-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.json
1 lines (1 loc) · 27.7 KB
/
index.json
1
[{"content":"Though we are often sold into the idea that software development is better than ever before, the measure of better is open for debate. Surely you now have fancy stuff/words like DevOps, CI/CD, TDD, BDD, and more acronyms than there are three letter agencies in the US government.\nBut, for those old enough, there was a time when you could build stuff with just a notepad. It \u0026ldquo;got the job done\u0026rdquo;.\nOn the desktop, Microsoft had FoxPro, VB6 or, even, Microsoft Access. I say Microsoft because there was a time that\u0026rsquo;s \u0026ldquo;all\u0026rdquo; there was.\nOn the web, sure, spaghetti code is ugly but it worked. If you just needed some quick reports, you could drop a script in a cgi-bin folder, do some tables and framesets and move on to the next thing.\nNowadays all this things look more complicated for the \u0026ldquo;amateur\u0026rdquo; software developer. That is, solo developers or small business owners that are not tech-startups.\nOn our definition of \u0026ldquo;amateur\u0026rdquo; there\u0026rsquo;s nothing simpler than desktop. I have FoxPro 6 apps still running in the office, and the only thing that will kill them is lack of 64bit compatibility. Zero maintenance: just a folder with an .exe file to care about. 20 years running. The biggest pain would be updates, but this is internal stuff: just put that folder in a shared drive. You don\u0026rsquo;t even have to care about libraries, there\u0026rsquo;s only one dll\u0026hellip;\nThe current lack of a desktop story What is out there that allows you to build a desktop application that will still run 20 years from now? Most business software does not need constant updates and new features, but it needs to be able to be open 5-10 years from now to print a report for a tax audit, for example.\nThere is no compelling desktop story from anyone.\nOn the Microsoft side (still major desktop OS): FoxPro is gone, Lightswitch too, VB.NET is not VB6, there\u0026rsquo;s still MS Access.. completely stalled (read: VBA).\nYou might think of Java: Eclipse RCP is, definitely, not for amateurs, and NetBeans RCP is stalled. Though NetBeans RCP might get a boost now with the donation to Apache, it is not at VFP/VB6 \u0026ldquo;ease of use\u0026rdquo; level.\nThen there are a few \u0026ldquo;stories\u0026rdquo; out there that lack something in some ways:\n Lazarus. If not dealt with it enough to form an opinion, but it is a contender. Lianja. Which promises lots but I\u0026rsquo;m not sure about it\u0026rsquo;s long term maintainability, specialy on desktop deployments. Though this is kind of a gut-guess. PC Soft WINDEV. This is probably the best desktop story if seen so far on the last few years. though it\u0026rsquo;s language lacks some features of modern ones, you can get a lot done. Better JSON/REST support would do a lot, which it appears has been cared for in the latest release. FileMaker. I just hate it\u0026rsquo;s licensing model (per-user), otherwise it\u0026rsquo;d be almost fine, until you want to integrate with other stuff. It makes for amazing interfaces, but it\u0026rsquo;s coding facilities are nowhere near any mainstream language like Python. The Microsoft front is probably the worst as it not only lacks a story, it\u0026rsquo;s changing it every few years (WPF, WinForms, UWP, \u0026hellip;).\nRussell Keith-Magee noted on the PyCon 2019 Keynote that Python lacks a compelling desktop story. I\u0026rsquo;d go further: everyone lacks a compelling desktop story.\nThe web is no better The web front is not as sad, as long as you know how to setup a web server you can still drop scripts in a cgi-bin folder and go with it.\nWeb backends for small-scale applications are doable still with PHP, Python, \u0026hellip; though frontend is a completely different matter. Nowadays all \u0026ldquo;has to\u0026rdquo; be JavaScript intensive, React! Angular! which means that most resources available work under that premise.