Now that all my traffic to and from the internet is running happily through my Alix box (and it had no trouble with a few hours of sustained maxing-out of my 6Mbps down/768kbps up DSL line in both directions), and since my first test unslung-NSLU2 “slug” seems to be stably doing its job as a backup DNS/DHCP server, it’s time to do the fun little things, like wonder, “Hey, the Alix has 3 LEDs on the front. What could I do with those?”
Well, first I learned from a mailing list archive post that under OpenBSD, the LEDs are easily controlled with gpioctl (using 0 and 1 for off and on):
# one-time setup to get 0 and 1 to mean what we expect
gpioctl -q -c 6 out iout
gpioctl -q -c 25 out iout
gpioctl -q -c 27 out iout
gpioctl -q 6 [0/1] # for the left-most LED
gpioctl -q 25 [0/1] # for the middle LED
gpioctl -q 27 [0/1] # for the right-most LED
That’s pretty easy, but it’s just on and off (though it does require privileged access to control the GPIO pins). Poking around on the web today, though, I found Jordan Sissel’s blog post on making the Soekris net4501′s LEDs do the Apple-style pulsing fade-in-out. His C program didn’t work straight away on my Alix, perhaps because he was working on FreeBSD and I’m using OpenBSD, but with a little digging in the OpenBSD source code for gpioctl, I was able to cobble together some C code to replace his “led” function that set the state of the LED as well as the device initialization. With a little tweaking to make the code feel more like my own and to make the LED pulse just once (the original code pulsed indefinitely), I arrived at pulse_led2_once.c (which still must be run as root to work, since it uses the GPIO interface).
NOTE: This file is provided “as is” and is not guaranteed to do anything at all, including not guaranteed to be safe to run. It worked for me, YMMV. I’ve posted my modifications having asked Jordan Sissel first; I’d appreciate it if you’d let me know if you wanted to post modifications to my code. AFAIK, my inclusion of OpenBSD source was done in compliance with the copyright notice in their source file, reproduced as requested by the code I used.
Posted 25 May 2008
† §
Tagged: alix, blink, breathing, c, gpio, gpioctl, led, leds, openbsd, pulse, pulsing
My biggest problem with flashdist is just how little is included. This is, of course, necessary for the primary goal of flashdist (working on really constrained machines) and since its goals generally align with my goals in using flashdist and since flashdist has those nice, simple, pre-built images, the fact that very little is included in the base distribution is worth trying to work around.
The “Oh, DUH!” moment came today when I realized (after much mucking about with pulling various programs I needed from other OpenBSD boxes with more complete installs and running into various issues with version differences) that I could just download base43.tgz from an OpenBSD ftp mirror onto my Mac, unzip it, and sftp what I needed over to the flashdist machine, no other OpenBSD box needed. Once I’d copied ldd over to the flashdist machine, I could even find out what libs I needed to copy over, too.
This means, of course, that I now have dhcpd and BIND running on my Alix.
Today, not only did the NSLU2 that I bought on eBay arrive, but the red anodized aluminum case for my Alix arrived, too. Getting the NSLU2 to run “unslung” from a 1GB flash drive was a royal pain. If I do a second one, I’ll have to verify my technique, but it seems that the direction to format the drive before reflashing is just a mess (since it’s nearly impossible to get the Linksys firmware to format a flash drive), but once the firmware is reflashed to non-stock, it’s easy to format the flash drive, then run the script to move the boot stuffs off to the flash drive, where there’s room to install stuff. The problem is that the device seems to be spending about 90% of its time completely hung and non-responsive (telnet and ssh freeze ior maybe just hang, web interface unresponsive, intermittent “thrashing,” if you can call it that, of the flash drive) for reasons I can’t quite figure out. It may not turn out to be as useful as I’d hoped, but even if it doesn’t do what I want, it will have been an interesting experiment. Plus, I realized it’s the only linux box i’ve got on hand (my other machines are various Macs and OpenBSD boxes and a few PCs).
Speaking of OpenBSD boxes, the Alix seems to be much closer to usable than I’d expected now, having restarted from a newer pre-built flashdist image. The hokey thing I’d forgotten about is how few of the standard basic *nix command programs are in the base flashdist, so I end up copying over program after program from another running OpenBSD box. I’m hoping to get BIND and dhcpd up and running soon, get pf all set up for router/NAT/firewall use, and try it out with a DSL modem before the weekend is up.
