 'YOUROTHERPASSWORD' WITH GRANT OPTION;
  • A User with limited privileges on a certain database:
    CREATE DATABASE databasename;
    GRANT SELECT,INSERT,UPDATE,DELETE ON databasename.* TO 'YOURSPECIALUSERNAME'@'localhost' IDENTIFIED BY 'YOURSPECIALPASSWORD' WITH GRANT OPTION;

After you send add or alter the rights, please make sure, that these get loaded by executing the following command in the mysql-command-line:

FLUSH PRIVILEGES;

Allowing external access

Per default external access is not allowed as this is a security risk. But many tools like HeidiSQL or other external administrator-programs rely on access from the outside of your NAS.

Caution: You should explicitly check the rights of your users! All MySQL-users should have passwords!

First follow the section on “running mysql under a user with limited rights“, then follow these instructions:

Stop the mysql-server:

sh /ffp/start/mysqld.sh stop

Edit /ffp/etc/my.cnf and add a comment to the line skip-networking, so that it looks like this:

#skip-networking

Edit /ffp/start/mysqld.sh and find the line beginning with mysqld_flags and remove “--skip-networking” between the two quotation marks. Save the file afterwards.

Running mysql under a user with limited rights

Per default the MySQL gets started with root-rights. This means, that if the MySQL-server is breached by a intruder, the system probably can be corrupted. Be advised to use the mysql-server only in secure areas (e.g. your local LAN without internet access) and to disable external access (default).

If you want to secure your installation please follow the following steps:

Stop the mysql-server:

sh /ffp/start/mysqld.sh stop

Add a new user with limited rights:

useradd -U -s /bin/false mysql
store-passwd.sh

This will create a user mysql who is in the group mysql (-U add a new group) and who cannot log in. It will probably show up in the Webinterface, but cannot be used!

This user needs access to the directories of MySQL:

cd /srv
chown -R mysql:mysql mysql
cd /ffp/var/run/
chown mysql:mysql mysql

Edit /ffp/start/mysqld.sh and find the line beginning with mysqld_flags and remove “--user=root” between the two quotation marks. Save the file afterwards.

Then start MySQL again:

sh /ffp/start/mysqld.sh start

With these changes, MySQL is started under the user mysql.

Removing MySQL

If you want to remove MySQL and its databases, you proceed like described in the general tutorial on packages.
First, stop mysql:

sh /ffp/start/mysqld.sh stop

Then remove the package with funpkg:

funpkg -r /ffp/pkg/additional/*/mysql*.tgz

Afterwards you have to remove the databases (careful!). Change to the folder /srv/ and delete the folder mysql:

cd /srv/
rm -R mysql

Furthermore, you should undo the change in /ffp/etc/fun_plug.init, possibly remove the (harmless) symbolic link /srv/, but especially disable execution of the startup script:

chmod a-x /ffp/start/mysqld.sh

Voilá, MySQL is removed.

Installation and Configuration of PHP on Fonz fun_plug 0.5

German version of this tutorial

This tutorial is deprecated and should only be used with fonz fun_plug 0.5!
Please check the tutorial page for updated tutorials on this topic!

PHP is a server-side scripting language that is widely used for developing dynamic web sites. PHP allows custom software to run on the server (in our case the NAS) hosting the web site.

Logo of PHPPHP scripts are typically embedded in HTML pages. When a browser requests such a HTML page, the scripts are executed by the PHP add-in module of the HTTP server (here: lighttpd). Usually the PHP code inserts some additional HTML content into the version of the HTML page that gets sent to the browser. The browser (“client”) itself thus doesn’t see the scripts which were executed on the server.

In this tutorial we assume that the lighttpd HTTP server is already installed on the NAS (see tutorial on installing lighttpd On bigger systems, PHP is sometimes used in combination with an Apache server (instead of the leaner lighttpd) and an SQL database. This widely-used bundle of software tools is sometimes known as LAMP: Linux, Apache, MySQL, PHP. The installation of MySQL on the NAS is covered in another tutorial.

Contents

PHP uses

With regular HTML pages, your web server can only provide static content: all users see the same set of pages and the pages don’t change until someone (e.g. manually) updates the stored HTML pages. A server-side scripting language like PHP helps if you need to add dynamic content, such as a visitor counter (see example code below) or maybe news-of-the-day.
Public domain as well as proprietary PHP software is available for various applications including:

Setting up PHP

Installation

Uli kindly provided a packaged version of php for the NAS in his repository.

PHP is not installed as part of fun_plug by default, but you should already have downloaded a copy as part of the general tutorial on how to download, install and upgrade packages. Let’s make sure you still have the latest version (as Uli upgrades his repository regularly). Note that the rsync command could take a while because it can download multiple packages depending on what is already in your /ffp/pkg/packages directory. Also note that you have to install curl additionally! As of PHP 5.2.17 you also have to install libiconv which is in fonz repository.

cd /ffp/pkg
funpkg -i /ffp/pkg/additional/dev-lang/php-*.tgz
funpkg -i /ffp/pkg/additional/net-misc/curl-*.tgz
funpkg -i /ffp/pkg/packages/libiconv-*.tgz

If you have a version of php installed that is outdated, you will need to run in upgrade mode instead (see here for help). Still, make sure you have curl and libiconv installed!

funpkg -u /ffp/pkg/additional/dev-lang/php-*.tgz
funpkg -u /ffp/pkg/additional/net-misc/curl-*.tgz
funpkg -u /ffp/pkg/packages/libiconv-*.tgz

Configuring PHP

PHP is configured with a file called php.ini. You thus need to copy one of the example-files from /ffp/etc/examples/ to /ffp/etc/ while renaming it to php.ini:

cp /ffp/etc/examples/php.ini-wolfuli /ffp/etc/php.ini

Configuring Lighttpd

To use PHP with the lighttpd-webserver, you have to use another configuration file as explained in the section on config files in the tutorial.

If you have a NAS other than the DNS-320, you execute the following:

cp /ffp/etc/examples/lighttpd.conf-with-php /ffp/etc/lighttpd.conf

If you have a DNS-320, you execute:

cp /ffp/etc/examples/lighttpd.conf-dns320 /ffp/etc/lighttpd.conf

Activation

Restart lighttpd to load the new configuration – including the PHP module. This can be done by rebooting the entire NAS or using

cd /ffp/start
sh lighttpd.sh restart

Testing PHP

You can test your installation of PHP by placing a file called index.php in the server.document-root directory (e.g. /mnt/HD_a2/www/pages) with the following content:

<H1>This is normal HTML</H1>
But the <U>following table</U> is generated by PHP:
<?php
phpinfo();
?>

PHP configuration information
PHP configuration information
Now go to the website on your NAS using the configured address and e.g. http://CH3SNAS:80. You should see a long page with configuration information for the PHP server as shown in the picture). This output is generated by the function call “phpinfo()“.

Using PHP

Let us now go back to a somewhat less intimidating and possibly even boring example: the standard “Hello World” in PHP. Copy and paste the following text to a file named helloworld.php and store it in the server.document-root:

<?php
echo "Hello World";
?>

Then go to the website on your NAS using the configured address and port and add /helloworld.php (the address may look like this: http://CH3SNAS/helloworld.php).

