Berlijn Hemelvaartweekend

   Posted:

In het lange Hemelvaartweekend ben ik samen met mijn zus naar Berlijn geweest, hieronder een selectie uit de foto's, op Flickr staan ze allemaal.

20140529-IMG_4147.jpg

20140529-IMG_4162.jpg

20140529-IMG_4164.jpg

20140529-IMG_4170.jpg

20140529-IMG_4172.jpg

20140529-IMG_4177.jpg

20140529-IMG_4180.jpg

20140529-IMG_4186.jpg

20140529-IMG_4189.jpg

20140529-IMG_4197.jpg

20140529-IMG_4220.jpg

20140529-IMG_4221.jpg

20140530-IMG_4224.jpg

20140530-IMG_4225.jpg

20140530-IMG_4229.jpg

20140530-IMG_4232.jpg

20140530-IMG_4235.jpg

20140530-IMG_4241.jpg

20140530-IMG_4247.jpg

20140530-IMG_4249.jpg

20140530-IMG_4254.jpg

20140530-IMG_4258.jpg

20140531-IMG_4286.jpg

20140531-IMG_4288.jpg

20140531-IMG_4315.jpg

20140531-IMG_4335.jpg

20140531-IMG_4339.jpg

20140531-IMG_4358.jpg

20140531-IMG_4360.jpg

20140531-IMG_4362.jpg

20140531-IMG_4367.jpg

20140531-IMG_4413.jpg

20140531-IMG_4445.jpg

20140601-IMG_4452.jpg

20140601-IMG_4454.jpg

Comments

Mitselwier in het voorjaar

   Posted:

Afgelopen weekend weer eens in Metslawier, eh, Mitselwier geweest. Die zaterdag wat foto's gemaakt (en drie op Dokkumer Nieuwe Zijlen)

20140405-IMG_4022

20140405-IMG_4026

20140405-IMG_4027

20140405-IMG_4029

20140405-IMG_4033

20140405-IMG_4036

20140405-IMG_4039

20140405-IMG_4041

20140405-IMG_4045

20140405-IMG_4046

20140405-IMG_4052

20140405-IMG_4072

20140405-IMG_4073

20140405-IMG_4074

20140405-IMG_4078

20140405-IMG_4080

20140405-IMG_4099

20140405-IMG_4101

20140405-IMG_4107

Comments

Tweede rondje fietsen van het jaar

   Posted:

Comments

Eerste rondje fietsen van het jaar

   Posted:

Zonnetje, blauwe luchten, wat wil een mens nog meer? Eh, iets minder wind en, WTF, 9 MAART????

Drie uren stug doorgetrapt op de juggernaut (de Santos Travelmaster), resulteerde in onderstaande rondje.

Comments

Fietsvakanties update

   Posted:

Sinds vorige week zijn alle routes, van de fietsvakanties die ik tot nu toe gefietst heb, weer helemaal up to date. De route van de 2008 fietsvakantie is afgerond, die van 2013 is toegevoegd en ook alle jaarlijkse samenvattingen zijn waar nodig gerestaureerd en/of verbeterd. Bij de migratie naar Nikola waren een paar samenvattingen niet mee gemigreerd.

De dagboeken van de eerste twee vakanties heb ik maar opgegeven, die blijven onafgerond.

Comments

Prettige kerstdagen en een gelukkig 2014

   Posted:

Comments

Vechthoeve

   Posted:

Comments

NYC2013 video

   Posted:

Comments

Fun with logrotate and wildcards

   Posted:

So a few months ago I found that freeradius on one of my machines was logging all transactions in a daily log file. After a few years this accumulated to a large number of files that started to gobble up too much disk space. Together with a colleague I created the following logrotate:

/var/log/freeradius/radacct/*/detail-* {
        daily
        rotate 90
        compress
        notifempty
}

Using wildcards with logrotate is asking for trouble, as the manual page warns, but we thought we knew better... The result was a log directory containing loads of the following:

server:/var/log/freeradius/radacct/host# ls -al
-rw------- 1 freerad freerad        0 2013-09-03 06:25 detail-20130902
-rw------- 1 freerad freerad        0 2013-09-05 06:25 detail-20130902.1.gz
-rw------- 1 freerad freerad        0 2013-09-07 06:25 detail-20130902.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-09 06:25 detail-20130902.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-11 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-13 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-15 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-17 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-19 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-21 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-23 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-25 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-27 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-09-29 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-01 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-03 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-05 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-07 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-09 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-11 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-13 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-15 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-17 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-19 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-21 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-23 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-25 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-27 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-29 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-10-31 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-02 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-04 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-06 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-08 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-10 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-12 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-14 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-16 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-18 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-20 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-22 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-24 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-26 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-28 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad        0 2013-11-30 06:25 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
-rw------- 1 freerad freerad 23219192 2013-09-02 21:47 detail-20130902.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz.1.gz
server:/var/log/freeradius/radacct/host#

