Tux news - Linux ubuntu fedora gentoo gnome news

hardy.dropblog (12 unread)

SSH tip of the day

Posted: December 12th, 2008, 2:25am CET by peter

An ongoing theme that I yanked from Andrew Pollack.

I frequently have to SSH to different machines via ports forwarded through other SSH connections (the most popular is a reverse port forward via an auto-SSH link out of a customer site with a very restrictive firewall and flaky VPN service). So I’m often connecting to localhost and was getting a lot of host key check failures (because the host key was coming from all sorts of other machines). The solution?

NoHostAuthenticationForLocalhost yes
Apparently it’s not even suitable for the children any more

Posted: December 1st, 2008, 3:39am CET by peter

Children’s welfare groups slam net filters.

Now will Senator Conroy actually start listening?
Still serious about storage

Posted: October 29th, 2008, 10:37am CET by peter

Ack, can’t quite believe it’s been five months since the last time I futzed with storage. After some minor teething problems, the DNS-323 has been humming along very happily.

I had a lot of problems installing new firmware (mostly because I didn’t feel inclined to attach a serial console) so ended up building a debian chroot for it. The downside there was a lot of problems with the buggy NFS support in the D-Link supplied kernel. Eventually got everything stable again network-mounting my home directory with CIFS.

Once that was done, I set up automated rsync jobs to dump the contents of every single machine I owned. That’s a fairly small list, I swear - my mail server syncs up to it on a regular basis, and my Eee syncs every time it joins my home wireless thanks to a post-join script in NetworkManager. After all of that, I’d used a whopping 9% of the 750GB array, so I figured I may as well make use of the space, and have been tinkering with using rdiff-backup to keep versioned backups on the same volume. Looks very simple, but I’m yet to try restoring anything out of it.

Today I finally went out and picked up a USB disk, a 750GB Western Digital My Book. It was reasonably cheap, and I have grand schemes to mod the case to look like an actual book. Enter rsync again to copy everything I own in to the book, and it’ll live in the office with runs home every couple of weeks to update it.

Was very interested to see Matt Palmer’s recent success porting debian-installer to the DNS-323. Some time soon I hope to duplicate his efforts. I’m really not happy with the extra lifting required to make a chroot system work well, and the supplied kernel is sadly lacking when it comes to things like networked and encrypted filesystems.
Bob Hardy

Posted: September 15th, 2008, 5:43pm CEST by peter

As most of my closer friends already know, my father has been very ill, battling complications arising from liver cirrhosis for a number of months.

A lot of people who knew dad probably won’t get a chance to see the official notice, so I thought I should relay the news that Bob passed away peacefully over the weekend.

A funeral service will be held this Friday the 19th of September, at St. Clement’s Anglican Church, Church St, Yass, starting at 2pm. Please don’t send flowers or anything else. Instead, consider donating to Horton House Nursing Home, who cared for dad the last few weeks of his life. I really wanted to make a donation in his name to an alcohol support and rehabilitation group of some kind as well, but AA are stringent in refusing any sort of assistance from outsiders, and all of my searching for anybody who might accept a donation has so far drawn a blank.

And because I haven’t been saying it often enough, thanks again to everyone who’s been there the last few days. Your kind words, thoughts, prayers and assistance mean a lot more to me and my family than I’ve been letting on.
Diffusing on-camera flash with a film canister

Posted: August 22nd, 2008, 4:40am CEST by peter

So I was camera-nerding with Alice at a party on Saturday night, and found myself whinging mightily about on-camera flashes. They’re harsh and tend to completely wash out a picture. She brought up an article she’d read recently about using an old film canister as a diffuser, and a moments investigation showed that she had a film canister in her handbag (See? Total camera nerd). So, a few minutes careful measurement and even more careful cutting with a pocket knife, we wound up with our very own ghetto diffuser.

And then immediately shot a bunch of before and afters.
Without a diffuser the foreground washes out and it drops off to too dark a little too quickly. Also, Roman gets very annoyed at the amount of time I spent popping a flash in his face.

Add it, and the whole scene looks a lot more evenly lit, the flesh tones look nicer, and the highlights are gone.

I’m not going to say it also miraculously compensated for my lens being too long for the flash at wider angles. But I’m curious about the fact that the huge shadow at the bottom of the picture is gone. I’d suspect an errant thumb if it weren’t for the fact I was stone cold sober.

