### Too late

It’s too late to try building my desk idea before my next child comes…he’s already here. Jethro was born this past Saturday morning.

### How is a raven like a writing desk?

With the eminent birth of my second child and since I’ll be working primarily from home for a couple weeks, I’m going to need an office and desk. Luckily our new house has a couple room options, the second floor and basement, but both locations are not very friendly to moving large pieces of furniture into or out of.

Enter my problem. I want/need a larger desk, but these are either too expensive, are poor quality, don’t come in small enough sections to easily bring into the rooms or some combination of these. So I decided to design my own.

The design needed to be something that could be built in one place, quickly assembled and easy to move. Eventually I decided on a modular block design that would allow the desk to be quickly reconfigured and extended if need be. These modules are 2 foot squares with “stubs” with holes on the other tree sides to accept another similar square or accessories.

However when it comes to cables, there’s usually a mess at my desk. So I’m probably going to need some sort of management. Probably my favorite idea so far is the gutter system. I figure that the cables will get messed up anyway, might as well just make it easy to hide them.

Hopefully I’ll be able to get started within the week. Of course, if the wee one doesn’t pop out before then.

Inpirations:

### SnojNS = DNSHifter

It’s been a while since the last SnojNS update. Been working on a lot of other things lately, like a baby…and another one that’ll be here any day now.

SnojNS is now going to be called DNShifter thanks to my good buddy ivorycruncher. He wins Bacon Salt. I also may be rewriting it in Javascript using nodejs….maybe. So far things are going okay, but I’m running into issues with XML. Seems like nodejs doesn’t have built in support or an easy to install library* that’ll let me do the crazy stuff I was able to do in C#. So for the time being, the test code relies on some “fancy” handling of Javascript objects to provide a similar setup to an XML document.

It is definitely not pretty, but here’s a code dump..

Some of the reason for exploring nodejs is that it is very easy to have one codebase for multiple operating systems. Sure Mono can be used to run C# Linux, but it’s a really big package to install. There is also issues with some namespaces and classes not implemented 100% the same or even at all. I do suppose nodejs can have the same issues, but my biggest issue is with the ease one can account for the differences.

That and the code is currently sitting on a backup hard drive from when I installed Server 2008 on the laptop and I haven’t restored it yet.

Speaking of the C# version. Last I worked on it, I finally abstracted the code so listeners for IPv4 or IPv6 could be used. Work also began on using an ssh connection to do lookups using nslookup or dig. This feature I may kill in favor of what I’m currently dubbing DNSXML. Basically, using an httpd server with something like php to do the lookups and send back the results using xml for structure. Doing so would make the encryption (using https or ssh socks/port redirection) of the data easier and cross-platform. And by easier I mean, “I’m lazy and I don’t want to have to deal with that mess.”

*By install, I mean have the necessary library files in the same folder and a simple “require(‘xml_library’)”. In other words, no NPM and works on all OSes without installing things like cygwin.

### AAAA tale of two DNS

Since getting IPv6 up and running, I’ve been trying to figure out a way to map domain names to hosts no matter if they have statically assigned addresses or dhcp/radv generated ones. Additionally, I didn’t want to purchase a new domain. Instead I opted to create a new subdomain and delegated authority to my home IPv6 router’s name server.

In my first attempt, I was using a public FQDN. This presented a problem when using BIND’s allow-update as the private IPv4 range was now public and doesn’t help when trying to access my home computers. After some digging I found update-policy, but this required that each host made use of DNSSEC/TSIG/SIG…something I couldn’t guarantee on my network…yet. So it was back to allow-update.

A couple days later after some further thought, I settled on using a .local domain and via a script, copy the AAAA records to a public domain. This solution gives me easy access to my servers, without exposing the private IPv4 addresses. Even better, the script can be extended to include additional records or rules. For instance, don’t want to map android phones? Cisco switches? Cross reference the IPs to macs and filter away.

### Zone config

//public
zone "home.example.com" {
type master;
file "/var/lib/bind/master/home.example.com.conf";
//Only allow the updates from the local machine.
allow-update { localhost; };
//Only allow the axfr from the local machine.
allow-transfer { localhost; };
};

//private
zone "home.example.local" {
type master;
file "/var/lib/bind/master/home.example.local.conf";
//Allow local network hosts with static addresses to update the zone.
allow-update { LocalIPv6/64; LocalIPv4/24; localhost; };
//Only allow the axfr from the local machine.
allow-transfer { localhost; };
};


The actual zone files are your regular zone files, nothing special.

### Script

The script to update the public zone with AAAA records in the private. This is a cron job that only runs every hour as I’m not motivated enough at the moment to create higher res crontab.