Fixing logrotate is left for another time. But how do you get rid of all the 0 length files and how do you rename the files that do have content to something useful? Most howto's suggest basename or Perl's rename, but they all can't handle what I call "recursive" file extensions. Here's what I came up with:

# Delete all 0 length files
server:/var/log/freeradius/radacct/host# find . -size 0 -delete
# Create a list of mv commands for all remain files
server:/var/log/freeradius/radacct/192.168.59.6# ls *.gz | awk -F '.' '{ print "mv " $0 " " $1 ".1.gz" }' > commandfile
# Execute the commands (dot space commandfile executes all commands in
# commandfile, who knew?)
server:/var/log/freeradius/radacct/host# . commandfile
# And clean up after ourselves
server:/var/log/freeradius/radacct/host# rm commandfile
server:/var/log/freeradius/radacct/host#

Comments

Wishlist

   Posted:

Let op, deze pagina wordt regelmatig bijgewerkt. Of omdat ik iets heb gekregen of omdat ik iets nieuws heb bedacht. Dus controleer hier voordat je iets gaat kopen ;-)

  • Fiets
    1. Grote momentsleutel (10-60 Nm) (klik/ratel)
  • Foto
    1. Variabele ND (grijsfilter) 58mm
    2. Variabele ND (grijsfilter) 67mm
    3. Snelle/grote SD kaarten (geschikt voor HD video)
  • Gereedschap
    1. Kleine oplaadbaare (Li-ion?) schroefmachine
    2. Ratel ringsleutel van standaard maat (12,14,16,18,20?)
    3. iFixit 54 Bit Driver Kit Wooden Case
    4. iFixit Magnetic Project Mat

UPDATE 2014-03-21, edited

Comments

IPv6 firewalling on Cisco IOS

   Posted:

In a previous post I explained how to get native IPv6 working on a Cisco 877 ADSL modem/router.

In this post I'm going to try and setup the most simple firewall for IPV6 based on the example from SIXXS. Remember, if you're going to start using IPv6 properly all your devices are reachable from the internet by default. This is usually a bad idea, so we need a firewall.

I'm going to assume you're not running any servers at home, you just want all traffic from the outside blocked. You also want traffic from your local network to be able to reach the Internet via IPv6 and receive answers back. But no more.

First we create an accesslist that blocks all unwanted traffic, but allows enough of the ICMP protocol for the Internet to function as intended. Real networks don't block all of the incoming ICMP traffic.

ipv6 access-list ipv6-internet-in
  remark Prevent spoofing
  deny ipv6 2A02:120:100F::/48 any log
  remark prevent ingress of all addresses except global unicast and multicast
  deny ipv6 ::/3 any log
  deny ipv6 8000::/2 any log
  deny ipv6 C000::/3 any log
  deny ipv6 E000::/4 any log
  deny ipv6 F000::/5 any log
  deny ipv6 F800::/6 any log
  deny ipv6 FC00::/7 any log
  deny ipv6 FE00::/8 any log
  permit icmp any any time-exceeded
  permit icmp any any packet-too-big
  permit icmp any any echo-request
  permit icmp any any echo-reply
  deny ipv6 any any log
  !

Next it's time to allow outgoing traffic to poke holes on the incoming side.

ipv6 inspect name cbac-ipv6 tcp
ipv6 inspect name cbac-ipv6 udp
ipv6 inspect name cbac-ipv6 icmp
ipv6 inspect name cbac-ipv6 ftp

Finally we bind all that to the Dialer0 interface we used in the previous post and have a functioning firewall.

interface Dialer0
  ipv6 traffic-filter ipv6-internet-in in
  ipv6 inspect cbac-ipv6 out

Don't forget to block IPv6 access to the console on your router!

ipv6 access-list ipv6-ssh-lockdown
  deny ipv6 any any log

line vty 0 4
  ipv6 access-class ipv6-ssh-lockdown in

And that's it! Finding an example that is as basic as this took me quite a while. With some stops and starts and some IPv6-less days of working without me noticing. If you want to run a webserver or mail server or something else on IPv6, you need to add the appropriate lines in the "ipv6-internet-in" ipv6 accesslist. I'm leaving how to do that as an exercise for the reader ;-)

Comments

NYC2013

   Posted:

So it was that time of year again. A few days of New York City (New York) for work. Here's the result of the tourist-y part. Even more pictures of places around Manhattan, I even left the island properly for the first time. Well, apart from the train from/to JFK.