In conclusion, get hold of a film canister and do this. It’s cheap and surprisingly effective. If you don’t shoot on film any more, ask somebody who does, like Alice or myself. Or go to any lab and ask nicely, they’ll probably give a whole damn bag full of them. Also, one last picture. Partly because I don’t think it would have worked nearly as well without a diffuser, but mostly because I think it’s adorably hilarious.
Hat bashing

Posted: August 17th, 2008, 8:37am CEST by peter

I’ve been vaguely unhappy with my Akubra Turin lately. Probably because I seem to always photograph even worse than usual while I’m wearing it. It does seem to get a lot of random compliments from strangers, but I’m still convinced a brim that short just doesn’t suit my head. Speaking of the brim, it came out of the factory snapped up at the back. Unfortunately, it was a little bit off-centre, and the front was tipped slightly to one side. I’m probably the only person who ever noticed, but it irritated the hell out of me.

So this afternoon I tied a little bit of string around my kettle’s on-off switch to stop it from shutting off automatically, and applied a ridiculous amount of steam to the brim so I could straighten it out. It’s the first time I’ve tried to reshape felt at all, but went really well. Was able to adjust the snap so it looks much better. That first experiment went so well that I thought I’d try opening the crown out and giving it a whole new bash.

It came with a centre crease that was pinched at the front - a fairly typical fedora bash. After a lot of steam and scalded fingers and patient smoothing, I’ve got something akin to a porkpie, but with a much more pronounced crease and rounder crown. I really like the way it looks without the pinched front. Here’s what it looks like, modelled by my trusty egg-shaped lamp.

And with the feather back in, here’s how it looks on my head.

See? I photograph terribly.

Edit: Because Alice asked, a couple of before pictures of the Turin.

I got the leaf green one which, excusing another bad photo, looked a little like this:

Unfortunately I didn’t stop to take a picture of what it looks like with an open crown. Just imagine a green bowler with a very high crown. Kind of amusing, really.
Facebook Fail

Posted: July 23rd, 2008, 1:01pm CEST by peter
I kinda like the new facebook layout. It’s clean, looks a lot less cluttered than it used to be, and I keep finding neat little things it can do. But it looks completely broken on my Eee, or indeed pretty much any browser I can find when the window is narrower than the main content container. Basically, if your window is too small, then content is completely cut off. Scrolling across to the right shows nothing but beautiful white background. I double-checked on a PC with a decent-sized display by opening a new window, resizing it to around 800 pixels wide, logging in to facebook, and trying to scroll across to the right. The home page, profile and event pages are the only ones I’ve bothered trying so far, and they all come out like this:

I’ve tested this in five browsers so far.
- Firefox 3 under Linux
- Firefox 2 under Windows
- Opera 9.5 under Linux
- Konqueror 3.5.9 under Linux
- IE 7 under Windows
They all get it wrong, showing the exact same behaviour. Except, sadly, for IE.
New facebook layout in IE7.
Spoofing the user agent in firefox doesn’t really make any difference, so it seems to be something IE is doing differently to the other browsers. Whether it’s actually doing it right or not remains to be seen.

Why destination-based popup blocking fails

Posted: June 20th, 2008, 4:23am CEST by peter

Johnf mused about having firefox allow popups based on destination, rather than source. Here’s why it’s a non-trivial problem.

<script type="text/javascript">
<!--
// Surely google should be an allowable destination, right?
leetwin = window.open('http://www.google.com.au/', 'leetwin');

// Other javascript stuff.

// Never gonna give you up.
leetwin.location = 'http://youtube.com/watch?v=Yu_moia-oVI';
-->
</script>

Musing about Eli

Posted: June 8th, 2008, 7:05pm CEST by peter

I just now realised that it’s just over a year since I was adopted by an incredibly rambunctious and certifiably insane kitten. In fact, it’s a year to the day that I realised his name was Eli. Eli Wallach. This is what he looked like then:

And this is what he looked like on his birthday a couple of months ago — pretty much the same, only GIANT:

I don’t think he was terribly well socialised at the pet shop that had him before I did, as he’s incredibly timid around people he doesn’t know. This is slowly starting to change, though. Still bolts under the bed whenever anybody knocks, but he’s happy to see regular guests, and even groups of one or two are fine after a couple of hours (trust me, that’s a huge improvement).