\nA CSS framework that does not require you to setup npm, bower or another tool of the day is rare to be seen. Some frameworks that did not presume a bloated frontend before do so now, raising concern about the future of the non-react-non-angular builds. Maybe Bulma CSS might be an exception, no javascript at all, so not all is lost.\nTruth be told, on the web front, there is nothing as easy and straightforward than server side rendered content. Specially if you are on PHP or Python.\nThere are some promises of rapid application development which, IMHO, are just that: promises. Rapid prototyping would be a more adequate wording.\n OpenXava, not much to say. You simply need to really understand Java to go further from the basics. And \u0026ldquo;really understand Java\u0026rdquo; is not \u0026ldquo;amateur development\u0026rdquo;. Apache Isis, I personally like it\u0026rsquo;s philosophy a lot. But has the same issue as OpenXava: you really need to understand Java. CUBA Platform, I also happen to like it a lot. You can probably go further than with OpenXava or Isis without knowing a lot of Java, but it\u0026rsquo;s still Java. furthermore, it has that ugly project structure that came from GWT days where you need to work with three separate modules for every \u0026ldquo;module\u0026rdquo; of you app: client, shared, server. That might improve when they move to Vaadin \u0026gt;10, though it\u0026rsquo;s not in the horizon. Java options basically all have the same issue for the amateur developer: once you need to move from \u0026ldquo;prototype\u0026rdquo; to the next stage you really need to understand what\u0026rsquo;s going on under the hood, and that in Java is not easy.\nThere are quite a few more, but I\u0026rsquo;ll skip them as the point would be the same: there\u0026rsquo;s nothing which will allow you to reliably build a simple CRUD / Line-Of-Business application without having to take care of a lot of infrastucture stuff like databases, web servers, etc.\nInvasion of subscription model I lied on my last paragraph. There is. WaveMaker, Microsoft PowerApps, Google AppMaker, \u0026hellip; there is a plethora of low-code / no-code solutions out there. But:\n They are, generaly, cloud based or with super-expensive on-premises options. They are subscription based and with per-user pricing models. They use propietary technologies which is the worst lock-in you can voluntarily subject yourself to. The moment you need to do something out of \u0026ldquo;the normal\u0026rdquo; you will either not be able to do it, end up writting Java, or having to deploy something somewhere and call it via REST. But, more importantly, you can\u0026rsquo;t fire that up 20 years from now and expect it to \u0026ldquo;just work\u0026rdquo; and be able to print some reports. Even if you pay for the applicable subscription fee for 20 years, I doubt you\u0026rsquo;d get there without any code changes, etc.\nWhen integrating those tools, you will probably end up with a serverless function, because it\u0026rsquo;s the easiest thing to deploy. Or a Kubernetes cluster, or anything else. You will be introducing cross dependencies and points of failure which you will then need to monitor and care about. Now imagine having to put that up again in 10 years because a court order asks for some records only avaiable in that (then in the future) legacy system.\nConclusions I really believe there\u0026rsquo;s a space for such tools to come back to the front lines of application development. Applications that can run on their own either on the desktop or sandboxed in a browser but that do not require an infrastructure setup more than you need a monitor.\nJust as I also believe that the next economic crisis (soon to come) will end with lots of the current subscription based businesses moving companies back to things whose operation do not rely on being able to pay the next month\u0026rsquo;s fee.