SOPA/PIPA Blackout

Today is the great SOPA/PIPA blackout. These are two proposed bills in Congress which would create a censorship regime for the Internet, much like China, Iran, and Syria have. And we know how great those governments are, so why wouldn't we follow in their footsteps? Wikipedia and Google are the most notable, but thousands of other sites went offline in protest. We at zmonkey.org fully support these actions.

tags: 

Port 25

South Korea is reportedly preparing to block TCP port 25 and force all mail traffic through "official mail servers", whatever that means. The BBC article isn't much on technical details. I'm still on the fence about blocking port 25. Fundamentally, I'm opposed to blocking ports outright. If somebody is shown to abuse a service, I'm fine with restrictions. I'm not excited about the prospect of requiring all mail to go through a central server, whether it's mine or someone else's.

tags: 

Create A Degraded RAID1 Array

Say you wanted to create a RAID1 device but didn't have all your devices ready. Here is how you could create a degraded RAID1 array and then add the second device at a later time. For these examples /dev/sda1 is the first device which will become our RAID and /dev/sdb1 will be added later.

First step is easy, create the RAID array. Our array will be /dev/md0. The "-n 1" option tells it that just a single device will be used and "-f" is required to use such a non-standard option.

$ mdadm --create /dev/md0 -l raid1 -f -n 1 /dev/sda1

tags: 

Asterisk Experiment: IPv6 and TCP

I couldn't tell you how long these features have been in Asterisk but I decided to give IPv6 and SIP/TCP a try in the latest 1.8 release. Basically it's a simple process. There are no special options required in the build, not that I could find anyway.

Once it's installed, there are two configuration options that need to be set. By default Asterisk will only listen on IPv4 and UDP so add these options in sip.conf:

tags: 

World IPv6 Day Wrap-up

Looks like World IPv6 Day was a good success. I saw a lot of traffic on NANOG announcing various issues people had seen, and many people declaring success. My own little fiefdom experienced relatively few problems. My Linux laptop had no issues with Google, Facebook and the other sites I could find. I reset my traffic counters this morning so I could watch it:

tags: 

NAT

If you've ever thought to yourself, "self, I'm going to borrow these public IP addresses which aren't mine and use them for my internal, natted network", well then let me set you straight. Don't do it. Disaster will strike at some point and the consequences will not be good. But if you do it anyway, don't expect me to feel sorry for you either.

Also, NAT sucks.

tags: 

Using a /32 Netmask on Linux

Despite what some simple Googling might imply, it's entirely possible to use a /32 as a netmask for an IP address on Linux. The important detail is that it can't be the primary IP address. That primary can be an RFC1918 address (i.e. nonrouteable on the Internet) but your default gateway needs to be able to route to you via something other than the /32.

Here's the setup. Assume a Cisco router on 192.0.2.1/24 and a Linux server on 192.0.2.2/24. The /32 we'll use is 192.0.3.1/32.

On the server:

ip addr add dev eth0 192.0.2.2/24
ip addr add dev eth0 192.0.3.1/32

On the router:

interface FastEthernet0/1
ip address 192.0.2.1 255.255.255.0
ip route 192.0.3.1 255.255.255.255 192.0.2.2

At this point, you should be able to ping both 192.0.2.2 and 192.0.3.1 from the router.

The other step you may need to take is to add some routing on the Linux server to source from the 192.0.3.1 address. Normally traffic that is received on that IP will reply with that IP, so that's fine, but for new traffic if you want the source to be the /32, you'll need a special route:

ip route add 10.0.0.0/8 via 192.0.2.1 src 192.0.3.1

See, I told you it was easy.

tags: 

PhotoRec, The Savior of Lost Media

Like any good tool, Rsync can be easily used to destroy your life. In my case it was a typo on the destination directory and use of the "--delete" option. Just like that, my SD card was emptied. Luckily I didn't have too many files on there, as I only recently acquired it, but there I was thinking "boy I wish I had backups of that". The good news is, I found PhotoRec.

tags: 

Pages

Subscribe to zmonkey.org RSS Subscribe to zmonkey.org - All comments