Hey BeBox, My SMB Network Hates You!
Sheesh. After getting the machine up and running, getting it on the network was next-level shite! The BeBox, with BeOS 4.5 PPC, comes with an optional folder and, included in there, is an experimental folder containin an application known as WON. This stands for World 'O Networking (I REALLY blame this use of O' for my apostrophicities in this entire blog as I was introduced to WON back in '99) and is a CIFS implementation. Running the setup app easily installs it, but opening the newly placed World 'O Networking icon on the desktop does nothing but tell me that my CIFS Master Browser didn't exist.
Do excuse the crappy photo...
In this day'n'age, there's no #@%#$%'n reason for a CIFS browser to exist on anyone's network. We have random french-named services to say 'hello' to eachother and list eachother in eachother's network lists. There's no need for this (now inappropriate) client/server (master/slave) relationship. Of course, should we expect BeOS 4.5 PPC to be up with the times? No. So? Let's just try the cifsmount call from the command line.
$cifsmount \\\\192.168.1.61\\public [user] [password] ./testMountFolder General OS Error -1
General OS error? Awful. Fortunately, my NAS can log the snot out of Samba, so I turned on verbosity. Whenever BeOS tried to access the share, the following was visible:
[2022/12/19 14:37:58.602852, 2, pid=6552, effective(0, 0), real(0, 0)] ../../source3/smbd/reply.c:708(reply_special) netbios connect: name1=AS6604T-BDE6 0x20 name2=BEBOX 0x0 [2022/12/19 14:37:58.603018, 2, pid=6552, effective(0, 0), real(0, 0)] ../../source3/smbd/reply.c:749(reply_special) netbios connect: local=as6604t-bde6 remote=bebox, name type = 0 [2022/12/19 14:37:58.613129, 0, pid=6552, effective(0, 0), real(0, 0)] ../../source3/smbd/negprot.c:600(reply_negprot) negprot protocols not 0-terminated
Nice! It actually says BEBOX!. Somehow, samba does nothing after that line. It doesn't say "ERROR"... but it also doesn't continue? Checking the code...
if (req->inbuf[size-1] != '\0') { DEBUG(0, ("negprot protocols not 0-terminated\n")); reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBnegprot); return; }
Oh yup. That's a hard-stop. It seems that the CIFS implementation on BeOS hasn't null-terminated a string as it sent it to Samba. We'll need to build the code and rip this out, or rollback to an older version. SMB is running as a package on my NAS and ... I assume there's source somewhere, but every time I've SSH'd into that console the tools I need don't exist, so let's virtualise this shit.
Samba Proxies or Virtual Box?
We have two options here. Spin up a RedHat Linux (~7.0) version and just start Samba on that (it works, I tried it!) or spin up a possibly awesome docker image and "re-share" our existing security-conscious shares. Yes, I got the VM going, but I wasn't happy with an entire VM running endlessly for no reason when my retro machines were off. I also hated the need to cleanly bring-up and shut-down the machine, not to mention the speed of interaction.
So, I went for a Docker image. I'm running an Asustor Lockerstor AS6600T which has a neatly packaged version of Docker and Portainer running. It's currently doing all sorts of things and adding a samba container wasn't going to hurt. The only real consideration was that, even though I was using a macvlan to get real IPs for my containers, I still had not successfully managed to get the NAS to talk directly into the hosted docker containers. I was initially surprised by this, but it turns out that's by-design... docker images aren't 'allowed' to see the metal they're hosted on. Although there's articles mentioning how to fix this (and a slightly different one here), I couldn't get it to work. Therefore, a 'samba proxy' wont actually work... as it needs to be able to SMB mount the host's share(s) and share those forward via it's own SMB server.
Fortunately, we don't have to fret yet. It occurred to me that I can simply mount the host's drives in the docker image and use David Personette's Samba Server container to share those! There's no need to actually proxy anything.
Samba Versions
This negprot 0-termination check has been in Samba since r24001, which was around 15 years ago, which equates to something around Samba 3.1. Docker can run older Linux versions, but only until around 8 years ago. Centos 5 might work, but you'll be hard-pressed finding functional package repos once it's installed. Alpine Linux is the way to go, but there's only docker images going back to 3.1, which doesn't line up with Samba 3.1! If we can't use a version of Samba (in Docker, anyway) that doesn't include the check, then maybe we can remove the check from a newer version? We just need to make sure the newer version supports SMB v1.0 (LANMAN, CIFS, etc..) and it turns out support for these older protocols was removed in version 4.11+.
As that David's container is build on the latest Alpine, it includes Samba 4.18 and this is obviously too new. It turns out that the last version of Samba before 4.11 is v4.18.10 and it's conveniently included in Alpine v3.10. Thanks for Docker's customisable recipes, we can modify David's Dockerfile, adjusting the top line to peg the Alpine base image version to this. Finally, we also need to make sure that the install scripts don't get Samba from the base Alpine 3.10 repo as we actually want to custom-build the APKs and carve out the zero-termination check.
I was initially going to download the source of Samba and try to build/install it myself in a new docker container... but I realised that it would be a tonne of extra work as there's probably distro-specific guff that needs to be configured/carried-out. So instead, as above, I chose to roll my own APK using the APK recipe from the Alpine repo.
Adding a package to Alpine Linux to make Docker better again
If you want to actually build the APK yourself, then here's a basic run-through. I've taken the package recipe from the alpine packages store and made a few changes. You'll find them here. Mainly just a sed script to hack out the 0-termination check.
If you don't want to bother compiling your own APK with this modification, then you can just download the already-compiled APK here. The only reason you'd want to do the next chunk yourself is if you don't trust my hard work. I wont be offended if that's the case.