\n","permalink":"https://www.marcfargas.com/2019/06/state-of-rad-2019/","summary":"Though we are often sold into the idea that software development is better than ever before, the measure of better is open for debate. Surely you now have fancy stuff/words like DevOps, CI/CD, TDD, BDD, and more acronyms than there are three letter agencies in the US government.\nBut, for those old enough, there was a time when you could build stuff with just a notepad. It \u0026ldquo;got the job done\u0026rdquo;.","title":"State of RAD 2019"},{"content":" Initramfs is a very tiny environment in which your Linux system boots in order to do a lot of initialisation magic before loading your system. The most common use case is to mount the root filesystem, like when it’s encrypted and you need to type a passphrase to mount it. Or if fsck needs to run on an unclean root filesystem. Basically anything that goes before mounting the root filesystem and, after that, before launching INIT (you can read more in the Debian Wiki).\n There are scenarios in which you need the network available at this very preliminary state of the system boot. Doing that over wired ethernet is easy (as long as you don’t need authentication on the wire) with the ip= kernel parameter (see here the documentation of the ip= parameter). Wireless connectivity is a whole different issue, WPA needs a helper program (wpa_supplicant), network configuration and, most likely, firmware files.\nSo, lets find out how can we get a wireless connection up and running on initramfs to do something useful there (in a later post: unattended boot with an encrypted rootfs).\nA few warnings:\n I assume you know how to move around on the console, really. If you screw up you might end up on an emergency shell or event with an unbootable system. This solution kills wpa_supplicant at the last stage of init so the underlying system can take over the wireless connection (ie: NetworkManager) so, be sure that whatever you attempt to achieve can live with that network interruption. Make sure you have a keyboard and display (or a serial console). Do not attempt to do this on a headless system. This has been tested on:\n Debian Stretch Intel Corporation Wireless 7260 AC WPA2 (AP is a Time Capsule) initramfs-tools The Debian system utilises what is known as initramfs-tools to build the initramfs for the installed kernel images. A command comes with it: update-initramfs which updates/creates suchs images. This tools is highly extendable (in fact, lots of packages extend it) by the end-user in the folder /etc/initramfs-tools/ where hooks and scripts can be placed in order to customize the image build and/or the boot processes. A very good place to start would be man initramfs-tools for our purpose today: the SCRIPTS section.\nWhat we need initramfs-tools to do for us Add our wireless modules and firmware to the initramfs Copy our dependencies to the image (wpa_supplicant, wpa_cli, wpa_supplicant.conf and its libraries) Start wpa_supplicant to connect to the network Setup networking (ip, etc) Hold the boot process until the network is up or a timeout occurs Kill wpa_supplicant before booting the underlying system to not conflict with whatever is there expecting full control of the network interface (aka: NetworkManager) That sounds easy.\nCustom hook We will use a hook to do the first two steps, note that for the modules part you can just type the module name in /etc/initramfs-tools/modules and it should work. We do it in the hook just to keep everything together.\nThis goes into /etc/initramfs-tools/hooks/enable-wireless, make sure to put the right modules on the manual_add_modules line.\n# !/bin/sh set -e PREREQ=\u0026#34;\u0026#34; prereqs() { echo \u0026#34;${PREREQ}\u0026#34; } case \u0026#34;${1}\u0026#34; in prereqs) prereqs exit 0 ;; esac . /usr/share/initramfs-tools/hook-functions # CHANGE HERE for your correct modules. manual_add_modules iwlwifi iwlmvm copy_exec /sbin/wpa_supplicant copy_exec /sbin/wpa_cli copy_file config /etc/initramfs-tools/wpa_supplicant.conf /etc/wpa_supplicant.conf Pretty straighforward, the upper half is boilerplate as required by initramfs-tools, see the manpage for more. The rest is quite readable: add the modules (it will also add the firmwares), copy wpa* stuff, copy the configuration.