#!/usr/bin/php
<?php
//get the aaaa records that have been registered with the local domain...minus the ns records.
$c = "dig @::1 home.example.local. axfr | grep AAAA | grep -v ns.home.example.local";$out = array();
exec($c,$out);
$hosts = array(); //build array with hostnames for keys pointing to an array of associated ipv6 addresses. foreach($out as $v) {$hn = substr($v,0,strpos($v,'.'));
if(!isset($hosts[$hn])) {
$hosts[$hn] = array();
}
$ipv6 = preg_split("/( |\t){1,}/",$v);
$ipv6 =$ipv6[count($ipv6)-1];$hosts[$hn][] =$ipv6;
}

//Now take that array and pump it into nsupdate.
foreach($hosts as$k => $v) {$cmds = array("echo server ::1", "echo zone home.example.com", "echo update delete {$k}.home.example.com. AAAA"); foreach($v as $ipv6) {$cmds[] = "echo update add {$k}.home.example.com. 86400 AAAA {$ipv6}";
}
$cmds[] = "echo send";$cmd = implode("\r\n", $cmds); exec("(".$cmd . ") | nsupdate", $out2); //var_dump("(".$cmd . ") | nsupdate");
//var_dump(implode("\r\n", $out2)); } ?>  ### Some random thoughts on p2p social networking I’m beginning to wonder if p2p social networking software will ever take off for the general populace or even be much of a concern. One of the reasons I feel that places like Myspace let people without the know-how or money easily setup their own web presence. While there were places like Geocities and Angelfire, they still required design work and weren’t painless to update. On top of this, we have the ever increasing sharing of pictures and now videos. These aren’t easily shared via other p2p methods like email as each host can have wildly different message size constraints and there’s still the bandwidth variable for the receiving party. They probably don’t want to wait for a stretch for one video laden message to download while still needing to get the one with the cancer test results. A link is far simpler and faster to share, but this requires a host somewhere and brings us back to the know-how and money issue. More still we have the address book nature of places like Facebook. As long as I have someone’s name and they use it, I can find them. While this can be done with services like Google, Bing and the ol’ phonebook, there is significant leg and guess work that to even guess if we have the correct person. Social networks take a lot of that guesswork out of this by sharing some details like a name, a picture and maybe some other auxiliary information like school and town. One of the central problems I see is that p2p social networking is trying to replace the post office system that social networks like Facebook are. Or in another analogy, they are trying to get two fingers to touch with each being on a different person, drunk, blind-folded, starting from opposite sides of the planet, and not giving any information to either party on who they are trying to connect with or their location. ### Crawling bot ### Dahlia crawling around ### IPv6 in the home and me Last November we moved from a rental home into a home of our own. Unfortunately, the old woman before us never had cable television or internet and so we had to wait a month before the ISP was able to dig in a line and hook us up. Now that we have internet, I’ve finally been able to resurrect my network. While our ISP does have 6RD, I’m a huge fan of Hurricane Electric’s TunnelBroker.net. I find it easy to use and I don’t need to worry about changing ISP and keeping the same address range. From before the move I had a dual-stack with an old laptop working as the IPv6 tunnel/router/firewall. (Because I don’t yet have a PCMCIA ethernet card and it’s so old I can’t get vlan trunking working so it has to function behind my Buffalo router/AP.) Now that we have internet, I just powered it on, ran “sudo ifup he-ipv6”, and voila! IPv6 was up and running. What to do with 2^64 addresses at my disposal? Well, one thing I’m wanting to get working is getting my media anywhere I have a cellular signal and data. This is a problem as my phone only seems to support IPv4 on cellular networks and I don’t really want to go the dynamic DNS route as it seems too…archaic. ### IPv6 router using TunnelBroker /etc/network/interfaces auto he-ipv6 iface he-ipv6 inet6 v4tunnel pre-up wget -q --no-check-certificate -O - 'https://ipv4.tunnelbroker.net/ipv4_end.php?ip=AUTO&amp;pass={PASSWORD}&amp;apikey={APIKEY}&amp;tid={TUNNELID}' address {LOCAL_TUNNEL_IPV6} netmask 64 endpoint {HE_ENDPOINT} up ip -6 route add default via {HE_TUNNEL_ENDPOINT_IPV6} dev he-ipv6 up echo 1 &gt; /proc/sys/net/ipv6/conf/all/forwarding down echo 0 &gt; /proc/sys/net/ipv6/conf/all/forwarding  ### Quick and dirty Powershell + Growl host watch Needing a quick and dirty growl notification to know when a person restarted their computer, so I wrote up this originally one line script. . '\libs\growl\Send-Growl 3.1.ps1'; #http://poshcode.org/1464 #Might need to modify the file a little.$str = @("down", "up");
$last_ds =$false;
while(1) {
$new_ds = Test-Connection TargetHost -Quiet -Count 2; if($new_ds -ne $last_ds) { Send-Growl -Caption "Watchtower" -Message ("TargetHost is {0}" -f$str[$new_ds]); }$last_ds = \$new_ds;
sleep 5;
}

Just copy and paste in ISE, modify and away you go!

Bonus points protip: Run in the background.

start-process powershell @("Hidden", "-File" "\path\to\above\script.ps1") -WindowStyle Hidden

### Dahlia laughing it up

(Sorry for the shaky camera work!)

### poshttpd: PowerShell based scripting for the web

For a while now I’ve wanted to make use of PowerShell to do things like what you would use PHP for with Apache, but nothing I found worked, not even cgi-bin stuff. So I figured, why not just build my own? By using stuff like HttpListener, it’s pretty easy to get started and worry more about what the daemon will do with requests then how to handle the conversations.

Git logs and such can be found here and you can get the code by git cloning http://plan.snoj.us/repo/poshttpd.git