I started by spinning up a new docker container...
sudo docker run --name apk-builder -v /volume1/Public:/public-share -it alpine:3.10
Note that I've mapped a local drive. You'll want to do this as otherwise you'll have to work out a better way to get the compiled APKs out. Once up, you'll be already at the console and you can get started...
apk add --update alpine-sdk wget nano sudo adduser builder
At this point you'll need to give builder a good password. Once done, continue to set up the APK build environment. Note that the sed line injects the rule to sudoers for the user builder at line 80. If you're doing this on a tainted Docker container (not the fresh one I just built) then you might want to be wary as to which line you insert on.
sed -i "80i builder ALL=(ALL) ALL" /etc/sudoers sudo -lU builder addgroup builder abuild mkdir -p /var/cache/distfiles chmod a+w /var/cache/distfiles chgrp abuild /var/cache/distfiles chmod g+w /var/cache/distfiles
We've done all we need to as root, so switch to builder:
su builder
And then generate your signing keys which'll be used when compressing the APK...
abuild-keygen -a -i
You'll need to type in builder's password for the key storage. Finally, go into the dir and download the APKBUILD files from my server. Please do check out the files downloaded... specifically APKBUILD! The hack to remove the 0-term if statement is already contained inside. It's simply a sed line requesting the deletion of lines 599-605 in negprot.c.
cd /tmp wget https://modelrail.otenko.com/assets/samba-negprot-hack/samba.zip unzip samba.zip
Finally, kick it off. Go grab a coffee.
abuild -r
The build takes around 20 minutes on my quad core i3 NAS. The build is nice as it tells you the progress via the files-completed numbers at the start of each line.
... [3287/5138] Linking bin/default/source3/libads-samba4.inst.so [3288/5138] Linking bin/default/source3/libsmbd-conn-samba4.inst.so [3289/5138] Linking bin/default/source3/libsmbd-base-samba4.inst.so [3290/5138] Linking bin/default/source3/libprinting-migrate-samba4.inst.so [3292/5138] Linking bin/default/source3/libnet-keytab-samba4.inst.so [3294/5138] Linking bin/default/source3/libtrusts-util-samba4.inst.so [3295/5138] Linking bin/default/source3/libsamba3-util-samba4.inst.so [3297/5138] Linking bin/default/source3/libxattr-tdb-samba4.inst.so [3299/5138] Linking bin/default/source3/libCHARSET3-samba4.inst.so [3301/5138] Linking bin/default/source3/liblibcli-lsa3-samba4.inst.so [3303/5138] Linking bin/default/source3/liblibcli-netlogon3-samba4.inst.so [3306/5138] Linking bin/default/source3/libcli-spoolss-samba4.inst.so [3308/5138] Linking bin/default/source3/pysmbd.inst.cpython-37m-x86_64-linux-gnu.so [3310/5138] Linking bin/default/source3/pylibsmb.inst.cpython-37m-x86_64-linux-gnu.so [3312/5138] Linking bin/default/source3/auth/libauth-samba4.inst.so [3313/5138] Linking bin/default/source3/auth/libauth_module_unix.inst.so [3316/5138] Linking bin/default/source3/auth/libauth_module_script.inst.so [3318/5138] Linking bin/default/source3/auth/libauth_module_samba4.inst.so [3320/5138] Linking bin/default/source3/modules/libnon-posix-acls-samba4.inst.so [3323/5138] Linking bin/default/source3/modules/libvfs_module_audit.inst.so [3325/5138] Linking bin/default/source3/modules/libvfs_module_extd_audit.inst.so [3327/5138] Linking bin/default/source3/modules/libvfs_module_full_audit.inst.so [3329/5138] Linking bin/default/source3/modules/libvfs_module_fake_perms.inst.so [3331/5138] Linking bin/default/source3/modules/libvfs_module_recycle.inst.so [3333/5138] Linking bin/default/source3/modules/libvfs_module_netatalk.inst.so [3335/5138] Linking bin/default/source3/modules/libvfs_module_fruit.inst.so [3337/5138] Linking bin/default/source3/modules/libvfs_module_default_quota.inst.so [3339/5138] Linking bin/default/source3/modules/libvfs_module_readonly.inst.so ... (93/105) Purging tevent (0.9.39-r0) (94/105) Purging talloc (2.2.0-r0) (95/105) Purging tdb-libs (1.3.18-r0) (96/105) Purging libbz2 (1.0.6-r7) (97/105) Purging gdbm (1.13-r1) (98/105) Purging xz-libs (5.2.4-r0) (99/105) Purging readline (8.0.0-r0) (100/105) Purging sqlite-libs (3.28.0-r3) (101/105) Purging lz4-libs (1.9.1-r1) (102/105) Purging keyutils-libs (1.6-r1) (103/105) Purging libverto (0.3.1-r0) (104/105) Purging libsasl (2.1.27-r4) (105/105) Purging db (5.3.28-r1) Executing busybox-1.30.1-r5.trigger OK: 184 MiB in 56 packages >>> samba: Updating the /x86_64 repository index... >>> samba: Signing the index...
Once built, you'll end up with a bunch of APKs in /home/builder/packages.