The following example shows a more complete web page (adapted from the lighttpd tutorial). It adds 3 features:

  • visitors are greeted using their IP address (using the $_SERVER['REMOTE_ADDR'])
  • any viewing of the web page triggers updates to a file (counter.txt) stored on the NAS
  • the web site uses counter.txt to show how often the page has been viewed

This requires three fragments of PHP code, each enclosed between and ?> tokens:

 
<?php
$fname = "counter.txt";             // The file where the number of hits gets stored
if(!file_exists($fname)) {          // If file doesn't exist..
    $countfile=fopen($fname,"a");   // .. create it
    $counter=0;                     // .. and initialize hit counter to zero
}
else {
    $countfile=fopen($fname,"r+");  // Open for read and write
    $counter=fgets($countfile,100); // Load number of hits by reading first 100 bytes
    rewind($countfile);             // Reset the file pointer to overwrite old counter value
}
$counter++;                         // Increment counter by one
fputs($countfile,$counter);         // Write the new value to the file
fclose($countfile);                 // Close the File
?>
 
<html>
    <head>
        <title>Hello PHP World!</title>
        <style type="text/css">
        <!--
                        h1 {text-align:center; font-family:Arial, Helvetica, Sans-Serif;}
                        h2 {text-align:center;}
                        p  {text-indent:20px;}
        -->
        </style>
    </head>
 
    <body bgcolor = "#ffffcc" text = "#0000ff">
        <h1>Welcome, <?php echo $_SERVER['REMOTE_ADDR']; ?>, <BR>to the PHP world</h1>
        <h2>This page was viewed <?php echo $counter; ?> times</h2>
        <p><A HREF="page1.html">Link to page1</A></p>
        <p><A HREF="page2.html">Link to page2</A></p>
        <p><A HREF="https://nas-tweaks.net/">external link</A></p>
    </body>
</html>

Output of final example
Output of final example
HTML output as visible using the browser's View Source feature
HTML output as visible using the browser's View Source feature

The first and by far the longest PHP section looks to see if a file name counter.txt exists in the server.document-root If it doesn't exist, it creates it and decides there have been zero hits so far ($counter=0). Note that variables in PHP do not need to be declared and start with a $ and that no clear distinctions are made between numeric and string variables: conversions are done on demand.

If the file already exists, the first 100 bytes (should be enough for a decent number) are copied into $counter. Then $counter is incremented, written to the counter.txt file and the file is closed.

The remaining HTML code is similar to the code in the lighttpd tutorial. In the level one header (H1), a string is generated by a PHP echo command which prints the IP address of the remote client. In the level two header the value of $counter that was previously computed is used.

Optional: Using shared extensions

PHP allows the use of additional modules, so called "shared extensions". E.g. there is calendar for calendar-related functions. The modules are stored in /ffp/lib/php/extensions/no-debug-non-zts-20060613/.

Available modules

You can list the available modules using:

ls -al /ffp/lib/php/extensions/no-debug-non-zts-20060613/*.so

As of version php-5.2.6-3 the following modules are available:

Module Description Requires installation of ffp package
calendar functions related to days/months/years and Unix timestamps -
ctype character type checking -
ftp File Transfer Protocol -
gd image processing libjpeg, libpng
mbstring manipulation of non-ASCII strings (e.g. unicode) -
mysql MySQL database access mysql
pdo PHP data objects -
pdo_mysql PDO interface to the MySQL database mysql
pdo_sqlite PDO interface to the SQLlite database -
sqlite SQLlite database access -
tokenizer access to PHP tokens found by the lexical analyzer -
zlib .gz file compression -

Editing php.ini

If you want to add one or more modules, you need to edit the file /ffp/etc/php.ini.
Open php.ini and find:

;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;

And add below the extension you want. E.g. to enable the calendar extension, you add:

; Linux extensions
extension=calendar.so
;extension=ctype.so
;extension=ftp.so

Afterwards you have to restart lighttpd to load the changes.

Demo of calendar extension

To see whether or not calendar was indeed loaded, you could run the PHPinfo.php script shown above.
Or run a script calendar.php containing:

<?php
for ($year=2000;$year<2011;$year++) {
    $days = cal_days_in_month(CAL_GREGORIAN,2,$year);
    echo "February in $year has $days days <BR>";
}
?>

Notes

PHP and HTML

A page with PHP code is generally stored on disk as HTML code with one or more fragments of embedded PHP. When the HTTP sends delivers the actual page to the browser ("client") the PHP sections have been interpreted and removed. In general they have been replaced by additional HTML code (see the counter example above). The receiving client thus does not see the PHP code and cannot even directly know whether PHP has been used to generate the served page.

Short open tag

If you want to use "<?" instead of "<?php" to mark the start of PHP code fragments, you need to change change the value of "short_open_tag" (line 131) in /ffp/etc/php.ini file to On:

short_open_tag = On

This is a matter of taste and convenience. When you distribute PHP code for use in other servers, you need to keep in mind that they may be set to short_open_tag = Off.

File extensions and default file names

HTML pages containing PHP code should have a .php extension. This tells the lighttpd server to pass the code via the PHP preprocessor before sending it across the network.

When you access the lighttpd server without providing a specific file name, it successively checks for files in the server.document-root directory(typically /srv/www/pages/) named

  • index.php
  • index.html
  • index.htm
  • default.htm

This is defined in a parameter called index-file.names in the lighttpd.conf file. As the list suggests, if you have both an index.php file and an index.html file in the same directory, the index.php file has precedence. If you explicitly ask for index.html, however, you will get that file instead of index.php.

Stateless

Note that after a page has been processed, when a new request for the same page is made by the same or another client, all computation starts from scratch: PHP is "stateless" in the sense that variables such as $counter are all lost after the page request has been completed. So the only way to track state in a PHP server is to store information in a file (as in counter.txt above), to store information in a database (another tutorial), or to assume the client maintains any relevant information between one page request and the next one.

Learning the PHP language

There are numerous books (printed and online) on PHP. See for example php.net.

Dealing with PHP errors

PHP syntax errors messages are appended to the Lighttpd error.log file. So if you are experimenting with- or developing PHP code, it can help to keep an eye on that file.

Installation and Configuration of the Webserver lighttpd for Fonz fun_plug

LIGHTTPD Logo
LIGHTTPD Logo
This tutorial is deprecated and should only be used with fonz fun_plug 0.5!
Please check the tutorial page for updated tutorials on this topic!

The lighttpd daemon is a lightweight web server. Its main task is to respond to HTTP requests. In other words, it allows HTTP clients (such as Internet Explorer and Firefox) to retrieve hyperlinked HTML pages stored on a web site stored on the CH3SNAS.

In terms of complexity, lighttpd lies between the basic GoAhead HTTP server (which comes with the CH3SNAS) and an Apache server.

Contents

Example uses

German version of this tutorialThe lighttpd server allows you to build a web site which is accessible via your local area network (LAN). If you configure your router’s firewall properly, you can also let others access the website via the Internet. Opening your firewall to give access to outside HTTP requests obviously requires paying some attention to security.

A basic web site consists of a collection of HTML pages which provide text, links, images, documents, etc. HTML pages can be written with an ASCII editor. There are numerous books and online tutorials on how to create basic and advanced web pages directly in HTML. This can be worth trying if you want to understand how the World Wide Web works: HTML is the main technology behind WWW.

In recent years, however, the average web page has gotten increasingly sophisticated in terms of its technical and visual design. Furthermore, the content of many web sites has become dynamic: what you see in your browser often changes daily (the weather, the news, a blog, photos). Such dynamic HTML pages are generated (by running programs or scripts) whenever the set of HTML pages needs to be updated, or are created on the fly whenever the server receives a page request.

Some examples of what you can do with a web site consisting of basic, static HTML served via lighttpd:

  • a basic home page telling who you are
  • a set of pages about your hobby, your recipes, or reporting on your holiday trip (all with embedded pictures)

Using this approach you “program” your page using the HTML language.

