Blog Archives

Author Archives:

FreeBSD Jail filesystems

I’ve been using FreeBSD jails for a while, and was looking for a simple way to create jail filesystems.   After some reading, I came up with this simple script which creates full FreeBSD filesystems.   The filesystem can then be used via jail.conf. #!/bin/bash JAILNAME=$1 echo “kjail “$1 JAIL_HOME=/tank/kjail/ FTP= # # get packages # if [ ! -f $JAIL_HOME/packages/doc.txz ]; then         wget $FTP/doc.txz -O $JAIL_HOME/packages/doc.txz         wget $FTP/base.txz -O $JAIL_HOME/packages/base.txz         wget $FTP/kernel.txz -O $JAIL_HOME/packages/kernel.txz         wget $FTP/lib32.txz -O $JAIL_HOME/packages/lib32.txz fi # # make jail # mkdir -p $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/doc.txz -C $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/base.txz -C $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/kernel.txz -C $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/lib32.txz -C $JAIL_HOME/$JAILNAME  

Cross-Compiler fun

I’ve been interested in OS development for a while, and now have a prototypical ARM OS on my private source tree.  For that I used gcc-arm-embedded, which worked quite well.  However, as time went on, i became interested in building my own tool chains.  I started with this list of requirements An up-to-date C/C++ compiler, such as gcc or clang I prefer gmake On i386 I like nasm, but I’ll use gas if necessary I like ld, objcopy, etc from binutils The targets I prefer to cross compile from are OS X and FreeBSD.  I prefer to cross-compile to i386, arm, sparc and mips targets I ended up with two shell scripts, one for GCC/Binutils/Make and one for Clang/Binutils/Make, which download and install the latest GCC/Clang/Binutils and create a fully operational toolchain for the target of my choice.  You can find them here:  

IPSec VPNs with pfsense

I’ve been trying forever to get a mobile IPSec connection up between my OS X laptop and pfsense.   Finally, thanks to this outstanding blog post, it works.  I’m especially excited that it works with the default OS X and Android VPN clients. My pfsense config closely mirrors the one specified by Mike Murray pfsense Phase 1 Key Exchange version: Auto Internet Protocol: V4 Interface: <my ISP> Authentication Method: Mutual PSK + Xauth Negotiation Mode: Aggressive My identifier: My IP Address Peer identifier Distinguished Name: <my vpn name> Pre-Shared Key: <my key> Encryption Algorithm: AES 256 Hash Algorithm: SHA1 DH Group: 2 Lifetime (Seconds): 28800 Disable rekey: unchecked Responder Only: checked NAT Traversal: Forced Dead Peer Detection: checked Delay: 10 Max failures: 5 Phase 2 Mode Tunnel: IPv4 Local Network Network: NAT/BINAT translation: None Protocol: ESP Encryption Algorithms: AES Auto Hash Algorithms: SHA1 PFS key: group off Lifetime: 3600 Mobile Cilents IKE Extensions: checked User Authentication: Local Database Group Authentication: system Virtual Address Pool: checked. / 27 Virtual IPv6 Address Pool: unchecked Network List: unchecked Save Xauth Password checked DNS Default Domain: checked  khubla.local Split DNS unchecked DNS Servers checked WINS Servers: unchecked Phase2 PFS Group: unchecked Login Banner unchecked OS X Add VPN and choose VPN Type “Cisco IPSEC”.  Use the Group Name specified in Phase 1 “Peer identifier Distinguished Name” Android Add VPN and choose “IPSec VPN with pre-shared keys and XAuth authentication”.     Use the IPSEC Identifier specified in Phase 1 “Peer identifier Distinguished Name” Java code released to Maven Central

I was recently asked to release some of my code to Maven Central, and therefore had to figure out how to do it.  I’ve now released these libraries: cBean Pragmatach antlr4test-maven-plugin OLMReader simpleIOC ParadoxReader The maven coordinates for each are documented on the github pages.  