~/packages/x86_64 $ ls APKINDEX.tar.gz samba-dev-4.10.18-r0.apk libsmbclient-4.10.18-r0.apk samba-doc-4.10.18-r0.apk libwbclient-4.10.18-r0.apk samba-heimdal-libs-4.10.18-r0.apk pam-winbind-4.10.18-r0.apk samba-libnss-winbind-4.10.18-r0.apk py3-samba-4.10.18-r0.apk samba-libs-4.10.18-r0.apk samba-4.10.18-r0.apk samba-libs-py3-4.10.18-r0.apk samba-client-4.10.18-r0.apk samba-pidl-4.10.18-r0.apk samba-client-libs-4.10.18-r0.apk samba-server-4.10.18-r0.apk samba-common-4.10.18-r0.apk samba-server-libs-4.10.18-r0.apk samba-common-libs-4.10.18-r0.apk samba-server-openrc-4.10.18-r0.apk samba-common-server-libs-4.10.18-r0.apk samba-test-4.10.18-r0.apk samba-common-tools-4.10.18-r0.apk samba-winbind-4.10.18-r0.apk samba-dc-4.10.18-r0.apk samba-winbind-clients-4.10.18-r0.apk samba-dc-libs-4.10.18-r0.apk samba-winbind-krb5-locator-4.10.18-r0.apk
Copy these all somewhere to your local drive, as we'll need to use them for the Docker container creation. If you are rolling this yourself, then your Dockerfile/docker-compose.yaml will need to map a local volume to the folder where all of these files are. If you're not rolling them yourself, then use the zip that's in this Dockerfile.
The container script uses David's as a base, but sets Alpine to 3.10 and uses Samba from my APKs. It also does a lot of mucking around with smb.conf. Prior to that configuration mucking around, BeOS would get past the negprot issue only to bring up another error:
Allowed connection from 192.168.1.131 (192.168.1.131) init_oplocks: initializing messages. Transaction 0 of length 72 (0 toread) netbios connect: name1=192.168.1.46 0x20 name2= 0x0 netbios connect: local=192.168.1.46 remote=, name type = 0 Transaction 0 of length 51 (0 toread) switch message SMBnegprot (pid 1071) conn 0x0 Requested protocol [NT LM 0.12] reply_negprot: No protocol supported ! Server exit (no protocol supported)
Seems that NT LM 0.12 is NT LAN Manager 2.1, or somesuch. I'd thought about digging back into negprot.c and checking the reply_negprot function, but a quick google lead to something very obvious... configuration!
SERVER MIN PROTOCOL
As always, someone has already faced this issue and it seems that all they had to do was set the 'lowest' protocol that the server would accept, via a setting? David's smb.conf had a default minimum of SMB2_10, which seems to mean that we only supported Windows 7 and above? Wowzers. For those not clicking links, here's the protocol limitation options:
Option | Description |
---|---|
LANMAN1 | First modern version of the protocol. Long filename support. |
LANMAN2 | Updates to Lanman1 protocol. |
NT1 | Current up to date version of the protocol. Used by Windows NT. Known as CIFS. |
SMB2 | Re-implementation of the SMB protocol. Used by Windows Vista and later versions of Windows. SMB2 has sub protocols available. |
SMB2_02 | The earliest SMB2 version. (Windows Vista and higher) |
SMB2_10 | Windows 7 SMB2 version. |
SMB2 | By default selects the SMB2_10 variant. |
SMB3 | The same as SMB2. Used by Windows 8. SMB3 has sub protocols available. |
SMB3_00 | Windows 8 SMB3 version. |
SMB3_02 | Windows 8.1 SMB3 version. |
SMB3_11 | Windows 10 SMB3 version. |
There's actually a really cool piece of code explaining all this in the negprot.c source file:
/* these are the protocol lists used for auto architecture detection: WinNT 3.51: protocol [PC NETWORK PROGRAM 1.0] protocol [XENIX CORE] protocol [MICROSOFT NETWORKS 1.03] protocol [LANMAN1.0] protocol [Windows for Workgroups 3.1a] protocol [LM1.2X002] protocol [LANMAN2.1] protocol [NT LM 0.12] Win95: protocol [PC NETWORK PROGRAM 1.0] protocol [XENIX CORE] protocol [MICROSOFT NETWORKS 1.03] protocol [LANMAN1.0] protocol [Windows for Workgroups 3.1a] protocol [LM1.2X002] protocol [LANMAN2.1] protocol [NT LM 0.12] Win2K: protocol [PC NETWORK PROGRAM 1.0] protocol [LANMAN1.0] protocol [Windows for Workgroups 3.1a] protocol [LM1.2X002] protocol [LANMAN2.1] protocol [NT LM 0.12] Vista: protocol [PC NETWORK PROGRAM 1.0] protocol [LANMAN1.0] protocol [Windows for Workgroups 3.1a] protocol [LM1.2X002] protocol [LANMAN2.1] protocol [NT LM 0.12] protocol [SMB 2.001] OS/2: protocol [PC NETWORK PROGRAM 1.0] protocol [XENIX CORE] protocol [LANMAN1.0] protocol [LM1.2X002] protocol [LANMAN2.1] OSX: protocol [NT LM 0.12] protocol [SMB 2.002] protocol [SMB 2.???] */ /* * Modified to recognize the architecture of the remote machine better. * * This appears to be the matrix of which protocol is used by which * product. Protocol WfWg Win95 WinNT Win2K OS/2 Vista OSX PC NETWORK PROGRAM 1.0 1 1 1 1 1 1 XENIX CORE 2 2 MICROSOFT NETWORKS 3.0 2 2 DOS LM1.2X002 3 3 MICROSOFT NETWORKS 1.03 3 DOS LANMAN2.1 4 4 LANMAN1.0 4 2 3 2 Windows for Workgroups 3.1a 5 5 5 3 3 LM1.2X002 6 4 4 4 LANMAN2.1 7 5 5 5 NT LM 0.12 6 8 6 6 6 1 SMB 2.001 7 SMB 2.002 2 SMB 2.??? 