?

Log in

No account? Create an account
001101000011001000110000 — LiveJournal [toothpaste for dinner] [d's dairytwist] [my chingoo lisa] [ndanger] [dorkbot] [boingboing] [pghalleycat] [twojeez] [o'doyle rules!] [urbanvelo.org] [east end brewing] [aaron's bike adventures] [johnk@spumco] ['ol Sideburns] [mitch] [skandsen motorsport]
Below are the 10 most recent journal entries recorded in the "unixd0rk" journal:

[<< Previous 10 entries]

April 18th, 2019
03:50 pm

[Link]

png-chess library extension
i've got some fun code i've been working on.

I found the png-chess library https://github.com/programarivm/pgn-chess/ and decided that it needed to be fleshed out a bit.

I first wrote a displayboard() function that can look at the state of a png-chess Game object and display the board in either HTML or on the command line (sans square colors on the board).

displayboard.php:


next, i had to extend PGN/File/Convert.php

i added a toPHParray() member function that dumps the parsed file to an array for further use.

the following was added to ./vendor/programarivm/pgn-chess/src/PGN/File/Convert.php after the toMySqlScript() function:


next, i wrote some code to allow selection of a PGN file to display (sorry, i won't be sharing my dropdown.php, but you should get the idea of how this could be used):

showgame.php:


Here's some output (click for FULL RES):

January 18th, 2018
12:24 pm

[Link]

CentOS/RedHat 7.3->7.4 b0rked upgrade!
Recently did a "yum upgrade" and had some problems with emacs menus not showing up properly. Lots of:

(emacs:21168): Gtk-CRITICAL **: gtk_widget_get_preferred_height_for_width: asser
*** BUG ***
In pixman_region32_init_rect: Invalid rectangle passed
Set a breakpoint on '_pixman_log_error' to debug

(emacs:21168): Gtk-WARNING **: Negative content width -11 (allocation 1, extentsItem)


...and general un-usability of emacs menus. I tracked it down to changes in the gtk3-3.22.10-4 package, but no emacs updates exist yet in the 7.4 repo to fix this issue. I use it for all of my general editing of code with the web-mode.el syntax highlighting and also other assorted text files, so I had to find a solution.

What fixed it was:

# get a copy of the newest emacs (27.0.50) and build/install it

# git clone git://git.sv.gnu.org/emacs.git
# make (generates configure sript)
# configure
# make (builds emacs)
# make install (installs)


Of course there were some libs that needed to be installed for compilation:

texinfo
libtiff-devel
gnutls-devel
libungif-devel
libjpeg-devel




All that needed to be done after that was to copy web-mode.el to /usr/local/share/emacs/27.0.50/lisp/progmodes/
August 18th, 2017
04:06 pm

[Link]

TrueOS + ipfw + natd + dhcpd + fwbuilder + virtualbox
I recently started playing around with freebsd in the form of TrueOS (originally PC-BSD).

I inherited this maxed out 12 core Dell Precision T7500 beast that was decommissioned from our defunct bioinformatics section and due to a building power outage had just lost a 17 year old NAT box that I was using to share the net with a wireless access point.

I set out configuring the Dell to replace the failed NAT/wireless machine.

First I installed TrueOS a few dozen times and completely broke it a few times. At one point, I accidentally hosed the system by installing bash and using vipw to edit the shell for the root user and adding the path /bin/bash instead of /usr/local/bin/bash. Yeah, I could have probably fixed it with a rescue boot and a symlink, but I just re-installed... again.

One of the first things I found out is that searching for specific help with all things freebsd is a bit daunting. Luckily, I got my unix guru status in the mid-90's on solaris and sunOS so I was able to sort out where the good places are to find non-confusing non-obtuse examples when "man -k" was of no use.

As I was building yet another firewall and was using ipfw instead of the iptables and feeling a bit out of my element, I decided to complicate^H^H^H^H^H^H^H^H^Hsimplify things by introducing another learning curve on top of the learning curve. Fwbuilder is a great idea: create a firewall once, and then have the capability of generating firewall scripts that can work on numerous firewall appliances and different OS'en.

So I kicked fwbuilder around for a few weeks and had ZERO LUCK getting nat to work correctly. As it turns out fwbuilder does not generate NAT rules for ipfw EVEN IF YOU HAVE DEFINED THEM IN FWBUILDER. I also had an issue with uploading the firewall script through ssh stalling out and never uploading that was fixed by setting up an ssh-agent key and eliminating the password prompting.

I ended up writing a script called natstart in order to activate the NAT rules:

natstart script:
ipfw add 11 divert natd all from any to any via em0
ipfw add 12 check-state


So basically all I have to do to test the firewall setup is:

ipfw flush ; ./fwb_firewall_script.fw ; natstart

Fwbuilder has the ability to define prologue and epilogue scripts, but they don't seem to be working. I will kick that around eventually.

