A Java TELNET server
I recently had a reason to need a TELNET server and couldn't find a Java library that worked for me. After a weekend of hacking, I now have kTelnet, an Open-source, BSD-licensed, TELNET server.
Quadrigacx API
I've recently become very interested in blockchain, and that, naturally led me to Ethereum and Bitcoin. From there, I got a little interested in online trading, but since I prefer not to have to think about trading, I started thinking about a trading bot. Part of the work I needed to do was write a Java API for Qaudrigacx. The API is here and is free to use under the GPL v3 terms.
FreeBSD Jail filesystems
I've been using FreeBSD jails for a while, and was looking for a simple way to create jail filesystems. After some reading, I came up with this simple script which creates full FreeBSD filesystems. The filesystem can then be used via jail.conf.
#!/bin/bash JAILNAME=$1 echo "kjail "$1 JAIL_HOME=/tank/kjail/ FTP=http://ftp.freebsd.org/pub/FreeBSD/releases/amd64/11.1-RELEASE/ # # get packages # if [ ! -f $JAIL_HOME/packages/doc.txz ]; then wget $FTP/doc.txz -O $JAIL_HOME/packages/doc.txz wget $FTP/base.txz -O $JAIL_HOME/packages/base.txz wget $FTP/kernel.txz -O $JAIL_HOME/packages/kernel.txz wget $FTP/lib32.txz -O $JAIL_HOME/packages/lib32.txz fi # # make jail # mkdir -p $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/doc.txz -C $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/base.txz -C $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/kernel.txz -C $JAIL_HOME/$JAILNAME tar zxvf $JAIL_HOME/packages/lib32.txz -C $JAIL_HOME/$JAILNAME
Cross-Compiler fun
I've been interested in OS development for a while, and now have a prototypical ARM OS on my private source tree. For that I used gcc-arm-embedded, which worked quite well. However, as time went on, i became interested in building my own tool chains. I started with this list of requirements
- An up-to-date C/C++ compiler, such as gcc or clang
- I prefer gmake
- On i386 I like nasm, but I'll use gas if necessary
- I like ld, objcopy, etc from binutils
- The targets I prefer to cross compile from are OS X and FreeBSD. I prefer to cross-compile to i386, arm, sparc and mips targets
I ended up with two shell scripts, one for GCC/Binutils/Make and one for Clang/Binutils/Make, which download and install the latest GCC/Clang/Binutils and create a fully operational toolchain for the target of my choice. You can find them here:
- https://github.com/teverett/build_clang_crosscompiler.git
- https://github.com/teverett/build_gcc_crosscompiler.git
IPSec VPNs with pfsense
I've been trying forever to get a mobile IPSec connection up between my OS X laptop and pfsense. Finally, thanks to this outstanding blog post, it works. I'm especially excited that it works with the default OS X and Android VPN clients.
My pfsense config closely mirrors the one specified by Mike Murray
pfsense
Phase 1
Key Exchange version: Auto
Internet Protocol: V4
Interface: <my ISP>
Authentication Method: Mutual PSK + Xauth
Negotiation Mode: Aggressive
My identifier: My IP Address
Peer identifier Distinguished Name: <my vpn name>
Pre-Shared Key: <my key>
Encryption Algorithm: AES 256
Hash Algorithm: SHA1
DH Group: 2
Lifetime (Seconds): 28800
Disable rekey: unchecked
Responder Only: checked
NAT Traversal: Forced
Dead Peer Detection: checked
Delay: 10
Max failures: 5
Phase 2
Mode Tunnel: IPv4
Local Network Network: 0.0.0.0/0
NAT/BINAT translation: None
Protocol: ESP
Encryption Algorithms: AES Auto
Hash Algorithms: SHA1
PFS key: group off
Lifetime: 3600
Mobile Cilents
IKE Extensions: checked
User Authentication: Local Database
Group Authentication: system
Virtual Address Pool: checked. 192.168.76.0 / 27
Virtual IPv6 Address Pool: unchecked
Network List: unchecked
Save Xauth Password checked
DNS Default Domain: checked khubla.local
Split DNS unchecked
DNS Servers checked
192.168.75.1
8.8.8.8.