3 * * tim@fsg.com 09/29/95 * Win2K added by matty 17/7/99 */ #define PROT_PC_NETWORK_PROGRAM_1_0 0x0001 #define PROT_XENIX_CORE 0x0002 #define PROT_MICROSOFT_NETWORKS_3_0 0x0004 #define PROT_DOS_LM1_2X002 0x0008 #define PROT_MICROSOFT_NETWORKS_1_03 0x0010 #define PROT_DOS_LANMAN2_1 0x0020 #define PROT_LANMAN1_0 0x0040 #define PROT_WFWG 0x0080 #define PROT_LM1_2X002 0x0100 #define PROT_LANMAN2_1 0x0200 #define PROT_NT_LM_0_12 0x0400 #define PROT_SMB_2_001 0x0800 #define PROT_SMB_2_002 0x1000 #define PROT_SMB_2_FF 0x2000 #define PROT_SAMBA 0x4000 #define PROT_POSIX_2 0x8000 #define ARCH_WFWG ( PROT_PC_NETWORK_PROGRAM_1_0 | PROT_MICROSOFT_NETWORKS_3_0 | \ PROT_DOS_LM1_2X002 | PROT_DOS_LANMAN2_1 | PROT_WFWG ) #define ARCH_WIN95 ( ARCH_WFWG | PROT_NT_LM_0_12 ) #define ARCH_WINNT ( PROT_PC_NETWORK_PROGRAM_1_0 | PROT_XENIX_CORE | \ PROT_MICROSOFT_NETWORKS_1_03 | PROT_LANMAN1_0 | PROT_WFWG | \ PROT_LM1_2X002 | PROT_LANMAN2_1 | PROT_NT_LM_0_12 ) #define ARCH_WIN2K ( ARCH_WINNT & ~(PROT_XENIX_CORE | PROT_MICROSOFT_NETWORKS_1_03) ) #define ARCH_OS2 ( ARCH_WINNT & ~(PROT_MICROSOFT_NETWORKS_1_03 | PROT_WFWG) ) #define ARCH_VISTA ( ARCH_WIN2K | PROT_SMB_2_001 ) #define ARCH_SAMBA ( PROT_SAMBA ) #define ARCH_CIFSFS ( PROT_POSIX_2 ) #define ARCH_OSX ( PROT_NT_LM_0_12 | PROT_SMB_2_002 | PROT_SMB_2_FF ) /* List of supported protocols, most desired first */ static const struct { const char *proto_name; const char *short_name; NTSTATUS (*proto_reply_fn)(struct smb_request *req, uint16_t choice); int protocol_level; } supported_protocols[] = { {"SMB 2.???", "SMB2_FF", reply_smb20ff, PROTOCOL_SMB2_10}, {"SMB 2.002", "SMB2_02", reply_smb2002, PROTOCOL_SMB2_02}, {"NT LANMAN 1.0", "NT1", reply_nt1, PROTOCOL_NT1}, {"NT LM 0.12", "NT1", reply_nt1, PROTOCOL_NT1}, {"POSIX 2", "NT1", reply_nt1, PROTOCOL_NT1}, {"LANMAN2.1", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2}, {"LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2}, {"Samba", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2}, {"DOS LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2}, {"LANMAN1.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1}, {"MICROSOFT NETWORKS 3.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1}, {NULL,NULL,NULL,0}, };
So, is it just as-simple-as setting the lowest bloody value and rebooting? I edited the Dockerfile and updated the injected smb.conf configuration:
echo ' # Security' >>$file && \ echo ' client ipc max protocol = SMB3' >>$file && \ echo ' client ipc min protocol = LANMAN1' >>$file && \ echo ' client max protocol = SMB3' >>$file && \ echo ' client min protocol = LANMAN1' >>$file && \ echo ' server max protocol = SMB3' >>$file && \ echo ' server min protocol = LANMAN1' >>$file && \
And it worked! Finally! BeOS has connected to my NAS with a reasonably-recent version of linux and Samba! Sure, commenting out the zero-termination might reinstate a bug that can be exploited, but this service will never be public. Meanwhile, World 'O Networking still hated me... but that's OK, at least I can now transfer files!
Giving Docker a Hostname
As you can see above, all interactions with the new samba docker server are via IP. It turns out that the --hostname field that you configure in Docker only applies internally to the docker container. It's not exported! Googlin' around, I found a great stack overflow article describing the same issue, with many "can't do that" responses.
It's not until you scroll a few answers down that you'll see a --net-alias flag that seems to do want I want. Just a note, it's --alias if you're using docker network connect and --net-alias when using docker compose. I added the required configuration to the Dockerfile and spun up a new instance.
services: samba-bridge: networks: mynet: ipv4_address: 192.168.1.46 aliases:old-samba-bridge networks: mynet: external: true
mynet has been set up using the instructions over here, which were pertinent to getting PiHole running in an adjacent Docker container. The rest of the configuration was borrowed from here.
I honestly hoped this would get Samba showing up on the local LAN with a hostname, but no such luck! I wonder if the docker network is preventing promiscuous traffic or somesuch... Maybe I'll spin this up on a physical machine on the network just to rule a few things out.
But what about that CIFS Browser error?
Oh yeah, I would still love WON to actually list my computers... can I do it? It seems that you can configure Samba to be a CIFS Server with a single local master = yes in the configuration file. Unfortuantely this didn't work... neither did wins support = yes. I'll have to keep fighting to get my WORKGROUP listed.