This winter, he’s migrated from sleeping on the couch on the balcony back to sleeping on my bed. He’s even figured out that it’s considerably warmer under the covers, but doesn’t yet know precisely how to get under there. Whereas a year ago he was waking me up because he thought five AM was playtime, this year I’m being woken up at three and four by a frustrated cat scratching up the doona. I think I liked playtime better.
Trying to detect the state of the caps-lock key in X

Posted: June 5th, 2008, 7:03pm CEST by peter
Before I begin, I know that a lot of people hate the caps lock key, and tend to remap it to do something else. I am most emphatically not one of those people.

One of the first things I did when I bought my Eee was replace the operating system it ships with. I’ve toyed with a couple of variants, but right now have settled on vanilla debian (via the customised installer), and am using the awesome window manager.

This is my first foray in to tiling window managers. On full-size monitors I much prefer to clutter my screen with separate windows (partly because I’m also fairly militant about keeping my terminals 80 characters wide, go figure). But on the cramped Eee screen awesome truly shines. Add in stalonetray so I’ve got somewhere to stow network-manager and pidgin icons, and I’m incredibly happy with the arrangement.

The one thing I’m missing from Asus’ custom Xandros interface is the keyboard caps/num lock indicators it sticks in the status bar in lieu of physical LEDs on the board. Num lock isn’t such a problem, but I hit caps lock accidentally a lot more often than I would on a real keyboard, and even when I’m deliberately using it, it’d be nice to have some sort of feedback.

So I started digging through the apt repository and googling about for an X program that could figure out if caps lock was on or off. Didn’t come up with anything. Then I started wondering if the keyboard events differed at all when caps lock was being turned on or off. A little bit of testing with xev showed that they seemed to be pretty much identical. Finally I recalled playing around with different keyboard LED hacks a long time ago that could do things like blink and strobe and use them as useful indicators. Some judicious googling and plugging queries in to apropos eventually uncovered the setleds(1) command, which according to the man page “reports and changes the led flag settings of the current VT”.

awesome has a fairly simple dynamic widget system based on piping configuration parameters through a client program. Armed with my newfound setleds fu, I created a little textbox widget in my awesome statusbar named “capslockwidget”, and bound the following script to my caps lock key.
```
#!/bin/sh
state=`setleds < /dev/tty7 | tail -1 | awk '{ print $6 }'`
case $state in
on)
	colour="#AA00AA"
	break
	;;
*)
	# Covers when caps is off, and the odd case of an unexpected input
	colour="#444444"
	break
	;;
esac
echo "0 widget_tell mystatusbar capslockwidget bg $colour" | awesome-client
```
This works, after a fashion, but it’s still a godawful hack.
- It requires read access to the tty, which is problematic when X is being run by a display manager as the tty is owned by root.
- It’s slow. I type slower than normal on the Eee, but hitting caps lock still causes enough of a delay to drop letters. I can think of a couple of tricks that might speed it up; replacing the awk command with cut (although I don’t know how hard that would be seeing as the output from setleds has lots of odd whitespace), or maybe just converting the whole thing to an awk script (because yay awk!). I’m still worried it’ll be too slow to be practical.
The point is that I’m still searching for a simpler solution. By now this has to be a trivial problem that others have solved, but I’ll be damned if I can find them.
Games Peter plays

Posted: May 29th, 2008, 11:28am CEST by peter
I’ve wound up owning two current-gen consoles, because the Wii is very awesome and I needed a more different one to play GTA IV. Didn’t mean to wind up spending as much time as I currently do playing games, it just kind of happened.