Update:

It seems like these prologue and epilogue scripts aren't even added to the generated firewall script. All I see added is a line with the command: epilog_commands - which does nothing.

If you add any ipfw commands to the generated script, keep in mind that the script is creating a rule "set" and then swaps that set for the active set at the end of the script. So my rules would have to be changed to:

"$IPFW" add 11 set 1 divert natd all from any to any via em0
"$IPFW" add 12 set 1 check-state


I was eventually able to modify one of the NAT firewall templates that fwbuilder includes to produce a half-working NAT firewall... and then our director's mac SSD decided to completely die - necessitating immediate access to our in-house wifi for a temporary laptop to work with. The firewall that I activated on the Dell had some issues when one tried to do X11 forwarding through ssh on the machine but still provided a usable gateway to the net for the wireless setup. So at this point I was unable to do any testing with the live firewall as it would interrupt my director's connections to file shares and any open documents on those shares...

So I decided that another level of slapdash fuckery was required: virtualbox

I updated my virtualbox install on my workstation and found a forgotten Ubuntu-studio 15.10 VM that I had installed for "shits and gigs". My mission was now to set up some kind of virtual network where this Ubuntu install is attached to the "inside" interface of a TrueOS VM.

Great.

So here's how that works:

On the TrueOS VM I set up two network interfaces:

interface 1: attached to NAT
interface 2: attached to Internal Network (which I named TrueOS_INSIDE)

On my Ubuntu studio VM I changed the adapter to attach to the internal network TrueOS_INSIDE

Then I played around with fwbuilder like a maniac, restarting my firewall a few dozen times after each change, until things were finally working.

Now I will find out when a good time is to test this firewall on the non-virtual machine.

Update:

Here are the contents of /etc/rc.conf that one needs to set this up:

hostname="trueos.mydomain.net"
ifconfig_em0="DHCP" # Outside Interface
ifconfig_dc0="inet 192.168.1.1 netmask 255.255.255.0" # Internal Interface
firewall_enable="YES"
firewall_script="/etc/fw/firewall.fw" # I usually make this a symlink pointing to the active firewall script
firewall_logging="YES"
gateway_enable="YES"
forward_sourceroot="YES"
natd_enable="YES"
natd_interface="em0" # Divert traffic to Outside Interface
natd_flags="-log -u -m -dynamic -n /dev/em0"
dhcpd_enable="YES"
dhcpd_flags="-q"
dhcpd_interface="dc0"
dhcpd_withumask="022"
dhcpd_chuser_enable="YES"
dhcpd_withuser="dhcpd"
dhcpd_withgroup="dhcpd"
dhcpd_chroot_enable="YES"
dhcpd_devfs_enable="YES"
dhcpd_rootdir="/var/db/dhcpd"
zfs_enable="YES"
ipv6_activate_all_interfaces="NO"
# for dhcpd
snmpd_enable="YES"
snmpd_flags="-a"
snmpd_conffile="/usr/local/share/snmp/snmpd.conf /etc/snmpd.conf"
snmptrapd_enable="YES"
snmptrapd_flags="-a -p /var/run/snmptrapd.pid"


/usr/local/etc/dhcpd.conf:
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#

# option definitions common to all supported networks...
option domain-name "trueos.mydomain.net";
option domain-name-servers my.domain.name.server; # change to your DNS IP

option subnet-mask 255.255.255.0;

default-lease-time 600;
max-lease-time 7200;

subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.2 192.168.1.255;
option routers 192.168.1.1;
}


You will likely have to install the following packages to get this kind of a setup to work:

# pkg install FreeBSD-natd
# pkg install isc-dhcp43-server
# pkg install fwbuilder
# pkg install net-snmp
September 9th, 2016
02:57 pm

[Link]

xmms-jack plugin on centos 7
to get the source code for this plugin to compile you need to replace all occurrences of the string "jack_free" in jack.c (there should be 2) with "jack_freespace" or somesuch, as you will get a compiler error about a type mismatch and redeclaration of jack_free outside of the jack system includes.
July 16th, 2014
03:13 pm

[Link]

Ubuntu Rescue Remix + Clamscan
so you've got a PC with more viruses than a porno shop door handle and none of the free removal tools are finding anything but you can still tell there is something on there... well, you should probably consider re-installing ASAP, but in the meantime, here's a way to get rid of some of your e-worms...

step 1:
download ubuntu rescue remix

step 2:
burn the CD

step 3:
boot it up and let's get to work!

