OpenSSH Port Forwarding

Don't you love when it all comes up Milhouse?

(Add / View Comments) (0)Wednesday, June 29, 2005 - 11:49:54 pm
(Posted Under: Geek)
Tonight I played around a bit with forwarding Samba connections (Windows File Sharing) over a ssh tunnel. Instructions on how to do it are here. Interesting that you can do it, I'd always figured that UDP ports 137 and 138 were required. Also interesting reading up on the creating a second network connection in Windows XP, I'm sure I've wanted to do that before, and not been able to succeed - ah, yes, I think when I was playing around with IPSEC VPN's to work.

The downside - having to bind the local ssh forwarded port to a specific address. Sure, PuTTY can do it - but I hate PuTTY. [wink] After playing around and seeing it work, I got interested in binding forwarded ports to specific addresses again, and the lack of being able to do it with OpenSSH. First time around was pre the VPN at work, where I setup a complex set of scripts, to access the inside of the firewall (well, the parts I wanted to) remotely. Complex largely because I had to bind the forwarded ports to the loopback on a bunch of non matches port numbers, and then emulate them being bound to local ports on different addresses with a complex iptables ruleset. Pretty fancy to actually get going, but fairly complex to do a relatively simple task.

So, I decided to hit the OpenSSH website and mailing list, to find out if it could be done yet. With little cofidence that 1) it could be and 2) I'd find any info on it. Call me a cynic, but I did. 4 posts and 5 minutes later, I hit this:

Changes since OpenSSH 3.9:

* ssh(1) now allows the optional specification of an address to bind to 
  in port forwarding connections (local, remote and dynamic). Please 
  refer to the documentation for the -L and -R options in the ssh(1) 
  manual page and the LocalForward and RemoteForward options in the 
  ssh_config(5) manpage. (Bugzilla #413)

After 9 years on the web, I'm pretty spot on with assumptions on how hard something is going to be to fine. This time I was happily wrong. [smile] Took no time to find this - that since March 3, OpenSSH 4.0 has supported exactly what I want. Portage is syncing as I type. [wink] Now I've just got to see what version Cygwin is distributing as current.

I love when things come up Millhouse. [smile]

New Jobs All Around

(Add / View Comments) (0)Tuesday, June 28, 2005 - 10:12:51 am
(Posted Under: Work)
Katie starts her new job today. I start mine next Monday.


(Add / View Comments) (0)Tuesday, June 21, 2005 - 04:53:48 pm
(Posted Under: Work, Development)
This PHP at work was classic!

Parse error: parse error, unexpected ';', expecting T_PAAMAYIM_NEKUDOTAYIM or '(' in /var/www/hosts/dev-tickets.motile.net/htdocs/class.ticket_answer.php on line 160
As soon as I find what type a T_PAAMAYIM_NEKUDOTAYIM is, I'll put it in! [wink]

Are You To Good For Your Home?

(Add / View Comments) (0)Sunday, June 19, 2005 - 11:28:28 am
(Posted Under: No Category)
Are you too good for your home?!?!? -- Happy Gilmore

This week Buddy got his own kenel - it's been freezing, and it would seem that Jock keeps booting him out of the kenel. So he got his own one, one of the cute ones with "My House" on the front, stained the day we got it and all. The hilarious thing is, he won't have a bar of it. He cowers away from it like it's the diablo! Pretty hilarious that he's got this fancy house, and he'll sleep on the desk outside, no doubt freezing his ass off! [smile]


(Add / View Comments) (0)Saturday, June 18, 2005 - 09:05:53 pm
(Posted Under: Movies)
It's funny the way you can know about a movie 12 years, but know nothing about the movie. Yes, I'm talking about Singles. A movie I've heard about for 12 old years - first exposure was seeing the Would? video clip, which got me into Alice In Chains back in 1993. Since then it's, or probably more correctly the soundtrack, has continually come up over the years, and was always something I thought I should see, for rock credibility.

I saw the DVD cheap today, and brought it. Watching particularly the trailer after the movie, I noticed that all this time I actually had no idea what the movie was about (not that it is somewhat self explainitory), and had never seen a trailer for it, or had really ever read anything about the movie. Everything I've read over the years has in actuality has been about the soundtrack, which has much more pop culture standing than the movie.

Impression - not really what I expected. I'd expected the movie to be a lot more alternative rock life style, than the romantic comedy that is. Definately suprising watching the movie and discovering it much different to what I'd expected. Reality Bites, not with the edge that Reality Bites has. Worth a watch though. Definately cool soundtrack.

Just interesting knowing about it and wanting to see it for so long, and realising I've never actually known much about it.

