This service tests the validity of an RSS 2.0 feed, checking to see that it follows the rules of the RSS specification. For advice from the RSS Advisory Board on how to implement RSS and handle issues such as enclosures and HTML encoding, read the RSS Best Practices Profile. This checker is also a validator of Atom and RSS 1.0 feeds.

Use this tester regularly to ensure that your RSS feed continues to work well in the wide audience of RSS readers, podcast clients and other software that supports the format.

 

Congratulations!

[Valid RSS] This is a valid RSS feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

  • line 3654, column 0: description should not contain script tag (6 occurrences) [help]

    <script src="https://gist.github.com/x-way/caf03da77fe2cc83b6bd.js"></script>
  • line 3662, column 0: content:encoded should not contain script tag (6 occurrences) [help]

    <script src="https://gist.github.com/x-way/caf03da77fe2cc83b6bd.js"></script>
  • line 5409, column 3: description should not contain relative URL references: # (16 occurrences) [help]

    ]]></description>
       ^
  • line 5411, column 3: content:encoded should not contain relative URL references: # (16 occurrences) [help]

    ]]></content:encoded>
       ^

Source: http://blog.x-way.org/rss.xml

  1. <?xml version="1.0" encoding="utf-8"?>
  2. <rss version="2.0"
  3.  xmlns:dc="http://purl.org/dc/elements/1.1/"
  4.  xmlns:creativeCommons="http://backend.userland.com/creativeCommonsRssModule"
  5.  xmlns:content="http://purl.org/rss/1.0/modules/content/"
  6.  xmlns:atom="http://www.w3.org/2005/Atom">
  7.  
  8. <channel>
  9.  <title>x-log</title>
  10.  <link>https://blog.x-way.org</link>
  11.  <description>x-log</description>
  12.  <lastBuildDate>Thu, 25 Jul 2024 08:57:16 +0200</lastBuildDate>
  13.  <language>en</language>
  14.  <managingEditor>andreas+rss@jaggi.info (Andreas Jaggi)</managingEditor>
  15.  <webMaster>andreas+rss@jaggi.info (Andreas Jaggi)</webMaster>
  16.  <copyright>Andreas Jaggi</copyright>
  17.  <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  18.  <generator>x-log c5fb28</generator>
  19.  <atom:link href="https://blog.x-way.org/rss.xml" rel="self" type="application/rss+xml"/>
  20.  
  21.  <image>
  22.    <url>https://blog.x-way.org/logo.gif</url>
  23.    <title>x-log</title>
  24.    <link>https://blog.x-way.org</link>
  25.  </image>
  26.  
  27.  
  28.  <item>
  29.    <title>No more OSCP stapling</title>
  30.    <link>https://blog.x-way.org/Linux/2024/07/25/No-more-OSCP-stapling.html</link>
  31.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324377</guid>
  32.    <dc:creator>Andreas Jaggi</dc:creator>
  33.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  34.    <pubDate>Thu, 25 Jul 2024 08:42:00 +0200</pubDate>
  35.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  36.    <description><![CDATA[<p><a href="https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html" title="Intent to End OCSP Service -  Let's Encrypt">Let's Encrypt announced</a> that it intends to stop supporting <a href="https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol" title="Online Certificate Status Protocol - Wikipedia">OCSP</a>, which means that <a href="https://utcc.utoronto.ca/~cks/space/blog/web/OCSPIsBasicallyDead" title="Chris's Wiki :: blog/web/OCSPIsBasicallyDead">OCSP is basically dead now</a>.</p>
  37. <p><a href="https://en.wikipedia.org/wiki/OCSP_stapling" title="OCSP stapling - Wikipedia">OCSP stapling</a> on my server has been enabled since 2012.<br>With the prospect of it no longer working in the future, I've disabled it again in the nginx configuration.</p>
  38. <pre> # aj, 05.11.2012, OCSP stapling (for testing see http://unmitigatedrisk.com/?p=100)
  39.        # aj, 25.07.2024, turn it off again, as letsencrypt will disable it: https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html
  40. # ssl_stapling on;</pre>
  41. ]]></description>
  42.    <content:encoded><![CDATA[<p><a href="https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html" title="Intent to End OCSP Service -  Let's Encrypt">Let's Encrypt announced</a> that it intends to stop supporting <a href="https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol" title="Online Certificate Status Protocol - Wikipedia">OCSP</a>, which means that <a href="https://utcc.utoronto.ca/~cks/space/blog/web/OCSPIsBasicallyDead" title="Chris's Wiki :: blog/web/OCSPIsBasicallyDead">OCSP is basically dead now</a>.</p>
  43. <p><a href="https://en.wikipedia.org/wiki/OCSP_stapling" title="OCSP stapling - Wikipedia">OCSP stapling</a> on my server has been enabled since 2012.<br>With the prospect of it no longer working in the future, I've disabled it again in the nginx configuration.</p>
  44. <pre> # aj, 05.11.2012, OCSP stapling (for testing see http://unmitigatedrisk.com/?p=100)
  45.        # aj, 25.07.2024, turn it off again, as letsencrypt will disable it: https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html
  46. # ssl_stapling on;</pre>
  47. ]]></content:encoded>
  48.  </item>
  49.  
  50.  <item>
  51.    <title>Blog Directories</title>
  52.    <link>https://blog.x-way.org/Misc/2024/07/24/Blog-Directories.html</link>
  53.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324376</guid>
  54.    <dc:creator>Andreas Jaggi</dc:creator>
  55.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  56.    <pubDate>Wed, 24 Jul 2024 19:52:00 +0200</pubDate>
  57.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  58.    <description><![CDATA[<p>There are some new blog directory sites popping up again. Nice way to discover niche personal sites outside of the big platforms.</p>
  59. <ul>
  60. <li><a href="https://ooh.directory/" title="ooh.directory: a place to find good blogs that interest you">ooh.directory</a></li>
  61. <li><a href="https://personalsit.es/" title="PersonalSit.es | Yes we got hot and fresh sites">personalsit.es</a></li>
  62. <li><a href="https://blogroll.org/" title="Ye Olde Blogroll - Blogroll.org">blogroll.org</a></li>
  63. </ul>
  64. ]]></description>
  65.    <content:encoded><![CDATA[<p>There are some new blog directory sites popping up again. Nice way to discover niche personal sites outside of the big platforms.</p>
  66. <ul>
  67. <li><a href="https://ooh.directory/" title="ooh.directory: a place to find good blogs that interest you">ooh.directory</a></li>
  68. <li><a href="https://personalsit.es/" title="PersonalSit.es | Yes we got hot and fresh sites">personalsit.es</a></li>
  69. <li><a href="https://blogroll.org/" title="Ye Olde Blogroll - Blogroll.org">blogroll.org</a></li>
  70. </ul>
  71. ]]></content:encoded>
  72.  </item>
  73.  
  74.  <item>
  75.    <title>Less: a Survival Guide</title>
  76.    <link>https://blog.x-way.org/Linux/2024/07/22/Less-a-Survival-Guide.html</link>
  77.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324375</guid>
  78.    <dc:creator>Andreas Jaggi</dc:creator>
  79.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  80.    <pubDate>Mon, 22 Jul 2024 05:06:00 +0200</pubDate>
  81.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  82.    <description><![CDATA[<p><a href="https://zck.org/less-a-survival-guide" title="Less: a Survival Guide">Less: a Survival Guide</a> is a concise post from <a href="https://zck.org/" title="zck.org">zck.org</a> demystifying the features of <code>less</code>.</p>
  83. <p>My two main takeaways were:</p>
  84. <p>1. Configuring less via the <code>LESS</code> environment variable.<br>The following enables markers and highlighting for search &amp; jump actions, colored output and raw display of terminal escape sequences.</p>
  85. <pre>export LESS="-J -W --use-color -R"</pre>
  86. <p>2. Jumping to the start and end of a document with <kbd>g</kbd> and <kbd>G</kbd>.<br>I already used <kbd>/</kbd> for searching, but had always struggled to go back to the beginning of a document.</p>
  87. ]]></description>
  88.    <content:encoded><![CDATA[<p><a href="https://zck.org/less-a-survival-guide" title="Less: a Survival Guide">Less: a Survival Guide</a> is a concise post from <a href="https://zck.org/" title="zck.org">zck.org</a> demystifying the features of <code>less</code>.</p>
  89. <p>My two main takeaways were:</p>
  90. <p>1. Configuring less via the <code>LESS</code> environment variable.<br>The following enables markers and highlighting for search &amp; jump actions, colored output and raw display of terminal escape sequences.</p>
  91. <pre>export LESS="-J -W --use-color -R"</pre>
  92. <p>2. Jumping to the start and end of a document with <kbd>g</kbd> and <kbd>G</kbd>.<br>I already used <kbd>/</kbd> for searching, but had always struggled to go back to the beginning of a document.</p>
  93. ]]></content:encoded>
  94.  </item>
  95.  
  96.  <item>
  97.    <title>Lego Space Age</title>
  98.    <link>https://blog.x-way.org/Webdesign/2024/07/07/Lego-Space-Age.html</link>
  99.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324374</guid>
  100.    <dc:creator>Andreas Jaggi</dc:creator>
  101.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  102.    <pubDate>Sun, 07 Jul 2024 16:43:00 +0200</pubDate>
  103.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  104.    <description><![CDATA[<p><a href="https://blog.x-way.org/images/lego_space_age.webp" title="Lego Space Age"><img src="https://blog.x-way.org/images/lego_space_age_thumb.webp" width="500" height="375" alt="Lego Space Age"></a></p>
  105.  
  106. <p>While browsing for something unrelated, I came about this wonderful Lego set called <a href="https://www.lego.com/en-us/product/tales-of-the-space-age-21340" title="Tales of the Space Age 21340 | Ideas">'Tales of the Space Age'</a>.<br>
  107. It was originally created by a fan designer through the Lego Ideas program and turned into this amazing looking Lego set.</p>
  108.  
  109. <p>I like the depiction of the space themed science fiction worlds very much, especially the beautiful color gradients giving each world a unique atmosphere.<br>
  110. The provided <a href="https://www.lego.com/en-us/service/buildinginstructions/21340" title="Building Instructions">building instructions</a> <a href="https://blog.x-way.org/stuff/6500750.pdf" title="Postcards from space - Building Instructions">booklet</a> builds on top of this with illustrations enhancing the views of these worlds.</p>
  111.  
  112. <p>Looking at these four panels with the nice space themed color gradients inspired me to rebuild them in CSS.<br>
  113. First I toyed around with one and then built the other three.</p>
  114.  
  115. <p>The outcome of this is now visible on <a href="https://www.andreasjaggi.ch/" title="www.andreasjaggi.ch">andreasjaggi.ch</a> where I replaced the previous entry page with the four color gradients.<br>
  116. The <a href="https://blog.x-way.org/Webdesign/2024/06/18/More-modern-technologies.html" title="More modern technologies - x-log">previous version</a> is still available on <a href="https://www.andreas-jaggi.ch/" title="www.andreas-jaggi.ch">andreas-jaggi.ch</a> as I couldn't decide yet to retire it, so will be keeping both for now :-)</p>
  117. ]]></description>
  118.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/images/lego_space_age.webp" title="Lego Space Age"><img src="https://blog.x-way.org/images/lego_space_age_thumb.webp" width="500" height="375" alt="Lego Space Age"></a></p>
  119.  
  120. <p>While browsing for something unrelated, I came about this wonderful Lego set called <a href="https://www.lego.com/en-us/product/tales-of-the-space-age-21340" title="Tales of the Space Age 21340 | Ideas">'Tales of the Space Age'</a>.<br>
  121. It was originally created by a fan designer through the Lego Ideas program and turned into this amazing looking Lego set.</p>
  122.  
  123. <p>I like the depiction of the space themed science fiction worlds very much, especially the beautiful color gradients giving each world a unique atmosphere.<br>
  124. The provided <a href="https://www.lego.com/en-us/service/buildinginstructions/21340" title="Building Instructions">building instructions</a> <a href="https://blog.x-way.org/stuff/6500750.pdf" title="Postcards from space - Building Instructions">booklet</a> builds on top of this with illustrations enhancing the views of these worlds.</p>
  125.  
  126. <p>Looking at these four panels with the nice space themed color gradients inspired me to rebuild them in CSS.<br>
  127. First I toyed around with one and then built the other three.</p>
  128.  
  129. <p>The outcome of this is now visible on <a href="https://www.andreasjaggi.ch/" title="www.andreasjaggi.ch">andreasjaggi.ch</a> where I replaced the previous entry page with the four color gradients.<br>
  130. The <a href="https://blog.x-way.org/Webdesign/2024/06/18/More-modern-technologies.html" title="More modern technologies - x-log">previous version</a> is still available on <a href="https://www.andreas-jaggi.ch/" title="www.andreas-jaggi.ch">andreas-jaggi.ch</a> as I couldn't decide yet to retire it, so will be keeping both for now :-)</p>
  131. ]]></content:encoded>
  132.  </item>
  133.  
  134.  <item>
  135.    <title>Jekyll version plugin</title>
  136.    <link>https://blog.x-way.org/Coding/2024/07/06/Jekyll-version-plugin.html</link>
  137.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324373</guid>
  138.    <dc:creator>Andreas Jaggi</dc:creator>
  139.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  140.    <pubDate>Sat, 06 Jul 2024 18:47:00 +0200</pubDate>
  141.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  142.    <description><![CDATA[<p>Recently I added a Generator section to the <a href="https://blog.x-way.org/about.html" title="x-log - About">about page</a> with minimal information about how this page was generated.<br>As part of this it now also shows the version of the <a href="https://jekyllrb.com/" title="Jekyll • Simple, blog-aware, static sites | Transform your plain text into static websites and blogs">Jekyll</a> software that was used to generate everything.</p>
  143. <p>Surprisingly there seems to be no built-in way to get the version as a template tag.<br>Thus I wrote this mini-plugin to provide such a <code>{% jekyll_version %}</code> tag that can be used to get the version of Jekyll while it is processing the pages.</p>
  144. <p>To use it with your own Jekyll, simply store the below code in a <code>_plugins/jekyll_version_plugin.rb</code> file.</p>
  145. <pre># frozen_string_literal: true
  146. module Jekyll
  147.  class VersionTag &lt; Liquid::Tag
  148.    def render(context)
  149.      Jekyll::VERSION
  150.    end
  151.  end
  152. end
  153.  
  154. Liquid::Template.register_tag("jekyll_version", Jekyll::VersionTag)</pre>
  155. ]]></description>
  156.    <content:encoded><![CDATA[<p>Recently I added a Generator section to the <a href="https://blog.x-way.org/about.html" title="x-log - About">about page</a> with minimal information about how this page was generated.<br>As part of this it now also shows the version of the <a href="https://jekyllrb.com/" title="Jekyll • Simple, blog-aware, static sites | Transform your plain text into static websites and blogs">Jekyll</a> software that was used to generate everything.</p>
  157. <p>Surprisingly there seems to be no built-in way to get the version as a template tag.<br>Thus I wrote this mini-plugin to provide such a <code>{% jekyll_version %}</code> tag that can be used to get the version of Jekyll while it is processing the pages.</p>
  158. <p>To use it with your own Jekyll, simply store the below code in a <code>_plugins/jekyll_version_plugin.rb</code> file.</p>
  159. <pre># frozen_string_literal: true
  160. module Jekyll
  161.  class VersionTag &lt; Liquid::Tag
  162.    def render(context)
  163.      Jekyll::VERSION
  164.    end
  165.  end
  166. end
  167.  
  168. Liquid::Template.register_tag("jekyll_version", Jekyll::VersionTag)</pre>
  169. ]]></content:encoded>
  170.  </item>
  171.  
  172.  <item>
  173.    <title>More statistics tuning</title>
  174.    <link>https://blog.x-way.org/Webdesign/2024/07/06/More-statistics-tuning.html</link>
  175.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324372</guid>
  176.    <dc:creator>Andreas Jaggi</dc:creator>
  177.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  178.    <pubDate>Sat, 06 Jul 2024 18:10:00 +0200</pubDate>
  179.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  180.    <description><![CDATA[<p>After <a href="https://blog.x-way.org/Webdesign/2024/06/30/Improved-text-only-UX.html" title="Improved text-only UX">last weeks work</a> on the <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a>, I was still not completely happy with how it renders in text-only browsers.</p>
  181. <p>Thus the idea of adding <code>&lt;th&gt;</code> headers to the two rows of numbers.<br>This turned out quite well and helped to make things more clear as you can see in this screenshot.</p>
  182. <p><img src="https://blog.x-way.org/images/lynx-statistics-improved.png" alt="Screenshot of Lynx rendering the improved statistics page" width="720" height="423"></p>
  183. <p>I initially wanted to use the <code>:first-child</code> selector to hide these additional table headers in graphical web browsers.<br>But didn't get it right with the first try, so the header still showed.</p>
  184. <p>This actually didn't look that bad, and so I decided to keep the headers visible and styled them nicely so they integrate well with the rest of the statistics table.<br>This is how the <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a> now looks in a graphical web browser.</p>
  185. <p><img src="https://blog.x-way.org/images/firefox-statistics-improved.png" alt="Screenshot of Firefox rendering the improved statistics page" width="720" height="465"></p>
  186. ]]></description>
  187.    <content:encoded><![CDATA[<p>After <a href="https://blog.x-way.org/Webdesign/2024/06/30/Improved-text-only-UX.html" title="Improved text-only UX">last weeks work</a> on the <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a>, I was still not completely happy with how it renders in text-only browsers.</p>
  188. <p>Thus the idea of adding <code>&lt;th&gt;</code> headers to the two rows of numbers.<br>This turned out quite well and helped to make things more clear as you can see in this screenshot.</p>
  189. <p><img src="https://blog.x-way.org/images/lynx-statistics-improved.png" alt="Screenshot of Lynx rendering the improved statistics page" width="720" height="423"></p>
  190. <p>I initially wanted to use the <code>:first-child</code> selector to hide these additional table headers in graphical web browsers.<br>But didn't get it right with the first try, so the header still showed.</p>
  191. <p>This actually didn't look that bad, and so I decided to keep the headers visible and styled them nicely so they integrate well with the rest of the statistics table.<br>This is how the <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a> now looks in a graphical web browser.</p>
  192. <p><img src="https://blog.x-way.org/images/firefox-statistics-improved.png" alt="Screenshot of Firefox rendering the improved statistics page" width="720" height="465"></p>
  193. ]]></content:encoded>
  194.  </item>
  195.  
  196.  <item>
  197.    <title>Improved text-only UX</title>
  198.    <link>https://blog.x-way.org/Webdesign/2024/06/30/Improved-text-only-UX.html</link>
  199.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324371</guid>
  200.    <dc:creator>Andreas Jaggi</dc:creator>
  201.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  202.    <pubDate>Sun, 30 Jun 2024 21:37:00 +0200</pubDate>
  203.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  204.    <description><![CDATA[<p>Some time ago I read <a href="https://danq.me/2024/05/01/test-your-site-in-lynx/" title="Test your site in Lynx – Dan Q">this article from Dan Q</a> about testing your website in a text-only browser (<a href="https://en.wikipedia.org/wiki/Lynx_(web_browser)" title="Lynx (web browser) - Wikipedia">Lynx</a>, which is the oldest web browser still being maintained, started in 1992).</p>
  205. <p>Surfing through my blog with Lynx, I was positively surprised in how well the content and structure was presented.<br>Seems like the modernization and simplification efforts of the HTML code behind the scenes paid off well.</p>
  206. <p>The <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a> though was not really usable, it was displayed as a random soup of numbers due to the usage of unstructured <code>&lt;div&gt;</code> tags for the elements of the visual graphs.</p>
  207. <p>To fix this I reverted back to using <code>&lt;table&gt;</code> tags to structure the data.<br>This way the layout degrades gracefully in text-only browsers and provides a minimally structured representation of the data.<br>And I applied <a href="https://blog.x-way.org/Webdesign/2024/06/18/More-modern-technologies.html" title="More modern technologies - x-log">the newly learned CSS skills</a> (<code>linear-gradient</code> backgrounds) to achieve the same visual graph as beforehand when opening the page in a regular browser.</p>
  208. <p><img src="https://blog.x-way.org/images/lynx-statistics.png" alt="Screenshot of Lynx rendering the statistics page" width="720" height="423"></p>
  209. ]]></description>
  210.    <content:encoded><![CDATA[<p>Some time ago I read <a href="https://danq.me/2024/05/01/test-your-site-in-lynx/" title="Test your site in Lynx – Dan Q">this article from Dan Q</a> about testing your website in a text-only browser (<a href="https://en.wikipedia.org/wiki/Lynx_(web_browser)" title="Lynx (web browser) - Wikipedia">Lynx</a>, which is the oldest web browser still being maintained, started in 1992).</p>
  211. <p>Surfing through my blog with Lynx, I was positively surprised in how well the content and structure was presented.<br>Seems like the modernization and simplification efforts of the HTML code behind the scenes paid off well.</p>
  212. <p>The <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a> though was not really usable, it was displayed as a random soup of numbers due to the usage of unstructured <code>&lt;div&gt;</code> tags for the elements of the visual graphs.</p>
  213. <p>To fix this I reverted back to using <code>&lt;table&gt;</code> tags to structure the data.<br>This way the layout degrades gracefully in text-only browsers and provides a minimally structured representation of the data.<br>And I applied <a href="https://blog.x-way.org/Webdesign/2024/06/18/More-modern-technologies.html" title="More modern technologies - x-log">the newly learned CSS skills</a> (<code>linear-gradient</code> backgrounds) to achieve the same visual graph as beforehand when opening the page in a regular browser.</p>
  214. <p><img src="https://blog.x-way.org/images/lynx-statistics.png" alt="Screenshot of Lynx rendering the statistics page" width="720" height="423"></p>
  215. ]]></content:encoded>
  216.  </item>
  217.  
  218.  <item>
  219.    <title>.well-known/traffic-advice</title>
  220.    <link>https://blog.x-way.org/Webdesign/2024/06/29/well-known-traffic-advice.html</link>
  221.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324370</guid>
  222.    <dc:creator>Andreas Jaggi</dc:creator>
  223.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  224.    <pubDate>Sat, 29 Jun 2024 09:48:00 +0200</pubDate>
  225.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  226.    <description><![CDATA[<p>While looking at my 404s the top one for the blog was <code>/.well-known/traffic-advice</code>.<br>
  227. This is part of the traffic advice mechanism to control traffic from prefetch proxies (and based on my current access logs, seems only used by the <a href="https://developer.chrome.com/blog/private-prefetch-proxy/" title="Private prefetch proxy in Chrome">Chrome Privacy Preserving Prefetch Proxy</a>).</p>
  228. <p>The traffic advice mechanism is specified in the document <a href="https://buettner.github.io/private-prefetch-proxy/traffic-advice.html" title="Traffic Advice">here</a>.<br>
  229. It can be used to reduce the number of requests coming from prefetch proxies.</p>
  230. <p>To get rid of the 404s and provide support for the traffic advice mechanism, I use the following snippet in my nginx config.<br>
  231. It allows all requests from prefetch proxies (as currently I see no need to limit them).</p>
  232. <pre># Private Prefetch Proxy
  233. # https://developer.chrome.com/blog/private-prefetch-proxy/
  234. location /.well-known/traffic-advice {
  235.        types { } default_type "application/trafficadvice+json";
  236.        return 200 '[{"user_agent":"prefetch-proxy","fraction":1.0}]';
  237. }</pre>
  238. ]]></description>
  239.    <content:encoded><![CDATA[<p>While looking at my 404s the top one for the blog was <code>/.well-known/traffic-advice</code>.<br>
  240. This is part of the traffic advice mechanism to control traffic from prefetch proxies (and based on my current access logs, seems only used by the <a href="https://developer.chrome.com/blog/private-prefetch-proxy/" title="Private prefetch proxy in Chrome">Chrome Privacy Preserving Prefetch Proxy</a>).</p>
  241. <p>The traffic advice mechanism is specified in the document <a href="https://buettner.github.io/private-prefetch-proxy/traffic-advice.html" title="Traffic Advice">here</a>.<br>
  242. It can be used to reduce the number of requests coming from prefetch proxies.</p>
  243. <p>To get rid of the 404s and provide support for the traffic advice mechanism, I use the following snippet in my nginx config.<br>
  244. It allows all requests from prefetch proxies (as currently I see no need to limit them).</p>
  245. <pre># Private Prefetch Proxy
  246. # https://developer.chrome.com/blog/private-prefetch-proxy/
  247. location /.well-known/traffic-advice {
  248.        types { } default_type "application/trafficadvice+json";
  249.        return 200 '[{"user_agent":"prefetch-proxy","fraction":1.0}]';
  250. }</pre>
  251. ]]></content:encoded>
  252.  </item>
  253.  
  254.  <item>
  255.    <title>RSS feed tuning</title>
  256.    <link>https://blog.x-way.org/Webdesign/2024/06/23/RSS-feed-tuning.html</link>
  257.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324369</guid>
  258.    <dc:creator>Andreas Jaggi</dc:creator>
  259.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  260.    <pubDate>Sun, 23 Jun 2024 16:44:00 +0200</pubDate>
  261.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  262.    <description><![CDATA[<p>After the <a href="https://blog.x-way.org/Webdesign/2024/06/16/Jumping-on-the-Web-Components-bandwagon.html" title="Jumping on the Web Components bandwagon - x-log">recent addition of custom Web Components</a>, the usual <a href="https://www.rssboard.org/rss-validator/" title="RSS Validator">feed</a> <a href="https://validator.w3.org/feed/" title="W3C Feed Validation Service, for Atom and RSS">validators</a> were a bit less happy about my <a href="https://blog.x-way.org/rss.xml">RSS</a> and <a href="https://blog.x-way.org/atom.xml">Atom</a> feeds.</p>
  263. <p>They always marked my feeds as valid, but usually had some recommendations to improve interoperability with the widest range of feed readers.<br>In particular having non-HTML5 elements does not help with interoperability. Which makes sense as there is no real place in the XML of the feeds to reference the needed JavaScript for rendering the Web Components.</p>
  264. <p>Besides stripping away the &lt;youtube-vimeo-embed&gt; tags and replacing them with a link to the video, I took this opportunity to cleanup some other 'Altlasten' (legacy tech depts).<br>A lot of time was spent trying to get my head around various encodings/escapings of special characters. When the blog started in 2002, UTF-8 was not adopted yet and all special characters needed to be written as <a href="https://developer.mozilla.org/en-US/docs/Glossary/Character_reference" title="Character reference - MDN">HTML entities</a>.<br>And what didn't help is that I somehow had a text-only part in my RSS file which tried to deliver a version of my posts without any HTML (but failed to do so properly as it only had the tags stripped away but did not revert all the HTML character encodings.<br>Of course the various resulting &amp; characters nicely clash with XML encoding).</p>
  265. <p>There were some other oddities from the past, such as empty post titles and HTML tags inside titles.</p>
  266. <p>I ended up cleaning up most of this and got rid of the text-only representation and corresponding encoding/escaping problems. (using <code>&lt;![CDATA[</code> and <code>]]&gt;</code> with the HTML content inside makes life so much easier)</p>
  267. <p>The still remaing recommendations to improve are about relative links and <code>&lt;script&gt;</code> tags.<br>The relative links are all due to my replacing of dead and non-archived link destinations with a single <code>#</code>. So they are more a 'false postive' than a real problem, the links are dead either way.<br>The <code>&lt;script&gt;</code> tags are more problematic, as they result from my embedding of <a href="https://gist.github.com/" title="Discover Discover gists · GitHub">GitHub Gists</a> in posts. The code in the Gists is loaded, rendered and nicely highlighted with color by the script, thus not easy to replicate in a feed.</p>
  268. <p>Probably the best approach for the Gists would be to find a way to properly include the content into the posts. So that it is rendered nicely when viewed in a browser, and has a meaningful text-only fallback in the feeds.<br>Would make sense to self-hosts these anyways. Next rainy weekend project there you are :-)</p>
  269. <p><a href="https://www.rssboard.org/rss-validator/check.cgi?url=http%3A%2F%2Fblog.x-way.org%2Frss.xml" title="RSS Validator Results: http://blog.x-way.org/rss.xml"><img src="https://blog.x-way.org/images/valid-rss-rogers.png" width="88" height="31" alt="This is a valid RSS feed."></a> <a href="https://validator.w3.org/feed/check.cgi?url=https%3A%2F%2Fblog.x-way.org%2Fatom.xml" title="Feed Validator Results: https://blog.x-way.org/atom.xml"><img src="https://blog.x-way.org/images/valid-atom.png" width="88" height="31" alt="This is a valid Atom 1.0 feed."></a></p>
  270. ]]></description>
  271.    <content:encoded><![CDATA[<p>After the <a href="https://blog.x-way.org/Webdesign/2024/06/16/Jumping-on-the-Web-Components-bandwagon.html" title="Jumping on the Web Components bandwagon - x-log">recent addition of custom Web Components</a>, the usual <a href="https://www.rssboard.org/rss-validator/" title="RSS Validator">feed</a> <a href="https://validator.w3.org/feed/" title="W3C Feed Validation Service, for Atom and RSS">validators</a> were a bit less happy about my <a href="https://blog.x-way.org/rss.xml">RSS</a> and <a href="https://blog.x-way.org/atom.xml">Atom</a> feeds.</p>
  272. <p>They always marked my feeds as valid, but usually had some recommendations to improve interoperability with the widest range of feed readers.<br>In particular having non-HTML5 elements does not help with interoperability. Which makes sense as there is no real place in the XML of the feeds to reference the needed JavaScript for rendering the Web Components.</p>
  273. <p>Besides stripping away the &lt;youtube-vimeo-embed&gt; tags and replacing them with a link to the video, I took this opportunity to cleanup some other 'Altlasten' (legacy tech depts).<br>A lot of time was spent trying to get my head around various encodings/escapings of special characters. When the blog started in 2002, UTF-8 was not adopted yet and all special characters needed to be written as <a href="https://developer.mozilla.org/en-US/docs/Glossary/Character_reference" title="Character reference - MDN">HTML entities</a>.<br>And what didn't help is that I somehow had a text-only part in my RSS file which tried to deliver a version of my posts without any HTML (but failed to do so properly as it only had the tags stripped away but did not revert all the HTML character encodings.<br>Of course the various resulting &amp; characters nicely clash with XML encoding).</p>
  274. <p>There were some other oddities from the past, such as empty post titles and HTML tags inside titles.</p>
  275. <p>I ended up cleaning up most of this and got rid of the text-only representation and corresponding encoding/escaping problems. (using <code>&lt;![CDATA[</code> and <code>]]&gt;</code> with the HTML content inside makes life so much easier)</p>
  276. <p>The still remaing recommendations to improve are about relative links and <code>&lt;script&gt;</code> tags.<br>The relative links are all due to my replacing of dead and non-archived link destinations with a single <code>#</code>. So they are more a 'false postive' than a real problem, the links are dead either way.<br>The <code>&lt;script&gt;</code> tags are more problematic, as they result from my embedding of <a href="https://gist.github.com/" title="Discover Discover gists · GitHub">GitHub Gists</a> in posts. The code in the Gists is loaded, rendered and nicely highlighted with color by the script, thus not easy to replicate in a feed.</p>
  277. <p>Probably the best approach for the Gists would be to find a way to properly include the content into the posts. So that it is rendered nicely when viewed in a browser, and has a meaningful text-only fallback in the feeds.<br>Would make sense to self-hosts these anyways. Next rainy weekend project there you are :-)</p>
  278. <p><a href="https://www.rssboard.org/rss-validator/check.cgi?url=http%3A%2F%2Fblog.x-way.org%2Frss.xml" title="RSS Validator Results: http://blog.x-way.org/rss.xml"><img src="https://blog.x-way.org/images/valid-rss-rogers.png" width="88" height="31" alt="This is a valid RSS feed."></a> <a href="https://validator.w3.org/feed/check.cgi?url=https%3A%2F%2Fblog.x-way.org%2Fatom.xml" title="Feed Validator Results: https://blog.x-way.org/atom.xml"><img src="https://blog.x-way.org/images/valid-atom.png" width="88" height="31" alt="This is a valid Atom 1.0 feed."></a></p>
  279. ]]></content:encoded>
  280.  </item>
  281.  
  282.  <item>
  283.    <title>sibatable</title>
  284.    <link>https://blog.x-way.org/Food/2024/06/22/sibatable.html</link>
  285.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324368</guid>
  286.    <dc:creator>Andreas Jaggi</dc:creator>
  287.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  288.    <pubDate>Sat, 22 Jun 2024 20:06:00 +0200</pubDate>
  289.    <category domain="https://blog.x-way.org/Food">Food</category>
  290.    <description><![CDATA[<p><a href="https://blog.x-way.org/images/sibatable.jpg" title="sibatable"><img src="https://blog.x-way.org/images/sibatable_thumb.jpg" width="446" height="431" alt="A bowl of ramen with the rice and eggs decorated so that they look like a chicken with her chicks."></a></p>
  291. <p>Amazing food art by <a href="https://www.instagram.com/sibatable/" title="시바테이블 (&#064;sibatable) • Instagram">sibatable</a>.</p>
  292. <p>Besides the <a href="https://www.instagram.com/sibatable/" title="시바테이블 (&#064;sibatable) • Instagram">Instagram page</a> and the <a href="https://ohou.se/users/8132629" title="sibatable님의 공간에 오신 것을 환영합니다.">ohou.se page</a> check out the articles from <a href="https://www.tapasmagazine.es/en/sibatable-the-aesthetisation-food-through-fantasy/" title="Sibatable, the aestheticisation of food through fantasy - Tapas">Tapas</a> and <a href="https://mymodernmet.com/min-kyung-kin-sibatable-animal-food-art/" title="Super Cute Animal Food Art by Korean Artist">My Modern Met</a> for more infos about the artist.</p>
  293. <p>(<a href="https://labnotes.org/weekend-reading-occams-shaving-kit/" title="Weekend Reading — Occam&#x27;s shaving kit —  Labnotes (by Assaf Arkin)">via</a>)</p>
  294. ]]></description>
  295.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/images/sibatable.jpg" title="sibatable"><img src="https://blog.x-way.org/images/sibatable_thumb.jpg" width="446" height="431" alt="A bowl of ramen with the rice and eggs decorated so that they look like a chicken with her chicks."></a></p>
  296. <p>Amazing food art by <a href="https://www.instagram.com/sibatable/" title="시바테이블 (&#064;sibatable) • Instagram">sibatable</a>.</p>
  297. <p>Besides the <a href="https://www.instagram.com/sibatable/" title="시바테이블 (&#064;sibatable) • Instagram">Instagram page</a> and the <a href="https://ohou.se/users/8132629" title="sibatable님의 공간에 오신 것을 환영합니다.">ohou.se page</a> check out the articles from <a href="https://www.tapasmagazine.es/en/sibatable-the-aesthetisation-food-through-fantasy/" title="Sibatable, the aestheticisation of food through fantasy - Tapas">Tapas</a> and <a href="https://mymodernmet.com/min-kyung-kin-sibatable-animal-food-art/" title="Super Cute Animal Food Art by Korean Artist">My Modern Met</a> for more infos about the artist.</p>
  298. <p>(<a href="https://labnotes.org/weekend-reading-occams-shaving-kit/" title="Weekend Reading — Occam&#x27;s shaving kit —  Labnotes (by Assaf Arkin)">via</a>)</p>
  299. ]]></content:encoded>
  300.  </item>
  301.  
  302.  <item>
  303.    <title>IPv6 vs IPv4 traffic graphs in MikroTik</title>
  304.    <link>https://blog.x-way.org/Networking/2024/06/22/IPv6-vs-IPv4-traffic-graphs-in-MikroTik.html</link>
  305.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324367</guid>
  306.    <dc:creator>Andreas Jaggi</dc:creator>
  307.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  308.    <pubDate>Sat, 22 Jun 2024 12:32:00 +0200</pubDate>
  309.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  310.    <description><![CDATA[<p>Out of curiosity I wanted to know how much of my Internet traffic uses IPv6 vs the <a href="https://blog.x-way.org/Networking/2013/07/05/Mandatory-requirement-for-all-non-IPv6-capable-products.html">legacy IPv4</a>.</p>
  311. <p>There is no out-of-the-box graph for this in MikroTik.<br>Several forum and Stack Overflow posts suggest using ratelimiting queues with their graphing feature to collect this data.<p>
  312. <p>After experimenting a bit, I ended up with the following configuration which creates two queues to collect the traffic data.<br>Important to know, traffic flows on a first-match basis through the queues. Thus the trick of having first the queue matching IPv6 traffic and then the queue matching all the remaining traffic.<br>Also, I use <code>10G</code> as 'unreachable' traffic limit to avoid any traffic being ratelimited. This works well for my 1Gbit/s setup, but will need to be adjusted if you have a higher bandwidth.</p>
  313. <pre>/queue simple add limit-at=10G/10G max-limit=10G/10G name=v6-traffic queue=ethernet-default/ethernet-default target=2000::/3 total-queue=ethernet-default
  314. /queue simple add limit-at=10G/10G max-limit=10G/10G name=v4-traffic queue=ethernet-default/ethernet-default target="" total-queue=ethernet-default</pre>
  315. <p>Having the queues in place for a couple days results in the following graphs:</p>
  316. <p>IPv6 Traffic<br>
  317. <img src="https://blog.x-way.org/images/ipv6-traffic.png" width="492" height="251" alt="Weekly traffic graph of the IPv6 queue, showing an average of 379.65Kb incoming traffic."></p>
  318. <p>IPv4 Traffic<br>
  319. <img src="https://blog.x-way.org/images/ipv4-traffic.png" width="492" height="251" alt="Weekly traffic graph of the IPv4 queue, showing an average of 21.49Kb incoming traffic."></p>
  320. <p>Happy to see that a large majority of my traffic uses IPv6 :-)</p>
  321. ]]></description>
  322.    <content:encoded><![CDATA[<p>Out of curiosity I wanted to know how much of my Internet traffic uses IPv6 vs the <a href="https://blog.x-way.org/Networking/2013/07/05/Mandatory-requirement-for-all-non-IPv6-capable-products.html">legacy IPv4</a>.</p>
  323. <p>There is no out-of-the-box graph for this in MikroTik.<br>Several forum and Stack Overflow posts suggest using ratelimiting queues with their graphing feature to collect this data.<p>
  324. <p>After experimenting a bit, I ended up with the following configuration which creates two queues to collect the traffic data.<br>Important to know, traffic flows on a first-match basis through the queues. Thus the trick of having first the queue matching IPv6 traffic and then the queue matching all the remaining traffic.<br>Also, I use <code>10G</code> as 'unreachable' traffic limit to avoid any traffic being ratelimited. This works well for my 1Gbit/s setup, but will need to be adjusted if you have a higher bandwidth.</p>
  325. <pre>/queue simple add limit-at=10G/10G max-limit=10G/10G name=v6-traffic queue=ethernet-default/ethernet-default target=2000::/3 total-queue=ethernet-default
  326. /queue simple add limit-at=10G/10G max-limit=10G/10G name=v4-traffic queue=ethernet-default/ethernet-default target="" total-queue=ethernet-default</pre>
  327. <p>Having the queues in place for a couple days results in the following graphs:</p>
  328. <p>IPv6 Traffic<br>
  329. <img src="https://blog.x-way.org/images/ipv6-traffic.png" width="492" height="251" alt="Weekly traffic graph of the IPv6 queue, showing an average of 379.65Kb incoming traffic."></p>
  330. <p>IPv4 Traffic<br>
  331. <img src="https://blog.x-way.org/images/ipv4-traffic.png" width="492" height="251" alt="Weekly traffic graph of the IPv4 queue, showing an average of 21.49Kb incoming traffic."></p>
  332. <p>Happy to see that a large majority of my traffic uses IPv6 :-)</p>
  333. ]]></content:encoded>
  334.  </item>
  335.  
  336.  <item>
  337.    <title>More modern technologies</title>
  338.    <link>https://blog.x-way.org/Webdesign/2024/06/18/More-modern-technologies.html</link>
  339.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324366</guid>
  340.    <dc:creator>Andreas Jaggi</dc:creator>
  341.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  342.    <pubDate>Tue, 18 Jun 2024 20:59:00 +0200</pubDate>
  343.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  344.    <description><![CDATA[<p>After the recent <a href="https://blog.x-way.org/Webdesign/2024/06/16/Jumping-on-the-Web-Components-bandwagon.html" title="Jumping on the Web Components bandwagon - x-log">integration of Web Components in the blog</a>, I made yet another stab at using some modern technologies.</p>
  345. <p>This time inspired by the <a href="https://lynnandtonic.com/thoughts/entries/ten-years-of-a-single-div/" title="Ten years of A Single Div | Lynn Fisher">Ten years of A Single Div</a> article, my focus was on the <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/gradient/linear-gradient" title="linear-gradient() - CSS | MDN">linear-gradient()</a> and <a  href="https://developer.mozilla.org/en-US/docs/Web/CSS/gradient/radial-gradient" title="radial-gradient() - CSS | MDN">radial-gradient()</a> CSS properties.</p>
  346. <p>They can be combined to draw almost arbitrary shapes with pure CSS.</p>
  347. <p>I used this to replace all graphics on <a href="https://www.andreas-jaggi.ch/" title="andreas-jaggi.ch">andreas-jaggi.ch</a> with CSS, while keeping the layout and functionality identical to the <a href="https://web.archive.org/web/20050311173245/http://x-way.waterwave.ch/#" title="x-way.waterwave.ch (archive.org)">original 2005 version</a>.</p>
  348. <p>In the process of this, also some additional modern CSS features were used:<br>
  349. <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/var" title="var() - CSS | MDN">var()</a> to simplify repeating CSS code.<br>
  350. <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/animation" title="animation - CSS | MDN">animation</a>/<a href="https://developer.mozilla.org/en-US/docs/Web/CSS/@keyframes" title="@keyframes - CSS | MDN">@keyframes</a> to add a little fade-in effect on the hover text.</p>
  351. ]]></description>
  352.    <content:encoded><![CDATA[<p>After the recent <a href="https://blog.x-way.org/Webdesign/2024/06/16/Jumping-on-the-Web-Components-bandwagon.html" title="Jumping on the Web Components bandwagon - x-log">integration of Web Components in the blog</a>, I made yet another stab at using some modern technologies.</p>
  353. <p>This time inspired by the <a href="https://lynnandtonic.com/thoughts/entries/ten-years-of-a-single-div/" title="Ten years of A Single Div | Lynn Fisher">Ten years of A Single Div</a> article, my focus was on the <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/gradient/linear-gradient" title="linear-gradient() - CSS | MDN">linear-gradient()</a> and <a  href="https://developer.mozilla.org/en-US/docs/Web/CSS/gradient/radial-gradient" title="radial-gradient() - CSS | MDN">radial-gradient()</a> CSS properties.</p>
  354. <p>They can be combined to draw almost arbitrary shapes with pure CSS.</p>
  355. <p>I used this to replace all graphics on <a href="https://www.andreas-jaggi.ch/" title="andreas-jaggi.ch">andreas-jaggi.ch</a> with CSS, while keeping the layout and functionality identical to the <a href="https://web.archive.org/web/20050311173245/http://x-way.waterwave.ch/#" title="x-way.waterwave.ch (archive.org)">original 2005 version</a>.</p>
  356. <p>In the process of this, also some additional modern CSS features were used:<br>
  357. <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/var" title="var() - CSS | MDN">var()</a> to simplify repeating CSS code.<br>
  358. <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/animation" title="animation - CSS | MDN">animation</a>/<a href="https://developer.mozilla.org/en-US/docs/Web/CSS/@keyframes" title="@keyframes - CSS | MDN">@keyframes</a> to add a little fade-in effect on the hover text.</p>
  359. ]]></content:encoded>
  360.  </item>
  361.  
  362.  <item>
  363.    <title>Jumping on the Web Components bandwagon</title>
  364.    <link>https://blog.x-way.org/Webdesign/2024/06/16/Jumping-on-the-Web-Components-bandwagon.html</link>
  365.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324365</guid>
  366.    <dc:creator>Andreas Jaggi</dc:creator>
  367.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  368.    <pubDate>Sun, 16 Jun 2024 21:53:00 +0200</pubDate>
  369.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  370.    <description><![CDATA[<p>The <a href="https://adrianroselli.com/2024/06/youtube-and-vimeo-web-component.html" title="YouTube and Vimeo Web Component - Adrian Roselli">recent article from Adrian Roselli</a> explaining how to write a Web Component for YouTube and Vimeo videos, triggered me to finally adopt the Web Components technology for my blog.<br>Additionally there is <a href="https://kniebes.com/" title="Markus Kniebes">Markus</a> using <a href="https://kniebes.com/2023/07/01/sharing-web-component" title="Sharing Web Component (kniebes.com)">Web Components for his blog</a> since quite some time, which gave me confidence.</p>
  371. <p>Implementing Web Components was now not only for the sake of learning about the technology, but also to address some longstanding painpoints I had with my embedded videos.<br>In particular did I not like that each embedded video triggered the loading of a plethora of third-party scripts and styles only to render the thumbnail image. And additionally this leaked tracking/cookie information to the video hosters (yes, I was using www.youtube-nocookie.com to reduce this as far as possible, but could not eliminate it completely).</p>
  372. <p>Thus I added a <code>&lt;youtube-vimeo-embed&gt;</code> Web Component and changed all my embedded YouTube and Vimeo videos to use it.</p>
  373. <p>My implementation is almost a 1:1 copy of the <a href="https://github.com/aardrian/youtube-vimeo-embed/tree/main" title="GitHub - aardrian/youtube-vimeo-embed: A custom element to embed either a YouTube or Vimeo video into your page.">code provided by Adrian</a>, with some minor adaptions (such as hiding the original link when the video iframe can be rendered and always enabling fullscreen mode in videos).</p>
  374. <p>I'm quite happy with the outcome, as it provides some new benefits:<br>
  375. Except for the thumbnail image, no other third-party resources are loaded until someone clicks on the play button.<br>
  376. When JavaScript or Web Components are not supported by a browser, it gracefuly falls back to a simple link to the video.<br>
  377. Loading speed of the whole page improved quite a bit, as videos are only loaded on demand.<br>
  378. It always uses www.youtube-nocookie.com and third-party scripts are only loaded if someone explicitly clicks on the play button of a video :-)</p>
  379. ]]></description>
  380.    <content:encoded><![CDATA[<p>The <a href="https://adrianroselli.com/2024/06/youtube-and-vimeo-web-component.html" title="YouTube and Vimeo Web Component - Adrian Roselli">recent article from Adrian Roselli</a> explaining how to write a Web Component for YouTube and Vimeo videos, triggered me to finally adopt the Web Components technology for my blog.<br>Additionally there is <a href="https://kniebes.com/" title="Markus Kniebes">Markus</a> using <a href="https://kniebes.com/2023/07/01/sharing-web-component" title="Sharing Web Component (kniebes.com)">Web Components for his blog</a> since quite some time, which gave me confidence.</p>
  381. <p>Implementing Web Components was now not only for the sake of learning about the technology, but also to address some longstanding painpoints I had with my embedded videos.<br>In particular did I not like that each embedded video triggered the loading of a plethora of third-party scripts and styles only to render the thumbnail image. And additionally this leaked tracking/cookie information to the video hosters (yes, I was using www.youtube-nocookie.com to reduce this as far as possible, but could not eliminate it completely).</p>
  382. <p>Thus I added a <code>&lt;youtube-vimeo-embed&gt;</code> Web Component and changed all my embedded YouTube and Vimeo videos to use it.</p>
  383. <p>My implementation is almost a 1:1 copy of the <a href="https://github.com/aardrian/youtube-vimeo-embed/tree/main" title="GitHub - aardrian/youtube-vimeo-embed: A custom element to embed either a YouTube or Vimeo video into your page.">code provided by Adrian</a>, with some minor adaptions (such as hiding the original link when the video iframe can be rendered and always enabling fullscreen mode in videos).</p>
  384. <p>I'm quite happy with the outcome, as it provides some new benefits:<br>
  385. Except for the thumbnail image, no other third-party resources are loaded until someone clicks on the play button.<br>
  386. When JavaScript or Web Components are not supported by a browser, it gracefuly falls back to a simple link to the video.<br>
  387. Loading speed of the whole page improved quite a bit, as videos are only loaded on demand.<br>
  388. It always uses www.youtube-nocookie.com and third-party scripts are only loaded if someone explicitly clicks on the play button of a video :-)</p>
  389. ]]></content:encoded>
  390.  </item>
  391.  
  392.  <item>
  393.    <title>blo.gs still Pinging</title>
  394.    <link>https://blog.x-way.org/Coding/2024/06/12/blogs-still-Pinging.html</link>
  395.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324364</guid>
  396.    <dc:creator>Andreas Jaggi</dc:creator>
  397.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  398.    <pubDate>Wed, 12 Jun 2024 06:28:00 +0200</pubDate>
  399.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  400.    <description><![CDATA[<p>While browsing posts from the past on the <a href="https://blog.x-way.org/on-this-day.html" title="x-log - On this day">On this day</a> page, I saw the one about <a href="http://blo.gs/" title="blo.gs">blog.gs</a> from <a href="https://blog.x-way.org/Coding/2002/06/12/blogs-Ping.html" title="x-log - blo.gs-Ping">2002</a>.</p>
  401. <p>Turns out the blog.gs ping mechanism is still working in exactly the same way after all these years (nowadays operated by Automattic).</p>
  402. <p>As I don't run my blog with PHP anymore, I added the following step at the end of my deploy script.<br>It uses <code>curl</code> to peform <a href="http://blo.gs/ping-example.php" title="blo.gs: weblogUpdates.extendedPing example">the XML-RPC call</a> of the <code>weblogUpdates.extendedPing</code> API with the parameters for my weblog.</p>
  403. <pre>curl -X POST -v ping.blo.gs -H 'content-type: text/xml' --data '&lt;?xml version="1.0"?&gt;&lt;methodCall&gt;&lt;methodName&gt;weblogUpdates.extendedPing&lt;/methodName&gt;&lt;params&gt;&lt;param&gt;&lt;value&gt;x-log&lt;/value&gt;&lt;/param&gt;&lt;param&gt;&lt;value&gt;https://blog.x-way.org/&lt;/value&gt;&lt;/param&gt;&lt;param&gt;&lt;value&gt;&lt;/value&gt;&lt;/param&gt;&lt;param&gt;&lt;value&gt;https://blog.x-way.org/rss.xml&lt;/value&gt;&lt;/param&gt;&lt;/params&gt;&lt;/methodCall&gt;'</pre>
  404. ]]></description>
  405.    <content:encoded><![CDATA[<p>While browsing posts from the past on the <a href="https://blog.x-way.org/on-this-day.html" title="x-log - On this day">On this day</a> page, I saw the one about <a href="http://blo.gs/" title="blo.gs">blog.gs</a> from <a href="https://blog.x-way.org/Coding/2002/06/12/blogs-Ping.html" title="x-log - blo.gs-Ping">2002</a>.</p>
  406. <p>Turns out the blog.gs ping mechanism is still working in exactly the same way after all these years (nowadays operated by Automattic).</p>
  407. <p>As I don't run my blog with PHP anymore, I added the following step at the end of my deploy script.<br>It uses <code>curl</code> to peform <a href="http://blo.gs/ping-example.php" title="blo.gs: weblogUpdates.extendedPing example">the XML-RPC call</a> of the <code>weblogUpdates.extendedPing</code> API with the parameters for my weblog.</p>
  408. <pre>curl -X POST -v ping.blo.gs -H 'content-type: text/xml' --data '&lt;?xml version="1.0"?&gt;&lt;methodCall&gt;&lt;methodName&gt;weblogUpdates.extendedPing&lt;/methodName&gt;&lt;params&gt;&lt;param&gt;&lt;value&gt;x-log&lt;/value&gt;&lt;/param&gt;&lt;param&gt;&lt;value&gt;https://blog.x-way.org/&lt;/value&gt;&lt;/param&gt;&lt;param&gt;&lt;value&gt;&lt;/value&gt;&lt;/param&gt;&lt;param&gt;&lt;value&gt;https://blog.x-way.org/rss.xml&lt;/value&gt;&lt;/param&gt;&lt;/params&gt;&lt;/methodCall&gt;'</pre>
  409. ]]></content:encoded>
  410.  </item>
  411.  
  412.  <item>
  413.    <title>Run Your Own Mail Server</title>
  414.    <link>https://blog.x-way.org/Linux/2024/05/31/Run-Your-Own-Mail-Server.html</link>
  415.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324363</guid>
  416.    <dc:creator>Andreas Jaggi</dc:creator>
  417.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  418.    <pubDate>Fri, 31 May 2024 20:24:00 +0200</pubDate>
  419.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  420.    <description><![CDATA[<p><a href="https://mwl.io/" title="About Me - Michael W Lucas">Michael W Lucas</a> is running a <a href="https://www.kickstarter.com/projects/mwlucas/run-your-own-mail-server/" title="Run Your Own Mail Server: A Book for Independence &amp; Privacy">Kickstarter campaign</a> to fund writing of book providing the knowledge to run your own mail server.</p>
  421. <p>As I'm running my own mail server (coincidently with some of the tools that will be discussed in the book: Debian, Postfix, Dovecot), I do sympathize with this initiative and would recommend to support the campaign.</p>
  422. ]]></description>
  423.    <content:encoded><![CDATA[<p><a href="https://mwl.io/" title="About Me - Michael W Lucas">Michael W Lucas</a> is running a <a href="https://www.kickstarter.com/projects/mwlucas/run-your-own-mail-server/" title="Run Your Own Mail Server: A Book for Independence &amp; Privacy">Kickstarter campaign</a> to fund writing of book providing the knowledge to run your own mail server.</p>
  424. <p>As I'm running my own mail server (coincidently with some of the tools that will be discussed in the book: Debian, Postfix, Dovecot), I do sympathize with this initiative and would recommend to support the campaign.</p>
  425. ]]></content:encoded>
  426.  </item>
  427.  
  428.  <item>
  429.    <title>udm=14</title>
  430.    <link>https://blog.x-way.org/Misc/2024/05/25/udm-14.html</link>
  431.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324362</guid>
  432.    <dc:creator>Andreas Jaggi</dc:creator>
  433.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  434.    <pubDate>Sat, 25 May 2024 09:30:00 +0200</pubDate>
  435.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  436.    <description><![CDATA[<p>As seen <a href="https://vowe.net/2024/05/20/old-school-google/" title="Old School Google - vowe dot net">all</a> <a href="https://daringfireball.net/linked/2024/05/22/google-web-tedium" title="Daring Fireball: How to Make Google’s 'Web' View Your Search Default">over</a> <a href="https://kottke.org/24/05/0044646-how-to-get-google-search" title="How to get Google search results without the AI garbage">the</a> <a href="https://bookmark.kniebes.io/bookmark/128c284f18cd11efadf1408d5c84b5d9" title="&amp;udm=14 | the disenshittification Konami code">place</a>, adding <code>udm=14</code> to the URL of a Google search makes the result display less crappy (no ads, no AI suggestions to <a href="https://www.bbc.com/news/articles/cd11gzejgz4o" title="Google AI search tells users to glue pizza and eat rocks">eat rocks or put glue on pizza</a>, &hellip;).<br>The search results themselves of course are not really getting better with this, but at least the search experience is less annoying.</p>
  437. <p>For the Desktop edition of Firefox you will need to use the <a href="https://addons.mozilla.org/en-US/firefox/addon/udm14/" title="udm14 - Get this Extension for Firefox">udm14 extension</a> to add the <code>udm=14</code> parameter by default to your search bar.<br>For other browsers it should be enough to modify the settings of the search URL used and add the parameter (something like <code>https://www.google.com/search?q=%s&amp;udm=14</code>).<br>Or even better, do use an alternative search engine :-)</p>
  438. ]]></description>
  439.    <content:encoded><![CDATA[<p>As seen <a href="https://vowe.net/2024/05/20/old-school-google/" title="Old School Google - vowe dot net">all</a> <a href="https://daringfireball.net/linked/2024/05/22/google-web-tedium" title="Daring Fireball: How to Make Google’s 'Web' View Your Search Default">over</a> <a href="https://kottke.org/24/05/0044646-how-to-get-google-search" title="How to get Google search results without the AI garbage">the</a> <a href="https://bookmark.kniebes.io/bookmark/128c284f18cd11efadf1408d5c84b5d9" title="&amp;udm=14 | the disenshittification Konami code">place</a>, adding <code>udm=14</code> to the URL of a Google search makes the result display less crappy (no ads, no AI suggestions to <a href="https://www.bbc.com/news/articles/cd11gzejgz4o" title="Google AI search tells users to glue pizza and eat rocks">eat rocks or put glue on pizza</a>, &hellip;).<br>The search results themselves of course are not really getting better with this, but at least the search experience is less annoying.</p>
  440. <p>For the Desktop edition of Firefox you will need to use the <a href="https://addons.mozilla.org/en-US/firefox/addon/udm14/" title="udm14 - Get this Extension for Firefox">udm14 extension</a> to add the <code>udm=14</code> parameter by default to your search bar.<br>For other browsers it should be enough to modify the settings of the search URL used and add the parameter (something like <code>https://www.google.com/search?q=%s&amp;udm=14</code>).<br>Or even better, do use an alternative search engine :-)</p>
  441. ]]></content:encoded>
  442.  </item>
  443.  
  444.  <item>
  445.    <title>Recent Docker BuildKit Features</title>
  446.    <link>https://blog.x-way.org/Linux/2024/05/20/Recent-Docker-BuildKit-Features.html</link>
  447.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324361</guid>
  448.    <dc:creator>Andreas Jaggi</dc:creator>
  449.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  450.    <pubDate>Mon, 20 May 2024 07:24:00 +0200</pubDate>
  451.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  452.    <description><![CDATA[<p>In the <a href="https://martinheinz.dev/blog/111" title="Recent Docker BuildKit Features You're Missing Out On | Martin Heinz | Personal Website &amp; Blog">Recent Docker BuildKit Features You're Missing Out On</a> article, <a href="https://martinheinz.dev/" title="Martin Heinz | Personal Website &amp; Blog">Martin Heinz</a> lists some of the new features that have been added to Docker with the BuildKit introduction.</p>
  453. <p>My favorite one is the <a href="https://github.com/docker/buildx/blob/master/docs/debugging.md" title="debugging docs">debugger for failed build steps</a> of a container:</p>
  454. <pre>export BUILDX_EXPERIMENTAL=1
  455. docker buildx debug --invoke /bin/sh --on=error build .</pre>
  456. ]]></description>
  457.    <content:encoded><![CDATA[<p>In the <a href="https://martinheinz.dev/blog/111" title="Recent Docker BuildKit Features You're Missing Out On | Martin Heinz | Personal Website &amp; Blog">Recent Docker BuildKit Features You're Missing Out On</a> article, <a href="https://martinheinz.dev/" title="Martin Heinz | Personal Website &amp; Blog">Martin Heinz</a> lists some of the new features that have been added to Docker with the BuildKit introduction.</p>
  458. <p>My favorite one is the <a href="https://github.com/docker/buildx/blob/master/docs/debugging.md" title="debugging docs">debugger for failed build steps</a> of a container:</p>
  459. <pre>export BUILDX_EXPERIMENTAL=1
  460. docker buildx debug --invoke /bin/sh --on=error build .</pre>
  461. ]]></content:encoded>
  462.  </item>
  463.  
  464.  <item>
  465.    <title>Migrations</title>
  466.    <link>https://blog.x-way.org/Coding/2024/05/20/Migrations.html</link>
  467.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324360</guid>
  468.    <dc:creator>Andreas Jaggi</dc:creator>
  469.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  470.    <pubDate>Mon, 20 May 2024 06:02:00 +0200</pubDate>
  471.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  472.    <description><![CDATA[<blockquote cite="https://twitter.com/mipsytipsy/status/1778534529298489428">
  473. <p>Migrations are not something you can do rarely, or put off, or avoid; not if you are a growing company. Migrations are an ordinary fact of life.</p>
  474. <p>Doing them swiftly, efficiently, and -- most of all -- *completely* is one of the most critical skills you can develop as a team.</p>
  475. </blockquote>
  476. <p>&mdash; <a href="https://charity.wtf/" title="Charity Majors">Charity Majors</a> (<a href="https://simonwillison.net/2024/May/6/charity-majors/" title="A quote from Charity Majors">via</a>)</p>
  477. ]]></description>
  478.    <content:encoded><![CDATA[<blockquote cite="https://twitter.com/mipsytipsy/status/1778534529298489428">
  479. <p>Migrations are not something you can do rarely, or put off, or avoid; not if you are a growing company. Migrations are an ordinary fact of life.</p>
  480. <p>Doing them swiftly, efficiently, and -- most of all -- *completely* is one of the most critical skills you can develop as a team.</p>
  481. </blockquote>
  482. <p>&mdash; <a href="https://charity.wtf/" title="Charity Majors">Charity Majors</a> (<a href="https://simonwillison.net/2024/May/6/charity-majors/" title="A quote from Charity Majors">via</a>)</p>
  483. ]]></content:encoded>
  484.  </item>
  485.  
  486.  <item>
  487.    <title>Building a Geocities website in 1998</title>
  488.    <link>https://blog.x-way.org/Misc/2024/05/19/Building-a-Geocities-website-in-1998.html</link>
  489.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324359</guid>
  490.    <dc:creator>Andreas Jaggi</dc:creator>
  491.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  492.    <pubDate>Sun, 19 May 2024 11:35:00 +0200</pubDate>
  493.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  494.    <description><![CDATA[<p><a href="https://youtu.be/HeXVKrtecis" title="Building a Geocities website in 1998 - YouTube">Building a Geocities website in 1998</a></p>
  495. <p>Brings back some faint memories of young me playing around with FrontPage (wondering why the preview rendering of an animated fullscreen background of a burning fire is making the computer go slow&hellip;)</p>
  496. <p>(<a href="https://buttondown.email/cassidoo/archive/an-honest-man-is-always-a-child-socrates/" title="Web links of the week - cassidoo">via</a>)</p>
  497. ]]></description>
  498.    <content:encoded><![CDATA[<p><a href="https://youtu.be/HeXVKrtecis" title="Building a Geocities website in 1998 - YouTube">Building a Geocities website in 1998</a></p>
  499. <p>Brings back some faint memories of young me playing around with FrontPage (wondering why the preview rendering of an animated fullscreen background of a burning fire is making the computer go slow&hellip;)</p>
  500. <p>(<a href="https://buttondown.email/cassidoo/archive/an-honest-man-is-always-a-child-socrates/" title="Web links of the week - cassidoo">via</a>)</p>
  501. ]]></content:encoded>
  502.  </item>
  503.  
  504.  <item>
  505.    <title>On this day</title>
  506.    <link>https://blog.x-way.org/Misc/2024/05/13/On-this-day.html</link>
  507.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324358</guid>
  508.    <dc:creator>Andreas Jaggi</dc:creator>
  509.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  510.    <pubDate>Mon, 13 May 2024 07:00:00 +0200</pubDate>
  511.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  512.    <description><![CDATA[<p>In his <a href="https://shkspr.mobi/blog/2024/05/it-was-twenty-years-ago-today/" title="It was twenty years ago today &mdash; Terence Eden's Blog">20 year anniversary post</a>, <a href="https://shkspr.mobi/blog/" title="Terence Eden's Blog">Terence Eden</a> explains how he uses the "<a href="https://shkspr.mobi/blog/on-this-day/" title="On This Day &mdash; Terence Eden's Blog">On This Day</a>" feature of his blog every morning to look back on what he was writing on this day in previous years.</p>
  513. <p>Finding this very inspiring, I decided to add a similar feature to my blog.<br>As my blog is built with Jekyll as static pages, some plain old JavaScript was needed to surface the posts of this day without having to rebuild the page daily.</p>
  514. <p>And here we have now the <a href="https://blog.x-way.org/on-this-day.html" title="x-log - On This day">On this day</a> page :-)</p>
  515. ]]></description>
  516.    <content:encoded><![CDATA[<p>In his <a href="https://shkspr.mobi/blog/2024/05/it-was-twenty-years-ago-today/" title="It was twenty years ago today &mdash; Terence Eden's Blog">20 year anniversary post</a>, <a href="https://shkspr.mobi/blog/" title="Terence Eden's Blog">Terence Eden</a> explains how he uses the "<a href="https://shkspr.mobi/blog/on-this-day/" title="On This Day &mdash; Terence Eden's Blog">On This Day</a>" feature of his blog every morning to look back on what he was writing on this day in previous years.</p>
  517. <p>Finding this very inspiring, I decided to add a similar feature to my blog.<br>As my blog is built with Jekyll as static pages, some plain old JavaScript was needed to surface the posts of this day without having to rebuild the page daily.</p>
  518. <p>And here we have now the <a href="https://blog.x-way.org/on-this-day.html" title="x-log - On This day">On this day</a> page :-)</p>
  519. ]]></content:encoded>
  520.  </item>
  521.  
  522.  <item>
  523.    <title>Warm weather warm colors</title>
  524.    <link>https://blog.x-way.org/Webdesign/2024/05/11/Warm-weather-warm-colors.html</link>
  525.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324357</guid>
  526.    <dc:creator>Andreas Jaggi</dc:creator>
  527.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  528.    <pubDate>Sat, 11 May 2024 20:03:00 +0200</pubDate>
  529.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  530.    <description><![CDATA[<p>The warm temperatures around here made me change the blog theme back to the warm colors ☀️</p>
  531. <p>Basically it's a revert of the <a href="https://blog.x-way.org/Webdesign/2024/01/01/Winter-plain-2.html" title="x-log - Winter - plain 2">winter layout changes</a> from beginning of the year, while keeping <a href="https://blog.x-way.org/Webdesign/2024/01/03/Valid-HTML5.html" title="x-log - Valid HTML5">all</a> <a href="https://blog.x-way.org/Webdesign/2024/01/27/Quick-and-dirty-dark-mode.html" title="x-log - Quick and dirty dark mode">the</a> <a href="https://blog.x-way.org/Webdesign/2024/01/28/Tables-are-gone.html" title="x-log - Tables are gone">HTML modernizations</a> done afterwards :-)</p>
  532. <p>We're back on the <a href="https://blog.x-way.org/Webdesign/2022/06/04/Blogging-like-2002.html" title="x-log - Blogging like 2002">original 2002 layout</a> (with modern HTML), for those trying to keep score. Enjoy!</p>
  533. ]]></description>
  534.    <content:encoded><![CDATA[<p>The warm temperatures around here made me change the blog theme back to the warm colors ☀️</p>
  535. <p>Basically it's a revert of the <a href="https://blog.x-way.org/Webdesign/2024/01/01/Winter-plain-2.html" title="x-log - Winter - plain 2">winter layout changes</a> from beginning of the year, while keeping <a href="https://blog.x-way.org/Webdesign/2024/01/03/Valid-HTML5.html" title="x-log - Valid HTML5">all</a> <a href="https://blog.x-way.org/Webdesign/2024/01/27/Quick-and-dirty-dark-mode.html" title="x-log - Quick and dirty dark mode">the</a> <a href="https://blog.x-way.org/Webdesign/2024/01/28/Tables-are-gone.html" title="x-log - Tables are gone">HTML modernizations</a> done afterwards :-)</p>
  536. <p>We're back on the <a href="https://blog.x-way.org/Webdesign/2022/06/04/Blogging-like-2002.html" title="x-log - Blogging like 2002">original 2002 layout</a> (with modern HTML), for those trying to keep score. Enjoy!</p>
  537. ]]></content:encoded>
  538.  </item>
  539.  
  540.  <item>
  541.    <title>The KonCodie Method</title>
  542.    <link>https://blog.x-way.org/Coding/2024/05/11/The-KonCodie-Method.html</link>
  543.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324356</guid>
  544.    <dc:creator>Andreas Jaggi</dc:creator>
  545.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  546.    <pubDate>Sat, 11 May 2024 17:09:00 +0200</pubDate>
  547.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  548.    <description><![CDATA[<p>What if <a href="https://konmari.com/" title="KonMarie | The Official Website of Marie Kondo">Marie Kondo</a> would become a software engineer?</p>
  549. <p><a href="https://www.200ok.com.au/" title="200 OK">Ben Buchanan</a> did run a parody account on this topic and has archived the posts <a href="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html" title="The KonCodie Method | the 200ok weblog">on his site</a>.</p>
  550. <p>There are some gems :-)</p>
  551. <blockquote cite="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html#koncodie-02"><p>To choose what to keep and what to throw away, take each dependency in one's manifest and ask: "Does this spark joy?" If it does, keep it. If not, remove it from your codebase.</p></blockquote>
  552. <blockquote cite="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html#koncodie-08"><p>We should be choosing what to <code>.gitkeep</code>, not what we want to <code>.gitignore</code></p></blockquote>
  553. <blockquote cite="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html#koncodie-31"><p>Cruft has only two possible causes: too much effort is required to refactor or it is unclear where things belong.</p></blockquote>
  554. ]]></description>
  555.    <content:encoded><![CDATA[<p>What if <a href="https://konmari.com/" title="KonMarie | The Official Website of Marie Kondo">Marie Kondo</a> would become a software engineer?</p>
  556. <p><a href="https://www.200ok.com.au/" title="200 OK">Ben Buchanan</a> did run a parody account on this topic and has archived the posts <a href="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html" title="The KonCodie Method | the 200ok weblog">on his site</a>.</p>
  557. <p>There are some gems :-)</p>
  558. <blockquote cite="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html#koncodie-02"><p>To choose what to keep and what to throw away, take each dependency in one's manifest and ask: "Does this spark joy?" If it does, keep it. If not, remove it from your codebase.</p></blockquote>
  559. <blockquote cite="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html#koncodie-08"><p>We should be choosing what to <code>.gitkeep</code>, not what we want to <code>.gitignore</code></p></blockquote>
  560. <blockquote cite="https://weblog.200ok.com.au/2023/07/the-koncodie-method.html#koncodie-31"><p>Cruft has only two possible causes: too much effort is required to refactor or it is unclear where things belong.</p></blockquote>
  561. ]]></content:encoded>
  562.  </item>
  563.  