first you want to make sure that your network cable is plugged in so you can get the virus definition updates. sometimes you have to restart networking:




now you can update clamav's database:




now mount your hard drive: (typically, /dev/sda2 or /dev/sda1)




you should see your C: drive, if you don't, 'cd .. ; sudo umount c' and try another device. 'dmesg | less' can be useful in determining where linux is finding your hard drive and partitions.

now you can start scanning. i recommend saving your results to a logfile so that it can save you some time later. i typically do a preliminary scan without removing anything first:




now we have a file with the results that we can process with some nifty sed scripts to create a file list to feed back to clamscan after looking it over and making sure that nothing in there is a false positive:




and that's about it. have fun!
May 16th, 2014
03:33 pm

[Link]

associative arrays in C
i've been programming in PHP for around 15 years. i suppose that might make me a bit of a PHP guru. unfortunately, during my hiatus from true compiled languages, my C and C++ coding had gotten a bit rusty. i had definitely done some recent coding in C to modify my personal version of the open source DJ mixing software mixxx, but only a small hack to change the way that the fader position was mapped to the output volume for two music tracks. i'm working on a project that compares N files of about 40,000 rows to each other and does some analysis and stores it in a database table. the PHP version was obviously slow. i was able to create logic that reduced the comparison of 3 files to about 3 hours on a moderately old system 7-8 years old with maybe 8 cores. speedup was only going to be possible by rewriting in a non-realtime-compiled language. i discovered the libdbi libraries and started down a road paved with errors about illegal type conversions since typed languages haven't been on my mind for a while. as i got started i realized that there was one problem. i NEEDED associative arrays. in PHP, associative arrays allow you to set up arrays like this:

...allowing you to reference each element by an index (here, 0 or 1) and the strings "fname" or "lname". as one might guess, this is an excellent programmatic way of dealing with large sets of data like those returned from a database query or imported from a CSV file where you want to associate a bunch of rows that you would like to reference with an integer index storing column names and values. after doing a little bit of research and some wild-goose chasing, i found a good solution to the lack of this specific functionality being included by default in C. maps.

now i just have to finish writing these database wrapper functions to simplify the coding for my project a little. :)
June 13th, 2013
02:06 pm

[Link]

awesome hack for stupid soundmax hd drivers...
http://helm-of-disintegration.blogspot.com/2008/10/soundmax-hd-audio-hack-dell-optiplex.html
September 13th, 2010
05:23 pm

[Link]

portsentry + iptables + blocking TOR exit nodes
while troubleshooting my home network trying to figure out what was screwing routing up i polished my firewall rules up a bit.

it turns out that i think i was maxxing out my cheap switches, and that everything seems to work fine if i swap some cables around. also, it turns out that my root partition was full so after i deleted some junk things were working a lot more smoothly.

what i ended up doing was configuring portsentry to set up generic port listeners on a bunch of ports and set up my firewall so that the outside world can access those. next, i created a chain in iptables called PORTSENTRY and append a RETURN rule. portsentry inserts the DROP rule for each host with a "-I" switch, so that the RETURN rule can remain.

while testing firewall rules, i noticed that every time i restarted iptables i lost my PORTSENTRY chain rules and that using iptables-save would require me to remove all but the PORTSENTRY related rules or else my old (probably broken) firewall configuration would be resurrected each time i did an iptables-restore. luckily, portsentry logs the entire iptables DROP command in /var/log/messages and is even nice enough to put it in quotes:

code follows...Collapse )
August 16th, 2010
03:41 pm

[Link]

stuff i did recently...
even though i've been pretty sick since last friday night, i've accomplished a few things:

- trials bike -

i managed to bend my non-drive side crank the other day after flopping awkwardly off of a 2-1/2" wall trying to do a 180. pretty much the bike's weight from the drop bent it. they are XC cranks... on sunday i installed some truvativ hussefelt downhill-worthy ones. they seem to weigh about the same. not sure yet, but i can swear i can feel that they are stiffer after a few gap hops to rear wheel on the curb which i maybe shouldn't have done because i worked up a sweat while i was still feverish.