Examples of ways to generate ”’fancier static HTML”’ pages using software:

  • Microsoft Word can generate a HTML version of a document (including formatting, links and pictures)
  • professional photographers may use Photoshop Lightroom to generate an online gallery of sample pictures

Using this approach you use software to generate the HTML pages. This means you don’t need to learn (much) HTML, but instead need to learn how to use the (often fancy) software. All-in-all this can save you some typing and helps generate a uniform look for the web site.

Examples of applications involving generating dynamic HTML pages:

  • a Blog or Forum contains HTML forms that allow users to type in text that is appended to certain pages. Example: NAS-Tweaks uses a PHP server and software by WordPress for its Blog. Often this approach uses a database like MySQL to store and manage the raw data used to generate the HTML.
  • many well-known Web 2.0 sites that provide a service for you (WikiPedia, Google Maps, YouTube, Flickr)

Using using this approach, software generates HTML pages on demand, keeps the pages updated, and allows interaction with the user. If you go overboard on this, and manage to get the users of your website to provide content which keeps you web site interesting, you can call this Web 2.0 and tell your friends you may become rich – someday.
This kind of software is often known as Content Management Systems and includes engines like Drupal, Joomla, Mediawiki (as used by Wikipedia) and WordPress (as used for blogs).

Setting up Lighttpd

Installation

By default a lighttpd is already installed with the fun_plug packages. But there is an update available. Before you can install it, be sure to synchronize my repository. Then update using the following command:

funpkg -u /ffp/pkg/additional/*/lighttpd-*.tgz

If you didn’t install all packages from the “packages”-directory (why not?), you should execute at least the installation of the OpenSSL-package:

funpkg -i /ffp/pkg/packages/openssl-*.tgz

Directories

The default lighttpd configuration needs a small directory tree where it can store logfiles and retrieve the data to display to the users. Instead of creating the directory at that location, you may prefer to create a symbolic link from /srv/ to the target-directory of your choice.

mkdir -p /ffp/opt/srv/mysql
ln -s /ffp/opt/srv/ /srv

This link will be lost after rebooting the device, so you have to add the following two lines to the end of the file /ffp/etc/fun_plug.init to recreate the link every time the NAS boots. You can edit this file using an editor like nano. Use the following for all NAS other than the DNS-320 or DNS-325:

# create custom link to the server-folder
ln -s /ffp/opt/srv/ /srv

Now create the folders for the webserver:

mkdir -p /srv/www/pages
mkdir -p /srv/www/logs
mkdir -p /srv/tmp

The folder /srv/www/pages is the default location for the web site itself. The location is set via a parameter called server.document-root in the /ffp/etc/lighttpd.conf file. This means that any directories below server.document-root are visible via the HTTP server (careful), while any other directories are not visible.

The folder /srv/www/logs is for log files in which lighttpd can record what happened.

HTML test pages

Within the www folder, you should create a home page named index.html containing the following ASCII text. Note that the indentation is only for readability and can be (and often is) omitted. You don’t need to worry about using Linux or Windows end-of-line conventions here (both work). You may have to adapt the line CH3SNAS:81 to reflect the network name of your NAS or use its IP address instead (e.g. 192.168.0.20:81).

<html>
    <head>
        <title>Hello world</title>
        <style type="text/css">
            <!--
                h1 {text-align:center;
                    font-family:Arial, Helvetica, Sans-Serif;}
                p  {text-indent:20px;}
            -->
        </style>
    </head>
 
    <body bgcolor="#ffffcc" text="#0000ff">
        <h1>Hello, CH3SNAS Tweak'n World!</h1><p>
        <A HREF="page1.html">Link to local page1</A><p>
        <A HREF="page2.html">Link to local page2</A><p>
        <A HREF="http://CH3SNAS:81">Configure the CH3SNAS</A><p>
        <A HREF="https://nas-tweaks.net/CH3SNAS:Tutorials/lighttpd">external link to the Lighttpd tutorial</A>
    </body>
</html>

The HTML code consists of a head and a body section. The head contains the title (shown at the top of the browser window) and, in this case, defines formatting styles for Header1 and new paragraph (<p>).
The body starts with a header, followed by four links (“<A>nchors”) to other pages, to the original HTML configuration page for the CH3SNAS (on port 81 instead of the default 80) and a link to a remote web site.

Then create page1.html in the same directory containing:

<html>
    <head>
        <title>Page #1</title>
        <style type="text/css">
            <!--
                h1 {text-align:center;
                font-family:Arial, Helvetica, Sans-Serif;}
                p {text-indent:20px;}
            -->
        </style>
    </head>
 
    <body bgcolor = "#ffffcc" text = "#0000ff">
        <h1>Page 1</h1><p>
        <A HREF="index.html">Home</A><p>
        <A HREF="page2.html">Link to page2</A><p>
    </body>
</html>

Similarly you can create page2.html in the same directory:

<html>
    <head>
        <title>Page #2</title>
        <style type="text/css">
            <!--
                h1 {text-align:center;
                font-family:Arial, Helvetica, Sans-Serif;}
                p {text-indent:20px;}
            -->
        </style>
    </head>
 
    <body bgcolor = "#ffffcc" text = "#0000ff">
        <h1>Page 2</h1><p>
        <A HREF="index.html">Home</A><p>
        <A HREF="page1.html">Link to page1</A><p>
    </body>
</html>

Enabling lighttpd

This tutorial assumes that fun_plug is installed and that you have installed the additional packages (these include lighttpd). You can test whether lighttpd is installed using

which lighttpd

on the ssh command line. If it is installed, it will respond with the location of the lighttpd script file: /ffp/sbin/lighttpd.

Waking up daemons

Next we need to enable the lighttpd server from the command line (see the packages tutorial for a detailed explanation):

chmod a+x /ffp/start/lighttpd.sh

and enable a script which disables the standard HTML server called webs (if you are running a DNS-320 / DNS-325 please skip this step and go to the following section):

chmod a+x /ffp/start/kickwebs.sh

The standard “webs” server then restarts automatically within a few minutes, but moves to port 81 because the standard HTTP port (80) is already occupied by the lighttpd server.

If you are running a DNS-320 or a DNS-325, you need to enable “kickwebs_dns320.sh” for kicking the internal lighttpd (which is used for the Webinterface of the Device) from Port 80:

chmod a+x /ffp/start/kickwebs_dns320.sh

Note that the chmod commands only take effect on the next reboot. If you would reboot now, however, nothing changes. If you want to try, you can see test this manually using:

sh /ffp/start/kickwebs.sh start # When you run a Device other than DNS-320 / DNS-325
sh /ffp/start/kickwebs_dns320.sh start # When you run a DNS-320 / DNS-325
sh /ffp/start/lighttpd.sh start

Unless you have installed the server before, you will get the error message /ffp/etc/lighttpd.conf: Required file not found or not readable. Which, by Linux standards is an unusually clear error message: a file with configuration settings for lighttpd is missing in the /ffp/etc directory (see the packages tutorial for more explanation).