  564.  <item>
  565.    <title>If you don't fit...</title>
  566.    <link>https://blog.x-way.org/Misc/2024/05/05/If-you-dont-fit.html</link>
  567.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324354</guid>
  568.    <dc:creator>Andreas Jaggi</dc:creator>
  569.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  570.    <pubDate>Sun, 05 May 2024 20:40:00 +0200</pubDate>
  571.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  572.    <description><![CDATA[<p><a href="https://blog.x-way.org/images/if-you-dont-fit.png" title="A sad little puzzle piece is looking at a puzzle with no room for him. The text says &quot;If you don't fit... Maybe you haven't found the right puzzle.&quot; Then the piece joins a puzzle that is full of friendly pieces with lots of room"><img src="https://blog.x-way.org/images/if-you-dont-fit_thumb.png" height="500" width="400" alt="A sad little puzzle piece is looking at a puzzle with no room for him. The text says &quot;If you don't fit... Maybe you haven't found the right puzzle.&quot; Then the piece joins a puzzle that is full of friendly pieces with lots of room"></a></p>
  573. <p>&quot;If you don't fit... Maybe you haven't found the right puzzle.&quot; &mdash; <a href="https://admiralwonderboat.com/" title="ADMIRAL WONDERBOAT">Admiral</a> <a href="https://mastodon.social/@admiralwonderboat/112368789681867074" title="ADMIRAL WONDERBOAT">Wonderboat</a> (<a href="https://fosstodon.org/@sushee" title="Su-Shee">via</a>)</p>
  574. ]]></description>
  575.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/images/if-you-dont-fit.png" title="A sad little puzzle piece is looking at a puzzle with no room for him. The text says &quot;If you don't fit... Maybe you haven't found the right puzzle.&quot; Then the piece joins a puzzle that is full of friendly pieces with lots of room"><img src="https://blog.x-way.org/images/if-you-dont-fit_thumb.png" height="500" width="400" alt="A sad little puzzle piece is looking at a puzzle with no room for him. The text says &quot;If you don't fit... Maybe you haven't found the right puzzle.&quot; Then the piece joins a puzzle that is full of friendly pieces with lots of room"></a></p>
  576. <p>&quot;If you don't fit... Maybe you haven't found the right puzzle.&quot; &mdash; <a href="https://admiralwonderboat.com/" title="ADMIRAL WONDERBOAT">Admiral</a> <a href="https://mastodon.social/@admiralwonderboat/112368789681867074" title="ADMIRAL WONDERBOAT">Wonderboat</a> (<a href="https://fosstodon.org/@sushee" title="Su-Shee">via</a>)</p>
  577. ]]></content:encoded>
  578.  </item>
  579.  
  580.  <item>
  581.    <title>Migrate from legacy CSM boot to UEFI boot</title>
  582.    <link>https://blog.x-way.org/Linux/2024/05/05/Migrate-from-legacy-CSM-boot-to-UEFI-boot.html</link>
  583.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324355</guid>
  584.    <dc:creator>Andreas Jaggi</dc:creator>
  585.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  586.    <pubDate>Sun, 05 May 2024 16:00:00 +0200</pubDate>
  587.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  588.    <description><![CDATA[<p>Due to a hardware failure I had to replace one of my computers (switching from a <a href="https://www.galaxus.ch/de/s1/product/intel-nuc-swift-canyon-nuc6i5syh-intel-core-i5-6260u-barebone-5670885" title="Intel NUC SWIFT CANYON NUC6I5SYH">2015 Intel NUC</a> to a <a href="https://www.galaxus.ch/de/s1/product/dell-optiplex-mff-intel-core-i5-12500t-16-gb-512-gb-ssd-pc-40390750" title="Dell OptiPlex MFF">Dell OptiPlex Micro 7010</a>).<br>
  589. After moving the disk to the new system, it refused to boot (claimed that no bootable drive was available).</p>
  590. <p>Turns out that the new system only supports UEFI booting and the existing disk was setup for 'legacy'/CSM boot.</p>
  591. <p>I used the following steps to convert the existing disk to UEFI boot (while keeping all data on it available).<br>They are inspired by the excellent <a href="http://blog.getreu.net/projects/legacy-to-uefi-boot/" title="Switch Debian from legacy to UEFI boot mode">Switch Debian from legacy to UEFI boot mode</a> guide from <a href="https://blog.getreu.net/" title="Jens Getreu">Jens Getreu</a>.</p>
  592. <ol>
  593. <li>Disable secure boot in the BIOS to allow booting from an USB stick.</li>
  594. <li>Create a bootable USB stick with a Debian live system (see <a href="https://blog.x-way.org/Linux/2024/05/05/Create-a-bootable-Debian-USB-stick-on-macOS.html" title="Create a bootable Debian USB stick on macOS">my previous post</a>)</li>
  595. <li>Boot into the Debian live system</li>
  596. <li>Identify the disk to work on (<code>/dev/nvme0n1</code> in my case)</li>
  597. <li>Convert the partition table from MBR to GPT:
  598. <pre># gdisk /dev/nvme0n1
  599.  
  600. r       recovery and transformation options (experts only)
  601. f       load MBR and build fresh GPT from it
  602. w write table to disk and exit</pre></li>
  603. <li>Install gparted into the Debian live system:
  604. <pre># apt-get install gparted</pre></li>
  605. <li>Create an UEFI partition and a partition for Grub2:
  606. <pre># gparted /dev/nvme0n1</pre>
  607. Resize an existing partition to create space (does not need to be at the beginning of the disk, I used the swap partition).<br>
  608. Create a new 100MB partition for efi (named "Efi partition"), format it as <code>fat32</code> and flag it <code>bootable</code>.<br>
  609. Create a new 50MB partition for Grub2 (named "BIOS boot partition"), keep it unformatted.</li>
  610. <li>Use gdisk to set proper partition codes (<code>EF00</code> for the efi partition and <code>EF02</code> for the Grub2 partition):
  611. <pre># gdisk /dev/nvme0n1
  612.  
  613. p print the partition table
  614. t change a partition's type code
  615. t change a partition's type code
  616. w write table to disk and exit</pre></li>
  617. <li>Chroot into the on-disk root system:
  618. <pre># mount -t ext4 /dev/nvme0n1p1 /mnt
  619. # mkdir /mnt/boot/efi
  620. # mount /dev/nvme0n1p2 /mnt/boot/efi
  621. # mount --bind /sys /mnt/sys
  622. # mount --bind /proc /mnt/proc
  623. # mount --bind /dev /mnt/dev
  624. # mount --bind /dev/pts /mnt/dev/pts
  625. # cp /etc/resolv.conf /mnt/etc/resolv.conf
  626. # chroot /mnt</pre></li>
  627. <li>Update /etc/fstab:
  628. <pre># ls -lisa /dev/disk/by-uuid</pre>
  629. Identify the UUID of the EFI partition (usually in the format <code>XXXX-XXXX</code>) and add a corresponding line to <code>/etc/fstab</code>:
  630. <pre># echo "UUID=XXXX-XXXX /boot/efi vfat defaults 0 2" &gt;&gt; /etc/fstab</pre></li>
  631. <li>Install grub-efi and install Grub2 to the EFI partition:
  632. <pre># apt-get remove grub-pc
  633. # apt-get install grub-efi</pre>
  634. <pre># grub-install /dev/nvme0n1</pre></li>
  635. <li>Exit the chroot and reboot the system:
  636. <pre># exit
  637. # reboot</pre></li>
  638. <li>Select the Debian bootloader (<code>/EFI/debian/grubx64.efi</code>) in the UEFI BIOS and make it the default :-)</li>
  639. </ol>
  640. ]]></description>
  641.    <content:encoded><![CDATA[<p>Due to a hardware failure I had to replace one of my computers (switching from a <a href="https://www.galaxus.ch/de/s1/product/intel-nuc-swift-canyon-nuc6i5syh-intel-core-i5-6260u-barebone-5670885" title="Intel NUC SWIFT CANYON NUC6I5SYH">2015 Intel NUC</a> to a <a href="https://www.galaxus.ch/de/s1/product/dell-optiplex-mff-intel-core-i5-12500t-16-gb-512-gb-ssd-pc-40390750" title="Dell OptiPlex MFF">Dell OptiPlex Micro 7010</a>).<br>
  642. After moving the disk to the new system, it refused to boot (claimed that no bootable drive was available).</p>
  643. <p>Turns out that the new system only supports UEFI booting and the existing disk was setup for 'legacy'/CSM boot.</p>
  644. <p>I used the following steps to convert the existing disk to UEFI boot (while keeping all data on it available).<br>They are inspired by the excellent <a href="http://blog.getreu.net/projects/legacy-to-uefi-boot/" title="Switch Debian from legacy to UEFI boot mode">Switch Debian from legacy to UEFI boot mode</a> guide from <a href="https://blog.getreu.net/" title="Jens Getreu">Jens Getreu</a>.</p>
  645. <ol>
  646. <li>Disable secure boot in the BIOS to allow booting from an USB stick.</li>
  647. <li>Create a bootable USB stick with a Debian live system (see <a href="https://blog.x-way.org/Linux/2024/05/05/Create-a-bootable-Debian-USB-stick-on-macOS.html" title="Create a bootable Debian USB stick on macOS">my previous post</a>)</li>
  648. <li>Boot into the Debian live system</li>
  649. <li>Identify the disk to work on (<code>/dev/nvme0n1</code> in my case)</li>
  650. <li>Convert the partition table from MBR to GPT:
  651. <pre># gdisk /dev/nvme0n1
  652.  
  653. r       recovery and transformation options (experts only)
  654. f       load MBR and build fresh GPT from it
  655. w write table to disk and exit</pre></li>
  656. <li>Install gparted into the Debian live system:
  657. <pre># apt-get install gparted</pre></li>
  658. <li>Create an UEFI partition and a partition for Grub2:
  659. <pre># gparted /dev/nvme0n1</pre>
  660. Resize an existing partition to create space (does not need to be at the beginning of the disk, I used the swap partition).<br>
  661. Create a new 100MB partition for efi (named "Efi partition"), format it as <code>fat32</code> and flag it <code>bootable</code>.<br>
  662. Create a new 50MB partition for Grub2 (named "BIOS boot partition"), keep it unformatted.</li>
  663. <li>Use gdisk to set proper partition codes (<code>EF00</code> for the efi partition and <code>EF02</code> for the Grub2 partition):
  664. <pre># gdisk /dev/nvme0n1
  665.  
  666. p print the partition table
  667. t change a partition's type code
  668. t change a partition's type code
  669. w write table to disk and exit</pre></li>
  670. <li>Chroot into the on-disk root system:
  671. <pre># mount -t ext4 /dev/nvme0n1p1 /mnt
  672. # mkdir /mnt/boot/efi
  673. # mount /dev/nvme0n1p2 /mnt/boot/efi
  674. # mount --bind /sys /mnt/sys
  675. # mount --bind /proc /mnt/proc
  676. # mount --bind /dev /mnt/dev
  677. # mount --bind /dev/pts /mnt/dev/pts
  678. # cp /etc/resolv.conf /mnt/etc/resolv.conf
  679. # chroot /mnt</pre></li>
  680. <li>Update /etc/fstab:
  681. <pre># ls -lisa /dev/disk/by-uuid</pre>
  682. Identify the UUID of the EFI partition (usually in the format <code>XXXX-XXXX</code>) and add a corresponding line to <code>/etc/fstab</code>:
  683. <pre># echo "UUID=XXXX-XXXX /boot/efi vfat defaults 0 2" &gt;&gt; /etc/fstab</pre></li>
  684. <li>Install grub-efi and install Grub2 to the EFI partition:
  685. <pre># apt-get remove grub-pc
  686. # apt-get install grub-efi</pre>
  687. <pre># grub-install /dev/nvme0n1</pre></li>
  688. <li>Exit the chroot and reboot the system:
  689. <pre># exit
  690. # reboot</pre></li>
  691. <li>Select the Debian bootloader (<code>/EFI/debian/grubx64.efi</code>) in the UEFI BIOS and make it the default :-)</li>
  692. </ol>
  693. ]]></content:encoded>
  694.  </item>
  695.  
  696.  <item>
  697.    <title>Create a bootable Debian USB stick on macOS</title>
  698.    <link>https://blog.x-way.org/Linux/2024/05/05/Create-a-bootable-Debian-USB-stick-on-macOS.html</link>
  699.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324353</guid>
  700.    <dc:creator>Andreas Jaggi</dc:creator>
  701.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  702.    <pubDate>Sun, 05 May 2024 14:39:00 +0200</pubDate>
  703.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  704.    <description><![CDATA[<p>Needed to create a bootable Debian USB stick for some maintenance on one of my computers.<br>Here are the steps so I won't have to search for them the next time :-)</p>
  705. <ol>
  706. <li>Download the <a href="https://www.debian.org/CD/live/" title="">Debian live CD image</a></li>
  707. <li>Connect your USB stick and find its device location (/dev/diskX) with: <pre>sudo diskutil list</pre></li>
  708. <li>If needed unmount your USB stick: <pre>sudo diskutil unmountdisk /dev/diskX</pre></li>
  709. <li>Write the downloaded image onto the USB stick: <pre>sudo dd if=./debian-live-12.5.0-amd64-standard.iso of=/dev/diskX bs=1m</pre></li>
  710. </ol>
  711. ]]></description>
  712.    <content:encoded><![CDATA[<p>Needed to create a bootable Debian USB stick for some maintenance on one of my computers.<br>Here are the steps so I won't have to search for them the next time :-)</p>
  713. <ol>
  714. <li>Download the <a href="https://www.debian.org/CD/live/" title="">Debian live CD image</a></li>
  715. <li>Connect your USB stick and find its device location (/dev/diskX) with: <pre>sudo diskutil list</pre></li>
  716. <li>If needed unmount your USB stick: <pre>sudo diskutil unmountdisk /dev/diskX</pre></li>
  717. <li>Write the downloaded image onto the USB stick: <pre>sudo dd if=./debian-live-12.5.0-amd64-standard.iso of=/dev/diskX bs=1m</pre></li>
  718. </ol>
  719. ]]></content:encoded>
  720.  </item>
  721.  
  722.  <item>
  723.    <title>Tiny Fragments</title>
  724.    <link>https://blog.x-way.org/Misc/2024/04/24/Tiny-Fragments.html</link>
  725.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324352</guid>
  726.    <dc:creator>Andreas Jaggi</dc:creator>
  727.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  728.    <pubDate>Wed, 24 Apr 2024 21:58:00 +0200</pubDate>
  729.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  730.    <description><![CDATA[<p><a href="https://daz.itch.io/tiny-fragments" title="Tiny Fragments by Daniel Moreno">Tiny Fragments</a> is a fun little puzzle game made by <a href="https://www.dazlog.com/" title="Dazlog">Daniel Moreno</a> (<a href="https://gigold.me/links/game-tiny-fragments" title="Game: Tiny Fragments | Thomas Gigold">via</a>)</p>
  731. <img src="https://blog.x-way.org/images/tiny-fragments.png" height="230" width="400" alt="Tiny Fragments - The Tree">
  732. ]]></description>
  733.    <content:encoded><![CDATA[<p><a href="https://daz.itch.io/tiny-fragments" title="Tiny Fragments by Daniel Moreno">Tiny Fragments</a> is a fun little puzzle game made by <a href="https://www.dazlog.com/" title="Dazlog">Daniel Moreno</a> (<a href="https://gigold.me/links/game-tiny-fragments" title="Game: Tiny Fragments | Thomas Gigold">via</a>)</p>
  734. <img src="https://blog.x-way.org/images/tiny-fragments.png" height="230" width="400" alt="Tiny Fragments - The Tree">
  735. ]]></content:encoded>
  736.  </item>
  737.  
  738.  <item>
  739.    <title>Testing HTML with modern CSS</title>
  740.    <link>https://blog.x-way.org/Webdesign/2024/04/23/Testing-HTML-with-modern-CSS.html</link>
  741.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324351</guid>
  742.    <dc:creator>Andreas Jaggi</dc:creator>
  743.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  744.    <pubDate>Tue, 23 Apr 2024 00:30:00 +0200</pubDate>
  745.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  746.    <description><![CDATA[<p>Interesting article explaining how to test HTML with visual CSS highlighting: <a href="https://heydonworks.com/article/testing-html-with-modern-css/" title="Testing HTML with modern CSS: HeydonWorks">Testing HTML with modern CSS</a> (<a href="https://couchblog.de/blog/2024/04/22/links/" title="Links | Couchblog">via</a>)</p>
  747. ]]></description>
  748.    <content:encoded><![CDATA[<p>Interesting article explaining how to test HTML with visual CSS highlighting: <a href="https://heydonworks.com/article/testing-html-with-modern-css/" title="Testing HTML with modern CSS: HeydonWorks">Testing HTML with modern CSS</a> (<a href="https://couchblog.de/blog/2024/04/22/links/" title="Links | Couchblog">via</a>)</p>
  749. ]]></content:encoded>
  750.  </item>
  751.  
  752.  <item>
  753.    <title>Print HTTP Headers and Pretty-Print JSON Response</title>
  754.    <link>https://blog.x-way.org/Linux/2024/04/15/Print-HTTP-Headers-and-Pretty-Print-JSON-Response.html</link>
  755.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324350</guid>
  756.    <dc:creator>Andreas Jaggi</dc:creator>
  757.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  758.    <pubDate>Mon, 15 Apr 2024 09:37:00 +0200</pubDate>
  759.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  760.    <description><![CDATA[<p>In the <a href="https://susam.net/pretty-print-json-response-with-http-headers.html" title="Print HTTP Headers and Pretty-Print JSON Response - Susam Pal">Print HTTP Headers and Pretty-Print JSON Response</a> post, <a href="https://susam.net/" title="Susam Pal">Susam Pal</a> shows a nice trick to pretty-print JSON output with jq from curl while also showing the HTTP response headers (using stderr):</p>
  761. <pre>curl -sSD /dev/stderr https://some-URL-returning-JSON | jq .</pre>
  762. ]]></description>
  763.    <content:encoded><![CDATA[<p>In the <a href="https://susam.net/pretty-print-json-response-with-http-headers.html" title="Print HTTP Headers and Pretty-Print JSON Response - Susam Pal">Print HTTP Headers and Pretty-Print JSON Response</a> post, <a href="https://susam.net/" title="Susam Pal">Susam Pal</a> shows a nice trick to pretty-print JSON output with jq from curl while also showing the HTTP response headers (using stderr):</p>
  764. <pre>curl -sSD /dev/stderr https://some-URL-returning-JSON | jq .</pre>
  765. ]]></content:encoded>
  766.  </item>
  767.  
  768.  <item>
  769.    <title>Modern Git Commands and Features You Should Be Using</title>
  770.    <link>https://blog.x-way.org/Coding/2024/04/13/Modern-Git-Commands-and-Features-You-Should-Be-Using.html</link>
  771.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324349</guid>
  772.    <dc:creator>Andreas Jaggi</dc:creator>
  773.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  774.    <pubDate>Sat, 13 Apr 2024 20:37:00 +0200</pubDate>
  775.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  776.    <description><![CDATA[<p><a href="https://martinheinz.dev/blog/109" title="Modern Git Commands and Features You Should Be Using | Martin Heinz | Personal Website &amp; Blog">Modern Git Commands and Features You Should Be Using</a> &mdash; a short article from <a href="https://martinheinz.dev/" title="Martin Heinz | Personal Website &amp; Blog">Martin Heinz</a> about some new-ish (&gt;2018) features in <a href="https://git-scm.com/" title="Git">Git</a>, that 'can make your life so much easier'.</p>
  777. <p>TL;DR:</p>
  778. <ul>
  779. <li><code>git switch &lt;branchname&gt;</code></li>
  780. <li><code>git restore --staged &lt;somefile&gt;</code></li>
  781. <li><code>git restore --source &lt;commit&gt; &lt;somefile&gt;</code></li>
  782. <li><code>git sparse-checkout</code></li>
  783. <li><code>git worktree</code></li>
  784. <li><code>git bisect</code></li>
  785. </ul>
  786. <p>Similar post from five years ago: <a href="https://blog.x-way.org/Coding/2019/05/25/More-productive-Git.html" title="More productive Git - x-log">More productive Git</a></p>
  787. ]]></description>
  788.    <content:encoded><![CDATA[<p><a href="https://martinheinz.dev/blog/109" title="Modern Git Commands and Features You Should Be Using | Martin Heinz | Personal Website &amp; Blog">Modern Git Commands and Features You Should Be Using</a> &mdash; a short article from <a href="https://martinheinz.dev/" title="Martin Heinz | Personal Website &amp; Blog">Martin Heinz</a> about some new-ish (&gt;2018) features in <a href="https://git-scm.com/" title="Git">Git</a>, that 'can make your life so much easier'.</p>
  789. <p>TL;DR:</p>
  790. <ul>
  791. <li><code>git switch &lt;branchname&gt;</code></li>
  792. <li><code>git restore --staged &lt;somefile&gt;</code></li>
  793. <li><code>git restore --source &lt;commit&gt; &lt;somefile&gt;</code></li>
  794. <li><code>git sparse-checkout</code></li>
  795. <li><code>git worktree</code></li>
  796. <li><code>git bisect</code></li>
  797. </ul>
  798. <p>Similar post from five years ago: <a href="https://blog.x-way.org/Coding/2019/05/25/More-productive-Git.html" title="More productive Git - x-log">More productive Git</a></p>
  799. ]]></content:encoded>
  800.  </item>
  801.  
  802.  <item>
  803.    <title>NTP IPs</title>
  804.    <link>https://blog.x-way.org/Networking/2024/04/11/NTP-IPs.html</link>
  805.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324348</guid>
  806.    <dc:creator>Andreas Jaggi</dc:creator>
  807.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  808.    <pubDate>Thu, 11 Apr 2024 21:41:00 +0200</pubDate>
  809.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  810.    <description><![CDATA[<p>This <a href="https://rachelbythebay.com/w/2024/04/10/rtc/" title="Going in circles without a real-time clock">post</a> from Rachel, reminded me of my own struggle with a Raspberry Pi and time (and yes, I did run into the same DNSSEC problem).<br>I first tried a RTC shield, but this didn't fully solve all problems.</p>
  811. <p>My workaround in the end is to use two fixed IP addresses in ntp.conf in additon to the usual pool servers.<br>Thanks ${previous employer} for not changing the IPs of your public NTP servers so far :-)</p>
  812. ]]></description>
  813.    <content:encoded><![CDATA[<p>This <a href="https://rachelbythebay.com/w/2024/04/10/rtc/" title="Going in circles without a real-time clock">post</a> from Rachel, reminded me of my own struggle with a Raspberry Pi and time (and yes, I did run into the same DNSSEC problem).<br>I first tried a RTC shield, but this didn't fully solve all problems.</p>
  814. <p>My workaround in the end is to use two fixed IP addresses in ntp.conf in additon to the usual pool servers.<br>Thanks ${previous employer} for not changing the IPs of your public NTP servers so far :-)</p>
  815. ]]></content:encoded>
  816.  </item>
  817.  
  818.  <item>
  819.    <title>Back on native IPv6</title>
  820.    <link>https://blog.x-way.org/Networking/2024/04/10/Back-on-native-IPv6.html</link>
  821.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324347</guid>
  822.    <dc:creator>Andreas Jaggi</dc:creator>
  823.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  824.    <pubDate>Wed, 10 Apr 2024 20:28:00 +0200</pubDate>
  825.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  826.    <description><![CDATA[<p>As hinted at in my <a href="https://blog.x-way.org/Networking/2024/04/10/SixSpotting-still-going-on.html" title="SixSpotting still going on - x-log">previous post</a>, Solnet is delivering native IPv6 Internet again.</p>
  827. <p>Shortly after 23h on March 26th there was a brief interruption of the Internet uplink and afterwards my router started receiving an IPv6 address again.<br>My <a href="https://blog.x-way.org/Networking/2024/02/25/Tunnelbroker-to-the-rescue.html" title="Tunnelbroker to the rescue - x-log">support ticket with Solnet</a> is still unanswered, but at least IPv6 is back :-)</p>
  828. ]]></description>
  829.    <content:encoded><![CDATA[<p>As hinted at in my <a href="https://blog.x-way.org/Networking/2024/04/10/SixSpotting-still-going-on.html" title="SixSpotting still going on - x-log">previous post</a>, Solnet is delivering native IPv6 Internet again.</p>
  830. <p>Shortly after 23h on March 26th there was a brief interruption of the Internet uplink and afterwards my router started receiving an IPv6 address again.<br>My <a href="https://blog.x-way.org/Networking/2024/02/25/Tunnelbroker-to-the-rescue.html" title="Tunnelbroker to the rescue - x-log">support ticket with Solnet</a> is still unanswered, but at least IPv6 is back :-)</p>
  831. ]]></content:encoded>
  832.  </item>
  833.  
  834.  <item>
  835.    <title>SixSpotting still going on</title>
  836.    <link>https://blog.x-way.org/Networking/2024/04/10/SixSpotting-still-going-on.html</link>
  837.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324346</guid>
  838.    <dc:creator>Andreas Jaggi</dc:creator>
  839.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  840.    <pubDate>Wed, 10 Apr 2024 19:05:00 +0200</pubDate>
  841.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  842.    <description><![CDATA[<p>While browsing through the archives I stumbled upon the <a href="https://blog.x-way.org/Networking/2014/11/02/SixSpotting.html" title="SixSpotting - x-log">SixSpotting post</a> from 2014.<br>Turns out <a href="https://game.flyingpenguintech.org/" title="SixSpotting">the game</a> is still working and after some failed attempts I managed to remember my account name and log in.<br>I guess it must look quite strange to see a burst of new checkins after almost 10 years &#x1F604;</p>
  843. <p><img src="https://blog.x-way.org/images/sixspotting-2024.png" width="420" height="87" alt="My last 5 SixSpotting checkins" /></p>
  844. ]]></description>
  845.    <content:encoded><![CDATA[<p>While browsing through the archives I stumbled upon the <a href="https://blog.x-way.org/Networking/2014/11/02/SixSpotting.html" title="SixSpotting - x-log">SixSpotting post</a> from 2014.<br>Turns out <a href="https://game.flyingpenguintech.org/" title="SixSpotting">the game</a> is still working and after some failed attempts I managed to remember my account name and log in.<br>I guess it must look quite strange to see a burst of new checkins after almost 10 years &#x1F604;</p>
  846. <p><img src="https://blog.x-way.org/images/sixspotting-2024.png" width="420" height="87" alt="My last 5 SixSpotting checkins" /></p>
  847. ]]></content:encoded>
  848.  </item>
  849.  
  850.  <item>
  851.    <title>humans.txt</title>
  852.    <link>https://blog.x-way.org/Webdesign/2024/04/07/humans-txt.html</link>
  853.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324345</guid>
  854.    <dc:creator>Andreas Jaggi</dc:creator>
  855.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  856.    <pubDate>Sun, 07 Apr 2024 19:10:00 +0200</pubDate>
  857.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  858.    <description><![CDATA[<p>After following a couple links from the article linked in the previous blogpost, I ended up reading the <a href="https://shellsharks.com/notes/2023/08/15/website-component-checklist" title="Website Component Checklis">Website Component Checklist</a> from <a href="https://shellsharks.com/about" title="Mike Sass">Mike Sass</a>.<br>It provides again a lot of inspiration for things to add to my weblog.<br>What intrigued me today on the list was <a href="https://web.archive.org/web/20240330061550/https://humanstxt.org/" title="Humans TXT: We Are People, Not Machines.">humans.txt</a>, which is an initiative for knowing the people behing a website.</p>
  859. <p>Thus I've now added the following <a href="https://blog.x-way.org/humans.txt" title="x-log - Humans TXT">humans.txt</a>.</p>
  860. ]]></description>
  861.    <content:encoded><![CDATA[<p>After following a couple links from the article linked in the previous blogpost, I ended up reading the <a href="https://shellsharks.com/notes/2023/08/15/website-component-checklist" title="Website Component Checklis">Website Component Checklist</a> from <a href="https://shellsharks.com/about" title="Mike Sass">Mike Sass</a>.<br>It provides again a lot of inspiration for things to add to my weblog.<br>What intrigued me today on the list was <a href="https://web.archive.org/web/20240330061550/https://humanstxt.org/" title="Humans TXT: We Are People, Not Machines.">humans.txt</a>, which is an initiative for knowing the people behing a website.</p>
  862. <p>Thus I've now added the following <a href="https://blog.x-way.org/humans.txt" title="x-log - Humans TXT">humans.txt</a>.</p>
  863. ]]></content:encoded>
  864.  </item>
  865.  
  866.  <item>
  867.    <title>100 more things you can do with your personal website</title>
  868.    <link>https://blog.x-way.org/Misc/2024/04/07/100-more-things-you-can-do-with-your-personal-website.html</link>
  869.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324344</guid>
  870.    <dc:creator>Andreas Jaggi</dc:creator>
  871.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  872.    <pubDate>Sun, 07 Apr 2024 17:32:00 +0200</pubDate>
  873.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  874.    <description><![CDATA[<p><a href="https://jamesg.blog/2024/03/10/100-more-personal-website-ideas/" title="100 (more) things you can do with your personal website | James' Coffee Blog">100 more things you can do with your personal website</a> &mdash; a follow-up to the <a href="https://blog.x-way.org/Misc/2024/03/07/100-things-you-can-do-on-your-personal-website.html" title="x-log - 100 things you can do on your personal website">popular post</a> from last month :-)</p>
  875. ]]></description>
  876.    <content:encoded><![CDATA[<p><a href="https://jamesg.blog/2024/03/10/100-more-personal-website-ideas/" title="100 (more) things you can do with your personal website | James' Coffee Blog">100 more things you can do with your personal website</a> &mdash; a follow-up to the <a href="https://blog.x-way.org/Misc/2024/03/07/100-things-you-can-do-on-your-personal-website.html" title="x-log - 100 things you can do on your personal website">popular post</a> from last month :-)</p>
  877. ]]></content:encoded>
  878.  </item>
  879.  
  880.  <item>
  881.    <title>Dog Poo Golf</title>
  882.    <link>https://blog.x-way.org/Misc/2024/04/03/Dog-Poo-Golf.html</link>
  883.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324343</guid>
  884.    <dc:creator>Andreas Jaggi</dc:creator>
  885.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  886.    <pubDate>Wed, 03 Apr 2024 08:03:00 +0200</pubDate>
  887.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  888.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/dog-poo-golf.png" width="480" height="347" alt="Dog Poo Golf start screen" /></p>
  889. <p><a href="https://vole.wtf/dog-poo-golf/" title="Dog Poo Golf &#x1F436;&#x1F4A9;&#x26F3;">Dog Poo Golf</a>, a Wii Sports Golf-style browser game (with the music!) where you fling dog poop bags into a garbage can. &#x1F436;&#x1F4A9;&#x26F3; (<a href="https://kottke.org/24/04/0044297-dog-poo-golf-a-wii" title="kottke.org - Dog Poo Golf">via kottke.org</a>)</p>
  890. ]]></description>
  891.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/dog-poo-golf.png" width="480" height="347" alt="Dog Poo Golf start screen" /></p>
  892. <p><a href="https://vole.wtf/dog-poo-golf/" title="Dog Poo Golf &#x1F436;&#x1F4A9;&#x26F3;">Dog Poo Golf</a>, a Wii Sports Golf-style browser game (with the music!) where you fling dog poop bags into a garbage can. &#x1F436;&#x1F4A9;&#x26F3; (<a href="https://kottke.org/24/04/0044297-dog-poo-golf-a-wii" title="kottke.org - Dog Poo Golf">via kottke.org</a>)</p>
  893. ]]></content:encoded>
  894.  </item>
  895.  
  896.  <item>
  897.    <title>Puppet updated!</title>
  898.    <link>https://blog.x-way.org/Linux/2024/03/30/Puppet-updated.html</link>
  899.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324342</guid>
  900.    <dc:creator>Andreas Jaggi</dc:creator>
  901.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  902.    <pubDate>Sat, 30 Mar 2024 13:03:00 +0100</pubDate>
  903.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  904.    <description><![CDATA[<p>Yay! Successfully updated my <a href="https://www.puppet.com/docs/puppet/8/server/about_server.html" title="About Puppet Server">Puppet Server</a> setup from 5.3.7 to 8.4.0 &#x1f389;</p>
  905. <p>It was quite a step (5.3.7 was released in January 2019) and as expected 3 major version bumps came with a couple changes.</p>
  906. <p>I opted to re-create the PuppetDB and CA stores from scratch (to avoid having to migrate 5 years of data schema changes, and the CA cert is now also valid for a couple more years again).</p>
  907. <p>To make the old manifests and modules work with the new versions, quite some effort was needed. This included rewriting some no longer maintained modules to use newer stdlib and concat libraries, updating a couple modules from the puppet forge (with the bonus that my puppet server runs airgapped and I had to use the download-tar-copy-extract way to install them) and fixing no longer valid syntax here and there in my custom manifests. Overall I spent about 5 hours on it (and have now a recurring reminder to update puppet more often to make this process less painful).</p>
  908. <p>Helpful as usual were the resources from <a href="https://voxpupuli.org/" title="Vox Pupuli">Vox Pupuli</a>, in particular the <a href="https://hub.docker.com/r/voxpupuli/container-puppetserver" title="Voxpupuli Puppet Server container">Puppet Server</a> and <a href="https://hub.docker.com/r/voxpupuli/container-puppetdb" title="Voxpupuli PuppetDB container">PuppetDB</a> Docker images and the <a href="https://github.com/voxpupuli/crafty/" title="voxpupuli/crafty: CRAFTY - Containerized Resources And Funky Tools (in) YAML">CRAFTY repo</a> which contains a fully self-contained Docker Compose setup very similar to what I'm running.</p>
  909. <p>Some commands that came in handy:</p>
  910. <p><code>puppet config print ssldir --section agent</code><br>
  911. Returns the path of the TLS config folder on the client. Useful during a CA change (where you <code>rm -rf</code> the whole folder and then request a new TLS certificate).</p>
  912. <p><code>puppet agent -t --noop</code><br>
  913. Dry-run the changes on the client (it does request a new TLS cert though!). Shows a nice diff of the changes it would do to files, helpful to validate that a manifest still behaves the same in the new version.</p>
  914. ]]></description>
  915.    <content:encoded><![CDATA[<p>Yay! Successfully updated my <a href="https://www.puppet.com/docs/puppet/8/server/about_server.html" title="About Puppet Server">Puppet Server</a> setup from 5.3.7 to 8.4.0 &#x1f389;</p>
  916. <p>It was quite a step (5.3.7 was released in January 2019) and as expected 3 major version bumps came with a couple changes.</p>
  917. <p>I opted to re-create the PuppetDB and CA stores from scratch (to avoid having to migrate 5 years of data schema changes, and the CA cert is now also valid for a couple more years again).</p>
  918. <p>To make the old manifests and modules work with the new versions, quite some effort was needed. This included rewriting some no longer maintained modules to use newer stdlib and concat libraries, updating a couple modules from the puppet forge (with the bonus that my puppet server runs airgapped and I had to use the download-tar-copy-extract way to install them) and fixing no longer valid syntax here and there in my custom manifests. Overall I spent about 5 hours on it (and have now a recurring reminder to update puppet more often to make this process less painful).</p>
  919. <p>Helpful as usual were the resources from <a href="https://voxpupuli.org/" title="Vox Pupuli">Vox Pupuli</a>, in particular the <a href="https://hub.docker.com/r/voxpupuli/container-puppetserver" title="Voxpupuli Puppet Server container">Puppet Server</a> and <a href="https://hub.docker.com/r/voxpupuli/container-puppetdb" title="Voxpupuli PuppetDB container">PuppetDB</a> Docker images and the <a href="https://github.com/voxpupuli/crafty/" title="voxpupuli/crafty: CRAFTY - Containerized Resources And Funky Tools (in) YAML">CRAFTY repo</a> which contains a fully self-contained Docker Compose setup very similar to what I'm running.</p>
  920. <p>Some commands that came in handy:</p>
  921. <p><code>puppet config print ssldir --section agent</code><br>
  922. Returns the path of the TLS config folder on the client. Useful during a CA change (where you <code>rm -rf</code> the whole folder and then request a new TLS certificate).</p>
  923. <p><code>puppet agent -t --noop</code><br>
  924. Dry-run the changes on the client (it does request a new TLS cert though!). Shows a nice diff of the changes it would do to files, helpful to validate that a manifest still behaves the same in the new version.</p>
  925. ]]></content:encoded>
  926.  </item>
  927.  
  928.  <item>
  929.    <title>Linux Crisis Tools</title>
  930.    <link>https://blog.x-way.org/Linux/2024/03/25/Linux-Crisis-Tools.html</link>
  931.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324341</guid>
  932.    <dc:creator>Andreas Jaggi</dc:creator>
  933.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  934.    <pubDate>Mon, 25 Mar 2024 21:45:00 +0100</pubDate>
  935.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  936.    <description><![CDATA[<p><a href="https://www.brendangregg.com/" title="Brendan Gregg's Homepage">Brendan Gregg</a> posted the following <a href="https://www.brendangregg.com/blog/2024-03-24/linux-crisis-tools.html" title="Linux Crisis Tools">list of 'crisis tools'</a> which you should install on your Linux servers by default (so they are available when an incident happens).</p>
  937. <table>
  938. <tr><th>Package</th><th>Provides</th><th>Notes</th></tr>
  939. <tr><td>procps</td><td>ps(1), vmstat(8), uptime(1), top(1)</td><td>basic stats</td></tr>
  940. <tr><td>util-linux</td><td>dmesg(1), lsblk(1), lscpu(1)</td><td>system log, device info</td></tr>
  941. <tr><td>sysstat</td><td>iostat(1), mpstat(1), pidstat(1), sar(1)</td><td>device stats</td></tr>
  942. <tr><td>iproute2</td><td>ip(8), ss(8), nstat(8), tc(8)</td><td>preferred net tools</td></tr>
  943. <tr><td>numactl</td><td>numastat(8)</td><td>NUMA stats</td></tr>
  944. <tr><td>tcpdump</td><td>tcpdump(8)</td><td>Network sniffer</td></tr>
  945. <tr><td>linux-tools-common<br>linux-tools-$(uname -r)</td><td>perf(1), turbostat(8)</td><td>profiler and PMU stats</td></tr>
  946. <tr><td>bpfcc-tools (bcc)</td><td>opensnoop(8), execsnoop(8), runqlat(8), softirqs(8),<br>hardirqs(8), ext4slower(8), ext4dist(8), biotop(8),<br>biosnoop(8), biolatency(8), tcptop(8), tcplife(8),<br>trace(8), argdist(8), funccount(8), profile(8), etc.</td><td>canned eBPF tools[1]</td></tr>
  947. <tr><td>bpftrace</td><td>bpftrace, basic versions of opensnoop(8),<br>execsnoop(8), runqlat(8), biosnoop(8), etc.</td><td>eBPF scripting[1]</td></tr>
  948. <tr><td>trace-cmd</td><td>trace-cmd(1)</td><td>Ftrace CLI</td></tr>
  949. <tr><td>nicstat</td><td>nicstat(1)</td><td>net device stats</td></tr>
  950. <tr><td>ethtool</td><td>ethtool(8)</td><td>net device info</td></tr>
  951. <tr><td>tiptop</td><td>tiptop(1)</td><td>PMU/PMC top</td></tr>
  952. <tr><td>cpuid</td><td>cpuid(1)</td><td>CPU details</td></tr>
  953. <tr><td>msr-tools</td><td>rdmsr(8), wrmsr(8)</td><td>CPU digging</td></tr>
  954. </table>
  955. ]]></description>
  956.    <content:encoded><![CDATA[<p><a href="https://www.brendangregg.com/" title="Brendan Gregg's Homepage">Brendan Gregg</a> posted the following <a href="https://www.brendangregg.com/blog/2024-03-24/linux-crisis-tools.html" title="Linux Crisis Tools">list of 'crisis tools'</a> which you should install on your Linux servers by default (so they are available when an incident happens).</p>
  957. <table>
  958. <tr><th>Package</th><th>Provides</th><th>Notes</th></tr>
  959. <tr><td>procps</td><td>ps(1), vmstat(8), uptime(1), top(1)</td><td>basic stats</td></tr>
  960. <tr><td>util-linux</td><td>dmesg(1), lsblk(1), lscpu(1)</td><td>system log, device info</td></tr>
  961. <tr><td>sysstat</td><td>iostat(1), mpstat(1), pidstat(1), sar(1)</td><td>device stats</td></tr>
  962. <tr><td>iproute2</td><td>ip(8), ss(8), nstat(8), tc(8)</td><td>preferred net tools</td></tr>
  963. <tr><td>numactl</td><td>numastat(8)</td><td>NUMA stats</td></tr>
  964. <tr><td>tcpdump</td><td>tcpdump(8)</td><td>Network sniffer</td></tr>
  965. <tr><td>linux-tools-common<br>linux-tools-$(uname -r)</td><td>perf(1), turbostat(8)</td><td>profiler and PMU stats</td></tr>
  966. <tr><td>bpfcc-tools (bcc)</td><td>opensnoop(8), execsnoop(8), runqlat(8), softirqs(8),<br>hardirqs(8), ext4slower(8), ext4dist(8), biotop(8),<br>biosnoop(8), biolatency(8), tcptop(8), tcplife(8),<br>trace(8), argdist(8), funccount(8), profile(8), etc.</td><td>canned eBPF tools[1]</td></tr>
  967. <tr><td>bpftrace</td><td>bpftrace, basic versions of opensnoop(8),<br>execsnoop(8), runqlat(8), biosnoop(8), etc.</td><td>eBPF scripting[1]</td></tr>
  968. <tr><td>trace-cmd</td><td>trace-cmd(1)</td><td>Ftrace CLI</td></tr>
  969. <tr><td>nicstat</td><td>nicstat(1)</td><td>net device stats</td></tr>
  970. <tr><td>ethtool</td><td>ethtool(8)</td><td>net device info</td></tr>
  971. <tr><td>tiptop</td><td>tiptop(1)</td><td>PMU/PMC top</td></tr>
  972. <tr><td>cpuid</td><td>cpuid(1)</td><td>CPU details</td></tr>
  973. <tr><td>msr-tools</td><td>rdmsr(8), wrmsr(8)</td><td>CPU digging</td></tr>
  974. </table>
  975. ]]></content:encoded>
  976.  </item>
  977.  
  978.  <item>
  979.    <title>Installing the AREDN firmware on a MikroTik hAP ac lite</title>
  980.    <link>https://blog.x-way.org/Radio/2024/03/24/Installing-the-AREDN-firmware-on-a-MikroTik-hAP-ac-lite.html</link>
  981.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324340</guid>
  982.    <dc:creator>Andreas Jaggi</dc:creator>
  983.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  984.    <pubDate>Sun, 24 Mar 2024 14:26:00 +0100</pubDate>
  985.    <category domain="https://blog.x-way.org/Radio">Radio</category>
  986.    <description><![CDATA[<p>At the recent <a href="http://hb9tf.ch" title="Tango Foxtrott Wireless Society HB9TF">HB9TF</a> AGM fellow radio amateur <a href="https://medium.com/@hb9gvm" title="Martin Suess (HB9GVM)">HB9GVM</a> gave an introductory presentation about <a href="https://www.arednmesh.org/" title="Amateur Radio Emergency Data Network">AREDN</a>.</p>
  987. <p>Motivated by this, I ordered a <a href="https://mikrotik.com/product/RB952Ui-5ac2nD" title="MikroTik hAP ac lite">MikroTik hAP ac lite</a> and installed the AREDN firmware on it.<br>The following are my notes of the installation process.</p>
  988. <ol>
  989. <li>Download the firmware images for the MikroTik hAP ac lite from <a href="http://downloads.arednmesh.org/afs/www/" title="AREDN Firmware Selector">http://downloads.arednmesh.org/afs/www/</a> (both the *kernel.bin and *sysupgrade.bin are needed)</li>
  990. <li>Install <a href="https://thekelleys.org.uk/dnsmasq/doc.html" title="Dnsmasq - network services for small networks">Dnsmasq</a> as a PXE server on Mac OS: <pre>brew install dnsmasq</pre></li>
  991. <li>Setup the *kernel.bin for PXE: <pre>mkdir tftp-root
  992. cp $HOME/Downloads/aredn-3.23.12.0-ath79-mikrotik-mikrotik_routerboard-952ui-5ac2nd-initramfs-kernel.bin tftp-root/rb.elf</pre></li>
  993. <li>Connect a Ethernet dongle and configure it with this static IP: 192.168.1.10/24</li>
  994. <li>Run dnsmasq as a PXE server listening on the network interface of the Ethernet dongle: <pre>ifconfig en6 # use to check that IP is configured
  995. sudo dnsmasq -i en6 -u $(whoami) --log-dhcp --bootp-dynamic --dhcp-range=192.168.1.100,192.168.1.200 -d -p0 -K --dhcp-boot=rb.elf --enable-tftp --tftp-root=$(pwd)/tftp-root/</pre></li>
  996. <li>Power off the hAP ac lite and connect the Ethernet dongle to port 1 (<strong>PXE booting only seems to work on this port!</strong>)</li>
  997. <li>Press the reset button on the hAP ac lite, power it on and keep the button pressed for about 20 seconds (there is some output of dnsmask once the PXE booting is in progress)</li>
  998. <li>Wait until the hAP ac lite stops blinking and the LEDs are steady again (it also issues a new DHCP request via port1, but this time no PXE booting).</li>
  999. <li>Move the cable to port 2 (the AREDN default config for the MikroTik hAP ac lite uses port 1 for the Internet uplink, and port 2 for the 'inside' local network).</li>
  1000. <li>Test that you can ping the inside IP of the AREDN node: <pre>ping 192.168.1.1</pre></li>
  1001. <li>Open the admin page on <code>http://192.168.1.1/cgi-bin/admin</code> (Username is <code>root</code> and password is <code>hsmm</code>).</li>
  1002. <li>In the Firmware Update section, click on 'Upload Firmware' and select the previously downloaded sysupgrade.bin file.</li>
  1003. <li>Wait until a reboot has happened twice (it takes a couple minutes!) to complete the installation.</li>
  1004. <li>Open <code>http://192.168.1.1</code> &ndash; congratulations, you now have a freshly installed (and not yet configured) AREDN node :-)</li>
  1005. </ol>
  1006. ]]></description>
  1007.    <content:encoded><![CDATA[<p>At the recent <a href="http://hb9tf.ch" title="Tango Foxtrott Wireless Society HB9TF">HB9TF</a> AGM fellow radio amateur <a href="https://medium.com/@hb9gvm" title="Martin Suess (HB9GVM)">HB9GVM</a> gave an introductory presentation about <a href="https://www.arednmesh.org/" title="Amateur Radio Emergency Data Network">AREDN</a>.</p>
  1008. <p>Motivated by this, I ordered a <a href="https://mikrotik.com/product/RB952Ui-5ac2nD" title="MikroTik hAP ac lite">MikroTik hAP ac lite</a> and installed the AREDN firmware on it.<br>The following are my notes of the installation process.</p>
  1009. <ol>
  1010. <li>Download the firmware images for the MikroTik hAP ac lite from <a href="http://downloads.arednmesh.org/afs/www/" title="AREDN Firmware Selector">http://downloads.arednmesh.org/afs/www/</a> (both the *kernel.bin and *sysupgrade.bin are needed)</li>
  1011. <li>Install <a href="https://thekelleys.org.uk/dnsmasq/doc.html" title="Dnsmasq - network services for small networks">Dnsmasq</a> as a PXE server on Mac OS: <pre>brew install dnsmasq</pre></li>
  1012. <li>Setup the *kernel.bin for PXE: <pre>mkdir tftp-root
  1013. cp $HOME/Downloads/aredn-3.23.12.0-ath79-mikrotik-mikrotik_routerboard-952ui-5ac2nd-initramfs-kernel.bin tftp-root/rb.elf</pre></li>
  1014. <li>Connect a Ethernet dongle and configure it with this static IP: 192.168.1.10/24</li>
  1015. <li>Run dnsmasq as a PXE server listening on the network interface of the Ethernet dongle: <pre>ifconfig en6 # use to check that IP is configured
  1016. sudo dnsmasq -i en6 -u $(whoami) --log-dhcp --bootp-dynamic --dhcp-range=192.168.1.100,192.168.1.200 -d -p0 -K --dhcp-boot=rb.elf --enable-tftp --tftp-root=$(pwd)/tftp-root/</pre></li>
  1017. <li>Power off the hAP ac lite and connect the Ethernet dongle to port 1 (<strong>PXE booting only seems to work on this port!</strong>)</li>
  1018. <li>Press the reset button on the hAP ac lite, power it on and keep the button pressed for about 20 seconds (there is some output of dnsmask once the PXE booting is in progress)</li>
  1019. <li>Wait until the hAP ac lite stops blinking and the LEDs are steady again (it also issues a new DHCP request via port1, but this time no PXE booting).</li>
  1020. <li>Move the cable to port 2 (the AREDN default config for the MikroTik hAP ac lite uses port 1 for the Internet uplink, and port 2 for the 'inside' local network).</li>
  1021. <li>Test that you can ping the inside IP of the AREDN node: <pre>ping 192.168.1.1</pre></li>
  1022. <li>Open the admin page on <code>http://192.168.1.1/cgi-bin/admin</code> (Username is <code>root</code> and password is <code>hsmm</code>).</li>
  1023. <li>In the Firmware Update section, click on 'Upload Firmware' and select the previously downloaded sysupgrade.bin file.</li>
  1024. <li>Wait until a reboot has happened twice (it takes a couple minutes!) to complete the installation.</li>
  1025. <li>Open <code>http://192.168.1.1</code> &ndash; congratulations, you now have a freshly installed (and not yet configured) AREDN node :-)</li>
  1026. </ol>
  1027. ]]></content:encoded>
  1028.  </item>
  1029.  
  1030.  <item>
  1031.    <title>Fifty Things you can do with a Software Defined Radio 📻</title>
  1032.    <link>https://blog.x-way.org/Radio/2024/03/17/Fifty-Things-you-can-do-with-a-Software-Defined-Radio.html</link>
  1033.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324339</guid>
  1034.    <dc:creator>Andreas Jaggi</dc:creator>
  1035.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1036.    <pubDate>Sun, 17 Mar 2024 09:50:00 +0100</pubDate>
  1037.    <category domain="https://blog.x-way.org/Radio">Radio</category>
  1038.    <description><![CDATA[<p><a href="https://blinry.org/50-things-with-sdr/" title="Fifty Things you can do with a Software Defined Radio">Fifty Things you can do with a Software Defined Radio 📻</a> &mdash; some cool SDR things to do (have done already some of them and more with my <a href="http://hb9tf.ch" title="Tango Foxtrott Wireless Society HB9TF">HB9TF</a> friends :-)</p>
  1039. <p>(<a href="https://news.ycombinator.com/item?id=39728153" title="Fifty Things you can do with a Software Defined Radio | Hacker News">via</a>)</p>
  1040. <p>Also using this post to introduce a new category: <b><a href="https://blog.x-way.org/Radio/" title="x-log - Radio">Radio</a></b><br>
  1041. Which will serve as a container for radio/HAM/Wireless related content.</p>
  1042. ]]></description>
  1043.    <content:encoded><![CDATA[<p><a href="https://blinry.org/50-things-with-sdr/" title="Fifty Things you can do with a Software Defined Radio">Fifty Things you can do with a Software Defined Radio 📻</a> &mdash; some cool SDR things to do (have done already some of them and more with my <a href="http://hb9tf.ch" title="Tango Foxtrott Wireless Society HB9TF">HB9TF</a> friends :-)</p>
  1044. <p>(<a href="https://news.ycombinator.com/item?id=39728153" title="Fifty Things you can do with a Software Defined Radio | Hacker News">via</a>)</p>
  1045. <p>Also using this post to introduce a new category: <b><a href="https://blog.x-way.org/Radio/" title="x-log - Radio">Radio</a></b><br>
  1046. Which will serve as a container for radio/HAM/Wireless related content.</p>
  1047. ]]></content:encoded>
  1048.  </item>
  1049.  
  1050.  <item>
  1051.    <title>100 things you can do on your personal website</title>
  1052.    <link>https://blog.x-way.org/Misc/2024/03/07/100-things-you-can-do-on-your-personal-website.html</link>
  1053.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324338</guid>
  1054.    <dc:creator>Andreas Jaggi</dc:creator>
  1055.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1056.    <pubDate>Thu, 07 Mar 2024 23:56:00 +0100</pubDate>
  1057.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1058.    <description><![CDATA[<p><a href="https://jamesg.blog/2024/02/19/personal-website-ideas/" title="100 things you can do on your personal website | James' Coffee Blog">100 things you can do on your personal website</a> &mdash; lots of ideas/inspirations also for this blog :-)</p>
  1059. <p>(<a href="https://gigold.me/blog/100-dinge" title="">via</a>)</p>
  1060. ]]></description>
  1061.    <content:encoded><![CDATA[<p><a href="https://jamesg.blog/2024/02/19/personal-website-ideas/" title="100 things you can do on your personal website | James' Coffee Blog">100 things you can do on your personal website</a> &mdash; lots of ideas/inspirations also for this blog :-)</p>
  1062. <p>(<a href="https://gigold.me/blog/100-dinge" title="">via</a>)</p>
  1063. ]]></content:encoded>
  1064.  </item>
  1065.  
  1066.  <item>
  1067.    <title>Tunnelbroker to the rescue</title>
  1068.    <link>https://blog.x-way.org/Networking/2024/02/25/Tunnelbroker-to-the-rescue.html</link>
  1069.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324337</guid>
  1070.    <dc:creator>Andreas Jaggi</dc:creator>
  1071.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1072.    <pubDate>Sun, 25 Feb 2024 15:25:00 +0100</pubDate>
  1073.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  1074.    <description><![CDATA[<p>After nicely delivering <a href="https://blog.x-way.org/Networking/2021/02/04/Embracing-the-future-with-SolNet.html" title="x-log - Embracing the future with Solnet">native IPv6 connectivity for 3 years</a>, my Internet provider Solnet made some changes in their backbone config on January 31st which broke their IPv6 setup.<br>Unfortunately escalating with their support did not bear any fruits so far (current state: they no longer respond on the support ticket&hellip;).</p>
  1075. <p>Thus change of plans, <a href="https://tunnelbroker.net/" title="Hurricane Electric Free IPv6 Tunnel Broker">tunnelbroker.net</a> (Hurricane Electric) to the rescue.<br>Took about 10 minutes to set everything up and now I'm enjoying IPv6 connectivity again (although with a reduced end-to-end MTU due to the <a href="https://en.wikipedia.org/wiki/6in4" title="6in4 - Wikipedia">6in4</a> encapsulation).</p>
  1076. <p>Guess I'll have to look for a different Internet provider again.<br>Especially annoying is that I renewed the yearly plan with Solnet only a couple weeks ago, so will be stuck without native IPv6 connectivity for the next 11 months :-(</p>
  1077. ]]></description>
  1078.    <content:encoded><![CDATA[<p>After nicely delivering <a href="https://blog.x-way.org/Networking/2021/02/04/Embracing-the-future-with-SolNet.html" title="x-log - Embracing the future with Solnet">native IPv6 connectivity for 3 years</a>, my Internet provider Solnet made some changes in their backbone config on January 31st which broke their IPv6 setup.<br>Unfortunately escalating with their support did not bear any fruits so far (current state: they no longer respond on the support ticket&hellip;).</p>
  1079. <p>Thus change of plans, <a href="https://tunnelbroker.net/" title="Hurricane Electric Free IPv6 Tunnel Broker">tunnelbroker.net</a> (Hurricane Electric) to the rescue.<br>Took about 10 minutes to set everything up and now I'm enjoying IPv6 connectivity again (although with a reduced end-to-end MTU due to the <a href="https://en.wikipedia.org/wiki/6in4" title="6in4 - Wikipedia">6in4</a> encapsulation).</p>
  1080. <p>Guess I'll have to look for a different Internet provider again.<br>Especially annoying is that I renewed the yearly plan with Solnet only a couple weeks ago, so will be stuck without native IPv6 connectivity for the next 11 months :-(</p>
  1081. ]]></content:encoded>
  1082.  </item>
  1083.  
  1084.  <item>
  1085.    <title>The High-Risk Refactoring</title>
  1086.    <link>https://blog.x-way.org/Coding/2024/02/25/The-High-Risk-Refactoring.html</link>
  1087.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324336</guid>
  1088.    <dc:creator>Andreas Jaggi</dc:creator>
  1089.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1090.    <pubDate>Sun, 25 Feb 2024 04:02:00 +0100</pubDate>
  1091.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  1092.    <description><![CDATA[<p>In the <a href="https://webup.org/blog/the-high-risk-refactoring/" title="The High-Risk Refactoring - Miroslav Nikolov">The High-Risk Refactoring</a> article there is this concise <em>Addressing Risk</em> checklist to keep in mind when refactoring.<br>During past refactorings (also low-risk ones) I often used almost the same guidelines to help me and can only recommend you to do the same:</p>
  1093. <blockquote cite="https://webup.org/blog/the-high-risk-refactoring/">
  1094. <p>✅ Define constraints. <em>How far should I go</em>. <br>
  1095. ✅ Isolate improvements from features. <em>Do not apply them simultaneously</em>. <br>
  1096. ✅ Write extensive tests. <em>Higher level (integration) with fewer implementation details. They should run alongside changes</em>. <br>
  1097. ✅ Have a visual confirmation. <em>Open the browser</em>.</p>
  1098. <p>❌ Do not skip tests. <em>Don't be lazy</em>.<br>
  1099. ❌ Do not rely too much on code reviews and QA. <em>Humans make mistakes</em>.<br>
  1100. ❌ Do not mix expensive cleanups with other changes. <em>But do that for small improvements</em>.</p>
  1101. </blockquote>
  1102. <p>(<a href="https://labnotes.org/weekend-reading-places-where-ive-lost-my-glasses/" title="Weekend Reading - Places where I've lost my glasses - Labnotes (by Assaf Arkin)">via</a>)</p>
  1103. ]]></description>
  1104.    <content:encoded><![CDATA[<p>In the <a href="https://webup.org/blog/the-high-risk-refactoring/" title="The High-Risk Refactoring - Miroslav Nikolov">The High-Risk Refactoring</a> article there is this concise <em>Addressing Risk</em> checklist to keep in mind when refactoring.<br>During past refactorings (also low-risk ones) I often used almost the same guidelines to help me and can only recommend you to do the same:</p>
  1105. <blockquote cite="https://webup.org/blog/the-high-risk-refactoring/">
  1106. <p>✅ Define constraints. <em>How far should I go</em>. <br>
  1107. ✅ Isolate improvements from features. <em>Do not apply them simultaneously</em>. <br>
  1108. ✅ Write extensive tests. <em>Higher level (integration) with fewer implementation details. They should run alongside changes</em>. <br>
  1109. ✅ Have a visual confirmation. <em>Open the browser</em>.</p>
  1110. <p>❌ Do not skip tests. <em>Don't be lazy</em>.<br>
  1111. ❌ Do not rely too much on code reviews and QA. <em>Humans make mistakes</em>.<br>
  1112. ❌ Do not mix expensive cleanups with other changes. <em>But do that for small improvements</em>.</p>
  1113. </blockquote>
  1114. <p>(<a href="https://labnotes.org/weekend-reading-places-where-ive-lost-my-glasses/" title="Weekend Reading - Places where I've lost my glasses - Labnotes (by Assaf Arkin)">via</a>)</p>
  1115. ]]></content:encoded>
  1116.  </item>
  1117.  
  1118.  <item>
  1119.    <title>Please Blog</title>
  1120.    <link>https://blog.x-way.org/Misc/2024/02/25/Please-Blog.html</link>
  1121.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324335</guid>
  1122.    <dc:creator>Andreas Jaggi</dc:creator>
  1123.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1124.    <pubDate>Sun, 25 Feb 2024 03:17:00 +0100</pubDate>
  1125.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1126.    <description><![CDATA[<p><a href="https://ultreia.me/blog/please-blog/" title="ultreia.me - PLEASE Blog">Please Blog</a> &mdash; <em>a plea for less Big Web and more Small Web</em> and an encouraging article to write your own blog. It also touches on the part about writing on your own domain (so to keep your content yours and not be at risk of a third-party commercial 'social' service going away).</p>
  1127. <blockquote cite="https://ultreia.me/blog/please-blog/"><p>Don’t wait for the Pulitzer piece. Tell me about your ride to work, about your food, what flavor ice cream you like. Let me be part of happiness and sadness. Show me, that there is a human being out there that, agree or not, I can relate to. Because without it, we are just actors in a sea of actors, marketing, proselytizing, advocating, and threatening towards each other in an always vicious circle of striving for a relevance that only buys us more marketing, more proselytizing, more advocating, and more threats.</p></blockquote>
  1128. <p>(discovered via <a href="https://gigold.me/blog/links-links-links" title="Links, Links, Links | Thomas Gigold - Blog">Thomas Gigold</a>)</p>
  1129. ]]></description>
  1130.    <content:encoded><![CDATA[<p><a href="https://ultreia.me/blog/please-blog/" title="ultreia.me - PLEASE Blog">Please Blog</a> &mdash; <em>a plea for less Big Web and more Small Web</em> and an encouraging article to write your own blog. It also touches on the part about writing on your own domain (so to keep your content yours and not be at risk of a third-party commercial 'social' service going away).</p>
  1131. <blockquote cite="https://ultreia.me/blog/please-blog/"><p>Don’t wait for the Pulitzer piece. Tell me about your ride to work, about your food, what flavor ice cream you like. Let me be part of happiness and sadness. Show me, that there is a human being out there that, agree or not, I can relate to. Because without it, we are just actors in a sea of actors, marketing, proselytizing, advocating, and threatening towards each other in an always vicious circle of striving for a relevance that only buys us more marketing, more proselytizing, more advocating, and more threats.</p></blockquote>
  1132. <p>(discovered via <a href="https://gigold.me/blog/links-links-links" title="Links, Links, Links | Thomas Gigold - Blog">Thomas Gigold</a>)</p>
  1133. ]]></content:encoded>
  1134.  </item>
  1135.  
  1136.  <item>
  1137.    <title>ads.txt</title>
  1138.    <link>https://blog.x-way.org/Webdesign/2024/02/18/ads-txt.html</link>
  1139.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324334</guid>
  1140.    <dc:creator>Andreas Jaggi</dc:creator>
  1141.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1142.    <pubDate>Sun, 18 Feb 2024 17:38:00 +0100</pubDate>
  1143.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1144.    <description><![CDATA[<p>Added and <a href="https://iabtechlab.com/ads.txt/" title="IAB Tech Lab - Ads.txt - Authorized Digital Sellers">ads.txt</a> file to the blog. The idea is to avoid that someone can sell fake advertisment space for this blog.</p>
  1145. <p>As I don't use any advertisment here the content of the file is pretty basic:</p>
  1146. <pre>contact=https://blog.x-way.org/about.html</pre>
  1147. ]]></description>
  1148.    <content:encoded><![CDATA[<p>Added and <a href="https://iabtechlab.com/ads.txt/" title="IAB Tech Lab - Ads.txt - Authorized Digital Sellers">ads.txt</a> file to the blog. The idea is to avoid that someone can sell fake advertisment space for this blog.</p>
  1149. <p>As I don't use any advertisment here the content of the file is pretty basic:</p>
  1150. <pre>contact=https://blog.x-way.org/about.html</pre>
  1151. ]]></content:encoded>
  1152.  </item>
  1153.  
  1154.  <item>
  1155.    <title>ldapauth</title>
  1156.    <link>https://blog.x-way.org/Linux/2024/02/18/ldapauth.html</link>
  1157.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324333</guid>
  1158.    <dc:creator>Andreas Jaggi</dc:creator>
  1159.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1160.    <pubDate>Sun, 18 Feb 2024 15:37:00 +0100</pubDate>
  1161.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1162.    <description><![CDATA[<p><a href="https://github.com/x-way/ldapauth" title="x-way/ldapauth">ldapauth</a> is a <a href="https://nodejs.org" title="Node.js">Node.js</a> script which I have been using for the last 12+ years mostly unchanged.</p>
  1163. <p>It started its life in a <a href="https://en.wikipedia.org/wiki/LXC" title="Linux Containers (LXC)">LXC</a> container, eventually was moved to a Docker container and recently ended up in its own repository on GitHub.</p>
  1164. <p>The functionality it provides is not extraordinary, but helped to bridge a gap where no other product was available.<br>
  1165. It talks <a href="https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol" title="Lightweight Directory Access Protocol - Wikipedia">LDAP</a> one one side (although limited to handle user lookup requests) and on the other side connects to a <a href="https://www.mongodb.com/" title="MongoDB - Document Oriented Database">MongoDB</a> database where the information is stored.</p>
  1166. <p>It emerged out of the desire to have an easy way to manage individual user accounts for my home WiFi. I already had MongoDB running for some other personal project and simply added the list of users there (including the UI for managing them).<br>
  1167. Thus the missing part was to get the WiFi accesspoint to lookup user accounts in MongoDB.</p>
  1168. <p>Of course WiFi accesspoints do not directly talk MongoDB, but rather some other protocol like <a href="https://en.wikipedia.org/wiki/RADIUS" title="Remote Authentication Dial-In User Service">RADIUS</a>.<br>
  1169. A <a href="https://freeradius.org/" title="FreeRADIUS">freeradius</a> server was quickly setup, but still couldn't talk to MongoDB at the time. Thus comes in <a href="https://github.com/x-way/ldapauth" title="x-way/ldapauth">ldapauth</a>, which takes LDAP queries from freeradius and turns them into MongoDB lookups so that in the end the WiFi accesspoint receives the user accounts :-)</p>
  1170. <p>Not sure if this is particularly useful for anyone else, but at least here it did provide good services (and continues to do so).<br>
  1171. Current score is that it has survived three different WiFi accesspoints and has been running on 5 different servers over the time.</p>
  1172. ]]></description>
  1173.    <content:encoded><![CDATA[<p><a href="https://github.com/x-way/ldapauth" title="x-way/ldapauth">ldapauth</a> is a <a href="https://nodejs.org" title="Node.js">Node.js</a> script which I have been using for the last 12+ years mostly unchanged.</p>
  1174. <p>It started its life in a <a href="https://en.wikipedia.org/wiki/LXC" title="Linux Containers (LXC)">LXC</a> container, eventually was moved to a Docker container and recently ended up in its own repository on GitHub.</p>
  1175. <p>The functionality it provides is not extraordinary, but helped to bridge a gap where no other product was available.<br>
  1176. It talks <a href="https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol" title="Lightweight Directory Access Protocol - Wikipedia">LDAP</a> one one side (although limited to handle user lookup requests) and on the other side connects to a <a href="https://www.mongodb.com/" title="MongoDB - Document Oriented Database">MongoDB</a> database where the information is stored.</p>
  1177. <p>It emerged out of the desire to have an easy way to manage individual user accounts for my home WiFi. I already had MongoDB running for some other personal project and simply added the list of users there (including the UI for managing them).<br>
  1178. Thus the missing part was to get the WiFi accesspoint to lookup user accounts in MongoDB.</p>
  1179. <p>Of course WiFi accesspoints do not directly talk MongoDB, but rather some other protocol like <a href="https://en.wikipedia.org/wiki/RADIUS" title="Remote Authentication Dial-In User Service">RADIUS</a>.<br>
  1180. A <a href="https://freeradius.org/" title="FreeRADIUS">freeradius</a> server was quickly setup, but still couldn't talk to MongoDB at the time. Thus comes in <a href="https://github.com/x-way/ldapauth" title="x-way/ldapauth">ldapauth</a>, which takes LDAP queries from freeradius and turns them into MongoDB lookups so that in the end the WiFi accesspoint receives the user accounts :-)</p>
  1181. <p>Not sure if this is particularly useful for anyone else, but at least here it did provide good services (and continues to do so).<br>
  1182. Current score is that it has survived three different WiFi accesspoints and has been running on 5 different servers over the time.</p>
  1183. ]]></content:encoded>
  1184.  </item>
  1185.  
  1186.  <item>
  1187.    <title>Hilltop Hoods - Laced Up</title>
  1188.    <link>https://blog.x-way.org/Music/2024/02/18/Hilltop-Hoods-Laced-Up.html</link>
  1189.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324332</guid>
  1190.    <dc:creator>Andreas Jaggi</dc:creator>
  1191.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1192.    <pubDate>Sun, 18 Feb 2024 08:31:00 +0100</pubDate>
  1193.    <category domain="https://blog.x-way.org/Music">Music</category>
  1194.    <description><![CDATA[<p><a href="https://youtu.be/Nn-kfXCQt6A" title="Hilltop Hoods - Laced Up - YouTube">Hilltop Hoods - Laced Up</a></p>
  1195. <p>Some vibes from Australia &#x2764;</p>
  1196. ]]></description>
  1197.    <content:encoded><![CDATA[<p><a href="https://youtu.be/Nn-kfXCQt6A" title="Hilltop Hoods - Laced Up - YouTube">Hilltop Hoods - Laced Up</a></p>
  1198. <p>Some vibes from Australia &#x2764;</p>
  1199. ]]></content:encoded>
  1200.  </item>
  1201.  
  1202.  <item>
  1203.    <title>qr-bag</title>
  1204.    <link>https://blog.x-way.org/Coding/2024/02/03/qr-bag.html</link>
  1205.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324331</guid>
  1206.    <dc:creator>Andreas Jaggi</dc:creator>
  1207.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1208.    <pubDate>Sat, 03 Feb 2024 19:55:00 +0100</pubDate>
  1209.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  1210.    <description><![CDATA[<p>Some time ago I used an online tool to generate some QR codes with a contact URL so I can put them on my luggage.<br>Now I got a new bag and need a new QR code for it. As I don't remember the online tool I used years ago, I decided to write my own tool.</p>
  1211. <p>Thus say hello to <a href="https://github.com/x-way/qr-bag" title="x-way/qr-bag: Generate a QR code with a lost bag logo in the middle pointing to a URL with information about the owner ">qr-bag</a>. It's a commandline tool written in Go to generate QR codes for URLs with a little logo in the middle.<br>The code for it is mostly a wrapper around the <a href="https://github.com/yeqown/go-qrcode" title="yeqown/go-qrcode">go-qrcode</a> library which does all the heavy lifting.</p>
  1212. <img src="https://blog.x-way.org/images/qr-bag123.png" width="173" height="173" alt="Example QR code">
  1213. ]]></description>
  1214.    <content:encoded><![CDATA[<p>Some time ago I used an online tool to generate some QR codes with a contact URL so I can put them on my luggage.<br>Now I got a new bag and need a new QR code for it. As I don't remember the online tool I used years ago, I decided to write my own tool.</p>
  1215. <p>Thus say hello to <a href="https://github.com/x-way/qr-bag" title="x-way/qr-bag: Generate a QR code with a lost bag logo in the middle pointing to a URL with information about the owner ">qr-bag</a>. It's a commandline tool written in Go to generate QR codes for URLs with a little logo in the middle.<br>The code for it is mostly a wrapper around the <a href="https://github.com/yeqown/go-qrcode" title="yeqown/go-qrcode">go-qrcode</a> library which does all the heavy lifting.</p>
  1216. <img src="https://blog.x-way.org/images/qr-bag123.png" width="173" height="173" alt="Example QR code">
  1217. ]]></content:encoded>
  1218.  </item>
  1219.  