\nNow, wpa_supplicant.conf is unique to you, as always, man wpa_supplicant.conf is your friend, and here is an example:\n# Sample /etc/initramfs-tools/wpa_supplicant.conf # note that this is independent of the system /etc/wpa_supplicant.conf (if any) # only add the network you need at boot time. **And keep the ctrl_interface** !! ctrl_interface=/tmp/wpa_supplicant network={ ssid=\u0026quot;MyNetwork\u0026quot; scan_ssid=1 psk=\u0026quot;network passphrase\u0026quot; key_mgmt=WPA-PSK } Connection script (init-premount) Now, we need the system to startup the supplicant, connect and go on. This can\u0026rsquo;t be done at the init-top stage because not even the kernel modules are available by then, to init-premount looks fine. Problem? Whatever the reason you are reading this, most likely it also happens in init-premount (mandos-client, cryptsetup, \u0026hellip;) and initramfs-tools comes with this warning on the manpage:\n No guarantees are made as to the order in which the different scripts are executed unless the prereqs are setup in the script.\n So\u0026hellip; dirty hack is to assume alphabetical order of execution and put \u0026ldquo;a_\u0026rdquo; in front of the script. It works, for now.\nThis goes into `/etc/initramfs-tools/scripts/init-premount/a_enable_wireless, you need to change the INTERFACE= and, maybe, the AUTH_LIMIT one (the timeout):\n#!/bin/sh PREREQ=\u0026#34;\u0026#34; prereqs() { echo \u0026#34;$PREREQ\u0026#34; } case $1 in prereqs) prereqs exit 0 ;; esac . /scripts/functions AUTH_LIMIT=30 INTERFACE=\u0026#34;wlp5s0\u0026#34; alias WPACLI=\u0026#34;/sbin/wpa_cli -p/tmp/wpa_supplicant -i$INTERFACE\u0026#34; log_begin_msg \u0026#34;Starting WLAN connection\u0026#34; /sbin/wpa_supplicant -i$INTERFACE -c/etc/wpa_supplicant.conf -P/run/initram-wpa_supplicant.pid -B -f /tmp/wpa_supplicant.log # Wait for AUTH_LIMIT seconds, then check the status limit=${AUTH_LIMIT} echo -n \u0026#34;Waiting for connection (max ${AUTH_LIMIT}seconds)\u0026#34; while [ $limit -ge 0 -a `WPACLI status | grep wpa_state` != \u0026#34;wpa_state=COMPLETED\u0026#34; ] do sleep 1 echo -n \u0026#34;.\u0026#34; limit=`expr $limit - 1` done echo \u0026#34;\u0026#34; if [ `WPACLI status | grep wpa_state` != \u0026#34;wpa_state=COMPLETED\u0026#34; ]; then ONLINE=0 log_failure_msg \u0026#34;WLAN offline after timeout\u0026#34; panic else ONLINE=1 log_success_msg \u0026#34;WLAN online\u0026#34; fi configure_networking Kill when done Last, but not least, `/etc/initramfs-tools/scripts/local-bottom/kill_wireless should contain:\n#!/bin/sh PREREQ=\u0026#34;\u0026#34; prereqs() { echo \u0026#34;$PREREQ\u0026#34; } case $1 in prereqs) prereqs exit 0 ;; esac echo \u0026#34;Killing wpa_supplicant so the system takes over later.\u0026#34; kill `cat /run/initram-wpa_supplicant.pid` Final touches You may have noticed we use the provided configure_networking function, it relies on you passing the proper ip=kernel parameter, so better supply it, for GRUB just setup the GRUB_CMDLINE_LINUX in /etc/default/grub like: GRUB_CMDLINE_LINUX=\u0026quot;ip=:::::wlp5s0:on panic=10\u0026quot; (see here the documentation of the ip= parameter). The panic=10 makes the system reboot if something goes wrong (like network failure), when testing you might prefer break=premount or some other options, see the initramfs-tools manpage5 or the Debian wiki InitramfsDebug page\nMake the scripts executable, and, finally, rebuild initramfs and update-grub:\nchmod +x /etc/initramfs-tools/scripts/local-bottom/kill_wireless chmod +x /etc/initramfs-tools/scripts/init-premount/a_enable_wireless chmod +x /etc/initramfs-tools/hooks/enable-wireless update-initramfs -k all -u update-grub And\u0026hellip; reboot. I suggest you boot with break=bottomso you can check things work as expected (i.e with ip link and ip addr).