Configuring the FreeBSD automounter

I have a number of disks in my FreeBSD box which exist only as backups of data.  I prefer that they not be mounted all the time, but instead mounted on use.  They are 2x internal SATA disks and an external USB3 disk.   This blog post explains how they are set up to auto-mount. Firstly, my /etc/fstab entry for these disks looks like this: /dev/ada5p1     /mnt/backup1    ufs     rw,noauto,noexec,nosuid,late            0       0 /dev/ada6p1     /mnt/backup2    ufs     rw,noauto,noexec,nosuid,late            0       0 /dev/da0p1      /mnt/usb1       ufs     rw,noauto,noexec,nosuid,late            0       0 All three disks are ufs, and noauto. Next, my /etc/amd.conf [ global ] restart_mounts =   yes unmount_on_exit=  yes and my # $FreeBSD: releng/10.3/etc/ 164015 2006-11-06 01:42:11Z obrien $ # *               opts:=rw,grpid,resvport,vers=3,proto=tcp,nosuid,nodev localhost            type:=auto;fs:=${map};pref:=${key}/ localhost/backup1      type:=program;fs:=/mnt/backup1;\                         mount:=”/sbin/mount mount /mnt/backup1″;\                         unmount:=”/sbin/umount umount /mnt/backup1″ localhost/backup2      type:=program;fs:=/mnt/backup2;\                         mount:=”/sbin/mount mount /mnt/backup2″;\                         unmount:=”/sbin/umount umount /mnt/backup2″ localhost/usb1      type:=program;fs:=/mnt/usb1;\                         mount:=”/sbin/mount mount /mnt/usb1″;\                         unmount:=”/sbin/umount umount /mnt/usb1″ In /etc/rc.conf, we need to start amd, and the portmapper: portmap_enable=”YES” portmap_flags=”-h″ amd_enable=”YES” amd_flags=”-a /.amd_mnt -l /var/log/amd /host /etc/”

Print-to-Folder on FreeBSD

Some printers, like the one I have (HP 8600 Pro), have “Print-to-Folder” capability.   Unfortunately, I have no Windows server, only a FreeBSD box to print to.  I can mount folders from the FreeBSD box on my MacBook.. if I can get files to scan there.   So, to do that, I need a Samba on my FreeBSD box.  To install SMB on FreeBSD: pkg install samba36 Then, I need a smb.conf in /usr/local/etc, that exports a folder, like this: [global] workgroup = khubla.local server string = Samba Server security = user hosts allow = 192.168.77. max log size = 50 passdb backend = smbpasswd domain master = yes ; wins support = yes [public] comment = Public path = /tank/home/public/public/ public = yes writable = yes printable = no So, this will expose a SMB share at smb://bernice/public.  Next I need a user account.  Firstly, a FreeBSD account: pw useradd -n hpprinter -s /bin/csh -m passwd hpprinter Then the samba account smbpasswd -a hpprinter Finally, start samba service samba onestart  I can now configure the share in the printer.  The UNC path is: \\bernice.khubla.local\public

Outlook for Mac Archives

I recently had a reason to parse a large data set, for another project.  I decided that an ideal “large data set” would be my Outlook mail saved archives.  Sadly, Outlook for Mac doesn’t output PST files, it outputs OLM archives, which are, essentially, giant zip files full of XML.  I was coding this all in Java, so I needed a Java library to parse OLM files. The resulting source code is here.  Schema for OLM XML is here.    

AGC Grammar

Every IT geek is, to some degree, fascinated with the Apollo program which put a human on the moon for the first time.  Naturally, there is also curiosity about the computers on the Apollo moon lander, and the software that ran on them.  The source code that went to the moon is available now, and you can take a look at it here. I’m interested in the Apollo program, but I’m also interested in formal grammars, and a committer to the Antlr project.  So, I spent some time building an Antlr4 grammar for the Apollo source code.  You can take a look at it here.  The grammar can parse a number of files from the Solarium55 source code, which is the source code that flew Apollo4.  If you’re keen you could try it on the Apollo13 source code, called Artemis072, but you’d have to key in the source from jpg images of the form-feed printouts (here). It’s natural to ask why a Antlr4 grammar for AGC source code would be useful.  In addition to the obvious “because that goal will serve to organize and measure the best of our energies and skills”, it’s the first step in building a simulator.  There is already an excellent C simulator here, and there are numerous JS ones on the web, but I thought it might be helpful to have an Antlr4 grammar that can output parser-lexers for new simulators in other languages.  Also, it was very interesting to learn about the AGC computer and to see how software development has progressed since the 1960’s.