  1220.  <item>
  1221.    <title>text-decoration-color</title>
  1222.    <link>https://blog.x-way.org/Webdesign/2024/02/03/text-decoration-color.html</link>
  1223.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324330</guid>
  1224.    <dc:creator>Andreas Jaggi</dc:creator>
  1225.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1226.    <pubDate>Sat, 03 Feb 2024 16:27:00 +0100</pubDate>
  1227.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1228.    <description><![CDATA[<p>Just discovered the <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/text-decoration-color" title="text-decoration-color - CSS: Cascading Style Sheets | MDN"><code>text-decoration-color</code></a> CSS property and added it to the style on the blog:</p>
  1229. <pre>a:hover {color: #454545; text-decoration: underline; text-decoration-color: #26C4FF;}</pre>
  1230. <p>This causes that when you hover over a link in a post, the underline is not in the same boring gray as the text but lights up in a nice color :-)</p>
  1231. <p>(not to be confused with the hacky colored underlines in the righthand navigation bar, where I use a colored <code>border-bottom</code> to achieve a similar effect since 2002)</p>
  1232. ]]></description>
  1233.    <content:encoded><![CDATA[<p>Just discovered the <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/text-decoration-color" title="text-decoration-color - CSS: Cascading Style Sheets | MDN"><code>text-decoration-color</code></a> CSS property and added it to the style on the blog:</p>
  1234. <pre>a:hover {color: #454545; text-decoration: underline; text-decoration-color: #26C4FF;}</pre>
  1235. <p>This causes that when you hover over a link in a post, the underline is not in the same boring gray as the text but lights up in a nice color :-)</p>
  1236. <p>(not to be confused with the hacky colored underlines in the righthand navigation bar, where I use a colored <code>border-bottom</code> to achieve a similar effect since 2002)</p>
  1237. ]]></content:encoded>
  1238.  </item>
  1239.  
  1240.  <item>
  1241.    <title>Blogroll cleanup 2024</title>
  1242.    <link>https://blog.x-way.org/Misc/2024/01/31/Blogroll-cleanup-2024.html</link>
  1243.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324329</guid>
  1244.    <dc:creator>Andreas Jaggi</dc:creator>
  1245.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1246.    <pubDate>Wed, 31 Jan 2024 22:50:00 +0100</pubDate>
  1247.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1248.    <description><![CDATA[<p>It's time again to do some cleanup of my blogroll before the links start to turn into 404 errors :-)</p>
  1249. <p>Removed:</p>
  1250. <ul>
  1251. <li><a href="https://web.archive.org/web/20200301211123/http://strcat.de/blog/" title="Veni, Vidi, VISA">Veni, Vidi, VISA</a></li>
  1252. <li><a href="https://web.archive.org/web/20230724205656/https://gru.gq/" title="grugq's domain - Cyber is Deception">gru.gq</a></li>
  1253. <li><a href="http://www.brewdog.com/blog" title="BrewDog Craft Beer Blog">BrewDog</a></li>
  1254. <li><a href="https://mdlayher.com/blog/" title="Matt Layher">mdlayher.com</a></li>
  1255. <li><a href="https://blog.inliniac.net/" title="Inliniac | Everything inline.">Inliniac</a></li>
  1256. <li><a href="https://home.regit.org/" title="To Linux and beyond!">To Linux and beyond!</a></li>
  1257. <li><a href="http://lonesysadmin.net/" title="The Lone Sysadmin">The Lone Sysadmin</a></li>
  1258. <li><a href="https://eklitzke.org/" title="Evan Klitzke">eklitzke.org</a></li>
  1259. </ul>
  1260. ]]></description>
  1261.    <content:encoded><![CDATA[<p>It's time again to do some cleanup of my blogroll before the links start to turn into 404 errors :-)</p>
  1262. <p>Removed:</p>
  1263. <ul>
  1264. <li><a href="https://web.archive.org/web/20200301211123/http://strcat.de/blog/" title="Veni, Vidi, VISA">Veni, Vidi, VISA</a></li>
  1265. <li><a href="https://web.archive.org/web/20230724205656/https://gru.gq/" title="grugq's domain - Cyber is Deception">gru.gq</a></li>
  1266. <li><a href="http://www.brewdog.com/blog" title="BrewDog Craft Beer Blog">BrewDog</a></li>
  1267. <li><a href="https://mdlayher.com/blog/" title="Matt Layher">mdlayher.com</a></li>
  1268. <li><a href="https://blog.inliniac.net/" title="Inliniac | Everything inline.">Inliniac</a></li>
  1269. <li><a href="https://home.regit.org/" title="To Linux and beyond!">To Linux and beyond!</a></li>
  1270. <li><a href="http://lonesysadmin.net/" title="The Lone Sysadmin">The Lone Sysadmin</a></li>
  1271. <li><a href="https://eklitzke.org/" title="Evan Klitzke">eklitzke.org</a></li>
  1272. </ul>
  1273. ]]></content:encoded>
  1274.  </item>
  1275.  
  1276.  <item>
  1277.    <title>Statistics revived</title>
  1278.    <link>https://blog.x-way.org/Misc/2024/01/30/Statistics-revived.html</link>
  1279.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324328</guid>
  1280.    <dc:creator>Andreas Jaggi</dc:creator>
  1281.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1282.    <pubDate>Tue, 30 Jan 2024 06:46:00 +0100</pubDate>
  1283.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1284.    <description><![CDATA[<p>Following in the trend of replacing tables, I've revived the old <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a>.<br>Now using less markup as it is built with <code>&lt;div&gt;</code> and CSS only (the <code>display: inline-block;</code> property was particularly helpful).</p>
  1285. <p>(the Jekyll/Liquid templating to generate the data for it looks quite horrific though&hellip;)</p>
  1286. ]]></description>
  1287.    <content:encoded><![CDATA[<p>Following in the trend of replacing tables, I've revived the old <a href="https://blog.x-way.org/statistics.html" title="x-log - Statistics">statistics page</a>.<br>Now using less markup as it is built with <code>&lt;div&gt;</code> and CSS only (the <code>display: inline-block;</code> property was particularly helpful).</p>
  1288. <p>(the Jekyll/Liquid templating to generate the data for it looks quite horrific though&hellip;)</p>
  1289. ]]></content:encoded>
  1290.  </item>
  1291.  
  1292.  <item>
  1293.    <title>Tables are gone</title>
  1294.    <link>https://blog.x-way.org/Webdesign/2024/01/28/Tables-are-gone.html</link>
  1295.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324327</guid>
  1296.    <dc:creator>Andreas Jaggi</dc:creator>
  1297.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1298.    <pubDate>Sun, 28 Jan 2024 16:47:00 +0100</pubDate>
  1299.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1300.    <description><![CDATA[<p>Over the last couple weeks I slowly replaced the various &lt;table&gt;-based layout elements of the blog with more modern HTML elements.<br>
  1301. And finally this afternoon the work was completed with the last &lt;table&gt; element gone.</p>
  1302. <p>Visually there should be almost no differences, but in case something looks strange just let <a href="https://blog.x-way.org/about.html" title="x-log - About">me</a> know :-)<br>
  1303. (and yes, style-wise everything is still using the pixel-based layout from 2002, one day this might change as well&hellip;)</p>
  1304. ]]></description>
  1305.    <content:encoded><![CDATA[<p>Over the last couple weeks I slowly replaced the various &lt;table&gt;-based layout elements of the blog with more modern HTML elements.<br>
  1306. And finally this afternoon the work was completed with the last &lt;table&gt; element gone.</p>
  1307. <p>Visually there should be almost no differences, but in case something looks strange just let <a href="https://blog.x-way.org/about.html" title="x-log - About">me</a> know :-)<br>
  1308. (and yes, style-wise everything is still using the pixel-based layout from 2002, one day this might change as well&hellip;)</p>
  1309. ]]></content:encoded>
  1310.  </item>
  1311.  
  1312.  <item>
  1313.    <title>Quick and dirty dark mode</title>
  1314.    <link>https://blog.x-way.org/Webdesign/2024/01/27/Quick-and-dirty-dark-mode.html</link>
  1315.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324326</guid>
  1316.    <dc:creator>Andreas Jaggi</dc:creator>
  1317.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1318.    <pubDate>Sat, 27 Jan 2024 15:59:00 +0100</pubDate>
  1319.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1320.    <description><![CDATA[<p>To provide basic dark mode support for the blog, I added the following lines of CSS:</p>
  1321. <pre>
  1322. @media (prefers-color-scheme: dark) {
  1323.    html { filter: invert(1) hue-rotate(180deg); }
  1324.    img, video, iframe { filter: invert(1) hue-rotate(180deg); }
  1325. }
  1326. </pre>
  1327. <p>If the browser/OS has dark mode enabled it will invert the colors and rotate the hue to achieve the dark mode effect.<br>The whole operation is applied a second time on images, videos and frames to avoid that they have their colors distorted.</p>
  1328. <p>You can get a preview by using the developer tools of your browser to enable dark mode :-)</p>
  1329. <p>The code is inspired by the post <a href="https://dev.to/akhilarjun/one-line-dark-mode-using-css-24li" title="One line - Dark Mode using CSS - DEV Community">here</a>, and then extended to provide a CSS-only solution by leveraging the <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/color-scheme" title="color-scheme - CSS: Cascading Style Sheets | MDN">color-scheme CSS property</a>.</p>
  1330. ]]></description>
  1331.    <content:encoded><![CDATA[<p>To provide basic dark mode support for the blog, I added the following lines of CSS:</p>
  1332. <pre>
  1333. @media (prefers-color-scheme: dark) {
  1334.    html { filter: invert(1) hue-rotate(180deg); }
  1335.    img, video, iframe { filter: invert(1) hue-rotate(180deg); }
  1336. }
  1337. </pre>
  1338. <p>If the browser/OS has dark mode enabled it will invert the colors and rotate the hue to achieve the dark mode effect.<br>The whole operation is applied a second time on images, videos and frames to avoid that they have their colors distorted.</p>
  1339. <p>You can get a preview by using the developer tools of your browser to enable dark mode :-)</p>
  1340. <p>The code is inspired by the post <a href="https://dev.to/akhilarjun/one-line-dark-mode-using-css-24li" title="One line - Dark Mode using CSS - DEV Community">here</a>, and then extended to provide a CSS-only solution by leveraging the <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/color-scheme" title="color-scheme - CSS: Cascading Style Sheets | MDN">color-scheme CSS property</a>.</p>
  1341. ]]></content:encoded>
  1342.  </item>
  1343.  
  1344.  <item>
  1345.    <title>Sub Focus, Dimension, Culture Shock &#x26; 1991</title>
  1346.    <link>https://blog.x-way.org/Music/2024/01/21/Sub-Focus-Dimension-Culture-Shock-1991.html</link>
  1347.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324325</guid>
  1348.    <dc:creator>Andreas Jaggi</dc:creator>
  1349.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1350.    <pubDate>Sun, 21 Jan 2024 22:16:00 +0100</pubDate>
  1351.    <category domain="https://blog.x-way.org/Music">Music</category>
  1352.    <description><![CDATA[<p><a href="https://youtu.be/OZMWKqbcwzo" title="Sub Focus, Dimension, Culture Shock &amp; 1991 - YouTube">Sub Focus, Dimension, Culture Shock &amp; 1991</a></p>
  1353. <p>Some very fine Drum and bass. Recently got to experience two of them live (Sub Focus &amp; 1991), and have plans to see Dimension next :-)</p>
  1354. <p>Especially like the little <a href="https://theprodigy.com" title="The Prodigy">The Prodigy</a> mixin starting at 1:04:30 &#x1F973;</p>
  1355. ]]></description>
  1356.    <content:encoded><![CDATA[<p><a href="https://youtu.be/OZMWKqbcwzo" title="Sub Focus, Dimension, Culture Shock &amp; 1991 - YouTube">Sub Focus, Dimension, Culture Shock &amp; 1991</a></p>
  1357. <p>Some very fine Drum and bass. Recently got to experience two of them live (Sub Focus &amp; 1991), and have plans to see Dimension next :-)</p>
  1358. <p>Especially like the little <a href="https://theprodigy.com" title="The Prodigy">The Prodigy</a> mixin starting at 1:04:30 &#x1F973;</p>
  1359. ]]></content:encoded>
  1360.  </item>
  1361.  
  1362.  <item>
  1363.    <title>Keeping old URLs alive</title>
  1364.    <link>https://blog.x-way.org/Misc/2024/01/21/Keeping-old-URLs-alive.html</link>
  1365.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324324</guid>
  1366.    <dc:creator>Andreas Jaggi</dc:creator>
  1367.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1368.    <pubDate>Sun, 21 Jan 2024 21:41:00 +0100</pubDate>
  1369.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1370.    <description><![CDATA[<p>As mentioned before, I'm a supporter of the <a href="https://www.w3.org/Provider/Style/URI" title="Hypertext Style: Cool URIs don't change">Cool URIs don't change</a> approach.<br>Thus I try to keep all the URLs of this blog working (or at least make them redirect to the new place where the content is located).<br>Not always an easy task with old domains and multiple blogging engines accumulated over the years.</p>
  1371. <p>To help me with that (and ensure I don't break anything when updating a 10+ year old mod_rewrite config) I created a short Bash script to test the redirect behavior.<br>It contains a list of URLs and their expected redirect target, goes through them with <a href="https://curl.se" title="curl">curl</a> and checks that the correct <code>Location:</code> header is returned.</p>
  1372. <p>As it might be useful for others in similar situations, the script can be found <a href="https://blog.x-way.org/stuff/test.sh" title="test.sh">here</a>.</p>
  1373. ]]></description>
  1374.    <content:encoded><![CDATA[<p>As mentioned before, I'm a supporter of the <a href="https://www.w3.org/Provider/Style/URI" title="Hypertext Style: Cool URIs don't change">Cool URIs don't change</a> approach.<br>Thus I try to keep all the URLs of this blog working (or at least make them redirect to the new place where the content is located).<br>Not always an easy task with old domains and multiple blogging engines accumulated over the years.</p>
  1375. <p>To help me with that (and ensure I don't break anything when updating a 10+ year old mod_rewrite config) I created a short Bash script to test the redirect behavior.<br>It contains a list of URLs and their expected redirect target, goes through them with <a href="https://curl.se" title="curl">curl</a> and checks that the correct <code>Location:</code> header is returned.</p>
  1376. <p>As it might be useful for others in similar situations, the script can be found <a href="https://blog.x-way.org/stuff/test.sh" title="test.sh">here</a>.</p>
  1377. ]]></content:encoded>
  1378.  </item>
  1379.  
  1380.  <item>
  1381.    <title>I miss human curation</title>
  1382.    <link>https://blog.x-way.org/Misc/2024/01/21/I-miss-human-curation.html</link>
  1383.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324323</guid>
  1384.    <dc:creator>Andreas Jaggi</dc:creator>
  1385.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1386.    <pubDate>Sun, 21 Jan 2024 07:14:00 +0100</pubDate>
  1387.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1388.    <description><![CDATA[<p><a href="https://blog.cassidoo.co/post/human-curation/" title="I miss human curation - Cassidy's blog">I miss human curation</a> &mdash; Where are my internet friends? And where are their weird blogs? (<a href="https://kniebes.com/link/a97dd47db2b511eebfd9408d5c84b5d9" title="Markus Kniebes Journal">via</a>)<p>
  1389. ]]></description>
  1390.    <content:encoded><![CDATA[<p><a href="https://blog.cassidoo.co/post/human-curation/" title="I miss human curation - Cassidy's blog">I miss human curation</a> &mdash; Where are my internet friends? And where are their weird blogs? (<a href="https://kniebes.com/link/a97dd47db2b511eebfd9408d5c84b5d9" title="Markus Kniebes Journal">via</a>)<p>
  1391. ]]></content:encoded>
  1392.  </item>
  1393.  
  1394.  <item>
  1395.    <title>Postfix clear verification cache</title>
  1396.    <link>https://blog.x-way.org/Linux/2024/01/07/Postfix-clear-verification-cache.html</link>
  1397.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324322</guid>
  1398.    <dc:creator>Andreas Jaggi</dc:creator>
  1399.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1400.    <pubDate>Sun, 07 Jan 2024 22:38:00 +0100</pubDate>
  1401.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1402.    <description><![CDATA[<p>While adding some new alias functionality to my setup, it repeatedly failed with an error similar to this, despite my configuration changes:</p>
  1403. <pre>Recipient address rejected: unverified address: host XXX[XXX] said: 550 5.1.1
  1404. &lt;foo@bar.com&gt; User doesn't exist: foo@bar.com (in reply to RCPT TO command);</pre>
  1405. <p>Turns out that the negative verification result is cached and the cache is not reset during a reload/restart of postfix.<br>
  1406. Thus it must be cleared manually like this:</p>
  1407. <pre>/etc/init.d/postfix stop
  1408. rm /var/lib/postfix/verify_cache.db
  1409. /etc/init.d/postfix start</pre>
  1410. ]]></description>
  1411.    <content:encoded><![CDATA[<p>While adding some new alias functionality to my setup, it repeatedly failed with an error similar to this, despite my configuration changes:</p>
  1412. <pre>Recipient address rejected: unverified address: host XXX[XXX] said: 550 5.1.1
  1413. &lt;foo@bar.com&gt; User doesn't exist: foo@bar.com (in reply to RCPT TO command);</pre>
  1414. <p>Turns out that the negative verification result is cached and the cache is not reset during a reload/restart of postfix.<br>
  1415. Thus it must be cleared manually like this:</p>
  1416. <pre>/etc/init.d/postfix stop
  1417. rm /var/lib/postfix/verify_cache.db
  1418. /etc/init.d/postfix start</pre>
  1419. ]]></content:encoded>
  1420.  </item>
  1421.  
  1422.  <item>
  1423.    <title>Valid HTML5</title>
  1424.    <link>https://blog.x-way.org/Webdesign/2024/01/03/Valid-HTML5.html</link>
  1425.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324321</guid>
  1426.    <dc:creator>Andreas Jaggi</dc:creator>
  1427.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1428.    <pubDate>Wed, 03 Jan 2024 20:59:00 +0100</pubDate>
  1429.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1430.    <description><![CDATA[<p>After <a href="https://blog.x-way.org/Webdesign/2024/01/01/Winter-plain-2.html" title="Winter - plain 2">switching the colors</a> of the design, I kept the momentum and continued working on the HTML of the blog.</p>
  1431. <p>It took couple iterations of multiple hours, but now it's done: the HTML source of this blog is <a href="https://validator.w3.org/nu/?doc=https%3A%2F%2Fblog.x-way.org%2F" title="Nu HTML Checker">valid HTML5</a>!</p>
  1432. <p>Getting rid of the obsoleteness hidden in old blogentries dating back over 20 years also led to some interesting observations.<br>
  1433. Back when moving from HTML 4.01 to <a href="https://blog.x-way.org/Coding/2004/04/08/x-log_v202c.html" title="x-log v2.02c">XHTML 1.1</a>, I remember spending some time to transform old <code>&lt;br&gt;</code> tags to <code>&lt;br /&gt;</code>. And now for HTML5 I did the inverse and moved all <code>&lt;br /&gt;</code> tags back to <code>&lt;br&gt;</code> :-)</p>
  1434. <p>Also once more I'm very thankful for the work of the <a href="https://archive.org/" title="Internet Archive">Internet Archive</a>, which helped to recover images hosted on servers long gone (like URLs which already at the end of 2002 were no longer valid!).</p>
  1435. <p>Overall a lot of replacing no longer existing HTML tags and attributes with CSS definitions.<br>And there is virtually no change to the visual representation of the blog (which was the goal), so we still have the table-based layout with pixel-sized fonts as originally drafted in 2002.<br>Moving this to actually leverage modern HTML5 mechanisms and making it also more mobile friendly are tasks left for some future cold winter evenings :-)</p>
  1436. <p><a href="https://validator.w3.org/nu/?doc=https%3A%2F%2Fblog.x-way.org%2F" title="Valid W3C HTML5"><img src="https://blog.x-way.org/images/html5-validator-badge.png" width="352" height="124" alt="W3C HTML5"></a></p>
  1437. ]]></description>
  1438.    <content:encoded><![CDATA[<p>After <a href="https://blog.x-way.org/Webdesign/2024/01/01/Winter-plain-2.html" title="Winter - plain 2">switching the colors</a> of the design, I kept the momentum and continued working on the HTML of the blog.</p>
  1439. <p>It took couple iterations of multiple hours, but now it's done: the HTML source of this blog is <a href="https://validator.w3.org/nu/?doc=https%3A%2F%2Fblog.x-way.org%2F" title="Nu HTML Checker">valid HTML5</a>!</p>
  1440. <p>Getting rid of the obsoleteness hidden in old blogentries dating back over 20 years also led to some interesting observations.<br>
  1441. Back when moving from HTML 4.01 to <a href="https://blog.x-way.org/Coding/2004/04/08/x-log_v202c.html" title="x-log v2.02c">XHTML 1.1</a>, I remember spending some time to transform old <code>&lt;br&gt;</code> tags to <code>&lt;br /&gt;</code>. And now for HTML5 I did the inverse and moved all <code>&lt;br /&gt;</code> tags back to <code>&lt;br&gt;</code> :-)</p>
  1442. <p>Also once more I'm very thankful for the work of the <a href="https://archive.org/" title="Internet Archive">Internet Archive</a>, which helped to recover images hosted on servers long gone (like URLs which already at the end of 2002 were no longer valid!).</p>
  1443. <p>Overall a lot of replacing no longer existing HTML tags and attributes with CSS definitions.<br>And there is virtually no change to the visual representation of the blog (which was the goal), so we still have the table-based layout with pixel-sized fonts as originally drafted in 2002.<br>Moving this to actually leverage modern HTML5 mechanisms and making it also more mobile friendly are tasks left for some future cold winter evenings :-)</p>
  1444. <p><a href="https://validator.w3.org/nu/?doc=https%3A%2F%2Fblog.x-way.org%2F" title="Valid W3C HTML5"><img src="https://blog.x-way.org/images/html5-validator-badge.png" width="352" height="124" alt="W3C HTML5"></a></p>
  1445. ]]></content:encoded>
  1446.  </item>
  1447.  
  1448.  <item>
  1449.    <title>Winter - plain 2</title>
  1450.    <link>https://blog.x-way.org/Webdesign/2024/01/01/Winter-plain-2.html</link>
  1451.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324320</guid>
  1452.    <dc:creator>Andreas Jaggi</dc:creator>
  1453.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1454.    <pubDate>Mon, 01 Jan 2024 12:41:00 +0100</pubDate>
  1455.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1456.    <description><![CDATA[<p>Happy New Year! &mdash; Happy New Colors!</p>
  1457. <p>Winter is here (for a while already), time to change the colors of the blog.<br>
  1458. To keep it in the nostalgic theme (the previous design was a <a href="https://blog.x-way.org/Webdesign/2022/06/04/Blogging-like-2002.html" title="x-log - Blogging like 2002">repurpose of the inital design from 2002</a>), I'm using the colors from the <a href="https://blog.x-way.org/Webdesign/2002/12/15/Winter.html" title="x-log - Winter">'plain 2' winter layout</a> (also from 2002).</p>
  1459. <p>Enjoy!</p>
  1460. ]]></description>
  1461.    <content:encoded><![CDATA[<p>Happy New Year! &mdash; Happy New Colors!</p>
  1462. <p>Winter is here (for a while already), time to change the colors of the blog.<br>
  1463. To keep it in the nostalgic theme (the previous design was a <a href="https://blog.x-way.org/Webdesign/2022/06/04/Blogging-like-2002.html" title="x-log - Blogging like 2002">repurpose of the inital design from 2002</a>), I'm using the colors from the <a href="https://blog.x-way.org/Webdesign/2002/12/15/Winter.html" title="x-log - Winter">'plain 2' winter layout</a> (also from 2002).</p>
  1464. <p>Enjoy!</p>
  1465. ]]></content:encoded>
  1466.  </item>
  1467.  
  1468.  <item>
  1469.    <title>MECSA</title>
  1470.    <link>https://blog.x-way.org/Networking/2023/12/30/MECSA.html</link>
  1471.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324319</guid>
  1472.    <dc:creator>Andreas Jaggi</dc:creator>
  1473.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1474.    <pubDate>Sat, 30 Dec 2023 09:16:00 +0100</pubDate>
  1475.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  1476.    <description><![CDATA[<p>A <a href="https://news.ycombinator.com/item?id=38792358" title="True, MECSA is also interesting: https://mecsa.jrc.ec.europa.eu/en/ | Hacker News">comment on Hacker News</a> pointed me to the <a href="https://mecsa.jrc.ec.europa.eu/en/" title="My Email Communications Security Assessment (MECSA)">MECSA tool</a> provided by the European Union.</p>
  1477. <p>MECSA stands for My Email Communications Security Assessment, and is a tool to assess the security of email communication between providers.</p>
  1478. <p>As I run my own email server, I was curious to find out how my setup is scoring. Here are the results, seems like I'm doing a good job :-)</p>
  1479. <p><a href="https://blog.x-way.org/images/mecsa_scores_full.png" title="MECSA score for jaggi.info, showing 5/5 stars in Confidential Delivery, Phishing and Identity Theft, and Intergrity of Messages."><img src="https://blog.x-way.org/images/mecsa_scores.png" alt="MECSA score for jaggi.info, showing 5/5 stars in Confidential Delivery, Phishing and Identity Theft, and Intergrity of Messages." height="61" width="650"></a></p>
  1480. <p><a href="https://blog.x-way.org/images/mecsa_details_full.png" title="MECSA details for jaggi.info, showing 100 points in StartTLS, X509, SPF, DKIM, DMARC, DANE, DNSSEC and MTA-STS."><img src="https://blog.x-way.org/images/mecsa_details.png" alt="MECSA details for jaggi.info, showing 100 points in StartTLS, X509, SPF, DKIM, DMARC, DANE, DNSSEC and MTA-STS." height="75" width="650"></a></p>
  1481. <p>Link to the full report for jaggi.info: <a href="https://mecsa.jrc.ec.europa.eu/en/finderRequest/f856486ecaf94dce5e8022c0a97c63b3" title="Report id f856486ecaf94dce5e8022c0a97c63b3 for domain jaggi.info (28/12/2023)">https://mecsa.jrc.ec.europa.eu/en/finderRequest/f856486ecaf94dce5e8022c0a97c63b3</a></p>
  1482. ]]></description>
  1483.    <content:encoded><![CDATA[<p>A <a href="https://news.ycombinator.com/item?id=38792358" title="True, MECSA is also interesting: https://mecsa.jrc.ec.europa.eu/en/ | Hacker News">comment on Hacker News</a> pointed me to the <a href="https://mecsa.jrc.ec.europa.eu/en/" title="My Email Communications Security Assessment (MECSA)">MECSA tool</a> provided by the European Union.</p>
  1484. <p>MECSA stands for My Email Communications Security Assessment, and is a tool to assess the security of email communication between providers.</p>
  1485. <p>As I run my own email server, I was curious to find out how my setup is scoring. Here are the results, seems like I'm doing a good job :-)</p>
  1486. <p><a href="https://blog.x-way.org/images/mecsa_scores_full.png" title="MECSA score for jaggi.info, showing 5/5 stars in Confidential Delivery, Phishing and Identity Theft, and Intergrity of Messages."><img src="https://blog.x-way.org/images/mecsa_scores.png" alt="MECSA score for jaggi.info, showing 5/5 stars in Confidential Delivery, Phishing and Identity Theft, and Intergrity of Messages." height="61" width="650"></a></p>
  1487. <p><a href="https://blog.x-way.org/images/mecsa_details_full.png" title="MECSA details for jaggi.info, showing 100 points in StartTLS, X509, SPF, DKIM, DMARC, DANE, DNSSEC and MTA-STS."><img src="https://blog.x-way.org/images/mecsa_details.png" alt="MECSA details for jaggi.info, showing 100 points in StartTLS, X509, SPF, DKIM, DMARC, DANE, DNSSEC and MTA-STS." height="75" width="650"></a></p>
  1488. <p>Link to the full report for jaggi.info: <a href="https://mecsa.jrc.ec.europa.eu/en/finderRequest/f856486ecaf94dce5e8022c0a97c63b3" title="Report id f856486ecaf94dce5e8022c0a97c63b3 for domain jaggi.info (28/12/2023)">https://mecsa.jrc.ec.europa.eu/en/finderRequest/f856486ecaf94dce5e8022c0a97c63b3</a></p>
  1489. ]]></content:encoded>
  1490.  </item>
  1491.  
  1492.  <item>
  1493.    <title>Fix named checkhints extra record in hints</title>
  1494.    <link>https://blog.x-way.org/Linux/2023/12/27/Fix-named-checkhints-extra-record-in-hints.html</link>
  1495.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324318</guid>
  1496.    <dc:creator>Andreas Jaggi</dc:creator>
  1497.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1498.    <pubDate>Wed, 27 Dec 2023 20:53:00 +0100</pubDate>
  1499.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1500.    <description><![CDATA[<p>Recently named on my Debian server started to emit the following messages:</p>
  1501. <pre>Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/A (170.247.170.2) missing from hints
  1502. Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/A (199.9.14.201) extra record in hints
  1503. Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints
  1504. Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints</pre>
  1505. <p>The reason for these warnings, is a <a href="https://b.root-servers.org/news/2023/05/16/new-addresses.html" title="New addresses for b.root-servers.net">IP change of the B root-server</a>.</p>
  1506. <p>Debian is <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054393" title="Debian bug report #1054393">not ready yet</a> with updating their dns-root-data package.<br>To fix the mismatching IP definitions on a Debian system, the current root zone definitions can also be updated manually from Internic:</p>
  1507. <pre>curl https://www.internic.net/domain/named.root -s &gt; /usr/share/dns/root.hints
  1508. curl https://www.internic.net/domain/named.root.sig -s &gt; /usr/share/dns/root.hints.sig</pre>
  1509. ]]></description>
  1510.    <content:encoded><![CDATA[<p>Recently named on my Debian server started to emit the following messages:</p>
  1511. <pre>Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/A (170.247.170.2) missing from hints
  1512. Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/A (199.9.14.201) extra record in hints
  1513. Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints
  1514. Dec 23 18:30:05 server named[1168203]: checkhints: view external_network: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints</pre>
  1515. <p>The reason for these warnings, is a <a href="https://b.root-servers.org/news/2023/05/16/new-addresses.html" title="New addresses for b.root-servers.net">IP change of the B root-server</a>.</p>
  1516. <p>Debian is <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054393" title="Debian bug report #1054393">not ready yet</a> with updating their dns-root-data package.<br>To fix the mismatching IP definitions on a Debian system, the current root zone definitions can also be updated manually from Internic:</p>
  1517. <pre>curl https://www.internic.net/domain/named.root -s &gt; /usr/share/dns/root.hints
  1518. curl https://www.internic.net/domain/named.root.sig -s &gt; /usr/share/dns/root.hints.sig</pre>
  1519. ]]></content:encoded>
  1520.  </item>
  1521.  
  1522.  <item>
  1523.    <title>Wikipedia Donation</title>
  1524.    <link>https://blog.x-way.org/Misc/2023/12/10/Wikipedia-Donation.html</link>
  1525.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324317</guid>
  1526.    <dc:creator>Andreas Jaggi</dc:creator>
  1527.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1528.    <pubDate>Sun, 10 Dec 2023 22:24:00 +0100</pubDate>
  1529.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1530.    <description><![CDATA[<p>Seems that after donating to Wikipedia there is a redirect to <a href="https://thankyou.wikipedia.org/wiki/Thank_You/en" rel="noreferrer" title="Thank You - Wikimedia Foundation">this page</a>, which sets a cookie to no longer show the donation banners.</p>
  1531. ]]></description>
  1532.    <content:encoded><![CDATA[<p>Seems that after donating to Wikipedia there is a redirect to <a href="https://thankyou.wikipedia.org/wiki/Thank_You/en" rel="noreferrer" title="Thank You - Wikimedia Foundation">this page</a>, which sets a cookie to no longer show the donation banners.</p>
  1533. ]]></content:encoded>
  1534.  </item>
  1535.  
  1536.  <item>
  1537.    <title>Why Personal Blogging Still Rules</title>
  1538.    <link>https://blog.x-way.org/Misc/2023/04/30/Why-Personal-Blogging-Still-Rules.html</link>
  1539.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324316</guid>
  1540.    <dc:creator>Andreas Jaggi</dc:creator>
  1541.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1542.    <pubDate>Sun, 30 Apr 2023 14:42:00 +0200</pubDate>
  1543.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1544.    <description><![CDATA[<p>Resonating article from <a href="https://mikegrindle.com/" title="Mike Grindle - Homepage">Mike Grindle</a> about personal blogging and how it fits into todays Internet: <a href="https://mikegrindle.com/posts/personal-blogging" title="Why Personal Blogging Still Rules - mikegrindle.com">Why Personal Blogging Still Rules</a></p>
  1545. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1546. <p>Before the social media craze or publishing platforms, and long before ‘content creator’ was a job title, blogs served as one of the primary forms of online expression and communication.</p>
  1547. </blockquote>
  1548. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1549. <p>Everything on your blog was made to look and feel the way you wanted. If it didn’t, you rolled your sleeves up and coded that stuff in like the webmaster you were. And if the masses didn’t like it, who cared? They had no obligations to you, and you had none to them.</p>
  1550. </blockquote>
  1551. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1552. <p>Hiding beneath the drivel that is Google’s search results, and all the trackers, cookies, ads and curated feeds that come with them, personal blogs and sites of all shapes and sizes are still there. They’re thriving even in a kind of interconnected web beneath the web.</p>
  1553. </blockquote>
  1554. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1555. <p>The blogs on this small or “indie” web come in many shapes and sizes. [&hellip;] But at their core, they all have one characteristic in common: they’re there because their owners wanted to carve out their space on the internet.</p>
  1556. </blockquote>
  1557. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1558. <p>Your blog doesn’t have to be big and fancy. It doesn’t have to outrank everyone on Google, make money or “convert leads” to be important. It can be something that exists for its own sake, as your place to express yourself in whatever manner you please.</p>
  1559. </blockquote>
  1560. <p>(<a href="https://uninformation.org/webnotizen/23/why-personal-blogging-still-rules/" title="der Uninformat – »Why Personal Blogging Still Rules«">via</a>)</p>
  1561. ]]></description>
  1562.    <content:encoded><![CDATA[<p>Resonating article from <a href="https://mikegrindle.com/" title="Mike Grindle - Homepage">Mike Grindle</a> about personal blogging and how it fits into todays Internet: <a href="https://mikegrindle.com/posts/personal-blogging" title="Why Personal Blogging Still Rules - mikegrindle.com">Why Personal Blogging Still Rules</a></p>
  1563. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1564. <p>Before the social media craze or publishing platforms, and long before ‘content creator’ was a job title, blogs served as one of the primary forms of online expression and communication.</p>
  1565. </blockquote>
  1566. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1567. <p>Everything on your blog was made to look and feel the way you wanted. If it didn’t, you rolled your sleeves up and coded that stuff in like the webmaster you were. And if the masses didn’t like it, who cared? They had no obligations to you, and you had none to them.</p>
  1568. </blockquote>
  1569. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1570. <p>Hiding beneath the drivel that is Google’s search results, and all the trackers, cookies, ads and curated feeds that come with them, personal blogs and sites of all shapes and sizes are still there. They’re thriving even in a kind of interconnected web beneath the web.</p>
  1571. </blockquote>
  1572. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1573. <p>The blogs on this small or “indie” web come in many shapes and sizes. [&hellip;] But at their core, they all have one characteristic in common: they’re there because their owners wanted to carve out their space on the internet.</p>
  1574. </blockquote>
  1575. <blockquote cite="https://mikegrindle.com/posts/personal-blogging">
  1576. <p>Your blog doesn’t have to be big and fancy. It doesn’t have to outrank everyone on Google, make money or “convert leads” to be important. It can be something that exists for its own sake, as your place to express yourself in whatever manner you please.</p>
  1577. </blockquote>
  1578. <p>(<a href="https://uninformation.org/webnotizen/23/why-personal-blogging-still-rules/" title="der Uninformat – »Why Personal Blogging Still Rules«">via</a>)</p>
  1579. ]]></content:encoded>
  1580.  </item>
  1581.  
  1582.  <item>
  1583.    <title>exec-hookd</title>
  1584.    <link>https://blog.x-way.org/Linux/2023/04/23/exec-hookd.html</link>
  1585.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324315</guid>
  1586.    <dc:creator>Andreas Jaggi</dc:creator>
  1587.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1588.    <pubDate>Sun, 23 Apr 2023 22:32:00 +0200</pubDate>
  1589.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1590.    <description><![CDATA[<p>To automate some of the deployment steps on my personal server, I needed a tool which can be triggered by a webhook and does execute some pre-defined commands.</p>
  1591. <p>A classic solution for this would be to have a simple PHP script with a call to <code>system(...)</code>. But I don't have PHP installed on the server itself and wanted this to be more lightweight than a full Apache+PHP installation.</p>
  1592. <p>Thus <a href="https://github.com/x-way/exec-hookd" title="x-way/exec-hookd: execute commands from webhooks">exec-hookd</a> was born. It is a small Go daemon which listens to HTTP POST requests and runs pre-defined commands when a matching path is requested.</p>
  1593. <p>Its configuration lives in a small JSON file, which lists the port to listen on and the paths together with their commands to execute:</p>
  1594. <pre>{
  1595.  "Port": 8059,
  1596.  "HookList": [
  1597.    {
  1598.      "Path": "/myhook",
  1599.      "Exec": [
  1600.        {
  1601.          "Cmd": "/usr/bin/somecmd",
  1602.          "Args": [
  1603.            "--some",
  1604.            "arguments"
  1605.          ],
  1606.          "Timeout": "5s"
  1607.        }
  1608.      ]
  1609.    }
  1610.  ]
  1611. }</pre>
  1612. <p>The commands are called with a timeout after which they are stopped to avoid that things hang around forever.</p>
  1613. ]]></description>
  1614.    <content:encoded><![CDATA[<p>To automate some of the deployment steps on my personal server, I needed a tool which can be triggered by a webhook and does execute some pre-defined commands.</p>
  1615. <p>A classic solution for this would be to have a simple PHP script with a call to <code>system(...)</code>. But I don't have PHP installed on the server itself and wanted this to be more lightweight than a full Apache+PHP installation.</p>
  1616. <p>Thus <a href="https://github.com/x-way/exec-hookd" title="x-way/exec-hookd: execute commands from webhooks">exec-hookd</a> was born. It is a small Go daemon which listens to HTTP POST requests and runs pre-defined commands when a matching path is requested.</p>
  1617. <p>Its configuration lives in a small JSON file, which lists the port to listen on and the paths together with their commands to execute:</p>
  1618. <pre>{
  1619.  "Port": 8059,
  1620.  "HookList": [
  1621.    {
  1622.      "Path": "/myhook",
  1623.      "Exec": [
  1624.        {
  1625.          "Cmd": "/usr/bin/somecmd",
  1626.          "Args": [
  1627.            "--some",
  1628.            "arguments"
  1629.          ],
  1630.          "Timeout": "5s"
  1631.        }
  1632.      ]
  1633.    }
  1634.  ]
  1635. }</pre>
  1636. <p>The commands are called with a timeout after which they are stopped to avoid that things hang around forever.</p>
  1637. ]]></content:encoded>
  1638.  </item>
  1639.  
  1640.  <item>
  1641.    <title>Nice git log alias</title>
  1642.    <link>https://blog.x-way.org/Coding/2023/04/16/Nice-git-log-alias.html</link>
  1643.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324314</guid>
  1644.    <dc:creator>Andreas Jaggi</dc:creator>
  1645.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1646.    <pubDate>Sun, 16 Apr 2023 13:55:00 +0200</pubDate>
  1647.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  1648.    <description><![CDATA[<p><a href="https://uninformation.org/" title="Wald- und Wiesen-Weblog - uninformation.org">Ralf</a> <a href="https://web.archive.org/web/20231128231558/https://masto.futbol/@oldschooldev/109839690235274960" title="ralf g.: killer-alias für das schönste gitlog in der shell">tooted</a> a nice and tidy git log output alias for the console:</p>
  1649. <code>
  1650. alias glg="git log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)&lt;%an&gt;%Creset' --abbrev-commit"
  1651. </code>
  1652. ]]></description>
  1653.    <content:encoded><![CDATA[<p><a href="https://uninformation.org/" title="Wald- und Wiesen-Weblog - uninformation.org">Ralf</a> <a href="https://web.archive.org/web/20231128231558/https://masto.futbol/@oldschooldev/109839690235274960" title="ralf g.: killer-alias für das schönste gitlog in der shell">tooted</a> a nice and tidy git log output alias for the console:</p>
  1654. <code>
  1655. alias glg="git log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)&lt;%an&gt;%Creset' --abbrev-commit"
  1656. </code>
  1657. ]]></content:encoded>
  1658.  </item>
  1659.  
  1660.  <item>
  1661.    <title>Docker registry facade with nginx</title>
  1662.    <link>https://blog.x-way.org/Linux/2023/03/18/Docker-registry-facade-with-nginx.html</link>
  1663.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324313</guid>
  1664.    <dc:creator>Andreas Jaggi</dc:creator>
  1665.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1666.    <pubDate>Sat, 18 Mar 2023 10:36:00 +0100</pubDate>
  1667.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1668.    <description><![CDATA[<p>Found <a href="https://httptoolkit.com/blog/docker-image-registry-facade/" title="Dodge the next Dockerpocalypse: how to own your own Docker Registry address">this inspiring blog post</a> about how to use your own domain for Docker images. (via <a href="https://news.ycombinator.com/item?id=35205838" title="How to own your own Docker Registry address | Hacker News">HN</a>)</p>
  1669. <p>It explains how to use your own domain with redirects such that the Docker registry hosting the images can be changed easily. Your domain is only used for issueing HTTP redirects, so that the actual data storage and transfer happens directly with the Docker registry.</p>
  1670. <p>The blog post comes with <a href="https://github.com/httptoolkit/docker-registry-facade/blob/main/Caddyfile" title="Caddyfile">a sample implementation for Caddy</a>. As my server is running <a href="https://nginx.org/" title="nginx">nginx</a>, I used the following config snippet to achieve the same result:</p>
  1671. <pre>
  1672. server {
  1673. listen 443 ssl;
  1674. listen [::]:443 ssl;
  1675.  
  1676. server_name docker.x-way.org;
  1677.  
  1678. access_log /var/log/nginx/docker.x-way.org.access.log;
  1679. error_log /var/log/nginx/docker.x-way.org.error.log;
  1680.  
  1681. ssl_certificate /etc/letsencrypt/live/docker.x-way.org/fullchain.pem;
  1682. ssl_certificate_key /etc/letsencrypt/live/docker.x-way.org/privkey.pem;
  1683.  
  1684. location / {
  1685. return 403;
  1686. }
  1687.  
  1688. location = /v2 {
  1689. add_header Cache-Control 'max-age=300, must-revalidate';
  1690. return 307 https://registry.hub.docker.com$request_uri;
  1691. }
  1692. location = /v2/ {
  1693. add_header Cache-Control 'max-age=300, must-revalidate';
  1694. return 307 https://registry.hub.docker.com$request_uri;
  1695. }
  1696. location = /v2/xway {
  1697. add_header Cache-Control 'max-age=300, must-revalidate';
  1698. return 307 https://registry.hub.docker.com$request_uri;
  1699. }
  1700. location /v2/xway/ {
  1701. add_header Cache-Control 'max-age=300, must-revalidate';
  1702. return 307 https://registry.hub.docker.com$request_uri;
  1703. }
  1704. }
  1705. </pre>
  1706. <p>Quickly tested it with some docker pull commands and already integrated it into the <a href="https://github.com/x-way/dnsupd/pull/72" title="Use custom registry by x-way - Pull Request #72 - x-way/dnsupd">build process of dnsupd</a>.</p>
  1707. ]]></description>
  1708.    <content:encoded><![CDATA[<p>Found <a href="https://httptoolkit.com/blog/docker-image-registry-facade/" title="Dodge the next Dockerpocalypse: how to own your own Docker Registry address">this inspiring blog post</a> about how to use your own domain for Docker images. (via <a href="https://news.ycombinator.com/item?id=35205838" title="How to own your own Docker Registry address | Hacker News">HN</a>)</p>
  1709. <p>It explains how to use your own domain with redirects such that the Docker registry hosting the images can be changed easily. Your domain is only used for issueing HTTP redirects, so that the actual data storage and transfer happens directly with the Docker registry.</p>
  1710. <p>The blog post comes with <a href="https://github.com/httptoolkit/docker-registry-facade/blob/main/Caddyfile" title="Caddyfile">a sample implementation for Caddy</a>. As my server is running <a href="https://nginx.org/" title="nginx">nginx</a>, I used the following config snippet to achieve the same result:</p>
  1711. <pre>
  1712. server {
  1713. listen 443 ssl;
  1714. listen [::]:443 ssl;
  1715.  
  1716. server_name docker.x-way.org;
  1717.  
  1718. access_log /var/log/nginx/docker.x-way.org.access.log;
  1719. error_log /var/log/nginx/docker.x-way.org.error.log;
  1720.  
  1721. ssl_certificate /etc/letsencrypt/live/docker.x-way.org/fullchain.pem;
  1722. ssl_certificate_key /etc/letsencrypt/live/docker.x-way.org/privkey.pem;
  1723.  
  1724. location / {
  1725. return 403;
  1726. }
  1727.  
  1728. location = /v2 {
  1729. add_header Cache-Control 'max-age=300, must-revalidate';
  1730. return 307 https://registry.hub.docker.com$request_uri;
  1731. }
  1732. location = /v2/ {
  1733. add_header Cache-Control 'max-age=300, must-revalidate';
  1734. return 307 https://registry.hub.docker.com$request_uri;
  1735. }
  1736. location = /v2/xway {
  1737. add_header Cache-Control 'max-age=300, must-revalidate';
  1738. return 307 https://registry.hub.docker.com$request_uri;
  1739. }
  1740. location /v2/xway/ {
  1741. add_header Cache-Control 'max-age=300, must-revalidate';
  1742. return 307 https://registry.hub.docker.com$request_uri;
  1743. }
  1744. }
  1745. </pre>
  1746. <p>Quickly tested it with some docker pull commands and already integrated it into the <a href="https://github.com/x-way/dnsupd/pull/72" title="Use custom registry by x-way - Pull Request #72 - x-way/dnsupd">build process of dnsupd</a>.</p>
  1747. ]]></content:encoded>
  1748.  </item>
  1749.  
  1750.  <item>
  1751.    <title>STRAYA 🇦🇺</title>
  1752.    <link>https://blog.x-way.org/Music/2023/01/26/STRAYA.html</link>
  1753.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324312</guid>
  1754.    <dc:creator>Andreas Jaggi</dc:creator>
  1755.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1756.    <pubDate>Thu, 26 Jan 2023 05:43:00 +0100</pubDate>
  1757.    <category domain="https://blog.x-way.org/Music">Music</category>
  1758.    <description><![CDATA[<p>Here's a bit older mashup. Happy <a href="https://www.australiaday.com.au/" title="Australia Day 2023 - Australia Day in NSW">Australia Day</a>!</p>
  1759. <p><a href="https://youtu.be/rMdbVHPmCW0" title="National Anthem of STRAYA - YouTube">National Anthem of STRAYA</a></p>
  1760. ]]></description>
  1761.    <content:encoded><![CDATA[<p>Here's a bit older mashup. Happy <a href="https://www.australiaday.com.au/" title="Australia Day 2023 - Australia Day in NSW">Australia Day</a>!</p>
  1762. <p><a href="https://youtu.be/rMdbVHPmCW0" title="National Anthem of STRAYA - YouTube">National Anthem of STRAYA</a></p>
  1763. ]]></content:encoded>
  1764.  </item>
  1765.  
  1766.  <item>
  1767.    <title>ACME-CAA</title>
  1768.    <link>https://blog.x-way.org/Networking/2023/01/18/ACME-CAA.html</link>
  1769.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324311</guid>
  1770.    <dc:creator>Andreas Jaggi</dc:creator>
  1771.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1772.    <pubDate>Wed, 18 Jan 2023 23:06:00 +0100</pubDate>
  1773.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  1774.    <description><![CDATA[<p>Let's Encrypt recently <a href="https://community.letsencrypt.org/t/enabling-acme-caa-account-and-method-binding/189588" title="Enabling ACME CAA Account and Method Binding">introduced support</a> for <a href="https://www.rfc-editor.org/rfc/rfc8657" title="RFC8657">ACME-CAA</a>.</p>
  1775. <p>I've now extended my existing CAA DNS entries with the ACME-CAA properties:</p>
  1776. <pre>% dig +short -t CAA x-way.org
  1777. 0 issue "letsencrypt.org; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/68891730; validationmethods=http-01"
  1778. 0 issue "letsencrypt.org; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/605777876; validationmethods=http-01"</pre>
  1779. <p>The effect of this is that Let's Encrypt will only grant a signed TLS certificate if the request comes from one of my two accounts (authenticated with the corresponding private key).<br>If the certificate request comes from a different account, no TLS certificate will be granted.<br>This protects against man-in-the-middle attacks, specifically against attacks where someone between Let's Encrypt and my server would be trying to impersonate my server to obtain a signed TLS certificate.</p>
  1780. <p>Addendum:<br>In case you're wondering where to get the accounturi value from, it can be found in your account file:</p>
  1781. <pre>% cat /etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/*/regr.json
  1782. {"body": {}, "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/605777876"}</pre>
  1783. ]]></description>
  1784.    <content:encoded><![CDATA[<p>Let's Encrypt recently <a href="https://community.letsencrypt.org/t/enabling-acme-caa-account-and-method-binding/189588" title="Enabling ACME CAA Account and Method Binding">introduced support</a> for <a href="https://www.rfc-editor.org/rfc/rfc8657" title="RFC8657">ACME-CAA</a>.</p>
  1785. <p>I've now extended my existing CAA DNS entries with the ACME-CAA properties:</p>
  1786. <pre>% dig +short -t CAA x-way.org
  1787. 0 issue "letsencrypt.org; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/68891730; validationmethods=http-01"
  1788. 0 issue "letsencrypt.org; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/605777876; validationmethods=http-01"</pre>
  1789. <p>The effect of this is that Let's Encrypt will only grant a signed TLS certificate if the request comes from one of my two accounts (authenticated with the corresponding private key).<br>If the certificate request comes from a different account, no TLS certificate will be granted.<br>This protects against man-in-the-middle attacks, specifically against attacks where someone between Let's Encrypt and my server would be trying to impersonate my server to obtain a signed TLS certificate.</p>
  1790. <p>Addendum:<br>In case you're wondering where to get the accounturi value from, it can be found in your account file:</p>
  1791. <pre>% cat /etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/*/regr.json
  1792. {"body": {}, "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/605777876"}</pre>
  1793. ]]></content:encoded>
  1794.  </item>
  1795.  
  1796.  <item>
  1797.    <title>JSON Feed</title>
  1798.    <link>https://blog.x-way.org/Webdesign/2023/01/10/JSON-Feed.html</link>
  1799.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324310</guid>
  1800.    <dc:creator>Andreas Jaggi</dc:creator>
  1801.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1802.    <pubDate>Tue, 10 Jan 2023 21:51:00 +0100</pubDate>
  1803.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1804.    <description><![CDATA[<p>Added a <a href="https://en.wikipedia.org/wiki/JSON_Feed" title="JSON Feed - Wikipedia">JSON Feed</a> to this blog (in additon to the existing <a href="https://blog.x-way.org/rss.xml" title="x-log - RSS feed">RSS</a> and <a href="https://blog.x-way.org/atom.xml" title="x-log - Atom feed">Atom</a> feeds): <a href="https://blog.x-way.org/feed.json" title="x-log - JSON feed">https://blog.x-way.org/feed.json</a></p>
  1805. <p>To build the proper JSON file, I used <a href="https://github.com/vallieres/jekyll-json-feed/tree/master" title="JSON Feed for Jekyll">this Jekyll template</a> and the <a href="https://validator.jsonfeed.org/" title="JSON Feed Validator">JSON Feed validator</a>.</p>
  1806. ]]></description>
  1807.    <content:encoded><![CDATA[<p>Added a <a href="https://en.wikipedia.org/wiki/JSON_Feed" title="JSON Feed - Wikipedia">JSON Feed</a> to this blog (in additon to the existing <a href="https://blog.x-way.org/rss.xml" title="x-log - RSS feed">RSS</a> and <a href="https://blog.x-way.org/atom.xml" title="x-log - Atom feed">Atom</a> feeds): <a href="https://blog.x-way.org/feed.json" title="x-log - JSON feed">https://blog.x-way.org/feed.json</a></p>
  1808. <p>To build the proper JSON file, I used <a href="https://github.com/vallieres/jekyll-json-feed/tree/master" title="JSON Feed for Jekyll">this Jekyll template</a> and the <a href="https://validator.jsonfeed.org/" title="JSON Feed Validator">JSON Feed validator</a>.</p>
  1809. ]]></content:encoded>
  1810.  </item>
  1811.  
  1812.  <item>
  1813.    <title>Get last 24h of logs with AWK</title>
  1814.    <link>https://blog.x-way.org/Linux/2023/01/03/Get-last-24h-of-logs-with-AWK.html</link>
  1815.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324309</guid>
  1816.    <dc:creator>Andreas Jaggi</dc:creator>
  1817.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1818.    <pubDate>Tue, 03 Jan 2023 14:40:00 +0100</pubDate>
  1819.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1820.    <description><![CDATA[<p>For a temporary log analysis task, I wanted to get the last 24h of logs from a <a href="http://www.postfix.org/" title="The Postfix Home Page">Postfix</a> logfile.<br>To achieve this I came up with the following AWK oneliner (which fails in spectacular ways around new years):</p>
  1821. <code>
  1822. awk -F '[ :]+' 'BEGIN{m=split("Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec",d,"|"); for(o=1;o&lt;=m;o++){months[d[o]]=sprintf("%02d",o)}} mktime(strftime("%Y")" "months[$1]" "sprintf("%02d",$2+1)" "$3" "$4" "$5) &gt; systime()'
  1823. </code>
  1824. <p>This is then used in a cronjob to get a <a href="http://jimsun.linxnet.com/postfix_contrib.html" title="JIMSUN - Postfix Contribs">pflogsumm</a> summary of the last 24h:</p>
  1825. <code>
  1826. cat /var/log/mail.log | awk -F '[ :]+' 'BEGIN{m=split("Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec",d,"|"); for(o=1;o&lt;=m;o++){months[d[o]]=sprintf("%02d",o)}} mktime(strftime("%Y")" "months[$1]" "sprintf("%02d",$2+1)" "$3" "$4" "$5) &gt; systime()' | pflogsumm
  1827. </code>
  1828. ]]></description>
  1829.    <content:encoded><![CDATA[<p>For a temporary log analysis task, I wanted to get the last 24h of logs from a <a href="http://www.postfix.org/" title="The Postfix Home Page">Postfix</a> logfile.<br>To achieve this I came up with the following AWK oneliner (which fails in spectacular ways around new years):</p>
  1830. <code>
  1831. awk -F '[ :]+' 'BEGIN{m=split("Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec",d,"|"); for(o=1;o&lt;=m;o++){months[d[o]]=sprintf("%02d",o)}} mktime(strftime("%Y")" "months[$1]" "sprintf("%02d",$2+1)" "$3" "$4" "$5) &gt; systime()'
  1832. </code>
  1833. <p>This is then used in a cronjob to get a <a href="http://jimsun.linxnet.com/postfix_contrib.html" title="JIMSUN - Postfix Contribs">pflogsumm</a> summary of the last 24h:</p>
  1834. <code>
  1835. cat /var/log/mail.log | awk -F '[ :]+' 'BEGIN{m=split("Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec",d,"|"); for(o=1;o&lt;=m;o++){months[d[o]]=sprintf("%02d",o)}} mktime(strftime("%Y")" "months[$1]" "sprintf("%02d",$2+1)" "$3" "$4" "$5) &gt; systime()' | pflogsumm
  1836. </code>
  1837. ]]></content:encoded>
  1838.  </item>
  1839.  
  1840.  <item>
  1841.    <title>Happy New Year 2023</title>
  1842.    <link>https://blog.x-way.org/Misc/2022/12/31/Happy-New-Year-2023.html</link>
  1843.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324308</guid>
  1844.    <dc:creator>Andreas Jaggi</dc:creator>
  1845.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1846.    <pubDate>Sat, 31 Dec 2022 13:59:00 +0100</pubDate>
  1847.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1848.    <description><![CDATA[<p><a href="https://youtu.be/ZKGgsQg17cw" title="Sydney New Year's Eve midgnight fireworks - YouTube">Sydney New Year's Eve midgnight fireworks</a></p>
  1849. <p>As usual, Sydney is a bit ahead of us. Great memories, long time ago :-)</p>
  1850. ]]></description>
  1851.    <content:encoded><![CDATA[<p><a href="https://youtu.be/ZKGgsQg17cw" title="Sydney New Year's Eve midgnight fireworks - YouTube">Sydney New Year's Eve midgnight fireworks</a></p>
  1852. <p>As usual, Sydney is a bit ahead of us. Great memories, long time ago :-)</p>
  1853. ]]></content:encoded>
  1854.  </item>
  1855.  
  1856.  <item>
  1857.    <title>Alpha Bravo Charlie</title>
  1858.    <link>https://blog.x-way.org/Misc/2022/12/25/Alpha-Bravo-Charlie.html</link>
  1859.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324307</guid>
  1860.    <dc:creator>Andreas Jaggi</dc:creator>
  1861.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1862.    <pubDate>Sun, 25 Dec 2022 22:11:00 +0100</pubDate>
  1863.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  1864.    <description><![CDATA[<p>While closing an old account I had to communicate using the infamous NATO/ICAO phonetic alphabet (US banks like to exchange the 20+ character long <a href="https://en.wikipedia.org/wiki/International_Bank_Account_Number" title="International Bank Account Number - Wikipedia">IBANs</a> via poor-quality call-center phonelines).</p>
  1865. <p>As it has been a while since I last used it, I created a handy table to quickly lookup the code words: <a href="http://nato.sigint.ch" title="NATO/ICAO phonetic alphabet">nato.sigint.ch</a></p>
  1866. <p>Special feature: when queried by curl (eg. without a text/html Accept header) it returns the table as plaintext :-)</p>
  1867. <pre># curl nato.sigint.ch
  1868. A Alpha      S Sierra
  1869. B Bravo      T Tango
  1870. C Charlie    U Uniform
  1871. D Delta      V Victor
  1872. E Echo       W Whiskey
  1873. F Foxtrot    X X-ray
  1874. G Golf       Y Yankee
  1875. H Hotel      Z Zulu
  1876. I India      0 Zero
  1877. J Juliett    1 One
  1878. K Kilo       2 Two
  1879. L Lima       3 Three
  1880. M Mike       4 Four
  1881. N November   5 Five
  1882. O Oscar      6 Six
  1883. P Papa       7 Seven
  1884. Q Quebec     8 Eight
  1885. R Romeo      9 Niner</pre>
  1886. ]]></description>
  1887.    <content:encoded><![CDATA[<p>While closing an old account I had to communicate using the infamous NATO/ICAO phonetic alphabet (US banks like to exchange the 20+ character long <a href="https://en.wikipedia.org/wiki/International_Bank_Account_Number" title="International Bank Account Number - Wikipedia">IBANs</a> via poor-quality call-center phonelines).</p>
  1888. <p>As it has been a while since I last used it, I created a handy table to quickly lookup the code words: <a href="http://nato.sigint.ch" title="NATO/ICAO phonetic alphabet">nato.sigint.ch</a></p>
  1889. <p>Special feature: when queried by curl (eg. without a text/html Accept header) it returns the table as plaintext :-)</p>
  1890. <pre># curl nato.sigint.ch
  1891. A Alpha      S Sierra
  1892. B Bravo      T Tango
  1893. C Charlie    U Uniform
  1894. D Delta      V Victor
  1895. E Echo       W Whiskey
  1896. F Foxtrot    X X-ray
  1897. G Golf       Y Yankee
  1898. H Hotel      Z Zulu
  1899. I India      0 Zero
  1900. J Juliett    1 One
  1901. K Kilo       2 Two
  1902. L Lima       3 Three
  1903. M Mike       4 Four
  1904. N November   5 Five
  1905. O Oscar      6 Six
  1906. P Papa       7 Seven
  1907. Q Quebec     8 Eight
  1908. R Romeo      9 Niner</pre>
  1909. ]]></content:encoded>
  1910.  </item>
  1911.  
  1912.  <item>
  1913.    <title>How to Exit Vim</title>
  1914.    <link>https://blog.x-way.org/Linux/2022/08/07/How-to-Exit-Vim.html</link>
  1915.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324306</guid>
  1916.    <dc:creator>Andreas Jaggi</dc:creator>
  1917.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1918.    <pubDate>Sun, 07 Aug 2022 22:19:00 +0200</pubDate>
  1919.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1920.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/how-to-exit-vim.jpg" alt="How to Exit Vim" height="459" width="680"></p>
  1921. <p>(<a href="https://twitter.com/sheeshee/status/1556000047539654657" title="Su-Shee (@sheeshee) / Twitter">via</a>)</p>
  1922. ]]></description>
  1923.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/how-to-exit-vim.jpg" alt="How to Exit Vim" height="459" width="680"></p>
  1924. <p>(<a href="https://twitter.com/sheeshee/status/1556000047539654657" title="Su-Shee (@sheeshee) / Twitter">via</a>)</p>
  1925. ]]></content:encoded>
  1926.  </item>
  1927.  
  1928.  <item>
  1929.    <title>Add node to MongoDB cluster</title>
  1930.    <link>https://blog.x-way.org/Linux/2022/07/06/Add-node-to-MongoDB-cluster.html</link>
  1931.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324305</guid>
  1932.    <dc:creator>Andreas Jaggi</dc:creator>
  1933.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1934.    <pubDate>Wed, 06 Jul 2022 22:14:00 +0200</pubDate>
  1935.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  1936.    <description><![CDATA[<p>To add a new node to an existing <a href="https://www.mongodb.com/" title="MongoDB">MongoDB</a> cluster, login to the mongo shell on the primary node and run the following command:</p>
  1937. <pre>rs.add({host:"mongodb3.example.net:27017"})</pre>
  1938. <p>Similar to remove a node from the cluster, use:</p>
  1939. <pre>rs.remove("mongodb3.example.net:27017")</pre>
  1940. ]]></description>
  1941.    <content:encoded><![CDATA[<p>To add a new node to an existing <a href="https://www.mongodb.com/" title="MongoDB">MongoDB</a> cluster, login to the mongo shell on the primary node and run the following command:</p>
  1942. <pre>rs.add({host:"mongodb3.example.net:27017"})</pre>
  1943. <p>Similar to remove a node from the cluster, use:</p>
  1944. <pre>rs.remove("mongodb3.example.net:27017")</pre>
  1945. ]]></content:encoded>
  1946.  </item>
  1947.  
  1948.  <item>
  1949.    <title>Custom nginx error pages</title>
  1950.    <link>https://blog.x-way.org/Webdesign/2022/06/19/Custom-nginx-error-pages.html</link>
  1951.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324304</guid>
  1952.    <dc:creator>Andreas Jaggi</dc:creator>
  1953.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  1954.    <pubDate>Sun, 19 Jun 2022 09:48:00 +0200</pubDate>
  1955.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  1956.    <description><![CDATA[<p>For quite some time I've been using custom nginx error pages on this site.<br>
  1957. My approach so far was to generate a bunch of static HTML with the various error messages and then configure them for each corresponding HTTP status codes in nginx.<br>As there are quite a number of HTTP errors, I used a little shell script to generate the whole config and HTML, in the end I had a huge file with snippets like the one below.</p>
  1958. <pre>
  1959. error_page 429 @custom_error_429;
  1960. location @custom_error_429 {
  1961. internal;
  1962. more_set_headers 'Content-Type: text/html';
  1963. echo '&lt;html&gt;...&lt;/html&gt;';
  1964. }
  1965. </pre>
  1966.  
  1967. <p>Now while implementing custom error pages for a different project, I tried to see if there is an easier way to do this.<br>
  1968. Some searching lead to the <a href="https://blog.adriaan.io/one-nginx-error-page-to-rule-them-all.html" title="One NGINX error page to rule them all - Adriaan's blog">One NGINX error page to rule them all</a> article which describes an alternative approach leveraging the nginx <abbr title="Server Side Includes">SSI</abbr> module to generate the error pages on the fly.</p>
  1969. <p>
  1970. Instead of generating and defining a specific error page for each error, a single error page is used for all errors.
  1971. </p>
  1972. <pre>
  1973. error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414
  1974.           415 416 417 418 421 422 423 424 425 426 428 429 431 451 500
  1975.           501 502 503 504 505 506 507 508 510 511 /error.html;
  1976.  
  1977. location = /error.html {
  1978. ssi on;
  1979. internal;
  1980. root /var/www/default;
  1981. }
  1982. </pre>
  1983. <p>nginx provides the status code as variable to our error page, but we also need the error message to make it more userfriendly.<br>
  1984. For this we define a mapping of status codes to the error messages.</p>
  1985. <pre>
  1986. map $status $status_text {
  1987.  400 'Bad Request';
  1988.  401 'Unauthorized';
  1989.  402 'Payment Required';
  1990.  403 'Forbidden';
  1991.  404 'Not Found';
  1992.  405 'Method Not Allowed';
  1993.  406 'Not Acceptable';
  1994.  407 'Proxy Authentication Required';
  1995.  408 'Request Timeout';
  1996.  409 'Conflict';
  1997.  410 'Gone';
  1998.  411 'Length Required';
  1999.  412 'Precondition Failed';
  2000.  413 'Payload Too Large';
  2001.  414 'URI Too Long';
  2002.  415 'Unsupported Media Type';
  2003.  416 'Range Not Satisfiable';
  2004.  417 'Expectation Failed';
  2005.  418 'I\'m a teapot';
  2006.  421 'Misdirected Request';
  2007.  422 'Unprocessable Entity';
  2008.  423 'Locked';
  2009.  424 'Failed Dependency';
  2010.  425 'Too Early';
  2011.  426 'Upgrade Required';
  2012.  428 'Precondition Required';
  2013.  429 'Too Many Requests';
  2014.  431 'Request Header Fields Too Large';
  2015.  451 'Unavailable For Legal Reasons';
  2016.  500 'Internal Server Error';
  2017.  501 'Not Implemented';
  2018.  502 'Bad Gateway';
  2019.  503 'Service Unavailable';
  2020.  504 'Gateway Timeout';
  2021.  505 'HTTP Version Not Supported';
  2022.  506 'Variant Also Negotiates';
  2023.  507 'Insufficient Storage';
  2024.  508 'Loop Detected';
  2025.  510 'Not Extended';
  2026.  511 'Network Authentication Required';
  2027.  default 'Something went wrong';
  2028. }
  2029. </pre>
  2030.  
  2031. <p>Now we have the <var>status</var> and the <var>status_text</var> variables available in our error.html page.</p>
  2032. <pre>
  2033. &lt;html&gt;&lt;body&gt;
  2034. &lt;h1&gt;&lt;!--# echo var="status" default="" --&gt;
  2035. &lt;!--# echo var="status_text" default="Something went wrong" --&gt;&lt;/h1&gt;
  2036. &lt;/body&gt;&lt;/html&gt;
  2037. </pre>
  2038. ]]></description>
  2039.    <content:encoded><![CDATA[<p>For quite some time I've been using custom nginx error pages on this site.<br>
  2040. My approach so far was to generate a bunch of static HTML with the various error messages and then configure them for each corresponding HTTP status codes in nginx.<br>As there are quite a number of HTTP errors, I used a little shell script to generate the whole config and HTML, in the end I had a huge file with snippets like the one below.</p>
  2041. <pre>
  2042. error_page 429 @custom_error_429;
  2043. location @custom_error_429 {
  2044. internal;
  2045. more_set_headers 'Content-Type: text/html';
  2046. echo '&lt;html&gt;...&lt;/html&gt;';
  2047. }
  2048. </pre>
  2049.  
  2050. <p>Now while implementing custom error pages for a different project, I tried to see if there is an easier way to do this.<br>
  2051. Some searching lead to the <a href="https://blog.adriaan.io/one-nginx-error-page-to-rule-them-all.html" title="One NGINX error page to rule them all - Adriaan's blog">One NGINX error page to rule them all</a> article which describes an alternative approach leveraging the nginx <abbr title="Server Side Includes">SSI</abbr> module to generate the error pages on the fly.</p>
  2052. <p>
  2053. Instead of generating and defining a specific error page for each error, a single error page is used for all errors.
  2054. </p>
  2055. <pre>
  2056. error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414
  2057.           415 416 417 418 421 422 423 424 425 426 428 429 431 451 500
  2058.           501 502 503 504 505 506 507 508 510 511 /error.html;
  2059.  
  2060. location = /error.html {
  2061. ssi on;
  2062. internal;
  2063. root /var/www/default;
  2064. }
  2065. </pre>
  2066. <p>nginx provides the status code as variable to our error page, but we also need the error message to make it more userfriendly.<br>
  2067. For this we define a mapping of status codes to the error messages.</p>
  2068. <pre>
  2069. map $status $status_text {
  2070.  400 'Bad Request';
  2071.  401 'Unauthorized';
  2072.  402 'Payment Required';
  2073.  403 'Forbidden';
  2074.  404 'Not Found';
  2075.  405 'Method Not Allowed';
  2076.  406 'Not Acceptable';
  2077.  407 'Proxy Authentication Required';
  2078.  408 'Request Timeout';
  2079.  409 'Conflict';
  2080.  410 'Gone';
  2081.  411 'Length Required';
  2082.  412 'Precondition Failed';
  2083.  413 'Payload Too Large';
  2084.  414 'URI Too Long';
  2085.  415 'Unsupported Media Type';
  2086.  416 'Range Not Satisfiable';
  2087.  417 'Expectation Failed';
  2088.  418 'I\'m a teapot';
  2089.  421 'Misdirected Request';
  2090.  422 'Unprocessable Entity';
  2091.  423 'Locked';
  2092.  424 'Failed Dependency';
  2093.  425 'Too Early';
  2094.  426 'Upgrade Required';
  2095.  428 'Precondition Required';
  2096.  429 'Too Many Requests';
  2097.  431 'Request Header Fields Too Large';
  2098.  451 'Unavailable For Legal Reasons';
  2099.  500 'Internal Server Error';
  2100.  501 'Not Implemented';
  2101.  502 'Bad Gateway';
  2102.  503 'Service Unavailable';
  2103.  504 'Gateway Timeout';
  2104.  505 'HTTP Version Not Supported';
  2105.  506 'Variant Also Negotiates';
  2106.  507 'Insufficient Storage';
  2107.  508 'Loop Detected';
  2108.  510 'Not Extended';
  2109.  511 'Network Authentication Required';
  2110.  default 'Something went wrong';
  2111. }
  2112. </pre>
  2113.  
