pppd + precompiled-active-filter
OpenWRT has long had some patches against pppd 2.4.4 for what’s called ‘Precompiled Active Filter’. This is a file, which contains the libpcap compiled filter on what should be considered ‘active’ or ‘interesting’ traffic. In the Cisco world, it’s the access-list you reference with dialer-list and dialer-group commands.
The default file that’s shipped tends to ignore icmp requests and a few other odds and ends, and is either never used, or works for everyone else. Sadly, I needed to change it.
Finding #1) tcpdump -ddd not icmp and not udp 123 and …. generates a precompiled file nicely
Finding #2) After several hours - this is not the right way to generate it. Files generated do not do what you think they do.
Finding #3) Included in the buildroot is a tool from http://www.fli4l.de/en/home/news/ called pfc.c which will build the correct filters. That’s the Floppy Linux ISDN… Floppies and ISDN - something I haven’t run into for several years.
Building it (gcc -o pfc -lpcap pfc.c) gives you a nice little tool to generate them using command line libpcap filter syntax - and guess what - they work!
Who Moved My Brain?
Merlin Mann’s posted a special version of one of his famous slideshows, which includes his slide comments below. Go read Who Moved My Brain? now.
4 Features/Changes Google Reader Needs to Move Forward
After using Google Reader for just over a year, I’ve got a few features I’d like to see added/changed. Some are simple, and some are not so simple.
- Deduping/Dupe Filtering. Many of the feeds I read report on the same news, with the same link(s) in the articles. I don’t need to see something 2,3,4,5 times… and while each post is slightly unique, the linked to content is the same. So I’d like to be able to turn on a feature to de-dupe posts, and rank my feeds (eg: so I can prefer Engadget over Slashdot over Digg).
- Better Error detection on adding feeds. I was tweaking some RSS feeds a few months back, and they just didn’t appear - no new content. I had to use some other RSS readers to debug exactly what part was malformed, that Google Reader didn’t like.
- Tags that exist after I’ve unstarred/read an item. Maybe I don’t get the concept, but I want to Tag an article, so I can reread it later, without it staying in my Starred Items list. Searching previous items is close, but if I’m researching something for a specific project, I’d tag the posts, and then want to recall all of them later - wether or not I’d read them all.
- Ability to find other feeds by seeing what other readers of a specific feed are reading. Google Reader does this to a degree with the Recommended list, but I want to pick one of my subscriptions, see that it has 4 other readers, and I’d like to see what feeds they have. The Recommended seems to work on large volumes - ie: 1000’s of subscribers. I want to go find out what the 4 other people who are reading John Smith’s blog are reader, since we’ve got something special in common.
Google Reader - 1 year later
It’s actually been a few weeks longer than a year, but close enough. First, the current stats:
Compared with a year ago, I’m reading more than double the number of feeds, but slightly less articles. Most of this has to do with dropping a few feeds that were 90% duplicates (unfortunately this means I do miss out on 10% of unique content) and adding more blogs, which are updated much less frequently.
Since getting an iPhone I’m reading about 1-2% of articles there - but mostly Starring things for later review.
Next post will be 5 features/changes I need Google Reader needs to move forward.
Dan’s DNS Talk from Blackhat
If you’re at all into security, Web 2.0, systems administration, you need to check it out here. Yes, it’s a Powerpoint, but it’s worth opening.
It covers not just the recent DNS attacks, but use and abuse of DNS to disrupt Email, SSL, ‘Forgot your password’ systems. Also explains attack vectors for Internal systems, so your firewall won’t protect you - patch your DNS servers!
My favorite quote from the presentation - ‘Never assume an API is smarter than it had to be to ship’
I’m back
As the topic says, I’m back. My employment with MDS is over, so I feel more comfortable writing about what I’m up to and posting small hacks as I run across them. The focus of the blog will shift as I’m now contracting/consulting full time again (and much happier about it). It also means I’ll likely be hacking on Openswan and tcpdump & libpcap more often, since I’ve got some time between paying gigs.
One of the first things I’ll be working on is some updated Cisco to Openswan interop documentation, since I’ve got a PIX and my eBay’d 2600 router running again, and I know the current documentation on this particular interop sucks.
Ubuntu 8 on Parallels 3 (and some other VM packages)
You’ll see
This kernel requires the following features not present on the CPU: 0:6 Unable to boot - please use a kernel appropriate for your CPU.
You need to go here and it’ll fix you right up.
Welcome, Preston!
Born today (Sat Nov 10th, 04:31 EST) and weighing in at 8 pounds, 14 ounces - he was 7 days late, but right on time as far as we were concerned.
Still Waiting…
Yup, I’m still pregnant, to the surprise of a lot of people. The official due date is tomorrow, so all I can do is wait. Ken and I do have an ‘eviction date’ for baby on November 9, 2007.
Google Reader Stats, Redux
It’s time for an update on Google Reader. Since my last post on July 27th, I’ve added a number of new feeds, but overall the numbers of articles hasn’t really increased. I’ve also noted that I haven’t starred or shared any more items, even though the numbers of feeds and articles have increased. Based on that, I should be able to drop some feeds from the list, but still get the important posts - we’ll see what the next 60 days brings.
Flickr Photos