And, with a little luck, by the end of the weekend, all these various devices will be self-updating the various common config files (BIND zones, dhcpd.conf, etc.) from a common server. I’ve already got a shell script that can check for an update to itself and replace itself with the newer version; I just have to make it check for and retrieve updates for the actual config files.
Posted 22 May 2008
† §
Tagged: 'nix, alix, firewall, flash, flashdist, linksys, linux, nat, nslu2, openbsd, router, slug, unslung
I subscribe to a few security-alert email lists, most of which I skim and delete (since I already know that there are new fixes for multiple vulnerabilities in MS Windows and/or Office without being told and since I don’t care about issues with multi-thousand-dollar Oracle/Cisco/Sun products). It’s rare that an alert really catches my eye the way the Debian/OpenSSL thing did. I think the key thing to point out is that it seems that somewhere along the way someone in the Debian realm broke OpenSSL–that’s why this is a Debian-specific issue. I’d also like to point out that this is why I use OpenBSD for high-security machines (i.e. router/firewall machines): careful, detailed security auditing.
The OpenBSD router machines I installed at my place and my parents’ have been failing and I’ve been doing band-aid fixes of little things as they break, but it’s annoying. My new idea is to use hardware routers, but to install one or more “slug” NSLU2 devices, unslung, inside each network to provide DNS and DHCP (more than one should easily give redundancy). At $50-60 on eBay and potentially running some variant of Linux from a small USB flash drive, it should be reasonable to set up two identically-configured “slugs” so that if one goes bad, the other can handle the load until the bad one can be replaced. My first NSLU2 for testing should arrive in the middle of this coming week. Details on the previous setup and history after the cut.
Continue Reading »
Posted 17 May 2008
† §
Tagged: alix, bsd, dell, dlink, dsl, ebay, gateway, linux, nslu2, openbsd, pppoe, router, slug, ssh, unslung, vpn
Somehow (my best guess is it happened with the database update in the WP2.5.1 upgrade), the database secret, stored as “secret” and visible on /wp-admin/options.php, changed making the logins for bbPress and WordPress clobber each other (both apps using the same cookie, but each app rewriting the cookie with its own contents, rather than recognizing the other app’s contents). If you’re having trouble with WordPress 2.5.1 + bbPress, especially if you’ve already watched the cookies go by and are sure that both apps are using the same cookie, check your secret (in bbPress, it’s in Admin > Settings > WP Integration).
Posted 01 May 2008
† §
Tagged: 2.5.1, bbpress, cookie, cookies, database secret, integrate, integration, options.php, secret, upgrade, wordpress, wp, wp2.5.1
It seems that some themes that I’d used as the bases for my own themes on my WordPress installs (other than this one) didn’t have
<?php wp_footer(); ?>
in the footer.php file, like they should, I guess, since that seems to be what the stats plugin needs to register hits. I had been wondering why the numbers on my dashboards didn’t even remotely match my awstats numbers.
Posted 01 May 2008
† §
Tagged: footer.php, plugin, stats plugin, wordpress, wordpress 2.5, wordpress plugin, stats, stats plugin, wp, wp plugin, wp stats, wp2.5, wp_footer
Most drop-in “is this a valid-form email?” functions do label certain valid email addresses as invalid. In particular, while highly unlikely, it is valid to have an email address at a TLD. Why did this come to mind? Very circuitously. I was watching YouTube videos when I noticed that it was loading stuff from “,” which is NOT a valid FQDN. Each part of a FQDN must be at least two characters, with the special exception of the root nameservers. While nearly everyone and everything handles single-character hostnames nowadays, there have been and probably still are some servers that choke on single-character hostnames (I know that I’ve had issues with email addresses with single-character hostnames).
By the way, the combination of these two things means that the shortest email address that will validate in (nearly) all format-validation routines is a single character at a two-character SLD under a two-character coutry-code TLD, such as “”.
Posted 01 May 2008
† §
Web Programming
Tagged: address validation, dns, domain, domain name, email, email address, fqdn, host, hostname, invalid, name server, rfc, rfcs, sld, tld, valid, valid email address
I’m wondering if I’d gain anything from putting a small Google AdSense unit or maybe an AdSense link unit on the LJ-Stat page. And by “gain anything” I mean get a few cents to help pay my hosting bills. It could be relatively unobtrusive… It’s just that, thus far, I’ve avoided putting any ads on Well, that, and that my best experience with AdSense is monetizing the visits of people who mistakenly ended up on my site by providing them with ads for what they really wanted, rather than what’s actually on my site.