  2114. <p>Now we have the <var>status</var> and the <var>status_text</var> variables available in our error.html page.</p>
  2115. <pre>
  2116. &lt;html&gt;&lt;body&gt;
  2117. &lt;h1&gt;&lt;!--# echo var="status" default="" --&gt;
  2118. &lt;!--# echo var="status_text" default="Something went wrong" --&gt;&lt;/h1&gt;
  2119. &lt;/body&gt;&lt;/html&gt;
  2120. </pre>
  2121. ]]></content:encoded>
  2122.  </item>
  2123.  
  2124.  <item>
  2125.    <title>nitter</title>
  2126.    <link>https://blog.x-way.org/Misc/2022/06/15/nitter.html</link>
  2127.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324303</guid>
  2128.    <dc:creator>Andreas Jaggi</dc:creator>
  2129.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2130.    <pubDate>Wed, 15 Jun 2022 21:08:00 +0200</pubDate>
  2131.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  2132.    <description><![CDATA[<p><a href="https://en.wikipedia.org/wiki/Nitter" title="nitter">nitter</a> provides a free and open source alternative front-end to Twitter. It talks with the API and does not show any JavaScript or ads (thus no 'forced-login' overlay after reading 5 tweets or similar nastiness).<br>
  2133. The source code for it is available on <a href="https://github.com/zedeus/nitter" title="">GitHub</a>.</p>
  2134. <p>It does a direct mapping of the profile URLs, thus <code>https://twitter.com/sheeshee</code> becomes <code>https://<b>nitter.net</b>/sheeshee</code></p>
  2135. ]]></description>
  2136.    <content:encoded><![CDATA[<p><a href="https://en.wikipedia.org/wiki/Nitter" title="nitter">nitter</a> provides a free and open source alternative front-end to Twitter. It talks with the API and does not show any JavaScript or ads (thus no 'forced-login' overlay after reading 5 tweets or similar nastiness).<br>
  2137. The source code for it is available on <a href="https://github.com/zedeus/nitter" title="">GitHub</a>.</p>
  2138. <p>It does a direct mapping of the profile URLs, thus <code>https://twitter.com/sheeshee</code> becomes <code>https://<b>nitter.net</b>/sheeshee</code></p>
  2139. ]]></content:encoded>
  2140.  </item>
  2141.  
  2142.  <item>
  2143.    <title>Blogging like 2002</title>
  2144.    <link>https://blog.x-way.org/Webdesign/2022/06/04/Blogging-like-2002.html</link>
  2145.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324302</guid>
  2146.    <dc:creator>Andreas Jaggi</dc:creator>
  2147.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2148.    <pubDate>Sat, 04 Jun 2022 11:32:00 +0200</pubDate>
  2149.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  2150.    <description><![CDATA[<p>On the occasion of the <a href="https://blog.x-way.org/Misc/2022/06/02/Happy-20th-Birthday-x-log.html" title="Happy 20th Birthday x-log">20th anniversary of this blog</a>, I've used <a href="https://archive.org/" title="Internet Archive">archive.org</a> to reconstruct the original HTML layout from back in the time and applied it to the Jekyll templates.</p>
  2151. <p>Enjoy the blog in all the (&lt;table&gt; based) glory from 2002 :-)</p>
  2152. ]]></description>
  2153.    <content:encoded><![CDATA[<p>On the occasion of the <a href="https://blog.x-way.org/Misc/2022/06/02/Happy-20th-Birthday-x-log.html" title="Happy 20th Birthday x-log">20th anniversary of this blog</a>, I've used <a href="https://archive.org/" title="Internet Archive">archive.org</a> to reconstruct the original HTML layout from back in the time and applied it to the Jekyll templates.</p>
  2154. <p>Enjoy the blog in all the (&lt;table&gt; based) glory from 2002 :-)</p>
  2155. ]]></content:encoded>
  2156.  </item>
  2157.  
  2158.  <item>
  2159.    <title>Happy 20th Birthday x-log</title>
  2160.    <link>https://blog.x-way.org/Misc/2022/06/02/Happy-20th-Birthday-x-log.html</link>
  2161.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324301</guid>
  2162.    <dc:creator>Andreas Jaggi</dc:creator>
  2163.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2164.    <pubDate>Thu, 02 Jun 2022 22:54:00 +0200</pubDate>
  2165.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  2166.    <description><![CDATA[<p>On June 2nd 2002 I published the first (test) entry in this weblog. The first entry has disappeared since (thus making <a href="https://blog.x-way.org/Webdesign/2002/06/03/Flash-Sites.html" title="Flash-Sites">the second entry</a> the first one in the <a href="https://blog.x-way.org/archive/archive-2002-06.html" title="x-log - Archive - 2002-06" >archive of June 2002</a>).</p>
  2167. <p><img src="https://blog.x-way.org/images/first_entry.png" alt="Screenshot of the first (test) entry" height="59" width="290"></p>
  2168. <p>Compared to <a href="https://web.archive.org/web/20020808101503/http://waterwave.ch/weblog/about.php" title="archive.org x-log about page from 2002">20 years ago</a>, the about page no longer needs to explain what a weblog is.<br>
  2169. Interesting though that the linked <a href="https://web.archive.org/web/20011204164555/http://www.jonet.org/data/beitraege.983619029.22602.html" title="archive.org: Peter Praschl: Was ist eigentlich ein Weblog?">definition of a weblog</a> from back then already did foresee the rise and fall in popularity of weblogs which happend during the last two decades.<br>To me it seems in the last 1-2 years there has been an increase again in activity around personal weblogs; curious to see if this revival trend continues.
  2170. </p>
  2171. <p>Also the weblog here has changed quite a bit. Initially its content was more on the pure web-logging side (commenting on interesting links I encountered during my daily Internet surfing) mixed with some kind of a journal/commentary of my day-to-day life. Later on it moved more towards a 'knowledge dump' on technical topics mixed with some music discoveries and random personal post from festivals and travels. And lately it has been rather sparse again with posts, still mostly on technical topics around coding, networking, security mixed with some personal posts commenting on the current world situation.<br>The frequency of posts also followed the changes in content where early on there sometimes were multiple posts per day, nowadays there can be multiple months without any post and there were even entire years where nothing new was posted; let's see how this goes in the future :-)</p>
  2172. <p>From the list of linked Blogs in 2002, only deep-resonance aka <a href="https://kniebes.com/" title="Markus Kniebes">mk</a> is still active, special shout-out to <a href="https://kniebes.com/now">Markus</a> for the continuous persistence.<br>To the next twenty years :-)</p>
  2173. ]]></description>
  2174.    <content:encoded><![CDATA[<p>On June 2nd 2002 I published the first (test) entry in this weblog. The first entry has disappeared since (thus making <a href="https://blog.x-way.org/Webdesign/2002/06/03/Flash-Sites.html" title="Flash-Sites">the second entry</a> the first one in the <a href="https://blog.x-way.org/archive/archive-2002-06.html" title="x-log - Archive - 2002-06" >archive of June 2002</a>).</p>
  2175. <p><img src="https://blog.x-way.org/images/first_entry.png" alt="Screenshot of the first (test) entry" height="59" width="290"></p>
  2176. <p>Compared to <a href="https://web.archive.org/web/20020808101503/http://waterwave.ch/weblog/about.php" title="archive.org x-log about page from 2002">20 years ago</a>, the about page no longer needs to explain what a weblog is.<br>
  2177. Interesting though that the linked <a href="https://web.archive.org/web/20011204164555/http://www.jonet.org/data/beitraege.983619029.22602.html" title="archive.org: Peter Praschl: Was ist eigentlich ein Weblog?">definition of a weblog</a> from back then already did foresee the rise and fall in popularity of weblogs which happend during the last two decades.<br>To me it seems in the last 1-2 years there has been an increase again in activity around personal weblogs; curious to see if this revival trend continues.
  2178. </p>
  2179. <p>Also the weblog here has changed quite a bit. Initially its content was more on the pure web-logging side (commenting on interesting links I encountered during my daily Internet surfing) mixed with some kind of a journal/commentary of my day-to-day life. Later on it moved more towards a 'knowledge dump' on technical topics mixed with some music discoveries and random personal post from festivals and travels. And lately it has been rather sparse again with posts, still mostly on technical topics around coding, networking, security mixed with some personal posts commenting on the current world situation.<br>The frequency of posts also followed the changes in content where early on there sometimes were multiple posts per day, nowadays there can be multiple months without any post and there were even entire years where nothing new was posted; let's see how this goes in the future :-)</p>
  2180. <p>From the list of linked Blogs in 2002, only deep-resonance aka <a href="https://kniebes.com/" title="Markus Kniebes">mk</a> is still active, special shout-out to <a href="https://kniebes.com/now">Markus</a> for the continuous persistence.<br>To the next twenty years :-)</p>
  2181. ]]></content:encoded>
  2182.  </item>
  2183.  
  2184.  <item>
  2185.    <title>mt-set-time</title>
  2186.    <link>https://blog.x-way.org/Networking/2022/03/26/mt-set-time.html</link>
  2187.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324300</guid>
  2188.    <dc:creator>Andreas Jaggi</dc:creator>
  2189.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2190.    <pubDate>Sat, 26 Mar 2022 16:15:00 +0100</pubDate>
  2191.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2192.    <description><![CDATA[<p>A while ago I wrote a little tool to set the time on <a href="https://mikrotik.com/" title="MikroTik Routers and Wireless">MikroTik</a> devices.
  2193. It takes the current time from the local machine and does set it on the device through the API (while respecting the timezone configured on it).<br>
  2194. I mostly use it to set the proper time when the device time was completely off (when setting up a new device or when it has been powered off for a long time).
  2195. Afterwards NTP should take care of keeping the time in sync.</p>
  2196. <p>The tool is now available on GitHub together with installation and usage instructions: <a href="https://github.com/x-way/mt-set-time" title="x-way/mt-set-time: Set time on MikroTik routers">mt-set-time</a></p>
  2197. ]]></description>
  2198.    <content:encoded><![CDATA[<p>A while ago I wrote a little tool to set the time on <a href="https://mikrotik.com/" title="MikroTik Routers and Wireless">MikroTik</a> devices.
  2199. It takes the current time from the local machine and does set it on the device through the API (while respecting the timezone configured on it).<br>
  2200. I mostly use it to set the proper time when the device time was completely off (when setting up a new device or when it has been powered off for a long time).
  2201. Afterwards NTP should take care of keeping the time in sync.</p>
  2202. <p>The tool is now available on GitHub together with installation and usage instructions: <a href="https://github.com/x-way/mt-set-time" title="x-way/mt-set-time: Set time on MikroTik routers">mt-set-time</a></p>
  2203. ]]></content:encoded>
  2204.  </item>
  2205.  
  2206.  <item>
  2207.    <title>Fight Putin - Ride a Bike</title>
  2208.    <link>https://blog.x-way.org/Misc/2022/03/15/Fight-Putin-Ride-a-Bike.html</link>
  2209.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324299</guid>
  2210.    <dc:creator>Andreas Jaggi</dc:creator>
  2211.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2212.    <pubDate>Tue, 15 Mar 2022 12:55:00 +0100</pubDate>
  2213.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  2214.    <description><![CDATA[<p><a href="https://blog.x-way.org/images/fight-putin-ride-a-bike.jpeg" title="Fight Putin - Ride a Bike"><img src="https://blog.x-way.org/images/fight-putin-ride-a-bike_small.jpeg" alt="Fight Putin - Ride a Bike" height="515" width="300"></a></p>
  2215. ]]></description>
  2216.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/images/fight-putin-ride-a-bike.jpeg" title="Fight Putin - Ride a Bike"><img src="https://blog.x-way.org/images/fight-putin-ride-a-bike_small.jpeg" alt="Fight Putin - Ride a Bike" height="515" width="300"></a></p>
  2217. ]]></content:encoded>
  2218.  </item>
  2219.  
  2220.  <item>
  2221.    <title>Dr Putin isch</title>
  2222.    <link>https://blog.x-way.org/Music/2022/02/27/Dr-Putin-isch.html</link>
  2223.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324298</guid>
  2224.    <dc:creator>Andreas Jaggi</dc:creator>
  2225.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2226.    <pubDate>Sun, 27 Feb 2022 11:53:00 +0100</pubDate>
  2227.    <category domain="https://blog.x-way.org/Music">Music</category>
  2228.    <description><![CDATA[<p><a href="https://youtu.be/R-oqHUlptq8" title="Dr Putin isch e Hueresohn - YouTube">Dr Putin isch e Hueresohn</a></p>
  2229. <p>(<a href="https://www.reddit.com/r/BUENZLI/comments/t08crk/mis_neue_lieblingslied/" title="/r/BUENZLI on reddit.com">via</a>)</p>
  2230. ]]></description>
  2231.    <content:encoded><![CDATA[<p><a href="https://youtu.be/R-oqHUlptq8" title="Dr Putin isch e Hueresohn - YouTube">Dr Putin isch e Hueresohn</a></p>
  2232. <p>(<a href="https://www.reddit.com/r/BUENZLI/comments/t08crk/mis_neue_lieblingslied/" title="/r/BUENZLI on reddit.com">via</a>)</p>
  2233. ]]></content:encoded>
  2234.  </item>
  2235.  
  2236.  <item>
  2237.    <title>Non à la guerre! Nein zum Krieg!</title>
  2238.    <link>https://blog.x-way.org/Misc/2022/02/26/Non-a-la-guerre-Nein-zum-Krieg.html</link>
  2239.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324297</guid>
  2240.    <dc:creator>Andreas Jaggi</dc:creator>
  2241.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2242.    <pubDate>Sat, 26 Feb 2022 21:22:00 +0100</pubDate>
  2243.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  2244.    <description><![CDATA[<p>Today I went to Bern to the <a href="https://www.swissinfo.ch/eng/ukraine--up-to-20-000-people-march-in-bern-for-peace/47383836" title="Ukraine: up to 20'000 people march in Bern for peace">rally for peace</a>.<br>
  2245. My motivation was to show support for the people suffering in this war and to send a signal to our swiss government that the population wants clear participation in sanctions (while remaining neutral, the two in my view are not exclusive!).</p>
  2246. <p>Swiss media reported that this was the largest rally for peace in Switzerland since the <a href="https://blog.x-way.org/Misc/2003/03/22/Tous_ensemble_tous_ensemble_non_a_la_guerre.html" title="x-log - Tous ensemble, tous ensemble, non à la guerre!">rallies against the war in Iraq in 2003</a>. That I can link to my own blog entry regarding the rally for peace from 19 years ago, makes me sad.<br>
  2247. Clearly we as human species did not progress enough on this topic :-(</p>
  2248. <p>Besides showing up to the rally, I also did donate to the <a href="https://www.icrc.org/" title="International Committee of the Red Cross">ICRC</a> to provide humanitarian aid and I do encourage you to do the same.</p>
  2249. ]]></description>
  2250.    <content:encoded><![CDATA[<p>Today I went to Bern to the <a href="https://www.swissinfo.ch/eng/ukraine--up-to-20-000-people-march-in-bern-for-peace/47383836" title="Ukraine: up to 20'000 people march in Bern for peace">rally for peace</a>.<br>
  2251. My motivation was to show support for the people suffering in this war and to send a signal to our swiss government that the population wants clear participation in sanctions (while remaining neutral, the two in my view are not exclusive!).</p>
  2252. <p>Swiss media reported that this was the largest rally for peace in Switzerland since the <a href="https://blog.x-way.org/Misc/2003/03/22/Tous_ensemble_tous_ensemble_non_a_la_guerre.html" title="x-log - Tous ensemble, tous ensemble, non à la guerre!">rallies against the war in Iraq in 2003</a>. That I can link to my own blog entry regarding the rally for peace from 19 years ago, makes me sad.<br>
  2253. Clearly we as human species did not progress enough on this topic :-(</p>
  2254. <p>Besides showing up to the rally, I also did donate to the <a href="https://www.icrc.org/" title="International Committee of the Red Cross">ICRC</a> to provide humanitarian aid and I do encourage you to do the same.</p>
  2255. ]]></content:encoded>
  2256.  </item>
  2257.  
  2258.  <item>
  2259.    <title>EFF Member Badge 2022</title>
  2260.    <link>https://blog.x-way.org/Badges/2022/02/20/EFF-Member-Badge-2022.html</link>
  2261.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324296</guid>
  2262.    <dc:creator>Andreas Jaggi</dc:creator>
  2263.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2264.    <pubDate>Sun, 20 Feb 2022 09:22:00 +0100</pubDate>
  2265.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  2266.    <description><![CDATA[<p><a href="https://www.eff.org/" title="Electronic Frontier Foundation | Defending your rights in the digital world"><img src="https://blog.x-way.org/images/member-badge-2022b.jpg" alt="EFF Member Badge 2022" height="300" width="300"></a></p>
  2267. ]]></description>
  2268.    <content:encoded><![CDATA[<p><a href="https://www.eff.org/" title="Electronic Frontier Foundation | Defending your rights in the digital world"><img src="https://blog.x-way.org/images/member-badge-2022b.jpg" alt="EFF Member Badge 2022" height="300" width="300"></a></p>
  2269. ]]></content:encoded>
  2270.  </item>
  2271.  
  2272.  <item>
  2273.    <title>vtysock</title>
  2274.    <link>https://blog.x-way.org/Networking/2022/01/29/vtysock.html</link>
  2275.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324295</guid>
  2276.    <dc:creator>Andreas Jaggi</dc:creator>
  2277.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2278.    <pubDate>Sat, 29 Jan 2022 21:38:00 +0100</pubDate>
  2279.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2280.    <description><![CDATA[<p>After switching my Debian hosts from <a href="https://en.wikipedia.org/wiki/Quagga_(software)" title="Quagga Software Routing Suite">Quagga</a> to <a href="https://frrouting.org/" title="FRRouting">FRRouting</a>, I noticed that running vtysh has become quite a bit slower especially when making multiple calls to it from my status/monitoring scripts.
  2281. <br>This has also been observed by other users of FRRouting (there's an open issue in their bugtracker: <a href="https://github.com/FRRouting/frr/issues/7799" title="vtysh is significantly slower in FRR than Quagga">#7799</a>).</p>
  2282. <p>The Prometheus <a href="https://github.com/tynany/frr_exporter" title="Prometheus exporter for Free Range Routing">frr_exporter</a> works around this by directly sending commands to the UNIX sockets of the FRR daemons (<a href="https://github.com/tynany/frr_exporter/pull/50" title="frr_exporter - refactor: send cmds to unix socket">PR</a>).</p>
  2283. <p>To use the same approach in my monitoring scripts, I wrote a small utility which acts as a drop-in replacement for vtysh and sends the commands directly to the UNIX sockets of the FRR daemons: <a href="https://github.com/x-way/vtysock" title="x-way/vtysock - a quick vtysh replacement">vtysock</a>
  2284. <br>By skipping the parsing and validation checks done in vtysh, vtysock can achieve a significant speed improvement when executing commands.</p>
  2285. ]]></description>
  2286.    <content:encoded><![CDATA[<p>After switching my Debian hosts from <a href="https://en.wikipedia.org/wiki/Quagga_(software)" title="Quagga Software Routing Suite">Quagga</a> to <a href="https://frrouting.org/" title="FRRouting">FRRouting</a>, I noticed that running vtysh has become quite a bit slower especially when making multiple calls to it from my status/monitoring scripts.
  2287. <br>This has also been observed by other users of FRRouting (there's an open issue in their bugtracker: <a href="https://github.com/FRRouting/frr/issues/7799" title="vtysh is significantly slower in FRR than Quagga">#7799</a>).</p>
  2288. <p>The Prometheus <a href="https://github.com/tynany/frr_exporter" title="Prometheus exporter for Free Range Routing">frr_exporter</a> works around this by directly sending commands to the UNIX sockets of the FRR daemons (<a href="https://github.com/tynany/frr_exporter/pull/50" title="frr_exporter - refactor: send cmds to unix socket">PR</a>).</p>
  2289. <p>To use the same approach in my monitoring scripts, I wrote a small utility which acts as a drop-in replacement for vtysh and sends the commands directly to the UNIX sockets of the FRR daemons: <a href="https://github.com/x-way/vtysock" title="x-way/vtysock - a quick vtysh replacement">vtysock</a>
  2290. <br>By skipping the parsing and validation checks done in vtysh, vtysock can achieve a significant speed improvement when executing commands.</p>
  2291. ]]></content:encoded>
  2292.  </item>
  2293.  
  2294.  <item>
  2295.    <title>Force SSH to use IPv6</title>
  2296.    <link>https://blog.x-way.org/Networking/2022/01/23/Force-SSH-to-use-IPv6.html</link>
  2297.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324294</guid>
  2298.    <dc:creator>Andreas Jaggi</dc:creator>
  2299.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2300.    <pubDate>Sun, 23 Jan 2022 10:53:00 +0100</pubDate>
  2301.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2302.    <description><![CDATA[<p>In situations where IPv6 connectivity performs better than IPv4, you might want to force SSH to use IPv6. In interactive mode this can be achieved with the <code>-6</code> commandline parameter.<br>But in situations where you can't modify the commandline parameters a different approach is needed (for example in rsync backup scripts which use SSH as underlying transport layer).</p>
  2303. <p>We can use the <a href="https://man.openbsd.org/ssh_config.5" title="ssh_config(5) - OpenBSD manual pages">ssh_config</a> file to encforce that IPv6 is used for a specific host:</p>
  2304. <pre>
  2305. Host myipv6host
  2306. AddressFamily inet6
  2307. </pre>
  2308. <p>This instructs all SSH commands to use IPv6 when connecting to myipv6host.</p>
  2309. <p>The same approach also works to force usage of <a href="https://blog.x-way.org/Networking/2013/07/05/Mandatory-requirement-for-all-non-IPv6-capable-products.html">Legacy IP</a> by specyfing <code>inet</code> as address family.</p>
  2310. ]]></description>
  2311.    <content:encoded><![CDATA[<p>In situations where IPv6 connectivity performs better than IPv4, you might want to force SSH to use IPv6. In interactive mode this can be achieved with the <code>-6</code> commandline parameter.<br>But in situations where you can't modify the commandline parameters a different approach is needed (for example in rsync backup scripts which use SSH as underlying transport layer).</p>
  2312. <p>We can use the <a href="https://man.openbsd.org/ssh_config.5" title="ssh_config(5) - OpenBSD manual pages">ssh_config</a> file to encforce that IPv6 is used for a specific host:</p>
  2313. <pre>
  2314. Host myipv6host
  2315. AddressFamily inet6
  2316. </pre>
  2317. <p>This instructs all SSH commands to use IPv6 when connecting to myipv6host.</p>
  2318. <p>The same approach also works to force usage of <a href="https://blog.x-way.org/Networking/2013/07/05/Mandatory-requirement-for-all-non-IPv6-capable-products.html">Legacy IP</a> by specyfing <code>inet</code> as address family.</p>
  2319. ]]></content:encoded>
  2320.  </item>
  2321.  
  2322.  <item>
  2323.    <title>Google Analytics removed</title>
  2324.    <link>https://blog.x-way.org/Webdesign/2022/01/19/Google-Analytics-removed.html</link>
  2325.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324293</guid>
  2326.    <dc:creator>Andreas Jaggi</dc:creator>
  2327.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2328.    <pubDate>Wed, 19 Jan 2022 22:45:00 +0100</pubDate>
  2329.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  2330.    <description><![CDATA[<p>After running it for a bit more than a decade, I've now removed again the Google Analytics tracking from this site. It does not feel appropriate anymore on a personal website.<br>At the moment no alternative statistics solution is in place yet, but I could imagine setting up a self-hosted solution like <a href="https://matomo.org/" title="Matomo Analytics - The Google Analytics alternative that protects your data">Matomo</a> or <a href="https://plausible.io/" title="Plausible Analytics | Simple, privacy-friendly Google Analytics alternative">Plausible</a> in the future.</p>
  2331. ]]></description>
  2332.    <content:encoded><![CDATA[<p>After running it for a bit more than a decade, I've now removed again the Google Analytics tracking from this site. It does not feel appropriate anymore on a personal website.<br>At the moment no alternative statistics solution is in place yet, but I could imagine setting up a self-hosted solution like <a href="https://matomo.org/" title="Matomo Analytics - The Google Analytics alternative that protects your data">Matomo</a> or <a href="https://plausible.io/" title="Plausible Analytics | Simple, privacy-friendly Google Analytics alternative">Plausible</a> in the future.</p>
  2333. ]]></content:encoded>
  2334.  </item>
  2335.  
  2336.  <item>
  2337.    <title>Google Analytics declared illegal in the EU</title>
  2338.    <link>https://blog.x-way.org/Webdesign/2022/01/19/Google-Analytics-declared-illegal-in-the-EU.html</link>
  2339.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324292</guid>
  2340.    <dc:creator>Andreas Jaggi</dc:creator>
  2341.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2342.    <pubDate>Wed, 19 Jan 2022 20:45:00 +0100</pubDate>
  2343.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  2344.    <description><![CDATA[<p><a href="https://tuta.com/blog/posts/is-google-analytics-illegal/" title="Google Analytics declared illegal in the EU">Google Analytics declared illegal in the EU</a>.</p>
  2345. ]]></description>
  2346.    <content:encoded><![CDATA[<p><a href="https://tuta.com/blog/posts/is-google-analytics-illegal/" title="Google Analytics declared illegal in the EU">Google Analytics declared illegal in the EU</a>.</p>
  2347. ]]></content:encoded>
  2348.  </item>
  2349.  
  2350.  <item>
  2351.    <title>Wordle</title>
  2352.    <link>https://blog.x-way.org/Misc/2022/01/05/Wordle.html</link>
  2353.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324291</guid>
  2354.    <dc:creator>Andreas Jaggi</dc:creator>
  2355.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2356.    <pubDate>Wed, 05 Jan 2022 07:09:00 +0100</pubDate>
  2357.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  2358.    <description><![CDATA[<p><a href="https://www.nytimes.com/games/wordle/index.html" title="Wordle - A daily word game">Wordle</a> seems to be the trending topic these days.<br>It's a word game similar to the french <a href="https://fr.wikipedia.org/wiki/Motus_(jeu_t%C3%A9l%C3%A9vis%C3%A9)" title="Motus - Wikipedia">Motus</a> game show (resp. the american <a href="https://en.wikipedia.org/wiki/Lingo_(American_game_show)" title="Lingo - Wikipedia">Lingo</a> game show).</p>
  2359. <p>Wordle 200 4/6<br>
  2360. <br>
  2361. ⬜⬜⬜🟩⬜<br>
  2362. ⬜⬜🟨🟩⬜<br>
  2363. ⬜⬜⬜🟩🟩<br>
  2364. 🟩🟩🟩🟩🟩<br>
  2365. </p>
  2366. ]]></description>
  2367.    <content:encoded><![CDATA[<p><a href="https://www.nytimes.com/games/wordle/index.html" title="Wordle - A daily word game">Wordle</a> seems to be the trending topic these days.<br>It's a word game similar to the french <a href="https://fr.wikipedia.org/wiki/Motus_(jeu_t%C3%A9l%C3%A9vis%C3%A9)" title="Motus - Wikipedia">Motus</a> game show (resp. the american <a href="https://en.wikipedia.org/wiki/Lingo_(American_game_show)" title="Lingo - Wikipedia">Lingo</a> game show).</p>
  2368. <p>Wordle 200 4/6<br>
  2369. <br>
  2370. ⬜⬜⬜🟩⬜<br>
  2371. ⬜⬜🟨🟩⬜<br>
  2372. ⬜⬜⬜🟩🟩<br>
  2373. 🟩🟩🟩🟩🟩<br>
  2374. </p>
  2375. ]]></content:encoded>
  2376.  </item>
  2377.  
  2378.  <item>
  2379.    <title>Y2K22</title>
  2380.    <link>https://blog.x-way.org/Coding/2022/01/01/Y2K22.html</link>
  2381.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324290</guid>
  2382.    <dc:creator>Andreas Jaggi</dc:creator>
  2383.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2384.    <pubDate>Sat, 01 Jan 2022 21:48:00 +0100</pubDate>
  2385.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  2386.    <description><![CDATA[<p>Turns out that signed 32-bit numbers can be exhausted long before <a href="https://en.wikipedia.org/wiki/Year_2038_problem" title="Year 2038 problem">Y2038</a>, when you use them to store time in YYMMDDHHMM format. (<a href="https://rachelbythebay.com/w/2022/01/01/baddate/" title="rachelbythebay - YYMMDDHHMM just overflowed a signed 32 bit int">via</a>)</p>
  2387. ]]></description>
  2388.    <content:encoded><![CDATA[<p>Turns out that signed 32-bit numbers can be exhausted long before <a href="https://en.wikipedia.org/wiki/Year_2038_problem" title="Year 2038 problem">Y2038</a>, when you use them to store time in YYMMDDHHMM format. (<a href="https://rachelbythebay.com/w/2022/01/01/baddate/" title="rachelbythebay - YYMMDDHHMM just overflowed a signed 32 bit int">via</a>)</p>
  2389. ]]></content:encoded>
  2390.  </item>
  2391.  
  2392.  <item>
  2393.    <title>Open Source on Mars</title>
  2394.    <link>https://blog.x-way.org/Coding/2021/04/19/Open-Source-on-Mars.html</link>
  2395.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324289</guid>
  2396.    <dc:creator>Andreas Jaggi</dc:creator>
  2397.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2398.    <pubDate>Mon, 19 Apr 2021 16:21:00 +0200</pubDate>
  2399.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  2400.    <description><![CDATA[<p>Received a badge from GitHub's <a href="https://github.com/readme/nasa-ingenuity-helicopter" title="Open Source on Mars: Community powers NASA’s Ingenuity Helicopter - The ReadMe Project">Open Source on Mars</a> <a href="https://github.blog/2021-04-19-open-source-goes-to-mars/" title="Open source goes to Mars - The GitHub Blog">initiative</a> :-)</p>
  2401.  
  2402. <p><a href="https://github.com/x-way"><img src="https://blog.x-way.org/images/github_mars_2020_helicopter_contributor.png" alt="Mars 2020 Helicopter Contributor - Andreas Jaggi contributed code to 1 repository used in the Mars 2020 Helicopter Mission: torvalds/linux" title="Mars 2020 Helicopter Contributor - Andreas Jaggi contributed code to 1 repository used in the Mars 2020 Helicopter Mission: torvalds/linux" width="333" height="117"></a></p>
  2403. ]]></description>
  2404.    <content:encoded><![CDATA[<p>Received a badge from GitHub's <a href="https://github.com/readme/nasa-ingenuity-helicopter" title="Open Source on Mars: Community powers NASA’s Ingenuity Helicopter - The ReadMe Project">Open Source on Mars</a> <a href="https://github.blog/2021-04-19-open-source-goes-to-mars/" title="Open source goes to Mars - The GitHub Blog">initiative</a> :-)</p>
  2405.  
  2406. <p><a href="https://github.com/x-way"><img src="https://blog.x-way.org/images/github_mars_2020_helicopter_contributor.png" alt="Mars 2020 Helicopter Contributor - Andreas Jaggi contributed code to 1 repository used in the Mars 2020 Helicopter Mission: torvalds/linux" title="Mars 2020 Helicopter Contributor - Andreas Jaggi contributed code to 1 repository used in the Mars 2020 Helicopter Mission: torvalds/linux" width="333" height="117"></a></p>
  2407. ]]></content:encoded>
  2408.  </item>
  2409.  
  2410.  <item>
  2411.    <title>Top 21 Security Experts to follow on Twitter in 2021</title>
  2412.    <link>https://blog.x-way.org/Networking/2021/04/17/Top-21-Security-Experts-to-follow-on-Twitter-in-2021.html</link>
  2413.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324288</guid>
  2414.    <dc:creator>Andreas Jaggi</dc:creator>
  2415.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2416.    <pubDate>Sat, 17 Apr 2021 06:58:00 +0200</pubDate>
  2417.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2418.    <description><![CDATA[<p>From the <a href="https://web.archive.org/web/20210412004031/https://securityboulevard.com/2021/04/top-21-cybersecurity-experts-you-must-follow-on-twitter-in-2021/" title="Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021 - Security Boulevard (archive.org)">article on Security Boulevard</a>.</p>
  2419. <ol>
  2420. <li><a href="https://twitter.com/rafaybaloch" title="Rafay Baloch (@rafaybaloch) / Twitter">Rafay Baloch</a></li>
  2421. <li><a href="https://twitter.com/troyhunt" title="Troy Hunt (@troyhunt) / Twitter">Troy Hunt</a></li>
  2422. <li><a href="https://twitter.com/kevinmitnick" title="Kevin Mitnick (@kevinmitnick) / Twitter">Kevin Mitnick</a></li>
  2423. <li><a href="https://twitter.com/RachelTobac" title="Rachel Tobac (@RachelTobac) / Twitter">Rachel Tobac</a></li>
  2424. <li><a href="https://twitter.com/mikko" title="Mikko Hyppönen (@mikko) / Twitter">Mikko Hyppönen</a></li>
  2425. <li><a href="https://twitter.com/k8em0" title="Katie Moussouris (@k8em0) / Twitter">Katie Moussouris</a></li>
  2426. <li><a href="https://twitter.com/schneierblog" title="Bruce Schneier (@schneierblog) / Twitter">Bruce Schneier</a></li>
  2427. <li><a href="https://twitter.com/briankrebs" title="Brian Krebs (@briankrebs) / Twitter">Brian Krebs</a></li>
  2428. <li><a href="https://twitter.com/jeremiahg" title="Jeremiah Grossman (@jeremiahg) / Twitter">Jeremiah Grossman</a></li>
  2429. <li><a href="https://twitter.com/e_kaspersky" title="Eugene Kaspersky (@e_kaspersky) / Twitter">Eugene Kaspersky</a></li>
  2430. <li><a href="https://twitter.com/govcso" title="Dan Lohemann (@govcso) / Twitter">Dan Lohemann</a></li>
  2431. <li><a href="https://twitter.com/CybersecuritySF" title="Steve Morgan (@CybersecuritySF) / Twitter">Steve Morgan</a></li>
  2432. <li><a href="https://twitter.com/TylerCohenWood" title="Tyler Cohen Wood (@TylerCohenWood) / Twitter">Tyler Cohen Wood</a></li>
  2433. <li><a href="https://twitter.com/gcluley" title="Graham Cluley (@gcluley) / Twitter">Graham Cluley</a></li>
  2434. <li><a href="https://twitter.com/TrackerPayton" title="Theresa Payton (@TrackerPayton) / Twitter">Theresa Payton</a></li>
  2435. <li><a href="https://twitter.com/Shirastweet" title="Shira Rubinoff (@Shirastweet) / Twitter">Shira Rubinoff</a></li>
  2436. <li><a href="https://twitter.com/evacide" title="Eva Galperin (@evacide) / Twitter">Eva Galperin</a></li>
  2437. <li><a href="https://twitter.com/marcusjcarey" title="Marcus J. Carey (@marcusjcarey) / Twitter">Marcus J. Carey</a></li>
  2438. <li><a href="https://twitter.com/jaysonstreet" title="Jayson E Street (@jaysonstreet) / Twitter">Jayson E Street</a></li>
  2439. <li><a href="https://twitter.com/securityweekly" title="Paul Asadoorian (@securityweekly) / Twitter">Paul Asadoorian</a></li>
  2440. <li><a href="https://twitter.com/adam_k_levin" title="Adam K. Levin (@adam_k_levin) / Twitter">Adam K. Levin</a></li>
  2441. </ol>
  2442. ]]></description>
  2443.    <content:encoded><![CDATA[<p>From the <a href="https://web.archive.org/web/20210412004031/https://securityboulevard.com/2021/04/top-21-cybersecurity-experts-you-must-follow-on-twitter-in-2021/" title="Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021 - Security Boulevard (archive.org)">article on Security Boulevard</a>.</p>
  2444. <ol>
  2445. <li><a href="https://twitter.com/rafaybaloch" title="Rafay Baloch (@rafaybaloch) / Twitter">Rafay Baloch</a></li>
  2446. <li><a href="https://twitter.com/troyhunt" title="Troy Hunt (@troyhunt) / Twitter">Troy Hunt</a></li>
  2447. <li><a href="https://twitter.com/kevinmitnick" title="Kevin Mitnick (@kevinmitnick) / Twitter">Kevin Mitnick</a></li>
  2448. <li><a href="https://twitter.com/RachelTobac" title="Rachel Tobac (@RachelTobac) / Twitter">Rachel Tobac</a></li>
  2449. <li><a href="https://twitter.com/mikko" title="Mikko Hyppönen (@mikko) / Twitter">Mikko Hyppönen</a></li>
  2450. <li><a href="https://twitter.com/k8em0" title="Katie Moussouris (@k8em0) / Twitter">Katie Moussouris</a></li>
  2451. <li><a href="https://twitter.com/schneierblog" title="Bruce Schneier (@schneierblog) / Twitter">Bruce Schneier</a></li>
  2452. <li><a href="https://twitter.com/briankrebs" title="Brian Krebs (@briankrebs) / Twitter">Brian Krebs</a></li>
  2453. <li><a href="https://twitter.com/jeremiahg" title="Jeremiah Grossman (@jeremiahg) / Twitter">Jeremiah Grossman</a></li>
  2454. <li><a href="https://twitter.com/e_kaspersky" title="Eugene Kaspersky (@e_kaspersky) / Twitter">Eugene Kaspersky</a></li>
  2455. <li><a href="https://twitter.com/govcso" title="Dan Lohemann (@govcso) / Twitter">Dan Lohemann</a></li>
  2456. <li><a href="https://twitter.com/CybersecuritySF" title="Steve Morgan (@CybersecuritySF) / Twitter">Steve Morgan</a></li>
  2457. <li><a href="https://twitter.com/TylerCohenWood" title="Tyler Cohen Wood (@TylerCohenWood) / Twitter">Tyler Cohen Wood</a></li>
  2458. <li><a href="https://twitter.com/gcluley" title="Graham Cluley (@gcluley) / Twitter">Graham Cluley</a></li>
  2459. <li><a href="https://twitter.com/TrackerPayton" title="Theresa Payton (@TrackerPayton) / Twitter">Theresa Payton</a></li>
  2460. <li><a href="https://twitter.com/Shirastweet" title="Shira Rubinoff (@Shirastweet) / Twitter">Shira Rubinoff</a></li>
  2461. <li><a href="https://twitter.com/evacide" title="Eva Galperin (@evacide) / Twitter">Eva Galperin</a></li>
  2462. <li><a href="https://twitter.com/marcusjcarey" title="Marcus J. Carey (@marcusjcarey) / Twitter">Marcus J. Carey</a></li>
  2463. <li><a href="https://twitter.com/jaysonstreet" title="Jayson E Street (@jaysonstreet) / Twitter">Jayson E Street</a></li>
  2464. <li><a href="https://twitter.com/securityweekly" title="Paul Asadoorian (@securityweekly) / Twitter">Paul Asadoorian</a></li>
  2465. <li><a href="https://twitter.com/adam_k_levin" title="Adam K. Levin (@adam_k_levin) / Twitter">Adam K. Levin</a></li>
  2466. </ol>
  2467. ]]></content:encoded>
  2468.  </item>
  2469.  
  2470.  <item>
  2471.    <title>security.txt</title>
  2472.    <link>https://blog.x-way.org/Webdesign/2021/03/28/security-txt.html</link>
  2473.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324287</guid>
  2474.    <dc:creator>Andreas Jaggi</dc:creator>
  2475.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2476.    <pubDate>Sun, 28 Mar 2021 08:16:00 +0200</pubDate>
  2477.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  2478.    <description><![CDATA[<p>This website now also serves a <a href="https://securitytxt.org/" title="security.txt: Proposed standard for defining security policies">security.txt</a> file which is a standardized way of making security contact information available. (<a href="https://en.wikipedia.org/wiki/Security.txt" title="security.txt - Wikipedia">Wikipedia</a>)</p>
  2479. <p>The file is available in two locations <a href="https://blog.x-way.org/security.txt">/security.txt</a> (the classic location) and <a href="https://blog.x-way.org/.well-known/security.txt">/.well-known/security.txt</a> (the standard location following RFC8615).</p>
  2480.  
  2481. <p>To easily add the file on all my domains, I'm using the following nginx config snippet.</p>
  2482. <pre>location /security.txt {
  2483. add_header Content-Type 'text/plain';
  2484. add_header Cache-Control 'no-cache, no-store, must-revalidate';
  2485. add_header Pragma 'no-cache';
  2486. add_header Expires '0';
  2487. add_header Vary '*';
  2488. return 200 "Contact: mailto:andreas+security.txt@jaggi.info\nExpires: Tue, 19 Jan 2038 03:14:07 +0000\nEncryption: http://andreas-jaggi.ch/A3A54203.asc\n";
  2489. }
  2490.  
  2491. location /.well-known/security.txt {
  2492. add_header Content-Type 'text/plain';
  2493. add_header Cache-Control 'no-cache, no-store, must-revalidate';
  2494. add_header Pragma 'no-cache';
  2495. add_header Expires '0';
  2496. add_header Vary '*';
  2497. return 200 "Contact: mailto:andreas+security.txt@jaggi.info\nExpires: Tue, 19 Jan 2038 03:14:07 +0000\nEncryption: http://andreas-jaggi.ch/A3A54203.asc\n";
  2498. }</pre>
  2499.  
  2500. <p>This snippet is stored in a dedicated file (/etc/nginx/conf_includes/securitytxt) and is included in the various server config blocks like this:</p>
  2501. <pre>server {
  2502. server_name example.com;
  2503.  
  2504. include /etc/nginx/conf_includes/securitytxt;
  2505.  
  2506. location / {
  2507. # rest of website
  2508. }
  2509. }</pre>
  2510. ]]></description>
  2511.    <content:encoded><![CDATA[<p>This website now also serves a <a href="https://securitytxt.org/" title="security.txt: Proposed standard for defining security policies">security.txt</a> file which is a standardized way of making security contact information available. (<a href="https://en.wikipedia.org/wiki/Security.txt" title="security.txt - Wikipedia">Wikipedia</a>)</p>
  2512. <p>The file is available in two locations <a href="https://blog.x-way.org/security.txt">/security.txt</a> (the classic location) and <a href="https://blog.x-way.org/.well-known/security.txt">/.well-known/security.txt</a> (the standard location following RFC8615).</p>
  2513.  
  2514. <p>To easily add the file on all my domains, I'm using the following nginx config snippet.</p>
  2515. <pre>location /security.txt {
  2516. add_header Content-Type 'text/plain';
  2517. add_header Cache-Control 'no-cache, no-store, must-revalidate';
  2518. add_header Pragma 'no-cache';
  2519. add_header Expires '0';
  2520. add_header Vary '*';
  2521. return 200 "Contact: mailto:andreas+security.txt@jaggi.info\nExpires: Tue, 19 Jan 2038 03:14:07 +0000\nEncryption: http://andreas-jaggi.ch/A3A54203.asc\n";
  2522. }
  2523.  
  2524. location /.well-known/security.txt {
  2525. add_header Content-Type 'text/plain';
  2526. add_header Cache-Control 'no-cache, no-store, must-revalidate';
  2527. add_header Pragma 'no-cache';
  2528. add_header Expires '0';
  2529. add_header Vary '*';
  2530. return 200 "Contact: mailto:andreas+security.txt@jaggi.info\nExpires: Tue, 19 Jan 2038 03:14:07 +0000\nEncryption: http://andreas-jaggi.ch/A3A54203.asc\n";
  2531. }</pre>
  2532.  
  2533. <p>This snippet is stored in a dedicated file (/etc/nginx/conf_includes/securitytxt) and is included in the various server config blocks like this:</p>
  2534. <pre>server {
  2535. server_name example.com;
  2536.  
  2537. include /etc/nginx/conf_includes/securitytxt;
  2538.  
  2539. location / {
  2540. # rest of website
  2541. }
  2542. }</pre>
  2543. ]]></content:encoded>
  2544.  </item>
  2545.  
  2546.  <item>
  2547.    <title>Fixing 'snmpd[19784]: error on subcontainer 'ia_addr' insert (-1)' messages</title>
  2548.    <link>https://blog.x-way.org/Linux/2021/02/13/Fixing-snmpd-error-on-subcontainer-ia-addr-insert-messages.html</link>
  2549.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324284</guid>
  2550.    <dc:creator>Andreas Jaggi</dc:creator>
  2551.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2552.    <pubDate>Sat, 13 Feb 2021 08:57:00 +0100</pubDate>
  2553.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  2554.    <description><![CDATA[<p>The default configuration of snmpd on Debian has debug level logging enabled and thus we end up with a constant flood of these messages in /var/log/syslog</p>
  2555. <pre>snmpd[19784]: error on subcontainer 'ia_addr' insert (-1)</pre>
  2556. <p>The fix is to lower the logging level, which can be accomplished like this on systems with systemd:</p>
  2557. <pre>cp /lib/systemd/system/snmpd.service /etc/systemd/system/snmpd.service
  2558. sed -i 's/Lsd/LS6d/' /etc/systemd/system/snmpd.service
  2559. systemctl daemon-reload
  2560. systemctl restart snmpd</pre>
  2561. <p>On systems without systemd, the logging level is set by the init script (unless explicitly configured in /etc/default/snmpd), and can be changed like this:</p>
  2562. <pre>sed -i 's/Lsd/LS6d/g' /etc/default/snmpd
  2563. sed -i 's/Lsd/LS6d/g' /etc/init.d/snmpd
  2564. service snmpd restart</pre>
  2565. ]]></description>
  2566.    <content:encoded><![CDATA[<p>The default configuration of snmpd on Debian has debug level logging enabled and thus we end up with a constant flood of these messages in /var/log/syslog</p>
  2567. <pre>snmpd[19784]: error on subcontainer 'ia_addr' insert (-1)</pre>
  2568. <p>The fix is to lower the logging level, which can be accomplished like this on systems with systemd:</p>
  2569. <pre>cp /lib/systemd/system/snmpd.service /etc/systemd/system/snmpd.service
  2570. sed -i 's/Lsd/LS6d/' /etc/systemd/system/snmpd.service
  2571. systemctl daemon-reload
  2572. systemctl restart snmpd</pre>
  2573. <p>On systems without systemd, the logging level is set by the init script (unless explicitly configured in /etc/default/snmpd), and can be changed like this:</p>
  2574. <pre>sed -i 's/Lsd/LS6d/g' /etc/default/snmpd
  2575. sed -i 's/Lsd/LS6d/g' /etc/init.d/snmpd
  2576. service snmpd restart</pre>
  2577. ]]></content:encoded>
  2578.  </item>
  2579.  
  2580.  <item>
  2581.    <title>Embracing the future with SolNet</title>
  2582.    <link>https://blog.x-way.org/Networking/2021/02/04/Embracing-the-future-with-SolNet.html</link>
  2583.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324285</guid>
  2584.    <dc:creator>Andreas Jaggi</dc:creator>
  2585.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2586.    <pubDate>Thu, 04 Feb 2021 10:01:00 +0100</pubDate>
  2587.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2588.    <description><![CDATA[<p>This was the initial state of my new <a href="https://www.solnet.ch/" title="SolNet - Internet &amp; Solution Provider">SolNet</a> fibre connection:</p>
  2589. <p><img src="https://blog.x-way.org/images/solnet-ipv6-only.png" alt="SolNet connection with native IPv6 but no IPv4" width="487" height="61"></p>
  2590. <p>As I am a proponent of IPv6 this made me very happy, but unfortunately about 20% of my daily websites only offer <a href="https://blog.x-way.org/Networking/2013/07/05/Mandatory-requirement-for-all-non-IPv6-capable-products.html">legacy Internet</a> (which later on I got working as well).</p>
  2591. ]]></description>
  2592.    <content:encoded><![CDATA[<p>This was the initial state of my new <a href="https://www.solnet.ch/" title="SolNet - Internet &amp; Solution Provider">SolNet</a> fibre connection:</p>
  2593. <p><img src="https://blog.x-way.org/images/solnet-ipv6-only.png" alt="SolNet connection with native IPv6 but no IPv4" width="487" height="61"></p>
  2594. <p>As I am a proponent of IPv6 this made me very happy, but unfortunately about 20% of my daily websites only offer <a href="https://blog.x-way.org/Networking/2013/07/05/Mandatory-requirement-for-all-non-IPv6-capable-products.html">legacy Internet</a> (which later on I got working as well).</p>
  2595. ]]></content:encoded>
  2596.  </item>
  2597.  
  2598.  <item>
  2599.    <title>Prozentrechnen ist schwer</title>
  2600.    <link>https://blog.x-way.org/Misc/2021/02/04/Prozentrechnen-ist-schwer.html</link>
  2601.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324286</guid>
  2602.    <dc:creator>Andreas Jaggi</dc:creator>
  2603.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2604.    <pubDate>Thu, 04 Feb 2021 08:20:00 +0100</pubDate>
  2605.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  2606.    <description><![CDATA[<p><a href="https://www.truewealth.ch/" title="True Wealth - Swiss Online Wealth Management">TrueWealth</a> hat's nicht so mit Prozentrechnen:</p>
  2607. <p><img src="https://blog.x-way.org/images/truewealth-prozentrechnen.png" title="6 + 33 + 3 + 12 + 47 = ?" alt="6 + 33 + 3 + 12 + 47 = ?" width="335" height="196"></p>
  2608. ]]></description>
  2609.    <content:encoded><![CDATA[<p><a href="https://www.truewealth.ch/" title="True Wealth - Swiss Online Wealth Management">TrueWealth</a> hat's nicht so mit Prozentrechnen:</p>
  2610. <p><img src="https://blog.x-way.org/images/truewealth-prozentrechnen.png" title="6 + 33 + 3 + 12 + 47 = ?" alt="6 + 33 + 3 + 12 + 47 = ?" width="335" height="196"></p>
  2611. ]]></content:encoded>
  2612.  </item>
  2613.  
  2614.  <item>
  2615.    <title>Using your own router on a Sunrise fiber line</title>
  2616.    <link>https://blog.x-way.org/Networking/2020/12/05/Using-your-own-router-on-a-Sunrise-fiber-line.html</link>
  2617.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324283</guid>
  2618.    <dc:creator>Andreas Jaggi</dc:creator>
  2619.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2620.    <pubDate>Sat, 05 Dec 2020 22:26:00 +0100</pubDate>
  2621.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2622.    <description><![CDATA[<p>Sunrise does not like when people run their own router on a fiber line. While they do not directly forbid it, they don't provide any of the required configuration parameters which makes it quite hard to use your own router.</p>
  2623. <p>Below you'll find the required configuration parameters to make your own router connect with IPv4 and IPv6 on a Sunrise fiber line.<br>Beware though that especially the VLAN configuration might be different depending on your city, the following worked for me in Zürich.</p>
  2624. <p>Also, please note that I do not recommend Sunrise as Internet provider (as a matter of fact I'm on the way out of their contract and switching to <a href="https://www.solnet.ch/" title="SolNet">SolNet</a>).<br>Besides not supporting to bring your own router, they also like to make up additional early-termination fees (the contract states 100CHF early termination fees, but once you call them to initiate the process they tell you that it's gonna cost 300CHF as they decided to change their pricing structure unilaterally).</p>
  2625.  
  2626. <p>Enough of the ranting, now to the interesting part :-)</p>
  2627.  
  2628. <p>The Sunrise line has multiple VLANs to differentiate between Internet, Phone and TV services.<br>To receive an IPv4 address it requires a special value for the Client Identifier DHCP option.<br>For IPv6 <a href="https://en.wikipedia.org/wiki/IPv6_rapid_deployment" title="IPv6 rapid deployment">6rd</a> is employed, for which we need to know the prefix and gateway address.</p>
  2629.  
  2630. <p>The following configuration was tested with a <a href="https://mikrotik.com/" title="MikroTik Routers and Wireless">MikroTik</a> CRS125 router starting from the default settings.<br>For simplicity I've named the network interfaces according to their intended usage (eg. <code>LAN</code>, <code>sunrise</code> and <code>6rd</code>).</p>
  2631.  
  2632. <p>The first step is to configure the VLAN on top of your fiber interface. In my case it was VLAN ID 131, others were also successful with VLAN ID 10.</p>
  2633.  
  2634. <pre>/interface vlan add interface=sfp1-gateway name=sunrise vlan-id=131</pre>
  2635.  
  2636. <p>Next let's put in place some basic firewall rules to make sure we're not exposing our LAN to the Internet once the connection comes up.</p>
  2637. <pre>/ip firewall filter
  2638. add action=accept chain=forward connection-state=established,related
  2639. add action=accept chain=forward in-interface=LAN out-interface=sunrise
  2640. add action=drop chain=forward
  2641. add action=accept chain=input connection-state=established,related
  2642. add action=accept chain=input protocol=icmp
  2643. add action=drop chain=input in-interface=!LAN</pre>
  2644. <pre>/ip firewall nat
  2645. add action=masquerade chain=srcnat out-interface=sunrise</pre>
  2646.  
  2647. <p>Now we can configure the special value for the Client Identifier DHCP option and configure the DHCP client on the VLAN interface.</p>
  2648. <pre>/ip dhcp-client option add code=61 name=clientid-sunrise value="'dslforum.org,Fast5360-sunrise'"</pre>
  2649. <pre>/ip dhcp-client add dhcp-options=clientid-sunrise disabled=no interface=sunrise</pre>
  2650.  
  2651. <p>This should now give us IPv4 Internet connectivity. We can test this by checking that we received an IPv4 address, have an IPv4 default route and that we can ping a host in the Internet.</p>
  2652.  
  2653. <pre>/ip dhcp-client print
  2654. Flags: X - disabled, I - invalid, D - dynamic
  2655. #   INTERFACE       USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS        ADDRESS
  2656. 0   sunrise         yes          yes               bound         198.51.100.123/25</pre>
  2657. <pre>/ip route check 1.1
  2658.     status: ok
  2659.  interface: sunrise
  2660.    nexthop: 198.51.100.1</pre>
  2661. <pre>/ping count=1 1.1
  2662.  SEQ HOST                                     SIZE TTL TIME  STATUS
  2663.    0 1.0.0.1                                    56  59 1ms
  2664.    sent=1 received=1 packet-loss=0% min-rtt=1ms avg-rtt=1ms max-rtt=1ms</pre>
  2665.  
  2666. <p>Sunrise doesn't offer native IPv6 connectivity but employs 6rd (which defines how to create a 6to4 tunnel based on the public IPv4 address, an IPv6 prefix and the tunnel gateway).</p>
  2667. <p>Before we setup the 6rd tunnel, it's important to put in place firewall rules for IPv6 as afterwards all devices on the local network will receive a public IPv6 address.</p>
  2668. <pre>/ipv6 firewall filter
  2669. add action=accept chain=forward connection-state=established,related
  2670. add action=accept chain=forward in-interface=LAN
  2671. add action=drop chain=forward
  2672. add action=accept chain=input connection-state=established,related
  2673. add action=accept chain=input protocol=icmpv6
  2674. add action=drop chain=input</pre>
  2675.  
  2676. <p>To setup the 6rd tunnel, I've modified an existing script with the specific parameters for Sunrise (namely the <kbd>2001:1710::/28</kbd> prefix and the <kbd>212.161.209.1</kbd> tunnel gateway address).<br>The script creates the tunnel interface, configures an IPv6 address on the external interface, configures an IPv6 address on the internal interface (which also enables SLAAC to provide IPv6 addresses to the clients on the local network) and configures an IPv6 default route over the 6rd tunnel.</p>
  2677. <p>The script itself will be run via the scheduler, thus let's save it under the name <kbd>6rd-script</kbd>.</p>
  2678. <pre>
  2679. :global ipv6localinterface "LAN"
  2680. :global uplinkinterface "sunrise"
  2681.  
  2682. :global IPv4addr [/ip address get [find interface=$uplinkinterface] address];
  2683. :global IPv4addr [:pick $IPv4addr 0 [:find $IPv4addr "/"]]
  2684. :global IPv4addr2 [:pick $IPv4addr 0 30]
  2685. :global IPv6temp [:toip6 ("1::" . $IPv4addr2)]
  2686.  
  2687. :global IPv4hex1 [:pick $IPv6temp 3 4]
  2688. :global IPv4hex2 [:pick $IPv6temp 4 7]
  2689. :global IPv4hex3 [:pick $IPv6temp 8 9]
  2690. :global IPv4hex4 [:pick $IPv6temp 9 12]
  2691. :global IPv6addr [("2001:171" . $IPv4hex1 . ":". $IPv4hex2 .$IPv4hex3 . ":" . $IPv4hex4 . "0::1/64")]
  2692. :global IPv6addrLoc [("2001:171" . $IPv4hex1 . ":". $IPv4hex2 . $IPv4hex3 . ":" . $IPv4hex4 . "1::1/64")]
  2693.  
  2694. #6to4 interface
  2695. :global 6to4id [/interface 6to4 find where name="6rd"]
  2696. :if ($6to4id!="") do={
  2697. :global 6to4addr [/interface 6to4 get $6to4id local-address]
  2698. if ($6to4addr != $IPv4addr) do={ :log warning "Updating local-address for 6to4 tunnel '6rd' from '$6to4addr' to '$IPv4addr'."; /interface 6to4 set [find name="6rd"] local-address=$IPv4addr }
  2699. } else { :log warning "Creating 6to4 interface '6rd'. "; /interface 6to4 add !keepalive local-address=$IPv4addr mtu=1480 name="6rd" remote-address=212.161.209.1 }
  2700.  
  2701. #ipv6 for uplink
  2702. :global IPv6addrnumber [/ipv6 address find where comment="6rd" and interface="6rd"]
  2703. :if ($IPv6addrnumber!="") do={
  2704. :global oldip ([/ipv6 address get $IPv6addrnumber address])
  2705. if ($oldip != $IPv6addr) do={ :log warning "Updating 6rd IPv6 from '$oldip' to '$IPv6addr'."; /ipv6 address set number=$IPv6addrnumber address=$IPv6addr disabled=no }
  2706. } else {:log warning "Setting up 6rd IPv6 '$IPv6addr' to '6rd'. "; /ipv6 address add address=$IPv6addr interface="6rd" comment="6rd" advertise=no }
  2707.  
  2708. #ipv6 for local
  2709. :global IPv6addrnumberLocal [/ipv6 address find where comment=("6rd_local") and interface=$ipv6localinterface]
  2710. :if ($IPv6addrnumberLocal!="") do={
  2711. :global oldip ([/ipv6 address get $IPv6addrnumberLocal address])
  2712. if ($oldip != $IPv6addrLoc) do={ :log warning "Updating 6rd LOCAL IPv6 from '$oldip' to '$IPv6addrLoc'."; /ipv6 address set number=$IPv6addrnumberLocal address=$IPv6addrLoc disabled=no }
  2713. } else {:log warning "Setting up 6rd LOCAL IPv6 '$IPv6addrLoc' na '$ipv6localinterface'. "; /ipv6 address add address=$IPv6addrLoc interface=$ipv6localinterface comment="6rd_local" advertise=yes }
  2714.  
  2715. #ipv6 route
  2716. :global routa [/ipv6 route find where dst-address="2000::/3" and gateway="6rd"]
  2717. if ($routa="") do={ :log warning "Setting IPv6 route '2000::/3' pres '6rd'. "; /ipv6 route add distance=1 dst-address="2000::/3" gateway="6rd" }
  2718. </pre>
  2719.  
  2720. <p>Once we've added the script we also need to create the scheduler entry to run it periodically (as it needs to re-configure the tunnel and addresses whenever the public IPv4 address changes).</p>
  2721. <pre>/system scheduler add interval=1m name=schedule1 on-event=6rd-script</pre>
  2722.  
  2723. <p>After the first run of the script we should now have IPv6 connectivity. Let's test this again by checking that we have a public IPv6 address, an IPv6 default route and can ping an IPv6 host in the Internet.</p>
  2724.  
  2725. <pre>/ipv6 address print where interface=6rd and global
  2726. Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local
  2727. #    ADDRESS                                     FROM-POOL INTERFACE        ADVERTISE
  2728. 0  G ;;; 6rd
  2729.      2001:171c:6336:47b0::1/64                             6rd              no</pre>
  2730. <pre>/ipv6 route check 2600::
  2731.     status: ok
  2732.  interface: 6rd
  2733.    nexthop: 2600::</pre>
  2734. <pre>/ping count=1 2600::
  2735.  SEQ HOST                                     SIZE TTL TIME  STATUS
  2736.    0 2600::                                     56  50 118ms echo reply
  2737.    sent=1 received=1 packet-loss=0% min-rtt=118ms avg-rtt=118ms max-rtt=118ms</pre>
  2738.  
  2739. <p>And that's how you can configure and validate IPv4 and IPv6 connectivity with your own router on a Sunrise fiber line despite them not liking it very much ;-)</p>
  2740. ]]></description>
  2741.    <content:encoded><![CDATA[<p>Sunrise does not like when people run their own router on a fiber line. While they do not directly forbid it, they don't provide any of the required configuration parameters which makes it quite hard to use your own router.</p>
  2742. <p>Below you'll find the required configuration parameters to make your own router connect with IPv4 and IPv6 on a Sunrise fiber line.<br>Beware though that especially the VLAN configuration might be different depending on your city, the following worked for me in Zürich.</p>
  2743. <p>Also, please note that I do not recommend Sunrise as Internet provider (as a matter of fact I'm on the way out of their contract and switching to <a href="https://www.solnet.ch/" title="SolNet">SolNet</a>).<br>Besides not supporting to bring your own router, they also like to make up additional early-termination fees (the contract states 100CHF early termination fees, but once you call them to initiate the process they tell you that it's gonna cost 300CHF as they decided to change their pricing structure unilaterally).</p>
  2744.  
  2745. <p>Enough of the ranting, now to the interesting part :-)</p>
  2746.  
  2747. <p>The Sunrise line has multiple VLANs to differentiate between Internet, Phone and TV services.<br>To receive an IPv4 address it requires a special value for the Client Identifier DHCP option.<br>For IPv6 <a href="https://en.wikipedia.org/wiki/IPv6_rapid_deployment" title="IPv6 rapid deployment">6rd</a> is employed, for which we need to know the prefix and gateway address.</p>
  2748.  
  2749. <p>The following configuration was tested with a <a href="https://mikrotik.com/" title="MikroTik Routers and Wireless">MikroTik</a> CRS125 router starting from the default settings.<br>For simplicity I've named the network interfaces according to their intended usage (eg. <code>LAN</code>, <code>sunrise</code> and <code>6rd</code>).</p>
  2750.  
  2751. <p>The first step is to configure the VLAN on top of your fiber interface. In my case it was VLAN ID 131, others were also successful with VLAN ID 10.</p>
  2752.  
  2753. <pre>/interface vlan add interface=sfp1-gateway name=sunrise vlan-id=131</pre>
  2754.  
  2755. <p>Next let's put in place some basic firewall rules to make sure we're not exposing our LAN to the Internet once the connection comes up.</p>
  2756. <pre>/ip firewall filter
  2757. add action=accept chain=forward connection-state=established,related
  2758. add action=accept chain=forward in-interface=LAN out-interface=sunrise
  2759. add action=drop chain=forward
  2760. add action=accept chain=input connection-state=established,related
  2761. add action=accept chain=input protocol=icmp
  2762. add action=drop chain=input in-interface=!LAN</pre>
  2763. <pre>/ip firewall nat
  2764. add action=masquerade chain=srcnat out-interface=sunrise</pre>
  2765.  
  2766. <p>Now we can configure the special value for the Client Identifier DHCP option and configure the DHCP client on the VLAN interface.</p>
  2767. <pre>/ip dhcp-client option add code=61 name=clientid-sunrise value="'dslforum.org,Fast5360-sunrise'"</pre>
  2768. <pre>/ip dhcp-client add dhcp-options=clientid-sunrise disabled=no interface=sunrise</pre>
  2769.  
  2770. <p>This should now give us IPv4 Internet connectivity. We can test this by checking that we received an IPv4 address, have an IPv4 default route and that we can ping a host in the Internet.</p>
  2771.  
  2772. <pre>/ip dhcp-client print
  2773. Flags: X - disabled, I - invalid, D - dynamic
  2774. #   INTERFACE       USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS        ADDRESS
  2775. 0   sunrise         yes          yes               bound         198.51.100.123/25</pre>
  2776. <pre>/ip route check 1.1
  2777.     status: ok
  2778.  interface: sunrise
  2779.    nexthop: 198.51.100.1</pre>
  2780. <pre>/ping count=1 1.1
  2781.  SEQ HOST                                     SIZE TTL TIME  STATUS
  2782.    0 1.0.0.1                                    56  59 1ms
  2783.    sent=1 received=1 packet-loss=0% min-rtt=1ms avg-rtt=1ms max-rtt=1ms</pre>
  2784.  
  2785. <p>Sunrise doesn't offer native IPv6 connectivity but employs 6rd (which defines how to create a 6to4 tunnel based on the public IPv4 address, an IPv6 prefix and the tunnel gateway).</p>
  2786. <p>Before we setup the 6rd tunnel, it's important to put in place firewall rules for IPv6 as afterwards all devices on the local network will receive a public IPv6 address.</p>
  2787. <pre>/ipv6 firewall filter
  2788. add action=accept chain=forward connection-state=established,related
  2789. add action=accept chain=forward in-interface=LAN
  2790. add action=drop chain=forward
  2791. add action=accept chain=input connection-state=established,related
  2792. add action=accept chain=input protocol=icmpv6
  2793. add action=drop chain=input</pre>
  2794.  
  2795. <p>To setup the 6rd tunnel, I've modified an existing script with the specific parameters for Sunrise (namely the <kbd>2001:1710::/28</kbd> prefix and the <kbd>212.161.209.1</kbd> tunnel gateway address).<br>The script creates the tunnel interface, configures an IPv6 address on the external interface, configures an IPv6 address on the internal interface (which also enables SLAAC to provide IPv6 addresses to the clients on the local network) and configures an IPv6 default route over the 6rd tunnel.</p>
  2796. <p>The script itself will be run via the scheduler, thus let's save it under the name <kbd>6rd-script</kbd>.</p>
  2797. <pre>
  2798. :global ipv6localinterface "LAN"
  2799. :global uplinkinterface "sunrise"
  2800.  
  2801. :global IPv4addr [/ip address get [find interface=$uplinkinterface] address];
  2802. :global IPv4addr [:pick $IPv4addr 0 [:find $IPv4addr "/"]]
  2803. :global IPv4addr2 [:pick $IPv4addr 0 30]
  2804. :global IPv6temp [:toip6 ("1::" . $IPv4addr2)]
  2805.  
  2806. :global IPv4hex1 [:pick $IPv6temp 3 4]
  2807. :global IPv4hex2 [:pick $IPv6temp 4 7]
  2808. :global IPv4hex3 [:pick $IPv6temp 8 9]
  2809. :global IPv4hex4 [:pick $IPv6temp 9 12]
  2810. :global IPv6addr [("2001:171" . $IPv4hex1 . ":". $IPv4hex2 .$IPv4hex3 . ":" . $IPv4hex4 . "0::1/64")]
  2811. :global IPv6addrLoc [("2001:171" . $IPv4hex1 . ":". $IPv4hex2 . $IPv4hex3 . ":" . $IPv4hex4 . "1::1/64")]
  2812.  
  2813. #6to4 interface
  2814. :global 6to4id [/interface 6to4 find where name="6rd"]
  2815. :if ($6to4id!="") do={
  2816. :global 6to4addr [/interface 6to4 get $6to4id local-address]
  2817. if ($6to4addr != $IPv4addr) do={ :log warning "Updating local-address for 6to4 tunnel '6rd' from '$6to4addr' to '$IPv4addr'."; /interface 6to4 set [find name="6rd"] local-address=$IPv4addr }
  2818. } else { :log warning "Creating 6to4 interface '6rd'. "; /interface 6to4 add !keepalive local-address=$IPv4addr mtu=1480 name="6rd" remote-address=212.161.209.1 }
  2819.  
  2820. #ipv6 for uplink
  2821. :global IPv6addrnumber [/ipv6 address find where comment="6rd" and interface="6rd"]
  2822. :if ($IPv6addrnumber!="") do={
  2823. :global oldip ([/ipv6 address get $IPv6addrnumber address])
  2824. if ($oldip != $IPv6addr) do={ :log warning "Updating 6rd IPv6 from '$oldip' to '$IPv6addr'."; /ipv6 address set number=$IPv6addrnumber address=$IPv6addr disabled=no }
  2825. } else {:log warning "Setting up 6rd IPv6 '$IPv6addr' to '6rd'. "; /ipv6 address add address=$IPv6addr interface="6rd" comment="6rd" advertise=no }
  2826.  
  2827. #ipv6 for local
  2828. :global IPv6addrnumberLocal [/ipv6 address find where comment=("6rd_local") and interface=$ipv6localinterface]
  2829. :if ($IPv6addrnumberLocal!="") do={
  2830. :global oldip ([/ipv6 address get $IPv6addrnumberLocal address])
  2831. if ($oldip != $IPv6addrLoc) do={ :log warning "Updating 6rd LOCAL IPv6 from '$oldip' to '$IPv6addrLoc'."; /ipv6 address set number=$IPv6addrnumberLocal address=$IPv6addrLoc disabled=no }
  2832. } else {:log warning "Setting up 6rd LOCAL IPv6 '$IPv6addrLoc' na '$ipv6localinterface'. "; /ipv6 address add address=$IPv6addrLoc interface=$ipv6localinterface comment="6rd_local" advertise=yes }
  2833.  
  2834. #ipv6 route
  2835. :global routa [/ipv6 route find where dst-address="2000::/3" and gateway="6rd"]
  2836. if ($routa="") do={ :log warning "Setting IPv6 route '2000::/3' pres '6rd'. "; /ipv6 route add distance=1 dst-address="2000::/3" gateway="6rd" }
  2837. </pre>
  2838.  
  2839. <p>Once we've added the script we also need to create the scheduler entry to run it periodically (as it needs to re-configure the tunnel and addresses whenever the public IPv4 address changes).</p>
  2840. <pre>/system scheduler add interval=1m name=schedule1 on-event=6rd-script</pre>
  2841.  