I’ve been meaning to put a list together of all of my assorted friend codes and things to make multiplayer a little bit easier. So here I present mini-reviews of everything I’m playing right now, with friend codes where appropriate.
- Guitar Hero 3. Wii, friend code 5198-0666-8505 (Yep, 666 \m/ ).
  All things considered, I think GH2 was the peak of the series. Arguably better song selection, and I think the hammer-ons and pull-offs were the best balance between the impossible riffs of the first game and the much more pedestrian highlighted notes of GH3. But the Wii controller is unbelievably awesome, online play is brilliant, and I can’t be bothered unearthing my PS2 from the bottom of my cupboard.
- Mario Kart Wii, Wii, friend code 4682-9281-3918.
  New tracks rule. Fiendisly difficult opponents at 150cc suck. Wii Wheel rules. Online play is even better than Mario Kart DS. I think this is my favourite Mario Kart.
- Grand Theft Auto IV. Xbox 360. Gamertag FunkyStibbons.
  Mwaaaah. This is definitely my favourite GTA. An incredibly immersive world. An engaging story played out by rivetting characters. Blowing shit up. Total win.
- Half Life 2: Episode 2. Xbox 360. I bought the Orange Box so I could play Portal, and got completely sucked in by the HL2 story. These games are the closest I’ve come to acing all the achievements. I’ve killed a whole bunch of Combine soldiers with their own energy balls. I’ve killed somebody with a toilet. I’ve completed Ep1 having only fired a single bullet. And now I’m replaying Ep2, carrying a garden gnome.
- Halo: Combat Evolved. Xbox 360. When I bought my xbox, I picked up a copy of Halo 3, partly to see what all the fuss was about, and partly because GTA IV hadn’t been released yet. It is, in my mind, a very average FPS, and average FPSen tend to not hold my interest for too long. But coming in to the Halo series at number 3 is kind of like watching Return of the Jedi first — you can’t just leave the rest of the series alone afterwards. So I bought the first one through the Xbox arcade thingy. Oh yeah, and I’ve always loved Red vs. Blue. (protip: Burnie Burns will be in Sydney in a few weeks giving a talk on machinimation and online content distribution for the Sydney Film Festival)
- Lostwind. Wii. And then, not long after buying one game online, I found out about Nintendo’s WiiWare channel, and bought a copy of a game I vaguely heard about. It’s very pretty, fun, and a nice relaxing little game.
Oh, and for what it’s worth, my Wii Number is 5343-1280-7343-9997, and currently houses a truly bizarre Mii collection.
Getting serious about storage

Posted: May 27th, 2008, 6:25pm CEST by peter

Over the last few months I’ve been getting increasingly worried about storage of my digital photos. Slides occupy my very professional filing system (I recently expanded into a second shoebox!), and seem fairly well protected of everything short of a housefire. But photos from both of my digital bodies were just being sucked out onto the slow and heavily-burdened single spindle that powers my fairly slow and heavily-burdened desktop PC. The backup scheme consisted, basically, of “try not to delete anything, ‘kay?”. Something needed to be done.

I’ve dithered around a lot trying to avoid buying a self-contained NAS appliance for a while. But this weekend I finally went out and picked up a D-Link DNS-323. The D-Link seems to get some of the best reviews in that price range, comes with two SATA bays and gigabit ethernet, and runs Linux under the hood. I didn’t buy it as a hack toy — it’s still first and foremost a storage device. But I still like to have a lot more flexibility than these sorts of things stick in the web-based management interface. I picked up a couple of 750GB drives at the same time, and have been tooling around getting it up to speed since.

Best reference point for information about hacking on these things is wiki.dns323.info and the companion forum. To start with, getting a shell on the box is surprisingly easy. The last stage of the boot process, the box checks for a file named fun_plug in the root of its first volume and if it finds it, executes it. Create a volume, drop a script and a couple of binaries in it, reboot, and you’ve got telnet access.

There’s options to build volumes using LVM, RAID0 or RAID1, but selecting the default options gives you two plain disks. I took that option, then repartitioned both drives, set up a manual RAID1 configuration, and built a debian chroot environment. There’s a couple of caveats here. The first is that the system adds a 512MB swap partition to the start of each drive. This can be downsized, but it needs to be present otherwise the system won’t mount anything else on that device and you don’t get any fun_plug love. Also, no matter what else, the second partition on the disk should remain ext2, because that’s what the firmware kernel can read, and you need that both to bootstrap further activities, and to recover if things go pearshaped. I resized these down to a single cylinder each, and they currently contain a fun_plug and scripts to build RAID arrays and chroot in to the new environment.

D-Link ship the device with a 2.6.6 kernel, and only really seems to support ext2 (I’ve tried running with xfs from a third-party module, but had nothing but problems). Eventually I’d like to cross-compile a newer kernel and migrate the chroot from the current ext2 to a journaled fs, but for the time being it’ll do the trick.