lighttpd.conf

We can resolve the missing /ffp/etc/lighttpd.conf file by copying the file from the directory /ffp/etc/examples/. If you are not on a DNS-320 or a DNS-325 and you don’t need PHP, then run the following command:

cp /ffp/etc/examples/lighttpd.conf /ffp/etc/

This copies one of the two supplied configuration files from the /ffp/etc/examples subdirectory to the /ffp/etc directory.
if you want to run PHP and you are not on a DNS-320 or a DNS-325, then run the following:

cp /ffp/etc/examples/lighttpd.conf-with-php /ffp/etc/lighttpd.conf

If you are on the DNS-320 or DNS-325, you have no choice but to run the Webserver with PHP (Please configure PHP before you try starting lighttpd again!):

cp /ffp/etc/examples/lighttpd.conf-dns320 /ffp/etc/lighttpd.conf

Port insight

Next we can try starting lighttpd manually again to see how we are doing:

sh /ffp/start/kickwebs.sh start # When you run a Device other than DNS-320/DNS-325
sh /ffp/start/kickwebs_dns320.sh start # When you run a DNS-320 / DNS-325
sh /ffp/start/lighttpd.sh start
sh /ffp/start/lighttpd.sh status

Example HTML page being hosted by Lighttpd
Example HTML page being hosted by Lighttpd
As, this suggests that lighttpd is now happily running, we try typing http://CH3SNAS:81 in the address bar of your Web browser. Note that if your network name for the device differs from “CH3SNAS“, use that name or its IP address instead. You should now get the standard configuration screen. Please remember the :81 port number in case you need to access it in the future (it is one more than the standard port 80 used for HTTP servers – which you can look up on the internet). You can close that screen – it was only to demonstrate that kickwebs.sh did its job.

We now try entering http://CH3SNAS in the address bar of the Web browser. If all goes well, you will see the expected web page.

To boot or not to boot

Remember that you now have a lighttpd running on port 80 each time you boot the NAS. If you want to connect to the Webinterface of the NAS, connect to Port 81.

Testing Lighttpd

At this point, you can enter any of the following into your browser’s address bar (assuming CH3SNAS is the correct network name of your NAS):

  • http://CH3SNAS:80/index.html
  • http://CH3SNAS:80 – index.html is a default for browsers
  • http://CH3SNAS – port 80 is default for HTTP
  • CH3SNAS – http is the default protocol for web browsers

Notes

The log files

The directory /srv/www/logs contain log files which respectively record the access to the server and any errors (including starting and stopping) reported by the server.

-rw-r--r-- 1 root  root    0 Oct 19 17:06 access.log
-rw-r--r-- 1 root  root   48 Oct 19 17:06 error.log

The file access.log contains timestamped records which are appended whenever a file on the server is accessed via HTTP (which file, which IP address, HTTP statuscode, browser used). Here is a schematic line from the access.log file:

client_IP server_URL - [date:time +0200] "GET /path/file_1.jpg HTTP/1.1" status_code file_length "-" "client_browser_type"

If you want to clear the log files, one quick-and-dirty way to do so is to delete them and restart the CH3SNAS. The lighttpd server will regenerate the log files when it is started. A quicker approach is to restart the lighttpd server using:

rm /srv/logs/access.log
cd /ffp/start
sh lighttpd.sh restart

Now What?

You should now install PHP if not already installed and try using MySQL. Have fun 🙂

Installation of nano on fun_plug 0.5 for CH3SNAS, CH3MNAS, DNS-323 and many more

German version of this tutorial

This tutorial is deprecated and should only be used with fonz fun_plug 0.5!
Please check the tutorial page for updated tutorials on this topic!

After the installation of the fun_plug the only available editor is “vi”, which is not really considered a “newbie“-friendly editor. The nano editor is much easier to use and largely self-explanatory. If you nevertheless want more information on the GNU nano editor, see its home page.

Installation

In this tutorial we assume that the fun_plug is already installed on the NAS and that you synchronized Uli’s repository (see here for instructions on how to do this). Afterwards install the package (see detailed instructions here):

funpkg -i /ffp/pkg/additional/app-editors/nano*.tgz

Move the configuration-file nanorc from /ffp/etc/examples/ to /ffp/etc/ to get syntax highlighting.

mv /ffp/etc/examples/nanorc /ffp/etc/

Usage

Screenshot of nano running in a PuTTY window
Screenshot of nano running in a PuTTY window
Simply enter “nano ” on the commandline (replacing "" with the name of the file you want to edit).

Basic commands

The commands are shown at the bottom of the nano screen. The main commands are:

  • CTRL + G => Get Help
  • CTRL + O => WriteOut (“Save”)
  • CTRL + W => Where Is (Search for a string in the file)
  • CTRL + C => Cur Pos (Shows the line & column number of the current cursor-position)
  • CTRL + X => Exit (Self explanatory)
  • CTRL + T => Spell checking (if aspell is installed)

Syntax highlighting

To have syntax highlighting for a certain language you have to uncomment it in /ffp/etc/nanorc. Example for PHP:
Search:

## PHP
#include "/ffp/share/nano/php.nanorc"

And remove the comment like this:

## PHP
include "/ffp/share/nano/php.nanorc"

Fixing the NTP Time Synchronization with Fonz funPlug 0.5 for CH3SNAS, CH3MNAS, DNS-323 and many more

German version of this tutorial

This tutorial is deprecated and should only be used with fonz fun_plug 0.5!
Please check the tutorial page for updated tutorials on this topic!

The CH3SNAS has two internal clocks:

  • a real-time hardware clock, which is similar to the chip in a wristwatch. It is powered by a battery inside the CH3SNAS and thus never stops.
  • a software clock, which runs only when the NAS is turned on.

Unfortunately, the software clock drifts from the hardware clock and after a few hours the drift get noticeable (e.g., 16s/hour = 4444 parts per million) and the NAS will show incorrect times for e.g. file modifications. But thanks to NTP (the Network Time Protocol) the clock can be synchronized to one of the atomic clocks on the Internet. The resulting absolute error will be only a fraction of a second (e.g. 10 ms; because of packet delays across the Internet) and the drift will essentially become zero.

Note that this tutorial requires an installed Fonz fun_plug!

Background Information

The time in the Linux Kernel is a standardized value. One day equals 10000 “ticks”, so one tick = 8.64 s. Most of the CH3SNAS drift about 16s/hour, wich equals a drift of 384 seconds or 44.444 ticks/day. This value has to be subtracted from the 10000 Ticks of the Kernel and has to be set as the new number of ticks per day. In our case this 10000-44.444 = ~ 9956 Ticks. As you can see, this value is only an estimation because the drift is an estimation. As it will take a lot of time to get the exact value for the ticks, you can simply estimate them and synchronize periodically with a timeserver to reduce the clock drift.

As you can see below, there are two choices for the synchronization. Regular synchronization via Cron should be chosen over using the NTP-Daemon as the latter seems to cause the following two lines in dmesg reappearing over and over again until the device gets restarted:

kernel: TWSI: mvTwsiStartBitSet ERROR - Start Clear bit TimeOut .
kernel: TWSI: mvTwsiStopBitSet ERROR - Stop bit TimeOut .

The Procedure

Time-Synchronization via Cron

Simply add the following lines to /ffp/etc/fun_plug.local, e.g. with nano:

# This removes firmware cronjobs that interfere with ntpd.
crontab -l | grep -vw '/usr/sbin/daylight' | grep -vw '/usr/sbin/rtc' | crontab -
#Now start the ntp every hour
echo "1 * * * * /usr/sbin/sntp -r -P no de.pool.ntp.org" >> /var/spool/cron/crontabs/root
# force a cronjob update
echo "root" >> /var/spool/cron/crontabs/cron.update

Reboot the device.

Sidemark: If the NTP-Service has been deactivated before the restart.

NTP-Daemon

As described above, this method seems to cause the TWSI-problems and is here only for historical reasons. Probably due to the concurrent access to this Two-Wire-Serial-Interface by the ntp-daemon and the fancontrol.