  2842. <p>After the first run of the script we should now have IPv6 connectivity. Let's test this again by checking that we have a public IPv6 address, an IPv6 default route and can ping an IPv6 host in the Internet.</p>
  2843.  
  2844. <pre>/ipv6 address print where interface=6rd and global
  2845. Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local
  2846. #    ADDRESS                                     FROM-POOL INTERFACE        ADVERTISE
  2847. 0  G ;;; 6rd
  2848.      2001:171c:6336:47b0::1/64                             6rd              no</pre>
  2849. <pre>/ipv6 route check 2600::
  2850.     status: ok
  2851.  interface: 6rd
  2852.    nexthop: 2600::</pre>
  2853. <pre>/ping count=1 2600::
  2854.  SEQ HOST                                     SIZE TTL TIME  STATUS
  2855.    0 2600::                                     56  50 118ms echo reply
  2856.    sent=1 received=1 packet-loss=0% min-rtt=118ms avg-rtt=118ms max-rtt=118ms</pre>
  2857.  
  2858. <p>And that's how you can configure and validate IPv4 and IPv6 connectivity with your own router on a Sunrise fiber line despite them not liking it very much ;-)</p>
  2859. ]]></content:encoded>
  2860.  </item>
  2861.  
  2862.  <item>
  2863.    <title>MTA-STS</title>
  2864.    <link>https://blog.x-way.org/Networking/2020/11/21/MTA-STS.html</link>
  2865.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324282</guid>
  2866.    <dc:creator>Andreas Jaggi</dc:creator>
  2867.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2868.    <pubDate>Sat, 21 Nov 2020 09:47:00 +0100</pubDate>
  2869.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2870.    <description><![CDATA[<p>Recently I added <a href="https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#SMTP_MTA_Strict_Transport_Security" title="SMTP MTA Strict-Transport-Security">MTA-STS</a> support to one of my domains, and it turns out that this was easier than expected.</p>
  2871. <p>MTA-STS is used to tell mail senders that your server supports TLS. And then you can define the policy for your server and tell them that they should only use TLS (resp. STARTTLS) when connecting to you and not fall back to unencrypted SMTP.</p>
  2872. <p>The way this works is with two components:</p>
  2873. <ul>
  2874. <li>a special <code>_mta-sts.&lt;your-site.com&gt;</code> TXT DNS entry indicating that your domain supports MTA-STS and the version number of your MTA-STS policy</li>
  2875. <li>a mta-sts.txt file served under a specific well-known URL <code>https://mta-sts.&lt;your-site.com&gt;/.well-known/mta-sts.txt</code> containing your MTA-STS policy (which mx hosts it is valid for, should it be run in enforcing or testing mode, max-age etc.)</li>
  2876. </ul>
  2877. <p>The idea is that a mail sender checks your MTA-STS policy through protected channels (DNSSEC, HTTPS) and then never sends mails to you in plaintext (similar approach as <a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" title="HTTP Strict Transport Security">HSTS</a> for HTTP but this time between mail servers).</p>
  2878.  
  2879. <p>To setup the MTA-STS configuration, I followed this <a href="https://www.naut.ca/blog/2020/04/07/mta-sts-in-5-minutes/" title="Enable MTA-STS in 5 Minutes with NGINX">Enable MTA-STS in 5 Minutes with NGINX</a> guide from <a href="https://www.naut.ca/" title="Home - Yoonsik Park">Yoonsik Park</a>.</p>
  2880. <p>Then to check my configuration I used this <a href="https://aykevl.nl/apps/mta-sts/" title="MTA-STS validator">MTA-STS validator</a> (which is an opensource project available on <a href="https://github.com/aykevl/mta-sts" title="GitHub - aykevl/mta-sts: Online tool for MTA-STS checking: https://aykevl.nl/apps/mta-sts/">GitHub</a>), the classic <a href="https://www.checktls.com/TestReceiver" title="//email/testTo:">checktls.com //email/testTo: tool</a> (MTA-STS checking needs to be explicitly enabled under 'More Options') and the free testing service provided by <a href="https://www.hardenize.com/" title="Harenize: Comprehensive web site configuration test">Hardenize</a>.</p>
  2881. ]]></description>
  2882.    <content:encoded><![CDATA[<p>Recently I added <a href="https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#SMTP_MTA_Strict_Transport_Security" title="SMTP MTA Strict-Transport-Security">MTA-STS</a> support to one of my domains, and it turns out that this was easier than expected.</p>
  2883. <p>MTA-STS is used to tell mail senders that your server supports TLS. And then you can define the policy for your server and tell them that they should only use TLS (resp. STARTTLS) when connecting to you and not fall back to unencrypted SMTP.</p>
  2884. <p>The way this works is with two components:</p>
  2885. <ul>
  2886. <li>a special <code>_mta-sts.&lt;your-site.com&gt;</code> TXT DNS entry indicating that your domain supports MTA-STS and the version number of your MTA-STS policy</li>
  2887. <li>a mta-sts.txt file served under a specific well-known URL <code>https://mta-sts.&lt;your-site.com&gt;/.well-known/mta-sts.txt</code> containing your MTA-STS policy (which mx hosts it is valid for, should it be run in enforcing or testing mode, max-age etc.)</li>
  2888. </ul>
  2889. <p>The idea is that a mail sender checks your MTA-STS policy through protected channels (DNSSEC, HTTPS) and then never sends mails to you in plaintext (similar approach as <a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" title="HTTP Strict Transport Security">HSTS</a> for HTTP but this time between mail servers).</p>
  2890.  
  2891. <p>To setup the MTA-STS configuration, I followed this <a href="https://www.naut.ca/blog/2020/04/07/mta-sts-in-5-minutes/" title="Enable MTA-STS in 5 Minutes with NGINX">Enable MTA-STS in 5 Minutes with NGINX</a> guide from <a href="https://www.naut.ca/" title="Home - Yoonsik Park">Yoonsik Park</a>.</p>
  2892. <p>Then to check my configuration I used this <a href="https://aykevl.nl/apps/mta-sts/" title="MTA-STS validator">MTA-STS validator</a> (which is an opensource project available on <a href="https://github.com/aykevl/mta-sts" title="GitHub - aykevl/mta-sts: Online tool for MTA-STS checking: https://aykevl.nl/apps/mta-sts/">GitHub</a>), the classic <a href="https://www.checktls.com/TestReceiver" title="//email/testTo:">checktls.com //email/testTo: tool</a> (MTA-STS checking needs to be explicitly enabled under 'More Options') and the free testing service provided by <a href="https://www.hardenize.com/" title="Harenize: Comprehensive web site configuration test">Hardenize</a>.</p>
  2893. ]]></content:encoded>
  2894.  </item>
  2895.  
  2896.  <item>
  2897.    <title>15 years of o5</title>
  2898.    <link>https://blog.x-way.org/Webdesign/2020/11/01/15-years-of-o5.html</link>
  2899.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324281</guid>
  2900.    <dc:creator>Andreas Jaggi</dc:creator>
  2901.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2902.    <pubDate>Sun, 01 Nov 2020 19:03:00 +0100</pubDate>
  2903.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  2904.    <description><![CDATA[<p><a href="https://blog.x-way.org/Webdesign/2005/11/01/CSS-Reboot-Fall-2005.html" title="x-log - CSS Reboot Fall 2005">15 years ago</a> this weblog received the current o5 design (or theme as it would be called nowadays).<br>
  2905. During this time the design has aged quite well and also survived <a href="https://blog.x-way.org/Misc/2011/11/26/Online-Again.html" title="x-log - Online Again">the move</a> of the backend from a self-written PHP blog-engine to Jekyll.</p>
  2906. <p>Although it still works surprisingly well and presents the content nicely every day, there are some parts where better usage of contemporary technologies would be desirable.<br>It has no mobile version nor a responsive layout as the design was created before the now omnipresent smartphones were invented. Similar is the font-size hardcoded and not very adequate for todays retina displays. And yes, it uses the XHTML 1.0 strict standard with all its quirks and CSS tricks from 2002 (which luckily are still supported in current browsers).</p>
  2907. <p>Overall I'm quite happy that the o5 design has turned out to be so timeless and that I did not have to come up with a new one every other year (btw: I don't remember where the o5 name came from, likely the 5 is a reference to 2005 when it was created).</p>
  2908. <p>With the current Corona situation forcing me to spend more time at home again, I have the feeling that some things might change around the weblog (not quite sure what or when exactly, first I need to re-learn how websites are built in 2020 :-).</p>
  2909. ]]></description>
  2910.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/Webdesign/2005/11/01/CSS-Reboot-Fall-2005.html" title="x-log - CSS Reboot Fall 2005">15 years ago</a> this weblog received the current o5 design (or theme as it would be called nowadays).<br>
  2911. During this time the design has aged quite well and also survived <a href="https://blog.x-way.org/Misc/2011/11/26/Online-Again.html" title="x-log - Online Again">the move</a> of the backend from a self-written PHP blog-engine to Jekyll.</p>
  2912. <p>Although it still works surprisingly well and presents the content nicely every day, there are some parts where better usage of contemporary technologies would be desirable.<br>It has no mobile version nor a responsive layout as the design was created before the now omnipresent smartphones were invented. Similar is the font-size hardcoded and not very adequate for todays retina displays. And yes, it uses the XHTML 1.0 strict standard with all its quirks and CSS tricks from 2002 (which luckily are still supported in current browsers).</p>
  2913. <p>Overall I'm quite happy that the o5 design has turned out to be so timeless and that I did not have to come up with a new one every other year (btw: I don't remember where the o5 name came from, likely the 5 is a reference to 2005 when it was created).</p>
  2914. <p>With the current Corona situation forcing me to spend more time at home again, I have the feeling that some things might change around the weblog (not quite sure what or when exactly, first I need to re-learn how websites are built in 2020 :-).</p>
  2915. ]]></content:encoded>
  2916.  </item>
  2917.  
  2918.  <item>
  2919.    <title>NAT Slipstreaming (NAT traversal part 2)</title>
  2920.    <link>https://blog.x-way.org/Networking/2020/10/31/NAT-Slipstreaming.html</link>
  2921.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324280</guid>
  2922.    <dc:creator>Andreas Jaggi</dc:creator>
  2923.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2924.    <pubDate>Sat, 31 Oct 2020 22:55:00 +0100</pubDate>
  2925.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2926.    <description><![CDATA[<p>Compared to the <a href="https://blog.x-way.org/Networking/2020/08/23/How-NAT-traversal-works.html" title="x-log - How NAT traversal works">previous post</a> where intentional NAT traversal was discussed, here now comes an article about 'unintentional' (malicious) NAT traversal.</p>
  2927. <p><a href="https://samy.pl/" title="Samy Kamar">Samy Kamar</a> describes in his <a href="https://samy.pl/slipstream/" title="Samy Kamar - NAT Slipstreaming">NAT Slipstreaming article</a> how a combination of TCP packet segmentation and smuggling SIP requests in HTTP, can be used to trick the NAT <abbr title="Application Layer Gateway">ALG</abbr> of your router into opening arbitrary ports for inbound connections from the Internet to your computer.</p>
  2928. <p>The article analyses in detail the SIP ALG of the Linux netfilter stack in it's default configuration, but likely similar attacks could also be possible with ALGs of other protocols and vendors.</p>
  2929. <p>Important to note: the Linux SIP ALG module has two parameters (sip_direct_media and sip_direct_signalling), which restrict the IP address for which additional ports are opened to the one sending the original SIP packet. By default they are set to 1, but if any of these is set to 0 in a router's configuration, the described NAT Slipstreaming attack will not only allow to make inbound connections to your computer, but also to any other device in the local network!</p>
  2930. ]]></description>
  2931.    <content:encoded><![CDATA[<p>Compared to the <a href="https://blog.x-way.org/Networking/2020/08/23/How-NAT-traversal-works.html" title="x-log - How NAT traversal works">previous post</a> where intentional NAT traversal was discussed, here now comes an article about 'unintentional' (malicious) NAT traversal.</p>
  2932. <p><a href="https://samy.pl/" title="Samy Kamar">Samy Kamar</a> describes in his <a href="https://samy.pl/slipstream/" title="Samy Kamar - NAT Slipstreaming">NAT Slipstreaming article</a> how a combination of TCP packet segmentation and smuggling SIP requests in HTTP, can be used to trick the NAT <abbr title="Application Layer Gateway">ALG</abbr> of your router into opening arbitrary ports for inbound connections from the Internet to your computer.</p>
  2933. <p>The article analyses in detail the SIP ALG of the Linux netfilter stack in it's default configuration, but likely similar attacks could also be possible with ALGs of other protocols and vendors.</p>
  2934. <p>Important to note: the Linux SIP ALG module has two parameters (sip_direct_media and sip_direct_signalling), which restrict the IP address for which additional ports are opened to the one sending the original SIP packet. By default they are set to 1, but if any of these is set to 0 in a router's configuration, the described NAT Slipstreaming attack will not only allow to make inbound connections to your computer, but also to any other device in the local network!</p>
  2935. ]]></content:encoded>
  2936.  </item>
  2937.  
  2938.  <item>
  2939.    <title>How NAT traversal works</title>
  2940.    <link>https://blog.x-way.org/Networking/2020/08/23/How-NAT-traversal-works.html</link>
  2941.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324279</guid>
  2942.    <dc:creator>Andreas Jaggi</dc:creator>
  2943.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2944.    <pubDate>Sun, 23 Aug 2020 21:08:00 +0200</pubDate>
  2945.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  2946.    <description><![CDATA[<p><a href="https://tailscale.com/blog/how-nat-traversal-works/" title="How NAT traversal works - Tailscale Blog">How NAT traversal works</a> &ndash; is a very well written and detailed article from <a href="https://twitter.com/dave_universetf" title="Dave Anderson (@dave_universetf)">Dave Anderson</a> explaining the different NAT scenarios and the tricks that can be used to establish a peer-to-peer UDP connection between machines sitting behind them.</p>
  2947. ]]></description>
  2948.    <content:encoded><![CDATA[<p><a href="https://tailscale.com/blog/how-nat-traversal-works/" title="How NAT traversal works - Tailscale Blog">How NAT traversal works</a> &ndash; is a very well written and detailed article from <a href="https://twitter.com/dave_universetf" title="Dave Anderson (@dave_universetf)">Dave Anderson</a> explaining the different NAT scenarios and the tricks that can be used to establish a peer-to-peer UDP connection between machines sitting behind them.</p>
  2949. ]]></content:encoded>
  2950.  </item>
  2951.  
  2952.  <item>
  2953.    <title>Replace the root disk</title>
  2954.    <link>https://blog.x-way.org/Linux/2020/06/07/Replace-the-root-disk.html</link>
  2955.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324278</guid>
  2956.    <dc:creator>Andreas Jaggi</dc:creator>
  2957.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  2958.    <pubDate>Sun, 07 Jun 2020 10:58:00 +0200</pubDate>
  2959.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  2960.    <description><![CDATA[<p>Recently the disk holding the root (<kbd>/</kbd>) filesystem on one of my linux systems started to report increased <a href="https://en.wikipedia.org/wiki/S.M.A.R.T." title="S.M.A.R.T - Wikipedia">SMART</a> raw read error rates, seek error rates and ECC recovered hardware errors.</p>
  2961. <p>As these are early indications of a failing disk, it became time to replace the disk.</p>
  2962. <p>Normally replacing a disk comes down to plugging in the new one, coyping over the data, umount the old disk, mount the new one in place, unplug the old disk.<br>But when it is the disk with the root filesystem a couple extra steps are needed.</p>
  2963. <p>The steps below worked for my Debian system without problems (even used the opportunity to upgrade to an SSD :-)</p>
  2964. <p>(source is <a href="https://unix.stackexchange.com/questions/338387/how-do-i-replace-root-drive-on-debian" title="How do I replace Root Drive on Debian?">this thread</a> on StackExchange)</p>
  2965.  
  2966. <blockquote>
  2967. <p>The following makes some assumptions:</p>
  2968. <ul>
  2969. <li>All commands ran as root when possible</li>
  2970. <li>You are on a physical console to the host (need to type in grub commands to boot up the new disk!)</li>
  2971. <li>You want an ext4 files system</li>
  2972. <li>You are loosely familiar on a basic level with all commands run</li>
  2973. <li>You are NOT booting from a RAID device</li>
  2974. </ul>
  2975. <p>So here we go.</p>
  2976. <ol>
  2977. <li>Physically install new disk into computer and connect to available port leaving old disk in existing position.</li>
  2978. <li>Boot computer into old OS.</li>
  2979. <li>Prepare and mount new disk; first identify new disk<br>
  2980. <kbd>fdisk -l</kbd>
  2981. </li>
  2982. <li>Partition new disk<br>
  2983. <kbd>fdisk /dev/(newdisk)</kbd><br>
  2984. Make partition primary partition with type "83" file system type.
  2985. </li>
  2986. <li>Create filesystem<br>
  2987. <kbd>mkfs.ext4 /dev/(newpartition)</kbd>
  2988. </li>
  2989. <li>Mount new filesystem<br>
  2990. <kbd>mkdir /mnt/(newpartitionmountpoint)</kbd><br>
  2991. <kbd>mount /dev/(newpartition) /mnt/(newpartitionmountpoint)</kbd>
  2992. </li>
  2993. <li>Copy disk:<br>
  2994. <kbd>/sbin/init 1</kbd> (drop to single user mode)<br>
  2995. <kbd>rsync -avxHAX / /mnt/(newpartitionmountpoint)</kbd>
  2996. </li>
  2997. <li>Update FSTAB on newdisk<br>
  2998. <kbd>blkid</kbd> (note UUID of new partition)<br>
  2999. <kbd>vi /mnt/(newpartitionmountpoint)/etc/fstab</kbd><br>
  3000. Replace existing UUID of / in FSTAB to new disk UUID
  3001. </li>
  3002. <li>Configure grub and install to new disk boot loader:<br>
  3003. <kbd>grub-mkconfig</kbd><br>
  3004. <kbd>update-grub</kbd><br>
  3005. <kbd>grub-install /dev/(newdisk)</kbd>
  3006. </li>
  3007. <li>Copy grub.cfg from old disk to new<br>
  3008. <kbd>cp -ax /boot/grub/grub.cfg /mnt/(newpartitionmountpoint)/boot/grub/grub.cfg</kbd>
  3009. </li>
  3010. <li>Open grub.cfg on new disk and replace all UUIDs with new disk<br>
  3011. <kbd>vi /mnt/(newpartitionmountpoint)/boot/grub/grub.cfg</kbd><br>
  3012. Replace all old UUIDs with the UUID of the new disk
  3013. </li>
  3014. <li>Shut down computer<br>
  3015. <kbd>shutdown</kbd>
  3016. </li>
  3017. <li>Physically move the new drive to the 1st drive location and remove old drive</li>
  3018. <li>Start computer and grub should present:<br>
  3019. <pre>error: no such device: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
  3020.  
  3021. GRUB rescue&gt;</pre>
  3022. </li>
  3023. <li>Manually boot new OS from grub; first identify the drive and partition of the boot files<br>
  3024. <kbd>ls</kbd> [to identify your drive and partition options]<br>
  3025. <kbd>ls (hdx,p)/</kbd> [to identify which partition has the /boot folder]
  3026. </li>
  3027. <li>Then, you can load the boot menu manually from the drive and partition you found above. Typically this would be (hd0,msdos1).<br>
  3028. <kbd>set prefix="(hdx,p)/boot/grub"</kbd><br>
  3029. <kbd>set root="(hdx,p)"</kbd><br>
  3030. <kbd>insmod normal</kbd><br>
  3031. <kbd>normal</kbd>
  3032. </li>
  3033. <li>Login to OS on new drive</li>
  3034. <li>Configure grub again<br>
  3035. <kbd>fdisk -l</kbd> (note dev of newdisk)<br>
  3036. <kbd>grub-mkconfig</kbd><br>
  3037. <kbd>update-grub</kbd><br>
  3038. <kbd>grub-install /dev/newdisk</kbd>
  3039. </li>
  3040. </ol>
  3041. <p>And that should be it!</p>
  3042. </blockquote>
  3043. ]]></description>
  3044.    <content:encoded><![CDATA[<p>Recently the disk holding the root (<kbd>/</kbd>) filesystem on one of my linux systems started to report increased <a href="https://en.wikipedia.org/wiki/S.M.A.R.T." title="S.M.A.R.T - Wikipedia">SMART</a> raw read error rates, seek error rates and ECC recovered hardware errors.</p>
  3045. <p>As these are early indications of a failing disk, it became time to replace the disk.</p>
  3046. <p>Normally replacing a disk comes down to plugging in the new one, coyping over the data, umount the old disk, mount the new one in place, unplug the old disk.<br>But when it is the disk with the root filesystem a couple extra steps are needed.</p>
  3047. <p>The steps below worked for my Debian system without problems (even used the opportunity to upgrade to an SSD :-)</p>
  3048. <p>(source is <a href="https://unix.stackexchange.com/questions/338387/how-do-i-replace-root-drive-on-debian" title="How do I replace Root Drive on Debian?">this thread</a> on StackExchange)</p>
  3049.  
  3050. <blockquote>
  3051. <p>The following makes some assumptions:</p>
  3052. <ul>
  3053. <li>All commands ran as root when possible</li>
  3054. <li>You are on a physical console to the host (need to type in grub commands to boot up the new disk!)</li>
  3055. <li>You want an ext4 files system</li>
  3056. <li>You are loosely familiar on a basic level with all commands run</li>
  3057. <li>You are NOT booting from a RAID device</li>
  3058. </ul>
  3059. <p>So here we go.</p>
  3060. <ol>
  3061. <li>Physically install new disk into computer and connect to available port leaving old disk in existing position.</li>
  3062. <li>Boot computer into old OS.</li>
  3063. <li>Prepare and mount new disk; first identify new disk<br>
  3064. <kbd>fdisk -l</kbd>
  3065. </li>
  3066. <li>Partition new disk<br>
  3067. <kbd>fdisk /dev/(newdisk)</kbd><br>
  3068. Make partition primary partition with type "83" file system type.
  3069. </li>
  3070. <li>Create filesystem<br>
  3071. <kbd>mkfs.ext4 /dev/(newpartition)</kbd>
  3072. </li>
  3073. <li>Mount new filesystem<br>
  3074. <kbd>mkdir /mnt/(newpartitionmountpoint)</kbd><br>
  3075. <kbd>mount /dev/(newpartition) /mnt/(newpartitionmountpoint)</kbd>
  3076. </li>
  3077. <li>Copy disk:<br>
  3078. <kbd>/sbin/init 1</kbd> (drop to single user mode)<br>
  3079. <kbd>rsync -avxHAX / /mnt/(newpartitionmountpoint)</kbd>
  3080. </li>
  3081. <li>Update FSTAB on newdisk<br>
  3082. <kbd>blkid</kbd> (note UUID of new partition)<br>
  3083. <kbd>vi /mnt/(newpartitionmountpoint)/etc/fstab</kbd><br>
  3084. Replace existing UUID of / in FSTAB to new disk UUID
  3085. </li>
  3086. <li>Configure grub and install to new disk boot loader:<br>
  3087. <kbd>grub-mkconfig</kbd><br>
  3088. <kbd>update-grub</kbd><br>
  3089. <kbd>grub-install /dev/(newdisk)</kbd>
  3090. </li>
  3091. <li>Copy grub.cfg from old disk to new<br>
  3092. <kbd>cp -ax /boot/grub/grub.cfg /mnt/(newpartitionmountpoint)/boot/grub/grub.cfg</kbd>
  3093. </li>
  3094. <li>Open grub.cfg on new disk and replace all UUIDs with new disk<br>
  3095. <kbd>vi /mnt/(newpartitionmountpoint)/boot/grub/grub.cfg</kbd><br>
  3096. Replace all old UUIDs with the UUID of the new disk
  3097. </li>
  3098. <li>Shut down computer<br>
  3099. <kbd>shutdown</kbd>
  3100. </li>
  3101. <li>Physically move the new drive to the 1st drive location and remove old drive</li>
  3102. <li>Start computer and grub should present:<br>
  3103. <pre>error: no such device: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
  3104.  
  3105. GRUB rescue&gt;</pre>
  3106. </li>
  3107. <li>Manually boot new OS from grub; first identify the drive and partition of the boot files<br>
  3108. <kbd>ls</kbd> [to identify your drive and partition options]<br>
  3109. <kbd>ls (hdx,p)/</kbd> [to identify which partition has the /boot folder]
  3110. </li>
  3111. <li>Then, you can load the boot menu manually from the drive and partition you found above. Typically this would be (hd0,msdos1).<br>
  3112. <kbd>set prefix="(hdx,p)/boot/grub"</kbd><br>
  3113. <kbd>set root="(hdx,p)"</kbd><br>
  3114. <kbd>insmod normal</kbd><br>
  3115. <kbd>normal</kbd>
  3116. </li>
  3117. <li>Login to OS on new drive</li>
  3118. <li>Configure grub again<br>
  3119. <kbd>fdisk -l</kbd> (note dev of newdisk)<br>
  3120. <kbd>grub-mkconfig</kbd><br>
  3121. <kbd>update-grub</kbd><br>
  3122. <kbd>grub-install /dev/newdisk</kbd>
  3123. </li>
  3124. </ol>
  3125. <p>And that should be it!</p>
  3126. </blockquote>
  3127. ]]></content:encoded>
  3128.  </item>
  3129.  
  3130.  <item>
  3131.    <title>rkhunter CRLF confusion</title>
  3132.    <link>https://blog.x-way.org/Linux/2020/05/24/rkhunter-CRLF-confusion.html</link>
  3133.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324277</guid>
  3134.    <dc:creator>Andreas Jaggi</dc:creator>
  3135.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3136.    <pubDate>Sun, 24 May 2020 11:22:00 +0200</pubDate>
  3137.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3138.    <description><![CDATA[<p>On my Linux hosts I'm running <a href="http://rkhunter.sourceforge.net/" title="The Rootkit Hunter project">rkhunter</a>. On a newly configured host it lately reported the following warning:</p>
  3139. <pre>Warning: The SSH and rkhunter configuration options should be the same:
  3140.        SSH configuration option 'PermitRootLogin': no
  3141. Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no</pre>
  3142. <p>On first sight the warning does not seem to make much sense, as both configuration options seem to be set to the same value (<code>no</code>).<br>
  3143. But digging further reveals that they are stored slightly different:</p>
  3144. <pre># file /etc/rkhunter.conf
  3145. /etc/rkhunter.conf: ASCII text
  3146. # file /etc/ssh/sshd_config
  3147. /etc/ssh/sshd_config: ASCII text, with CRLF line terminators</pre>
  3148. <p>Turns out that rkhunter is also checking the line terminators as part of the configuration values, and warns because they are different.</p>
  3149. <p>Knowing this, the fix is simple: run <a href="http://dos2unix.sourceforge.net/" title="dos2unix">dos2unix</a> on the CRLF file</p>
  3150. ]]></description>
  3151.    <content:encoded><![CDATA[<p>On my Linux hosts I'm running <a href="http://rkhunter.sourceforge.net/" title="The Rootkit Hunter project">rkhunter</a>. On a newly configured host it lately reported the following warning:</p>
  3152. <pre>Warning: The SSH and rkhunter configuration options should be the same:
  3153.        SSH configuration option 'PermitRootLogin': no
  3154. Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no</pre>
  3155. <p>On first sight the warning does not seem to make much sense, as both configuration options seem to be set to the same value (<code>no</code>).<br>
  3156. But digging further reveals that they are stored slightly different:</p>
  3157. <pre># file /etc/rkhunter.conf
  3158. /etc/rkhunter.conf: ASCII text
  3159. # file /etc/ssh/sshd_config
  3160. /etc/ssh/sshd_config: ASCII text, with CRLF line terminators</pre>
  3161. <p>Turns out that rkhunter is also checking the line terminators as part of the configuration values, and warns because they are different.</p>
  3162. <p>Knowing this, the fix is simple: run <a href="http://dos2unix.sourceforge.net/" title="dos2unix">dos2unix</a> on the CRLF file</p>
  3163. ]]></content:encoded>
  3164.  </item>
  3165.  
  3166.  <item>
  3167.    <title>ipaddr CLI tool</title>
  3168.    <link>https://blog.x-way.org/Networking/2020/05/21/ipaddr-CLI-tool.html</link>
  3169.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324276</guid>
  3170.    <dc:creator>Andreas Jaggi</dc:creator>
  3171.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3172.    <pubDate>Thu, 21 May 2020 19:38:00 +0200</pubDate>
  3173.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  3174.    <description><![CDATA[<p>While doing some maintenance on my server, I got tired of searching through the output of <code>ip addr show</code> to find the IP addresses configured on the interfaces.<br>
  3175. Thus I wrote a simple CLI tool to display the information I needed in a concise and human friendly form: <a href="https://github.com/x-way/ipaddr" title="ipaddr - human friendly list of IP addresses and network interfaces">ipaddr</a></p>
  3176. <pre>$ ipaddr
  3177. lo          127.0.0.1/8
  3178. ens5        198.51.100.160/24
  3179. tun24008    10.123.199.78/32
  3180. tun71991639 10.200.123.5/32
  3181. tun26724    10.100.100.235/32
  3182. tun3883710  10.123.111.7/32</pre>
  3183. <p>A nice side-effect of writing this in <a href="https://golang.org/" title="The Go Programming Language">Go</a> is that it works out-of-the-box also on non-Linux systems :-)</p>
  3184. ]]></description>
  3185.    <content:encoded><![CDATA[<p>While doing some maintenance on my server, I got tired of searching through the output of <code>ip addr show</code> to find the IP addresses configured on the interfaces.<br>
  3186. Thus I wrote a simple CLI tool to display the information I needed in a concise and human friendly form: <a href="https://github.com/x-way/ipaddr" title="ipaddr - human friendly list of IP addresses and network interfaces">ipaddr</a></p>
  3187. <pre>$ ipaddr
  3188. lo          127.0.0.1/8
  3189. ens5        198.51.100.160/24
  3190. tun24008    10.123.199.78/32
  3191. tun71991639 10.200.123.5/32
  3192. tun26724    10.100.100.235/32
  3193. tun3883710  10.123.111.7/32</pre>
  3194. <p>A nice side-effect of writing this in <a href="https://golang.org/" title="The Go Programming Language">Go</a> is that it works out-of-the-box also on non-Linux systems :-)</p>
  3195. ]]></content:encoded>
  3196.  </item>
  3197.  
  3198.  <item>
  3199.    <title>Poor man's reboot notification</title>
  3200.    <link>https://blog.x-way.org/Linux/2020/04/18/Poor-mans-reboot-notification.html</link>
  3201.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324275</guid>
  3202.    <dc:creator>Andreas Jaggi</dc:creator>
  3203.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3204.    <pubDate>Sat, 18 Apr 2020 15:03:00 +0200</pubDate>
  3205.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3206.    <description><![CDATA[<p>Sometimes you need to be notified about reboots of a machine without having the luxury of a proper monitoring system.</p>
  3207. <p>The following crontab entry triggers an e-mail when the host has been rebooted in the last 5 minutes.</p>
  3208. <pre>*/5 * * * * [ $(sed -e 's/\..*//' /proc/uptime) -lt 540 ] &amp;&amp; echo "Host has been rebooted! Uptime: $(uptime)"</pre>
  3209. ]]></description>
  3210.    <content:encoded><![CDATA[<p>Sometimes you need to be notified about reboots of a machine without having the luxury of a proper monitoring system.</p>
  3211. <p>The following crontab entry triggers an e-mail when the host has been rebooted in the last 5 minutes.</p>
  3212. <pre>*/5 * * * * [ $(sed -e 's/\..*//' /proc/uptime) -lt 540 ] &amp;&amp; echo "Host has been rebooted! Uptime: $(uptime)"</pre>
  3213. ]]></content:encoded>
  3214.  </item>
  3215.  
  3216.  <item>
  3217.    <title>Cottage cheese Avocado Crostini</title>
  3218.    <link>https://blog.x-way.org/Food/2020/04/12/Cottage-cheese-Avocado-Crostini.html</link>
  3219.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324274</guid>
  3220.    <dc:creator>Andreas Jaggi</dc:creator>
  3221.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3222.    <pubDate>Sun, 12 Apr 2020 19:16:00 +0200</pubDate>
  3223.    <category domain="https://blog.x-way.org/Food">Food</category>
  3224.    <description><![CDATA[<p>Inspired by <a href="https://fooby.ch/de/rezepte/17073/avocado-ricotta-crostini" title="Avocado-Ricotta-Crostini - Rezepte | fooby.ch">this recipe</a>, I made some yummy Crostini using Cottage cheese (instead of Ricotta cheese) and Avocado with some drops of Aceto balsamico.</p>
  3225. <p><img src="https://blog.x-way.org/images/cottage_cheese_avocado_crostini.jpeg" alt="Cottage cheese Avocado Crostini" width="439" height="329"></p>
  3226. ]]></description>
  3227.    <content:encoded><![CDATA[<p>Inspired by <a href="https://fooby.ch/de/rezepte/17073/avocado-ricotta-crostini" title="Avocado-Ricotta-Crostini - Rezepte | fooby.ch">this recipe</a>, I made some yummy Crostini using Cottage cheese (instead of Ricotta cheese) and Avocado with some drops of Aceto balsamico.</p>
  3228. <p><img src="https://blog.x-way.org/images/cottage_cheese_avocado_crostini.jpeg" alt="Cottage cheese Avocado Crostini" width="439" height="329"></p>
  3229. ]]></content:encoded>
  3230.  </item>
  3231.  
  3232.  <item>
  3233.    <title>Ein Lied für Jetzt</title>
  3234.    <link>https://blog.x-way.org/Music/2020/03/28/Ein-Lied-fur-Jetzt.html</link>
  3235.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324273</guid>
  3236.    <dc:creator>Andreas Jaggi</dc:creator>
  3237.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3238.    <pubDate>Sat, 28 Mar 2020 08:53:00 +0100</pubDate>
  3239.    <category domain="https://blog.x-way.org/Music">Music</category>
  3240.    <description><![CDATA[<p><a href="https://youtu.be/t_s6waEUTbI" title="die ärzte - Ein Lied für Jetzt - YouTube">die ärzte - Ein Lied für Jetzt</a></p>
  3241. ]]></description>
  3242.    <content:encoded><![CDATA[<p><a href="https://youtu.be/t_s6waEUTbI" title="die ärzte - Ein Lied für Jetzt - YouTube">die ärzte - Ein Lied für Jetzt</a></p>
  3243. ]]></content:encoded>
  3244.  </item>
  3245.  
  3246.  <item>
  3247.    <title>ip_compact and ip_diff</title>
  3248.    <link>https://blog.x-way.org/Networking/2020/03/21/ip_compact-and-ip_diff.html</link>
  3249.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324272</guid>
  3250.    <dc:creator>Andreas Jaggi</dc:creator>
  3251.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3252.    <pubDate>Sat, 21 Mar 2020 15:18:00 +0100</pubDate>
  3253.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  3254.    <description><![CDATA[<p>Somehow I always end up working with lists of IP networks and needing to minimize and compare them.</p>
  3255. <p>Some of my Perl scripts for this might still be hidden in a corporate source repository, and somewhere in the backups of my old Linux laptop should be even earlier attempts in Bash.</p>
  3256. <p>Both of them are not very useful to me where they are, thus I've written yet another version.<br>This time in Go using the <a href="https://github.com/mikioh/ipaddr" title="package ipaddr">ipaddr</a> package.</p>
  3257. <p>Say hello to <a href="https://github.com/x-way/ip_compact" title="ip_compact - Compact a list of IP prefixes">ip_compact</a> and <a href="https://github.com/x-way/ip_diff" title="ip_diff - Compare two lists of IP prefixes">ip_diff</a> :-)</p>
  3258. ]]></description>
  3259.    <content:encoded><![CDATA[<p>Somehow I always end up working with lists of IP networks and needing to minimize and compare them.</p>
  3260. <p>Some of my Perl scripts for this might still be hidden in a corporate source repository, and somewhere in the backups of my old Linux laptop should be even earlier attempts in Bash.</p>
  3261. <p>Both of them are not very useful to me where they are, thus I've written yet another version.<br>This time in Go using the <a href="https://github.com/mikioh/ipaddr" title="package ipaddr">ipaddr</a> package.</p>
  3262. <p>Say hello to <a href="https://github.com/x-way/ip_compact" title="ip_compact - Compact a list of IP prefixes">ip_compact</a> and <a href="https://github.com/x-way/ip_diff" title="ip_diff - Compare two lists of IP prefixes">ip_diff</a> :-)</p>
  3263. ]]></content:encoded>
  3264.  </item>
  3265.  
  3266.  <item>
  3267.    <title>#StayTheFuckHome</title>
  3268.    <link>https://blog.x-way.org/Music/2020/03/17/StayTheFuckHome.html</link>
  3269.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324271</guid>
  3270.    <dc:creator>Andreas Jaggi</dc:creator>
  3271.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3272.    <pubDate>Tue, 17 Mar 2020 19:33:00 +0100</pubDate>
  3273.    <category domain="https://blog.x-way.org/Music">Music</category>
  3274.    <description><![CDATA[<p><a href="https://youtu.be/CP70fI3BUs8" title="Bitch Queens - #StayTheFuckHome - YouTube">Bitch Queens - #StayTheFuckHome</a></p>
  3275. <p><a href="https://staythefuckhome.com/" title="Stay The Fuck Home!">Stay The Fuck Home!</a></p>
  3276. ]]></description>
  3277.    <content:encoded><![CDATA[<p><a href="https://youtu.be/CP70fI3BUs8" title="Bitch Queens - #StayTheFuckHome - YouTube">Bitch Queens - #StayTheFuckHome</a></p>
  3278. <p><a href="https://staythefuckhome.com/" title="Stay The Fuck Home!">Stay The Fuck Home!</a></p>
  3279. ]]></content:encoded>
  3280.  </item>
  3281.  
  3282.  <item>
  3283.    <title>This Page is Designed to Last</title>
  3284.    <link>https://blog.x-way.org/Misc/2019/12/20/This-Page-is-Designed-to-Last.html</link>
  3285.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324270</guid>
  3286.    <dc:creator>Andreas Jaggi</dc:creator>
  3287.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3288.    <pubDate>Fri, 20 Dec 2019 09:56:00 +0100</pubDate>
  3289.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3290.    <description><![CDATA[<p><a href="https://jeffhuang.com/designed_to_last/" title="This Page is Designed to Last: A Manifesto for Preserving Content on the Web">This Page is Designed to Last</a> &mdash; a manifesto from Jeff Huang for preserving content on the web, where he advocates to keep content on the web available and pledges to keep his site available for the next 10 years.</p>
  3291. <p>Having my content in this weblog online since 2002, I can very much relate to this initiative and additionally would like to point to the efforts of <a href="https://archive.org/">archive.org</a> (aka. The Internet Archive).<br>The wayback machine of archive.org allows to see old versions of websites, even when the website itself is no longer available.</p>
  3292. <p>For me personally this became critically useful when the database of my weblog vanished with no current backup and I then used the archived versions from archive.org to <a href="https://blog.x-way.org/Misc/2011/11/26/Online-Again.html" title="Online Again">restore the missing content</a>.</p>
  3293. <p>Thus I would like to encourage everyone to support the efforts of archive.org with a <a href="https://archive.org/donate/" title="Donate to the Internet Archive!">donation</a>.</p>
  3294. ]]></description>
  3295.    <content:encoded><![CDATA[<p><a href="https://jeffhuang.com/designed_to_last/" title="This Page is Designed to Last: A Manifesto for Preserving Content on the Web">This Page is Designed to Last</a> &mdash; a manifesto from Jeff Huang for preserving content on the web, where he advocates to keep content on the web available and pledges to keep his site available for the next 10 years.</p>
  3296. <p>Having my content in this weblog online since 2002, I can very much relate to this initiative and additionally would like to point to the efforts of <a href="https://archive.org/">archive.org</a> (aka. The Internet Archive).<br>The wayback machine of archive.org allows to see old versions of websites, even when the website itself is no longer available.</p>
  3297. <p>For me personally this became critically useful when the database of my weblog vanished with no current backup and I then used the archived versions from archive.org to <a href="https://blog.x-way.org/Misc/2011/11/26/Online-Again.html" title="Online Again">restore the missing content</a>.</p>
  3298. <p>Thus I would like to encourage everyone to support the efforts of archive.org with a <a href="https://archive.org/donate/" title="Donate to the Internet Archive!">donation</a>.</p>
  3299. ]]></content:encoded>
  3300.  </item>
  3301.  
  3302.  <item>
  3303.    <title>The Comet Is Coming</title>
  3304.    <link>https://blog.x-way.org/Music/2019/11/02/The-Comet-Is-Coming.html</link>
  3305.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324269</guid>
  3306.    <dc:creator>Andreas Jaggi</dc:creator>
  3307.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3308.    <pubDate>Sat, 02 Nov 2019 11:04:00 +0100</pubDate>
  3309.    <category domain="https://blog.x-way.org/Music">Music</category>
  3310.    <description><![CDATA[<p><a href="https://youtu.be/G55GspnNkBo" title="The Comet Is Coming - Summon The Fire - YouTube">The Comet Is Coming - Summon The Fire</a></p>
  3311. <p><a href="https://www.thecometiscoming.co.uk/" title="The Comet Is Coming">The Comet Is Coming</a> is a 21st century style Jazz band.<br>
  3312. Discovered at the <a href="https://jazznojazz.ch/" title="Zurich Jazznojazz Festival 2019">Jazznojazz</a> festival :-)</p>
  3313. ]]></description>
  3314.    <content:encoded><![CDATA[<p><a href="https://youtu.be/G55GspnNkBo" title="The Comet Is Coming - Summon The Fire - YouTube">The Comet Is Coming - Summon The Fire</a></p>
  3315. <p><a href="https://www.thecometiscoming.co.uk/" title="The Comet Is Coming">The Comet Is Coming</a> is a 21st century style Jazz band.<br>
  3316. Discovered at the <a href="https://jazznojazz.ch/" title="Zurich Jazznojazz Festival 2019">Jazznojazz</a> festival :-)</p>
  3317. ]]></content:encoded>
  3318.  </item>
  3319.  
  3320.  <item>
  3321.    <title>More productive Git</title>
  3322.    <link>https://blog.x-way.org/Coding/2019/05/25/More-productive-Git.html</link>
  3323.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324268</guid>
  3324.    <dc:creator>Andreas Jaggi</dc:creator>
  3325.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3326.    <pubDate>Sat, 25 May 2019 07:47:00 +0200</pubDate>
  3327.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  3328.    <description><![CDATA[<p><a href="https://increment.com/open-source/more-productive-git/" title="More productive Git">More productive Git</a> &mdash; a short article from <a href="https://twitter.com/kartar" title="@katar">James Turnbull</a> with 'Tips for acquiring Git super powers'.</p>
  3329. <p>TL;DR:</p>
  3330. <ul>
  3331. <li><code>git reset &lt;filename&gt;</code></li>
  3332. <li><code>git cherry-pick &lt;commitid&gt;</code></li>
  3333. <li><code>git commit --amend</code></li>
  3334. <li><code>git stash</code></li>
  3335. <li><code>git log --stat</code></li>
  3336. <li><code>git bisect</code></li>
  3337. </ul>
  3338. ]]></description>
  3339.    <content:encoded><![CDATA[<p><a href="https://increment.com/open-source/more-productive-git/" title="More productive Git">More productive Git</a> &mdash; a short article from <a href="https://twitter.com/kartar" title="@katar">James Turnbull</a> with 'Tips for acquiring Git super powers'.</p>
  3340. <p>TL;DR:</p>
  3341. <ul>
  3342. <li><code>git reset &lt;filename&gt;</code></li>
  3343. <li><code>git cherry-pick &lt;commitid&gt;</code></li>
  3344. <li><code>git commit --amend</code></li>
  3345. <li><code>git stash</code></li>
  3346. <li><code>git log --stat</code></li>
  3347. <li><code>git bisect</code></li>
  3348. </ul>
  3349. ]]></content:encoded>
  3350.  </item>
  3351.  
  3352.  <item>
  3353.    <title>Engineering Management</title>
  3354.    <link>https://blog.x-way.org/Coding/2019/01/06/Engineering-Management.html</link>
  3355.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324267</guid>
  3356.    <dc:creator>Andreas Jaggi</dc:creator>
  3357.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3358.    <pubDate>Sun, 06 Jan 2019 13:21:00 +0100</pubDate>
  3359.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  3360.    <description><![CDATA[<p><a href="https://charity.wtf/2019/01/04/engineering-management-the-pendulum-or-the-ladder/" title="Engineering Management: The Pendulum Or The Ladder">Engineering Management: The Pendulum Or The Ladder</a> &mdash; a well written article from <a href="https://charity.wtf/" title="Charity Majors">Charity Majors</a> about the non-trivial entanglement between engineering and management, explaining how doing everything at the same time does lead to unhappy/un-fulfilled people. Also worth reading in this context is the prequel article <a href="https://charity.wtf/2017/05/11/the-engineer-manager-pendulum/" title="The Engineer/Manager Pendulum">The Engineer/Manager Pendulum</a>.</p>
  3361. ]]></description>
  3362.    <content:encoded><![CDATA[<p><a href="https://charity.wtf/2019/01/04/engineering-management-the-pendulum-or-the-ladder/" title="Engineering Management: The Pendulum Or The Ladder">Engineering Management: The Pendulum Or The Ladder</a> &mdash; a well written article from <a href="https://charity.wtf/" title="Charity Majors">Charity Majors</a> about the non-trivial entanglement between engineering and management, explaining how doing everything at the same time does lead to unhappy/un-fulfilled people. Also worth reading in this context is the prequel article <a href="https://charity.wtf/2017/05/11/the-engineer-manager-pendulum/" title="The Engineer/Manager Pendulum">The Engineer/Manager Pendulum</a>.</p>
  3363. ]]></content:encoded>
  3364.  </item>
  3365.  
  3366.  <item>
  3367.    <title>Blogroll cleanup</title>
  3368.    <link>https://blog.x-way.org/Misc/2019/01/06/Blogroll-cleanup.html</link>
  3369.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324266</guid>
  3370.    <dc:creator>Andreas Jaggi</dc:creator>
  3371.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3372.    <pubDate>Sun, 06 Jan 2019 12:55:00 +0100</pubDate>
  3373.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3374.    <description><![CDATA[<p>As some links on my blogroll start to turn into 404 errors it's time to do some cleanup and also to bring in some fresh blood :-)</p>
  3375. <p>Removed:</p>
  3376. <ul>
  3377. <li><a href="https://web.archive.org/web/20200221101248/http://www.mezzoblue.com/" title="mezzoblue">mezzoblue</a></li>
  3378. <li><a href="http://daveshea.com/blog/" title="Dave Shea">Dave Shea</a></li>
  3379. <li><a href="http://www.pepilog.de/" title="Pepilog">Pepilog</a></li>
  3380. <li><a href="https://www.elfengleich.de/" title="Elfengleich">e.loge</a></li>
  3381. <li><a href="https://web.archive.org/web/20180313151513/http://www.ende-der-vernunft.org/" title="EDV">EDV</a></li>
  3382. <li><a href="https://web.archive.org/web/20170221215450/http://sid.rstack.org/blog/" title="sid.rstack.org/blog">sid.rstack.org/blog</a></li>
  3383. <li><a href="https://web.archive.org/web/20161223004544/https://couchblog.de/codecandies/" title="Code Candies">Code Candies</a></li>
  3384. <li><a href="https://thepacketgeek.com/" title="thePacketGeek">thePacketGeek</a></li>
  3385. <li><a href="http://lovfoood.blogspot.com/" title="lovfoood">lovfoood</a></li>
  3386. </ul>
  3387. <p>Added:</p>
  3388. <ul>
  3389. <li><a href="https://charity.wtf/" title="charity.wtf">charity.wtf</a></li>
  3390. </ul>
  3391. ]]></description>
  3392.    <content:encoded><![CDATA[<p>As some links on my blogroll start to turn into 404 errors it's time to do some cleanup and also to bring in some fresh blood :-)</p>
  3393. <p>Removed:</p>
  3394. <ul>
  3395. <li><a href="https://web.archive.org/web/20200221101248/http://www.mezzoblue.com/" title="mezzoblue">mezzoblue</a></li>
  3396. <li><a href="http://daveshea.com/blog/" title="Dave Shea">Dave Shea</a></li>
  3397. <li><a href="http://www.pepilog.de/" title="Pepilog">Pepilog</a></li>
  3398. <li><a href="https://www.elfengleich.de/" title="Elfengleich">e.loge</a></li>
  3399. <li><a href="https://web.archive.org/web/20180313151513/http://www.ende-der-vernunft.org/" title="EDV">EDV</a></li>
  3400. <li><a href="https://web.archive.org/web/20170221215450/http://sid.rstack.org/blog/" title="sid.rstack.org/blog">sid.rstack.org/blog</a></li>
  3401. <li><a href="https://web.archive.org/web/20161223004544/https://couchblog.de/codecandies/" title="Code Candies">Code Candies</a></li>
  3402. <li><a href="https://thepacketgeek.com/" title="thePacketGeek">thePacketGeek</a></li>
  3403. <li><a href="http://lovfoood.blogspot.com/" title="lovfoood">lovfoood</a></li>
  3404. </ul>
  3405. <p>Added:</p>
  3406. <ul>
  3407. <li><a href="https://charity.wtf/" title="charity.wtf">charity.wtf</a></li>
  3408. </ul>
  3409. ]]></content:encoded>
  3410.  </item>
  3411.  
  3412.  <item>
  3413.    <title>New Year - New Vim Trick</title>
  3414.    <link>https://blog.x-way.org/Coding/2019/01/01/New-Year-New-Vim-Trick.html</link>
  3415.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324265</guid>
  3416.    <dc:creator>Andreas Jaggi</dc:creator>
  3417.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3418.    <pubDate>Tue, 01 Jan 2019 22:24:00 +0100</pubDate>
  3419.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  3420.    <description><![CDATA[<p>Happy 2019! I have learnt a new <a href="https://www.vim.org/" title="Vim - the ubiquitous text editor">Vim</a> trick:<br>
  3421. When searching for some pattern with <kbd>/</kbd> (eg. <kbd>/mystring</kbd>), often the next step is to perform a replacement command.
  3422. Now instead of re-typing the whole string, you can directly enter the substitution command with an emtpy search-pattern (<kbd>:%s//newstring/</kbd>), Vim then automatically re-uses the previous search pattern.
  3423. </p>
  3424. <p>(<a href="https://dev.to/jkreeftmeijer/whats-your-favorite-vim-trick-5eag" title="What's your favorite Vim trick?">via</a>)</p>
  3425. ]]></description>
  3426.    <content:encoded><![CDATA[<p>Happy 2019! I have learnt a new <a href="https://www.vim.org/" title="Vim - the ubiquitous text editor">Vim</a> trick:<br>
  3427. When searching for some pattern with <kbd>/</kbd> (eg. <kbd>/mystring</kbd>), often the next step is to perform a replacement command.
  3428. Now instead of re-typing the whole string, you can directly enter the substitution command with an emtpy search-pattern (<kbd>:%s//newstring/</kbd>), Vim then automatically re-uses the previous search pattern.
  3429. </p>
  3430. <p>(<a href="https://dev.to/jkreeftmeijer/whats-your-favorite-vim-trick-5eag" title="What's your favorite Vim trick?">via</a>)</p>
  3431. ]]></content:encoded>
  3432.  </item>
  3433.  
  3434.  <item>
  3435.    <title>The Swiss Army Knife of Hashmaps</title>
  3436.    <link>https://blog.x-way.org/Coding/2018/12/08/The-Swiss-Army-Knife-of-Hashmaps.html</link>
  3437.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324264</guid>
  3438.    <dc:creator>Andreas Jaggi</dc:creator>
  3439.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3440.    <pubDate>Sat, 08 Dec 2018 06:41:00 +0100</pubDate>
  3441.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  3442.    <description><![CDATA[<p><a href="https://blog.waffles.space/2018/12/07/deep-dive-into-hashbrown/" title="The Swiss Army Knife of Hashmaps">The Swiss Army Knife of Hashmaps</a> &mdash; a very nice article from <a href="https://blog.waffles.space/" title="Arrow of Code">Ravi Shankar</a> explaining how <a href="https://www.youtube.com/watch?v=ncHmEUmJZf4" title="Matt Kulukundis - Designing a Fast, Efficient, Cache-friendly Hash Table, Step by Step">Google's SwissTable</a> concept was implemented for Rust.</p>
  3443. ]]></description>
  3444.    <content:encoded><![CDATA[<p><a href="https://blog.waffles.space/2018/12/07/deep-dive-into-hashbrown/" title="The Swiss Army Knife of Hashmaps">The Swiss Army Knife of Hashmaps</a> &mdash; a very nice article from <a href="https://blog.waffles.space/" title="Arrow of Code">Ravi Shankar</a> explaining how <a href="https://www.youtube.com/watch?v=ncHmEUmJZf4" title="Matt Kulukundis - Designing a Fast, Efficient, Cache-friendly Hash Table, Step by Step">Google's SwissTable</a> concept was implemented for Rust.</p>
  3445. ]]></content:encoded>
  3446.  </item>
  3447.  
  3448.  <item>
  3449.    <title>Run QRadar CE on Mac OS X with Vagrant</title>
  3450.    <link>https://blog.x-way.org/Networking/2018/08/05/Run-QRadar-CE-on-Mac-OS-X-with-Vagrant.html</link>
  3451.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324263</guid>
  3452.    <dc:creator>Andreas Jaggi</dc:creator>
  3453.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3454.    <pubDate>Sun, 05 Aug 2018 13:18:00 +0200</pubDate>
  3455.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  3456.    <description><![CDATA[<p>The Vagrant file provided by IBM for running <a href="https://developer.ibm.com/qradar/ce/" title="QRadar Community Edition">QRadar Community Edition</a> on Mac OS X currently does not work properly. It fails with the following error:</p>
  3457. <pre>Failure: repodata/repomd.xml from centos-gluster38: [Errno 256] No more mirrors to try.
  3458. http://mirror.centos.org/centos/7/storage/x86_64/gluster-3.8/repodata/repomd.xml: [Errno 14] HTTP Error 404</pre>
  3459. <p>The problem is that gluster3.8 was moved out of this CentOS repository and now the download fails.
  3460. But the gluster3.8 RPMs are also provided with the QRadar CE installation ISO file.</p>
  3461. <p>Based on the workaround <a href="https://developer.ibm.com/answers/questions/447072/qradar-fails-to-install-centos-7-gluster-38/">described here</a>, I've extended the IBM provided Vagrantfile so that the RPMs are taken from the ISO file instead of the CentOS repository.
  3462. With the <a href="https://blog.x-way.org/stuff/Vagrantfile" title="QRadar CE Vagrantfile">modified Vagrantfile</a> the automatic provisioning script no longer fails.</p>
  3463.  
  3464. <p>The instructions for running QRadar CE with Vagrant now look like this:</p>
  3465. <ol><li>Download the zipfile with the original Vagrantfile and the accompanying helper files from the IBM website: <a href="https://developer.ibm.com/qradar/ce/" title="https://developer.ibm.com/qradar/ce/">https://developer.ibm.com/qradar/ce/</a></li>
  3466. <li>Create a folder and extract the zipfile:<br>
  3467. <pre>mkdir community_edition
  3468. unzip QRadarCE_Vagrantfile.20171003084145.zip -d community_edition/</pre></li>
  3469. <li>Download the modified Vagrantfile and overwrite the original one:<br>
  3470. <pre>curl -o community_edition/Vagrantfile https://blog.x-way.org/stuff/Vagrantfile</pre></li>
  3471. <li>Make sure you have the requried Vagrant plugins installed:<br>
  3472. <pre>vagrant plugin install vagrant-disksize
  3473. vagrant plugin install vagrant-reload</pre></li>
  3474. <li>Make sure you have the QRadar CE ISO file (downloaded from the IBM website) in the same folder as the Vagrantfile:<br>
  3475. <pre>cp QRadarCE.iso community_edition/</pre></li>
  3476. <li>Create the auto_install file to automatically install QRadar:<br>
  3477. <pre>touch community_edition/auto_install</pre></li>
  3478. <li>Accept the EULA by adding the corresponding setup parameter in the Vagrantfile:<br>
  3479. Edit the Vagrantfile and add the --accept-eula argument to /media/cdrom/setup --no-screen to automatically accept the EULA</li>
  3480. <li>Change into the folder and start the QRadar installation (takes about 1 hour):<br>
  3481. <pre>cd community_edition
  3482. vagrant up</pre></li></ol>
  3483. ]]></description>
  3484.    <content:encoded><![CDATA[<p>The Vagrant file provided by IBM for running <a href="https://developer.ibm.com/qradar/ce/" title="QRadar Community Edition">QRadar Community Edition</a> on Mac OS X currently does not work properly. It fails with the following error:</p>
  3485. <pre>Failure: repodata/repomd.xml from centos-gluster38: [Errno 256] No more mirrors to try.
  3486. http://mirror.centos.org/centos/7/storage/x86_64/gluster-3.8/repodata/repomd.xml: [Errno 14] HTTP Error 404</pre>
  3487. <p>The problem is that gluster3.8 was moved out of this CentOS repository and now the download fails.
  3488. But the gluster3.8 RPMs are also provided with the QRadar CE installation ISO file.</p>
  3489. <p>Based on the workaround <a href="https://developer.ibm.com/answers/questions/447072/qradar-fails-to-install-centos-7-gluster-38/">described here</a>, I've extended the IBM provided Vagrantfile so that the RPMs are taken from the ISO file instead of the CentOS repository.
  3490. With the <a href="https://blog.x-way.org/stuff/Vagrantfile" title="QRadar CE Vagrantfile">modified Vagrantfile</a> the automatic provisioning script no longer fails.</p>
  3491.  
  3492. <p>The instructions for running QRadar CE with Vagrant now look like this:</p>
  3493. <ol><li>Download the zipfile with the original Vagrantfile and the accompanying helper files from the IBM website: <a href="https://developer.ibm.com/qradar/ce/" title="https://developer.ibm.com/qradar/ce/">https://developer.ibm.com/qradar/ce/</a></li>
  3494. <li>Create a folder and extract the zipfile:<br>
  3495. <pre>mkdir community_edition
  3496. unzip QRadarCE_Vagrantfile.20171003084145.zip -d community_edition/</pre></li>
  3497. <li>Download the modified Vagrantfile and overwrite the original one:<br>
  3498. <pre>curl -o community_edition/Vagrantfile https://blog.x-way.org/stuff/Vagrantfile</pre></li>
  3499. <li>Make sure you have the requried Vagrant plugins installed:<br>
  3500. <pre>vagrant plugin install vagrant-disksize
  3501. vagrant plugin install vagrant-reload</pre></li>
  3502. <li>Make sure you have the QRadar CE ISO file (downloaded from the IBM website) in the same folder as the Vagrantfile:<br>
  3503. <pre>cp QRadarCE.iso community_edition/</pre></li>
  3504. <li>Create the auto_install file to automatically install QRadar:<br>
  3505. <pre>touch community_edition/auto_install</pre></li>
  3506. <li>Accept the EULA by adding the corresponding setup parameter in the Vagrantfile:<br>
  3507. Edit the Vagrantfile and add the --accept-eula argument to /media/cdrom/setup --no-screen to automatically accept the EULA</li>
  3508. <li>Change into the folder and start the QRadar installation (takes about 1 hour):<br>
  3509. <pre>cd community_edition
  3510. vagrant up</pre></li></ol>
  3511. ]]></content:encoded>
  3512.  </item>
  3513.  
  3514.  <item>
  3515.    <title>Raid The Arcade</title>
  3516.    <link>https://blog.x-way.org/Music/2018/07/19/Raid-The-Arcade.html</link>
  3517.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324262</guid>
  3518.    <dc:creator>Andreas Jaggi</dc:creator>
  3519.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3520.    <pubDate>Thu, 19 Jul 2018 15:31:00 +0200</pubDate>
  3521.    <category domain="https://blog.x-way.org/Music">Music</category>
  3522.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/raid_the_arcade.jpg" alt="Raid The Arcade Mix" width="450" height="535"></p>
  3523. <p><a href="https://www.amazon.com/dp/0804137277/" title="Ernest Cline - Armada">Ernest Cline - Armada</a></p>
  3524. ]]></description>
  3525.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/raid_the_arcade.jpg" alt="Raid The Arcade Mix" width="450" height="535"></p>
  3526. <p><a href="https://www.amazon.com/dp/0804137277/" title="Ernest Cline - Armada">Ernest Cline - Armada</a></p>
  3527. ]]></content:encoded>
  3528.  </item>
  3529.  
  3530.  <item>
  3531.    <title>Benjojo</title>
  3532.    <link>https://blog.x-way.org/Misc/2018/04/14/Benjojo.html</link>
  3533.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324261</guid>
  3534.    <dc:creator>Andreas Jaggi</dc:creator>
  3535.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3536.    <pubDate>Sat, 14 Apr 2018 07:16:00 +0200</pubDate>
  3537.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3538.    <description><![CDATA[<p>Added another interesting blog to the Links: <a href="https://blog.benjojo.co.uk/" title="Benjojo's Blog">benjojo.co.uk</a></p>
  3539.  
  3540. <p>Ben builds and writes about a lot of funny small projects:</p>
  3541. <ul>
  3542. <li><a href="https://blog.benjojo.co.uk/post/dns-filesystem-true-cloud-storage-dnsfs" title="DNSFS. Store your files in others DNS resolver caches">Storing files in DNS caches</a></li>
  3543. <li><a href="https://blog.benjojo.co.uk/post/encoding-data-into-dubstep-drops" title="Encoding data in dubstep drops">Encoding data in dubstep music</a></li>
  3544. <li><a href="https://blog.benjojo.co.uk/post/tor-onions-to-v6-with-iptables-proxy" title="Giving every Tor Hidden Service a IPv6 address">Building an IPv6-to-Tor gateway</a></li>
  3545. <li><a href="https://blog.benjojo.co.uk/post/ssh-port-fluxing-with-totp" title="TOTP SSH port fluxing">Switching SSH port based on a time-based token</a></li>
  3546. </ul>
  3547. ]]></description>
  3548.    <content:encoded><![CDATA[<p>Added another interesting blog to the Links: <a href="https://blog.benjojo.co.uk/" title="Benjojo's Blog">benjojo.co.uk</a></p>
  3549.  
  3550. <p>Ben builds and writes about a lot of funny small projects:</p>
  3551. <ul>
  3552. <li><a href="https://blog.benjojo.co.uk/post/dns-filesystem-true-cloud-storage-dnsfs" title="DNSFS. Store your files in others DNS resolver caches">Storing files in DNS caches</a></li>
  3553. <li><a href="https://blog.benjojo.co.uk/post/encoding-data-into-dubstep-drops" title="Encoding data in dubstep drops">Encoding data in dubstep music</a></li>
  3554. <li><a href="https://blog.benjojo.co.uk/post/tor-onions-to-v6-with-iptables-proxy" title="Giving every Tor Hidden Service a IPv6 address">Building an IPv6-to-Tor gateway</a></li>
  3555. <li><a href="https://blog.benjojo.co.uk/post/ssh-port-fluxing-with-totp" title="TOTP SSH port fluxing">Switching SSH port based on a time-based token</a></li>
  3556. </ul>
  3557. ]]></content:encoded>
  3558.  </item>
  3559.  
  3560.  <item>
  3561.    <title>Exclude domain from unknown sender check</title>
  3562.    <link>https://blog.x-way.org/Linux/2018/04/04/Exclude-domain-from-unknown-sender-check.html</link>
  3563.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324260</guid>
  3564.    <dc:creator>Andreas Jaggi</dc:creator>
  3565.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3566.    <pubDate>Wed, 04 Apr 2018 23:03:00 +0200</pubDate>
  3567.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3568.    <description><![CDATA[<p><a href="http://www.postfix.org/" title="The Postfix Home Page">Postfix</a> provides the <a href="http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain" title="Postfix Configuration Parameters: reject_unknown_sender_domain">reject_unknown_sender_domain</a> check which allows to only accept incoming e-mails sent from domains which actually exist.</p>
  3569. <p>Unfortunately there exists this one external service which uses a non-existing subdomain to send their notification e-mails. Thus all their notifications get rejected.</p>
  3570. <p>The following configuration allows to keep the reject_unknown_sender_domain check in place, but to exclude a specific domain from this check.</p>
  3571.  
  3572. <pre>
  3573. # snippet in main.cf
  3574. smtpd_sender_restrictions = check_sender_access pcre:/etc/postfix/sender_domain_verification
  3575. </pre>
  3576.  
  3577. <pre>
  3578. # exclude regex in sender_domain_verification
  3579. !/@domain\.to\.exclude\.com$/ reject_unknown_sender_domain
  3580. </pre>
  3581.  
  3582. <p>Your distribution might ship Postfix support for pcre matches in a dedicated package which needs to be installed separately (in the case of Debian you need to install the postfix-pcre package).</p>
  3583. ]]></description>
  3584.    <content:encoded><![CDATA[<p><a href="http://www.postfix.org/" title="The Postfix Home Page">Postfix</a> provides the <a href="http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain" title="Postfix Configuration Parameters: reject_unknown_sender_domain">reject_unknown_sender_domain</a> check which allows to only accept incoming e-mails sent from domains which actually exist.</p>
  3585. <p>Unfortunately there exists this one external service which uses a non-existing subdomain to send their notification e-mails. Thus all their notifications get rejected.</p>
  3586. <p>The following configuration allows to keep the reject_unknown_sender_domain check in place, but to exclude a specific domain from this check.</p>
  3587.  
  3588. <pre>
  3589. # snippet in main.cf
  3590. smtpd_sender_restrictions = check_sender_access pcre:/etc/postfix/sender_domain_verification
  3591. </pre>
  3592.  
  3593. <pre>
  3594. # exclude regex in sender_domain_verification
  3595. !/@domain\.to\.exclude\.com$/ reject_unknown_sender_domain
  3596. </pre>
  3597.  
  3598. <p>Your distribution might ship Postfix support for pcre matches in a dedicated package which needs to be installed separately (in the case of Debian you need to install the postfix-pcre package).</p>
  3599. ]]></content:encoded>
  3600.  </item>
  3601.  
  3602.  <item>
  3603.    <title>Blogroll update</title>
  3604.    <link>https://blog.x-way.org/Misc/2018/04/01/Blogroll-update.html</link>
  3605.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324259</guid>
  3606.    <dc:creator>Andreas Jaggi</dc:creator>
  3607.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3608.    <pubDate>Sun, 01 Apr 2018 21:52:00 +0200</pubDate>
  3609.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3610.    <description><![CDATA[<p>Added the following blogs to the Links:</p>
  3611. <ul>
  3612. <li><a href="https://henrikwarne.com/" title="Henrik Warne&#039;s blog | Thoughts on programming&#8230;">Thoughts on programming</a></li>
  3613. <li><a href="https://eklitzke.org/" title="Evan Klitzke">eklitzke.org</a></li>
  3614. <li><a href="https://rachelbythebay.com/w/" title="rachelbythebay : Writing">rachelbythebay.com</a></li>
  3615. </ul>
  3616. <p>Seems like the blog/RSS thing is getting traction again: <a href="https://www.wired.com/story/rss-readers-feedly-inoreader-old-reader/" title="After years of letting algorithms make up our minds for us, the time is right to go back to basics.">It's Time for an RSS Revival</a> (<a href="https://news.ycombinator.com/item?id=16721690" title="It&#x27;s time to head back to RSS? | Hacker News">via</a>)</p>
  3617. ]]></description>
  3618.    <content:encoded><![CDATA[<p>Added the following blogs to the Links:</p>
  3619. <ul>
  3620. <li><a href="https://henrikwarne.com/" title="Henrik Warne&#039;s blog | Thoughts on programming&#8230;">Thoughts on programming</a></li>
  3621. <li><a href="https://eklitzke.org/" title="Evan Klitzke">eklitzke.org</a></li>
  3622. <li><a href="https://rachelbythebay.com/w/" title="rachelbythebay : Writing">rachelbythebay.com</a></li>
  3623. </ul>
  3624. <p>Seems like the blog/RSS thing is getting traction again: <a href="https://www.wired.com/story/rss-readers-feedly-inoreader-old-reader/" title="After years of letting algorithms make up our minds for us, the time is right to go back to basics.">It's Time for an RSS Revival</a> (<a href="https://news.ycombinator.com/item?id=16721690" title="It&#x27;s time to head back to RSS? | Hacker News">via</a>)</p>
  3625. ]]></content:encoded>
  3626.  </item>
  3627.  
  3628.  <item>
  3629.    <title>nflog_sniff extended with C++ implementation</title>
  3630.    <link>https://blog.x-way.org/Networking/2015/12/05/nflog_sniff-extended-with-C---implementation.html</link>
  3631.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324258</guid>
  3632.    <dc:creator>Andreas Jaggi</dc:creator>
  3633.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3634.    <pubDate>Sat, 05 Dec 2015 11:58:00 +0100</pubDate>
  3635.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  3636.    <description><![CDATA[<p>With nflog_sniffer.cpp I've just added a C++ implementation to the <a href="https://github.com/x-way/nflog_sniff" title="x-way/nflog_sniff">nflog_sniff</a> repository.</p>
  3637. <p>It uses the lean (and apparently also very fast) <a href="https://libtins.github.io/" title="C++ packet sniffing and crafting library - libtins">libtins</a> library.</p>
  3638. ]]></description>
  3639.    <content:encoded><![CDATA[<p>With nflog_sniffer.cpp I've just added a C++ implementation to the <a href="https://github.com/x-way/nflog_sniff" title="x-way/nflog_sniff">nflog_sniff</a> repository.</p>
  3640. <p>It uses the lean (and apparently also very fast) <a href="https://libtins.github.io/" title="C++ packet sniffing and crafting library - libtins">libtins</a> library.</p>
  3641. ]]></content:encoded>
  3642.  </item>
  3643.  