I’m currently rsyncing my desktop home directory over to it. Once that’s done I’m planning on NFS-mounting $HOME, and most likely using rdiff-backup internally to keep some versioned backups. My Eee will very soon start rsyncing itself whenever it discovers it’s joined my home network.

The box has a single USB port, but for some reason it’s dedicated to a print server. Pfft. Next month (already way over my hardware budget this month :-) ) I’ll be picking up a third 750GB drive and a USB enclosure to dump the contents to every now and then (following the scheme that I usually attribute to jwz, but is really at least as old as magnetic media). For bonus sexy points, add gphoto for sucking pictures out of every single one of my cameras that has a USB port, and me finally doing the gruntwork to get monitoring alerts via twitter.

Yeah, OK, it’s totally a hack toy. But a useful one!
Do spammers dream of electric sheep?

Posted: May 14th, 2008, 3:07pm CEST by peter

Nick Jenkins’ recent problems trying to identify himself are hardly an isolated incident. The whole CAPTCHA concept is a fairly noble one, but it’s fraught with peril.

There’s been a number of attempts to make this process easier. Utilising everything from kittens, to simple arithmetic, to boobies, but none have been particularly successful. So I’ve been working on a new captcha system, that should be 100% foolproof at telling human from dirty nasty harvesting bot. Here’s a sample:

It’s still a work in progress and the code has a few bugs; for some reason, every time I test it the captcha fails. But I have high hopes that this will usher in a new golden age in bot identification.
GTA 4: censorship and conspiracy theorising

Posted: May 5th, 2008, 5:32pm CEST by peter

I bought Grand Theft Auto IV when it (finally) launched last week. It’s a huge sprawling masterpiece of a game, and I was planning on writing a review at some point. Just not right now.

Some very specific subsections of the intertubes have been very upset recently at the fact that Rockstar submitted a modified version of the game to the OFLC for classification. Australia (And, unfortunately, NZ. Sorry guys :-( ) wound up with a game that was self-censored in advance so that it would pass with an MA15+ rating. Rockstar have been very vague about exactly what changes have been made. And even a week after launch, nobody’s entirely sure about what was changed. Some suspect cutscenes were edited or dropped altogether (one specific rumour involves, um, intimate contact with a baseball bat), others suspected that old stalwart of the GTA series — interaction with hookers. I can confirm neither of these, because at 17% completion I’m yet to see either a prostitute or a bat. But the only people who can say for sure are still being very coy.

This was done because Australia has no R18+ classification for games. It’s fairly depressing that our Attorneys-General still refuse to introduce one. I just don’t understand why I’m allowed to see explicit content on a movie screen, but not on my console.

Anyway, I digress from what I wanted to write, which is another story that begins with “So I was playing GTA4…”. Everybody I speak to on a regular basis is quite sick of hearing this, which is a shame because I can promise it’s going to keep happening for a while yet.

So I was playing GTA4 (*groan*) tonight, and took my cousin Roman to a bar. This is a fairly simple minigame which involves, well, walking into a bar. Then you walk out later, too drunk to stand up. Watching characters stumbling, walking sideways and falling over is an effective and hilarious demonstration of the game’s new physics engine Euphoria. But Roman wanted to go home, so all I did was walk straight back out to my car and get in.

Drink driving was something else that people were worried would be omitted from the Australian release. But it remains, and compared to walking, driving under the influence in GTA is an absolutely horrific experience. Controlling the vehicle is impossible, you’re more likely to attract police attention (which means you have to drive faster), and the excessive motion blur and camera effects combine to make me feel physically ill. Seriously. If I weren’t already on the wagon, doing this once would make me consider it.

I got in the car, it started up, and the main character Niko says to himself “If you drink then drive, Niko, you’re a bloody idiot”. Then I drove off, squinting at the screen and trying not to bounce off inconvenient obstacles like buildings.

At this point, any Australian will instantly recognise the classic slogan from a fairly successful anti-drink driving campaign. I know I did, and a little bit of googling around reveals a whole bunch of other Australians who’ve pointed it out. Which is where I finally get to the point. This line, and a lot of the others delivered by people when Niko is driving them around drunk, seem very out of character, and just plain awkward compared to the rest of the dialogue.