Activating the Service

Mark the service ntpd as excutable:

chmod +x /ffp/start/ntpd.sh

Configuration of the Service

Copy the Example-Configuration from /ffp/etc/examples to /ffp/etc/:

cp /ffp/etc/examples/fun_plug.local /ffp/etc/fun_plug.local
cp /ffp/etc/examples/ntp.conf /ffp/etc/ntp.conf

Edit the /ffp/etc/ntp.conf to change the time servers to servers which are geographically close. You can search for them here.
Quick possibility: Change them to general ones:

server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server 3.pool.ntp.org iburst

With this configuration both clocks get adjusted to the German timezone. If you want to change the timezone, you have to edit the /ffp/etc/fun_plug.local.
The string for Germany is (also change the timeserver, as this one is for Germany):

timezone="CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00"
timeserv=de.pool.ntp.org

Change it according to your Timezone. You can find possible ones in the appendix

Start the Service

You can now start the service manually or you can perform a reboot (it will be started during the bootup):

/ffp/start/ntpd.sh start

Finetuning

After a few hours you can find a file called /ffp/etc/npd.drift on you CH3SNAS. If the Value is +500 or -500, you have to adjust the number of ticks in the file /ffp/etc/fun_plug.local. fonz has set this to ”tick=9965”, which may be right for your device. If not, try reducing or incrementing this value to reduce the drift.

Appendix: Example Timezone Strings

Country City String
Australia Melbourne,Canberra,Sydney EST-10EDT-11,M10.5.0/02:00:00,M3.5.0/03:00:00
Australia Perth WST-8
Australia Brisbane EST-10
Australia Adelaide CST-9:30CDT-10:30,M10.5.0/02:00:00,M3.5.0/03:00:00
Australia Darwin CST-9:30
Australia Hobart EST-10EDT-11,M10.1.0/02:00:00,M3.5.0/03:00:00
Europe Amsterdam,Netherlands CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Athens,Greece EET-2EEST-3,M3.5.0/03:00:00,M10.5.0/04:00:00
Europe Barcelona,Spain CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Berlin,Germany CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Brussels,Belgium CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Budapest,Hungary CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Copenhagen,Denmark CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Dublin,Ireland GMT+0IST-1,M3.5.0/01:00:00,M10.5.0/02:00:00
Europe Geneva,Switzerland CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Helsinki,Finland EET-2EEST-3,M3.5.0/03:00:00,M10.5.0/04:00:00
Europe Kyiv,Ukraine EET-2EEST,M3.5.0/3,M10.5.0/4
Europe Lisbon,Portugal WET-0WEST-1,M3.5.0/01:00:00,M10.5.0/02:00:00
Europe London,GreatBritain GMT+0BST-1,M3.5.0/01:00:00,M10.5.0/02:00:00
Europe Madrid,Spain CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Oslo,Norway CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Paris,France CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Prague,CzechRepublic CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Roma,Italy CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
Europe Moscow,Russia MSK-3MSD,M3.5.0/2,M10.5.0/3
Europe St.Petersburg,Russia MST-3MDT,M3.5.0/2,M10.5.0/3
Europe Stockholm,Sweden CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00
New Zealand Auckland, Wellington NZST-12NZDT-13,M10.1.0/02:00:00,M3.3.0/03:00:00
USA & Canada Hawaii Time HAW10
USA & Canada Alaska Time AKST9AKDT
USA & Canada Pacific Time PST8PDT
USA & Canada Mountain Time MST7MDT
USA & Canada Mountain Time (Arizona, no DST) MST7
USA & Canada Central Time CST6CDT
USA & Canada Eastern Time EST5EDT
Atlantic Atlantic Time AST4ADT
Asia Jakarta WIB-7
Asia Jerusalem GMT+2
Asia Singapore SGT-8
Asia Ulaanbaatar, Mongolia ULAT-8ULAST,M3.5.0/2,M9.5.0/2
Central and South America Brazil,Sao Paulo BRST+3BRDT+2,M10.3.0,M2.3.0
Central and South America Argentina UTC+3
Central and South America Central America CST+6

Installation of the Fonz fun_plug 0.5 for CH3SNAS, CH3MNAS, DNS-323 and many more

This tutorial is outdated and no longer maintained! Please check for the current tutorial here

German version of this tutorialThe Conceptronic CH3SNAS runs an embedded version of the Linux operating system (OS). This includes a kernel and various Linux programs (mainly servers). Because the CH3SNAS (and many others) runs on an ARM processor, the executable version of Linux and the programs are binaries generated for the ARM processor.

The Firmwares includes a very interesting bonus: the user can execute a script (file) named “fun_plug” when the OS is booted. Unlike all the other Linux software which is loaded when the NAS boots, this file is located on Volume_1 of the hard disk rather than within the flash memory. This means the user can easily and safely modify the file because the contents of the flash memory is not changed. If you delete the fun_plug file (see here for instructions), or replace your hard disk, the modification is gone.

Fun_plug allows the user to start additional programs and tools on the NAS. A Berlin-based developer named “Fonz” created a package called “ffp” (Fonz fun_plug), which includes the script and some extra software which can be invoked by fun_plug.

Installation of fun_plug is easy and takes about 6 steps (with two optional more if you want to do some sightseeing rather than just racing over the Autobahn). These steps should be performed carefully, as they depend on typed commands and running with “root” privileges.

Contents

Purpose, risks, and benefits

Fun_plug is essentially a technique to stepwise turn a NAS with fixed out-of-the-box functionality into an open Linux machine on which you can install additional software packages and, if you want, learn a bit about Linux.

Responsibility

This also implies that you are (temporarily or permanently) turning a stable turnkey system into a system that Conceptronic no longer supports. This is similar to buying a notebook with Microsoft software, and installing Linux on it. The shop where you bought it can no longer help you if you claim the audio no longer works. Although there is a Tutorial on how to disable and even remove fun_plug, and although the authors have tested their recipes, checked the wording and added warnings, these are advanced tools which can, if you experiment more than your own know-how can handle, give advanced problems.

Risks involved in all this are not so much damaging your hardware (shouldn’t be possible), but loss of reliability of the NAS (you bought a file server to reliably store files, didn’t you). This risk may be acceptable because the software was preintegrated and tested by competent people. But you yourself are, at the end of the day, responsible for deciding to use this.

Possibly a less obvious, but more real risk is that some kind of extensions to the NAS (e.g. adding a server) imply that you may decide to open your local network a bit to the outside world. For example, to allow others to view your holiday videos stored on the device. The out-of-the-box NAS can already have this problem (via the ftp server). The point here is that you are responsible for the security of your device and entire network. This site doesn’t even have tutorials on basic security issues like firewalls, etc. because these are all NAS independent and the tutorials would never be foolproof anyway. So when used wrongly, the NAS and firewall obviously do allow others to read more data than you intended. Or to delete your valuable data. Or to replace software by other software (chance is small, but the impact is high).

Conclusion: as the NAS is a powerful networked device, and as these tutorials can help you make it even more powerful, you are responsibility for having the basic understanding of networked security. Again, this also applies to an out-of-the-box NAS. But the more you mess with it, the more you need to apply some common sense. This is incidentally the reason why we provide some explanation on what you are doing in the tutorials, rather than just telling you what to type 😉

Benefits

The main reason why people go this route is to extend their NAS with servers such as BitTorrent clients and Web servers. Other typical uses are to add extensions which fix current limitations of the device (e.g. time accuracy, fan noise).

Technical synopsis

In a first step, we install a script named fun_plug that provides a hook to extend the boot process of Linux on the NAS. That hook was intentionally added by the vendor to enable this. But Conceptronic does not document or support all of this.

