7/26/2015

Fast Forward to the Nikon D5500 from the D3100

Fast Forward to the Nikon D5500 from the D3100

Part I - The Nikon D3100

History

A little more than a year ago, I took the leap back into serious photography, and starting doing business at http://wrightrocket.smugmug.com.  With a very limited budget, I started with the entry-level Nikon D3100, which provides beginning users with a guide mode, but intermediate or advanced users the basics of a DSLR with the sophistication and quality of Nikon.  At the time, I really wanted the Nikon D5300, but didn't have the budget for it, so I settled for a little less than I wanted to get what I really needed.

Here are the technical specifications of the D3100:
  • Expeed 3 Processor
  • 14.2 Megapixels
  • DX Sensor 23.1mm x 15.4mm
  • 3 Frames per second continuous
  • ISO 100 to 12800
  • HD 1920x1080 at 24 frames per second
  • 3.0 inch diagonal non-touchscreen monitor
  • 16.0 ounces weight for camera body

The kit that I bought included a 18-55mm and 55-200mm f/3.5-5.6G AF-S Nikkor VR lenses.  Over time, I have enjoyed using the camera very much taking over 6,000 photographs in about a year. Here's a couple of my favorites:



I added a Nikkor AF-S 35mm f/1.8G prime VR lens and a 55-300mm AF-S f/3.5-5.6G ED VR II lens, and lots of other stuff.  Here's one of my favorites from the 300mm, which has VR II so taking hand-held photos like this are possible:



After exploring more advanced photography techniques through reading and experimentation, I found several features which I wished were built-in to the camera, but were not. Here's a short list of features I wish that the Nikon D3100 had:
  • Bracketing of Exposure and Shutter Speed
  • Wireless remote control
  • Intervalometer
  • Advanced Flash integration
  • GPS
  • Wi-Fi
Prior to upgrading, the following explains how I dealt with these short-comings of the D3100.

Bracketing

It was not much of a problem to overcome the lack of bracketing controls by simply varying the exposure or shutter speed manually, but to do it effectively required a tripod to keep the camera at the same view.  For the outdoor photography that I tend to do, I usually would set up the camera on the tripod and set it to the aperture (A) mode. Then, I would simply turn the adjustment knob for the aperture between each frame.  Otherwise, I might set it up with the camera set to shutter speed mode (S) and adjust the shutter speed as shown below.

1/15th of a second, f10, ISO 100

1/20th of a second


1/25th of a second

1/30th of a second

1/40th of a second

1/50th of a second

Wireless Remote Control

I bought a wired intervalometer for taking time-lapse photography, and it also served as a way to release the shutter remotely, at a shorter distance, but like a wireless remote control.  It's also nice because in manual mode (M), if I set the shutter speed to Bulb, then I can hold the release button for as long as I would like to create long exposures like these:




Advanced Flash Integration

The small built-in flash is only adequate for up-close or very small room photography.  Any outdoor or large space photography required more.  By going with the Nikon SB-700 Speedlight flash, I was able to get an integrated flash that could provide Commander capabilities for the Nikon Creative Lighting System.  This flash isn't quite as large or as powerful as the SB-910, but is more than adequate even for outdoor or photos taken in moderate to large rooms.

GPS

There is a GPS port on the D3100, but I never acquired the Nikon GP-1A module which lists for $312 as of today at www.nikonusa.com. Within Adobe Lightroom or Photoshop, as well as other tools, there are ways to embed location information, although I never bothered.

Wi-Fi

There is no Wi-Fi on the Nikon D3100, so you have to wait until you can get to a computer and import them.  There is also no Eye-Fi support built-in, although I didn't explore this option, I should note that there is some option for Eye-Fi support built-in on the Nikon D5500.  Eye-Fi allow you to have the SDcard in the camera connect to upload to a Wi-Fi access point.


Current Offerings

Nikon no longer offers the D3100, except possibly as refurbished, which I saw one today at their site for $749, which made me smile.  The kit for the D5500 which I purchased with the 18-140mm f3.5-5.6G ED VR is listed at $1,049,95 after a $350 instant savings, but lacks many of the extras that I got in my kit, which you can read about in my next part of this post.

A much improved entry-level cameras can be found in the D3200 and D3300 still offered at $449.95 and $499.95, respectively.  They now feature 24.2 megapixels.  The D3200 still has the same Expeed 3 processor as the D3100, but the D3300 now has the Expeed 4 processor. With an extra WU-1a Mobile Adapter module for $59.95 you can connect to both of these cameras through Wi-Fi on your smartphone.