This game has been getting a lot of great reviews, which I think are well deserved. A lot of them cite the excellent story, great character development, and outstanding dialogue. Again, I’d agree with all of that. But “bloody idiot”? Stone the flamin’ crows! Why not just drag Ray Meagher off the set of Home and Away to voice the lead character while you’re at it?

To make matters worse, while I was idly wondering about this and googling around, all I could find were Australians pointing out this line and how funny it was. Maybe it’s because they’re the only ones who would spot the reference, whether it was intentional or not. Or maybe because they’re the only ones who are seeing it. Yes, that’s right. I’m going to put my aluminium foil hat on, and start wondering out loud right now if the changes that were made weren’t scenes being cut or reshot, but dialogue added to appease the censors and lighten otherwise very questionable content?

Also, I’m going to be driving around drunk a lot more now trying to prove my point. In-game, naturally, because I’m not a bloody idiot.
Charles’ Chocolate Chilli Mocha Muffins

Posted: March 26th, 2008, 1:26am CET by peter
By popular demand (OK, one person has asked me for a copy of the recipe, and that was Charles…), I’m posting this up again in the hope that Google can find it this time.

Makes 12 medium-sized muffins.
- 2 cups plain flour
- 2 tsp baking powder
- 1/2 tsp salt
- 1 cup raw sugar
- 1/2 cup olive oil
- 2 eggs
- 2 small hot chillis
- 250g chocolate chips
- 60g cocoa
- 1 cup very strong coffee
Remove seeds from chilli, dice finely. You might need to experiment a little with how much chilli to use. Two is a good number to start with. Our next batch will be three, possibly four.

To make the coffee, we used six teaspoons of fresh ground coffee, a cup or so of water, and a plunger. If you have access to a coffee machine, espresso would probably be good.

The rest is fairly straightforward muffin making. Mix everything up. It should be slightly sloppy, but add a bit more flour if it looks too wet. Throw in a bit more sugar, ‘cause otherwise it just doesn’t feel right. It’s a fairly flexible recipe. Go nuts. Make sure the choc chips are added last, just before pouring in to tray. Bake at around 190 degrees C. for 30 minutes, or until a skewer comes out clean (bits of chocolate don’t count).

Best served warm, with more coffee.
Tinkering with a MAKE controller

Posted: March 13th, 2008, 12:41pm CET by peter

A couple of weeks ago I ordered a MAKE controller kit for a GPS-based project I’d started tooling with. But while waiting for delivery I discovered the Telit GSM862-GPS module, a much more suitable controller/GPS/modem combination. And then I started to think that there was no need to move forward with it anyway, so it’s currently on hold. And I have a MAKE controller that was kind of sitting around idle until the last day or two.

Tonight I wired up a light sensor to one of the analogue inputs, connected an old LEGO motor to one of the outputs, and started to tinker with it.

The OS on the controller uses the OSC (OpenSound Control) protocol to talk to the rest of the world, so recently I’ve been trying to come to grips with SimpleOSC. After a couple of hours trying to figure out how to drive SimpleOSC and browsing around the firmware OSC reference for the MAKE controller, I came up with SensorTest.py, which reads input values from the controller, and sends back commands to one of its outputs as well as controlling the onboard bank of 4 LEDs.

The light sensor is currently using a 100K resistor, which I’m fairly sure isn’t going to be adequate for what I want to do. But my multimeter seems to have gone missing, so I haven’t yet measured what sort out of output I’m going to get out of it. Once that’s done, I’ll move on to the much harder bit; writing code that runs directly on the controller.
Wikipedia articles I have read in the last ten days

Posted: March 5th, 2008, 5:40am CET by peter
In alphabetical order, according to the browser history of my work PC.
- 1998 Sydney water crisis
- Bangkok
- Brisbane
- Charles, Prince of Wales
- Derailleur gears
- Dissociation (psychology)
- Elizabeth II of the United Kingdom
- Global city
- Hilbert curve
- Integrated Lights-Out
- Idiot
- ILO
- Image:Acoustic coupler 20041015 175456 1.jpg
- Image:Family portrait (Voyager 1).png
- Kylie Minogue
- Leap year (specifically, the birthdays section)
- List of scandals with “-gate” suffix
- Main Page (but only just before starting to write this post)
- Medireview
- Morse code
- Nipple. Contains a close-up photo of a human female nipple. Decide for yourself how SFW that is.
- Node (computer gaming)
- Node
- Pale Blue Dot
- SAP AG
- Scunthorpe Problem
- Sharking
- Storm botnet
- Super Bowl XXXVIII halftime show controversy
- Super Bowl XXXVIII
- Sydney
- The Pirates of Penzance
- Windows service
- Wolverine (comics)
- Wolverine (disambiguation)
- Wolverine
Some obvious progressions. Some not-so-obvious ones. And some outright random stuff. Apparently I also got some work done.
Hosting multiple wireless networks on OpenWRT