  3644.  <item>
  3645.    <title>DNS packet sniffing with NFLOG and Perl/Python</title>
  3646.    <link>https://blog.x-way.org/Networking/2015/12/04/DNS-packet-sniffing-with-NFLOG-and-Perl-Python.html</link>
  3647.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324257</guid>
  3648.    <dc:creator>Andreas Jaggi</dc:creator>
  3649.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3650.    <pubDate>Fri, 04 Dec 2015 20:10:00 +0100</pubDate>
  3651.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  3652.    <description><![CDATA[<p>The <a href="https://github.com/chifflier/nflog-bindings" title="chifflier/nflog-bindings">nflog-bindings</a> from Pierre Chifflier make it trivially easy to write a passive packet sniffer which can be controlled via iptables and listens to traffic on multiple interfaces at the same time.</p>
  3653. <p>As a little exercise I have written a simple DNS packet sniffer, once in Perl and once in Python:</p>
  3654. <script src="https://gist.github.com/x-way/caf03da77fe2cc83b6bd.js"></script>
  3655. <script src="https://gist.github.com/x-way/54955b8bb4bb28a77d06.js"></script>
  3656. <p>To use the sniffer, first create an iptables rule like this: iptables -I INPUT -p udp --sport 53 -j NFLOG --nflog-group 123</p>
  3657. <p>Then start one of the sniffer scripts and observe the extracted DNS queries :-)</p>
  3658. <p>For a more convenient download I've also put the scripts in a proper Github repository: <a href="https://github.com/x-way/nflog_sniff" title="x-way/nflog_sniff">nflog_sniff</a></p>
  3659. ]]></description>
  3660.    <content:encoded><![CDATA[<p>The <a href="https://github.com/chifflier/nflog-bindings" title="chifflier/nflog-bindings">nflog-bindings</a> from Pierre Chifflier make it trivially easy to write a passive packet sniffer which can be controlled via iptables and listens to traffic on multiple interfaces at the same time.</p>
  3661. <p>As a little exercise I have written a simple DNS packet sniffer, once in Perl and once in Python:</p>
  3662. <script src="https://gist.github.com/x-way/caf03da77fe2cc83b6bd.js"></script>
  3663. <script src="https://gist.github.com/x-way/54955b8bb4bb28a77d06.js"></script>
  3664. <p>To use the sniffer, first create an iptables rule like this: iptables -I INPUT -p udp --sport 53 -j NFLOG --nflog-group 123</p>
  3665. <p>Then start one of the sniffer scripts and observe the extracted DNS queries :-)</p>
  3666. <p>For a more convenient download I've also put the scripts in a proper Github repository: <a href="https://github.com/x-way/nflog_sniff" title="x-way/nflog_sniff">nflog_sniff</a></p>
  3667. ]]></content:encoded>
  3668.  </item>
  3669.  
  3670.  <item>
  3671.    <title>Mutt Homebrew Formula extended with indexcolor patch</title>
  3672.    <link>https://blog.x-way.org/Linux/2015/11/03/Mutt-Homebrew-Formula-extended-with-indexcolor-patch.html</link>
  3673.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324256</guid>
  3674.    <dc:creator>Andreas Jaggi</dc:creator>
  3675.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3676.    <pubDate>Tue, 03 Nov 2015 20:18:00 +0100</pubDate>
  3677.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3678.    <description><![CDATA[<p>I've just added the <a href="https://greek0.net/blog/2006/08/01/mutt-indexcolor-patch/" title="A mutt patch for a more colorful index">indexcolor</a> patch to my <a href="https://github.com/x-way/homebrew-mutt" title="x-way/homebrew-mutt">Mutt 1.5.24 Homebrew Formula</a>.</p>
  3679. <p>To use this Formula just type <kbd>brew tap x-way/mutt</kbd> followed by <kbd>brew install x-way/mutt/mutt --with-trash-patch --with-indexcolor-patch</kbd> to install Mutt 1.5.24 with trash_folder and indexcolor support.</p>
  3680. ]]></description>
  3681.    <content:encoded><![CDATA[<p>I've just added the <a href="https://greek0.net/blog/2006/08/01/mutt-indexcolor-patch/" title="A mutt patch for a more colorful index">indexcolor</a> patch to my <a href="https://github.com/x-way/homebrew-mutt" title="x-way/homebrew-mutt">Mutt 1.5.24 Homebrew Formula</a>.</p>
  3682. <p>To use this Formula just type <kbd>brew tap x-way/mutt</kbd> followed by <kbd>brew install x-way/mutt/mutt --with-trash-patch --with-indexcolor-patch</kbd> to install Mutt 1.5.24 with trash_folder and indexcolor support.</p>
  3683. ]]></content:encoded>
  3684.  </item>
  3685.  
  3686.  <item>
  3687.    <title>Homebrew Tap for Mutt 1.5.24 with trash_folder patch</title>
  3688.    <link>https://blog.x-way.org/Linux/2015/09/23/Homebrew-Tap-for-Mutt-1-5-24-with-trash_folder-patch.html</link>
  3689.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324255</guid>
  3690.    <dc:creator>Andreas Jaggi</dc:creator>
  3691.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3692.    <pubDate>Wed, 23 Sep 2015 22:31:00 +0200</pubDate>
  3693.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3694.    <description><![CDATA[<p>At work I'm a quite avid user of <a href="http://www.mutt.org/" title="The Mutt E-Mail Client">Mutt</a>. Unfortunately the upgrade to the recently released version 1.5.24 did not go over as smooth as expected.</p>
  3695. <p>I'm using <a href="http://brew.sh/" title="Homebrew - The missing package manager for OS X">Homebrew</a> to install Mutt on Mac OS X, and even though there is an updated version in the official Homebrew repository, it no longer comes with the trash_folder patch (it fails to apply against the 1.5.24 source tree and was thus removed).</p>
  3696. <p>In order to build the new Mutt version with the trash_folder support, I updated the patch for version 1.5.24: <a href="https://blog.x-way.org/stuff/mutt-1.5.24-trash_folder.diff" title="mutt-1.5.24-trash_folder.diff">mutt-1.5.24-trash_folder.diff</a>.</p>
  3697. <p>The official Homebrew repository prefers unpatched packages and encourages the creation of independent "Taps" (package repositories) for patched packages. Thus I also created my own Homebrew Tap which contains the 1.5.24 version of Mutt with the updated trash_folder patch: <a href="https://github.com/x-way/homebrew-mutt" title="x-way/homebrew-mutt">x-way/homebrew-mutt</a>.</p>
  3698. <p>To use this Tap just type <kbd>brew tap x-way/mutt</kbd> followed by <kbd>brew install x-way/mutt/mutt --with-trash-patch</kbd> to install Mutt 1.5.24 with trash_folder support. Cheers!</p>
  3699. ]]></description>
  3700.    <content:encoded><![CDATA[<p>At work I'm a quite avid user of <a href="http://www.mutt.org/" title="The Mutt E-Mail Client">Mutt</a>. Unfortunately the upgrade to the recently released version 1.5.24 did not go over as smooth as expected.</p>
  3701. <p>I'm using <a href="http://brew.sh/" title="Homebrew - The missing package manager for OS X">Homebrew</a> to install Mutt on Mac OS X, and even though there is an updated version in the official Homebrew repository, it no longer comes with the trash_folder patch (it fails to apply against the 1.5.24 source tree and was thus removed).</p>
  3702. <p>In order to build the new Mutt version with the trash_folder support, I updated the patch for version 1.5.24: <a href="https://blog.x-way.org/stuff/mutt-1.5.24-trash_folder.diff" title="mutt-1.5.24-trash_folder.diff">mutt-1.5.24-trash_folder.diff</a>.</p>
  3703. <p>The official Homebrew repository prefers unpatched packages and encourages the creation of independent "Taps" (package repositories) for patched packages. Thus I also created my own Homebrew Tap which contains the 1.5.24 version of Mutt with the updated trash_folder patch: <a href="https://github.com/x-way/homebrew-mutt" title="x-way/homebrew-mutt">x-way/homebrew-mutt</a>.</p>
  3704. <p>To use this Tap just type <kbd>brew tap x-way/mutt</kbd> followed by <kbd>brew install x-way/mutt/mutt --with-trash-patch</kbd> to install Mutt 1.5.24 with trash_folder support. Cheers!</p>
  3705. ]]></content:encoded>
  3706.  </item>
  3707.  
  3708.  <item>
  3709.    <title>Puppet Infrastructure 2015</title>
  3710.    <link>https://blog.x-way.org/Linux/2015/08/15/Puppet-Infrastructure-2015.html</link>
  3711.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324254</guid>
  3712.    <dc:creator>Andreas Jaggi</dc:creator>
  3713.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3714.    <pubDate>Sat, 15 Aug 2015 06:47:00 +0200</pubDate>
  3715.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3716.    <description><![CDATA[<p><a href="http://terrarum.net/blog/puppet-infrastructure-2015.html" title="Puppet Infrastructure 2015">Puppet Infrastructure 2015</a></p>
  3717. ]]></description>
  3718.    <content:encoded><![CDATA[<p><a href="http://terrarum.net/blog/puppet-infrastructure-2015.html" title="Puppet Infrastructure 2015">Puppet Infrastructure 2015</a></p>
  3719. ]]></content:encoded>
  3720.  </item>
  3721.  
  3722.  <item>
  3723.    <title>Downgrade Quagga on Debian 8</title>
  3724.    <link>https://blog.x-way.org/Linux/2015/08/12/Downgrade-Quagga-on-Debian-8.html</link>
  3725.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324253</guid>
  3726.    <dc:creator>Andreas Jaggi</dc:creator>
  3727.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3728.    <pubDate>Wed, 12 Aug 2015 04:11:00 +0200</pubDate>
  3729.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3730.    <description><![CDATA[<p>The <a href="http://www.nongnu.org/quagga/" title="Quagga Routing Suite">Quagga</a> version in Debian 8 (v0.99.23.1) suffers from a <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784292" title="quagga: ospf6d no loner updates route after upgrade to Jessie">bug in ospf6d</a>, which causes that no IPv6 routes are exchanged via point-to-point interfaces.</p>
  3731.  
  3732. <p>In order to workaround this problem (and re-establish IPv6 connectivity), a downgrade of the quagga package can be done.<br>
  3733. For this we add the 'oldstable' entry to sources.list and pin the quagga package to the old version.</p>
  3734.  
  3735. <p>Entry to add to /etc/apt/sources.list:</p>
  3736. <pre>deb http://mirror.switch.ch/ftp/mirror/debian/ oldstable main</pre>
  3737. <p>Entry to add to /etc/apt/preferences:</p>
  3738. <pre>Package: quagga
  3739. Pin: version 0.99.22.*
  3740. Pin-Priority: 1001</pre>
  3741.  
  3742. <p>After the entries have been added, run <kbd>apt-get update</kbd> followed by <kbd>apt-get install quagga</kbd> to downgrade to the old quagga package.</p>
  3743. ]]></description>
  3744.    <content:encoded><![CDATA[<p>The <a href="http://www.nongnu.org/quagga/" title="Quagga Routing Suite">Quagga</a> version in Debian 8 (v0.99.23.1) suffers from a <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784292" title="quagga: ospf6d no loner updates route after upgrade to Jessie">bug in ospf6d</a>, which causes that no IPv6 routes are exchanged via point-to-point interfaces.</p>
  3745.  
  3746. <p>In order to workaround this problem (and re-establish IPv6 connectivity), a downgrade of the quagga package can be done.<br>
  3747. For this we add the 'oldstable' entry to sources.list and pin the quagga package to the old version.</p>
  3748.  
  3749. <p>Entry to add to /etc/apt/sources.list:</p>
  3750. <pre>deb http://mirror.switch.ch/ftp/mirror/debian/ oldstable main</pre>
  3751. <p>Entry to add to /etc/apt/preferences:</p>
  3752. <pre>Package: quagga
  3753. Pin: version 0.99.22.*
  3754. Pin-Priority: 1001</pre>
  3755.  
  3756. <p>After the entries have been added, run <kbd>apt-get update</kbd> followed by <kbd>apt-get install quagga</kbd> to downgrade to the old quagga package.</p>
  3757. ]]></content:encoded>
  3758.  </item>
  3759.  
  3760.  <item>
  3761.    <title>fsociety00.dat</title>
  3762.    <link>https://blog.x-way.org/Misc/2015/07/19/fsociety00-dat.html</link>
  3763.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324252</guid>
  3764.    <dc:creator>Andreas Jaggi</dc:creator>
  3765.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3766.    <pubDate>Sun, 19 Jul 2015 23:44:00 +0200</pubDate>
  3767.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3768.    <description><![CDATA[<p><a href="https://blog.x-way.org/fsociety00.dat" title="fsociety00.dat">fsociety00.dat</a></p>
  3769. ]]></description>
  3770.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/fsociety00.dat" title="fsociety00.dat">fsociety00.dat</a></p>
  3771. ]]></content:encoded>
  3772.  </item>
  3773.  
  3774.  <item>
  3775.    <title>Scapy and IP Options</title>
  3776.    <link>https://blog.x-way.org/Networking/2015/07/12/Scapy-and-IP-Options.html</link>
  3777.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324251</guid>
  3778.    <dc:creator>Andreas Jaggi</dc:creator>
  3779.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3780.    <pubDate>Sun, 12 Jul 2015 23:56:00 +0200</pubDate>
  3781.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  3782.    <description><![CDATA[<p>Create packets with custom IPv4 IP Option fields using <a href="http://www.secdev.org/projects/scapy/" title="Scapy is a powerful interactive packet manipulation program">Scapy</a>:</p>
  3783. <pre>
  3784. &gt;&gt;&gt; packet=IP(src="203.0.113.1",dst="203.0.113.2",options=[IPOption('%s%s'%('\x86\x28','a'*38))])
  3785. &gt;&gt;&gt; ls(packet)
  3786. version    : BitField             = 4               (4)
  3787. ihl        : BitField             = None            (None)
  3788. tos        : XByteField           = 0               (0)
  3789. len        : ShortField           = None            (None)
  3790. id         : ShortField           = 1               (1)
  3791. flags      : FlagsField           = 0               (0)
  3792. frag       : BitField             = 0               (0)
  3793. ttl        : ByteField            = 64              (64)
  3794. proto      : ByteEnumField        = 0               (0)
  3795. chksum     : XShortField          = None            (None)
  3796. src        : Emph                 = '203.0.113.1'   (None)
  3797. dst        : Emph                 = '203.0.113.2'   ('127.0.0.1')
  3798. options    : PacketListField      = [&lt;IPOption  copy_flag=1L optclass=control option=commercial_security length=40 value='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' |&gt;] ([])
  3799. &gt;&gt;&gt; sr1(packet)
  3800. </pre>
  3801. <p>The above code results in the following packet (as seen by <a href="https://www.wireshark.org/" title="Wireshark Network Protocol Analyzer">Wireshark</a>):</p>
  3802. <p><img src="https://blog.x-way.org/images/scapy_ip_option.png" alt="Wireshark showing the packet with the custom IP Option" width="540" height="576"></p>
  3803. ]]></description>
  3804.    <content:encoded><![CDATA[<p>Create packets with custom IPv4 IP Option fields using <a href="http://www.secdev.org/projects/scapy/" title="Scapy is a powerful interactive packet manipulation program">Scapy</a>:</p>
  3805. <pre>
  3806. &gt;&gt;&gt; packet=IP(src="203.0.113.1",dst="203.0.113.2",options=[IPOption('%s%s'%('\x86\x28','a'*38))])
  3807. &gt;&gt;&gt; ls(packet)
  3808. version    : BitField             = 4               (4)
  3809. ihl        : BitField             = None            (None)
  3810. tos        : XByteField           = 0               (0)
  3811. len        : ShortField           = None            (None)
  3812. id         : ShortField           = 1               (1)
  3813. flags      : FlagsField           = 0               (0)
  3814. frag       : BitField             = 0               (0)
  3815. ttl        : ByteField            = 64              (64)
  3816. proto      : ByteEnumField        = 0               (0)
  3817. chksum     : XShortField          = None            (None)
  3818. src        : Emph                 = '203.0.113.1'   (None)
  3819. dst        : Emph                 = '203.0.113.2'   ('127.0.0.1')
  3820. options    : PacketListField      = [&lt;IPOption  copy_flag=1L optclass=control option=commercial_security length=40 value='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' |&gt;] ([])
  3821. &gt;&gt;&gt; sr1(packet)
  3822. </pre>
  3823. <p>The above code results in the following packet (as seen by <a href="https://www.wireshark.org/" title="Wireshark Network Protocol Analyzer">Wireshark</a>):</p>
  3824. <p><img src="https://blog.x-way.org/images/scapy_ip_option.png" alt="Wireshark showing the packet with the custom IP Option" width="540" height="576"></p>
  3825. ]]></content:encoded>
  3826.  </item>
  3827.  
  3828.  <item>
  3829.    <title>Upgrade to Debian 8 without systemd</title>
  3830.    <link>https://blog.x-way.org/Linux/2015/07/11/Upgrade-to-Debian-8-without-systemd.html</link>
  3831.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324250</guid>
  3832.    <dc:creator>Andreas Jaggi</dc:creator>
  3833.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3834.    <pubDate>Sat, 11 Jul 2015 11:27:00 +0200</pubDate>
  3835.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  3836.    <description><![CDATA[<p>To avoid the automatic installation/switch to systemd during the upgrade to Debian 8, it is enough to prevent the installation of the <code>systemd-sysv</code> package.</p>
  3837. <p>This can be done by creating a file <code>/etc/apt/preferences.d/no-systemd-sysv</code> with the following content:</p>
  3838. <pre>Package: systemd-sysv
  3839. Pin: release o=Debian
  3840. Pin-Priority: -1</pre>
  3841. <p>(<a href="http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-cosin.html#(12)" title="Debian 8 Jessie ohne Systemd betreiben">via</a>)</p>
  3842. ]]></description>
  3843.    <content:encoded><![CDATA[<p>To avoid the automatic installation/switch to systemd during the upgrade to Debian 8, it is enough to prevent the installation of the <code>systemd-sysv</code> package.</p>
  3844. <p>This can be done by creating a file <code>/etc/apt/preferences.d/no-systemd-sysv</code> with the following content:</p>
  3845. <pre>Package: systemd-sysv
  3846. Pin: release o=Debian
  3847. Pin-Priority: -1</pre>
  3848. <p>(<a href="http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-cosin.html#(12)" title="Debian 8 Jessie ohne Systemd betreiben">via</a>)</p>
  3849. ]]></content:encoded>
  3850.  </item>
  3851.  
  3852.  <item>
  3853.    <title>Obey the cloud!</title>
  3854.    <link>https://blog.x-way.org/Misc/2015/07/05/Obey-the-cloud.html</link>
  3855.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324249</guid>
  3856.    <dc:creator>Andreas Jaggi</dc:creator>
  3857.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3858.    <pubDate>Sun, 05 Jul 2015 17:22:00 +0200</pubDate>
  3859.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3860.    <description><![CDATA[<p>So true...</p>
  3861. <p><img src="https://blog.x-way.org/images/adobe_cloud.jpg" alt="Johannes Kretzschmar - Obey the cloud!" width="450" height="2514"></p>
  3862. <p><a href="http://blog.beetlebum.de/2015/06/24/obey-the-cloud/" title="Obey the cloud!">"Obey the cloud!"</a> by <a href="http://blog.beetlebum.de" title="Jojos illustrierter Blog">Johannes Kretzschmar</a>, licensed under <a href="http://creativecommons.org/licenses/by-nc-sa/3.0/" title="Creative Commons - Attribution-NonCommercial-ShareAlike 3.0 Unported - CC BY-NC-SA 3.0">CC BY-NC-SA 3.0</a>.</p>
  3863. ]]></description>
  3864.    <content:encoded><![CDATA[<p>So true...</p>
  3865. <p><img src="https://blog.x-way.org/images/adobe_cloud.jpg" alt="Johannes Kretzschmar - Obey the cloud!" width="450" height="2514"></p>
  3866. <p><a href="http://blog.beetlebum.de/2015/06/24/obey-the-cloud/" title="Obey the cloud!">"Obey the cloud!"</a> by <a href="http://blog.beetlebum.de" title="Jojos illustrierter Blog">Johannes Kretzschmar</a>, licensed under <a href="http://creativecommons.org/licenses/by-nc-sa/3.0/" title="Creative Commons - Attribution-NonCommercial-ShareAlike 3.0 Unported - CC BY-NC-SA 3.0">CC BY-NC-SA 3.0</a>.</p>
  3867. ]]></content:encoded>
  3868.  </item>
  3869.  
  3870.  <item>
  3871.    <title>The Day Is My Enemy</title>
  3872.    <link>https://blog.x-way.org/Music/2015/02/24/The-Day-Is-My-Enemy.html</link>
  3873.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324248</guid>
  3874.    <dc:creator>Andreas Jaggi</dc:creator>
  3875.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3876.    <pubDate>Tue, 24 Feb 2015 17:08:00 +0100</pubDate>
  3877.    <category domain="https://blog.x-way.org/Music">Music</category>
  3878.    <description><![CDATA[<p><a href="https://youtu.be/h1AaKBbNGkk" title="The Prodigy - The Day Is My Enemy - YouTube">The Prodigy - The Day Is My Enemy</a></p>
  3879. <p>Looking forward to see the live performance at the <a href="https://web.archive.org/web/20150226015240/http://www.futuremusicfestival.com.au/" title="Future Music Festival 2015 (archive.org)">Future Music Festival 2015</a> :-)</p>
  3880. ]]></description>
  3881.    <content:encoded><![CDATA[<p><a href="https://youtu.be/h1AaKBbNGkk" title="The Prodigy - The Day Is My Enemy - YouTube">The Prodigy - The Day Is My Enemy</a></p>
  3882. <p>Looking forward to see the live performance at the <a href="https://web.archive.org/web/20150226015240/http://www.futuremusicfestival.com.au/" title="Future Music Festival 2015 (archive.org)">Future Music Festival 2015</a> :-)</p>
  3883. ]]></content:encoded>
  3884.  </item>
  3885.  
  3886.  <item>
  3887.    <title>Hand-crafted IP packets</title>
  3888.    <link>https://blog.x-way.org/Networking/2015/01/11/Hand-crafted-IP-packets.html</link>
  3889.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324247</guid>
  3890.    <dc:creator>Andreas Jaggi</dc:creator>
  3891.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3892.    <pubDate>Sun, 11 Jan 2015 23:16:00 +0100</pubDate>
  3893.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  3894.    <description><![CDATA[<p><a href="https://blog.x-way.org/images/rfc791-form.jpg" title="Form RFC 791"><img src="https://blog.x-way.org/images/rfc791-form.jpg" width="520" height="328" alt="Form RFC 791"></a></p>
  3895. <p>(<a href="https://www.snookles.com/slf-blog/slf-blog/2014/05/19/hand-crafted-ip-packets-with-form-rfc-791/" title="Hand-crafted IP packets with Form RFC 791">via</a>)</p>
  3896. ]]></description>
  3897.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/images/rfc791-form.jpg" title="Form RFC 791"><img src="https://blog.x-way.org/images/rfc791-form.jpg" width="520" height="328" alt="Form RFC 791"></a></p>
  3898. <p>(<a href="https://www.snookles.com/slf-blog/slf-blog/2014/05/19/hand-crafted-ip-packets-with-form-rfc-791/" title="Hand-crafted IP packets with Form RFC 791">via</a>)</p>
  3899. ]]></content:encoded>
  3900.  </item>
  3901.  
  3902.  <item>
  3903.    <title>Christmas Run</title>
  3904.    <link>https://blog.x-way.org/Misc/2014/12/25/Christmas-Run.html</link>
  3905.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324246</guid>
  3906.    <dc:creator>Andreas Jaggi</dc:creator>
  3907.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3908.    <pubDate>Thu, 25 Dec 2014 07:12:00 +0100</pubDate>
  3909.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3910.    <description><![CDATA[<p>Run #9 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Two rounds again, this time during noon with some nice sun and a whopping 30°C :-)</p>
  3911. <p><a href="https://www.strava.com/activities/232605707" title="Centennial Midday Run 2x | Strava">Centennial Midday Run 2x</a></p>
  3912. ]]></description>
  3913.    <content:encoded><![CDATA[<p>Run #9 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Two rounds again, this time during noon with some nice sun and a whopping 30°C :-)</p>
  3914. <p><a href="https://www.strava.com/activities/232605707" title="Centennial Midday Run 2x | Strava">Centennial Midday Run 2x</a></p>
  3915. ]]></content:encoded>
  3916.  </item>
  3917.  
  3918.  <item>
  3919.    <title>Advent Run #8</title>
  3920.    <link>https://blog.x-way.org/Misc/2014/12/22/Advent-Run-8.html</link>
  3921.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324245</guid>
  3922.    <dc:creator>Andreas Jaggi</dc:creator>
  3923.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3924.    <pubDate>Mon, 22 Dec 2014 23:35:00 +0100</pubDate>
  3925.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3926.    <description><![CDATA[<p>Run #8 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Two rounds again, and with some rain :-(</p>
  3927. <p><a href="https://www.strava.com/activities/231954760" title="Centennial Morning Run 2x | Strava">Centennial Morning Run 2x</a></p>
  3928. ]]></description>
  3929.    <content:encoded><![CDATA[<p>Run #8 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Two rounds again, and with some rain :-(</p>
  3930. <p><a href="https://www.strava.com/activities/231954760" title="Centennial Morning Run 2x | Strava">Centennial Morning Run 2x</a></p>
  3931. ]]></content:encoded>
  3932.  </item>
  3933.  
  3934.  <item>
  3935.    <title>Advent Run #7</title>
  3936.    <link>https://blog.x-way.org/Misc/2014/12/18/Advent-Run-7.html</link>
  3937.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324244</guid>
  3938.    <dc:creator>Andreas Jaggi</dc:creator>
  3939.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3940.    <pubDate>Thu, 18 Dec 2014 23:21:00 +0100</pubDate>
  3941.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3942.    <description><![CDATA[<p>Run #7 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Only one round, but the fastest one so far.</p>
  3943. <p><a href="https://www.strava.com/activities/230676682" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  3944. ]]></description>
  3945.    <content:encoded><![CDATA[<p>Run #7 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Only one round, but the fastest one so far.</p>
  3946. <p><a href="https://www.strava.com/activities/230676682" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  3947. ]]></content:encoded>
  3948.  </item>
  3949.  
  3950.  <item>
  3951.    <title>Advent Run #6</title>
  3952.    <link>https://blog.x-way.org/Misc/2014/12/15/Advent-Run-6.html</link>
  3953.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324243</guid>
  3954.    <dc:creator>Andreas Jaggi</dc:creator>
  3955.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3956.    <pubDate>Mon, 15 Dec 2014 23:31:00 +0100</pubDate>
  3957.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3958.    <description><![CDATA[<p>Run #6 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Two rounds this time, with a slower pace though.</p>
  3959. <p><a href="https://www.strava.com/activities/229959879" title="Centennial Morning Run 2x | Strava">Centennial Morning Run 2x</a></p>
  3960. ]]></description>
  3961.    <content:encoded><![CDATA[<p>Run #6 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Two rounds this time, with a slower pace though.</p>
  3962. <p><a href="https://www.strava.com/activities/229959879" title="Centennial Morning Run 2x | Strava">Centennial Morning Run 2x</a></p>
  3963. ]]></content:encoded>
  3964.  </item>
  3965.  
  3966.  <item>
  3967.    <title>Advent Run #5</title>
  3968.    <link>https://blog.x-way.org/Misc/2014/12/11/Advent-Run-5.html</link>
  3969.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324242</guid>
  3970.    <dc:creator>Andreas Jaggi</dc:creator>
  3971.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3972.    <pubDate>Thu, 11 Dec 2014 22:51:00 +0100</pubDate>
  3973.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3974.    <description><![CDATA[<p>Run #5 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Didn't have the patience to wait for the GPS to lock onto the signal, thus the late start.</p>
  3975. <p><a href="https://www.strava.com/activities/228585950" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  3976. ]]></description>
  3977.    <content:encoded><![CDATA[<p>Run #5 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>. Didn't have the patience to wait for the GPS to lock onto the signal, thus the late start.</p>
  3978. <p><a href="https://www.strava.com/activities/228585950" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  3979. ]]></content:encoded>
  3980.  </item>
  3981.  
  3982.  <item>
  3983.    <title>Advent Run #4</title>
  3984.    <link>https://blog.x-way.org/Misc/2014/12/09/Advent-Run-4.html</link>
  3985.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324241</guid>
  3986.    <dc:creator>Andreas Jaggi</dc:creator>
  3987.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  3988.    <pubDate>Tue, 09 Dec 2014 23:14:00 +0100</pubDate>
  3989.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  3990.    <description><![CDATA[<p>Run #4 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>, this time a bit later and thus with more sun:</p>
  3991. <p><a href="https://www.strava.com/activities/227954289" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  3992. ]]></description>
  3993.    <content:encoded><![CDATA[<p>Run #4 around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>, this time a bit later and thus with more sun:</p>
  3994. <p><a href="https://www.strava.com/activities/227954289" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  3995. ]]></content:encoded>
  3996.  </item>
  3997.  
  3998.  <item>
  3999.    <title>Advent Run #3</title>
  4000.    <link>https://blog.x-way.org/Misc/2014/12/08/Advent-Run-3.html</link>
  4001.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324240</guid>
  4002.    <dc:creator>Andreas Jaggi</dc:creator>
  4003.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4004.    <pubDate>Mon, 08 Dec 2014 22:53:00 +0100</pubDate>
  4005.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  4006.    <description><![CDATA[<p>Another run around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>, this time counterclockwise:</p>
  4007. <p><a href="https://www.strava.com/activities/227599067" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  4008. ]]></description>
  4009.    <content:encoded><![CDATA[<p>Another run around <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>, this time counterclockwise:</p>
  4010. <p><a href="https://www.strava.com/activities/227599067" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  4011. ]]></content:encoded>
  4012.  </item>
  4013.  
  4014.  <item>
  4015.    <title>Advent Run #2</title>
  4016.    <link>https://blog.x-way.org/Misc/2014/12/03/Advent-Run-2.html</link>
  4017.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324239</guid>
  4018.    <dc:creator>Andreas Jaggi</dc:creator>
  4019.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4020.    <pubDate>Wed, 03 Dec 2014 22:43:00 +0100</pubDate>
  4021.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  4022.    <description><![CDATA[<p>Next run around the beautiful <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>:</p>
  4023. <p><a href="https://www.strava.com/activities/225939583" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  4024. ]]></description>
  4025.    <content:encoded><![CDATA[<p>Next run around the beautiful <a href="http://www.centennialparklands.com.au" title="Centennial Parklands">Centennial Park</a>:</p>
  4026. <p><a href="https://www.strava.com/activities/225939583" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  4027. ]]></content:encoded>
  4028.  </item>
  4029.  
  4030.  <item>
  4031.    <title>Advent Run #1</title>
  4032.    <link>https://blog.x-way.org/Misc/2014/12/01/Advent-Run-1.html</link>
  4033.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324237</guid>
  4034.    <dc:creator>Andreas Jaggi</dc:creator>
  4035.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4036.    <pubDate>Mon, 01 Dec 2014 22:34:00 +0100</pubDate>
  4037.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  4038.    <description><![CDATA[<p>The nice thing of being in Sydney during December is that you can go running during christmas time and it is 22°C :-)</p>
  4039. <p><a href="https://www.strava.com/activities/225305851" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  4040. ]]></description>
  4041.    <content:encoded><![CDATA[<p>The nice thing of being in Sydney during December is that you can go running during christmas time and it is 22°C :-)</p>
  4042. <p><a href="https://www.strava.com/activities/225305851" title="Centennial Morning Run | Strava">Centennial Morning Run</a></p>
  4043. ]]></content:encoded>
  4044.  </item>
  4045.  
  4046.  <item>
  4047.    <title>Regex Crossword</title>
  4048.    <link>https://blog.x-way.org/Coding/2014/11/30/Regex-Crossword.html</link>
  4049.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324236</guid>
  4050.    <dc:creator>Andreas Jaggi</dc:creator>
  4051.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4052.    <pubDate>Sun, 30 Nov 2014 21:55:00 +0100</pubDate>
  4053.    <category domain="https://blog.x-way.org/Coding">Coding</category>
  4054.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/regexcrossword.png" width="520" height="351" alt="The End | Regex Crossword"></p>
  4055. <p><a href="http://regexcrossword.com" title="Regex Crossword">Regex Crossword</a> (<a href="https://news.ycombinator.com/item?id=8674039" title="Regex Crossword | Hacker News">via</a>)</p>
  4056. ]]></description>
  4057.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/regexcrossword.png" width="520" height="351" alt="The End | Regex Crossword"></p>
  4058. <p><a href="http://regexcrossword.com" title="Regex Crossword">Regex Crossword</a> (<a href="https://news.ycombinator.com/item?id=8674039" title="Regex Crossword | Hacker News">via</a>)</p>
  4059. ]]></content:encoded>
  4060.  </item>
  4061.  
  4062.  <item>
  4063.    <title>The UNIX System</title>
  4064.    <link>https://blog.x-way.org/Linux/2014/11/24/The-UNIX-System.html</link>
  4065.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324235</guid>
  4066.    <dc:creator>Andreas Jaggi</dc:creator>
  4067.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4068.    <pubDate>Mon, 24 Nov 2014 23:26:00 +0100</pubDate>
  4069.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  4070.    <description><![CDATA[<p><a href="https://youtu.be/tc4ROCJYbm0" title="AT&amp;T Archives: The UNIX Operation System - YouTube">AT&amp;T Archives: The UNIX Operation System</a></p>
  4071. <p>The UNIX System: Making Computers More Productive, 1982, Bell Laboratories</p>
  4072. ]]></description>
  4073.    <content:encoded><![CDATA[<p><a href="https://youtu.be/tc4ROCJYbm0" title="AT&amp;T Archives: The UNIX Operation System - YouTube">AT&amp;T Archives: The UNIX Operation System</a></p>
  4074. <p>The UNIX System: Making Computers More Productive, 1982, Bell Laboratories</p>
  4075. ]]></content:encoded>
  4076.  </item>
  4077.  
  4078.  <item>
  4079.    <title>SixSpotting</title>
  4080.    <link>https://blog.x-way.org/Networking/2014/11/02/SixSpotting.html</link>
  4081.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324234</guid>
  4082.    <dc:creator>Andreas Jaggi</dc:creator>
  4083.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4084.    <pubDate>Sun, 02 Nov 2014 08:43:00 +0100</pubDate>
  4085.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4086.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/for-realz.jpg" width="618" height="463" alt="IPv6 - IS FOR REALZ NOWZ, SRUSLY"></p>
  4087. <p><a href="https://game.flyingpenguintech.org" title="SixSpotting">SixSpotting</a>, a funny little game where you collect points by logging in from as many IPv6 enabled providers as possible.</p>
  4088. ]]></description>
  4089.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/for-realz.jpg" width="618" height="463" alt="IPv6 - IS FOR REALZ NOWZ, SRUSLY"></p>
  4090. <p><a href="https://game.flyingpenguintech.org" title="SixSpotting">SixSpotting</a>, a funny little game where you collect points by logging in from as many IPv6 enabled providers as possible.</p>
  4091. ]]></content:encoded>
  4092.  </item>
  4093.  
  4094.  <item>
  4095.    <title>Show Shellshock the door</title>
  4096.    <link>https://blog.x-way.org/Networking/2014/10/18/Show-Shellshock-the-door.html</link>
  4097.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324233</guid>
  4098.    <dc:creator>Andreas Jaggi</dc:creator>
  4099.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4100.    <pubDate>Sat, 18 Oct 2014 18:45:00 +0200</pubDate>
  4101.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4102.    <description><![CDATA[<p>
  4103. Lately the requests trying to exploit the <a href="http://en.wikipedia.org/wiki/Shellshock_(software_bug)" title="Shellshock (software bug)">Shellshock vulnerability</a> are getting annoying.
  4104. Of course my hosts are patched &mdash; even before the first such request arrived &mdash; and they are using <a href="http://en.wikipedia.org/wiki/Debian_Almquist_shell" title="Debian Almquist shell">Dash</a> as /bin/sh anyway.<br>
  4105. But this does not stop attackers from sending those requests.
  4106. Some even seem to have programmed a loop which sends request after request even though their exploit is not working.
  4107. </p>
  4108. <p>
  4109. Since most of the requests are for valid URLs, the webserver just replies with a 200 status code and serves the content.
  4110. As this gives no indication to the attacker whether his exploit worked or not, he has no reason to remove the host from his target-list and thus continues to send requests.
  4111. </p>
  4112. <p>
  4113. To break this pattern and signal that the host is not vulnerable to Shellshock, I came up with the <a href="http://nginx.org" title="nginx">nginx</a> config snippet below.
  4114. It recognizes Shellshock patterns in a request and replies with a '403 Forbidden' status code, thus indicating to an attacker that his request was blocked.
  4115. </p>
  4116. <pre>
  4117. if ( $http_referer ~ ^\s*\(\s*\)\s*\{ ) {
  4118.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4119. }
  4120. if ( $http_user_agent ~ ^\s*\(\s*\)\s*\{ ) {
  4121.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4122. }
  4123. if ( $http_cookie ~ ^\s*\(\s*\)\s*\{ ) {
  4124.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4125. }
  4126. if ( $http_host ~ ^\s*\(\s*\)\s*\{ ) {
  4127.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4128. }
  4129. if ( $args ~ ^\s*\(\s*\)\s*\{ ) {
  4130.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4131. }
  4132. if ( $content_type ~ ^\s*\(\s*\)\s*\{ ) {
  4133.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4134. }
  4135. if ( $remote_user ~ ^\s*\(\s*\)\s*\{ ) {
  4136.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4137. }
  4138. if ( $request ~ ^\s*\(\s*\)\s*\{ ) {
  4139.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4140. }
  4141. if ( $request_body ~ ^\s*\(\s*\)\s*\{ ) {
  4142.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4143. }
  4144. </pre>
  4145. ]]></description>
  4146.    <content:encoded><![CDATA[<p>
  4147. Lately the requests trying to exploit the <a href="http://en.wikipedia.org/wiki/Shellshock_(software_bug)" title="Shellshock (software bug)">Shellshock vulnerability</a> are getting annoying.
  4148. Of course my hosts are patched &mdash; even before the first such request arrived &mdash; and they are using <a href="http://en.wikipedia.org/wiki/Debian_Almquist_shell" title="Debian Almquist shell">Dash</a> as /bin/sh anyway.<br>
  4149. But this does not stop attackers from sending those requests.
  4150. Some even seem to have programmed a loop which sends request after request even though their exploit is not working.
  4151. </p>
  4152. <p>
  4153. Since most of the requests are for valid URLs, the webserver just replies with a 200 status code and serves the content.
  4154. As this gives no indication to the attacker whether his exploit worked or not, he has no reason to remove the host from his target-list and thus continues to send requests.
  4155. </p>
  4156. <p>
  4157. To break this pattern and signal that the host is not vulnerable to Shellshock, I came up with the <a href="http://nginx.org" title="nginx">nginx</a> config snippet below.
  4158. It recognizes Shellshock patterns in a request and replies with a '403 Forbidden' status code, thus indicating to an attacker that his request was blocked.
  4159. </p>
  4160. <pre>
  4161. if ( $http_referer ~ ^\s*\(\s*\)\s*\{ ) {
  4162.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4163. }
  4164. if ( $http_user_agent ~ ^\s*\(\s*\)\s*\{ ) {
  4165.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4166. }
  4167. if ( $http_cookie ~ ^\s*\(\s*\)\s*\{ ) {
  4168.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4169. }
  4170. if ( $http_host ~ ^\s*\(\s*\)\s*\{ ) {
  4171.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4172. }
  4173. if ( $args ~ ^\s*\(\s*\)\s*\{ ) {
  4174.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4175. }
  4176. if ( $content_type ~ ^\s*\(\s*\)\s*\{ ) {
  4177.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4178. }
  4179. if ( $remote_user ~ ^\s*\(\s*\)\s*\{ ) {
  4180.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4181. }
  4182. if ( $request ~ ^\s*\(\s*\)\s*\{ ) {
  4183.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4184. }
  4185. if ( $request_body ~ ^\s*\(\s*\)\s*\{ ) {
  4186.        return 403 "Blocked by Shellshock protection (https://blog.x-way.org/Show-Shellshock-the-door).";
  4187. }
  4188. </pre>
  4189. ]]></content:encoded>
  4190.  </item>
  4191.  
  4192.  <item>
  4193.    <title>Inspect CSR with OpenSSL</title>
  4194.    <link>https://blog.x-way.org/Linux/2014/10/17/Inspect-CSR-with-OpenSSL.html</link>
  4195.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324232</guid>
  4196.    <dc:creator>Andreas Jaggi</dc:creator>
  4197.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4198.    <pubDate>Fri, 17 Oct 2014 10:45:00 +0200</pubDate>
  4199.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  4200.    <description><![CDATA[<p>Before sending a <abbr title="Certificate Signing Request">CSR</abbr> off to your <abbr title="Certificate Authority">CA</abbr>, it is worth checking that all parameters are correct.<br>Especially you should make sure that the requested signature algorithm is SHA256 and not the deprecated SHA1.</p>
  4201. <p>This can be done with the following OpenSSL command:</p>
  4202. <pre>openssl req -noout -text -in &lt;your_CSR_file&gt;</pre>
  4203. ]]></description>
  4204.    <content:encoded><![CDATA[<p>Before sending a <abbr title="Certificate Signing Request">CSR</abbr> off to your <abbr title="Certificate Authority">CA</abbr>, it is worth checking that all parameters are correct.<br>Especially you should make sure that the requested signature algorithm is SHA256 and not the deprecated SHA1.</p>
  4205. <p>This can be done with the following OpenSSL command:</p>
  4206. <pre>openssl req -noout -text -in &lt;your_CSR_file&gt;</pre>
  4207. ]]></content:encoded>
  4208.  </item>
  4209.  
  4210.  <item>
  4211.    <title>Blueprint of IKEA</title>
  4212.    <link>https://blog.x-way.org/Misc/2014/10/13/Blueprint-of-IKEA.html</link>
  4213.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324231</guid>
  4214.    <dc:creator>Andreas Jaggi</dc:creator>
  4215.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4216.    <pubDate>Mon, 13 Oct 2014 06:38:00 +0200</pubDate>
  4217.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  4218.    <description><![CDATA[<p>Spot-on representation of every IKEA store's layout:</p>
  4219. <p><a href="https://blog.x-way.org/images/ikea_blueprint.jpg" title="Blueprint of IKEA"><img src="https://blog.x-way.org/images/ikea_blueprint_small.jpg" alt="Blueprint of IKEA" width="540" height="255"></a></p>
  4220. ]]></description>
  4221.    <content:encoded><![CDATA[<p>Spot-on representation of every IKEA store's layout:</p>
  4222. <p><a href="https://blog.x-way.org/images/ikea_blueprint.jpg" title="Blueprint of IKEA"><img src="https://blog.x-way.org/images/ikea_blueprint_small.jpg" alt="Blueprint of IKEA" width="540" height="255"></a></p>
  4223. ]]></content:encoded>
  4224.  </item>
  4225.  
  4226.  <item>
  4227.    <title>NORWAY - A Time-Lapse Adventure</title>
  4228.    <link>https://blog.x-way.org/Misc/2014/10/05/NORWAY-A-Time-Lapse-Adventure.html</link>
  4229.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324230</guid>
  4230.    <dc:creator>Andreas Jaggi</dc:creator>
  4231.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4232.    <pubDate>Sun, 05 Oct 2014 08:38:00 +0200</pubDate>
  4233.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  4234.    <description><![CDATA[<p><a href="https://vimeo.com/200671449" title="SEASONS of NORWAY - A Time-Lapse Adventure - Vimeo">SEASONS of NORWAY - A Time-Lapse Adventure</a></p>
  4235. <p><a href="http://vimeo.com/200671449" title="SEASONS of NORWAY - A Time-Lapse Adventure">SEASONS of NORWAY - A Time-Lapse Adventure</a> from <a href="http://vimeo.com/rustadmedia" title="Rustad Media">Rustad Media</a> on <a href="https://vimeo.com" title="Vimeo">Vimeo</a>. (<a href="http://kniebes.com" title="Markus Kniebes">via</a>)</p>
  4236. ]]></description>
  4237.    <content:encoded><![CDATA[<p><a href="https://vimeo.com/200671449" title="SEASONS of NORWAY - A Time-Lapse Adventure - Vimeo">SEASONS of NORWAY - A Time-Lapse Adventure</a></p>
  4238. <p><a href="http://vimeo.com/200671449" title="SEASONS of NORWAY - A Time-Lapse Adventure">SEASONS of NORWAY - A Time-Lapse Adventure</a> from <a href="http://vimeo.com/rustadmedia" title="Rustad Media">Rustad Media</a> on <a href="https://vimeo.com" title="Vimeo">Vimeo</a>. (<a href="http://kniebes.com" title="Markus Kniebes">via</a>)</p>
  4239. ]]></content:encoded>
  4240.  </item>
  4241.  
  4242.  <item>
  4243.    <title>How to enable SNMP on a Cisco SLM2008 Smart Switch</title>
  4244.    <link>https://blog.x-way.org/Networking/2014/10/05/How-to-enable-SNMP-on-a-Cisco-SLM2008-Smart-Switch.html</link>
  4245.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324229</guid>
  4246.    <dc:creator>Andreas Jaggi</dc:creator>
  4247.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4248.    <pubDate>Sun, 05 Oct 2014 00:31:00 +0200</pubDate>
  4249.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4250.    <description><![CDATA[<p>The Cisco SMB SLM2008 Smart Switch does normally not support SNMP and there is also no setting in the configuration interface which would enable SNMP.</p>
  4251.  
  4252. <p>But nevertheless the firmware does actually contain a SNMP daemon. Thus it is not surprising that a <a href="https://supportforums.cisco.com/discussion/11015421/slm2008-vs-snmp-vs-switchcfg-editing" title="SLM2008 vs SNMP">smart guy on to the Cisco support forum</a> found out how to manipulate the proprietary config file such that it enables the SNMP daemon:</p>
  4253.  
  4254. <ol>
  4255. <li>Configure your switch with everything you need</li>
  4256. <li>Download <a href="https://blog.x-way.org/stuff/enable_snmp.pl" title="enable_snmp.pl">enable_snmp.pl</a></li>
  4257. <li>Run <code># perl enable_snmp.pl &lt;IP of your switch&gt;</code></li>
  4258. <li>Enjoy the SNMP export from the SLM2008 :-)</li>
  4259. </ol>
  4260. <p>As this is a non-official hack, there are some limitations:</p>
  4261. <ul>
  4262. <li>The embedded SNMP daemon only supports read accces and no SNMP Traps.</li>
  4263. <li>Changing a setting on the 'System' configuration tab disables the SNMP daemon again (thus the script will need to be run again).</li>
  4264. </ul>
  4265. ]]></description>
  4266.    <content:encoded><![CDATA[<p>The Cisco SMB SLM2008 Smart Switch does normally not support SNMP and there is also no setting in the configuration interface which would enable SNMP.</p>
  4267.  
  4268. <p>But nevertheless the firmware does actually contain a SNMP daemon. Thus it is not surprising that a <a href="https://supportforums.cisco.com/discussion/11015421/slm2008-vs-snmp-vs-switchcfg-editing" title="SLM2008 vs SNMP">smart guy on to the Cisco support forum</a> found out how to manipulate the proprietary config file such that it enables the SNMP daemon:</p>
  4269.  
  4270. <ol>
  4271. <li>Configure your switch with everything you need</li>
  4272. <li>Download <a href="https://blog.x-way.org/stuff/enable_snmp.pl" title="enable_snmp.pl">enable_snmp.pl</a></li>
  4273. <li>Run <code># perl enable_snmp.pl &lt;IP of your switch&gt;</code></li>
  4274. <li>Enjoy the SNMP export from the SLM2008 :-)</li>
  4275. </ol>
  4276. <p>As this is a non-official hack, there are some limitations:</p>
  4277. <ul>
  4278. <li>The embedded SNMP daemon only supports read accces and no SNMP Traps.</li>
  4279. <li>Changing a setting on the 'System' configuration tab disables the SNMP daemon again (thus the script will need to be run again).</li>
  4280. </ul>
  4281. ]]></content:encoded>
  4282.  </item>
  4283.  
  4284.  <item>
  4285.    <title>The Cyborgs</title>
  4286.    <link>https://blog.x-way.org/Music/2014/10/01/The-Cyborgs.html</link>
  4287.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324228</guid>
  4288.    <dc:creator>Andreas Jaggi</dc:creator>
  4289.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4290.    <pubDate>Wed, 01 Oct 2014 00:10:00 +0200</pubDate>
  4291.    <category domain="https://blog.x-way.org/Music">Music</category>
  4292.    <description><![CDATA[<p><a href="https://youtu.be/d8mRWV7owNM" title="The Cyborgs - Electric Chair - YouTube">The Cyborgs - Electric Chair</a></p>
  4293. <p><a href="http://www.thecyborgs.it/" title="The Cyborgs - Two Men Band">The Cyborgs</a> is a two man 'elektrock' boogie band.<br>Thank you <a href="http://sat.rocks" title="Sat Rocks">Sat Rocks</a> for showing me their music :-)</p>
  4294. ]]></description>
  4295.    <content:encoded><![CDATA[<p><a href="https://youtu.be/d8mRWV7owNM" title="The Cyborgs - Electric Chair - YouTube">The Cyborgs - Electric Chair</a></p>
  4296. <p><a href="http://www.thecyborgs.it/" title="The Cyborgs - Two Men Band">The Cyborgs</a> is a two man 'elektrock' boogie band.<br>Thank you <a href="http://sat.rocks" title="Sat Rocks">Sat Rocks</a> for showing me their music :-)</p>
  4297. ]]></content:encoded>
  4298.  </item>
  4299.  
  4300.  <item>
  4301.    <title>CVS and SVN repositories moved to Git</title>
  4302.    <link>https://blog.x-way.org/Misc/2014/09/28/CVS-and-SVN-repositories-moved-to-Git.html</link>
  4303.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324227</guid>
  4304.    <dc:creator>Andreas Jaggi</dc:creator>
  4305.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4306.    <pubDate>Sun, 28 Sep 2014 20:01:00 +0200</pubDate>
  4307.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  4308.    <description><![CDATA[<p>Today I did some cleanup of my legacy infrastructure. The repositories formerly located at <a href="https://cvs.x-way.org/" title="cvs.x-way.org">cvs.x-way.org</a> and <a href="https://svn.x-way.org/" title="svn.x-way.org">svn.x-way.org</a> have been converted to <a href="http://git-scm.com" title="Git">Git</a> and are now available at <a href="https://git.x-way.org/" title="git.x-way.org">git.x-way.org</a>.</p>
  4309. <p>Also is <a href="https://git.x-way.org/" title="git.x-way.org">git.x-way.org</a> now no longer served by the old gitweb.cgi but by the fantastic <a href="https://gitbucket.github.io/" title="GitBucket">GitBucket</a> (a lightweight, self-contained <a href="https://github.com/" title="GitHub">GitHub</a> clone written in <a href="http://scala.epfl.ch" title="The Scala Programming Language">Scala</a>).</p>
  4310. ]]></description>
  4311.    <content:encoded><![CDATA[<p>Today I did some cleanup of my legacy infrastructure. The repositories formerly located at <a href="https://cvs.x-way.org/" title="cvs.x-way.org">cvs.x-way.org</a> and <a href="https://svn.x-way.org/" title="svn.x-way.org">svn.x-way.org</a> have been converted to <a href="http://git-scm.com" title="Git">Git</a> and are now available at <a href="https://git.x-way.org/" title="git.x-way.org">git.x-way.org</a>.</p>
  4312. <p>Also is <a href="https://git.x-way.org/" title="git.x-way.org">git.x-way.org</a> now no longer served by the old gitweb.cgi but by the fantastic <a href="https://gitbucket.github.io/" title="GitBucket">GitBucket</a> (a lightweight, self-contained <a href="https://github.com/" title="GitHub">GitHub</a> clone written in <a href="http://scala.epfl.ch" title="The Scala Programming Language">Scala</a>).</p>
  4313. ]]></content:encoded>
  4314.  </item>
  4315.  
  4316.  <item>
  4317.    <title>Netflix in Switzerland via IPv6</title>
  4318.    <link>https://blog.x-way.org/Networking/2014/09/23/Netflix-in-Switzerland-via-IPv6.html</link>
  4319.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324226</guid>
  4320.    <dc:creator>Andreas Jaggi</dc:creator>
  4321.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4322.    <pubDate>Tue, 23 Sep 2014 18:32:00 +0200</pubDate>
  4323.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4324.    <description><![CDATA[<p>Since last week <a href="http://www.netflix.ch/" title="Netflix">Netflix</a> is also available in Switzerland. The future has arrived one could say.<br>
  4325. Not only gives this easy access to TV shows and movies but also is this access provided via IPv6.</p>
  4326.  
  4327. <p>As you can see on the graph below, this brings IPv6 out of slumber and into primetime :-)<br>
  4328. Swiss providers are probably seeing quite an increase in IPv6 traffic this month.</p>
  4329.  
  4330. <p><img alt="Netflix IPv6 traffic" src="https://blog.x-way.org/images/netflix_ipv6.gif" width="500" height="170"></p>
  4331. ]]></description>
  4332.    <content:encoded><![CDATA[<p>Since last week <a href="http://www.netflix.ch/" title="Netflix">Netflix</a> is also available in Switzerland. The future has arrived one could say.<br>
  4333. Not only gives this easy access to TV shows and movies but also is this access provided via IPv6.</p>
  4334.  
  4335. <p>As you can see on the graph below, this brings IPv6 out of slumber and into primetime :-)<br>
  4336. Swiss providers are probably seeing quite an increase in IPv6 traffic this month.</p>
  4337.  
  4338. <p><img alt="Netflix IPv6 traffic" src="https://blog.x-way.org/images/netflix_ipv6.gif" width="500" height="170"></p>
  4339. ]]></content:encoded>
  4340.  </item>
  4341.  
  4342.  <item>
  4343.    <title>Octave Minds</title>
  4344.    <link>https://blog.x-way.org/Music/2014/09/18/Octave-Minds.html</link>
  4345.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324225</guid>
  4346.    <dc:creator>Andreas Jaggi</dc:creator>
  4347.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4348.    <pubDate>Thu, 18 Sep 2014 11:42:00 +0200</pubDate>
  4349.    <category domain="https://blog.x-way.org/Music">Music</category>
  4350.    <description><![CDATA[<p><a href="https://youtu.be/53zHCEFyN98" title="Octave Minds - Anthem - YouTube">Octave Minds - Anthem</a></p>
  4351. <p><a href="http://octaveminds.com" title="OCTAVE MINDS">Octave Minds</a> (<a href="http://www.reizbombardement.de" title="reizbombardement.de">via</a>)</p>
  4352. ]]></description>
  4353.    <content:encoded><![CDATA[<p><a href="https://youtu.be/53zHCEFyN98" title="Octave Minds - Anthem - YouTube">Octave Minds - Anthem</a></p>
  4354. <p><a href="http://octaveminds.com" title="OCTAVE MINDS">Octave Minds</a> (<a href="http://www.reizbombardement.de" title="reizbombardement.de">via</a>)</p>
  4355. ]]></content:encoded>
  4356.  </item>
  4357.  
  4358.  <item>
  4359.    <title>Fancy blog statistics</title>
  4360.    <link>https://blog.x-way.org/Webdesign/2014/09/12/Fancy-blog-statistics.html</link>
  4361.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324224</guid>
  4362.    <dc:creator>Andreas Jaggi</dc:creator>
  4363.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4364.    <pubDate>Fri, 12 Sep 2014 14:48:00 +0200</pubDate>
  4365.    <category domain="https://blog.x-way.org/Webdesign">Webdesign</category>
  4366.    <description><![CDATA[<p><a href="https://blog.x-way.org/about.html" title="x-log: About">The about page</a> now features some fancy blog statistics, check it out :-)</p>
  4367. <p>The statistics are created with the help of <a href="https://cal-heatmap.com/" title="Cal-Heatmap">Cal-Heatmap</a> which allows to easily create calendar heatmaps similar to the activity heatmap of GitHub.</p>
  4368. <p><b>Update:</b> couldn't stop playing around and thus added another chart, this time with the help of <a href="http://c3js.org" title="C3.js | D3-based reusable chart library">C3.js</a> (a <a href="http://d3js.org" title="D3.js - Data-Driven Documents">D3.js</a> based reusable chart library).</p>
  4369. ]]></description>
  4370.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/about.html" title="x-log: About">The about page</a> now features some fancy blog statistics, check it out :-)</p>
  4371. <p>The statistics are created with the help of <a href="https://cal-heatmap.com/" title="Cal-Heatmap">Cal-Heatmap</a> which allows to easily create calendar heatmaps similar to the activity heatmap of GitHub.</p>
  4372. <p><b>Update:</b> couldn't stop playing around and thus added another chart, this time with the help of <a href="http://c3js.org" title="C3.js | D3-based reusable chart library">C3.js</a> (a <a href="http://d3js.org" title="D3.js - Data-Driven Documents">D3.js</a> based reusable chart library).</p>
  4373. ]]></content:encoded>
  4374.  </item>
  4375.  
  4376.  <item>
  4377.    <title>Sipura/Linksys/Cisco SPA901 SPA3102 reboot phone</title>
  4378.    <link>https://blog.x-way.org/Networking/2014/09/04/Sipura-Linksys-Cisco-SPA901-SPA3102-reboot-phone.html</link>
  4379.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324223</guid>
  4380.    <dc:creator>Andreas Jaggi</dc:creator>
  4381.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4382.    <pubDate>Thu, 04 Sep 2014 10:42:00 +0200</pubDate>
  4383.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4384.    <description><![CDATA[<p>SPA901 and SPA3102 phones can be rebooted by calling the following URL (which triggers an automatic config resync after the reboot):</p>
  4385. <pre>http://&lt;PHONEIP&gt;/admin/reboot</pre>
  4386. ]]></description>
  4387.    <content:encoded><![CDATA[<p>SPA901 and SPA3102 phones can be rebooted by calling the following URL (which triggers an automatic config resync after the reboot):</p>
  4388. <pre>http://&lt;PHONEIP&gt;/admin/reboot</pre>
  4389. ]]></content:encoded>
  4390.  </item>
  4391.  
  4392.  <item>
  4393.    <title>Sipura/Linksys/Cisco SPA901 SPA3102 download current configuration</title>
  4394.    <link>https://blog.x-way.org/Networking/2014/08/30/Sipura-Linksys-Cisco-SPA901-SPA3102-download-current-configuration.html</link>
  4395.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324222</guid>
  4396.    <dc:creator>Andreas Jaggi</dc:creator>
  4397.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4398.    <pubDate>Sat, 30 Aug 2014 22:16:00 +0200</pubDate>
  4399.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4400.    <description><![CDATA[<p>The current configuration of an SPA901 phone can be downloaded like this:</p>
  4401. <pre>http://&lt;PHONEIP&gt;/admin/spacfg.xml</pre>
  4402. <p>For SPA3102 devices the URL is different:</p>
  4403. <pre>http://&lt;PHONEIP&gt;/admin/config.xml</pre>
  4404. ]]></description>
  4405.    <content:encoded><![CDATA[<p>The current configuration of an SPA901 phone can be downloaded like this:</p>
  4406. <pre>http://&lt;PHONEIP&gt;/admin/spacfg.xml</pre>
  4407. <p>For SPA3102 devices the URL is different:</p>
  4408. <pre>http://&lt;PHONEIP&gt;/admin/config.xml</pre>
  4409. ]]></content:encoded>
  4410.  </item>
  4411.  
  4412.  <item>
  4413.    <title>Native IPv6</title>
  4414.    <link>https://blog.x-way.org/Networking/2014/07/25/Native-IPv6.html</link>
  4415.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324221</guid>
  4416.    <dc:creator>Andreas Jaggi</dc:creator>
  4417.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4418.    <pubDate>Fri, 25 Jul 2014 08:08:00 +0200</pubDate>
  4419.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4420.    <description><![CDATA[<p>Yesterday I switched our DSL Link to <a href="http://www.green.ch/" title="www.green.ch">green.ch</a>. Now we not only have a higher bandwidth (thanks to VDSL) but also native IPv6 connectivity!<br>Especially nice is that it all works out of the box. After plugging in the pre-configured FritzBox, it automatically gets an IPv6 prefix via Prefix Delegation and announces it to the clients in the LAN.</p>
  4421. <pre>08:05 [ aj @ actuarius : ~ ] % mtr -rc5 www.open.ch
  4422. Start: Fri Jul 25 08:06:42 2014
  4423. HOST: actuarius.fritz.box         Loss%   Snt   Last   Avg  Best  Wrst StDev
  4424.  1.|-- fritz.box                  0.0%     5    0.8   0.8   0.7   0.8   0.0
  4425.  2.|-- 2a01:2a8::121              0.0%     5    8.6   8.7   8.5   9.2   0.0
  4426.  3.|-- 2a01:2a8:0:5a::1           0.0%     5    8.4   8.2   8.0   8.4   0.0
  4427.  4.|-- 2a01:2a8:1:7::4            0.0%     5    8.1   8.6   8.1   9.6   0.0
  4428.  5.|-- 2a00:db0:9:a06::5          0.0%     5    8.8   8.6   8.3   8.8   0.0
  4429.  6.|-- www.open.ch                0.0%     5    8.9   8.7   8.6   8.9   0.0</pre>
  4430. ]]></description>
  4431.    <content:encoded><![CDATA[<p>Yesterday I switched our DSL Link to <a href="http://www.green.ch/" title="www.green.ch">green.ch</a>. Now we not only have a higher bandwidth (thanks to VDSL) but also native IPv6 connectivity!<br>Especially nice is that it all works out of the box. After plugging in the pre-configured FritzBox, it automatically gets an IPv6 prefix via Prefix Delegation and announces it to the clients in the LAN.</p>
  4432. <pre>08:05 [ aj @ actuarius : ~ ] % mtr -rc5 www.open.ch
  4433. Start: Fri Jul 25 08:06:42 2014
  4434. HOST: actuarius.fritz.box         Loss%   Snt   Last   Avg  Best  Wrst StDev
  4435.  1.|-- fritz.box                  0.0%     5    0.8   0.8   0.7   0.8   0.0
  4436.  2.|-- 2a01:2a8::121              0.0%     5    8.6   8.7   8.5   9.2   0.0
  4437.  3.|-- 2a01:2a8:0:5a::1           0.0%     5    8.4   8.2   8.0   8.4   0.0
  4438.  4.|-- 2a01:2a8:1:7::4            0.0%     5    8.1   8.6   8.1   9.6   0.0
  4439.  5.|-- 2a00:db0:9:a06::5          0.0%     5    8.8   8.6   8.3   8.8   0.0
  4440.  6.|-- www.open.ch                0.0%     5    8.9   8.7   8.6   8.9   0.0</pre>
  4441. ]]></content:encoded>
  4442.  </item>
  4443.  
  4444.  <item>
  4445.    <title>12 Years</title>
  4446.    <link>https://blog.x-way.org/Misc/2014/06/03/12-Years.html</link>
  4447.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324220</guid>
  4448.    <dc:creator>Andreas Jaggi</dc:creator>
  4449.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4450.    <pubDate>Tue, 03 Jun 2014 08:50:00 +0200</pubDate>
  4451.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  4452.    <description><![CDATA[<p>12 years ago I started this weblog with a link to <a href="http://www.2advanced.com/" title="www.2advanced.com">www.2advanced.com</a>.<br>
  4453. It's now 555 posts later and I think what is most unexpected (besides that this weblog is still existing 12 years later), is that this first link from my first post is still valid (and still pointing to some Flash-only website...).</p>
  4454. <p>So far this weblog has survived 2 different domains, 3 different servers, multiple versions of a self-made blogging-engine, about 6 different layout designs, a database-crash, recovery via archive.org and a migration to Jekyll.</p>
  4455. <p>No guarantee that it will last another 12 years, but for the meantime: Cheers, and enjoy the ride!</p>
  4456. <p><img src="https://blog.x-way.org/images/12_years_cheers.jpg" width="333" height="398" alt="12 years, Cheers!"></p>
  4457. ]]></description>
  4458.    <content:encoded><![CDATA[<p>12 years ago I started this weblog with a link to <a href="http://www.2advanced.com/" title="www.2advanced.com">www.2advanced.com</a>.<br>
  4459. It's now 555 posts later and I think what is most unexpected (besides that this weblog is still existing 12 years later), is that this first link from my first post is still valid (and still pointing to some Flash-only website...).</p>
  4460. <p>So far this weblog has survived 2 different domains, 3 different servers, multiple versions of a self-made blogging-engine, about 6 different layout designs, a database-crash, recovery via archive.org and a migration to Jekyll.</p>
  4461. <p>No guarantee that it will last another 12 years, but for the meantime: Cheers, and enjoy the ride!</p>
  4462. <p><img src="https://blog.x-way.org/images/12_years_cheers.jpg" width="333" height="398" alt="12 years, Cheers!"></p>
  4463. ]]></content:encoded>
  4464.  </item>
  4465.  
  4466.  <item>
  4467.    <title>It's alive!</title>
  4468.    <link>https://blog.x-way.org/Networking/2014/05/28/Its-alive.html</link>
  4469.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324219</guid>
  4470.    <dc:creator>Andreas Jaggi</dc:creator>
  4471.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4472.    <pubDate>Wed, 28 May 2014 23:19:00 +0200</pubDate>
  4473.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4474.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/Telefon_Modell_50-SIP.jpg" width="520" height="390" alt="Wandtelefon Modell 50 with SIP ATA"></p>
  4475. <p>Wandtelefon Modell 50 from January 1970 now talks SIP (and it only took two converters, a bit of cable-fiddling and some luck :-)</p>
  4476. ]]></description>
  4477.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/Telefon_Modell_50-SIP.jpg" width="520" height="390" alt="Wandtelefon Modell 50 with SIP ATA"></p>
  4478. <p>Wandtelefon Modell 50 from January 1970 now talks SIP (and it only took two converters, a bit of cable-fiddling and some luck :-)</p>
  4479. ]]></content:encoded>
  4480.  </item>
  4481.  
  4482.  <item>
  4483.    <title>Stop BÜPF!</title>
  4484.    <link>https://blog.x-way.org/Networking/2014/05/22/Stop-BUPF.html</link>
  4485.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324218</guid>
  4486.    <dc:creator>Andreas Jaggi</dc:creator>
  4487.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4488.    <pubDate>Thu, 22 May 2014 19:55:00 +0200</pubDate>
  4489.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4490.    <description><![CDATA[<p><a href="https://web.archive.org/web/20160818210307/http://stopbuepf.ch/" title="Stop BÜPF! (archive.org)"><img src="https://blog.x-way.org/images/stopbuepf.png" width="300" height="168" alt="Stop BÜPF!"></a></p>
  4491. ]]></description>
  4492.    <content:encoded><![CDATA[<p><a href="https://web.archive.org/web/20160818210307/http://stopbuepf.ch/" title="Stop BÜPF! (archive.org)"><img src="https://blog.x-way.org/images/stopbuepf.png" width="300" height="168" alt="Stop BÜPF!"></a></p>
  4493. ]]></content:encoded>
  4494.  </item>
  4495.  
  4496.  <item>
  4497.    <title>Load PKCS#8 SSH key files in Mac OS X 10.9</title>
  4498.    <link>https://blog.x-way.org/Networking/2014/04/18/Load-PKCS8-SSH-key-files-in-Mac-OS-X-10-9.html</link>
  4499.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324217</guid>
  4500.    <dc:creator>Andreas Jaggi</dc:creator>
  4501.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4502.    <pubDate>Fri, 18 Apr 2014 14:36:00 +0200</pubDate>
  4503.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4504.    <description><![CDATA[<p>There is currently a bug in Mac OS X 10.9 which causes that ssh-add is no longer able to read SSH key files in PKCS#8 format.</p>
  4505. <p>Fortunately ssh-add still reads PKCS#8 keys when provided through STDIN and openssl is able to decrypt PKCS#8 keys.</p>
  4506. <p>Thus the following workaround so that PKCS#8 SSH keys can be loaded again:</p>
  4507. <pre>
  4508. openssl pkcs8 -in ~/.ssh/id_rsa | ssh-add -
  4509. </pre>
  4510. ]]></description>
  4511.    <content:encoded><![CDATA[<p>There is currently a bug in Mac OS X 10.9 which causes that ssh-add is no longer able to read SSH key files in PKCS#8 format.</p>
  4512. <p>Fortunately ssh-add still reads PKCS#8 keys when provided through STDIN and openssl is able to decrypt PKCS#8 keys.</p>
  4513. <p>Thus the following workaround so that PKCS#8 SSH keys can be loaded again:</p>
  4514. <pre>
  4515. openssl pkcs8 -in ~/.ssh/id_rsa | ssh-add -
  4516. </pre>
  4517. ]]></content:encoded>
  4518.  </item>
  4519.  
  4520.  <item>
  4521.    <title>Facebook: The Road To IPv6</title>
  4522.    <link>https://blog.x-way.org/Networking/2014/03/23/Facebook-The-Road-To-IPv6.html</link>
  4523.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324216</guid>
  4524.    <dc:creator>Andreas Jaggi</dc:creator>
  4525.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4526.    <pubDate>Sun, 23 Mar 2014 15:09:00 +0100</pubDate>
  4527.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4528.    <description><![CDATA[<p>Great presentation by <a href="https://www.facebook.com/ps" title="Paul Saab | Facebook">Paul Saab</a> about the IPv6 introduction at Facebook: <a href="https://blog.x-way.org/stuff/Paul.Saab.Facebook.The.Road.To.IPv6.pdf" title="Paul Saab - Facebook: The Road To IPv6">The Road To IPv6</a></p>
  4529. <p>(<a href="https://news.ycombinator.com/item?id=7448752" title="Hacker News">via</a>)</p>
  4530. ]]></description>
  4531.    <content:encoded><![CDATA[<p>Great presentation by <a href="https://www.facebook.com/ps" title="Paul Saab | Facebook">Paul Saab</a> about the IPv6 introduction at Facebook: <a href="https://blog.x-way.org/stuff/Paul.Saab.Facebook.The.Road.To.IPv6.pdf" title="Paul Saab - Facebook: The Road To IPv6">The Road To IPv6</a></p>
  4532. <p>(<a href="https://news.ycombinator.com/item?id=7448752" title="Hacker News">via</a>)</p>
  4533. ]]></content:encoded>
  4534.  </item>
  4535.  