WINS Servers: unchecked
Phase2 PFS Group: unchecked
Login Banner unchecked
OS X
Add VPN and choose VPN Type "Cisco IPSEC". Use the Group Name specified in Phase 1 "Peer identifier Distinguished Name"
Android
Add VPN and choose "IPSec VPN with pre-shared keys and XAuth authentication". Use the IPSEC Identifier specified in Phase 1 "Peer identifier Distinguished Name"
khubla.com Java code released to Maven Central
I was recently asked to release some of my code to Maven Central, and therefore had to figure out how to do it. I've now released these khubla.com libraries:
The maven coordinates for each are documented on the github pages.
Configuring the FreeBSD automounter
I have a number of disks in my FreeBSD box which exist only as backups of data. I prefer that they not be mounted all the time, but instead mounted on use. They are 2x internal SATA disks and an external USB3 disk. This blog post explains how they are set up to auto-mount.
Firstly, my /etc/fstab entry for these disks looks like this:
/dev/ada5p1 /mnt/backup1 ufs rw,noauto,noexec,nosuid,late 0 0 /dev/ada6p1 /mnt/backup2 ufs rw,noauto,noexec,nosuid,late 0 0 /dev/da0p1 /mnt/usb1 ufs rw,noauto,noexec,nosuid,late 0 0
All three disks are ufs, and noauto.
Next, my /etc/amd.conf
[ global ] restart_mounts = yes unmount_on_exit= yes
and my amd.map
# $FreeBSD: releng/10.3/etc/amd.map 164015 2006-11-06 01:42:11Z obrien $ # * opts:=rw,grpid,resvport,vers=3,proto=tcp,nosuid,nodev localhost type:=auto;fs:=${map};pref:=${key}/ localhost/backup1 type:=program;fs:=/mnt/backup1;\ mount:="/sbin/mount mount /mnt/backup1";\ unmount:="/sbin/umount umount /mnt/backup1" localhost/backup2 type:=program;fs:=/mnt/backup2;\ mount:="/sbin/mount mount /mnt/backup2";\ unmount:="/sbin/umount umount /mnt/backup2" localhost/usb1 type:=program;fs:=/mnt/usb1;\ mount:="/sbin/mount mount /mnt/usb1";\ unmount:="/sbin/umount umount /mnt/usb1"
In /etc/rc.conf, we need to start amd, and the portmapper:
portmap_enable="YES" portmap_flags="-h 127.0.0.1" amd_enable="YES" amd_flags="-a /.amd_mnt -l /var/log/amd /host /etc/amd.map"
Print-to-Folder on FreeBSD
Some printers, like the one I have (HP 8600 Pro), have "Print-to-Folder" capability. Unfortunately, I have no Windows server, only a FreeBSD box to print to. I can mount folders from the FreeBSD box on my MacBook.. if I can get files to scan there. So, to do that, I need a Samba on my FreeBSD box. To install SMB on FreeBSD:
pkg install samba36
Then, I need a smb.conf in /usr/local/etc, that exports a folder, like this:
[global] workgroup = khubla.local server string = Samba Server security = user hosts allow = 192.168.77. max log size = 50 passdb backend = smbpasswd domain master = yes ; wins support = yes [public] comment = Public path = /tank/home/public/public/ public = yes writable = yes printable = no
So, this will expose a SMB share at smb://bernice/public. Next I need a user account. Firstly, a FreeBSD account:
pw useradd -n hpprinter -s /bin/csh -m
passwd hpprinter
Then the samba account
smbpasswd -a hpprinter
Finally, start samba
service samba onestart
I can now configure the share in the printer. The UNC path is:
\\bernice.khubla.local\public
Outlook for Mac Archives
I recently had a reason to parse a large data set, for another project. I decided that an ideal "large data set" would be my Outlook mail saved archives. Sadly, Outlook for Mac doesn't output PST files, it outputs OLM archives, which are, essentially, giant zip files full of XML. I was coding this all in Java, so I needed a Java library to parse OLM files.
The resulting source code is here. Schema for OLM XML is here.