OpenVPN in a VPS instance

A few days ago, I saw a small job request for a script that would start OpenVPN on a GCP instance and connect to an external VPN service. The requester mentioned being able to SSH to the host and running a script on the host. The last part got me thinking about about how routing for OpenVPN might make less straightforward than it seems. It was. It seemed like a fun technical challenge so I took a crack at it. [Read More]

VMs in my home lab

TL;DR: Read the scripts here. There is a simple “if; this; then; that” at the bottom. It’s often I see some new bit of software I’d like to deploy in my home lab to test against my infrastructure. I’m not super keen on loading it on a machine I use for some other function, especially if I end up tossing the software. With this in mind, I started using Linux’s Kernel Virtual Machines (KVM) and Quick Emulator (Qmeu) to test things out. [Read More]

xmlrpc and bots

Some time ago, I was told I should give back to the Internet and post some technical musings. As one does, I grabbed some off the shelf software and set up Apache on a little tiny virtual server. Off we went. Some time later, I started getting alarms that the host was not responding or that one of the services had crashed. I’d fix the issue and some time later it would happen again. [Read More]

Entware snmpd

I’m setting up a router which as the option of using entware to extend the functionality. This is great, as I want to have snmpd running on the network device for monitoring and such. After setting up entware, I installed the snmpd package. opkg install snmpd Easy-peasy. Well…not really. No sample config or start scripts are included in the package. Not a huge deal. Just needed to bodge some in place. [Read More]

Blocking Web Ads

While wandering through the Interwebs, I happened across a interesting post on blocking your ads with Bind9 and an IP blacklist here. The instructions looked pretty simple, and, being a geektechnical professional, I had a Bind sever running at home. I gave it a go and thought nothing more of it. The next day I got a small start, when I saw a whole bunch of 404s on the web server running on that host. [Read More]

dirty python network graphite hacks

I’ve been pushing historical temperature data for Vancouver into a local graphite instance using python. While pushing the data, I received this error: socket.error: [Errno 99] Cannot assign requested address This was strange, as I had been using the address in the loop many, many, MANY times before hitting this error. A little more sleuthing uncovered a ton of connections in the TIME_WAIT state. Around 26,000 open sockets was where I couldn’t open any more. [Read More]

Bogons?

The other day, while wandering through dhcpd logs, I spied a message similar this one. hostname arpwatch: bogon x.x.x.x 0:0:0:0:0:0 Bogons? What the heck is this about? A little Google-fu popped this post up from a OpenBSD mailing list: http://www.monkey.org/openbsd/archive/ports/0012/msg00098.html Along with pointing out this was just a message about an invalid IP address, it stated Others have already pointed out that ‘bogon’ means a particle of bogosity. Bogosity, eh? [Read More]

Crushing postfix

I have my home-lab set up to send all mail to my Google mail account. All of the hosts in my house are set to send mail to one host, which uses Gmail to relay out. Except, of course, for my Nagios host, which relays directly, but I digress… This is normally quite excellent. It’s not, when I accidentally something. If you send too much mail from your Gmail account, Google gives you a “time out”. [Read More]