  4536.  <item>
  4537.    <title>Moving a KVM guest to another machine</title>
  4538.    <link>https://blog.x-way.org/Linux/2014/02/13/Moving-a-KVM-guest-to-another-machine.html</link>
  4539.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324214</guid>
  4540.    <dc:creator>Andreas Jaggi</dc:creator>
  4541.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4542.    <pubDate>Thu, 13 Feb 2014 20:02:00 +0100</pubDate>
  4543.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  4544.    <description><![CDATA[<ol>
  4545. <li>Properly shutdown the guest: <pre>guest# poweroff</pre></li>
  4546. <li>Create an LVM volume of the same size on the new machine: <pre>newmachine# lvcreate -L 120G -n myguest myvolgroup</pre></li>
  4547. <li>Copy the disk from the old machine over to the new one: <pre>oldmachine# dd if=/dev/vg_foo/lv_bar | ssh newmachine dd of=/dev/volgroup/myguest</pre></li>
  4548. <li>Wait for the transfer to complete (on a 100Mbit/s connection it took about 3.5 hours to transfer the 120GB).</li>
  4549. <li>Copy /etc/libvirt/qemu/myguest.xml from the old machine over to the new machine and adapt the LVM path for the disk.</li>
  4550. <li>Reload the libvirt configuration: <pre>newmachine# /etc/init.d/libvirt-bin reload</pre></li>
  4551. <li>Start up the guest on the new machine: <pre>newmachine# virsh start myguest</pre></li>
  4552. </ol>
  4553. ]]></description>
  4554.    <content:encoded><![CDATA[<ol>
  4555. <li>Properly shutdown the guest: <pre>guest# poweroff</pre></li>
  4556. <li>Create an LVM volume of the same size on the new machine: <pre>newmachine# lvcreate -L 120G -n myguest myvolgroup</pre></li>
  4557. <li>Copy the disk from the old machine over to the new one: <pre>oldmachine# dd if=/dev/vg_foo/lv_bar | ssh newmachine dd of=/dev/volgroup/myguest</pre></li>
  4558. <li>Wait for the transfer to complete (on a 100Mbit/s connection it took about 3.5 hours to transfer the 120GB).</li>
  4559. <li>Copy /etc/libvirt/qemu/myguest.xml from the old machine over to the new machine and adapt the LVM path for the disk.</li>
  4560. <li>Reload the libvirt configuration: <pre>newmachine# /etc/init.d/libvirt-bin reload</pre></li>
  4561. <li>Start up the guest on the new machine: <pre>newmachine# virsh start myguest</pre></li>
  4562. </ol>
  4563. ]]></content:encoded>
  4564.  </item>
  4565.  
  4566.  <item>
  4567.    <title>Shrinking a LVM root partition</title>
  4568.    <link>https://blog.x-way.org/Linux/2014/02/13/Shrinking-a-LVM-root-partition.html</link>
  4569.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324215</guid>
  4570.    <dc:creator>Andreas Jaggi</dc:creator>
  4571.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4572.    <pubDate>Thu, 13 Feb 2014 19:02:00 +0100</pubDate>
  4573.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  4574.    <description><![CDATA[<ol>
  4575. <li>Boot from a helper system and get a root shell (I used the rescue mode of the Debian installer)</li>
  4576. <li>Check the filesystem of the partition to resize: <pre>e2fsck -f /dev/vg_foo/lv_bar</pre></li>
  4577. <li>Resize the filesystem (make it a bit smaller than the target size, to have a safety margin when resizing the logical volume): <pre>resize2fs /dev/vg_foo/lv_bar 180G</pre></li>
  4578. <li>Reduce size of the logical volume: <pre>lvreduce -L 190G /dev/vg_foo/lv_bar</pre></li>
  4579. <li>Grow the filesystem to the new size of the logical volume: <pre>resize2fs /dev/vg_foo/lv_bar</pre></li>
  4580. <li>For good measure run another filesystem check: <pre>e2fsck -f /dev/vg_foo/lv_bar</pre></li>
  4581. </ol>
  4582. ]]></description>
  4583.    <content:encoded><![CDATA[<ol>
  4584. <li>Boot from a helper system and get a root shell (I used the rescue mode of the Debian installer)</li>
  4585. <li>Check the filesystem of the partition to resize: <pre>e2fsck -f /dev/vg_foo/lv_bar</pre></li>
  4586. <li>Resize the filesystem (make it a bit smaller than the target size, to have a safety margin when resizing the logical volume): <pre>resize2fs /dev/vg_foo/lv_bar 180G</pre></li>
  4587. <li>Reduce size of the logical volume: <pre>lvreduce -L 190G /dev/vg_foo/lv_bar</pre></li>
  4588. <li>Grow the filesystem to the new size of the logical volume: <pre>resize2fs /dev/vg_foo/lv_bar</pre></li>
  4589. <li>For good measure run another filesystem check: <pre>e2fsck -f /dev/vg_foo/lv_bar</pre></li>
  4590. </ol>
  4591. ]]></content:encoded>
  4592.  </item>
  4593.  
  4594.  <item>
  4595.    <title>Verify that an SSL certificate matches the private key</title>
  4596.    <link>https://blog.x-way.org/Networking/2014/01/19/Verify-that-an-SSL-certificate-matches-the-private-key.html</link>
  4597.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324213</guid>
  4598.    <dc:creator>Andreas Jaggi</dc:creator>
  4599.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4600.    <pubDate>Sun, 19 Jan 2014 13:32:00 +0100</pubDate>
  4601.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4602.    <description><![CDATA[<p>When renewing certificates it is a good idea to verify that the newly installed SSL certificate matches the newly installed private key (eg. to make sure no mixup between the new and old files occurred).<br>This can be done by comparing the modulus of the two files:</p>
  4603. <pre>openssl x509 -in &lt;certificatefile&gt; -noout -modulus|sha1sum
  4604. openssl rsa -in &lt;privatekeyfile&gt; -noout -modulus|sha1sum</pre>
  4605. ]]></description>
  4606.    <content:encoded><![CDATA[<p>When renewing certificates it is a good idea to verify that the newly installed SSL certificate matches the newly installed private key (eg. to make sure no mixup between the new and old files occurred).<br>This can be done by comparing the modulus of the two files:</p>
  4607. <pre>openssl x509 -in &lt;certificatefile&gt; -noout -modulus|sha1sum
  4608. openssl rsa -in &lt;privatekeyfile&gt; -noout -modulus|sha1sum</pre>
  4609. ]]></content:encoded>
  4610.  </item>
  4611.  
  4612.  <item>
  4613.    <title>Sipura/Linksys/Cisco SPA901 Provisioning and Upgrade</title>
  4614.    <link>https://blog.x-way.org/Networking/2014/01/12/Sipura-Linksys-Cisco-SPA901-Provisioning-and-Upgrade.html</link>
  4615.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324212</guid>
  4616.    <dc:creator>Andreas Jaggi</dc:creator>
  4617.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4618.    <pubDate>Sun, 12 Jan 2014 21:02:00 +0100</pubDate>
  4619.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4620.    <description><![CDATA[<p>Loading the configuration from http://config.server/configfile.xml (provisioning has to be enabled on the phone):</p>
  4621. <pre>http://&lt;PHONEIP&gt;/admin/resync?http://config.server/configfile.xml</pre>
  4622. <p>Upgrading the firmware with the image from http://upgrade.server/firmware.bin:</p>
  4623. <pre>http://&lt;PHONEIP&gt;/upgrade?http://upgrade.server/firmware.bin</pre>
  4624. ]]></description>
  4625.    <content:encoded><![CDATA[<p>Loading the configuration from http://config.server/configfile.xml (provisioning has to be enabled on the phone):</p>
  4626. <pre>http://&lt;PHONEIP&gt;/admin/resync?http://config.server/configfile.xml</pre>
  4627. <p>Upgrading the firmware with the image from http://upgrade.server/firmware.bin:</p>
  4628. <pre>http://&lt;PHONEIP&gt;/upgrade?http://upgrade.server/firmware.bin</pre>
  4629. ]]></content:encoded>
  4630.  </item>
  4631.  
  4632.  <item>
  4633.    <title>Publish GPG Keys in DNS</title>
  4634.    <link>https://blog.x-way.org/Networking/2014/01/01/Publish-GPG-Keys-in-DNS.html</link>
  4635.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324211</guid>
  4636.    <dc:creator>Andreas Jaggi</dc:creator>
  4637.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4638.    <pubDate>Wed, 01 Jan 2014 13:52:00 +0100</pubDate>
  4639.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4640.    <description><![CDATA[<p>Create the PKA DNS record:</p>
  4641. <pre># <b>localpart=andreas domain=jaggi.info url=http://andreas-jaggi.ch/1C6AC951.asc</b>
  4642. # <b>LANG=C gpg --fingerprint ${localpart}@${domain}|awk -v local=$localpart -v domain=$domain -v url=$url \
  4643. '/fingerprint/{printf("%s._pka.%s. TXT \"v=pka1;fpr=%s;uri=%s\"\n",local,domain,$4$5$6$7$8$9$10$11$12$13,url)}'</b>
  4644. andreas._pka.jaggi.info. TXT "v=pka1;fpr=1073501542F38352FC85788207A32EAB1C6AC951;uri=http://andreas-jaggi.ch/1C6AC951.asc"</pre>
  4645. <p>Test DNS resolution:</p>
  4646. <pre># <b>dig +short -t txt andreas._pka.jaggi.info.</b>
  4647. "v=pka1\;fpr=1388580990F38352FC85788207A32EAB1C6AC951\;uri=http://andreas-jaggi.ch/1C6AC951.asc"</pre>
  4648. <p>Test with GPG:</p>
  4649. <pre># <b>gpg --auto-key-locate pka -ea -r ${localpart}@${domain}</b></pre>
  4650. <p>
  4651. Detailed explanation of the different DNS publication mechanisms for PGP Keys:<br><a href="http://www.gushi.org/make-dns-cert/HOWTO.html" title="Publishing PGP Keys in DNS">Publishing PGP Keys in DNS</a></p>
  4652. <p>(<a href="https://grepular.com/Publishing_PGP_Keys_in_the_DNS" title="">via</a>)</p>
  4653. ]]></description>
  4654.    <content:encoded><![CDATA[<p>Create the PKA DNS record:</p>
  4655. <pre># <b>localpart=andreas domain=jaggi.info url=http://andreas-jaggi.ch/1C6AC951.asc</b>
  4656. # <b>LANG=C gpg --fingerprint ${localpart}@${domain}|awk -v local=$localpart -v domain=$domain -v url=$url \
  4657. '/fingerprint/{printf("%s._pka.%s. TXT \"v=pka1;fpr=%s;uri=%s\"\n",local,domain,$4$5$6$7$8$9$10$11$12$13,url)}'</b>
  4658. andreas._pka.jaggi.info. TXT "v=pka1;fpr=1073501542F38352FC85788207A32EAB1C6AC951;uri=http://andreas-jaggi.ch/1C6AC951.asc"</pre>
  4659. <p>Test DNS resolution:</p>
  4660. <pre># <b>dig +short -t txt andreas._pka.jaggi.info.</b>
  4661. "v=pka1\;fpr=1388580990F38352FC85788207A32EAB1C6AC951\;uri=http://andreas-jaggi.ch/1C6AC951.asc"</pre>
  4662. <p>Test with GPG:</p>
  4663. <pre># <b>gpg --auto-key-locate pka -ea -r ${localpart}@${domain}</b></pre>
  4664. <p>
  4665. Detailed explanation of the different DNS publication mechanisms for PGP Keys:<br><a href="http://www.gushi.org/make-dns-cert/HOWTO.html" title="Publishing PGP Keys in DNS">Publishing PGP Keys in DNS</a></p>
  4666. <p>(<a href="https://grepular.com/Publishing_PGP_Keys_in_the_DNS" title="">via</a>)</p>
  4667. ]]></content:encoded>
  4668.  </item>
  4669.  
  4670.  <item>
  4671.    <title>Improve the security of your SSH private key files with PKCS#8</title>
  4672.    <link>https://blog.x-way.org/Networking/2013/12/29/Improve-the-security-of-your-SSH-private-key-files-with-PKCS8.html</link>
  4673.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324210</guid>
  4674.    <dc:creator>Andreas Jaggi</dc:creator>
  4675.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4676.    <pubDate>Sun, 29 Dec 2013 15:23:00 +0100</pubDate>
  4677.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4678.    <description><![CDATA[<p>Instead of the easily brute-forceable one-pass MD5/AES128 password protection format used by SSH per default, you should use the <a href="https://www.rfc-editor.org/rfc/rfc5208.html" title="RFC 5208 - PKCS#8: Private-Key Information Syntax Specification Version 1.2">PKCS#8</a> format to store your private key files. PKCS#8 allows to choose proper key-derivation functions and encryption schemes (for example <a href="http://en.wikipedia.org/wiki/PBKDF2" title="Password-Based Key Derivation Function 2">PBKDF2</a> and <a href="https://www.rfc-editor.org/rfc/rfc2898.html#section-6.2" title="Password-Based Encryption Scheme 2">PBES2</a>).<br>
  4679. The following commands convert an existing password protected SSH private key file to PKCS#8 format (using PBKDF2, PBES2 and AES-256):</p>
  4680. <pre>
  4681. mv ~/.ssh/id_rsa{,.old}
  4682. openssl pkcs8 -topk8 -v2 aes256 -in ~/.ssh/id_rsa.old -out ~/.ssh/id_rsa
  4683. chmod 600 ~/.ssh/id_rsa
  4684. rm ~/.ssh/id_rsa.old
  4685. </pre>
  4686. <p>(via <a href="http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html" title="Improving the security of your SSH private key files - Martin Kleppmann's blog">Martin Kleppmann</a>)</p>
  4687. ]]></description>
  4688.    <content:encoded><![CDATA[<p>Instead of the easily brute-forceable one-pass MD5/AES128 password protection format used by SSH per default, you should use the <a href="https://www.rfc-editor.org/rfc/rfc5208.html" title="RFC 5208 - PKCS#8: Private-Key Information Syntax Specification Version 1.2">PKCS#8</a> format to store your private key files. PKCS#8 allows to choose proper key-derivation functions and encryption schemes (for example <a href="http://en.wikipedia.org/wiki/PBKDF2" title="Password-Based Key Derivation Function 2">PBKDF2</a> and <a href="https://www.rfc-editor.org/rfc/rfc2898.html#section-6.2" title="Password-Based Encryption Scheme 2">PBES2</a>).<br>
  4689. The following commands convert an existing password protected SSH private key file to PKCS#8 format (using PBKDF2, PBES2 and AES-256):</p>
  4690. <pre>
  4691. mv ~/.ssh/id_rsa{,.old}
  4692. openssl pkcs8 -topk8 -v2 aes256 -in ~/.ssh/id_rsa.old -out ~/.ssh/id_rsa
  4693. chmod 600 ~/.ssh/id_rsa
  4694. rm ~/.ssh/id_rsa.old
  4695. </pre>
  4696. <p>(via <a href="http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html" title="Improving the security of your SSH private key files - Martin Kleppmann's blog">Martin Kleppmann</a>)</p>
  4697. ]]></content:encoded>
  4698.  </item>
  4699.  
  4700.  <item>
  4701.    <title>Make grep 50x faster</title>
  4702.    <link>https://blog.x-way.org/Linux/2013/12/15/Make-grep-50x-faster.html</link>
  4703.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324209</guid>
  4704.    <dc:creator>Andreas Jaggi</dc:creator>
  4705.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4706.    <pubDate>Sun, 15 Dec 2013 14:33:00 +0100</pubDate>
  4707.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  4708.    <description><![CDATA[<p>
  4709. Found this neat trick in Brendan Gregg's <a href="https://www.usenix.org/conference/lisa13/data-engineering-complex-systems" title="Blazing Performance with Flame Graphs">Blazing Performance with Flame Graphs</a> talk.
  4710. </p>
  4711.  
  4712. <blockquote><p>Switching to LANG=C improved performance by <strong>2000x</strong></p></blockquote>
  4713.  
  4714. <p>
  4715. In a quick test I directly got a performance gain of factor <strong>50.22</strong>.<br>
  4716. This is quite an achievement for only changing one environment variable.
  4717. </p>
  4718.  
  4719. <pre>
  4720. real:~# du -sh /var/log/querylog
  4721. 148M /var/log/querylog
  4722. real:~# time grep -i e /var/log/querylog &gt; /dev/null
  4723.  
  4724. real 0m12.807s
  4725. user 0m12.437s
  4726. sys 0m0.068s
  4727. real:~# time LANG=C grep -i e /var/log/querylog &gt; /dev/null
  4728.  
  4729. real 0m0.255s
  4730. user 0m0.196s
  4731. sys 0m0.052s
  4732. </pre>
  4733.  
  4734. <p>
  4735. I suspect that the performance gain may vary quite a lot depending on the search pattern.
  4736. Also, please note that this trick only works when you know that the involved files and search patterns are ASCII only.
  4737. </p>
  4738. <p>(via <a href="http://www.standalone-sysadmin.com/blog/2013/11/lisa13-conference-review-overview-thing/" title="LISA13 Conference Review / Overview Thing | Standalone Sysadmin">Standalone Sysadmin</a>)</p>
  4739. ]]></description>
  4740.    <content:encoded><![CDATA[<p>
  4741. Found this neat trick in Brendan Gregg's <a href="https://www.usenix.org/conference/lisa13/data-engineering-complex-systems" title="Blazing Performance with Flame Graphs">Blazing Performance with Flame Graphs</a> talk.
  4742. </p>
  4743.  
  4744. <blockquote><p>Switching to LANG=C improved performance by <strong>2000x</strong></p></blockquote>
  4745.  
  4746. <p>
  4747. In a quick test I directly got a performance gain of factor <strong>50.22</strong>.<br>
  4748. This is quite an achievement for only changing one environment variable.
  4749. </p>
  4750.  
  4751. <pre>
  4752. real:~# du -sh /var/log/querylog
  4753. 148M /var/log/querylog
  4754. real:~# time grep -i e /var/log/querylog &gt; /dev/null
  4755.  
  4756. real 0m12.807s
  4757. user 0m12.437s
  4758. sys 0m0.068s
  4759. real:~# time LANG=C grep -i e /var/log/querylog &gt; /dev/null
  4760.  
  4761. real 0m0.255s
  4762. user 0m0.196s
  4763. sys 0m0.052s
  4764. </pre>
  4765.  
  4766. <p>
  4767. I suspect that the performance gain may vary quite a lot depending on the search pattern.
  4768. Also, please note that this trick only works when you know that the involved files and search patterns are ASCII only.
  4769. </p>
  4770. <p>(via <a href="http://www.standalone-sysadmin.com/blog/2013/11/lisa13-conference-review-overview-thing/" title="LISA13 Conference Review / Overview Thing | Standalone Sysadmin">Standalone Sysadmin</a>)</p>
  4771. ]]></content:encoded>
  4772.  </item>
  4773.  
  4774.  <item>
  4775.    <title>WOODKID</title>
  4776.    <link>https://blog.x-way.org/Music/2013/12/01/WOODKID.html</link>
  4777.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324208</guid>
  4778.    <dc:creator>Andreas Jaggi</dc:creator>
  4779.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4780.    <pubDate>Sun, 01 Dec 2013 12:36:00 +0100</pubDate>
  4781.    <category domain="https://blog.x-way.org/Music">Music</category>
  4782.    <description><![CDATA[<p>Another nice discovery from <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop</a>: <a href="http://www.woodkid.com/" title="WOODKID">WOODKID</a></p>
  4783. <p><a href="https://youtu.be/lmc21V-zBq0" title="Woodkid - Run Boy Run - YouTube">Woodkid - Run Boy Run</a></p>
  4784.  
  4785. ]]></description>
  4786.    <content:encoded><![CDATA[<p>Another nice discovery from <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop</a>: <a href="http://www.woodkid.com/" title="WOODKID">WOODKID</a></p>
  4787. <p><a href="https://youtu.be/lmc21V-zBq0" title="Woodkid - Run Boy Run - YouTube">Woodkid - Run Boy Run</a></p>
  4788.  
  4789. ]]></content:encoded>
  4790.  </item>
  4791.  
  4792.  <item>
  4793.    <title>Major Look - Too Late</title>
  4794.    <link>https://blog.x-way.org/Music/2013/08/21/Major-Look-Too-Late.html</link>
  4795.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324207</guid>
  4796.    <dc:creator>Andreas Jaggi</dc:creator>
  4797.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4798.    <pubDate>Wed, 21 Aug 2013 06:15:00 +0200</pubDate>
  4799.    <category domain="https://blog.x-way.org/Music">Music</category>
  4800.    <description><![CDATA[<p><a href="https://youtu.be/rBpeOlFdES4" title="Major Look - Too Late - YouTube">Major Look - Too Late</a></p>
  4801. ]]></description>
  4802.    <content:encoded><![CDATA[<p><a href="https://youtu.be/rBpeOlFdES4" title="Major Look - Too Late - YouTube">Major Look - Too Late</a></p>
  4803. ]]></content:encoded>
  4804.  </item>
  4805.  
  4806.  <item>
  4807.    <title>Mandatory requirement for all non IPv6 capable products</title>
  4808.    <link>https://blog.x-way.org/Networking/2013/07/05/Mandatory-requirement-for-all-non-IPv6-capable-products.html</link>
  4809.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324206</guid>
  4810.    <dc:creator>Andreas Jaggi</dc:creator>
  4811.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4812.    <pubDate>Fri, 05 Jul 2013 09:37:00 +0200</pubDate>
  4813.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4814.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/legacy-ip-only.svg" alt="IPv4 only"></p>
  4815. <p>(via <a href="https://web.archive.org/web/20160506160448/http://blog.quux.de/?p=1677" title="Jens' BLOG (archive.org)">blog.quux.de</a>)</p>
  4816. ]]></description>
  4817.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/legacy-ip-only.svg" alt="IPv4 only"></p>
  4818. <p>(via <a href="https://web.archive.org/web/20160506160448/http://blog.quux.de/?p=1677" title="Jens' BLOG (archive.org)">blog.quux.de</a>)</p>
  4819. ]]></content:encoded>
  4820.  </item>
  4821.  
  4822.  <item>
  4823.    <title>Run your own DynDNS server</title>
  4824.    <link>https://blog.x-way.org/Networking/2013/06/01/Run-your-own-DynDNS-server.html</link>
  4825.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324205</guid>
  4826.    <dc:creator>Andreas Jaggi</dc:creator>
  4827.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4828.    <pubDate>Sat, 01 Jun 2013 21:11:00 +0200</pubDate>
  4829.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4830.    <description><![CDATA[<p>After receiving yet another 'please login and click through our captcha for no reason' e-mail from a DynDNS provider, I decided to run my own DynDNS server.</p>
  4831. <p>As I already run my own DNS servers, this was just a matter of adding a dynamically updateable zone and writing a script which receives the IP change request via HTTP and sends out a DNS update.<br>
  4832. Luckily the <a href="http://dyn.com/support/developers/api/perform-update/" title="Perform Update - Dyn">DynDNS API</a> is quite well documented and I quickly came up with the PHP code below which performs the task well enough for me. Feel free to use it to run your own DynDNS server.</p>
  4833. <p>PS: to any friends reading this and looking for a DynDNS service: drop me a message and I'll set you up with an account.</p>
  4834. <script src="https://gist.github.com/x-way/5691358.js"></script>
  4835. ]]></description>
  4836.    <content:encoded><![CDATA[<p>After receiving yet another 'please login and click through our captcha for no reason' e-mail from a DynDNS provider, I decided to run my own DynDNS server.</p>
  4837. <p>As I already run my own DNS servers, this was just a matter of adding a dynamically updateable zone and writing a script which receives the IP change request via HTTP and sends out a DNS update.<br>
  4838. Luckily the <a href="http://dyn.com/support/developers/api/perform-update/" title="Perform Update - Dyn">DynDNS API</a> is quite well documented and I quickly came up with the PHP code below which performs the task well enough for me. Feel free to use it to run your own DynDNS server.</p>
  4839. <p>PS: to any friends reading this and looking for a DynDNS service: drop me a message and I'll set you up with an account.</p>
  4840. <script src="https://gist.github.com/x-way/5691358.js"></script>
  4841. ]]></content:encoded>
  4842.  </item>
  4843.  
  4844.  <item>
  4845.    <title>glue_records.sh</title>
  4846.    <link>https://blog.x-way.org/Networking/2013/05/28/glue_records-sh.html</link>
  4847.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324204</guid>
  4848.    <dc:creator>Andreas Jaggi</dc:creator>
  4849.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4850.    <pubDate>Tue, 28 May 2013 18:37:00 +0200</pubDate>
  4851.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4852.    <description><![CDATA[<p>Get the <a href="http://en.wikipedia.org/wiki/Glue_record#Circular_dependencies_and_glue_records" title="Domain Name System - Wikipedia">glue records</a> for a given domain:</p>
  4853. <script src="https://gist.github.com/x-way/5661355.js"></script>
  4854. ]]></description>
  4855.    <content:encoded><![CDATA[<p>Get the <a href="http://en.wikipedia.org/wiki/Glue_record#Circular_dependencies_and_glue_records" title="Domain Name System - Wikipedia">glue records</a> for a given domain:</p>
  4856. <script src="https://gist.github.com/x-way/5661355.js"></script>
  4857. ]]></content:encoded>
  4858.  </item>
  4859.  
  4860.  <item>
  4861.    <title>update_serials.sh</title>
  4862.    <link>https://blog.x-way.org/Networking/2013/05/26/update_serials-sh.html</link>
  4863.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324203</guid>
  4864.    <dc:creator>Andreas Jaggi</dc:creator>
  4865.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4866.    <pubDate>Sun, 26 May 2013 08:29:00 +0200</pubDate>
  4867.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4868.    <description><![CDATA[<p>Update the serial number in BIND zone files with the current unix timestamp.</p>
  4869. <script src="https://gist.github.com/x-way/5651802.js"></script>
  4870. ]]></description>
  4871.    <content:encoded><![CDATA[<p>Update the serial number in BIND zone files with the current unix timestamp.</p>
  4872. <script src="https://gist.github.com/x-way/5651802.js"></script>
  4873. ]]></content:encoded>
  4874.  </item>
  4875.  
  4876.  <item>
  4877.    <title>less with colors</title>
  4878.    <link>https://blog.x-way.org/Linux/2013/05/25/less-with-colors.html</link>
  4879.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324202</guid>
  4880.    <dc:creator>Andreas Jaggi</dc:creator>
  4881.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4882.    <pubDate>Sat, 25 May 2013 19:29:00 +0200</pubDate>
  4883.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  4884.    <description><![CDATA[<p>For a long time it annoyed me everytime that less only showed ASCII codes instead of colors when piping some 'color-enabled' output into it.</p>
  4885. <p>Turns out there is an easy fix for that:</p>
  4886. <pre>colordiff a/foo b/foo | less -R</pre>
  4887. <p>Thanks to <a href="http://major.io/2013/05/21/handling-terminal-color-escape-sequences-in-less/" title="Handling terminal color escape sequences in less | major.io">Major Hayden</a> for this very useful tip!</p>
  4888. ]]></description>
  4889.    <content:encoded><![CDATA[<p>For a long time it annoyed me everytime that less only showed ASCII codes instead of colors when piping some 'color-enabled' output into it.</p>
  4890. <p>Turns out there is an easy fix for that:</p>
  4891. <pre>colordiff a/foo b/foo | less -R</pre>
  4892. <p>Thanks to <a href="http://major.io/2013/05/21/handling-terminal-color-escape-sequences-in-less/" title="Handling terminal color escape sequences in less | major.io">Major Hayden</a> for this very useful tip!</p>
  4893. ]]></content:encoded>
  4894.  </item>
  4895.  
  4896.  <item>
  4897.    <title>Howto generate DH parameters for OpenVPN</title>
  4898.    <link>https://blog.x-way.org/Linux/2013/02/27/Howto-generate-DH-parameters-for-OpenVPN.html</link>
  4899.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324201</guid>
  4900.    <dc:creator>Andreas Jaggi</dc:creator>
  4901.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4902.    <pubDate>Wed, 27 Feb 2013 18:29:00 +0100</pubDate>
  4903.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  4904.    <description><![CDATA[<pre>openssl gendh -out dh4096.pem 4096</pre>
  4905. ]]></description>
  4906.    <content:encoded><![CDATA[<pre>openssl gendh -out dh4096.pem 4096</pre>
  4907. ]]></content:encoded>
  4908.  </item>
  4909.  
  4910.  <item>
  4911.    <title>Orange Routing 2</title>
  4912.    <link>https://blog.x-way.org/Networking/2013/02/25/Orange-Routing-2.html</link>
  4913.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324200</guid>
  4914.    <dc:creator>Andreas Jaggi</dc:creator>
  4915.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  4916.    <pubDate>Mon, 25 Feb 2013 13:20:00 +0100</pubDate>
  4917.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  4918.    <description><![CDATA[<p>I did another test of the <a href="https://blog.x-way.org/Networking/2013/02/25/Orange-Routing.html" title="x-log - Orange Routing">Orange Routing</a>.<br>Running a traceroute to my server in Zurich and one to my vhost in Frankfurt.<br>First another version of the already familier traceroute to my server in Zurich:</p>
  4919. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  4920.  1.|-- 172.20.10.1                0.0%     5    8.0   3.7   2.1   8.0   2.5
  4921.  2.|-- 10.8.8.67                  0.0%     5  174.8 114.9  56.7 205.6  69.8
  4922.  3.|-- 10.8.12.10                 0.0%     5  126.8 108.4  67.7 171.3  42.8
  4923.  4.|-- 192.168.249.201            0.0%     5   73.4  82.7  61.9 111.5  20.5
  4924.  5.|-- 192.168.253.191            0.0%     5   54.0  64.9  54.0  75.9   9.3
  4925.  6.|-- 192.168.250.203            0.0%     5   64.7  69.2  57.3  79.2   8.4
  4926.  7.|-- 10.10.10.10                0.0%     5   56.8  65.5  56.8  72.1   7.7
  4927.  8.|-- 10.255.200.1               0.0%     5   65.9  87.3  60.1 146.6  35.1
  4928.  9.|-- pos0-1-1-1.gencr1.geneve.  0.0%     5   84.8 117.1  76.4 162.5  36.9
  4929. 10.|-- pos14-0-1.pascr4.paris.op  0.0%     5   88.1 118.0  88.1 168.3  36.7
  4930. 11.|-- ge6-0-0.br2.par2.alter.ne  0.0%     5   76.5  90.5  76.5 109.1  12.0
  4931. 12.|-- so-2-3-0.xt2.zur3.alter.n  0.0%     5   76.8 109.1  76.8 203.2  53.1
  4932. 13.|-- pos2-0.gw4.zur4.alter.net  0.0%     5   88.8  98.7  84.3 143.4  25.2
  4933. 14.|-- uch200193-gw.customer.alt  0.0%     5   90.7  85.3  74.1  93.5   8.0
  4934. 15.|-- whale29.open.ch            0.0%     5   88.9  97.7  88.9 104.7   6.3
  4935. 16.|-- orca8.open.ch              0.0%     5   90.8  94.8  90.8 102.8   4.9
  4936. 17.|-- real.jaggi.info           20.0%     5  234.8 130.0  92.8 234.8  69.9</pre>
  4937. <p>Now the traceroute to the vhost in Frankfurt:</p>
  4938. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  4939.  1.|-- 172.20.10.1                0.0%     5   15.2  13.1   1.9  44.5  18.4
  4940.  2.|-- 10.8.8.115                 0.0%     5   72.6  74.0  67.2  81.3   6.8
  4941.  3.|-- 10.8.12.10                 0.0%     5   80.7  75.0  64.0  89.6  10.3
  4942.  4.|-- 192.168.249.201            0.0%     5   65.1  78.9  65.1  94.0  12.3
  4943.  5.|-- 192.168.253.191            0.0%     5   73.1  70.4  66.5  73.3   2.8
  4944.  6.|-- 192.168.250.203            0.0%     5   69.5  73.9  66.3  86.6   7.7
  4945.  7.|-- 10.10.10.10                0.0%     5   67.0  72.7  67.0  80.0   4.9
  4946.  8.|-- 10.255.200.1               0.0%     5   70.9  74.4  69.7  86.4   7.0
  4947.  9.|-- pos0-1-1-1.gencr1.geneve.  0.0%     5   77.2  83.4  75.9  99.4   9.4
  4948. 10.|-- pos3-1-0.zurcr1.zurich.op  0.0%     5   83.8 103.2  83.8 146.9  26.3
  4949. 11.|-- pos0-9-4-0.ffttr1.frankfu  0.0%     5  102.9 103.6  98.7 108.8   4.9
  4950. 12.|-- leaseweb-9.gw.opentransit  0.0%     5   87.6  88.8  85.3  93.2   3.0
  4951. 13.|-- te3-1.core-2.fra.leaseweb  0.0%     5   85.4  91.5  85.4 106.1   8.5
  4952. 14.|-- hosted-by.leaseweb.com     0.0%     5   90.2  94.1  84.7 112.5  11.0
  4953. 15.|-- ???                       100.0     5    0.0   0.0   0.0   0.0   0.0
  4954. 16.|-- 0.jaggi.info              20.0%     5   89.9 117.5  86.3 205.5  58.7</pre>
  4955. <p>As you can see, the RTT is higher for the server in Zurich than for the vhost in Frankfurt! (keep in mind that source of these measurement is my laptop in the train 8 minutes away from Zurich now)</p>
  4956. <p>So Orange has higher latency to hosts in the same region/city than to hosts in another country which are more than 350km away. :-(<br>The next time I choose a mobile provider it might be good to analyse its BGP peerings and routing policies first...</p>
  4957. ]]></description>
  4958.    <content:encoded><![CDATA[<p>I did another test of the <a href="https://blog.x-way.org/Networking/2013/02/25/Orange-Routing.html" title="x-log - Orange Routing">Orange Routing</a>.<br>Running a traceroute to my server in Zurich and one to my vhost in Frankfurt.<br>First another version of the already familier traceroute to my server in Zurich:</p>
  4959. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  4960.  1.|-- 172.20.10.1                0.0%     5    8.0   3.7   2.1   8.0   2.5
  4961.  2.|-- 10.8.8.67                  0.0%     5  174.8 114.9  56.7 205.6  69.8
  4962.  3.|-- 10.8.12.10                 0.0%     5  126.8 108.4  67.7 171.3  42.8
  4963.  4.|-- 192.168.249.201            0.0%     5   73.4  82.7  61.9 111.5  20.5
  4964.  5.|-- 192.168.253.191            0.0%     5   54.0  64.9  54.0  75.9   9.3
  4965.  6.|-- 192.168.250.203            0.0%     5   64.7  69.2  57.3  79.2   8.4
  4966.  7.|-- 10.10.10.10                0.0%     5   56.8  65.5  56.8  72.1   7.7
  4967.  8.|-- 10.255.200.1               0.0%     5   65.9  87.3  60.1 146.6  35.1
  4968.  9.|-- pos0-1-1-1.gencr1.geneve.  0.0%     5   84.8 117.1  76.4 162.5  36.9
  4969. 10.|-- pos14-0-1.pascr4.paris.op  0.0%     5   88.1 118.0  88.1 168.3  36.7
  4970. 11.|-- ge6-0-0.br2.par2.alter.ne  0.0%     5   76.5  90.5  76.5 109.1  12.0
  4971. 12.|-- so-2-3-0.xt2.zur3.alter.n  0.0%     5   76.8 109.1  76.8 203.2  53.1
  4972. 13.|-- pos2-0.gw4.zur4.alter.net  0.0%     5   88.8  98.7  84.3 143.4  25.2
  4973. 14.|-- uch200193-gw.customer.alt  0.0%     5   90.7  85.3  74.1  93.5   8.0
  4974. 15.|-- whale29.open.ch            0.0%     5   88.9  97.7  88.9 104.7   6.3
  4975. 16.|-- orca8.open.ch              0.0%     5   90.8  94.8  90.8 102.8   4.9
  4976. 17.|-- real.jaggi.info           20.0%     5  234.8 130.0  92.8 234.8  69.9</pre>
  4977. <p>Now the traceroute to the vhost in Frankfurt:</p>
  4978. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  4979.  1.|-- 172.20.10.1                0.0%     5   15.2  13.1   1.9  44.5  18.4
  4980.  2.|-- 10.8.8.115                 0.0%     5   72.6  74.0  67.2  81.3   6.8
  4981.  3.|-- 10.8.12.10                 0.0%     5   80.7  75.0  64.0  89.6  10.3
  4982.  4.|-- 192.168.249.201            0.0%     5   65.1  78.9  65.1  94.0  12.3
  4983.  5.|-- 192.168.253.191            0.0%     5   73.1  70.4  66.5  73.3   2.8
  4984.  6.|-- 192.168.250.203            0.0%     5   69.5  73.9  66.3  86.6   7.7
  4985.  7.|-- 10.10.10.10                0.0%     5   67.0  72.7  67.0  80.0   4.9
  4986.  8.|-- 10.255.200.1               0.0%     5   70.9  74.4  69.7  86.4   7.0
  4987.  9.|-- pos0-1-1-1.gencr1.geneve.  0.0%     5   77.2  83.4  75.9  99.4   9.4
  4988. 10.|-- pos3-1-0.zurcr1.zurich.op  0.0%     5   83.8 103.2  83.8 146.9  26.3
  4989. 11.|-- pos0-9-4-0.ffttr1.frankfu  0.0%     5  102.9 103.6  98.7 108.8   4.9
  4990. 12.|-- leaseweb-9.gw.opentransit  0.0%     5   87.6  88.8  85.3  93.2   3.0
  4991. 13.|-- te3-1.core-2.fra.leaseweb  0.0%     5   85.4  91.5  85.4 106.1   8.5
  4992. 14.|-- hosted-by.leaseweb.com     0.0%     5   90.2  94.1  84.7 112.5  11.0
  4993. 15.|-- ???                       100.0     5    0.0   0.0   0.0   0.0   0.0
  4994. 16.|-- 0.jaggi.info              20.0%     5   89.9 117.5  86.3 205.5  58.7</pre>
  4995. <p>As you can see, the RTT is higher for the server in Zurich than for the vhost in Frankfurt! (keep in mind that source of these measurement is my laptop in the train 8 minutes away from Zurich now)</p>
  4996. <p>So Orange has higher latency to hosts in the same region/city than to hosts in another country which are more than 350km away. :-(<br>The next time I choose a mobile provider it might be good to analyse its BGP peerings and routing policies first...</p>
  4997. ]]></content:encoded>
  4998.  </item>
  4999.  
  5000.  <item>
  5001.    <title>Orange Routing</title>
  5002.    <link>https://blog.x-way.org/Networking/2013/02/25/Orange-Routing.html</link>
  5003.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324199</guid>
  5004.    <dc:creator>Andreas Jaggi</dc:creator>
  5005.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5006.    <pubDate>Mon, 25 Feb 2013 12:34:00 +0100</pubDate>
  5007.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  5008.    <description><![CDATA[<p>While in the train from Bern to Zurich, I did a traceroute towards the server which currently hosts this weblog (it is located at <a href="http://www.open.ch" title="Open Systems">Open Systems</a> in Zurich). The connection starts on my laptop and is thethered via my cell to the Orange backbone.</p>
  5009. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  5010.  1.|-- 172.20.10.1                0.0%     5    2.0  12.1   1.7  33.2  14.6
  5011.  2.|-- 10.8.8.67                  0.0%     5   52.2 373.4  52.2 1241. 504.8
  5012.  3.|-- 10.8.12.10                 0.0%     5   50.9 347.4  50.9 1143. 453.3
  5013.  4.|-- 192.168.249.201            0.0%     5   51.2 282.7  51.2 1042. 426.8
  5014.  5.|-- 192.168.253.191            0.0%     5   51.2 226.2  44.5 942.2 400.3
  5015.  6.|-- 192.168.250.203            0.0%     5   51.4 206.7  37.9 847.5 358.2
  5016.  7.|-- 10.10.10.10                0.0%     5   50.0 181.4  29.6 746.9 316.2
  5017.  8.|-- 10.255.200.1               0.0%     5   50.0 172.2  36.9 645.6 264.9
  5018.  9.|-- 193.251.248.145            0.0%     4   60.2  59.8  46.2  81.9  15.8
  5019. 10.|-- 193.251.240.53             0.0%     4   70.0  76.4  64.9 101.6  16.9
  5020. 11.|-- 146.188.112.77             0.0%     4   70.4  74.0  69.2  83.8   6.7
  5021. 12.|-- 146.188.5.1                0.0%     4   70.6  71.7  58.1  88.1  12.3
  5022. 13.|-- 146.188.4.194              0.0%     4   70.5  61.9  51.6  70.9  10.2
  5023. 14.|-- 146.188.64.74              0.0%     4   71.3  69.2  58.8  75.4   7.2
  5024. 15.|-- 213.156.230.29             0.0%     4   71.5  78.3  62.6 108.9  20.7
  5025. 16.|-- 213.156.229.8              0.0%     4   72.2  75.2  70.4  81.9   5.1
  5026. 17.|-- 213.156.229.222           25.0%     4   80.8  76.2  61.2  86.5  13.3</pre>
  5027. <p>You can see that the traffic is passed through 8 different routers inside the Orange backbone (using IPs from all three RFC1918 ranges...) before it is let onto the Internet.<br>
  5028. And then the real fun starts (let's use DNS names for this):</p>
  5029. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  5030.  1.|-- 172.20.10.1                0.0%     5    2.0  12.2   1.9  33.3  14.5
  5031.  2.|-- 10.8.8.67                  0.0%     5   44.2 345.6  27.0 1167. 494.2
  5032.  3.|-- 10.8.12.10                 0.0%     5   52.2 308.9  27.0 1104. 462.4
  5033.  4.|-- 192.168.249.201            0.0%     5   33.4 264.9  27.2 1014. 427.1
  5034.  5.|-- 192.168.253.191            0.0%     5   30.3 227.5  27.3 952.9 406.4
  5035.  6.|-- 192.168.250.203            0.0%     5   50.4 200.7  27.0 860.0 368.7
  5036.  7.|-- 10.10.10.10                0.0%     5   72.4 193.5  30.5 779.2 327.8
  5037.  8.|-- 10.255.200.1               0.0%     5   31.8 166.8  27.6 688.0 291.5
  5038.  9.|-- pos0-1-1-1.gencr1.geneve.  0.0%     4   50.8  55.0  47.6  67.1   8.6
  5039. 10.|-- pos14-0-1.pascr4.paris.op  0.0%     4   61.0  64.4  57.7  78.5   9.5
  5040. 11.|-- ge6-0-0.br2.par2.alter.ne  0.0%     4   70.8  56.3  48.4  70.8   9.9
  5041. 12.|-- so-2-3-0.xt2.zur3.alter.n  0.0%     4  108.9  65.6  48.0 108.9  29.2
  5042. 13.|-- pos2-0.gw4.zur4.alter.net  0.0%     4   51.7  55.5  50.3  68.8   8.8
  5043. 14.|-- uch200193-gw.customer.alt  0.0%     4  171.8  83.6  50.7 171.8  58.8
  5044. 15.|-- whale29.open.ch            0.0%     4  132.1  90.0  59.2 132.1  32.7
  5045. 16.|-- orca8.open.ch              0.0%     4   72.4  66.8  58.6  73.5   7.3
  5046. 17.|-- real.jaggi.info           25.0%     4   80.2  64.7  56.2  80.2  13.4</pre>
  5047. <p>As we see, Orange injects their mobile data traffic into the Internet in Geneva (pos0-1-1-1.gencr1.geneve.).<br>
  5048. Then it is first sent to Paris (pas14-0-1.pascr4.paris.op and ge6-0-0.br2.par2.alter.ne) and from there back to Zurich (so-2-3-0.xt2.yur3.alter.n and all the following hosts).</p>
  5049. <p>I can kind of understand that the traffic is routed via Geneva (main Orange infrastructure is there), but why is it sent to Paris? (especially since Geneva&lt;-&gt;Zurich is the main Internet connection inside Switzerland where most of the countries fiber is buried).</p>
  5050. <p>I guess this explains why my mobile data speed is not always as fast as I like it to be...</p>
  5051. ]]></description>
  5052.    <content:encoded><![CDATA[<p>While in the train from Bern to Zurich, I did a traceroute towards the server which currently hosts this weblog (it is located at <a href="http://www.open.ch" title="Open Systems">Open Systems</a> in Zurich). The connection starts on my laptop and is thethered via my cell to the Orange backbone.</p>
  5053. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  5054.  1.|-- 172.20.10.1                0.0%     5    2.0  12.1   1.7  33.2  14.6
  5055.  2.|-- 10.8.8.67                  0.0%     5   52.2 373.4  52.2 1241. 504.8
  5056.  3.|-- 10.8.12.10                 0.0%     5   50.9 347.4  50.9 1143. 453.3
  5057.  4.|-- 192.168.249.201            0.0%     5   51.2 282.7  51.2 1042. 426.8
  5058.  5.|-- 192.168.253.191            0.0%     5   51.2 226.2  44.5 942.2 400.3
  5059.  6.|-- 192.168.250.203            0.0%     5   51.4 206.7  37.9 847.5 358.2
  5060.  7.|-- 10.10.10.10                0.0%     5   50.0 181.4  29.6 746.9 316.2
  5061.  8.|-- 10.255.200.1               0.0%     5   50.0 172.2  36.9 645.6 264.9
  5062.  9.|-- 193.251.248.145            0.0%     4   60.2  59.8  46.2  81.9  15.8
  5063. 10.|-- 193.251.240.53             0.0%     4   70.0  76.4  64.9 101.6  16.9
  5064. 11.|-- 146.188.112.77             0.0%     4   70.4  74.0  69.2  83.8   6.7
  5065. 12.|-- 146.188.5.1                0.0%     4   70.6  71.7  58.1  88.1  12.3
  5066. 13.|-- 146.188.4.194              0.0%     4   70.5  61.9  51.6  70.9  10.2
  5067. 14.|-- 146.188.64.74              0.0%     4   71.3  69.2  58.8  75.4   7.2
  5068. 15.|-- 213.156.230.29             0.0%     4   71.5  78.3  62.6 108.9  20.7
  5069. 16.|-- 213.156.229.8              0.0%     4   72.2  75.2  70.4  81.9   5.1
  5070. 17.|-- 213.156.229.222           25.0%     4   80.8  76.2  61.2  86.5  13.3</pre>
  5071. <p>You can see that the traffic is passed through 8 different routers inside the Orange backbone (using IPs from all three RFC1918 ranges...) before it is let onto the Internet.<br>
  5072. And then the real fun starts (let's use DNS names for this):</p>
  5073. <pre>HOST: Andreass-MacBook-Pro.local  Loss%   Snt   Last   Avg  Best  Wrst StDev
  5074.  1.|-- 172.20.10.1                0.0%     5    2.0  12.2   1.9  33.3  14.5
  5075.  2.|-- 10.8.8.67                  0.0%     5   44.2 345.6  27.0 1167. 494.2
  5076.  3.|-- 10.8.12.10                 0.0%     5   52.2 308.9  27.0 1104. 462.4
  5077.  4.|-- 192.168.249.201            0.0%     5   33.4 264.9  27.2 1014. 427.1
  5078.  5.|-- 192.168.253.191            0.0%     5   30.3 227.5  27.3 952.9 406.4
  5079.  6.|-- 192.168.250.203            0.0%     5   50.4 200.7  27.0 860.0 368.7
  5080.  7.|-- 10.10.10.10                0.0%     5   72.4 193.5  30.5 779.2 327.8
  5081.  8.|-- 10.255.200.1               0.0%     5   31.8 166.8  27.6 688.0 291.5
  5082.  9.|-- pos0-1-1-1.gencr1.geneve.  0.0%     4   50.8  55.0  47.6  67.1   8.6
  5083. 10.|-- pos14-0-1.pascr4.paris.op  0.0%     4   61.0  64.4  57.7  78.5   9.5
  5084. 11.|-- ge6-0-0.br2.par2.alter.ne  0.0%     4   70.8  56.3  48.4  70.8   9.9
  5085. 12.|-- so-2-3-0.xt2.zur3.alter.n  0.0%     4  108.9  65.6  48.0 108.9  29.2
  5086. 13.|-- pos2-0.gw4.zur4.alter.net  0.0%     4   51.7  55.5  50.3  68.8   8.8
  5087. 14.|-- uch200193-gw.customer.alt  0.0%     4  171.8  83.6  50.7 171.8  58.8
  5088. 15.|-- whale29.open.ch            0.0%     4  132.1  90.0  59.2 132.1  32.7
  5089. 16.|-- orca8.open.ch              0.0%     4   72.4  66.8  58.6  73.5   7.3
  5090. 17.|-- real.jaggi.info           25.0%     4   80.2  64.7  56.2  80.2  13.4</pre>
  5091. <p>As we see, Orange injects their mobile data traffic into the Internet in Geneva (pos0-1-1-1.gencr1.geneve.).<br>
  5092. Then it is first sent to Paris (pas14-0-1.pascr4.paris.op and ge6-0-0.br2.par2.alter.ne) and from there back to Zurich (so-2-3-0.xt2.yur3.alter.n and all the following hosts).</p>
  5093. <p>I can kind of understand that the traffic is routed via Geneva (main Orange infrastructure is there), but why is it sent to Paris? (especially since Geneva&lt;-&gt;Zurich is the main Internet connection inside Switzerland where most of the countries fiber is buried).</p>
  5094. <p>I guess this explains why my mobile data speed is not always as fast as I like it to be...</p>
  5095. ]]></content:encoded>
  5096.  </item>
  5097.  
  5098.  <item>
  5099.    <title>Administrative Distance</title>
  5100.    <link>https://blog.x-way.org/Networking/2013/02/18/Administrative-Distance.html</link>
  5101.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324198</guid>
  5102.    <dc:creator>Andreas Jaggi</dc:creator>
  5103.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5104.    <pubDate>Mon, 18 Feb 2013 08:39:00 +0100</pubDate>
  5105.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  5106.    <description><![CDATA[<p>When using more than one dynamic routing protocol, make sure to know their <a href="http://en.wikipedia.org/wiki/Administrative_distance" title="Administrative distance">administrative distance</a>.</p>
  5107. <p>Further it is usually a bad idea to redistribute routes from a dynamic routing protocol into another one with a lower administrative distance. Especially when having multiple handover points between the two protocols.</p>
  5108. ]]></description>
  5109.    <content:encoded><![CDATA[<p>When using more than one dynamic routing protocol, make sure to know their <a href="http://en.wikipedia.org/wiki/Administrative_distance" title="Administrative distance">administrative distance</a>.</p>
  5110. <p>Further it is usually a bad idea to redistribute routes from a dynamic routing protocol into another one with a lower administrative distance. Especially when having multiple handover points between the two protocols.</p>
  5111. ]]></content:encoded>
  5112.  </item>
  5113.  
  5114.  <item>
  5115.    <title>I ♡ snow</title>
  5116.    <link>https://blog.x-way.org/Misc/2013/02/17/I-love-snow.html</link>
  5117.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324197</guid>
  5118.    <dc:creator>Andreas Jaggi</dc:creator>
  5119.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5120.    <pubDate>Sun, 17 Feb 2013 17:31:00 +0100</pubDate>
  5121.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  5122.    <description><![CDATA[<p><a href="https://blog.x-way.org/images/i-love-snow-full.jpg" title="I ♡ snow"><img alt="I love snow" src="https://blog.x-way.org/images/i-love-snow.jpg" height="164" width="507" title="I ♡ snow"></a></p>
  5123. ]]></description>
  5124.    <content:encoded><![CDATA[<p><a href="https://blog.x-way.org/images/i-love-snow-full.jpg" title="I ♡ snow"><img alt="I love snow" src="https://blog.x-way.org/images/i-love-snow.jpg" height="164" width="507" title="I ♡ snow"></a></p>
  5125. ]]></content:encoded>
  5126.  </item>
  5127.  
  5128.  <item>
  5129.    <title>Computer Science</title>
  5130.    <link>https://blog.x-way.org/Misc/2013/02/14/Computer-Science.html</link>
  5131.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324196</guid>
  5132.    <dc:creator>Andreas Jaggi</dc:creator>
  5133.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5134.    <pubDate>Thu, 14 Feb 2013 18:07:00 +0100</pubDate>
  5135.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  5136.    <description><![CDATA[<p><img src="https://blog.x-way.org/images/comp-sci.jpg" height="371" width="497" alt="Computer Science"><br>via <a href="http://boingboing.net/2013/02/14/photo-of-the-computer-science.html" title="Photo of the Computer Science section at Barnes and Noble">boingboing.net</a></p>
  5137. ]]></description>
  5138.    <content:encoded><![CDATA[<p><img src="https://blog.x-way.org/images/comp-sci.jpg" height="371" width="497" alt="Computer Science"><br>via <a href="http://boingboing.net/2013/02/14/photo-of-the-computer-science.html" title="Photo of the Computer Science section at Barnes and Noble">boingboing.net</a></p>
  5139. ]]></content:encoded>
  5140.  </item>
  5141.  
  5142.  <item>
  5143.    <title>Updated HAVP blacklist script</title>
  5144.    <link>https://blog.x-way.org/Linux/2013/02/13/Updated-HAVP-blacklist-script.html</link>
  5145.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324195</guid>
  5146.    <dc:creator>Andreas Jaggi</dc:creator>
  5147.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5148.    <pubDate>Wed, 13 Feb 2013 18:02:00 +0100</pubDate>
  5149.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  5150.    <description><![CDATA[<p>The <a href="http://waterwave.ch/weblog/detail.php?id=324191">HAVP blacklist script</a> chocked on some entries from <a href="http://www.phishtank.com/" title="PhishTank">PhishTank</a>. These issues have been fixed with some more sed magic and I've put and updated version of the script on <a href="https://gist.github.com/x-way/4945994" title="makeblacklist.sh">Github</a>.</p>
  5151. <script src="https://gist.github.com/x-way/4945994.js"></script>
  5152. ]]></description>
  5153.    <content:encoded><![CDATA[<p>The <a href="http://waterwave.ch/weblog/detail.php?id=324191">HAVP blacklist script</a> chocked on some entries from <a href="http://www.phishtank.com/" title="PhishTank">PhishTank</a>. These issues have been fixed with some more sed magic and I've put and updated version of the script on <a href="https://gist.github.com/x-way/4945994" title="makeblacklist.sh">Github</a>.</p>
  5154. <script src="https://gist.github.com/x-way/4945994.js"></script>
  5155. ]]></content:encoded>
  5156.  </item>
  5157.  
  5158.  <item>
  5159.    <title>Verify a BGP MD5 password before session turnup</title>
  5160.    <link>https://blog.x-way.org/Networking/2013/02/13/Verify-a-BGP-MD5-password-before-session-turnup.html</link>
  5161.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324194</guid>
  5162.    <dc:creator>Andreas Jaggi</dc:creator>
  5163.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5164.    <pubDate>Wed, 13 Feb 2013 09:02:00 +0100</pubDate>
  5165.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  5166.    <description><![CDATA[<p>When setting up a new BGP peering, you may want to test if your peering partner uses the correct MD5 password without bringing up your side of the session.<br>
  5167. For this the <a href="http://www.tcpdump.org" title="TCPDUMP">tcpdump</a> option <var>-M</var> can be used to supply the MD5 password when sniffing the traffic of the new peer:</p>
  5168. <pre>tcpdump -ni eth0 -M MyBgPMd5PaSsWoRd tcp port 179</pre>
  5169. <p>tcpdump will then verify the MD5 signature for every packet where it finds a MD5 signature TCP option as specified in <a href="https://tools.ietf.org/html/rfc2385" title="RFC2385">RFC2385</a>.
  5170. <br>
  5171. In the output you will see <var>md5valid</var> for packets where your password matches the MD5 signature or <var>md5invalid</var> for packets where your password does not match the MD5 signature.<br>If you see neither <var>md5valid</var> nor <var>md5invalid</var> then the peer did not configure any MD5 BGP password.</p>
  5172. <p>If you want to check for mismatching MD5 passwords after you bring up the BGP session, just look into the kernel log. Linux reports invalid MD5 TCP signatures like this:</p>
  5173. <pre>MD5 Hash failed for (1.2.3.4, 56789)-&gt;(1.2.3.5, 179)</pre>
  5174. ]]></description>
  5175.    <content:encoded><![CDATA[<p>When setting up a new BGP peering, you may want to test if your peering partner uses the correct MD5 password without bringing up your side of the session.<br>
  5176. For this the <a href="http://www.tcpdump.org" title="TCPDUMP">tcpdump</a> option <var>-M</var> can be used to supply the MD5 password when sniffing the traffic of the new peer:</p>
  5177. <pre>tcpdump -ni eth0 -M MyBgPMd5PaSsWoRd tcp port 179</pre>
  5178. <p>tcpdump will then verify the MD5 signature for every packet where it finds a MD5 signature TCP option as specified in <a href="https://tools.ietf.org/html/rfc2385" title="RFC2385">RFC2385</a>.
  5179. <br>
  5180. In the output you will see <var>md5valid</var> for packets where your password matches the MD5 signature or <var>md5invalid</var> for packets where your password does not match the MD5 signature.<br>If you see neither <var>md5valid</var> nor <var>md5invalid</var> then the peer did not configure any MD5 BGP password.</p>
  5181. <p>If you want to check for mismatching MD5 passwords after you bring up the BGP session, just look into the kernel log. Linux reports invalid MD5 TCP signatures like this:</p>
  5182. <pre>MD5 Hash failed for (1.2.3.4, 56789)-&gt;(1.2.3.5, 179)</pre>
  5183. ]]></content:encoded>
  5184.  </item>
  5185.  
  5186.  <item>
  5187.    <title>Configure unattached Bridge Interfaces in Debian</title>
  5188.    <link>https://blog.x-way.org/Linux/2013/02/05/Configure-unattached-Bridge-Interfaces-in-Debian.html</link>
  5189.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324193</guid>
  5190.    <dc:creator>Andreas Jaggi</dc:creator>
  5191.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5192.    <pubDate>Tue, 05 Feb 2013 08:42:00 +0100</pubDate>
  5193.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  5194.    <description><![CDATA[<p>When working with virtualization technologies like KVM on Debian, you might need to configure bridge interfaces which are not attached to a physical interfaces (for example for a non-routed management network or similar).<br>
  5195. Debian uses the directive <var>bridge_ports</var> in <var>/etc/network/interfaces</var> to indicate whether an interface is a bridge interface or not.
  5196. The syntax checker does not accept an empty <var>bridge_ports</var> directive since he expects a list of physical interfaces to attach to the bridge interface.</p>
  5197. <p>When needing a bridge interface without any physical interfaces attached, usually people configure this interface by hand or with a special script.<br>
  5198. Since I manage <var>/etc/network/interfaces</var> with <a href="https://github.com/x-way/puppet-interfaces" title="puppet-interfaces">my Puppet module</a>, I would like to use it to configure all network interfaces including the unattached bridge interfaces.<br>
  5199. It turns out that this can be done by passing <var>none</var> as parameter for the <var>bridge_ports</var> directive like this:
  5200. </p>
  5201. <pre>interface br0 inet static
  5202. address 192.0.2.1
  5203. netmask 255.255.255.0
  5204. bridge_ports none</pre>
  5205. ]]></description>
  5206.    <content:encoded><![CDATA[<p>When working with virtualization technologies like KVM on Debian, you might need to configure bridge interfaces which are not attached to a physical interfaces (for example for a non-routed management network or similar).<br>
  5207. Debian uses the directive <var>bridge_ports</var> in <var>/etc/network/interfaces</var> to indicate whether an interface is a bridge interface or not.
  5208. The syntax checker does not accept an empty <var>bridge_ports</var> directive since he expects a list of physical interfaces to attach to the bridge interface.</p>
  5209. <p>When needing a bridge interface without any physical interfaces attached, usually people configure this interface by hand or with a special script.<br>
  5210. Since I manage <var>/etc/network/interfaces</var> with <a href="https://github.com/x-way/puppet-interfaces" title="puppet-interfaces">my Puppet module</a>, I would like to use it to configure all network interfaces including the unattached bridge interfaces.<br>
  5211. It turns out that this can be done by passing <var>none</var> as parameter for the <var>bridge_ports</var> directive like this:
  5212. </p>
  5213. <pre>interface br0 inet static
  5214. address 192.0.2.1
  5215. netmask 255.255.255.0
  5216. bridge_ports none</pre>
  5217. ]]></content:encoded>
  5218.  </item>
  5219.  
  5220.  <item>
  5221.    <title>Nice-looking templates for HAVP</title>
  5222.    <link>https://blog.x-way.org/Linux/2013/01/05/Nice-looking-templates-for-HAVP.html</link>
  5223.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324192</guid>
  5224.    <dc:creator>Andreas Jaggi</dc:creator>
  5225.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5226.    <pubDate>Sat, 05 Jan 2013 00:14:00 +0100</pubDate>
  5227.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  5228.    <description><![CDATA[<p>Since the default templates of HAVP look like being stuck in the 90's, I created some nice-looking templates.<br>
  5229. You can download them from GitHub: <a href="https://github.com/x-way/havp-templates" title="x-way/havp-templates">https://github.com/x-way/havp-templates</a><br>Currently there is only the german version, feel free to send me a pull-request with another translation :-)</p>
  5230. <p><a href="https://blog.x-way.org/images/havp-templates-screenshot.png"><img src="https://blog.x-way.org/images/havp-templates-thumb.png" alt="havp-templates screenshot" width="306" height="116"></a></p>
  5231. ]]></description>
  5232.    <content:encoded><![CDATA[<p>Since the default templates of HAVP look like being stuck in the 90's, I created some nice-looking templates.<br>
  5233. You can download them from GitHub: <a href="https://github.com/x-way/havp-templates" title="x-way/havp-templates">https://github.com/x-way/havp-templates</a><br>Currently there is only the german version, feel free to send me a pull-request with another translation :-)</p>
  5234. <p><a href="https://blog.x-way.org/images/havp-templates-screenshot.png"><img src="https://blog.x-way.org/images/havp-templates-thumb.png" alt="havp-templates screenshot" width="306" height="116"></a></p>
  5235. ]]></content:encoded>
  5236.  </item>
  5237.  
  5238.  <item>
  5239.    <title>HAVP PhishTank and Adserver Blacklist</title>
  5240.    <link>https://blog.x-way.org/Linux/2013/01/01/HAVP-PhishTank-and-Adserver-Blacklist.html</link>
  5241.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324191</guid>
  5242.    <dc:creator>Andreas Jaggi</dc:creator>
  5243.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5244.    <pubDate>Tue, 01 Jan 2013 12:50:00 +0100</pubDate>
  5245.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  5246.    <description><![CDATA[<p>For basic virus protection I'm running a proxy with <a href="http://www.server-side.de/" title="HTTP Anti-Virus Proxy">HAVP</a> and <a href="http://www.clamav.net/" title="Clam AntiVirus">ClamAV</a>.<br>
  5247. Since some time I was using HAVPs blacklist functionality to block Ads (by blacklisting *.doubleclick.net and *.ivwbox.de).
  5248. As such a manual blacklist is not very efficient I wanted to have an auto-updating list of adservers, thus I started to write the shellscript below which generates an up-to-date blacklist based on the adserverlist from <a href="http://pgl.yoyo.org/adservers/" title="pgl.yoyo.org">pgl.yoyo.org</a>.</p>
  5249. <p>Shortly after this I extended the script to also incorporate a Phising blacklist based on the data from <a href="http://www.phishtank.com/" title="PhishTank">PhishTank</a>.<br>
  5250. Currently I'm using the version below which runs in a cronjob every two hours and keeps the HAVP blacklist up-to-date. Please note that you need to insert your own free PhishTank API key when using this script.</p>
  5251. <pre>
  5252. #!/bin/sh
  5253.  
  5254. cd /etc/havp
  5255.  
  5256. OUTFILE=/etc/havp/blacklist
  5257.  
  5258. ADSERVERLIST=/etc/havp/adserverlist
  5259. PHISHTANK=/etc/havp/phishtank
  5260. MYBLACKLIST=/etc/havp/myblacklist
  5261.  
  5262. wget -q -N "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=webwasher;showintro=0;mimetype=plaintext"
  5263. sed -e 's_^//_#_g' serverlist.php* | sort | uniq &gt; $ADSERVERLIST
  5264.  
  5265. wget -q -N http://data.phishtank.com/data/&lt;PhishTank API key&gt;/online-valid.csv.bz2
  5266. bzcat online-valid.csv.bz2 | sed \
  5267. -e 's/^[0-9]*,//' \
  5268. -e 's@,http://www.phishtank.com/phish_detail.php?phish_id=[0-9]*,.*$@@' \
  5269. -e 's/^"\(.*\)"$/\1/'  \
  5270. -e 's_^https\?://__' \
  5271. -e 's_/$_/*_' \
  5272. -e 's_^\([^/]*\)$_\1/*_' \
  5273. -e 's/?.*/*/' | \
  5274. grep -vF 'phish_id,url,phish_detail_url,submission_time,verified,verification_time,online,target' | \
  5275. iconv -f utf8 -t ascii -c - | sort | uniq &gt; $PHISHTANK
  5276.  
  5277.  
  5278. echo "# blacklist file generated by $0, `date`" &gt; $OUTFILE
  5279.  
  5280. echo "\n# MYBLACKLIST:" &gt;&gt; $OUTFILE
  5281. cat $MYBLACKLIST &gt;&gt; $OUTFILE
  5282.  
  5283. echo "\n# ADSERVERLIST:" &gt;&gt; $OUTFILE
  5284. cat $ADSERVERLIST &gt;&gt; $OUTFILE
  5285.  
  5286. echo "\n# PHISHTANK:" &gt;&gt; $OUTFILE
  5287. cat $PHISHTANK &gt;&gt; $OUTFILE
  5288. </pre>
  5289. ]]></description>
  5290.    <content:encoded><![CDATA[<p>For basic virus protection I'm running a proxy with <a href="http://www.server-side.de/" title="HTTP Anti-Virus Proxy">HAVP</a> and <a href="http://www.clamav.net/" title="Clam AntiVirus">ClamAV</a>.<br>
  5291. Since some time I was using HAVPs blacklist functionality to block Ads (by blacklisting *.doubleclick.net and *.ivwbox.de).
  5292. As such a manual blacklist is not very efficient I wanted to have an auto-updating list of adservers, thus I started to write the shellscript below which generates an up-to-date blacklist based on the adserverlist from <a href="http://pgl.yoyo.org/adservers/" title="pgl.yoyo.org">pgl.yoyo.org</a>.</p>
  5293. <p>Shortly after this I extended the script to also incorporate a Phising blacklist based on the data from <a href="http://www.phishtank.com/" title="PhishTank">PhishTank</a>.<br>
  5294. Currently I'm using the version below which runs in a cronjob every two hours and keeps the HAVP blacklist up-to-date. Please note that you need to insert your own free PhishTank API key when using this script.</p>
  5295. <pre>
  5296. #!/bin/sh
  5297.  
  5298. cd /etc/havp
  5299.  
  5300. OUTFILE=/etc/havp/blacklist
  5301.  
  5302. ADSERVERLIST=/etc/havp/adserverlist
  5303. PHISHTANK=/etc/havp/phishtank
  5304. MYBLACKLIST=/etc/havp/myblacklist
  5305.  
  5306. wget -q -N "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=webwasher;showintro=0;mimetype=plaintext"
  5307. sed -e 's_^//_#_g' serverlist.php* | sort | uniq &gt; $ADSERVERLIST
  5308.  
  5309. wget -q -N http://data.phishtank.com/data/&lt;PhishTank API key&gt;/online-valid.csv.bz2
  5310. bzcat online-valid.csv.bz2 | sed \
  5311. -e 's/^[0-9]*,//' \
  5312. -e 's@,http://www.phishtank.com/phish_detail.php?phish_id=[0-9]*,.*$@@' \
  5313. -e 's/^"\(.*\)"$/\1/'  \
  5314. -e 's_^https\?://__' \
  5315. -e 's_/$_/*_' \
  5316. -e 's_^\([^/]*\)$_\1/*_' \
  5317. -e 's/?.*/*/' | \
  5318. grep -vF 'phish_id,url,phish_detail_url,submission_time,verified,verification_time,online,target' | \
  5319. iconv -f utf8 -t ascii -c - | sort | uniq &gt; $PHISHTANK
  5320.  
  5321.  
  5322. echo "# blacklist file generated by $0, `date`" &gt; $OUTFILE
  5323.  
  5324. echo "\n# MYBLACKLIST:" &gt;&gt; $OUTFILE
  5325. cat $MYBLACKLIST &gt;&gt; $OUTFILE
  5326.  
  5327. echo "\n# ADSERVERLIST:" &gt;&gt; $OUTFILE
  5328. cat $ADSERVERLIST &gt;&gt; $OUTFILE
  5329.  
  5330. echo "\n# PHISHTANK:" &gt;&gt; $OUTFILE
  5331. cat $PHISHTANK &gt;&gt; $OUTFILE
  5332. </pre>
  5333. ]]></content:encoded>
  5334.  </item>
  5335.  
  5336.  <item>
  5337.    <title>Automatic Proxy Configuration via DHCP</title>
  5338.    <link>https://blog.x-way.org/Networking/2012/12/30/Automatic-Proxy-Configuration-via-DHCP.html</link>
  5339.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324190</guid>
  5340.    <dc:creator>Andreas Jaggi</dc:creator>
  5341.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5342.    <pubDate>Sun, 30 Dec 2012 19:39:00 +0100</pubDate>
  5343.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  5344.    <description><![CDATA[<p>To avoid the timeconsuming manual configuration of a proxy server on all computers, phones and tablets, the proxy configuration can be provided automatically via DHCP by using <a href="http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol" title="Web Proxy Autodiscovery Protocol">WPAD</a>.</p>
  5345. <p>For this setup, the following components are needed:</p>
  5346. <ol>
  5347. <li>A DHCP server which announces DHCP option 252 with the URL of the <a href="http://en.wikipedia.org/wiki/Proxy_auto-config" title="Proxy auto config">PAC</a> file (wpad.dat).</li>
  5348. <li>A webserver which serves the wpad.dat file</li>
  5349. <li>A wpad.dat PAC file where the Proxy IP is defined</li>
  5350. </ol>
  5351.  
  5352. <p>On a MikroTik system, the DHCP server configuration looks like this:</p>
  5353. <pre>
  5354. /ip dhcp-server option
  5355. add code=252 name=local-pac-server value="http://192.168.0.2:80/wpad.dat\?"
  5356. /ip dhcp-server network
  5357. add address=192.168.0.0/24 dhcp-option=local-pac-server dns-server=192.168.0.1 gateway=192.168.0.1 netmask=24
  5358. </pre>
  5359. <p>Please note the trailing questionmark in the URL for the PAC file. This is a workaround for yet another occurrence of RFC nitpicking where some implementations might misinterpret the DHCP option and add an encoded NULL-byte character to the end of the URL when requesting the PAC file from the webserver.<br>With the questinmark at the end of the URL, any additional trailing NULL-byte character will be ignored by the webserver and the PAC file will be loaded just fine.</p>
  5360.  
  5361. <p>Following the example above, on the machine 192.168.0.2, we serve the following <var>wpad.dat</var> file:</p>
  5362. <pre>
  5363. function FindProxyForURL ( url, host ) {
  5364. return "PROXY 1.2.3.4:8080; DIRECT";
  5365. }
  5366. </pre>
  5367.  