An initial set of packages (downloaded as a single compressed archive) gives you enough tools to get started and, if you are curious about the machine or its software, to carefully look around.

This set of tools gives you the ability to install even more software packages (typically servers) from trusted sources. These packages should obviously all have been compiled for the ARM-type processor in the CHS3SNAS and should have been tested on the device (or a very similar device) by a software expert.

Tested Devices

This Tutorial has been tested on various devices. Other devices may work, please leave a comment in case you have tested an additional device.

Steps for installing fun_plug

Download

Download the latest files from fonz’ fun_plug repository:

  • fun_plug (this is a text file, you probably have to right-click to save it to disk)
    Note: If you want to install fun_plug on the D-Link DNS-320/DNS-325/DNS-345, download this file: fun_plug
  • fun_plug.tgz (this is a 10 MByte “tarball” file, roughly the Linux counterpart of a Zip file)

Place a copy of both files in the topmost directory of Volume_1 of your NAS using Windows Explorer (see Screenshot of what shared network drives looks like in Explorer, or alternatively use Samba or FTP).

Option: view the fun_plug script

For fun, you may want to open the file fun_plug by left-clicking here. Alternatively you can open it in Windows’ Wordpad or, better, Notepad++ under Windows. Please be careful not to accidentally modify it. Avoid using Windows’ Notepad for viewing/editing Linux text files: Windows and Linux use different end-of-line conventions.

The script fun_plug is an ASCII file with commands which are executed by the Linux command interpreter (sh for “shell”).

Lines starting with “#” are comments (“#!/bin/sh” is a special case).

You might be able to decode that the program creates a log file called ffp.log (an ASCII file used here to capture the lines which start with “echo”).

Firstly, a number of named constants are defined for various file names and fragments of file names (the lines like “FFP_SOMETHING=...“).

You can see that Fonz developed it for a D-Link DNS-323 (rather than a Conceptronic CH3SNAS, but this doesn’t matter as Uli, PeterH and others have tested in on the CH3SNAS).

The command date will copy the current date and time to the log file.

Next, a first script setup.sh is run if it is found in the expected /mnt/HD_a2/.bootstrap/ folder. Initially it will not be found.

Then a new directory “ffp” is created (mkdir) and the fun_plug.tgz file is unpacked (tar) into that directory. This step is a bit more complex than normal due to a problem with the tar version supplied with the NAS. As a workaround tar is run twice (first the older version, and then the tar version which was untarred from fun_plug.tgz).

If all went well, the log file gets an extra “OK” string. And the tarball input file is deleted (rm). This obviously only happens once (the script skips the unpacking if the tarball file is not found using the if [condition]; commands fi construct).

The “chown” is about changing ownership for a program called busybox. And “chmod” is about changing access privileges.

Then, a script file /ffp/etc/fun_plug.init (“containing the ffp-scripts package”) is executed if it is detected.

Next, a script file /ffp/etc/fun_plug.local is executed if it is detected. It can be used to add your own startup commands: it will not be overwritten by package updates.

Finally, a script file /ffp/etc/rc is run if it exists.

Reboot

Reboot the NAS by holding down the power button 5 seconds or via the web interface (”Tools” -> ”System” -> ”Reboot”). This causes the NAS to go and find the file fun_plug on Volume_1 and execute it.

Option: view ffp.log

If you are interested, you will find that the fun_plug.tgz tarball has disapeared, and has been unpacked into the newly created ffp directory.

You will also find the ffp.log file created during execution of the fun_plug script and while executing some of its commands. It is longish (e.g. 47 KBytes) because the tar program generates a lot of warnings about repairing links (this only happens once). You can view the log file with WordPad or NotePad++.

From now on, whenever the NAS is rebooted and thus the fun_plug script is re-executed, the script appends about 15 extra text lines to the end of this log file. These contain the date/time of reboot and the status of various servers which you may enable in the future (see below). This appending of information to ffp.log gives you one way to determine whether fun_plug is really running: if you last reboot of the NAS is listed, fun_plug and any servers that it actives are running.

Note that the end of the initial log file already states that a server called telnetd is already running. We will use Telnet in the next step.

Connect via telnet

Telnet Session
Telnet Session
After rebooting, you need to connect to the NAS using a protocol called Telnet. Telnet allows you to “login” on a remote machine via a command line window.

Windows users can use an open-source telnet client called PuTTY. PuTTY is a self-contained program: the PuTTY.exe file can be stored wherever convenient and executed without any prior installation. In the PuTTY configuration screen you need to set the following before pressing Open:

  • Host name (or IP address): use the name of the share (e.g. CH3SNAS) or its IP address (the factory default is 192.168.0.20)
  • Select Connection type “Telnet” (which defaults to port 23)

Now you can press Open (PuTTY can save these settings under a default or name if you want, but you will likely be using ssh instead of telnet later on).

Linux users are “supposed to be” familiar with how to use telnet.

After connecting to the device, the first line telnet will show:

/ #

Now you are logged in. This command “prompt” is where you can type in commands. The prompt shows you are in the root directory. Note that Linux command lines are not very communicative. These Rambo-like social skills are generally attributed to Linux’ resource-deprived childhood.

Change root password

We proceed with updating /etc/shadow by using the program pwconv. It uses /etc/passwd to generate the necessary lines in the shadow-file.

pwconv

Now we need to change the password of user “root” to prevent unauthorized access.
Run the passwd command and enter a new password twice (note that Linux passwords are case-sensitive):

passwd

Next, activate the root-user which is disabled by default:

usermod -s /ffp/bin/sh root

And change the home-directory of root to a permanent one:

mkdir -p /ffp/home/root/
usermod -d /ffp/home/root/ root

Now check if everything went right using:

login

If this was successful, proceed to the next step, otherwise return to “passwd“.

Store the password in the NAS. This step is essential, otherwise your password will be cleared on the next reboot! Please check the following section before executing the command itself:

  • Note: For the D-Link DNS-343, you need a different store-passwd.sh script. See DNS-343 store-passwd.sh
  • Note: For the D-Link DNS-320/DNS-325/DNS-345, you need a different store-passwd.sh script. See this entry for further details

Now execute the command:

store-passwd.sh

This invokes another shell (.sh) script which copies the password-related files to data partitions in Flash memory (mtd1 and mtd2).

Activate SSH

Now activate SSH (secure shell: telnet has major security limitations). Such lines can best be copied line-by-line or together into PuTTY:

chmod a+x /ffp/start/sshd.sh
sh /ffp/start/sshd.sh start

First Connection with SSH
First Connection with SSH
Note that executing sshd.sh takes a while to execute and generates three pairs encryption keys for secure communication between the CH3SNAS and a remote client (computer). Each pair has a “fingerprint” for the public key and a corresponding graphical “randomart” image. The fingerprint for the RSA encryption algorithm will incidentally show up again in the next step.

As shown in one of the pictures, the first time you connect to this new (as far as ssh is concerned) machine, you will get a stern warning from ssh. This is because ssh expects to be connecting to this machine through an encrypted connection (now and likely in the future). But ssh wants to be sure that you are connecting to the intended machine rather than to an imposter (“man-in-the-middle”) and has no way of knowing if this is the case. Assuming that you are connecting to via your own (safe) LAN, you don’t need to worry whether the presented identification (public-key fingerprint) is the right one. If you need to connect over the internet (very unlikely) or are paranoid (unlikely), you can follow the confirmation procedure described in this website.

Note that this step associates the name and IP number of your NAS with this public key (this is stored on your computer). This means that during future ssh sessions to this machine the confirmation of the public key is done automatically.