- laptop computer music -

after getting tired of xmms and jack sounding like a bunch of choppy crippity-crap even after yum updates and compiling the newest version of qjackctl that would work on my centos 5.2 OS i decided to spearhead a quest to make playing mp3's through jack less annoying. i might have been able to just get a lightweight media player working easily, but i have always liked the xmms project (since about 1998?) and was excited to hear that xmms2 existed now and seemed like it only had a few system dependencies (sqlite) and might be worth trying to compile.

got the DrNo build of xmms2 and quickly found that i had to upgrade sqlite to a version that was higher than any of my current rpm repositories. i just crammed version 3.7.0.1 on there without uninstalling the original rpm and will worry about it later. next had to get mpg123-devel (thru yum) and also got wavpack-devel. i'll worry about other formats in a little bit once i get everything the way i want it.

i also decided that i wanted to use the xmms2 gui client "clone" of the original xmms, promoe. after a stumbling block that was fixed by using gmake-qt4 instead of qmake to configure the build i got it built. still not sure how to access it, but...

next i had to download an init script that someone wrote for xmms2d that had an invalid "-d" flag in the start command which i replaced with a "--yes-run-as-root" flag.

finally, i had to download and install the newest alsa-plugins package so that xmms2d had a way to talk to jack-audio-connection-kit.

right now, i've got everything config'd so that i can use the xmms2 command line to control the playlist. the best part: no audio skips! next i'll figure out this promoe thing and it'll be like back in the old days, except i might be able to scratch with terminatorX or use puredata over top of whatever i'm playing. :)
July 16th, 2010
03:50 pm

[Link]

Tea Party - The party of "White Privilege Doesn't Exist"
the tea party is racist because the whole concept was constructed by corporations to "get out the stupid vote". get some people who have spent their whole lives thinking that "black people" are taking over "their" sports teams and "mexican illegals" are convincing US corporations to offshore manufacturing jobs to believe some even more ludicrous shit.

yeah, your president is a "socialist", RIGHT. trust me. I'M A FUCKING SOCIALIST and no democrat alive is a SOCIALIST. both dems and republicans work for the same people: the richest of the richest CEOs. this tea party crap is nothing but a smokescreen for the collapse of the republican party, which had to find new ways of convincing moral conservatives and religious fundamentalists that jesus would want the rich to get tax cuts...

http://www.redroom.com/blog/tim-wise/imagine-protest-insurgency-and-workings-white-privilege

"Imagine that hundreds of black protesters were to descend upon Washington DC and Northern Virginia, just a few miles from the Capitol and White House, armed with AK-47s, assorted handguns, and ammunition. And imagine that some of these protesters--the black protesters--spoke of the need for political revolution, and possibly even armed conflict in the event that laws they didn’t like were enforced by the government. Would these protesters--these black protesters with guns--be seen as brave defenders of the Second Amendment, or would they be viewed by most whites as a danger to the republic? What if they were Arab-Americans? Because, after all, that's what happened recently when white gun enthusiasts descended upon the nation's capital, arms in hand, and verbally announced their readiness to make war on the country's political leaders if the need arose."


what does tea party LEADER Mark Williams have to say?

he published a fictitious letter describing how much better off "coloreds" would be if they had just avoided that whole anti-segregation thing and "went along" with what white america had planned for them!

http://politicalcorrection.org/blog/201007150012

"Dear Mr. Lincoln

We Colored People have taken a vote and decided that we don't cotton to that whole emancipation thing. Freedom means having to work for real, think for ourselves, and take consequences along with the rewards. That is just far too much to ask of us Colored People and we demand that it stop!

In fact we held a big meeting and took a vote in Kansas City this week. We voted to condemn a political revival of that old abolitionist spirit called the 'tea party movement'.

The tea party position to "end the bailouts" for example is just silly. Bailouts are just big money welfare and isn't that what we want all Coloreds to strive for? What kind of racist would want to end big money welfare? What they need to do is start handing the bail outs directly to us coloreds! Of course, the National Association for the Advancement of Colored People is the only responsible party that should be granted the right to disperse the funds.

And the ridiculous idea of "reduce[ing] the size and intrusiveness of government." What kind of massa would ever not want to control my life? As Coloreds we must have somebody care for us otherwise we would be on our own, have to think for ourselves and make decisions!

The racist tea parties also demand that the government "stop the out of control spending." Again, they directly target Colored People. That means we Colored People would have to compete for jobs like everybody else and that is just not right.

Perhaps the most racist point of all in the tea parties is their demand that government "stop raising our taxes." That is outrageous! How will we Colored People ever get a wide screen TV in every room if non-coloreds get to keep what they earn? Totally racist! The tea party expects coloreds to be productive members of society?

Mr. Lincoln, you were the greatest racist ever. We had a great gig. Three squares, room and board, all our decisions made by the massa in the house. Please repeal the 13th and 14th Amendments and let us get back to where we belong.

Sincerely

Precious Ben Jealous, Tom's Nephew National Association for the Advancement of Colored People Head Colored Person"


so... the tea party isn't racist? ...and you're going to eliminate racism from your organization that is at least half-racists. goodbye tea party... it was nice having you to laugh at for a while there!

Tags: ,

[<< Previous 10 entries]

http://www.unixd0rk.com Powered by LiveJournal.com