First a guided tour of Rockefeller Centre

20131018-IMG_3087

20131018-IMG_3092

20131018-IMG_3093

20131018-IMG_3094

20131018-IMG_3096

20131018-IMG_3099

20131018-IMG_3103

20131018-IMG_3114

20131018-IMG_3119

20131018-IMG_3122

20131018-IMG_3124

20131018-IMG_3127

20131018-IMG_3150

20131018-IMG_3151

20131018-IMG_3171

Then on to "Top of the Rock", with a nice view of New York from a really high place. Much more enjoyable than Empire State Building, which I visited two years ago.

20131018-IMG_3186

20131018-IMG_3201

20131018-IMG_3204

20131018-IMG_3211

20131018-IMG_3214

20131018-IMG_3216

20131018-IMG_3217

20131018-IMG_3219

20131018-IMG_3221

20131018-IMG_3224

20131018-IMG_3249

After that I took the cable car to Roosevelt Island, in the middle of the East River. A really calm and quiet place to visit on a Friday afternoon.

20131018-IMG_3261

20131018-IMG_3266

20131018-IMG_3268

20131018-IMG_3274

20131018-IMG_3275

20131018-IMG_3277

20131018-IMG_3279

20131018-IMG_3283

20131018-IMG_3286

20131018-IMG_3293

20131018-IMG_3298

20131018-IMG_3301

20131018-IMG_3302

20131018-IMG_3304

5th Avenue early evening, just after sunset.

20131020-IMG_3368

20131020-IMG_3376

20131020-IMG_3381

Times Square late at night.

20131020-IMG_3408

20131020-IMG_3414

These last few photos have all been taken from the High Line, a really nice park on top of an old, unused, raised railroad. Really cool.

20131020-IMG_3417

20131020-IMG_3424

20131020-IMG_3425

20131020-IMG_3426

20131020-IMG_3447

20131020-IMG_3450

20131020-IMG_3458

20131020-IMG_3462

20131020-IMG_3465

20131020-IMG_3483

20131020-IMG_3485

20131020-IMG_3488

20131020-IMG_3489

20131020-IMG_3491

20131020-IMG_3497

20131020-IMG_3499

20131020-IMG_3500

20131020-IMG_3515

20131020-IMG_3517

Comments

pysnmp cannot import asn1

   Posted:

Today I tried to use an old Python script to do something with SNMP. The script was importing some SNMP library using the following code:

from pysnmp import asn1, v2c, role

(this is basically from the snmpget example on the pysnmp website).

Installing python-pysnmp didn't work, there's a few versions of the pysnmp API available and apparently the code above is assuming version 2 of the API, so we need to install python-pysnmp2

ramdyne@host:~$ sudo apt-get install python-pysnmp2
xxx
ramdyne@host:~$ ./script.py
Traceback (most recent call last):
    File "./script.py", line 7, in <module>
        from pysnmp import asn1, v2c, role
ImportError: cannot import name asn1

Obviously that didn't work, but why? After a lot of investigating, it looks like the current Debian python-pysnmp2 package includes both versions 2 and 4 of the API and you need to explicitly choose which one you want to use before importing pysnmp in your python code.

Choosing the API version is done using an environment variable. You can do this in your commandline shell (like bash), but I prefer to do this explicitly in the script itself:

os.environ['PYSNMP_API_VERSION'] = 'v2'
from pysnmp import asn1, v2c, role

(choosing version 4 of the API is left as an exercise for the reader.)

Comments

Worst SIP implementation of the moment

   Posted:

There must be something very wrong with the way the Siemens OpenScape Office PBX's SIP stack handles SIP error codes or the way people configure it by default.

Suppose you make a call and forget a digit somewhere in the middle. Your PSTN provider (or someone else) detects that the number is not quite sufficient and replies to your INVITE with an error message containing "SIP/2.0 484 Address Incomplete".

Normal SIP implementations send an error up the stack to the end user who then hears some kind of error code through their handset or some error code on the display of their phone. Is OpenScape doing that? Noooooooo.....

When OpenScape receives an error code other than "486 Busy" or "500 Internal Server Error", it sends out as many retry calls as it can, one after the other, until it hits the maximum number of simultaneous calls it has configured on the SIP trunk (even though these calls are not simultaneous).

If you're using the distribution between successful and failed calls to monitor the health of your platform, behavour like this very quickly starts to trigger alarms that something is not quite right, especially when endusers are absolutely convinced the number they dialled is correct. Hundreds of failed calls within a minute or two are not unusual in cases like this.