Posted: February 25th, 2008, 3:01pm CET by peter
A little while ago I finally bit the bullet and reflashed my aging first-generation WRT-54G with the shiny new Kamikaze release of OpenWRT. I’ve been a little indifferent about the upgrade from the older Whiterussian series, and fairly annoyed by the fact that my router no longer seems to want to redial the PPPoE connection when it gets dropped for whatever reason (this only seems to happen once or twice a month, but always at the most inopportune times).

It turns out the Broadcom wireless chipset in the WRT-54G is able to drive multiple wireless networks. And even better, once you’ve figured out the somewhat idiosyncratic networking configuration in Kamikaze, OpenWRT exposes this functionality fairly well. So tonight I rejigged my wireless network with two SSIDs; A WPA2-encrypted network that’s bridged on to my local LAN, and a second open network on an isolated subnet and filtered by nodogsplash.

A little bit of googling around shows that Windows clients have a little bit of trouble with different networks originating from the same access point. I don’t have a Windows machine handy to test it. But my Wii was able to detect and connect to both networks without any problems. NetworkManager on my Eee (with an Atheros chipset) only finds one of the networks when it scans, but I’m able to manually connect to both networks.

Network setup
The VLAN configuration remains unchanged, which is lucky because I don’t really understand how it works. :-) We’re going to have a LAN interface that will still have a wireless interface bridged to it, and a separate wireless interface with its own subnet. The appropriate bits in my /etc/config/network look like this:
```
#### LAN configuration

config interface lan
    option type     bridge
    option ifname   "eth0.0"
    option proto    static
    option ipaddr   10.17.17.1
    option netmask  255.255.255.0

#### WIFI configuration
config interface wifi
    option ifname   "eth1.0"
    option proto    static
    option ipaddr   10.17.18.1
    option netmask  255.255.255.0
```
The lan interface defines the switch interface that wired clients see (and the wireless interface that will end up being bridged to it). The wifi interface defines an interface on the wireless VLAN that unsecured clients will talk to.

Wireless setup
Setting up the wireless interfaces is a lot simpler. All configuration is in a wifi-iface stanza in /etc/config/wireless . For multiple wireless networks, all you need to do is include multiple wifi-iface stanzas. My entire wireless file looks like this:
```
config wifi-device  wl0
    option type     broadcom
    option channel  5

    # REMOVE THIS LINE TO ENABLE WIFI:
    #option disabled 1

config wifi-iface
    option device   wl0
    option network  lan
    option mode     ap
    option ssid     "stibbons AP - encrypted"
    option encryption psk2
    option key      "I can haz sekrit keys?"

config wifi-iface
    option device   wl0
    option network  wifi
    option mode     ap
    option ssid     "stibbons AP - shared"
    option encryption none
```
The device option relates to the interface defined in the wifi-device stanza. The different network options relate back to interfaces defined in /etc/config/network . OpenWRT will automatically bridge each network to the appropriate device.

After a little bit of experimentation, it seems that my Eee only finds the second interface defined in a network scan. It seems to me that the public network is the one most people would be interested in, so that one’s done second.

