Blocking Unwanted Internet Traffic 101

I recently came across this very suggestion on serverfault which starts with blocking spoofed packets. I’m addressing on the first block of rules here.

http://serverfault.com/a/410618/79028

It is a simple iptables ruleset which blocks most of the common rfc1918 addresses. You have probably heard of these, the 10/8, 192.168/16 and 172.16/12 address ranges. What might be new to you, is that there is a whole great many more ranges which one should never observe on the internet.

You might add to your list:

  • TEST-NET(192.0.2.0/24) from rfc3330
  • benchmarktest(198.18.0/25) from rfc2544
  • protocol assignment(192.0.0.0/24)
  • testnet2(198.51.100/24) and testnet3(203.0.113/24) from rfc5736 and 5737
  • carrier grade nat(100.64/10) from rfc6598

Blocking addresses of these ranges is completely valid. IANA has not and will not assign them for use on the internet. They are reserved and non internet route-able.

 

zlib stream python oneliner

I ran across a zlib stream, which is like a gzip file, but without the gzip header. I wanted to decompress it and piping through gunzip doesn’t work because of the missing header. Python to the rescue!

| python -c ‘import sys,zlib;print zlib.decompress(sys.stdin.read())’

That was easy.

Converting your existing ssh rsa key for use with Windows Azure

Oh Microsoft, it seems like you make simple things complex.

I could not find anything on converting an existing ssh key for use with Azure. Once I figured out what was needed and the commands available to me, it was easy. It only took me hours of fiddling with ssh-keygen and openssl.

The magic was learning that openssh stores its id_rsa in a format which openssl can read. This means I can use openssl directly to convert this private key.

openssl req -x509 -new -days 365 -key id_rsa -out id_rsa.x509req.pem

Type in your password for your private key (if you are not using a password, you should be.) Then fill out the certificate request fields.

Now you can boot your azure vm using id_rsa.x509req.pem

azure vm create jrwtest b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-12_04_3-LTS-amd64-server-20130916.1-en-us-30GB jwren –location “East US” -e -t id_rsa.x509req.pem

Now you can secure shell to your azure vm.

ssh jrwtest.cloudapp.net

SWEET. 🙂  No generating new ssh keys for me.

I recently read a post by someone lamenting the thanklessness a programmer gets. I once worked in IT where services are really considered a utility. No one calls the utility company unless there is a problem. Have you ever called your electric, phone, or gas company to thank them for the great service? I didn’t think so. This was my response:

Sounds like a bad environment. For a long time now, I’ve worked on teams where we are our own worse critic and where I’ve received more thank you emails than criticizing emails. That said, I don’t consider error reports to be criticizing emails. They are just that, a report of something which went wrong. Things always go wrong, not just in programming. In business and in life, something will always go wrong. How you respond to the wrong doing can largely influence your happiness as a human being.

Sometimes mind shift has to happen to really make this effective. Things like http://www.c2.com/cgi/wiki?EgolessProgramming can help you remember that you are not your code. Error reports mean that someone care about what you created and wants to help you make it better. That is awesome. I’d love much but maybe not too much of that kind of feedback.

git svn terrible trouble

I use git svn.

I recently somehow (I do not recall) put git svn into a strange state.

The symptom was that from master, git svn info would show a branch to which I once committed instead of trunk. I could not figure this out. My solution was to rm -rf .git/svn/ ; git svn fetch -r latesttrunkrev to let git svn recreate the refs. Then all worked.

Now git svn info from master tells me trunk, like I expect it to.

 

xpath from command line

I’m curious how often someone has written the equivalent of this. I wonder why there isn’t just some tool, and yes, I’ve used xmllint shell to do the same thing.

 1 using System;
 2 using System.Xml;
 3 
 4 public class Program {
 5     public static int Main(string[] args) {
 6         var  doc = new XmlDocument();
 7         doc.Load(args[0]);
 8         foreach (XmlElement n in doc.SelectNodes(args[1])) {
 9             Console.WriteLine(n.InnerXml);
10         }
11         return 0;
12     }
13 }

When Reversing the Interview Process becomes How Would You Do Fun Things in C

My boss’s boss’s pals wrote this: http://blog.exodusintel.com/2012/09/18/reversing-the-interview-process/

Its a story about how someone was asked a crazy fun C question in an interview and how the new team decided to try it.

After reading this and discussing it with coworkers, I decided to try it and of course the first thing that came to my mind was a way to use tail recursion to do it.

 1 #include <stdio.h>
 2 
 3 int c;
 4 //auto func0 = [&] () -> int { c++; _strlen(s+1);};
 5 //auto funcn = [&] () -> int { return c; };
 6 int rs(char* s);
 7 int go(char* s) { c++; return rs(s+1); }
 8 int ret(char* s) { return c; }
 9 int rs(char* s) {
10     int (*func[2]) (char *s) = {ret,go};
11     char i = (*s>>7 | *s>>6 | *s>>5 | *s>>4 | 
        *s>>3 | *s>>2 | *s>>1) & 1;
12     return func[i](s);
13 }
14 int _strlen(char* s) {
15     c = 0;
16     return rs(s);
17 }
18 
19 int main(int argc, char* argv[]) {
20     printf("_strlen(%s): %d\n", argv[1], 
        _strlen(argv[1]));
21     return 0;
22 }

After writing it, I went and looked at the other fella solutions for the second time. I should also mention that I haven’t written C on the job in 11 years, and when I did then, it was one tiny program which was quickly replaced with perl. I have never been anything other than an intro beginner C programmer.

