Port 25

South Korea is reportedly preparing to block TCP port 25 and force all mail traffic through "official mail servers", whatever that means. The BBC article isn't much on technical details. I'm still on the fence about blocking port 25. Fundamentally, I'm opposed to blocking ports outright. If somebody is shown to abuse a service, I'm fine with restrictions. I'm not excited about the prospect of requiring all mail to go through a central server, whether it's mine or someone else's.

tags: 

Create A Degraded RAID1 Array

Say you wanted to create a RAID1 device but didn't have all your devices ready. Here is how you could create a degraded RAID1 array and then add the second device at a later time. For these examples /dev/sda1 is the first device which will become our RAID and /dev/sdb1 will be added later.

First step is easy, create the RAID array. Our array will be /dev/md0. The "-n 1" option tells it that just a single device will be used and "-f" is required to use such a non-standard option.

$ mdadm --create /dev/md0 -l raid1 -f -n 1 /dev/sda1

tags: 

Asterisk Experiment: IPv6 and TCP

I couldn't tell you how long these features have been in Asterisk but I decided to give IPv6 and SIP/TCP a try in the latest 1.8 release. Basically it's a simple process. There are no special options required in the build, not that I could find anyway.

Once it's installed, there are two configuration options that need to be set. By default Asterisk will only listen on IPv4 and UDP so add these options in sip.conf:

tags: 

World IPv6 Day Wrap-up

Looks like World IPv6 Day was a good success. I saw a lot of traffic on NANOG announcing various issues people had seen, and many people declaring success. My own little fiefdom experienced relatively few problems. My Linux laptop had no issues with Google, Facebook and the other sites I could find. I reset my traffic counters this morning so I could watch it:

tags: 

NAT

If you've ever thought to yourself, "self, I'm going to borrow these public IP addresses which aren't mine and use them for my internal, natted network", well then let me set you straight. Don't do it. Disaster will strike at some point and the consequences will not be good. But if you do it anyway, don't expect me to feel sorry for you either.

Also, NAT sucks.

tags: 

Using a /32 Netmask on Linux

Despite what some simple Googling might imply, it's entirely possible to use a /32 as a netmask for an IP address on Linux. The important detail is that it can't be the primary IP address. That primary can be an RFC1918 address (i.e. nonrouteable on the Internet) but your default gateway needs to be able to route to you via something other than the /32.

Here's the setup. Assume a Cisco router on 192.0.2.1/24 and a Linux server on 192.0.2.2/24. The /32 we'll use is 192.0.3.1/32.

On the server:

ip addr add dev eth0 192.0.2.2/24
ip addr add dev eth0 192.0.3.1/32

On the router:

interface FastEthernet0/1
ip address 192.0.2.1 255.255.255.0
ip route 192.0.3.1 255.255.255.255 192.0.2.2

At this point, you should be able to ping both 192.0.2.2 and 192.0.3.1 from the router.

The other step you may need to take is to add some routing on the Linux server to source from the 192.0.3.1 address. Normally traffic that is received on that IP will reply with that IP, so that's fine, but for new traffic if you want the source to be the /32, you'll need a special route:

ip route add 10.0.0.0/8 via 192.0.2.1 src 192.0.3.1

See, I told you it was easy.

tags: 

PhotoRec, The Savior of Lost Media

Like any good tool, Rsync can be easily used to destroy your life. In my case it was a typo on the destination directory and use of the "--delete" option. Just like that, my SD card was emptied. Luckily I didn't have too many files on there, as I only recently acquired it, but there I was thinking "boy I wish I had backups of that". The good news is, I found PhotoRec.

tags: 

Transparency and Credibility

There's a great food blog that I read. I used to read it with much more zeal than now, and that's the subject of my story. See a few ago I noticed a recipe for what amounted to a casserole made from a can. Had I drifted back in time to the 1950s? No, upon further review this was a post sponsored by "Campbell's Kitchen". I was shocked and yes even a little offended.

The problem wasn't so much the fact that they were accepting advertising from Campbell's, rather that now I didn't know which stories are advertising. For example, in this review of store-bought gravies (something I would not ever buy anyway, but I'm into taste tests of all sorts), Campbell's gravy got an honorable mention. Is that because it was actually tasty or because Campbell's slipped a little cash their way. There's really no way to know. Worst of all, nothing the author might say could prove otherwise because how do we know he's not being paid off to deny it. It's a horrible spiral of assumed deceit.

Beyond just a silly food blog, this is basically the same problem facing Congress. When a congressman takes campaign money from a person or company, and then later passes legislation that benefits that entity, how can we ever believe that the money didn't affect their decision? And even if the representative is being honest and trying their best, does the money subconsciously alter their behavior?

We here at zmonkey.org are proud to bring you ad-free content. You can be certain that nobody paid anything for this, no matter how hard we might have tried.

tags: 

Pie Crust Demo

Tomorrow night I'll be giving a food demo on the subject of pie crust and why you should not be afraid of making them. Really you shouldn't. This world could always use a little more pie, don't you think? Here are the notes I prepared for the event, including two crust recipes and a bunch of tips that I've developed and researched. I hope all your pie making endeavors are successful!

Pie tips

tags: 

Pages

Subscribe to zmonkey.org RSS Subscribe to zmonkey.org - All comments