\n","permalink":"https://www.marcfargas.com/2017/12/enable-wireless-networks-in-debian-initramfs/","summary":"Initramfs is a very tiny environment in which your Linux system boots in order to do a lot of initialisation magic before loading your system. The most common use case is to mount the root filesystem, like when it’s encrypted and you need to type a passphrase to mount it. Or if fsck needs to run on an unclean root filesystem. Basically anything that goes before mounting the root filesystem and, after that, before launching INIT (you can read more in the Debian Wiki).","title":"Enable Wireless networks in Debian Initramfs"},{"content":"Three days ago Nokia Beta Labs announced they were giving stickers for free (20 stickers for the 50 first ones). Today, three days after, I got my 20 stickers!\nMaybe they should have send 10 stickers to the 100 first ones, I\u0026rsquo;ll have a hard time looking where to put so many stickers!\nAnyway, thanks Nokia\n","permalink":"https://www.marcfargas.com/2008/08/nokia-beta-labs-stickers/","summary":"Three days ago Nokia Beta Labs announced they were giving stickers for free (20 stickers for the 50 first ones). Today, three days after, I got my 20 stickers!\nMaybe they should have send 10 stickers to the 100 first ones, I\u0026rsquo;ll have a hard time looking where to put so many stickers!\nAnyway, thanks Nokia","title":"Nokia Beta Labs Stickers"},{"content":"This Saturday there was the \u0026ldquo;Fast Painting\u0026rdquo; course on Gualba (a town in El Montseny), as you may guess from the photo, Me and Hobbes didn\u0026rsquo;t spend any time painting.\nHe spent the whole day running on the river with the tennis ball, And I threw the ball and took photos :)\n","permalink":"https://www.marcfargas.com/2008/08/hobbes-in-the-river/","summary":"This Saturday there was the \u0026ldquo;Fast Painting\u0026rdquo; course on Gualba (a town in El Montseny), as you may guess from the photo, Me and Hobbes didn\u0026rsquo;t spend any time painting.\nHe spent the whole day running on the river with the tennis ball, And I threw the ball and took photos :)","title":"Hobbes in the River"},{"content":"Just for you to know, I\u0026rsquo;m now 25 years old!\n","permalink":"https://www.marcfargas.com/2008/08/im-25/","summary":"Just for you to know, I\u0026rsquo;m now 25 years old!","title":"Im 25"},{"content":"I started to get tired of managing my own exim+spamassassin+clamav+dovecot only to serve my domain, so I dediced to give Google Apps a try.\nThe move was fairly easy, simply register and change MX records ;) (and use imapsync to copy mail). I guess I didn\u0026rsquo;t loose anything but If you sent me a mail in the last two weeks and I haven\u0026rsquo;t answered, please resend.\nThe only downside, I hoped google would have some \u0026ldquo;easy\u0026rdquo; way to move my google account from *@gmail.com to my Google Apps domain.\n","permalink":"https://www.marcfargas.com/2008/07/moved-to-google-apps/","summary":"I started to get tired of managing my own exim+spamassassin+clamav+dovecot only to serve my domain, so I dediced to give Google Apps a try.\nThe move was fairly easy, simply register and change MX records ;) (and use imapsync to copy mail). I guess I didn\u0026rsquo;t loose anything but If you sent me a mail in the last two weeks and I haven\u0026rsquo;t answered, please resend.\nThe only downside, I hoped google would have some \u0026ldquo;easy\u0026rdquo; way to move my google account from *@gmail.","title":"Moved to Google Apps"},{"content":"Today I had some connection problems in one of our offices, so I needed to connect in some alternative way. A good moment for experimenting\u0026hellip; The alternative connection was my laptop acting as a router connected with my mobile phone via bluetooth.\nThe problem\u0026rsquo;s come with the VPN connections, IPSec is nice, but you can hate it on lots of things\u0026hellip; i.e. all tunnels are setup using static ip addresses so in order to use the alternate connection (dynamic IP) I need to change the ipsec config of the other offices.