Osaka Station Updates – May, 2023
During the last decade, JR West has managed to remove a freight yard, sink the Umeda freight line, build new platforms and connect these platforms internally to Osaka Station. They've even implemented an AI Face Detection gate so you don't have to tap.
The Umeda area had been slated for redevelopment for quite a while, but the heavily-used freight yard and rail line had to be removed. After Suita was upgraded to cope with the freight that was handled in Umeda, the yard could be removed, but the line could not. The line was still used by limited express trains to the airport and Wakayama.
Instead of removing the line, the plan was to sink it and create a separate station, known as Ume-Kita (North Umeda), underground. At some point during the planning, the idea changed and it was decided that the underground platforms and rail alignment should be moved close enough to Osaka Station, to become a single entity. Making this change to the design was honestly a perfect idea and well-needed for anyone transiting around Kansai.
Umeda Freight Yard
The Umeda freight line runs direct between Shin-Osaka Station and Fukushima Station. Umeda Freight Yard used to be in the middle of this, directly north-west of Osaka Station. The Umeda Freight Line was also used by the Kuroshio and Airport Limited Express trains, with the only stops in central-Osaka being at Tennoji and Shin-Osaka Stations. The latter, although great for transferring to the Shinkansen, wasn't optimal for anyone wanting to get into the northern area of the Osaka loop line.
Here's what the area used to look like back in 2009/2010 when the freight yard was operational. The Umeda freight line is on the far side, running down the edge of the yard, with Osaka Station in the bottom-right of the image.
It was a pretty magical area with the limited express trains bolting between the freight (more photos here)... but that's all history as Suita was extended to cope with the freight capacity removed here.
New Construction
Without depairing too much, the new design is perfect for both passengers and freight nerds! First there's the ability to ride the Higashi Osaka Line from Osaka station and secondly the freight to-and-from Ajikawaguchi still runs... actually, there are now more freight trains than ever. Even better, due to the sinking of the line, the incline required to enter/exit the underground station platforms has required freight trains occasionally have a banker loco on the rear!
To check it all out, I first took a Osaka East Line service from Shin-Osaka to Osaka Station. These services used to terminate at Osaka Station, but now travel along the Umeda freight line and terminate at the new platforms.
From the Nakatsu area, the rail starts to descend into the station. It's two tracks on this side of the platforms, but each split into two, forming two island platforms with rails either side. Only the platform closest to the main Osaka Station building has a full glass platform wall. I assume they're getting around to installing these on the other platforms. Thankfully they weren't installed yet on the Shin-Osaka bound side!
As that all of the limited express trains stop, and the locals terminate, any 'passes' showing on the board will be freight!
As mentioned above, the Kuroshio bound for Shin-Osaka was to come through first. I was hoping forthe dolphin, but got a newer set instead...
And then it was freight time!
Excuse the lighting... here's a video instead.
And another...
And the dolphin!
And that was what. I never managed to get down there when there was a banker engine attached.
Checking the area out on-foot
A few days later I decided to take the subway to Nakatsu Station and check out the area on foot. Something became very apparent (and it's happening in Melbourne too): as soom as a railway is sunken into the ground, the area around the tracks becomes inaccessible. Sure, it's the same around the inclines/declines for elevated rail, but once the rail is in the air then there's space underneath to do things with. I suppose, this is also true if you cover the rails... but in Melbourne they haven't.
Fortunately, everything is still under construction, meaning that they'll hopefully add better access to allow crossing the railway line. Also fortunate is that this area was always a ground-level freight yard and was never cross-able.
There's still quite a bit of infrastructure to remove... and you can see they've quickly hacked away other things. Meanwhile, here's a great comparison. Here's what the Hankyu overpass looks like now:
Compared to 2009/2010:
There are two buildings that match in that shot, the rest are demolished (in the old) or brand new (in the new.) Anyway, I kept dawdling around...
And of course, everywhere needs art... including the new entrance to the new platforms from the above-ground.
It was actually drawing quite a crowd.
PC-98 – 110-Pin CenterCOM ME1500 Ethernet Adapter
This gets a special mention after getting the PCMCIA slot working on this machine. Since my NS/A only has one PCMCIA slot, it's nice to be able to have ethernet on the 110-pin port and SCSI in the PCMCIA. Or vice-versa!
What I can't believe is that Allied Telesis still has a FULL list of drivers for all of their archaic hardware. Thank you Allied Telesis, from the entire retro community! Just in case that site does go down, the drivers for this device are over here for safe-keeping.
Once downloaded, just make it available to the MS LAN Manager setup interface. Clear your current configuration and then choose to add an unlisted driver...
Yet again, set up TCP/IP with DHCP as the default...
And Bob's your uncle! Transmission!
The bloody thing worked perfectly and now I have my single PCMCIA slot free for SCSI. Actually, it'd be nice if they made the rear 110-pin port daisy-chain-able. All of these devices should have the matching rear socket to add more devices... just like the C-Bus slots.
Yamashina, Kyoto – May, 2023
Stumbling across this area was nearly an accident. Somehow, back in the day whilst probably browsing Facebook and pinning random locations on Google Maps, I'd left a 'favourite' on this canal. Whilst planning things to do during my final days of this most recent trip to Japan, I chose to visit this area as my rail pass had expired and it was easy to get to from Shin-Osaka. It's also easy to get to from Kyoto or Otsu by taking the Keihan Keishi Line, which is actually the same line that runs down the middle of the street in Otsu city.
Getting up to the Canal
Lake Biwa Canal was used back in the day for freight and water, but nowadays is just used to supply drinking water and power a hydro dam. It's actually located high up on the side of a mountain, so there's a bit of a walk involved. Starting from either JR or Keihan Keishi Line, exit at Yamashina Station and start walking to the west, beside the bicycle parking lot.
