This blog contains experience gained over the years of implementing (and de-implementing) large scale IT applications/software.

Netgear ReadyNAS Duo Samba Performance

If you access your Netgear ReadyNAS Duo via your Windows Explorer and you think it’s a little slow when reading/writing, then you could get a little speed boost from adding one line to the Samba configuration.

You’ll need access as root via SSH to log into the ReadyNAS.

Backup the current config file:

# cp -p /etc/samba/smb.conf  /etc/samba/smb.conf.bak
Then as root, edit the samba config file:

# vi /etc/samba/smb.conf
Add the new line under section “[global]”:

socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
Save the file (ZZ).

Restart Samba:

# /etc/init.d/samba restart

Stopping Samba daemons: nmbd smbd.
Starting Samba daemons: nmbd smbd.

You should notice a performance improvement when transferring files.

Secure ReadyNAS Duo (v1) ADMIN Share

If you have a ReadyNAS Duo and you’re happy with your setup and are now sharing your shares out through your router over the internet, you need to be aware that any old hacker can try and access your ADMIN share (e.g. https://<your-readynas>/admin).

I use mine in exactly that way but don’t want Mr A.Hacker trying out a myriad of passwords on my ADMIN share just because my public shares have “Netgear ReadyNAS” plastered all over the front page (a tip for another day I feel).

Instead, if you’re comfortable using SSH, (there is a way to do this by using the FrontView config backup, edit the file and put back in place) then you can edit your Apache httpd.conf configuration file so that access to the ADMIN share is restricted to a host or hosts on your local home network only.

Steps:

1, Log into your readynas via SSH as root.
2, Backup your old config file:

# cp -p /etc/frontview/apache/httpd.conf  /etc/frontview/apache/httpd.conf.bak
3, Use ‘vi’ to edit the httpd.conf:

# vi /etc/frontview/apache/httpd.conf
4, Change the sections as follows:

<Location /admin>
DirectoryIndex index.html
Options ExecCGI
AuthType Basic
AuthName “Control Panel”
require user admin

# block external admin.
Order Deny,Allow
Deny from all
Allow from 192.168 <<< INSERT YOUR LOCAL NETWORK IP ADDRESS SUBNET HERE
</Location>

and

<Location /get_handler>
SetHandler perl-script
PerlHandler get_handler
PerlSendHeader On
Options ExecCGI

# Order allow,deny
# Allow from all
AuthType Basic
AuthName “Control Panel”
require user admin

# block external admin.
Order Deny,Allow
Deny from all
Allow from 192.168 <<< INSERT YOUR LOCAL NETWORK IP ADDRESS SUBNET HERE
</Location>

plus

<Location /dir_list>
AuthType Basic
AuthName “Control Panel”
require user admin
Options ExecCGI
#Allow from all

Order Deny,Allow
Deny from all
Allow from 192.168 <<<– Insert your subnet here.
</Location>

5, Save the changes with:

<shift + ‘ZZ’>

6, Restart your readynas:

# shutdown -r now
7, Test from your local network that you can access the ADMIN share:

https://<readynas IP>/admin

8, Test from the internet that you can’t access the ADMIN share:

https://<ISP IP>/admin

You should see a HTTP 403 FORBIDDEN error.

That’s it.
If you made an error, you can restore your config from the backup file you took:

# cp -p /etc/frontview/apache/httpd.conf.bak /etc/frontview/apache/httpd.conf
and then restart your readynas.
Don’t forget to check the config after you make any changes to shares / firmware etc.

Netgear ReadyNAS & DynDNS Replacement

With the demise of free DNS services from companies such as DynDNS, I was left with no free method of reliably accessing my Netgear ReadyNAS via the internet.

Before these free services closed down, my ReadyNAS was configured to automatically update it’s IP address to the DynDNS service website, which allowed me to use a DynDNS provided host address (e.g. mydevice.dyndns.org) to access the ReadyNAS no matter what it’s IP address was changed to by my home ISP provider.

When the free service eventually stopped, I decided that I didn’t want to pay for such a small service offering, so I wrote a small script to perform the same sort of service.
The script simply checks my current ISP assigned IP address and compares it to the previous run of the script.  If the IP address has changed between checked, the script sends an email to my email account, which I can then use to access the device by directly entering the IP address into my web browser.

It’s not neat, but it works.
Here’s how I did it.

What you’ll need:
– Root access to your ReadyNAS (you need the SSH addon installed).
– Configure email alerting on your ReadyNAS (do this in FrontView by giving it access to your email provider e.g. smtp.gmail.com).

Step 1 – Create the script.

As the root user connected to your ReadyNAS via SSH, use vi to create a small script in the home directory of the root user:

# cd $HOME
# vi check_ip_address

#!/bin/bash
#——————————————————–
#  Get IP address and mail it to us.
#  Place this script in $HOME/root
#  Call it from crontab.
#
#——————————————————– user=”ReadyNAS”
email_from=$(grep ‘^from’ /etc/msmtprc | cut -f2 -d’ ‘)
email_addr=`grep email /etc/frontview/alert.conf | awk -F ‘!!’ ‘{ print $2 }’ | awk -F ‘,’ ‘{ print $1 ” ” $2 ” ” $3 }’`

subject=”IP Address Changed” newfile=/tmp/myip.html
oldfile=/tmp/myip.old

# Call a generic site to get our IP.
wget –no-cookies –no-cache –user-agent=”Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36″ –no-verbose –output-document=/tmp/myip.html https://www.askapache.com/online-tools/whoami/

# Read output.
myipnew=`awk -F “tt>” ‘{ if($2 ~/./){ sub(/<//,””,$2); print $2} }’ $newfile`
myipold=`cat $oldfile 2>&1`
if [ “$myipnew” != “$myipold” ]; then
  # IP is different to last, so save it and mail it.
  echo “$myipnew” > $oldfile
  mesg=”New IP Address: $myipnew”   headers=”From: $email_fromnTo: $email_addrn”
  full_content=”${headers}Subject: ${subject}n${content}nn$mesg”
  echo -e “$full_content” | /usr/sbin/sendmail -B8BITMIME -f $email_from $email_addr &> /dev/null
  echo “RC: $?”
fi

Set permissions on the script:

# chmod 750 check_ip_address

Step 2 – Schedule the Script.

Add the script to a cron schedule:

# export EDITOR=vi
# crontab -e
30 09 * * * /root/check_ip_address
30 14 * * * /root/check_ip_address

The above schedules the script to run at 09:30am every day, and again at 14:30.
That’s it!