Skip to content


Raspberry Tricks

Hello everyone!
I decided to buy a Raspberry Pi3 this month. But I have some difficult to set it my way.
Then I created this post with some tricks. =)
These tricks are about the configuration steps. I am sure that it will help me to remember what I did and it maybe help you to go quickly with your Raspberry.

Adding Kyocera FS-1040 Printer:

This printer is a little complicated to install. These were the successful steps for me:

  • You have to install a fix to cups filter. But this filter is available only for 64bit arch. To solve this, you have to use a alternative (reverse engineering) filter and build it inside raspberry:
    1. sudo apt-get update
    2. sudo apt-get install gcc libcups2-dev libcupsfilters-dev libcupsimage2-dev
    3. wget https://github.com/sv99/rastertokpsl-re/archive/master.zip

      (It is from https://github.com/sv99/rastertokpsl-re)

      • unzip master.zip
      • cd rastertokpsl-re-master/src
      • gcc -o rastertokpsl main.c rastertokpsl.c halfton.c unicode/ConvertUTF.c -lm `cups-config --image --libs` -ljbig
      • sudo cp rastertokpsl /usr/lib/cups/filter/rastertokpsl
      • cd
  • Then, install the ppd file:
    1. wget https://raw.githubusercontent.com/lurepheonix/rastertokpsl-fs-1040/master/Kyocera_FS-1040GDI.ppd
    2. sudo mkdir -p /usr/share/cups/model/Kyocera
    3. sudo cp Kyocera_FS-1040GDI.ppd /usr/share/cups/model/Kyocera/
    4. cat > rastertokpsl-fixed
      #!/bin/bash
      jobname=$(echo $3 | egrep -o '[[:alnum:]]' | tr -d '\n' | tail -c 20)
      path=/usr/lib/cups/filter
      $path/rastertokpsl "$1" "$2" "$jobname" "$4" "$5"
      #Press CTRL+D here to close the new file
    5. chmod +x rastertokpsl-fixed
    6. sudo cp rastertokpsl-fixed /usr/lib/cups/filter/rastertokpsl-fixed
    7. sudo service cups restart
  • After it, you can install your printer using your favorite system app.

If you share this printer over network, you should will see it automatically on other machines.
But some routers don’t provide broadcast. Then it will not happen in every place.
When it happen with you, you have to install the network printer in your client.
After it, you have to execute the command in the client (only in the client) (replace PRINTER_NAME by your printer name):

sudo lpadmin -pPRINTER_NAME -m raw

It is necessary to cups doesn’t use the filter twice (one time in client and one time in server).
Without this command, you have the error: “No pages found!”

Adding Spotify client:

After try any spotify clients, I found librespot.

It works very well and there is a debian package (raspotify) to configure it automatically on Raspberry.

Steps:

  1. curl -sL https://dtcooper.github.io/raspotify/install.sh | sh
  2. Get your username in https://www.spotify.com/br/account/overview
  3. Edit configuration file and set your username and password:
    • sudo nano /etc/default/raspotify
    • Edit the following line, replacing your username and password:
       OPTIONS="--username USERNAME --password PASSWORD"
    • you can add more options here. My OPTIONS var is like this:
       OPTIONS="--initial-volume 75 --username USERNAME --password PASSWORD"
  4. Restart the service:
    • sudo service raspotify restart
  5. Now, you can go to your cellphone and choose raspotify to play your music.

Changing the sound output to jackout instead of hdmi:

  • It is simple. you must follow the commands:
    1. sudo raspi-config
    2. select Advanced Options
    3. select Audio
    4. and select: Force 3.5mm (‘headphone’) jack
  • To enable HDMI output, you have to do the same config, but choosing Force HDMI in step 4

Adding firewall:

Well, my raspberry is connected directly to the Internet. Then, I create some IPTables rules to make it safer.