Once you cross through the underpass above, you'll climb the local street to get up to the canal.
It's mildly steep, so take it easy. But once on the canal, it's flat land all the way around to the photography spot. On the way, you'll pass the observation deck which faces back to Yamashina Station. It's great for viewing trains, but the view is a little limited.
Continue along the canal...
And keep an eye out to your left, as after around a 10 minute walk you'll stumble across...
This amazing view! Further along the canal you'll find Myooji Bridge and then toilets. And also random boat tours!
But yeah, we're not here for that... we're here for:
And don't forget to look down...
But you'll be distracted again momentarily by either a limited express, freight or passenger. They just don't stop!
The heavens then opened up and it rained quite heavily. If the forecast says ANY percentage of rain (on the day it was 2%), then take an umbrella. Don't even bother to gamble! The maple leaves are beautiful and offer no form of shelter.
And, of course, the rain came when the Fukuyama Rail Express came!
And then the Kangaroo Liner came through!
That was around 2 hours between 9 and 11am in the morning on a Tuesday. I can only recommend to check timetables and determine a sweet spot as to when to see the most trains. At the start, there was one other photographer up there, but he seemed to understand the rain was coming and left before it arrived!
I returned via Yamashina Station and, as always, a freight appeared out of nowhere...
And a final note, make sure to ride in the first car of any train you take in Japan.
There's always something to see on the Tokaido line!
Travelling Through Shikoku – May, 2023
The goal was simple: take the Sunrise sleeper train to Takamatsu and drive across Shikoku, returning on a Shiokaze from Matsuyama the next afternoon. Starting from Tokyo, this would have worked... but starting from Osaka it doesn't. From Osaka, the Sunrise's timetable lets you get to Tokyo easily, but doesn't let you go west as it passes through around 4am and they don't actually let anyone get on. Conversly you can easily get west from Tokyo!
So, the plan was changed to an afternoon Shinkansen to Okayama and an easy transfer through to an onsen in Kotohira!
Kotohira
This sleepy river-town is more-or-less due south of Okayama. You get to cross the amazing Seto Bridge to get there and, although the express trains are cool, doing this on a local service will make the experience better. The view is amazing ... and I totally failed to take photos. Anyway, back to Kotohira. It seems to be known as a, uhmmm, brothel (companion) town? It actually really reminded me of Spirited Away's onsen town.
We stayed at Shikishimakan with the lodgings, food and onsen being perfect! I don't think I've eaten that much in a long time. The next day was a trip to Takamatsu to pick up the rental car and I totally failed to take any photos of Kotohira Dentetsu, the cute little third-sector railway linking Kotohira and Takamatsu. Of course, we could've taken JR back and around, but that would've actually been 20 minutes longer!
Takamatsu
All of 5 minutes was spent in-town, traversing from the Kotoden Station to the Renta-car on-foot. The car was easily picked up and, I must admit, booking one-way rental cars in Japan is super easy and doesn't cost more than a return trip! How dare they understand customer service. I looked at my train timetables and realised a freighter was bound for Niihama, so the first goal was to pick a picturesque area for a photo or two.
Unfortunately, it seems that the freighter had already slipped past. Thanks to the timetable only showing major arrivals and departures, it's hard to know where-else a service will stop. They could halt in stations or loops to let the priority passenger services pass. This means that you can't ever get a 100% fix on a train if you only interpolate the speed over the time to travel between two known points!
Iyo-Mishima
I'd always liked the look of this level crossing between two factories. The whole area is an industrial port-town and, although the freighter was well-and-truly ahead of us, there were still a few limited express trains to see!
It's a bit dicey to get in the right position as the roads are narrow and a continuous procession of trucks are ready to take you out. The guard rails are also covered in powdery old paint, which happily rubs off onto your pants.
Niihama
After a few other Hard-Off stops along the way, we ended up in Niihama just before the departure of the freight we'd initially tried to chase in the morning. It'd spent its time in the yard already and was about to hook and pull back east.
It then sat for a while with it's markers on, as it had no clearance to leave. There was still a Shiokaze to come from the east on it's journey to Matsuyama.
Three seconds later and the freight was outta there!
Matsuyama
The land of red trains! I had always thought this diamond crossing was in Kochi, but I was happily proven wrong. A hotel was chosen near-enough to this infamous crossing and a morning was spent taking wayyyyy too many mikan/tangerine/persimmon/vermillion coloured vehicles. Of course, the goal was a photo with all three modes of transport in one shot. But first, I had to dawdle to the intersection.
There's a beautiful mix of street-cars to view, even at 6am in the morning.
But just around the corner, the intersection came into view...
And my first 2-out-of-three vehicle shot was taken!
And then more random shots...
At around ~7am the buses started to appear, running more-frequently on their schedules. Game on! Time for a three-vehicles-in-one... but working out the best vantage point (with the lens I had on), without getting hit by bicycles, or traffic... or annoying the authorities... was going to be tough. Also, it would be very easy to be stuck on the wrong side of the level-crossing!
There were actually also a lot of dead-head movements, so using Google Maps for the heavy-rail timetable wasn't always the best idea... there'd often be 2-3 deadheads in between real services!
More trams came and went... older heavy-rail consist came and went...
And then it happened!
Three-in-one! But not overly-well framed... still... done! I stayed longer to see how many more times I could do it.
Oof... that one was nicer.
And that isn't bad either! I had spent three hours loitering... I was happy with the shots and that no authorities came to tell me to move on. It was time to be a normal tourist!