Other Things To Fix

(Add / View Comments) (0)Friday, June 17, 2005 - 11:37:11 pm
(Posted Under: Development)
Other things I need to fix:

  • Sorting of the !weblog index - it appears sorting within a day by time isn't working 100%
  • Features for the !weblog. Calendar navigation. Something I definately want to write. Oh, I'm becoming such a blog whore. If I ever write a 'comments' module, someone please tell me I've gone too far!
  • Limiting the !weblog by month - or something. I was really keen on the whole all on one page thing, but the page is starting to get damn long, wouldn't you say? I'll still keep an option for displaying them all though
  • Update the form for posting, so if I want to edit, which I always do, I don't have to open vi and deal with XML directly. Oh god, Mark, what are you saying? Yes, I know it goes against everything I believe in, but the fact of the matter is the encoding of the new lines is a bit painful for editting directly. A way to edit an entry through the form would be awesome. Man, it would have been so handy while I was in the US too. Ahh, ssh over dialup, such fun! [razz]
  • Having a default ID generated for each entry. While in the US of A I unintentially came up with a standard scheme, and I really should do some code so it does it automatically, as opposed to making myself type it each time!
  • A whole bunch of other stuff I can't think of right now. Oh, by god, I really need to get my new website (y'know, what you're looking at right now) finished and properly online (not just on my home server). Update on the Alphalink situation, they installed the DOMXML extensions for PHP for me the other week. Kick ass ISP. Really need to finish the codebase, and get the damn thing online online, not just on my server online. Oh yeah, and sort out those damn Internet Explorer CSS problems. Or just force 'Standard' to be the default theme if the user agent is Internet Explorer, and let you Micro$oft-ites feel the wraith of your substandard browser if you choose a theme that has the funky pull down menus. (No Mark, tell us what you really think! [wink] ) The Classic theme at least seems to work well in IE. As a side note, I couldn't believe my parents were viewing this in Netscape 4.x while I was away. Talk about sexy rendering! [wink]
So much code, so little time. [wink]

I'm sure it'll be much more fun than dealing with the god awful ugly code I'm cleaning up / enhancing for work at the moment. [razz]

Need To Fix My Bittorrent Scripts!

(Add / View Comments) (0)Friday, June 17, 2005 - 11:16:13 pm
(Posted Under: Development)
So quite a while ago (maybe a year ago) I wrote this cool system, using just shell scripts, to bring programs up and down based on Alphalink usage tarrifs. Basically so I could have my downloads happen at night. Moduled largely on the SysV init system. (Which I don't overly miss *hugs Gentoo's init system*). Not soon after, I modified the bittorrent script to not kill the torrents, but suspend them when I didn't want them running. The motivation was two fold - 1) saves the md5sum checking of files every night, and 2) there was no good way to automate starting bittorrent inside of a screen - I think. Again, memory hazy!) This worked so nicely on Debian.

However, once I changed to Gentoo (November '04), which I'm sure I'll blog about when I have some time, they stopped working flawlessly. Basically it's a problem with determining the PIDs of the bittorrent process - I write 3 to a pid file, rather than one. It's really becoming a pain in the ass - each time I start a new torrent, I have to make sure the right single pid is in the pid file. Must fix when have time.

Speaking of which, I pulled down another Poison DVD (amature recording before you gasp and call your lawers! [wink] ) last night. Sweeeet.

It'd be hilarious if there were people still reading this and being able to make sense of any of the entries under 'Geek' or 'Development'! [smile] Katie, you don't count! Okay, okay honey, you do. [smile]

Cygwin ping

(Add / View Comments) (0)Friday, June 17, 2005 - 06:03:21 pm
(Posted Under: Cygwin)
I was playing around with the Cygwin setup the other day. No, actually I was building the latest version of bind in cygwin, and wanted to setup a minimal Cygwin installation on a server - particularly to run bind, to bounce DNS requests to a VPN I connect to via it. (Using ipsec with a 2.6 kernel, neither end points of the VPN can talk down the VPN, blah blah blah. Oh man, it's so nice finally getting local VPN DNS for work by forwarding requests to those zones to another bind server on a machine not hosting the VPN). Hating the Cygwin installer so much (which is a whole nother blog in itself), I was looking into creating a nice base Cygwin installation that I can carry around with me on CD. God it'd be handy, I hate sitting at a machine without Cygwin. And I hate the actual installation process, setup.exe sucks.

So, I didn't actually get around to doing that (actually started working on a replacement for setup.exe), but I did notice that ping is now part of the Cygwin distribution. Way cool, I never have to deal with the crappy Windows ping again! At least not on one of my machines. [wink] No more 'ping <address>' oops ctrl+c 'ping -t <address>' when I forgot I'm in Windows. Cooooool!

Gee, talking about taking long enough to get to the point. [smile]

Internet Usage Stats

(Add / View Comments) (0)Friday, June 17, 2005 - 08:28:06 am
(Posted Under: Geek)
For quite a while I've thought it'd be really cool to have my internet usages stats on my LAN webpages.