Comments

Keeping website sources safe

   Posted:

Last Friday I was thinking about making a backup of the nikola sources for my website. I have more than 12 years of blog posts in the archive now. While most of the contents are not worth much, there are some pieces I'd rather not lose.

Using normal backup procedures seemed boring, so I started thinking of other ways. Realising that most of the files were just basic text files some kind of version control system seemed appropriate. Since I had no intention of running my own VCS server Github seemed like a cool option, especially since it has private repositories.

So every time I update the site, the deploy step not only updates (using rsync) the webserver, it also calls on git to push the changes towards my private Github repository.

So for this post the procedure looked something like this (Edited for brevity and a little bit of obfuscation):

yyyyyyy@delphic:~/website/src/www.ramdyne.nl/src$ nikola new_post
Creating New Post
-----------------
Enter title: Keeping website sources safe
Scanning posts.....done!
Your post's text is at:  posts/keeping-website-sources-safe.rst
yyyyyyy@delphic:~/website/src/www.ramdyne.nl/src$ vi posts/keeping-website-sources-safe.rst
yyyyyyy@delphic:~/website/src/www.ramdyne.nl/src$ nikola build
Scanning posts.....done!
.  render_site:../output/categories/index.html
.  render_posts:cache/posts/keeping-website-sources-safe.html
.  render_indexes:../output/index.html
.  render_rss:../output/rss.xml
.  render_pages:../output/posts/keeping-website-sources-safe.html
.  render_tags:../output/categories/stack.xml
.  sitemap:../output/sitemap.xml
yyyyyyy@delphic:~/website/src/www.ramdyne.nl/src$ nikola deploy
Scanning posts.....done!
==> rsync -rav ../output/*
ramdyne@xxxxxx.org:/home/zzzzzz/www/ramdyne.nl/www
Password:
sending incremental file list
index-20.html
index.html
rss.xml
sitemap.xml
posts/
posts/keeping-website-sources-safe.html

sent 526893 bytes  received 85809 bytes  136156.00 bytes/sec
total size is 18639132  speedup is 30.42
==> /home/yyyyyyy/website/src/www.ramdyne.nl/git-push-website-to-master.sh
[master fbadf78] Another commit by nikola deploy
 448 files changed, 2205 insertions(+), 998 deletions(-)
 create mode 100644 output/.htaccess
 rewrite output/assets/js/tag_cloud_data.json (78%)
 create mode 100644 output/categories/git.html
 create mode 100644 output/categories/git.xml
 create mode 100644 output/categories/github.html
 create mode 100644 output/categories/github.xml
 rewrite output/categories/website.xml (80%)
 create mode 100644 output/posts/keeping-website-sources-safe.html
 create mode 100644
 src/cache/posts/keeping-website-sources-safe.html
 create mode 100644 src/posts/keeping-website-sources-safe.rst
Username for 'https://github.com': xxxxx
Password for 'https://xxxxx@github.com':
Counting objects: 890, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (459/459), done.
Writing objects: 100% (459/459), 129.89 KiB, done.
Total 459 (delta 444), reused 0 (delta 0)
To https://github.com/ramdyne/websites-ramdyne.nl.git
 3c519ad..fbadf85  master -> master
Successful deployment
yyyyyyyy@delphic:~/website/src/www.ramdyne.nl/src$

The eagle eyed viewers will have noticed a small script being used to do all the git steps:

yyyyyyyy@delphic:~/website/src/www.ramdyne.nl/cat git-push-website-to-master.sh
#!/bin/sh
cd /home/yyyyyyy/website/src/www.ramdyne.nl/
/usr/bin/git add '*'
/usr/bin/git commit -m "Another commit by nikola deploy"
/usr/bin/git push origin master

The script (and the cd step in the script) are needed because of the way the nikola deploy steps work. You can't do cool stuff like cd in the deploy steps themselves, if I understood this post correctly.

Now I only need to find a way to not have a boring fixed commit message for every change ("Another commit by nikola deploy"), preferably it would say what had been last updated or something like that. Or just ask me for a commit message.

The folder structure I am using now for my website sources is a little different from the default nikola setup, so can always stop not keeping all changes to the nikola output. Keeping sources and output in git is kind of redundant, isn't it.

Nikola default (with site in ~/Documents/site:

~/
|- Documents/
    |-site/
        |-cache/
        |-files/
        |-galleries/
        |-listings/
        |-output/
        |-posts/
        |-stories/
        |-themes/
        |-conf.py

My current directory structure

~/
|- Documents/
    |-site/
        |-output/
        |-src/
            |-cache/
            |-files/
            |-galleries/
            |-listings/
            |-posts/
            |-stories/
            |-themes/
            |-conf.py
        |-git-push-website-to-master.sh

Comments