Firewall setup
All user-defined firewalling should happen in /etc/firewall.user . By default this is locked down pretty tight, so I’ve had to add a rule allowing wireless traffic on our new interface out, as well as rules to let LAN traffic out to the unsecured wireless interface, without letting clients there back in.
```
## -- Allow wireless traffic out.
iptables -A forwarding_rule -i wl0.1 -d ! 10.17.17.0/24 -j ACCEPT
## -- Allow the LAN to talk to unsecured wireless clients, but not vice-versa
iptables -A forwarding_rule -o wl0.1 -s 10.17.17.0/24 -j ACCEPT
iptables -A forwarding_rule -i wl0.1 -m state  --state RELATED,ESTABLISHED -j ACCEPT
```
DHCP setup
Kamikaze uses dnsmasq still. But rather than editing /etc/dnsmasq.conf , they expect you to do the configuration in /etc/config/dhcp . This lets you specify different parameters for each interface, which the OpenWRT startup scripts translate into commandline arguments to dnsmasq. So here’s what mine looks like:
```
config dhcp
    option interface        lan
    option start    100
    option limit    150
    option leasetime        1h

config dhcp
    option interface        wan
    option ignore   1

config dhcp
    option interface        wifi
    option start    100
    option limit    150
    option leasetime        1h
```
After restarting dnsmasq, it’ll now start offering addresses in the appropriate range on the appropriate subnets.

And that’s about it. I’m not entirely sure at this point if the VLANs are actually set up properly. But everything seems to work the way it should. I now have to wireless interfaces, wl0 is bridged to the LAN interface, and wl0.1 has the wifi address assigned to it.
Photographing an impression.

Posted: February 12th, 2008, 3:53pm CET by peter

So tonight I went and saw Six Pocket Theory play at the Annandale. They were pretty awesome, btw, and I highly recommend checking them out. But that’s beside the point.

I took a camera (the new 400D, for those of you playing along at home) along almost as an afterthought, and only shot half a dozen frames. But I’m well pleased with the results, and it was a lot of fun. The really interesting bit came afterwards when my friend Dave, who was also at the show, took a look at them and said “wow you brought out colour that wasn’t even there”.

No two people are going to perceive the same scene the same way. If you’re colourblind you already know this, but if not, find somebody who is and have a good long chat with them. But, deeper than physiological differences, I believe that the way somebody looks at something is heavily influenced by their knowledge, their experiences, and even their current mood. In short, who you are affects what you see.

So, for me, photography comes down to the fairly egocentric ideal of recording my own specific interpretation of what’s in front of me. Hopefully somebody looking at what I shoot is looking at a scene using my brain instead of their own.

Now, back to Dave. First of all, I’m happy because I love futzing with colour. But most importantly, he’s now got a completely different impression of something he experienced for himself just a couple of hours earlier. I count that as a win.
Learning to program without a computer?

Posted: January 8th, 2008, 1:03pm CET by peter
Dear Lazyweb,
So, a very small amount of backstory. I have an uncle who’s in prison in Thailand. I’ve been on holiday in the north of the country for a week and a half. But right now I’m in Bangkok, and I’ll be spending the rest of this week visiting him daily before flying back to Australia.

He has a small amount of programming experience in higher-level languages (Possibly Perl, but it’s very likely I’m mistaken), but would like to learn C and/or C++ for a possible future project. Any sort of access to any sort of general-purpose PC, at least in the immediate future, is completely out of the question. So the broad question is: What’s a reasonable way to teach a new language to an IT-savvy person with some (very dusty) programming experience, without touching a compiler?

Here’s what I’m doing so far:
- A reference book covering the language semantics. (K&R springs to mind for C, but maybe something covering more recent standards would be better)
- A book covering data structures. Today I bought a book that I think is an OK grounding on data structures in C and C++. It’s hard to be sure, though, as it’s also entirely in Thai. But it seemed like a good way to start working towards doing non-trivial things.
- I thought it would also be good to include a book on design patterns to give an indication of good coding style
The biggest hole in this plan so far is an almost total lack of actual source code. Ideally I’d be able to include some non-trival FOSS project for study. I haven’t seriously looked at the work involved in converted a non-trivial amount of source to a printed form. I’m fairly sure it’s an option, but it’s something that’ll have to be tackled when I’m back at home.

Also, I realise that the best way to go about it is dependant on the intended application. It’s all fairly loosely defined so far, but I’m ignoring anything to do with kernel-level programming.

So, here’s where I ask for feedback. Am I even on the right track so far? Is there anything else I should be doing? Does anybody have any good book recommendations?

And, finally, does anybody who knows Bangkok have any good bookshop recommendations? :-)
I walked the length and breadth of Pantip Plaza and spent a while in Emporium this afternoon, and have yet to find much of anything more useful than a stack of For Dummies guides larger than an elephant.