Matsuyama Castle
After telling friends we were doing Shikoku, they nearly spat out their food when I said this castle wasn't on the itinerary. It's easy to be spoiled by castles in Japan and after seeing Osaka and Himeji, I hadn't really considered that I'd needed to see another. They all said it was a must-do and I'm glad we listened.
That angle is very Kiyomizudera-esque, just without the religion. This castle is built as a stronghold and, although I'm sure they were praying inside often, it's totally built for war.
The view from any point on the grounds is stunning. Make sure to always be looking through port-holes, gun-holes, cannon-holes, windows, etc...
And, although the usual rule is to look-up, make sure to look down! On all sides of the castle.
And then, when done, take the chair-lift or cable-car back down the hill.
Thank you Shikoku!
Takachiho Amaterasu Railway – May, 2023
I must admit, visiting this railway was never really on my to-do list. Not only is it quite out-of-the-way, since the bridge that connected the railway to Nobeoka was destroyed, but the train they have operating on the isolated section of the line is really only a toy?
It wasn't until my friend said "we're going!" that I started actually researched the railway. He then also told me he'd booked me on the driving experience... and I may have freaked out. I love trains, but actually driving one? I don't know if I'd have the coordination. I'd considered it back at Usui Pass Railway Heritage Park, but the cost there was well over AU$300 and I would have had issues with translation.
Fortunately, Amaterasu was cheaper and Shuhei-san was going to help!
Getting there
It was a ~2.5 hour drive from Nichinan and, thanks to my international licence, I drove the whole way. It was a mix of highways and local streets and the scenery was stunning! We stopped through at Takachiho Gorge first, wandering around the area. The boats were booked out and the aquarium was slightly hilarous.
After that, a quick stop for lunch and then the main event. Actually, I shouldn't skip on the event that was lunch. The Takachiho area is famous for its beef, so we stopped in at a local restaurant named Takachiho Shokudo. The specialty was beef curry, but they also raved about the chicken namban. So, what to do?...
Have both on one plate! Delicious!
Takachiho Amaterasu Railway
This is the terminus of the railway that once connected Nobeoka to Takachiho. When a bridge collapsed during a typhoon in 2005, the decision was made to not rebuild, leaving this segment of the railway disused. Later on the current group was created and the tourist trains began.
When the 'toy' train isn't in the yard, you're allowed to wander around the station yard and check everything out. Down one the end of the line, in the sheds, are the two TR-series DMUs that one gets to drive in the driving experience. It all started to become real! Before this, we went for a ride on the 'toy' train.
All was pretty standard until the tunnels... hah...
The final stop on the main bridge is just awesome. The driver must pause before even entering the bridge to read the wind monitor to make sure we wouldn't fall off. Once we proceeded on though, we stopped in the middle and were allowed to stand up to get great photos.
The conductor became the driver and we returned back to the yard.
Let's Drive A Train!
This got very hard very quickly. The instructor went and grabbed the DMU and brought it onto the platform.
We then spent 10 minutes lost-in-translation whilst he was trying to teach me the controls. Shuhei, thanks for your help here! I would've sent the train off the cliff if you hadn't have translated the harder words.
The basic things to know were direction switch, accelerate, brake and the deadmans switch. There was also the point that the ATS (or was that ATC?) was still wired-in, but not disabled and so it'd ring REALLY LOUDLY in your left ear if you were in notch one. It's goal was to remind you that you were moving off without correctly enabling ATS and ... well ... that was wrong. But we could ignore it.
He gave me the green light and we were off. Brake released, accelerator nudging through notch one, buzzer screaming in my ear... but the thing was moving. I then proceeded to apply brakes, at the area I thought we should start stopping, and it really felt like the brake handle was doing nothing. There were no physical notches in the brake handle, so you just had to rotate it, hoping that something was being applied. Of course, you could read the gauge, which had two needles, but there wasn't really a tactile connection. About those needles... if they come inline with eachother then the emergency brake is applied... and, of course, I did this on the first stop. Both Shuhei and the Instructor went for a bit of a stumble.
For that issue, my mandatory JR-style re-training occurred and then we were off again. As that it's a single line, we had to swap ends and drive all the way back. The actual experience lets you drive back and forth four times!
Shuhei jumped out and took some pics of me going back and forth... I really started to get the hang of it towards the end.
Oh, and don't forget to don the drivers hat... even if your head is too big.
Jeez, you can see the stress on my face. I was shaking and traumatised afterwards, but it was so worth it!
PC-98 – PC-9801NS/A PCMCIA Network
It's done. I did it. I managed to wrangle a set of disks via Yahoo Auctions Japan and succeeded. It seems the winner of the previous auction didn't want these disks as well... which is good for us all!
Look at that floppy disk. Isn't it the most awesome disk you've ever seen in your life? It cost AU$50. Fifty-#$%#$-bucks for a floppy disk. If you add the previously bought floppy (that had been overwritten!), then this total adventure cost over AU$100. Anyway, the outcome is that anyone can now get PCMCIA running on their NS/A, NL/R, NX/C or Ne!
The file on the disk happened to be SSDRV.SYS, not SSMECIA.SYS as I'd been expecting. It turns out that SSDRV.SYS comes in two flavours: a ~5kb version for PCMCIA 2.0 and a ~6.34kb sized version for PCMCIA 2.1+. As that I scored the actual PC Card Support Software disk for this specific laptop, it all just installed fine.
Firstly, a copy was made of the disk, with the original being stored away safely.
Of course, this copy is now available to the world! As it should be! Note that this is a 1.2mb Disk Image and that you'll need to format the floppy as 1.2mb prior to imaging or copying the data over. RawWrite for windows worked fine once I re-formatted a floppy disk from 1.44mb to 1.2mb under DOS in the NS/A.