Logging in using SSH

Now you can try to login using an ssh session as user root. This involves starting a second copy of PuttY.

Once you were logged in sucessfully, you can deactivate telnet using:

chmod -x /ffp/start/telnetd.sh

SSH Session
SSH Session
If the login was not successful, please check that you executed all necessary steps from above. If you still cannot login, please contact us in our forums.

Note that at this point telnet is actually still running, but it will stop working the next time you reboot the NAS. Once you have tested that the ssh server and the associated root password, and encryption keys are working fine you can reboot the NAS: from then on your NAS appliance has essentially been turned into a (somewhat) general purpose Linux computer which you can tweak via “normal” (sic) ssh command line sessions.

Now what?

Congratulations! With the last step, you’ve installed your fun_plug 🙂

You can now install additional packages or (carefully) look around using the command line!

Notes

Fun_plug and user accounts

Note that the initial execution of the fun_plug script creates a new usGerman version of this tutorialThe Conceptronic CH3SNAS runs an embedded version of the Linux operating system (OS). This includes a kernel and various Linux programs (mainly servers). Because the CH3SNAS (and many others) runs on an ARM processor, the executable version of Linux and the programs are binaries generated for the ARM processor.

The Firmwares includes a very interesting bonus: the user can execute a script (file) named “fun_plug” when the OS is booted. Unlike all the other Linux software which is loaded when the NAS boots, this file is located on Volume_1 of the hard disk rather than within the flash memory. This means the user can easily and safely modify the file because the contents of the flash memory is not changed. If you delete the fun_plug file (see here for instructions), or replace your hard disk, the modification is gone.

Fun_plug allows the user to start additional programs and tools on the NAS. A Berlin-based developer named “Fonz” created a package called “ffp” (Fonz fun_plug), which includes the script and some extra software which can be invoked by fun_plug.

Installation of fun_plug is easy and takes about 6 steps (with two optional more if you want to do some sightseeing rather than just racing over the Autobahn). These steps should be performed carefully, as they depend on typed commands and running with “root” privileges.

Contents

Purpose, risks, and benefits

Fun_plug is essentially a technique to stepwise turn a NAS with fixed out-of-the-box functionality into an open Linux machine on which you can install additional software packages and, if you want, learn a bit about Linux.

Responsibility

This also implies that you are (temporarily or permanently) turning a stable turnkey system into a system that Conceptronic no longer supports. This is similar to buying a notebook with Microsoft software, and installing Linux on it. The shop where you bought it can no longer help you if you claim the audio no longer works. Although there is a Tutorial on how to disable and even remove fun_plug, and although the authors have tested their recipes, checked the wording and added warnings, these are advanced tools which can, if you experiment more than your own know-how can handle, give advanced problems.

Risks involved in all this are not so much damaging your hardware (shouldn’t be possible), but loss of reliability of the NAS (you bought a file server to reliably store files, didn’t you). This risk may be acceptable because the software was preintegrated and tested by competent people. But you yourself are, at the end of the day, responsible for deciding to use this.

Possibly a less obvious, but more real risk is that some kind of extensions to the NAS (e.g. adding a server) imply that you may decide to open your local network a bit to the outside world. For example, to allow others to view your holiday videos stored on the device. The out-of-the-box NAS can already have this problem (via the ftp server). The point here is that you are responsible for the security of your device and entire network. This site doesn’t even have tutorials on basic security issues like firewalls, etc. because these are all NAS independent and the tutorials would never be foolproof anyway. So when used wrongly, the NAS and firewall obviously do allow others to read more data than you intended. Or to delete your valuable data. Or to replace software by other software (chance is small, but the impact is high).

Conclusion: as the NAS is a powerful networked device, and as these tutorials can help you make it even more powerful, you are responsibility for having the basic understanding of networked security. Again, this also applies to an out-of-the-box NAS. But the more you mess with it, the more you need to apply some common sense. This is incidentally the reason why we provide some explanation on what you are doing in the tutorials, rather than just telling you what to type 😉

Benefits

The main reason why people go this route is to extend their NAS with servers such as BitTorrent clients and Web servers. Other typical uses are to add extensions which fix current limitations of the device (e.g. time accuracy, fan noise).

Technical synopsis

In a first step, we install a script named fun_plug that provides a hook to extend the boot process of Linux on the NAS. That hook was intentionally added by the vendor to enable this. But Conceptronic does not document or support all of this.

An initial set of packages (downloaded as a single compressed archive) gives you enough tools to get started and, if you are curious about the machine or its software, to carefully look around.

This set of tools gives you the ability to install even more software packages (typically servers) from trusted sources. These packages should obviously all have been compiled for the ARM-type processor in the CHS3SNAS and should have been tested on the device (or a very similar device) by a software expert.

Tested Devices

This Tutorial has been tested on various devices. Other devices may work, please leave a comment in case you have tested an additional device.

Steps for installing fun_plug

Download

Download the latest files from fonz’ fun_plug repository:

  • fun_plug (this is a text file, you probably have to right-click to save it to disk)
    Note: If you want to install fun_plug on the D-Link DNS-320/DNS-325/DNS-345, download this file: fun_plug
  • fun_plug.tgz (this is a 10 MByte “tarball” file, roughly the Linux counterpart of a Zip file)

Place a copy of both files in the topmost directory of Volume_1 of your NAS using Windows Explorer (see Screenshot of what shared network drives looks like in Explorer, or alternatively use Samba or FTP).

Option: view the fun_plug script

For fun, you may want to open the file fun_plug by left-clicking here. Alternatively you can open it in Windows’ Wordpad or, better, Notepad++ under Windows. Please be careful not to accidentally modify it. Avoid using Windows’ Notepad for viewing/editing Linux text files: Windows and Linux use different end-of-line conventions.

The script fun_plug is an ASCII file with commands which are executed by the Linux command interpreter (sh for “shell”).

Lines starting with “#” are comments (“#!/bin/sh” is a special case).

You might be able to decode that the program creates a log file called ffp.log (an ASCII file used here to capture the lines which start with “echo”).

Firstly, a number of named constants are defined for various file names and fragments of file names (the lines like “FFP_SOMETHING=...“).

You can see that Fonz developed it for a D-Link DNS-323 (rather than a Conceptronic CH3SNAS, but this doesn’t matter as Uli, PeterH and others have tested in on the CH3SNAS).

The command date will copy the current date and time to the log file.

Next, a first script setup.sh is run if it is found in the expected /mnt/HD_a2/.bootstrap/ folder. Initially it will not be found.

Then a new directory “ffp” is created (mkdir) and the fun_plug.tgz file is unpacked (tar) into that directory. This step is a bit more complex than normal due to a problem with the tar version supplied with the NAS. As a workaround tar is run twice (first the older version, and then the tar version which was untarred from fun_plug.tgz).

If all went well, the log file gets an extra “OK” string. And the tarball input file is deleted (rm). This obviously only happens once (the script skips the unpacking if the tarball file is not found using the if [condition]; commands fi construct).

The “chown” is about changing ownership for a program called busybox. And “chmod” is about changing access privileges.

Then, a script file /ffp/etc/fun_plug.init (“containing the ffp-scripts package”) is executed if it is detected.

Next, a script file /ffp/etc/fun_plug.local is executed if it is detected. It can be used to add your own startup commands: it will not be overwritten by package updates.

Finally, a script file /ffp/etc/rc is run if it exists.

Reboot

Reboot the NAS by holding down the power button 5 seconds or via the web interface (”Tools” -> ”System” -> ”Reboot”). This causes the NAS to go and find the file fun_plug on Volume_1 and execute it.