Things I noticed after going back is that my solution is somewhat similar to Brandon and Zef’s solution, but I think both my use of function pointers and bit shifting are more elementary. I’m still not sure about how some parts of their solution works.

Installing iWork09 from CD without a Mac

You’d think you could just use Apple’s nice CD Sharing program, aka Remote Disc http://support.apple.com/kb/HT1777?viewlocale=en_US

But sadly, the iWork09 CD is not an iso9660 disc. Instead it has an Apple style partition table, which was not readable by fdisk and crashed parted in linux, with an HFS+ filesystem. When you insert the disc into a Windows PC it simply will not read it.

So, I booted to Linux, used dd to rip the cd and started analyzing the contents of the disc. What I came up with was a way to extract the HFS+ filesystem from the disc image. Since I don’t really care about the filesystem being perfect – I only care about being able to install iWork on a new Mac Book Air – I only care about where it starts and I run a fsck tool to repair the end of filesystem.

The filesystem begins at an offset of 72blocks (36864bytes):
$ if=iwork09.img bs=512 skip=72 of=iwork09-1.img

Repair the filesystem:
$ fsck.hfsplus iwork09-1.img

Mount it and copy the iWork directory or install it from there
$ mount -t hfsplus iwork09-1.img /mnt

A little extra work, but it beats a trip to the Genius Bar.

 

Setting up a new mac…

3 months ago I started using OSX full time. Today I found myself setting up a new mac. I wished that I had a checklist of my personal must haves. This is that list.

XCode (from AppStore)
Firefox Aurora
Chrome dev channel
EnvyCodeR font
iTerm2 (and configure with EnvyCodeR font)
twitter (only in AppStore)
brew — /usr/bin/ruby -e “$(curl -fsSL https://raw.github.com/gist/323731)”
KeePassX
growl
MenuMeters
copy my ssh keys and load them into my ssh-agent
copy my .vimrc and .vim dir
copy my .bash{rc,_profile}
Squeezeslave

Storyboard Custom Segue For Custom PushViewController Animation

While there are a lot of google hits when searching for custom pushViewController Animation, I found nothing regarding use of a Custom Segue to make it reusable and I also found a lot of misinformation like “it can’t be done with the default UINavigationController.” It can.

From your Button, View, Gesture Recognizer or whatever, instead of dragging from Push, drag from Custom.

Then select the Segue that is created and type in a class name the custom Segue.

Now we can create the FromTopReplaceSegue class. Use Add File or however you like to create new classes in XCode.

//FromTypeReplaceSegue.h

#import <UIKit/UIKit.h>
@interface FromTopReplaceSegue : UIStoryboardSegue
@end

//FromTypeReplaceSegue.m

#import “FromTopReplaceSegue.h”
@implementation FromTopReplaceSegue
-(void)perform{
UIViewController *dst = [self destinationViewController];
UIViewController *src = [self sourceViewController];
[dst viewWillAppear:NO];
[dst viewDidAppear:NO];

[src retain];

[src.view addSubview:dst.view];

CGRect original = dst.view.frame;

dst.view.frame = CGRectMake(dst.view.frame.origin.x, 0-dst.view.frame.size.height, dst.view.frame.size.width, dst.view.frame.size.height);

[UIView beginAnimations:nil context:nil];
dst.view.frame = CGRectMake(original.origin.x, original.origin.y, original.size.height, original.size.width);
[UIView commitAnimations];

[self performSelector:@selector(animationDone:) withObject:dst afterDelay:0.2f];
}
– (void)animationDone:(id)vc{
UIViewController *dst = (UIViewController*)vc;
UINavigationController *nav = [[self sourceViewController] navigationController];
[nav popViewControllerAnimated:NO];
[nav pushViewController:dst animated:NO];
[[self sourceViewController] release];
}
@end

In this CustomSegue not only are we doing custom animation from Top to Bottom (just like the default push navigation of Right to Left) but instead of pushing, we are replacing the top view controller.

In my current project I have a nearly identical FromButtomReplaceSegue that does the replace but animates from Button. I hope for a library of these with varying animation transitions and Push/Replace variants of each. Then anytime you want to use a different animation you can simply use a Custom Segue instead of writing a bunch of code in ViewDidLoad or wherever. Hurray Storyboard!

  1. http://stackoverflow.com/questions/2215672/how-to-change-the-push-and-pop-animations-in-a-navigation-based-app
  2. http://stackoverflow.com/questions/5878732/how-to-create-uinavigationcontroller-animation-top-to-bottom
  3. http://dmunsie.wordpress.com/2009/08/07/custom-animations-between-uiviewcontrollers/