PC Card Support Software
Slap in the disk, type SETUP.EXE and hit enter. You'll be presented with the main menu, as per the middle shot below.
From the menu, the top item is the installation source, secondly the install destination and the highlighted row is "Let's do this!". Go down to that option and smack enter, as the defaults should be correct.
In that second-last shot you can see the CONFIG.SYS listing where the installer has added three lines to the bottom. The first two are legit and the last is the Memory Card (i.e. flash storage) driver... which we don't need.
Network Hardware
I initially tried a RATOC R280, but it seems that it needs PCMCIA 2.1. Instead I reverted to my NEC PC-9801N-J02R, as I'd read somewhere that it was compatible with the NS/A.
As mentioned in the fine-print under the lovely graphic on the card, it's also known as a B4680 "Interface Card T", so remember this when installing the next software product. The drivers for this card are useless without host software to use them, so we need to choose something that can use this card!
MS Lan Manager + Network Drivers
How do I get network sharing going? It turns out that Windows for Workgroups was never released for the PC-98? I could go up to Windows 95 again, or go backwards to MS LAN Manager for PC-98. Lettuce do the latter and get some files transferring!
Not much to discuss yet. First screen is an introduction and the second tells you how to use the menus. Basically that the bottom-left button is OK and the one next to it is Back. Use TAB to switch between and ENTER to confirm selections. The next screen firstly defines the installation source and then the target installation directory. After that, you get the choice between installing the "Enhanced" or "BASIC" version of MS LAN Manager. I chose the defaults (the top option, "Enhanced") and continued.
Per disk, you get cute little countdowns instead of progress bars. It's telling you the amount of files it still needs to copy. Once it gets to zero it'll ask for the next disk:
It also asks where the next disk is, so I assume you can dump all of the files into one folder on A:\ (that's your HDD, stop thinking about C:\) and just do a super-quick install. Instead, I wrote out the six disks and inserted Disk #2.
It asked for disk #3: Drivers... and blew up.
And kept blowing up... and then threw me back to the DOS prompt. Ok, I failed to write #3 correctly! I found a substitute, re-wrote it and kept going. Cool! Driver selection!
Remember how I told you to remember the 'secondary' name of the PCMCIA LAN card? That's what we need to go by here. It's the 5th or 6th option... depending on which version of NDIS you wish to use? I chose v1.0. But now that I look at it, is it actually the version of the PCMCIA card? My card doesn't have a version on it, assumingly it's v1.0 then as they didn't think to put a version on the first if it was only meant to be a single version?! (Spoiler, it still worked...)
Ok ok, that says RATOC R280. Disregard and pretend it sayd B4680. I tried the RATOC card first and it vomited when trying to initialise it. I then switched to the NEC card. Either way, the middle shot lets you select the protocols. Use TCP/IP, unless you have other specific purposes to use other protocols. Make sure the DHCP box is checked and let it install!
Next up, set your Computer Name, Username and Domain/Workgroup name respectively. Then choose if Windows or DOS will be controlling the LAN Manager? Or does it say something else. I went with defaults. It then asks where Windows is... and I gave it the appropriate response.
Finally, there's something about message popups... I left it as default, and then hit "Let's do this" on the "we're gonna make changes now" middle screenshot. Finally it confirms that everything has been done! Let's save, quit and reboot.
We're in DOS, I connected the cable, we booted and it looks happy?
IPCONFIG works and it's displaying a correctly-assigned DHCP address! Can we ping?
We can! I .. what .. it works?!
Browsing the Neighbourhood
There's a NET command in MS LAN Manager for DOS that lets you browse the network and map shares. I can't say I had much luck with it, but I tried anyway.
When you first run NET, you'll be presented with a small configuration dialog. It asks for your Username, Password and Domain/Workgroup. I entered the required values and then hit enter, which dismissed the dialog. I then got a few warnings that the domain didn't respond and that things probably wont work properly... or that's what I think they said.
A short while two computers appeared in the main list!
The first is "Local" and the second is my W98 PC. I created a 'free for all' share on Windows 98 and then tried to hit 'enter' on the machine in the list after selecting it. Nothing really happened. Going to the view menu and choosing the first option popped up a dialog with the share I'd created!
Hitting enter on the share didn't work...
Something about a remote name? Oh well... I have a plan!
Speaking the correct version of SMB
So, SMB is the windows network share standard and it's come a long way. We're up to encrypting everything, from being able to have zero-password free access, way back in the day. The issue here is that the old LANMAN client speaks zero encryption and my NAS doesn't want to even consider talking to it. Windows 98 is even scoffing at it!
Errors are "share not found" or "access denied". Pretty much expected... so what to do? I cheated with the BeBox in the past.. and I now realise I never made a post on how I got network shares going. Oh well, now is a better time than ever. I did something really dodgy and loaded up RedHat 7.2 (not RHEL!) to create a kind-of SAMBA proxy. I'm sure that you could get Docker to do this, but setting up a VM was just as fun!
The goal was simple: a VirtualBox VM with RedHat 7.2 installed which could SMB to the NAS and then share that folder forward with all the encryption disabled. Sure, dangerous as hell, but it's all only accessible on the local network.
With the machine set up, it even showed up on the LANMAN net browser!
I got a weird NET2123 (API out of buffer space) error when trying to list the shares, so I just went and mapped it to Z: manually in DOS.
Woah... it worked... Oh, the actual use command scrolled off the screen... it was net use Z: \\redhat-oldie\public
It even shows up with a cute network icon in File Manager!