  5368. <p>With this setup, all systems will use the proxy at 1.2.3.4 and if the proxy is not available try to connect directly to the Internet.<br>
  5369. While this is fine for a home network where the proxy is mostly used for adblocking, you probably want to remove the <var>DIRECT</var> part in an enterprise setup.</p>
  5370. ]]></description>
  5371.    <content:encoded><![CDATA[<p>To avoid the timeconsuming manual configuration of a proxy server on all computers, phones and tablets, the proxy configuration can be provided automatically via DHCP by using <a href="http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol" title="Web Proxy Autodiscovery Protocol">WPAD</a>.</p>
  5372. <p>For this setup, the following components are needed:</p>
  5373. <ol>
  5374. <li>A DHCP server which announces DHCP option 252 with the URL of the <a href="http://en.wikipedia.org/wiki/Proxy_auto-config" title="Proxy auto config">PAC</a> file (wpad.dat).</li>
  5375. <li>A webserver which serves the wpad.dat file</li>
  5376. <li>A wpad.dat PAC file where the Proxy IP is defined</li>
  5377. </ol>
  5378.  
  5379. <p>On a MikroTik system, the DHCP server configuration looks like this:</p>
  5380. <pre>
  5381. /ip dhcp-server option
  5382. add code=252 name=local-pac-server value="http://192.168.0.2:80/wpad.dat\?"
  5383. /ip dhcp-server network
  5384. add address=192.168.0.0/24 dhcp-option=local-pac-server dns-server=192.168.0.1 gateway=192.168.0.1 netmask=24
  5385. </pre>
  5386. <p>Please note the trailing questionmark in the URL for the PAC file. This is a workaround for yet another occurrence of RFC nitpicking where some implementations might misinterpret the DHCP option and add an encoded NULL-byte character to the end of the URL when requesting the PAC file from the webserver.<br>With the questinmark at the end of the URL, any additional trailing NULL-byte character will be ignored by the webserver and the PAC file will be loaded just fine.</p>
  5387.  
  5388. <p>Following the example above, on the machine 192.168.0.2, we serve the following <var>wpad.dat</var> file:</p>
  5389. <pre>
  5390. function FindProxyForURL ( url, host ) {
  5391. return "PROXY 1.2.3.4:8080; DIRECT";
  5392. }
  5393. </pre>
  5394.  
  5395. <p>With this setup, all systems will use the proxy at 1.2.3.4 and if the proxy is not available try to connect directly to the Internet.<br>
  5396. While this is fine for a home network where the proxy is mostly used for adblocking, you probably want to remove the <var>DIRECT</var> part in an enterprise setup.</p>
  5397. ]]></content:encoded>
  5398.  </item>
  5399.  
  5400.  <item>
  5401.    <title>Stripe CTF 2.0</title>
  5402.    <link>https://blog.x-way.org/Networking/2012/08/28/Stripe-CTF-2.0.html</link>
  5403.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324189</guid>
  5404.    <dc:creator>Andreas Jaggi</dc:creator>
  5405.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5406.    <pubDate>Tue, 28 Aug 2012 11:23:00 +0200</pubDate>
  5407.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  5408.    <description><![CDATA[<p><a href="#" class="gone" title="Stripe: Capture The Flag"><img src="https://blog.x-way.org/images/stripe-ctf.png" height="274" width="387" alt="Stripe: Capture The Flag"></a></p>
  5409. ]]></description>
  5410.    <content:encoded><![CDATA[<p><a href="#" class="gone" title="Stripe: Capture The Flag"><img src="https://blog.x-way.org/images/stripe-ctf.png" height="274" width="387" alt="Stripe: Capture The Flag"></a></p>
  5411. ]]></content:encoded>
  5412.  </item>
  5413.  
  5414.  <item>
  5415.    <title>icanhazip.com clone with nginx</title>
  5416.    <link>https://blog.x-way.org/Linux/2012/08/05/icanhazip.com-clone-with-nginx.html</link>
  5417.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324188</guid>
  5418.    <dc:creator>Andreas Jaggi</dc:creator>
  5419.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5420.    <pubDate>Sun, 05 Aug 2012 23:58:00 +0200</pubDate>
  5421.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  5422.    <description><![CDATA[<p>Thanks to the <a href="http://wiki.nginx.org/HttpEchoModule" title="HttpEchoModule">ngx_echo</a> module, it is trivially easy to build a clone of the <a href="http://icanhazip.com" title="icanhazip.com">icanhazip.com</a> service with <a href="http://www.nginx.org/" title="nginx">nginx</a>:</p>
  5423. <pre>
  5424. server {
  5425. listen 80;
  5426. listen [::]:80;
  5427.  
  5428. location / {
  5429. echo $remote_addr;
  5430. }  
  5431. }
  5432. </pre>
  5433. ]]></description>
  5434.    <content:encoded><![CDATA[<p>Thanks to the <a href="http://wiki.nginx.org/HttpEchoModule" title="HttpEchoModule">ngx_echo</a> module, it is trivially easy to build a clone of the <a href="http://icanhazip.com" title="icanhazip.com">icanhazip.com</a> service with <a href="http://www.nginx.org/" title="nginx">nginx</a>:</p>
  5435. <pre>
  5436. server {
  5437. listen 80;
  5438. listen [::]:80;
  5439.  
  5440. location / {
  5441. echo $remote_addr;
  5442. }  
  5443. }
  5444. </pre>
  5445. ]]></content:encoded>
  5446.  </item>
  5447.  
  5448.  <item>
  5449.    <title>How to get a Rootshell on a Cisco WAP121</title>
  5450.    <link>https://blog.x-way.org/Networking/2012/08/05/How-to-get-a-Rootshell-on-a-Cisco-WAP121.html</link>
  5451.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324187</guid>
  5452.    <dc:creator>Andreas Jaggi</dc:creator>
  5453.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5454.    <pubDate>Sun, 05 Aug 2012 20:02:00 +0200</pubDate>
  5455.    <category domain="https://blog.x-way.org/Networking">Networking</category>
  5456.    <description><![CDATA[<p>The <a href="http://www.cisco.com/en/US/products/ps12250/index.html" title="Cisco WAP121 Wireless-N Access Point with PoE">Cisco WAP121</a> runs a Linux based firmware. This is how you get a Rootshell on it:</p>
  5457. <ol>
  5458. <li>Login to the Web GUI of the WAP121 and enable the SSH management access</li>
  5459. <li>Login with SSH and enter this command: <code >sh</code></li>
  5460. </ol>
  5461. <p>
  5462. This probably works with the Cisco WAP321 as well (I only tested with the WAP121).<br>
  5463. Also when having still only the one 'cisco' user account configured you can directly get a Rootshell via SSH like this: <code>ssh -l root@&lt;WAP121 IP&gt;</code>
  5464. </p>
  5465. ]]></description>
  5466.    <content:encoded><![CDATA[<p>The <a href="http://www.cisco.com/en/US/products/ps12250/index.html" title="Cisco WAP121 Wireless-N Access Point with PoE">Cisco WAP121</a> runs a Linux based firmware. This is how you get a Rootshell on it:</p>
  5467. <ol>
  5468. <li>Login to the Web GUI of the WAP121 and enable the SSH management access</li>
  5469. <li>Login with SSH and enter this command: <code >sh</code></li>
  5470. </ol>
  5471. <p>
  5472. This probably works with the Cisco WAP321 as well (I only tested with the WAP121).<br>
  5473. Also when having still only the one 'cisco' user account configured you can directly get a Rootshell via SSH like this: <code>ssh -l root@&lt;WAP121 IP&gt;</code>
  5474. </p>
  5475. ]]></content:encoded>
  5476.  </item>
  5477.  
  5478.  <item>
  5479.    <title>Artiphys 2012</title>
  5480.    <link>https://blog.x-way.org/Badges/2012/03/31/Artiphys-2012.html</link>
  5481.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324186</guid>
  5482.    <dc:creator>Andreas Jaggi</dc:creator>
  5483.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5484.    <pubDate>Sat, 31 Mar 2012 09:04:00 +0200</pubDate>
  5485.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5486.    <description><![CDATA[<p>After the summer festivals of Sydney, now also the festivals in Switzerland start again.<br>First one this year: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2012</a></p>
  5487. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2012.jpeg" alt="Artiphys 2012" height="312" width="225"></p>
  5488. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2012_Artist.jpeg" alt="Artiphys 2012" height="316" width="227"></p>
  5489. ]]></description>
  5490.    <content:encoded><![CDATA[<p>After the summer festivals of Sydney, now also the festivals in Switzerland start again.<br>First one this year: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2012</a></p>
  5491. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2012.jpeg" alt="Artiphys 2012" height="312" width="225"></p>
  5492. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2012_Artist.jpeg" alt="Artiphys 2012" height="316" width="227"></p>
  5493. ]]></content:encoded>
  5494.  </item>
  5495.  
  5496.  <item>
  5497.    <title>Fix empty Puppet lsbdistcodename on Debian</title>
  5498.    <link>https://blog.x-way.org/Linux/2012/02/14/Fix-empty-puppet-lsbdistcodename-on-Debian.html</link>
  5499.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324184</guid>
  5500.    <dc:creator>Andreas Jaggi</dc:creator>
  5501.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5502.    <pubDate>Tue, 14 Feb 2012 13:15:00 +0100</pubDate>
  5503.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  5504.    <description><![CDATA[<p>While playing around with my <a href="http://puppetlabs.com/" title="Puppet Labs: The Leading IT Automation Software Solution">Puppet</a> configuration I discovered that the 'system facts' returned by the <a href="http://puppetlabs.com/puppet/related-projects/facter/" title="The Facter Program Quickly Gathers Basic Node Information">Facter</a> helper tool were not consistent on my Debian boxes.</p>
  5505. <p>On some machines Facter properly reported all <a href="http://www.linuxfoundation.org/collaborate/workgroups/lsb" title="Linux Standard Base">LSB</a> related facts of the system, while on other machines it did not report any such information.<br>The problem occurred on about 50% of the hosts, so I excluded a bug introduced by manual over-tuning of the system configuration.</p>
  5506. <p>Further investigation showed that Facter uses the <code>lsb_release</code> command to collect the LSB information of the system.<br>On Debian this command is provided by the <code>lsb-release</code> package which was only installed on half of my systems...</p>
  5507. <p>Now my Puppet manifests include the following configuration directive which should prevent this problem in the future :-)</p>
  5508. <pre>
  5509. package { 'lsb-release':
  5510. ensure => installed,
  5511. }
  5512. </pre>
  5513. ]]></description>
  5514.    <content:encoded><![CDATA[<p>While playing around with my <a href="http://puppetlabs.com/" title="Puppet Labs: The Leading IT Automation Software Solution">Puppet</a> configuration I discovered that the 'system facts' returned by the <a href="http://puppetlabs.com/puppet/related-projects/facter/" title="The Facter Program Quickly Gathers Basic Node Information">Facter</a> helper tool were not consistent on my Debian boxes.</p>
  5515. <p>On some machines Facter properly reported all <a href="http://www.linuxfoundation.org/collaborate/workgroups/lsb" title="Linux Standard Base">LSB</a> related facts of the system, while on other machines it did not report any such information.<br>The problem occurred on about 50% of the hosts, so I excluded a bug introduced by manual over-tuning of the system configuration.</p>
  5516. <p>Further investigation showed that Facter uses the <code>lsb_release</code> command to collect the LSB information of the system.<br>On Debian this command is provided by the <code>lsb-release</code> package which was only installed on half of my systems...</p>
  5517. <p>Now my Puppet manifests include the following configuration directive which should prevent this problem in the future :-)</p>
  5518. <pre>
  5519. package { 'lsb-release':
  5520. ensure => installed,
  5521. }
  5522. </pre>
  5523. ]]></content:encoded>
  5524.  </item>
  5525.  
  5526.  <item>
  5527.    <title>Big Day Out</title>
  5528.    <link>https://blog.x-way.org/Music/2012/01/29/Big-Day-Out.html</link>
  5529.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324183</guid>
  5530.    <dc:creator>Andreas Jaggi</dc:creator>
  5531.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5532.    <pubDate>Sun, 29 Jan 2012 13:28:00 +0100</pubDate>
  5533.    <category domain="https://blog.x-way.org/Music">Music</category>
  5534.    <description><![CDATA[<p>One advantage of being in Australia during the swiss winter is that you can go to music festivals in January! And so I did :-)</p>
  5535. <p>
  5536. Last thursday I went to the <a href="https://web.archive.org/web/20120130215810/https://www.bigdayout.com/" title="Big Day Out (archive.org)">Big Day Out</a> festival in <a href="https://web.archive.org/web/20120204011324/http://sydney.bigdayout.com/" title="Big Day Out Sydney 2012 (archive.org)">Sydney</a>.<br>
  5537. What is interesting compared to festivals in Europe is that in Australia the festival starts at 11 in the morning and ends at 11:45 in the evening, whereas in Switzerland festivals start around 5 in the afternoon and end around 5-6 in the morning.</p>
  5538. <p>I really liked the performances of <a href="http://www.parkwaydriverock.com/" title="Parkway Drive">Parkway Drive</a>, <a href="http://www.misskittin.com/" title="MissKittin's Tree">Miss Kittin</a>, <a href="http://royksopp.com/" title="Röyksopp">Röyksopp</a>, <a href="http://www.bassnectar.net/" title="BASSNECTAR">Bassnectar</a>, <a href="http://www.kasabian.co.uk/" title="Kasabian">Kasabian</a>, <a href="http://www.soundgardenworld.com/" title="Soundgarden World">Soundgarden</a> and <a href="http://regurgitator.net/" title="Regurgitator">Regurgitator</a>.<br>
  5539. Also it was nice to catch a glimpse of <a href="http://www.thejezabels.com/" title="The Jezabels">The Jezabels</a>, <a href="https://hilltophoods.com" title="HILLTOP HOODS : I LOVE IT">Hilltop Hoods</a>, <a href="http://kittydaisyandlewis.com/" title="kittydaisyandlewis">Kitty, Daisy &amp; Lewis</a> and the show of <a href="https://web.archive.org/web/20120201193949/http://kanyewest.com/" title="Kayne West (archive.org)">Kayne West</a>.<br>
  5540. A bit disapointing was the performance of <a href="https://web.archive.org/web/20120207185623/https://www.cavaleraconspiracy.com/" title="Cavalera Conspiracy (archive.org)">Cavalera Conspiracy</a>. They even had to fallback to popular <a href="https://web.archive.org/web/20120213114918/http://www.sepultura.com/" title="SEPULTURA.COM (archive.org)">Sepultura</a> songs (<a href="http://www.youtube.com/watch?v=6ODNxy3YOPU" title="Sepultura - Refuse/Resist">Refuse/Resist</a>, <a href="http://www.youtube.com/watch?v=F_6IjeprfEs" title="Sepultura - Roots Bloody Roots">Roots Bloody Roots</a>) in order to get the crowd moving. On the other hand it was lucky for me, so I got to see a live concert of Sepultura (performed by the founders of Sepultura!), something I didn't think I would ever see after Max Cavalera had left the band.<br>
  5541. Unfortunately the last train back was before the end of the festival and so I did miss <a href="https://web.archive.org/web/20120131113223/http://www.thisisnero.com/" title="This Is Nero (archive.org)">Nero</a>.</p>
  5542.  
  5543. <p>
  5544. <img src="https://blog.x-way.org/images/bigdayout_pineapple_drink.jpg" alt="Big Day Out branded Pineapple Drink" height="512" width="384">
  5545. <img src="https://blog.x-way.org/images/bigdayout_mainstages.jpg" alt="Big Day Out Sydney Olympic Park Mainstages" height="384" width="512">
  5546. <img src="https://blog.x-way.org/images/bigdayout_ferris_wheel.jpg" alt="Big Day Out Ferris Wheel inside the 'Boiler Room' hall" height="512" width="384">
  5547. <img src="https://blog.x-way.org/images/bigdayout_misskittin.jpg" alt="Miss Kittin @ Big Day Out" height="384" width="512">
  5548. <img src="https://blog.x-way.org/images/bigdayout_happybeer.jpg" alt="Happy Beer @ Big Day Out" height="512" width="384">
  5549. <img src="https://blog.x-way.org/images/bigdayout_regurgitator.jpg" alt="Regurgitator @ Big Day Out" height="384" width="512">
  5550. <img src="https://blog.x-way.org/images/bigdayout_cavalera_conspiracy.jpg" alt="Cavalera Conspiracy @ Big Day Out" height="512" width="384">
  5551. </p>
  5552. ]]></description>
  5553.    <content:encoded><![CDATA[<p>One advantage of being in Australia during the swiss winter is that you can go to music festivals in January! And so I did :-)</p>
  5554. <p>
  5555. Last thursday I went to the <a href="https://web.archive.org/web/20120130215810/https://www.bigdayout.com/" title="Big Day Out (archive.org)">Big Day Out</a> festival in <a href="https://web.archive.org/web/20120204011324/http://sydney.bigdayout.com/" title="Big Day Out Sydney 2012 (archive.org)">Sydney</a>.<br>
  5556. What is interesting compared to festivals in Europe is that in Australia the festival starts at 11 in the morning and ends at 11:45 in the evening, whereas in Switzerland festivals start around 5 in the afternoon and end around 5-6 in the morning.</p>
  5557. <p>I really liked the performances of <a href="http://www.parkwaydriverock.com/" title="Parkway Drive">Parkway Drive</a>, <a href="http://www.misskittin.com/" title="MissKittin's Tree">Miss Kittin</a>, <a href="http://royksopp.com/" title="Röyksopp">Röyksopp</a>, <a href="http://www.bassnectar.net/" title="BASSNECTAR">Bassnectar</a>, <a href="http://www.kasabian.co.uk/" title="Kasabian">Kasabian</a>, <a href="http://www.soundgardenworld.com/" title="Soundgarden World">Soundgarden</a> and <a href="http://regurgitator.net/" title="Regurgitator">Regurgitator</a>.<br>
  5558. Also it was nice to catch a glimpse of <a href="http://www.thejezabels.com/" title="The Jezabels">The Jezabels</a>, <a href="https://hilltophoods.com" title="HILLTOP HOODS : I LOVE IT">Hilltop Hoods</a>, <a href="http://kittydaisyandlewis.com/" title="kittydaisyandlewis">Kitty, Daisy &amp; Lewis</a> and the show of <a href="https://web.archive.org/web/20120201193949/http://kanyewest.com/" title="Kayne West (archive.org)">Kayne West</a>.<br>
  5559. A bit disapointing was the performance of <a href="https://web.archive.org/web/20120207185623/https://www.cavaleraconspiracy.com/" title="Cavalera Conspiracy (archive.org)">Cavalera Conspiracy</a>. They even had to fallback to popular <a href="https://web.archive.org/web/20120213114918/http://www.sepultura.com/" title="SEPULTURA.COM (archive.org)">Sepultura</a> songs (<a href="http://www.youtube.com/watch?v=6ODNxy3YOPU" title="Sepultura - Refuse/Resist">Refuse/Resist</a>, <a href="http://www.youtube.com/watch?v=F_6IjeprfEs" title="Sepultura - Roots Bloody Roots">Roots Bloody Roots</a>) in order to get the crowd moving. On the other hand it was lucky for me, so I got to see a live concert of Sepultura (performed by the founders of Sepultura!), something I didn't think I would ever see after Max Cavalera had left the band.<br>
  5560. Unfortunately the last train back was before the end of the festival and so I did miss <a href="https://web.archive.org/web/20120131113223/http://www.thisisnero.com/" title="This Is Nero (archive.org)">Nero</a>.</p>
  5561.  
  5562. <p>
  5563. <img src="https://blog.x-way.org/images/bigdayout_pineapple_drink.jpg" alt="Big Day Out branded Pineapple Drink" height="512" width="384">
  5564. <img src="https://blog.x-way.org/images/bigdayout_mainstages.jpg" alt="Big Day Out Sydney Olympic Park Mainstages" height="384" width="512">
  5565. <img src="https://blog.x-way.org/images/bigdayout_ferris_wheel.jpg" alt="Big Day Out Ferris Wheel inside the 'Boiler Room' hall" height="512" width="384">
  5566. <img src="https://blog.x-way.org/images/bigdayout_misskittin.jpg" alt="Miss Kittin @ Big Day Out" height="384" width="512">
  5567. <img src="https://blog.x-way.org/images/bigdayout_happybeer.jpg" alt="Happy Beer @ Big Day Out" height="512" width="384">
  5568. <img src="https://blog.x-way.org/images/bigdayout_regurgitator.jpg" alt="Regurgitator @ Big Day Out" height="384" width="512">
  5569. <img src="https://blog.x-way.org/images/bigdayout_cavalera_conspiracy.jpg" alt="Cavalera Conspiracy @ Big Day Out" height="512" width="384">
  5570. </p>
  5571. ]]></content:encoded>
  5572.  </item>
  5573.  
  5574.  <item>
  5575.    <title>Keren Ann</title>
  5576.    <link>https://blog.x-way.org/Music/2012/01/15/Keren-Ann.html</link>
  5577.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324182</guid>
  5578.    <dc:creator>Andreas Jaggi</dc:creator>
  5579.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5580.    <pubDate>Sun, 15 Jan 2012 12:52:00 +0100</pubDate>
  5581.    <category domain="https://blog.x-way.org/Music">Music</category>
  5582.    <description><![CDATA[<p>Listening to <a href="http://www.kerenann.com/" title="Keren Ann">Keren Ann</a> is just perfect when you have to work on a rainy Sunday.<br>Thank you <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop</a> for showing me her music.</p>
  5583. <p><a href="https://youtu.be/R-0Qx8HwlW4" title="Keren Ann - My name is trouble - YouTube">Keren Ann - My name is trouble</a></p>
  5584. ]]></description>
  5585.    <content:encoded><![CDATA[<p>Listening to <a href="http://www.kerenann.com/" title="Keren Ann">Keren Ann</a> is just perfect when you have to work on a rainy Sunday.<br>Thank you <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop</a> for showing me her music.</p>
  5586. <p><a href="https://youtu.be/R-0Qx8HwlW4" title="Keren Ann - My name is trouble - YouTube">Keren Ann - My name is trouble</a></p>
  5587. ]]></content:encoded>
  5588.  </item>
  5589.  
  5590.  <item>
  5591.    <title>Sydney</title>
  5592.    <link>https://blog.x-way.org/Misc/2012/01/07/Sydney.html</link>
  5593.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324181</guid>
  5594.    <dc:creator>Andreas Jaggi</dc:creator>
  5595.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5596.    <pubDate>Sat, 07 Jan 2012 12:33:00 +0100</pubDate>
  5597.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  5598.    <description><![CDATA[<p>Yesterday after work we had some beers at <a href="http://www.thelocal.com.au/" title="The Local Taphouse">The Local Taphouse</a> (including some fine porter from <a href="http://www.brewdog.com/" title="BrewDog | Scottish Craft Beer">BrewDog</a> to increase my shareholder value) and then we went on to go out in some clubs, <em>in shorts and flip-flops</em>.<br>Astonishingly we had no problems getting inside, anywhere else in the world this would not be possible!</p>
  5599. <p>This morning then up again for some early surfing at Bondi before all the tourists arrive.<br>And now chilling in my <a href="http://www.kammok.com/" title="Kammok">Kammok</a> under the trees in the frontyard :-)</p>
  5600. <p><img src="https://blog.x-way.org/images/frontyard_kammok.jpeg" alt="Frontyard Kammok" height="360" width="480"></p>
  5601. ]]></description>
  5602.    <content:encoded><![CDATA[<p>Yesterday after work we had some beers at <a href="http://www.thelocal.com.au/" title="The Local Taphouse">The Local Taphouse</a> (including some fine porter from <a href="http://www.brewdog.com/" title="BrewDog | Scottish Craft Beer">BrewDog</a> to increase my shareholder value) and then we went on to go out in some clubs, <em>in shorts and flip-flops</em>.<br>Astonishingly we had no problems getting inside, anywhere else in the world this would not be possible!</p>
  5603. <p>This morning then up again for some early surfing at Bondi before all the tourists arrive.<br>And now chilling in my <a href="http://www.kammok.com/" title="Kammok">Kammok</a> under the trees in the frontyard :-)</p>
  5604. <p><img src="https://blog.x-way.org/images/frontyard_kammok.jpeg" alt="Frontyard Kammok" height="360" width="480"></p>
  5605. ]]></content:encoded>
  5606.  </item>
  5607.  
  5608.  <item>
  5609.    <title>Packing</title>
  5610.    <link>https://blog.x-way.org/Misc/2011/12/24/Packing.html</link>
  5611.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324180</guid>
  5612.    <dc:creator>Andreas Jaggi</dc:creator>
  5613.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5614.    <pubDate>Sat, 24 Dec 2011 11:49:00 +0100</pubDate>
  5615.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  5616.    <description><![CDATA[<p>This morning I started to prepare the bagagges for my trip to <a href="http://events.ccc.de/congress/2011/" title="28th Chaos Computing Congress">28C3</a> and for the two months in Sydney.<br>
  5617. While stowing away all my stuff in boxes so I can sublet my room I found old boxes with stuff, which I did stow away over a year ago when I went to Sydney the last time and I've never even thought about since!</p>
  5618. <p>As I did not have time to open them today I don't even know what is in those boxes. Probably I should just throw them away when I come back from Sydney, there can't be anything important in there :-)</p>
  5619. ]]></description>
  5620.    <content:encoded><![CDATA[<p>This morning I started to prepare the bagagges for my trip to <a href="http://events.ccc.de/congress/2011/" title="28th Chaos Computing Congress">28C3</a> and for the two months in Sydney.<br>
  5621. While stowing away all my stuff in boxes so I can sublet my room I found old boxes with stuff, which I did stow away over a year ago when I went to Sydney the last time and I've never even thought about since!</p>
  5622. <p>As I did not have time to open them today I don't even know what is in those boxes. Probably I should just throw them away when I come back from Sydney, there can't be anything important in there :-)</p>
  5623. ]]></content:encoded>
  5624.  </item>
  5625.  
  5626.  <item>
  5627.    <title>Open Systems</title>
  5628.    <link>https://blog.x-way.org/Badges/2011/12/24/Open-Systems.html</link>
  5629.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324179</guid>
  5630.    <dc:creator>Andreas Jaggi</dc:creator>
  5631.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5632.    <pubDate>Sat, 24 Dec 2011 08:31:00 +0100</pubDate>
  5633.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5634.    <description><![CDATA[<p>Let's finish the badge advent calendar like it started - with a tech conference badge. Enjoy my <a href="http://www.open.ch/" title="Open Systems AG">Open Systems</a> nametag:</p>
  5635. <p><img src="https://blog.x-way.org/images/badges/opensystems.jpeg" alt="Open Systems Nametag" height="62" width="203"></p>
  5636. ]]></description>
  5637.    <content:encoded><![CDATA[<p>Let's finish the badge advent calendar like it started - with a tech conference badge. Enjoy my <a href="http://www.open.ch/" title="Open Systems AG">Open Systems</a> nametag:</p>
  5638. <p><img src="https://blog.x-way.org/images/badges/opensystems.jpeg" alt="Open Systems Nametag" height="62" width="203"></p>
  5639. ]]></content:encoded>
  5640.  </item>
  5641.  
  5642.  <item>
  5643.    <title>Soiree BAM</title>
  5644.    <link>https://blog.x-way.org/Badges/2011/12/23/Soiree-BAM.html</link>
  5645.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324178</guid>
  5646.    <dc:creator>Andreas Jaggi</dc:creator>
  5647.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5648.    <pubDate>Fri, 23 Dec 2011 08:43:00 +0100</pubDate>
  5649.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5650.    <description><![CDATA[<p>One of the rare concert evenings at Satellite where even the technicians had to have an additional badge (but nevertheless this is another one of a kind memory): <a href="http://sat.epfl.ch/photos/album.php?cat=4&amp;season=0&amp;album=1" title="Soiree BAM 2005 Satellite">Soiree BAM 2005</a></p>
  5651. <p><img src="https://blog.x-way.org/images/badges/Soiree_BAM_2005.jpeg" alt="Soiree BAM" height="145" width="179"></p>
  5652. ]]></description>
  5653.    <content:encoded><![CDATA[<p>One of the rare concert evenings at Satellite where even the technicians had to have an additional badge (but nevertheless this is another one of a kind memory): <a href="http://sat.epfl.ch/photos/album.php?cat=4&amp;season=0&amp;album=1" title="Soiree BAM 2005 Satellite">Soiree BAM 2005</a></p>
  5654. <p><img src="https://blog.x-way.org/images/badges/Soiree_BAM_2005.jpeg" alt="Soiree BAM" height="145" width="179"></p>
  5655. ]]></content:encoded>
  5656.  </item>
  5657.  
  5658.  <item>
  5659.    <title>Balelec 2005</title>
  5660.    <link>https://blog.x-way.org/Badges/2011/12/22/Balelec-2005.html</link>
  5661.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324177</guid>
  5662.    <dc:creator>Andreas Jaggi</dc:creator>
  5663.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5664.    <pubDate>Thu, 22 Dec 2011 06:56:00 +0100</pubDate>
  5665.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5666.    <description><![CDATA[<p>There we go, the first year I participated as staff: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2005</a></p>
  5667. <p><img src="https://blog.x-way.org/images/badges/Balelec_2005.jpeg" alt="Balelec 2005" height="271" width="189"></p>
  5668. ]]></description>
  5669.    <content:encoded><![CDATA[<p>There we go, the first year I participated as staff: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2005</a></p>
  5670. <p><img src="https://blog.x-way.org/images/badges/Balelec_2005.jpeg" alt="Balelec 2005" height="271" width="189"></p>
  5671. ]]></content:encoded>
  5672.  </item>
  5673.  
  5674.  <item>
  5675.    <title>Balelec 2006</title>
  5676.    <link>https://blog.x-way.org/Badges/2011/12/21/Balelec-2006.html</link>
  5677.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324176</guid>
  5678.    <dc:creator>Andreas Jaggi</dc:creator>
  5679.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5680.    <pubDate>Wed, 21 Dec 2011 08:11:00 +0100</pubDate>
  5681.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5682.    <description><![CDATA[<p>Luckily this one took place very year (for more than 30 years now!): <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2006</a></p>
  5683. <p><img src="https://blog.x-way.org/images/badges/Balelec_2006.jpeg" alt="Balelec 2006" height="270" width="189"></p>
  5684. ]]></description>
  5685.    <content:encoded><![CDATA[<p>Luckily this one took place very year (for more than 30 years now!): <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2006</a></p>
  5686. <p><img src="https://blog.x-way.org/images/badges/Balelec_2006.jpeg" alt="Balelec 2006" height="270" width="189"></p>
  5687. ]]></content:encoded>
  5688.  </item>
  5689.  
  5690.  <item>
  5691.    <title>Closedair 2006</title>
  5692.    <link>https://blog.x-way.org/Badges/2011/12/20/Closedair-2006.html</link>
  5693.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324175</guid>
  5694.    <dc:creator>Andreas Jaggi</dc:creator>
  5695.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5696.    <pubDate>Tue, 20 Dec 2011 10:23:00 +0100</pubDate>
  5697.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5698.    <description><![CDATA[<p>Yet another great event which no longer exists: ClosedAir 2006</p>
  5699. <p><img src="https://blog.x-way.org/images/badges/Closedair_2006.jpeg" alt="Closedair 2006" height="155" width="242"></p>
  5700. ]]></description>
  5701.    <content:encoded><![CDATA[<p>Yet another great event which no longer exists: ClosedAir 2006</p>
  5702. <p><img src="https://blog.x-way.org/images/badges/Closedair_2006.jpeg" alt="Closedair 2006" height="155" width="242"></p>
  5703. ]]></content:encoded>
  5704.  </item>
  5705.  
  5706.  <item>
  5707.    <title>LinuxWorld 2007</title>
  5708.    <link>https://blog.x-way.org/Badges/2011/12/19/LinuxWorld-2007.html</link>
  5709.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324174</guid>
  5710.    <dc:creator>Andreas Jaggi</dc:creator>
  5711.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5712.    <pubDate>Mon, 19 Dec 2011 08:35:00 +0100</pubDate>
  5713.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5714.    <description><![CDATA[<p>Let's start the last week of this badge advent calendar with another tech conference badge (looks like the conference no longer exists, thus no link to any website): San Francisco LinuxWorld 2007</p>
  5715. <p><img src="https://blog.x-way.org/images/badges/Linuxworld_2007.jpeg" alt="LinuxWorld 2007" height="158" width="247"></p>
  5716. ]]></description>
  5717.    <content:encoded><![CDATA[<p>Let's start the last week of this badge advent calendar with another tech conference badge (looks like the conference no longer exists, thus no link to any website): San Francisco LinuxWorld 2007</p>
  5718. <p><img src="https://blog.x-way.org/images/badges/Linuxworld_2007.jpeg" alt="LinuxWorld 2007" height="158" width="247"></p>
  5719. ]]></content:encoded>
  5720.  </item>
  5721.  
  5722.  <item>
  5723.    <title>Artiphys 2008</title>
  5724.    <link>https://blog.x-way.org/Badges/2011/12/18/Artiphys-2008.html</link>
  5725.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324173</guid>
  5726.    <dc:creator>Andreas Jaggi</dc:creator>
  5727.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5728.    <pubDate>Sun, 18 Dec 2011 12:46:00 +0100</pubDate>
  5729.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5730.    <description><![CDATA[<p>And there the other student music festival which managed to provide badges: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2008</a></p>
  5731. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2008.jpeg" alt="Artiphys 2008" height="189" width="269"></p>
  5732. ]]></description>
  5733.    <content:encoded><![CDATA[<p>And there the other student music festival which managed to provide badges: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2008</a></p>
  5734. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2008.jpeg" alt="Artiphys 2008" height="189" width="269"></p>
  5735. ]]></content:encoded>
  5736.  </item>
  5737.  
  5738.  <item>
  5739.    <title>check_disk_usage.sh</title>
  5740.    <link>https://blog.x-way.org/Linux/2011/12/17/check_disk_usage_sh.html</link>
  5741.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324172</guid>
  5742.    <dc:creator>Andreas Jaggi</dc:creator>
  5743.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5744.    <pubDate>Sat, 17 Dec 2011 17:09:00 +0100</pubDate>
  5745.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  5746.    <description><![CDATA[<p>Quick and dirty way to get an alert before your server starts to go crazy because of a full disk.</p>
  5747.  
  5748. <p>This script checks if a disk is more than 75% full.</p>
  5749.  
  5750. <pre>#!/bin/bash
  5751.  
  5752. df -h | awk '/%/ {
  5753.        limit = 75
  5754.        percent = sprintf("%d",$5)
  5755.        if ( percent > limit ) {
  5756.                print "Warning: ",$6," (",$1,") is to ",percent,"% full:"
  5757.                print $0
  5758.        }
  5759. }'</pre>
  5760.  
  5761. <p>Save it under /root/check_disk_usage.sh and create the following crontab entry to check the disk usage every day at half past midnight.</p>
  5762.  
  5763. <pre>30  0  *   *   *     /root/check_disk_usage.sh</pre>
  5764.  
  5765. <p>Assuming your host has configured an MTA and defined a recipient for root@&lt;yourhost&gt;, you should get an e-mail whenever a disk is more than 75% full.</p>
  5766. ]]></description>
  5767.    <content:encoded><![CDATA[<p>Quick and dirty way to get an alert before your server starts to go crazy because of a full disk.</p>
  5768.  
  5769. <p>This script checks if a disk is more than 75% full.</p>
  5770.  
  5771. <pre>#!/bin/bash
  5772.  
  5773. df -h | awk '/%/ {
  5774.        limit = 75
  5775.        percent = sprintf("%d",$5)
  5776.        if ( percent > limit ) {
  5777.                print "Warning: ",$6," (",$1,") is to ",percent,"% full:"
  5778.                print $0
  5779.        }
  5780. }'</pre>
  5781.  
  5782. <p>Save it under /root/check_disk_usage.sh and create the following crontab entry to check the disk usage every day at half past midnight.</p>
  5783.  
  5784. <pre>30  0  *   *   *     /root/check_disk_usage.sh</pre>
  5785.  
  5786. <p>Assuming your host has configured an MTA and defined a recipient for root@&lt;yourhost&gt;, you should get an e-mail whenever a disk is more than 75% full.</p>
  5787. ]]></content:encoded>
  5788.  </item>
  5789.  
  5790.  <item>
  5791.    <title>Balelec 2008</title>
  5792.    <link>https://blog.x-way.org/Badges/2011/12/17/Balelec-2008.html</link>
  5793.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324171</guid>
  5794.    <dc:creator>Andreas Jaggi</dc:creator>
  5795.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5796.    <pubDate>Sat, 17 Dec 2011 10:10:00 +0100</pubDate>
  5797.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5798.    <description><![CDATA[<p>Now on to the badges of 2008, as every year: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2008</a></p>
  5799. <p><img src="https://blog.x-way.org/images/badges/Balelec_2008.jpeg" alt="Festival Balelec 2008" height="271" width="184"></p>
  5800. ]]></description>
  5801.    <content:encoded><![CDATA[<p>Now on to the badges of 2008, as every year: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2008</a></p>
  5802. <p><img src="https://blog.x-way.org/images/badges/Balelec_2008.jpeg" alt="Festival Balelec 2008" height="271" width="184"></p>
  5803. ]]></content:encoded>
  5804.  </item>
  5805.  
  5806.  <item>
  5807.    <title>iPhone PIN bruteforce</title>
  5808.    <link>https://blog.x-way.org/Misc/2011/12/16/iPhone-PIN-bruteforce.html</link>
  5809.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324170</guid>
  5810.    <dc:creator>Andreas Jaggi</dc:creator>
  5811.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5812.    <pubDate>Fri, 16 Dec 2011 08:20:00 +0100</pubDate>
  5813.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  5814.    <description><![CDATA[<p><a href="https://youtu.be/Tmgoussvo8A" title="c't: iPhone-Sperre nahezu nutzlos - YouTube">c't: iPhone-Sperre nahezu nutzlos</a></p>
  5815. <p>(via <a href="http://vowe.net/archives/012910.html" title="vowe dot net :: Eine vierstellige PIN ist zu schwach">vowe.net</a>)</p>
  5816. ]]></description>
  5817.    <content:encoded><![CDATA[<p><a href="https://youtu.be/Tmgoussvo8A" title="c't: iPhone-Sperre nahezu nutzlos - YouTube">c't: iPhone-Sperre nahezu nutzlos</a></p>
  5818. <p>(via <a href="http://vowe.net/archives/012910.html" title="vowe dot net :: Eine vierstellige PIN ist zu schwach">vowe.net</a>)</p>
  5819. ]]></content:encoded>
  5820.  </item>
  5821.  
  5822.  <item>
  5823.    <title>Caprices 2009</title>
  5824.    <link>https://blog.x-way.org/Badges/2011/12/16/Caprices-2009.html</link>
  5825.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324169</guid>
  5826.    <dc:creator>Andreas Jaggi</dc:creator>
  5827.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5828.    <pubDate>Fri, 16 Dec 2011 08:15:00 +0100</pubDate>
  5829.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5830.    <description><![CDATA[<p>The only time (for now) when I got to fly in a helicopter for a music festival was at: <a href="http://www.caprices.ch/" title="Caprices Festival">Caprices 2009</a></p>
  5831. <p><img src="https://blog.x-way.org/images/badges/Caprices_2009.jpeg" alt="Caprices 2009" height="156" width="244"></p>
  5832. ]]></description>
  5833.    <content:encoded><![CDATA[<p>The only time (for now) when I got to fly in a helicopter for a music festival was at: <a href="http://www.caprices.ch/" title="Caprices Festival">Caprices 2009</a></p>
  5834. <p><img src="https://blog.x-way.org/images/badges/Caprices_2009.jpeg" alt="Caprices 2009" height="156" width="244"></p>
  5835. ]]></content:encoded>
  5836.  </item>
  5837.  
  5838.  <item>
  5839.    <title>Balelec 2009</title>
  5840.    <link>https://blog.x-way.org/Badges/2011/12/15/Balelec-2009.html</link>
  5841.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324168</guid>
  5842.    <dc:creator>Andreas Jaggi</dc:creator>
  5843.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5844.    <pubDate>Thu, 15 Dec 2011 08:37:00 +0100</pubDate>
  5845.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5846.    <description><![CDATA[<p>And once more there is a badge from: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2009</a></p>
  5847. <p><img src="https://blog.x-way.org/images/badges/Balelec_2009.jpeg" alt="Festival Balelec 2009" height="271" width="184"></p>
  5848. ]]></description>
  5849.    <content:encoded><![CDATA[<p>And once more there is a badge from: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2009</a></p>
  5850. <p><img src="https://blog.x-way.org/images/badges/Balelec_2009.jpeg" alt="Festival Balelec 2009" height="271" width="184"></p>
  5851. ]]></content:encoded>
  5852.  </item>
  5853.  
  5854.  <item>
  5855.    <title>Festival de la terre 2009</title>
  5856.    <link>https://blog.x-way.org/Badges/2011/12/14/Festival-de-la-terre-2009.html</link>
  5857.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324167</guid>
  5858.    <dc:creator>Andreas Jaggi</dc:creator>
  5859.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5860.    <pubDate>Wed, 14 Dec 2011 12:44:00 +0100</pubDate>
  5861.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5862.    <description><![CDATA[<p>Here comes the largest badge in my collection: <a href="https://web.archive.org/web/20130515093104/http://www.festivaldelaterre.ch/" title="Festival de la terre (archive.org)">Festival de la terre 2009</a></p>
  5863. <p><img src="https://blog.x-way.org/images/badges/Festival_de_la_terre_2009.jpeg" alt="Festival de la terre 2009" height="418" width="300"></p>
  5864. ]]></description>
  5865.    <content:encoded><![CDATA[<p>Here comes the largest badge in my collection: <a href="https://web.archive.org/web/20130515093104/http://www.festivaldelaterre.ch/" title="Festival de la terre (archive.org)">Festival de la terre 2009</a></p>
  5866. <p><img src="https://blog.x-way.org/images/badges/Festival_de_la_terre_2009.jpeg" alt="Festival de la terre 2009" height="418" width="300"></p>
  5867. ]]></content:encoded>
  5868.  </item>
  5869.  
  5870.  <item>
  5871.    <title>Montreux Jazz 2009</title>
  5872.    <link>https://blog.x-way.org/Badges/2011/12/13/Montreux-Jazz-2009.html</link>
  5873.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324166</guid>
  5874.    <dc:creator>Andreas Jaggi</dc:creator>
  5875.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5876.    <pubDate>Tue, 13 Dec 2011 07:44:00 +0100</pubDate>
  5877.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5878.    <description><![CDATA[<p>Probably the most 'famous' badge in my collection: <a href="https://www.montreuxjazzfestival.com/" title="Montreux Jazz Festival">Montreux Jazz Festival 2009</a></p>
  5879. <p><img src="https://blog.x-way.org/images/badges/Montreux_Jazz_Festival_2009.jpeg" alt="Montreux Jazz 2009" height="407" width="274"></p>
  5880. ]]></description>
  5881.    <content:encoded><![CDATA[<p>Probably the most 'famous' badge in my collection: <a href="https://www.montreuxjazzfestival.com/" title="Montreux Jazz Festival">Montreux Jazz Festival 2009</a></p>
  5882. <p><img src="https://blog.x-way.org/images/badges/Montreux_Jazz_Festival_2009.jpeg" alt="Montreux Jazz 2009" height="407" width="274"></p>
  5883. ]]></content:encoded>
  5884.  </item>
  5885.  
  5886.  <item>
  5887.    <title>Metropop 2009</title>
  5888.    <link>https://blog.x-way.org/Badges/2011/12/12/Metropop-2009.html</link>
  5889.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324165</guid>
  5890.    <dc:creator>Andreas Jaggi</dc:creator>
  5891.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5892.    <pubDate>Mon, 12 Dec 2011 05:44:00 +0100</pubDate>
  5893.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  5894.    <description><![CDATA[<p>With the 2009 badges, I can almost fill another week. Let's start with: <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop Festival 2009</a></p>
  5895. <p><img src="https://blog.x-way.org/images/badges/Metropop_2009.jpeg" alt="Metropop 2009" height="238" width="171"></p>
  5896. ]]></description>
  5897.    <content:encoded><![CDATA[<p>With the 2009 badges, I can almost fill another week. Let's start with: <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop Festival 2009</a></p>
  5898. <p><img src="https://blog.x-way.org/images/badges/Metropop_2009.jpeg" alt="Metropop 2009" height="238" width="171"></p>
  5899. ]]></content:encoded>
  5900.  </item>
  5901.  
  5902.  <item>
  5903.    <title>(Mini) Bacon and Egg Cups</title>
  5904.    <link>https://blog.x-way.org/Food/2011/12/11/Mini-Bacon-and-Egg-Cups.html</link>
  5905.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324164</guid>
  5906.    <dc:creator>Andreas Jaggi</dc:creator>
  5907.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  5908.    <pubDate>Sun, 11 Dec 2011 18:55:00 +0100</pubDate>
  5909.    <category domain="https://blog.x-way.org/Food">Food</category>
  5910.    <description><![CDATA[<p>Last week I stumbled upon this delicious looking <a href="http://www.howto-simplify.com/2010/08/bacon-and-egg-cups.html" title="How To: Simplify: Bacon and Egg Cups">bacon and egg cups recipe</a> and thought that I should try it sometimes, which I did this morning.<br>
  5911. Since I don't have a real muffin tin I used a somewhat smaller cake tin, with the result that the handling was a bit more delicate and also my cups are more like 'mini' cups (which is not necessarily a bad thing because the bacon I bought was also smaller than expected and thus it matched perfectly).</p>
  5912.  
  5913. <p><img src="https://blog.x-way.org/images/bread_with_holes.jpeg" alt="Bread with holes" width="439" height="386"><br>This is the result of the first step in the recipe and all what is leftover once I was finished. Not very useful for putting jam on it anymore, but perfect to stir the next cheese fondue :-)</p>
  5914.  
  5915. <p>
  5916. Ingredients:
  5917. </p>
  5918. <ul>
  5919. <li>1 slice of bread per muffin cup (1 slice per 4 cups for the 'mini' version)</li>
  5920. <li>2 slices of bacon per muffing cup (use small slices for the 'mini' version)</li>
  5921. <li>1 egg per muffin cup (same for the 'mini' version)</li>
  5922. <li>1 tablespoon shredded cheddar cheese per muffin cup (optional, I used some parmesan instead)</li>
  5923. <li>salt and pepper to taste</li>
  5924. </ul>
  5925.  
  5926. <p>
  5927. Directions:
  5928. </p>
  5929. <ol>
  5930. <li>Preheat oven to 375 degrees.<br>(that's 190 degrees celsius)</li>
  5931. <li>Use a cookie cutter to cut circles out of each piece of bread.</li>
  5932. <li>Grease a muffin tin and press circles of bread in the muffin cups. Place in the oven and bake for 5 minutes or until bread is slightly toasted. Remove from oven.<br>(be careful when doing the 'mini' version, your bread will be toasted in well under 5 minutes)</li>
  5933. <li>Cook bacon in a skillet until halfway cooked (approximately 3-4 minutes).<br>(here again: when using small bacon slices they will be ready in less than a minute, be careful to not make them too crispy otherwise they will be hard to fit into the cups)</li>
  5934. <li>Place 2 slices of bacon on top of the pieces of bread to form a cup (the bacon should cover the bread and the sides of each cup).</li>
  5935. <li>Crack an egg into each muffin cup (on top of the bacon). It helps to discard a little bit of the egg white after cracking and before pouring into the muffin cup.<br>(for the 'mini' version keep the surplus egg white in a bowl and use it to make some 'only-white' cups, one egg gives enough surplus egg white for another cup)</li>
  5936. <li>Place in the oven and bake for 18-20 minutes or until the eggs are set.<br>(for the 'mini' version use 8-10 minutes, I almost burned mine!)</li>
  5937. <li>Sprinkle cheddar cheese over each egg and continue to bake until cheese is melted (this step is optional).</li>
  5938. <li>Season with salt and pepper to taste and serve.</li>
  5939. </ol>
  5940. <p>
  5941. Enjoy!
  5942. </p>
  5943. <p>
  5944. <img src="https://blog.x-way.org/images/bacon_and_egg_cups.jpeg" alt="bacon and egg cups" width="429" height="518">
  5945. </p>
  5946.  
  5947. <p>
  5948. <img src="https://blog.x-way.org/images/bacon_and_egg_cups_side.jpeg" alt="bacon and egg cups sideview" width="440" height="269">
  5949. </p>
  5950. <p>The advantage of my 'mini' version is that you will end up having plenty of little bacon and egg cups, yummy :-)</p>
  5951. <p>
  5952. <img src="https://blog.x-way.org/images/plenty_bacon_and_egg_cups.jpeg" alt="plate full of bacon and egg cups" width="440" height="429">
  5953. </p>
  5954. ]]></description>
  5955.    <content:encoded><![CDATA[<p>Last week I stumbled upon this delicious looking <a href="http://www.howto-simplify.com/2010/08/bacon-and-egg-cups.html" title="How To: Simplify: Bacon and Egg Cups">bacon and egg cups recipe</a> and thought that I should try it sometimes, which I did this morning.<br>
  5956. Since I don't have a real muffin tin I used a somewhat smaller cake tin, with the result that the handling was a bit more delicate and also my cups are more like 'mini' cups (which is not necessarily a bad thing because the bacon I bought was also smaller than expected and thus it matched perfectly).</p>
  5957.  
  5958. <p><img src="https://blog.x-way.org/images/bread_with_holes.jpeg" alt="Bread with holes" width="439" height="386"><br>This is the result of the first step in the recipe and all what is leftover once I was finished. Not very useful for putting jam on it anymore, but perfect to stir the next cheese fondue :-)</p>
  5959.  
  5960. <p>
  5961. Ingredients:
  5962. </p>
  5963. <ul>
  5964. <li>1 slice of bread per muffin cup (1 slice per 4 cups for the 'mini' version)</li>
  5965. <li>2 slices of bacon per muffing cup (use small slices for the 'mini' version)</li>
  5966. <li>1 egg per muffin cup (same for the 'mini' version)</li>
  5967. <li>1 tablespoon shredded cheddar cheese per muffin cup (optional, I used some parmesan instead)</li>
  5968. <li>salt and pepper to taste</li>
  5969. </ul>
  5970.  
  5971. <p>
  5972. Directions:
  5973. </p>
  5974. <ol>
  5975. <li>Preheat oven to 375 degrees.<br>(that's 190 degrees celsius)</li>
  5976. <li>Use a cookie cutter to cut circles out of each piece of bread.</li>
  5977. <li>Grease a muffin tin and press circles of bread in the muffin cups. Place in the oven and bake for 5 minutes or until bread is slightly toasted. Remove from oven.<br>(be careful when doing the 'mini' version, your bread will be toasted in well under 5 minutes)</li>
  5978. <li>Cook bacon in a skillet until halfway cooked (approximately 3-4 minutes).<br>(here again: when using small bacon slices they will be ready in less than a minute, be careful to not make them too crispy otherwise they will be hard to fit into the cups)</li>
  5979. <li>Place 2 slices of bacon on top of the pieces of bread to form a cup (the bacon should cover the bread and the sides of each cup).</li>
  5980. <li>Crack an egg into each muffin cup (on top of the bacon). It helps to discard a little bit of the egg white after cracking and before pouring into the muffin cup.<br>(for the 'mini' version keep the surplus egg white in a bowl and use it to make some 'only-white' cups, one egg gives enough surplus egg white for another cup)</li>
  5981. <li>Place in the oven and bake for 18-20 minutes or until the eggs are set.<br>(for the 'mini' version use 8-10 minutes, I almost burned mine!)</li>
  5982. <li>Sprinkle cheddar cheese over each egg and continue to bake until cheese is melted (this step is optional).</li>
  5983. <li>Season with salt and pepper to taste and serve.</li>
  5984. </ol>
  5985. <p>
  5986. Enjoy!
  5987. </p>
  5988. <p>
  5989. <img src="https://blog.x-way.org/images/bacon_and_egg_cups.jpeg" alt="bacon and egg cups" width="429" height="518">
  5990. </p>
  5991.  
  5992. <p>
  5993. <img src="https://blog.x-way.org/images/bacon_and_egg_cups_side.jpeg" alt="bacon and egg cups sideview" width="440" height="269">
  5994. </p>
  5995. <p>The advantage of my 'mini' version is that you will end up having plenty of little bacon and egg cups, yummy :-)</p>
  5996. <p>
  5997. <img src="https://blog.x-way.org/images/plenty_bacon_and_egg_cups.jpeg" alt="plate full of bacon and egg cups" width="440" height="429">
  5998. </p>
  5999. ]]></content:encoded>
  6000.  </item>
  6001.  
  6002.  <item>
  6003.    <title>Caprices 2010</title>
  6004.    <link>https://blog.x-way.org/Badges/2011/12/11/Caprices-2010.html</link>
  6005.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324163</guid>
  6006.    <dc:creator>Andreas Jaggi</dc:creator>
  6007.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6008.    <pubDate>Sun, 11 Dec 2011 11:35:00 +0100</pubDate>
  6009.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6010.    <description><![CDATA[<p>Right at the beginning of spring, in the beautiful mountains of <a href="http://www.crans-montana.ch/" title="Crans-Montana">Crans-Montana</a>, there is: <a href="http://www.caprices.ch/" title="Caprices Festival">Caprices 2010</a></p>
  6011. <p><img src="https://blog.x-way.org/images/badges/Caprices_2010.jpeg" alt="Caprices 2010" height="155" width="242"></p>
  6012. ]]></description>
  6013.    <content:encoded><![CDATA[<p>Right at the beginning of spring, in the beautiful mountains of <a href="http://www.crans-montana.ch/" title="Crans-Montana">Crans-Montana</a>, there is: <a href="http://www.caprices.ch/" title="Caprices Festival">Caprices 2010</a></p>
  6014. <p><img src="https://blog.x-way.org/images/badges/Caprices_2010.jpeg" alt="Caprices 2010" height="155" width="242"></p>
  6015. ]]></content:encoded>
  6016.  </item>
  6017.  
  6018.  <item>
  6019.    <title>Artiphys 2010</title>
  6020.    <link>https://blog.x-way.org/Badges/2011/12/10/Artiphys-2010.html</link>
  6021.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324162</guid>
  6022.    <dc:creator>Andreas Jaggi</dc:creator>
  6023.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6024.    <pubDate>Sat, 10 Dec 2011 09:36:00 +0100</pubDate>
  6025.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6026.    <description><![CDATA[<p>Also this one took place in 2010: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2010</a></p>
  6027. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2010.jpeg" alt="Artiphys 2010" height="279" width="354"></p>
  6028. ]]></description>
  6029.    <content:encoded><![CDATA[<p>Also this one took place in 2010: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2010</a></p>
  6030. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2010.jpeg" alt="Artiphys 2010" height="279" width="354"></p>
  6031. ]]></content:encoded>
  6032.  </item>
  6033.  
  6034.  <item>
  6035.    <title>Balelec 2010</title>
  6036.    <link>https://blog.x-way.org/Badges/2011/12/09/Balelec-2010.html</link>
  6037.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324161</guid>
  6038.    <dc:creator>Andreas Jaggi</dc:creator>
  6039.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6040.    <pubDate>Fri, 09 Dec 2011 00:37:00 +0100</pubDate>
  6041.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6042.    <description><![CDATA[<p>Like almost every year, there is a badge from: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2010</a></p>
  6043. <p><img src="https://blog.x-way.org/images/badges/Balelec_2010.jpeg" alt="Festival Balelec 2010" height="270" width="189"></p>
  6044. ]]></description>
  6045.    <content:encoded><![CDATA[<p>Like almost every year, there is a badge from: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2010</a></p>
  6046. <p><img src="https://blog.x-way.org/images/badges/Balelec_2010.jpeg" alt="Festival Balelec 2010" height="270" width="189"></p>
  6047. ]]></content:encoded>
  6048.  </item>
  6049.  
  6050.  <item>
  6051.    <title>Metropop 2010</title>
  6052.    <link>https://blog.x-way.org/Badges/2011/12/08/Metropop-2010.html</link>
  6053.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324160</guid>
  6054.    <dc:creator>Andreas Jaggi</dc:creator>
  6055.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6056.    <pubDate>Thu, 08 Dec 2011 07:44:00 +0100</pubDate>
  6057.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6058.    <description><![CDATA[<p>Looks like most of the 2011 badges are done. Now on to the 2010 ones, starting with: <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop Festival 2010</a></p>
  6059. <p><img src="https://blog.x-way.org/images/badges/Metropop_2010.jpeg" alt="Metropop 2010" height="246" width="151"></p>
  6060. ]]></description>
  6061.    <content:encoded><![CDATA[<p>Looks like most of the 2011 badges are done. Now on to the 2010 ones, starting with: <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop Festival 2010</a></p>
  6062. <p><img src="https://blog.x-way.org/images/badges/Metropop_2010.jpeg" alt="Metropop 2010" height="246" width="151"></p>
  6063. ]]></content:encoded>
  6064.  </item>
  6065.  
  6066.  <item>
  6067.    <title>Caprices 2011</title>
  6068.    <link>https://blog.x-way.org/Badges/2011/12/07/Caprices-2011.html</link>
  6069.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324159</guid>
  6070.    <dc:creator>Andreas Jaggi</dc:creator>
  6071.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6072.    <pubDate>Wed, 07 Dec 2011 14:15:00 +0100</pubDate>
  6073.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6074.    <description><![CDATA[<p>And there comes the next music festival: <a href="http://www.caprices.ch/" title="Caprices Festival">Caprices 2011</a></p>
  6075. <p><img src="https://blog.x-way.org/images/badges/Caprices_2011.jpeg" alt="Caprices 2011" height="150" width="240"></p>
  6076. ]]></description>
  6077.    <content:encoded><![CDATA[<p>And there comes the next music festival: <a href="http://www.caprices.ch/" title="Caprices Festival">Caprices 2011</a></p>
  6078. <p><img src="https://blog.x-way.org/images/badges/Caprices_2011.jpeg" alt="Caprices 2011" height="150" width="240"></p>
  6079. ]]></content:encoded>
  6080.  </item>
  6081.  
  6082.  <item>
  6083.    <title>Artiphys 2011</title>
  6084.    <link>https://blog.x-way.org/Badges/2011/12/06/Artiphys-2011.html</link>
  6085.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324158</guid>
  6086.    <dc:creator>Andreas Jaggi</dc:creator>
  6087.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6088.    <pubDate>Tue, 06 Dec 2011 07:45:00 +0100</pubDate>
  6089.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6090.    <description><![CDATA[<p>Another student music festival from <a href="http://www.epfl.ch/" title="EPFL">EPFL</a>: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2011</a></p>
  6091. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2011.jpeg" alt="Artiphys 2011" height="314" width="213"></p>
  6092. ]]></description>
  6093.    <content:encoded><![CDATA[<p>Another student music festival from <a href="http://www.epfl.ch/" title="EPFL">EPFL</a>: <a href="http://www.artiphys.ch/" title="Festival Artiphys">Artiphys 2011</a></p>
  6094. <p><img src="https://blog.x-way.org/images/badges/Artiphys_2011.jpeg" alt="Artiphys 2011" height="314" width="213"></p>
  6095. ]]></content:encoded>
  6096.  </item>
  6097.  
  6098.  <item>
  6099.    <title>Sat Rocks IV</title>
  6100.    <link>https://blog.x-way.org/Badges/2011/12/05/Sat-Rocks-IV.html</link>
  6101.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324157</guid>
  6102.    <dc:creator>Andreas Jaggi</dc:creator>
  6103.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6104.    <pubDate>Mon, 05 Dec 2011 05:20:00 +0100</pubDate>
  6105.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6106.    <description><![CDATA[<p>Again a badge from a music festival: <a href="http://satrocks.epfl.ch/" title="Sat Rocks, le festival de Satellite">Sat Rocks IV</a></p>
  6107. <p><img src="https://blog.x-way.org/images/badges/Satrocks_2011.jpeg" alt="Sat Rocks IV, c'est chouette" height="287" width="199"></p>
  6108. ]]></description>
  6109.    <content:encoded><![CDATA[<p>Again a badge from a music festival: <a href="http://satrocks.epfl.ch/" title="Sat Rocks, le festival de Satellite">Sat Rocks IV</a></p>
  6110. <p><img src="https://blog.x-way.org/images/badges/Satrocks_2011.jpeg" alt="Sat Rocks IV, c'est chouette" height="287" width="199"></p>
  6111. ]]></content:encoded>
  6112.  </item>
  6113.  
  6114.  <item>
  6115.    <title>MoleKul'Air</title>
  6116.    <link>https://blog.x-way.org/Badges/2011/12/04/MoleKulAir.html</link>
  6117.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324156</guid>
  6118.    <dc:creator>Andreas Jaggi</dc:creator>
  6119.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6120.    <pubDate>Sun, 04 Dec 2011 12:55:00 +0100</pubDate>
  6121.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6122.    <description><![CDATA[<p>The next badge is from a concert (or rather a series of three concerts): <a href="https://web.archive.org/web/20130823050631/http://www.molekulair.ch/" title="MoleKul'Air (archive.org)">MoleKul'Air</a></p>
  6123. <p><img src="https://blog.x-way.org/images/badges/MoleKulAir_2011.jpeg" alt="MoleKul'Air 2011" height="248" width="156"></p>
  6124. ]]></description>
  6125.    <content:encoded><![CDATA[<p>The next badge is from a concert (or rather a series of three concerts): <a href="https://web.archive.org/web/20130823050631/http://www.molekulair.ch/" title="MoleKul'Air (archive.org)">MoleKul'Air</a></p>
  6126. <p><img src="https://blog.x-way.org/images/badges/MoleKulAir_2011.jpeg" alt="MoleKul'Air 2011" height="248" width="156"></p>
  6127. ]]></content:encoded>
  6128.  </item>
  6129.  
  6130.  <item>
  6131.    <title>Balelec 2011</title>
  6132.    <link>https://blog.x-way.org/Badges/2011/12/03/Balelec-2011.html</link>
  6133.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324155</guid>
  6134.    <dc:creator>Andreas Jaggi</dc:creator>
  6135.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6136.    <pubDate>Sat, 03 Dec 2011 12:55:00 +0100</pubDate>
  6137.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6138.    <description><![CDATA[<p>Another badge from a music festival: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2011</a></p>
  6139. <p><img src="https://blog.x-way.org/images/badges/Balelec_2011.jpeg" alt="Festival Balelec 2011" height="287" width="205"></p>
  6140. ]]></description>
  6141.    <content:encoded><![CDATA[<p>Another badge from a music festival: <a href="http://www.balelec.ch/" title="Festival Balelec EPFL">Festival Balelec 2011</a></p>
  6142. <p><img src="https://blog.x-way.org/images/badges/Balelec_2011.jpeg" alt="Festival Balelec 2011" height="287" width="205"></p>
  6143. ]]></content:encoded>
  6144.  </item>
  6145.  
  6146.  <item>
  6147.    <title>Metropop 2011</title>
  6148.    <link>https://blog.x-way.org/Badges/2011/12/02/Metropop-2011.html</link>
  6149.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324154</guid>
  6150.    <dc:creator>Andreas Jaggi</dc:creator>
  6151.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6152.    <pubDate>Fri, 02 Dec 2011 08:02:00 +0100</pubDate>
  6153.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6154.    <description><![CDATA[<p>Here comes the next badge. This time not from a tech conference but from a music festival: <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop Festival 2011</a></p>
  6155. <p><img src="https://blog.x-way.org/images/badges/Metropop_2011.jpeg" alt="Metropop Festival 2011" height="244" width="153"></p>
  6156. <p>For insiders, there is also a view of the <a href="https://blog.x-way.org/images/badges/Team_de_la_mort_2011.jpeg" title="Badge backside">backside</a> :-)</p>
  6157. ]]></description>
  6158.    <content:encoded><![CDATA[<p>Here comes the next badge. This time not from a tech conference but from a music festival: <a href="http://www.metropop.ch/" title="Metropop Festival Lausanne">Metropop Festival 2011</a></p>
  6159. <p><img src="https://blog.x-way.org/images/badges/Metropop_2011.jpeg" alt="Metropop Festival 2011" height="244" width="153"></p>
  6160. <p>For insiders, there is also a view of the <a href="https://blog.x-way.org/images/badges/Team_de_la_mort_2011.jpeg" title="Badge backside">backside</a> :-)</p>
  6161. ]]></content:encoded>
  6162.  </item>
  6163.  
  6164.  <item>
  6165.    <title>Badges</title>
  6166.    <link>https://blog.x-way.org/Badges/2011/12/01/Badges.html</link>
  6167.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324153</guid>
  6168.    <dc:creator>Andreas Jaggi</dc:creator>
  6169.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6170.    <pubDate>Thu, 01 Dec 2011 00:00:00 +0100</pubDate>
  6171.    <category domain="https://blog.x-way.org/Badges">Badges</category>
  6172.    <description><![CDATA[<p>When attending conferences you often receive a badge granting you access (which usually is not much more than a nametag with some logo).
  6173. Also when working at concerts and festivals you receive a badge identifiying you as staff. I regularly keep these as souvenirs which remind me of the amazing times passed at those events.</p>
  6174. <p>Over the time there are now a couple of badges hanging on my closet and I think it would be nice to be able to look through them on my laptop. Thus this new <a href="https://blog.x-way.org/Badges" title="Badges">Badges</a> category in the weblog.</p>
  6175. <p>My idea for now is to put a new badge online every day until Christmas like some form of an Advent calendar.</p>
  6176. <p>Here is the first one, it is from the <a href="http://www.swissipv6council.ch/en/events/business-konferenz-zurich-dezember" title="IPv6 Business Konferenz">IPv6 Business Konferenz</a>:<br>
  6177. <img src="https://blog.x-way.org/images/badges/IPv6_Konferenz_2011.jpeg" alt="IPv6 Konferenz 2011" height="161" width="247">
  6178. </p>
  6179. ]]></description>
  6180.    <content:encoded><![CDATA[<p>When attending conferences you often receive a badge granting you access (which usually is not much more than a nametag with some logo).
  6181. Also when working at concerts and festivals you receive a badge identifiying you as staff. I regularly keep these as souvenirs which remind me of the amazing times passed at those events.</p>
  6182. <p>Over the time there are now a couple of badges hanging on my closet and I think it would be nice to be able to look through them on my laptop. Thus this new <a href="https://blog.x-way.org/Badges" title="Badges">Badges</a> category in the weblog.</p>
  6183. <p>My idea for now is to put a new badge online every day until Christmas like some form of an Advent calendar.</p>
  6184. <p>Here is the first one, it is from the <a href="http://www.swissipv6council.ch/en/events/business-konferenz-zurich-dezember" title="IPv6 Business Konferenz">IPv6 Business Konferenz</a>:<br>
  6185. <img src="https://blog.x-way.org/images/badges/IPv6_Konferenz_2011.jpeg" alt="IPv6 Konferenz 2011" height="161" width="247">
  6186. </p>
  6187. ]]></content:encoded>
  6188.  </item>
  6189.  
  6190.  <item>
  6191.    <title>Online Again</title>
  6192.    <link>https://blog.x-way.org/Misc/2011/11/26/Online-Again.html</link>
  6193.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324152</guid>
  6194.    <dc:creator>Andreas Jaggi</dc:creator>
  6195.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6196.    <pubDate>Sat, 26 Nov 2011 15:47:00 +0100</pubDate>
  6197.    <category domain="https://blog.x-way.org/Misc">Misc</category>
  6198.    <description><![CDATA[<p>The database which previously powered this weblog vanished without a trace two years ago and people only got some PHP/XML error when surfing this site since then. Unfortunately the last backup of the database was more than four years old...</p>
  6199. <p>To restore the content of this weblog the Webarchive from <a href="http://www.archive.org/" title="Archive.org">Archive.org</a> was parsed with the help of some scripts in order to extract the missing posts. The resulting data was cross-checked with the last database backup and the generated static RSS feed files. <br>Then all the posts with their meta information were converted and stored in the appropriate format for the new system. Finally the layout was migrated to the new system and some glue files were created in order to provide backwards compatibility for the old link format.</p>
  6200. <p>After two months of restore/migration/polishing work the weblog is now online again, powered by <a href="http://github.com/mojombo/jekyll">jekyll</a> and currently hosted with <a href="http://pages.github.com">GitHub Pages</a>.</p>
  6201. ]]></description>
  6202.    <content:encoded><![CDATA[<p>The database which previously powered this weblog vanished without a trace two years ago and people only got some PHP/XML error when surfing this site since then. Unfortunately the last backup of the database was more than four years old...</p>
  6203. <p>To restore the content of this weblog the Webarchive from <a href="http://www.archive.org/" title="Archive.org">Archive.org</a> was parsed with the help of some scripts in order to extract the missing posts. The resulting data was cross-checked with the last database backup and the generated static RSS feed files. <br>Then all the posts with their meta information were converted and stored in the appropriate format for the new system. Finally the layout was migrated to the new system and some glue files were created in order to provide backwards compatibility for the old link format.</p>
  6204. <p>After two months of restore/migration/polishing work the weblog is now online again, powered by <a href="http://github.com/mojombo/jekyll">jekyll</a> and currently hosted with <a href="http://pages.github.com">GitHub Pages</a>.</p>
  6205. ]]></content:encoded>
  6206.  </item>
  6207.  
  6208.  <item>
  6209.    <title>Unfreeze messages in Exim queue</title>
  6210.    <link>https://blog.x-way.org/Linux/2009/07/28/Unfreeze-messages-in-Exim-queue.html</link>
  6211.    <guid isPermaLink="true">http://waterwave.ch/weblog/detail.php?id=324151</guid>
  6212.    <dc:creator>Andreas Jaggi</dc:creator>
  6213.    <creativeCommons:license>http://creativecommons.org/licenses/by-nd-nc/1.0/</creativeCommons:license>
  6214.    <pubDate>Tue, 28 Jul 2009 22:25:00 +0200</pubDate>
  6215.    <category domain="https://blog.x-way.org/Linux">Linux</category>
  6216.    <description><![CDATA[<p>To process all **frozen** messages in the Exim queue use this command:</p>
  6217.  
  6218. <pre>mailq | grep frozen | awk '{print $3}' | xargs exim -v -M</pre>
  6219. ]]></description>
  6220.    <content:encoded><![CDATA[<p>To process all **frozen** messages in the Exim queue use this command:</p>
  6221.  
  6222. <pre>mailq | grep frozen | awk '{print $3}' | xargs exim -v -M</pre>
  6223. ]]></content:encoded>
  6224.  </item>
  6225.  
  6226.  <item>