Chronophage.net Blog

Got my VCP5!

So, I decided I needed a bit of a landing page for web.chronophage.net. I wanted to show certain active statistics, but I didn’t like the format, or information leakage that mod_status showed.

So I did some googling, and found this: http://www.phpclasses.org/package/3613-PHP-Retrieve-and-parse-Apache-server-status.html

Unfortunately, the examples were set to just show the stats of one server, and I had four.

Well, an array, for loop and some php rejiggering, and viola! Active server stats!

Now I can see all the worms attempting to XSS my websites.

Wee!

10.04 has a bug in Net-SNMP that’s over two years old! SNMP doesn’t return any info under hrSWRunPath, aside from /sbin/init

This is ridiculous. Absolutely unacceptable. Fix it.

So, I changed mail, splitting mail.chronophage.net into a 3 host mail cluster, and a shell server.

Unfortunately, I have shell users who were using mail.chronophage.net as their moniker for pop/imap. This also broke their ability to log in to the antispam area and change their spam settings. I have fixed both of these issues.

Dovecot has a passwd-file facility, which uses passwd formatted files to do authentication. I simply added such a file to my mail cluster, with the shell username and {CRYPT} hashes (out of master.passwd) and added a proxy=y statement and a host=(shell server’s ip)

So now, when they log in, it’ll authenticate them, and then pass the authentication over to the shell server’s POP3 or IMAP server. Since they authenticate locally first, SASL works for sending mail.

This gives them one point for external clients, and still lets them log in via the shell server, or use procmail (via a .forward) if they so choose.

Unfortunately, this means that I have to manually keep password in sync in two places. But my users don’t change their passwords often, and there aren’t too many of them

So, for posterity

mail.chronophage.net (POP3, IMAP, SMTP)
https://mail.chronophage.net (webmail via roundcube)
https://mail.chronophage.net/squirrelmail (webmail via squirrelmail)
https://mail.chronophage.net/antispam (for antispam services)
gaia.chronophage.net (shell server)

Working on a post for work. Part 1 is pending edits and approval. Here’s a chart I’ve made for Part 2:

*UPDATE* Post approved: http://blogs.iphouse.net/2011/11/10/infrastructure-and-other-games/

So I did a little bit of load testing on my new web cluster.

Not bad for not having a real load balancer…

(continue reading…)

I’ve been waiting, and working.

I’ve been waiting for my work to release a its new product. I’ve been waiting, politely, for my boss to blog about it. I’ve been waiting to show off this new product.

I’ve been working on provisioning, and working with customers on beta testing the new product. I’ve been working on templates, and auto install media, to make everyone’s life easier. I’ve been working on documentation for customers.

I’ve been waiting for, and working on, a VMware vCloud Director based product known as vmForge VDC.

This is cool stuff!

(continue reading…)

For reference: http://www.albinoblacksheep.com/flash/badgers

i = 1
strOut = ""

while i > -1  :
    if i == 12 :
        strOut = "Mushroom"
        i = i + 1

    elif i == 13 :
        strOut = "Mushroom"
        i = i + 1

    elif (i == 27) :
        strOut = "A big ol' snake - snake a snake oh it's a snake";
        i = 0

    else :
        strOut = "Badger"
        i = i + 1

    print strOut

Well, in honor of IPv6 day, I decided to spurn people along. I created an IPv6 validation badge of my own, and a few other things to prod people to get their providers to switch.

I’ve also updated http://ipv6.chronophage.net with a new look. It also shows you a video that warns you of the real and present dangers of not switching to IPv6, or celebrates your IPv6 achievement with an INTERNET classic

Making the pages was fun, especially using php to spit out the various dynamic graphics. In one spot I use a validator lifted from here On the main page i simply have this SetEnvIfNoCase REMOTE_ADDR "^[0-9a-f:]+$" IPV6_USER=1 in my apache config, and check for that variable in my shtml index. I use a php filter elsewhere. This is to test various ways of IPv6 validation. If you see an error, please comment.

Making dynamic graphics was straight out of the php documentation. That language has a function for everything!

No one will accuse me of being a website designer, I hope it’s ugly enough for you.

Anyways, have fun! Happy (pending) IPv6 day!

So…

It’s been awhile.

Recently, I’ve decided to make sure that all of my servers were IPv6 addressable. This was made infinitely easier by working at a forward thinking ISP. So a quick email to our network admin and bam! IPv6 routed to my vlan!
Now, what to do with it?

(continue reading…)