The script is bellow. It was created using the old startup way. Then, save it in /etc/init.d/firewall and run the following commands:

  • to activate it on startup: sudo update-rc.d firewall defaults
  • to start it before reboot the machine: sudo /etc/init.d/firewall start

Script’s contents (/etc/init.d/firewall):

#!/bin/bash
 ### BEGIN INIT INFO
 # Provides: firewall
 # Required-Start: $remote_fs $syslog
 # Required-Stop: $remote_fs $syslog
 # Default-Start: 2 3 4 5
 # Default-Stop: 0 1 6
 # Short-Description: Firewall
 # Description: Firewall
 ### END INIT INFO

# Author: Jacson RC Silva

case $1 in
 start)

export PATH="$PATH:/sbin"

## Extern iface
 EXT_IFACE='eth0'

# Drop ICMP for broadcast and multicast
 echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

# Drop source routed packets
 echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route

# Allow TCP SYN and SYN floods cookie protections
 echo 1 > /proc/sys/net/ipv4/tcp_syncookies

# Don't redirect ICMP messages
 echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects

# Don't redirect ICMP messages
 echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects

# Spoofing protection
 echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter

# Don't log martin addresses
 echo 0 > /proc/sys/net/ipv4/conf/all/log_martians

# Enable forward for NAT
 echo 1 > /proc/sys/net/ipv4/ip_forward

# Cleaning all existent rules
 iptables -F
 iptables -t nat -F

# Allow all for loopback
 iptables -A INPUT -i lo -j ACCEPT
 iptables -A OUTPUT -o lo -j ACCEPT

# Setting default policy to drop
 iptables -P INPUT DROP
 iptables -P OUTPUT DROP
 iptables -P FORWARD DROP

# Allow ICMP
 iptables -A INPUT -m limit --limit 2/s -j ACCEPT

# INPUT: allow access to connections that were already established and/or related
 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 # OUTPUT: allow valid connections
 iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

# Allow SSH (change the port in /etc/ssh/sshd_config)
 SSH_PORT=22
 iptables -A INPUT -p tcp --dport $SSH_PORT -m state --state NEW -j ACCEPT

# Allow HTTP
 iptables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT

# Allow CUPS to local network
 LOCAL_NET=192.168.1.0/24
 iptables -A INPUT -p tcp --dport 631 -s $LOCAL_NET -m state --state NEW -j ACCEPT

# Allow VPN
 iptables -A INPUT -p udp --dport 4911 -m state --state NEW -j ACCEPT
 iptables -A INPUT -p udp --dport 4912 -m state --state NEW -j ACCEPT

# Allow Synergy
 iptables -A INPUT -p tcp --dport 24800 -m state --state NEW -j ACCEPT

echo 'Firewall started!'
 ;;
 stop)
 echo 0 > /proc/sys/net/ipv4/ip_forward
 iptables -t nat -F
 iptables -F
 iptables -P INPUT ACCEPT
 iptables -P OUTPUT ACCEPT
 iptables -P FORWARD ACCEPT
 echo 'Be careful!!! The firewall is stopped!!!!!!'
 ;;
 restart)
 $0 stop
 $0 start
 ;;
 *)
 echo "Usage: $0 {start|stop|restart}"
 ;;
 esac

:

Adding personal menu:

Sometimes, I have to connect in my raspberry to turn it off and to restart raspotify.

To make the process easier, I create an user with a options menu. The steps are:

1. create a new user: sudo adduser options

2. create the following script in ‘/usr/local/bin/options.sh’:

#!/bin/bash

if [ `whoami` != 'root' ];then
   sudo $0
   exit 0
fi

ans=$(dialog --stdout --title 'Raspberry do Jeiks' --menu 'Escolha a opção' 0 0 0 \
             exit     'Exit without changes' \
             spotify  'Restart Spotify'      \
             poweroff 'Power Off Raspberry'  \
     )

case $ans in
   spotify)
     service raspotify restart
   ;;
   poweroff)
     systemctl poweroff -p -f -i
   ;;
   *)
     exit &> /dev/null || logout &> /dev/null
esac

3. make it executable: chmod + /usr/local/bin/options.sh

4. enable it to use sudo without passwd:

sudo su
echo 'options ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers.d/010_pi-nopasswd
exit

5. set this script to run when you login with user options:

sudo nano /etc/passwd
# change:
options:x:1000:1000:,,,:/home/options:/bin/bash
#to:
options:x:1000:1000:,,,:/home/options:/usr/local/bin/options.sh

6. Now, you can login using ssh and get this menu working:

ssh options@YOUR_RASPBERRY_IP

or just login in terminal.

7. To make automatic login (wihout password), you have to export your /home/USER/.ssh/id_rsa.pub contents (from your machine) to /home/options/.ssh/authorized_keys (at your raspberry). Note: If id_rsa.pub did not exist, you have to use this command to create it: ssh-keygen

=D

Postado em 🐧 GNU/Linux 🐧.