Option: view ffp.log

If you are interested, you will find that the fun_plug.tgz tarball has disapeared, and has been unpacked into the newly created ffp directory.

You will also find the ffp.log file created during execution of the fun_plug script and while executing some of its commands. It is longish (e.g. 47 KBytes) because the tar program generates a lot of warnings about repairing links (this only happens once). You can view the log file with WordPad or NotePad++.

From now on, whenever the NAS is rebooted and thus the fun_plug script is re-executed, the script appends about 15 extra text lines to the end of this log file. These contain the date/time of reboot and the status of various servers which you may enable in the future (see below). This appending of information to ffp.log gives you one way to determine whether fun_plug is really running: if you last reboot of the NAS is listed, fun_plug and any servers that it actives are running.

Note that the end of the initial log file already states that a server called telnetd is already running. We will use Telnet in the next step.

Connect via telnet

Telnet Session
Telnet Session
After rebooting, you need to connect to the NAS using a protocol called Telnet. Telnet allows you to “login” on a remote machine via a command line window.

Windows users can use an open-source telnet client called PuTTY. PuTTY is a self-contained program: the PuTTY.exe file can be stored wherever convenient and executed without any prior installation. In the PuTTY configuration screen you need to set the following before pressing Open:

  • Host name (or IP address): use the name of the share (e.g. CH3SNAS) or its IP address (the factory default is 192.168.0.20)
  • Select Connection type “Telnet” (which defaults to port 23)

Now you can press Open (PuTTY can save these settings under a default or name if you want, but you will likely be using ssh instead of telnet later on).

Linux users are “supposed to be” familiar with how to use telnet.

After connecting to the device, the first line telnet will show:

/ #

Now you are logged in. This command “prompt” is where you can type in commands. The prompt shows you are in the root directory. Note that Linux command lines are not very communicative. These Rambo-like social skills are generally attributed to Linux’ resource-deprived childhood.

Change root password

We proceed with updating /etc/shadow by using the program pwconv. It uses /etc/passwd to generate the necessary lines in the shadow-file.

pwconv

Now we need to change the password of user “root” to prevent unauthorized access.
Run the passwd command and enter a new password twice (note that Linux passwords are case-sensitive):

passwd

Next, activate the root-user which is disabled by default:

usermod -s /ffp/bin/sh root

And change the home-directory of root to a permanent one:

mkdir -p /ffp/home/root/
usermod -d /ffp/home/root/ root

Now check if everything went right using:

login

If this was successful, proceed to the next step, otherwise return to “passwd“.

Store the password in the NAS. This step is essential, otherwise your password will be cleared on the next reboot! Please check the following section before executing the command itself:

  • Note: For the D-Link DNS-343, you need a different store-passwd.sh script. See DNS-343 store-passwd.sh
  • Note: For the D-Link DNS-320/DNS-325/DNS-345, you need a different store-passwd.sh script. See this entry for further details

Now execute the command:

store-passwd.sh

This invokes another shell (.sh) script which copies the password-related files to data partitions in Flash memory (mtd1 and mtd2).

Activate SSH

Now activate SSH (secure shell: telnet has major security limitations). Such lines can best be copied line-by-line or together into PuTTY:

chmod a+x /ffp/start/sshd.sh
sh /ffp/start/sshd.sh start

First Connection with SSH
First Connection with SSH
Note that executing sshd.sh takes a while to execute and generates three pairs encryption keys for secure communication between the CH3SNAS and a remote client (computer). Each pair has a “fingerprint” for the public key and a corresponding graphical “randomart” image. The fingerprint for the RSA encryption algorithm will incidentally show up again in the next step.

As shown in one of the pictures, the first time you connect to this new (as far as ssh is concerned) machine, you will get a stern warning from ssh. This is because ssh expects to be connecting to this machine through an encrypted connection (now and likely in the future). But ssh wants to be sure that you are connecting to the intended machine rather than to an imposter (“man-in-the-middle”) and has no way of knowing if this is the case. Assuming that you are connecting to via your own (safe) LAN, you don’t need to worry whether the presented identification (public-key fingerprint) is the right one. If you need to connect over the internet (very unlikely) or are paranoid (unlikely), you can follow the confirmation procedure described in this website.

Note that this step associates the name and IP number of your NAS with this public key (this is stored on your computer). This means that during future ssh sessions to this machine the confirmation of the public key is done automatically.

Logging in using SSH

Now you can try to login using an ssh session as user root. This involves starting a second copy of PuttY.

Once you were logged in sucessfully, you can deactivate telnet using:

chmod -x /ffp/start/telnetd.sh

SSH Session
SSH Session
If the login was not successful, please check that you executed all necessary steps from above. If you still cannot login, please contact us in our forums.

Note that at this point telnet is actually still running, but it will stop working the next time you reboot the NAS. Once you have tested that the ssh server and the associated root password, and encryption keys are working fine you can reboot the NAS: from then on your NAS appliance has essentially been turned into a (somewhat) general purpose Linux computer which you can tweak via “normal” (sic) ssh command line sessions.

Now what?

Congratulations! With the last step, you’ve installed your fun_plug 🙂

You can now install additional packages or (carefully) look around using the command line!

Notes

Fun_plug and user accounts

Note that the initial execution of the fun_plug script creates a new user group utmp.

The script that installs the ssh server creates a new user named sshd and adds the user to utmp. This user is for internal use only, and has no ability to login. It is standard procedure when installing OpenSSH, and believed to be safe.

On a NAS, user sshd also shows up as having read-only ftp access to Volume_1. Although it is doubtful that this user really can access ftp, this seems to be a bug and is being investigated.er group utmp.

The script that installs the ssh server creates a new user named sshd and adds the user to utmp. This user is for internal use only, and has no ability to login. It is standard procedure when installing OpenSSH, and believed to be safe.

On a NAS, user sshd also shows up as having read-only ftp access to Volume_1. Although it is doubtful that this user really can access ftp, this seems to be a bug and is being investigated.

Installation of wget on fun_plug 0.5 for CH3SNAS, CH3MNAS, DNS-323 and many more

wget for fun_plug 0.5

This tutorial is deprecated and should only be used with fonz fun_plug 0.5!
Please check the tutorial page for updated tutorials on this topic!

What is wget?

Wikipedia says the following about wget:

GNU Wget is a simple and powerful computer program that retrieves content from web servers, and is part of the GNU Project. Its name is derived from World Wide Web and get, connotative of its primary function. It currently supports downloading via HTTP, HTTPS, and FTP protocols, the most popular TCP/IP-based protocols used for web browsing.

Its features include recursive download, conversion of links for offline viewing of local HTML, support for proxies, and much more. It appeared in 1996, coinciding with the boom of popularity of the Web, causing its wide use among Unix users and distribution with most major Linux distributions.

Why replace the existing wget?

You may already have a version of wget installed because that was included in busybox , which was installed with fun_plug. But the standard GNU version, however, has a few features which the smaller busybox version doesn’t (such as support for HTTPS or user credentials). This package allows you to use all the features of the standard version.

Installation

In this tutorial we assume that the fun_plug 0.5 is already installed on the NAS and that you synchronized Uli’s repository:

ls -al /ffp/bin/wget
funpkg -i /ffp/pkg/additional/net-misc/wget*.tgz
ls -al /ffp/bin/wget

Note that the first ls command will show the original symbolic link from wget to busybox. After installation of the package, ls will show a normal executable program:

-rwxr-xr-x 1 root root 207172 Oct 14 23:46 /ffp/bin/wget

Available commands

Documentation for wget is available at the GNU-Website.