Basically I have a local portal on my server, and each page has a left pane with stuff like my server's uptime, whether my internet connection is up and how long it's been up. For a long time I've thought it'd be cool to also have my usage stats on there. However, the only way to get the stats is via a webpage on my ISP - which would have been fine typically, however it's a secure site, with a funky authentication process. Basically meaning that a simple wget and page scrape was out of the question. I've thought about it several times, and figured it just wasn't possible to automate downloading the page.

However last night I had a play around with curl and after about 40 minutes, got it working. Freakin' sweet! An hourly cron job to get the page and parse it, and biggity bam, I now have the usages stats on my portal. Awesome! Beats the hell out of keeping a seperate browser tab open constantly refreshing the page.

I love Linux!

Amphetaoutline Hacks

(Add / View Comments) (0)Thursday, June 16, 2005 - 12:47:58 am
(Posted Under: Geek)
Okay, half an hour to find in the code what I'm looking for, 3 very minor hacks, and Vola! Amphetadesk + Ampheaoutline now does exactly what I want! Rock. [smile]

Oh, and in doing so I noticed that the items can be expanded / read in page. A small oversight on my part earlier.

Open source rocks. Well, a Computer Science degree is pretty cool too. [wink]


RSS Feeds & Amphetadesk

(Add / View Comments) (0)Wednesday, June 15, 2005 - 11:29:10 pm
(Posted Under: Geek)
The past few nights, as a distraction from work, I've been reminded of how much shit there is on the web. Particularly these new myspace.com type sites. Half cool concept actually, just utterly pointless, and filled with crap from, sorry, losers. Spent - sorry, wasted - some time at some really pathetic blogs too. The patheticness of human kind is somewhat amusing, but largely depressing. No doubt part of the reason for my initial hate of blogs, however, I do now like coming across a good one. Ironically they're typically geek ones. Where geek = software / open source related. Not your Trekie kind of geek!

On the flip side, I've somewhat gotten into RSS feeds - or more correctly, have some RSS feeds worth reading. One thing to take off in the last few years on the Internet as is actually pretty cool and useful are RSS feeds. Now, I'm not into it enough to install a stand alone feedreader, though I have at work - and have played with Thuderbird's one a bit, however, still using Netscape 4 for mail, care factor in using it... However, having a RSS aggregator on my server, which presents a web page rather than a standalone app, bring it on. Time to give Amphetadesk another try.

I'd previously installed this, but I think I gave up on it because of it's lack of Basic Authentication support (the ability to aggregate password protected RSS feeds). A downside when the feeds I want to read are password protected. On giving it another try, I did a search for an auth patch, which I found. While trying to apply it, which didn't go to well - damn Sourceforge - I discovered that what I have installed had the patch all along, I was just too stoopid to work out how to get my username and password sent. (Duh, it's a URL. Usernames and passwords go in the same place as they do any other URL! So simple!) I think anyway, it's been a while since I first installed it, memory is hazzy.

While searching for the patch, I also came across AmphetaOutlines, a set of templates to give Amphetadesk an 'outline' look. That is, rather than displaying all items from a feed in full, displaying them in a more outline look. God, this is good. Possibly the 'full post'-ness of Ampetadesk is another, or even the thing that put me off first time around. This definately makes Amphetadesk a lot more usable.

Of course, it's not perfect, it's a bit of a pain expanding each feed every time you load refresh the page. Or go to the page full stop. I'd prefer if they were expanded by default. Or if you could configure which were expanded and which were compressed by default. The other thing is that clicking an item goes off site. I'd prefer it didn't - hell, that's what I installed a RSS reader to begin with! [wink] I'm sure I can hack the template files to do what I want. I'm definately going to look into it at least.

All pretty cool in anycase.

Privoxy 3.0.3

(Add / View Comments) (0)Wednesday, June 8, 2005 - 09:08:06 am
(Posted Under: Linux Linux, Gentoo Linux Gentoo Linux)
Over the past few months I've noticed memory leaks in Privoxy (HTTP proxy for filter ads, among other stuff). While it's not been a huge issue, it's not overly great when after about a week most of your swap space is tied up. If it was a huge problem, I could have always set up a cron job to restart privoxy regular.

Last night I noticed the latest version is now in Portage - it probably has been for a while, though I'm sure I've checked over the last few months. In anycase, uppgrading to 3.0.3 it's nice to see the graph for swapfile usage now flatlining. [smile] Sweet.

19th Nervous Breakdown

(Add / View Comments) (0)Tuesday, June 7, 2005 - 03:10:52 pm
(Posted Under: Music Music)
Today in the Swamp, Jazz was listening to the Stones, and I noticed a really familar song came on. Soon it became apparent that it was 19th Nervous Breakdown. It was a real spin out, because I'd always thought it was a Jason &amp; The Scorchers original.

You learn something knew every day. It was also a good excuse to upload some Scorchers to work.

Switch Styles

About Style Switching.

!Weblog Index

May June 2005 Jul
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30


RSS FeedRSS Feed