Part II - Fast Forward to the Nikon D5500 from the D3100 - The D5500

The second part to this post will be upcoming soon! I plan to share the benefits and downsides to the Nikon D5500 in comparison to the D3100, as well as a few new photos!







7/10/2015

Firewalld and iptables

Firewalld and Iptables

The Problem

The iptables command line interface to control the Netfilter functions in the kernel is being superseded by Firewalld's firewall-cmd.  Firewalld provides not only a command line interface, but also a very powerful graphic one. 

The problem is that once you enable the Firewalld service, then you should only use firewall-cmd from the command line for configuration.  Attempts to modify the firewall configuration with iptables commands directly will fail.  However, iptables commands can still be used to query the rules that are created by the Firewalld GUI, or by firewall-cmd commands.  For example, after using firewall-cmd to create rules, you could execute the following iptables command to view the actual Netfilter rules:

iptables -nvL 

HOT TIP: Take advantage of the command completion feature while working with firewall-cmd.  If forget an option, just press TAB and TAB and wait for a second for the list of available options!  Executing "firewall-cmd --help" also provides a good summary of the available options before you have to start reading the man page.

Service Rules

There are many services that have rules which are predefined by Firewalld.  It can make it much easier to enable access to a service by using these preset rules. To find out which services can be enabled access through the default zone, use the following command:

firewall-cmd --get-services

To enable access to the service through the firewall persistently, you can execute:

firewall-cmd --add-service=dns --zone public --permanent

The above command does not affect the state of the current firewall.  To add the service immediately, you can execute the above command without the --permanent option, or else use:

firewall-cmd --reload

Alternatively, you could add all the services and other rules that you wanted until you got the runtime configuration to reflect what you want by not using the --permanent option and then execute:

firewall-cmd --runtime-to-permanent

Adding a New firewalld Service Definition

If a service that you want to enable through firewalld is not defined, then you can define it in:
/etc/firedwalld/services in an xml file.  Here is an example of /etc/firewalld/services/quake.xml:

<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>Quake</short>
  <description>Quake is an on-line game</description>
  <port port="26000" protocol="tcp"/>
  <port port="26000" protocol="udp"/>
</service>

Here is an another example of /etc/firewalld/services/iscsi.xml:
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>iSCSI</short>
  <description>iSCSI default target portal port</description>
  <port port="3260" protocol="tcp"/>mv 
</service>

After creating xml files like these in /etc/firewalld/, you need to reload the firewalld service with:

firewall-cmd --reload

Then, you would be able to see the new services by executing:

firewall-cmd --get-services

which outputs:

RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps ipp ipp-client ipsec iscsi kerberos kpasswd ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt mysql nfs ntp openvpn pmcd pmproxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp quake radius rpc-bind samba samba-client smtp ssh telnet tftp tftp-client transmission-client vnc-server wbem-https

Next, you could add the new services to a zone like public, for example:

firewall-cmd --add-service={iscsi,quake} --zone public --permanent
firewall-cmd --reload

To see the set of all rules in the current (runtime) configuration, you can use:

firewall-cmd --list-all

Direct Rules

Direct rules are similar to rules that used to be added with the iptables command.  Instead of starting with an iptables -I INPUT, you start with "firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0".  Like adding services, a permanent rule is not immediately active, but you can make it so by using reloading the firewall rules.  For example to open port tcp/8200, you could use:

firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 \
-s 192.168.1.0/24 -p tcp --dport 8200 -j ACCEPT


firewall-cmd --reload


I discovered that you have to "get" the rules instead of querying for a "list" of them:

firewall-cmd --direct --get-all-rules

Rich Rules

Rich rules are designed to accept a more natural language than Direct rules.  Both require more knowledge of the workings of the firewall than Service rules.

firewall-cmd --list-rich-rules
firewall-cmd --add-rich-rule 'rule family="ipv4" source address="192.168.0.0/24" port \ port="2049" protocol="tcp" accept'
firewall-cmd --remove-rich-rule 'rule family="ipv4" source address="192.168.0.0/24" port \ port="2049" protocol="tcp" accept'

About Me - WrightRocket

My photo

I've worked with computers for over 30 years, programming, administering, using and building them from scratch.

I'm an instructor for technical computer courses, an editor and developer of training manuals, and an Android developer.