\nSo today I wanted to try something new, tunneling ip traffic from one network to another over an ssh connection. And it works, Gentoo\u0026rsquo;s wiki has some information on the subject: here\nIn brief, you need to, on the server:\nAdd \u0026ldquo;PermitTunnel yes\u0026rdquo; to /etc/ssh/sshd_config Now, on the client it\u0026rsquo;s as easy as to run ssh with some parameters, my script for launching it is:\n#!/bin/sh HOST=REMOTE_PARTY_ADDRESS HOST_PORT=22 TUN_LOCAL=0 # tun device number here. TUN_REMOTE=0 # tun device number there IP_LOCAL=192.168.111.2 # IP Address for tun here IP_REMOTE=192.168.111.1 # IP Address for tun there. IP_MASK=30 # Mask of the ips above. NET_REMOTE=192.168.0.0/16 # Network on the other side of the tunnel NET_LOCAL=192.168.8.0/24 # Network on this side of the tunnel echo \u0026#34;Starting VPN tunnel ...\u0026#34; modprobe tun ssh -w ${TUN_LOCAL}:${TUN_REMOTE} -f ${HOST} -p ${HOST_PORT} \u0026#34;\\ ip addr add ${IP_REMOTE}/${IP_MASK}dev tun${TUN_REMOTE}\\ \u0026amp;amp;\u0026amp;amp; ip link set tun${TUN_REMOTE}up \\ \u0026amp;amp;\u0026amp;amp; ip route add ${NET_LOCAL}via ${IP_LOCAL}\\ \u0026amp;amp;\u0026amp;amp; true\u0026#34; sleep 3 ip addr add ${IP_LOCAL}/${IP_MASK} dev tun${TUN_LOCAL} ip link set tun${TUN_LOCAL} up ip route add ${NET_REMOTE} via ${IP_REMOTE} echo \u0026#34;... done.\u0026#34; You\u0026rsquo;ll maybe want to run this as root, because of the \u0026ldquo;ip\u0026rdquo; commands, and so ;)\nIt\u0026rsquo;s still far from perfect (i.e: the tunnel dies too often for some reason\u0026hellip; although keep alive is set). But at least people around can print again! Luckily VoIP is handled out of the VPN.\n","permalink":"https://www.marcfargas.com/2008/07/ip-tunnel-over-ssh-with-tun/","summary":"Today I had some connection problems in one of our offices, so I needed to connect in some alternative way. A good moment for experimenting\u0026hellip; The alternative connection was my laptop acting as a router connected with my mobile phone via bluetooth.\nThe problem\u0026rsquo;s come with the VPN connections, IPSec is nice, but you can hate it on lots of things\u0026hellip; i.e. all tunnels are setup using static ip addresses so in order to use the alternate connection (dynamic IP) I need to change the ipsec config of the other offices.","title":"Ip Tunnel Over Ssh With Tun"},{"content":"Ok, as you may have noticed I\u0026rsquo;m running Wordpress.\nAlthough I\u0026rsquo;m a big fan of Django and I really enjoy developing sites with it, I just realised I do not have time to \u0026ldquo;build\u0026rdquo; my own website, neither to write up a blog app (I know, there are many out there). So I decided I\u0026rsquo;d try to live with Wordpress for some time, \u0026hellip;\nThat just has a few problems\u0026hellip; My server (marcfargas.com) has no PHP, and no MySQL! So I have to run the blog on a subdomain which is hosted in Dreamhost (I have an account here for other stuff).\nSo, Djangonauts, forgive me for using Wordpress ;)\nNOTE to RSS Subscribers: I plan to write in either Spanish, Catalan or English. Posts in either language will be categorized so you can subscribe only to the language you want. See links at the right.\n","permalink":"https://www.marcfargas.com/2008/07/wordpress-in-the-meantime/","summary":"Ok, as you may have noticed I\u0026rsquo;m running Wordpress.\nAlthough I\u0026rsquo;m a big fan of Django and I really enjoy developing sites with it, I just realised I do not have time to \u0026ldquo;build\u0026rdquo; my own website, neither to write up a blog app (I know, there are many out there). So I decided I\u0026rsquo;d try to live with Wordpress for some time, \u0026hellip;\nThat just has a few problems\u0026hellip; My server (marcfargas.","title":"Wordpress in the Meantime"},{"content":"We know Microsoft likes to be ambiguous, I just got this on MS Excel Help (In Spanish):\nSi a1 es VERDADERO o se omite, ref se interpreta como una referencia estilo A1. Si a1 es FALSO o se omite, ref se interpreta como una referencia estilo L1C1. This can be translated to:\nIf a1 is TRUE or omitted, ref is interpreted as a reference of style A1. If a1 is FALSE or omitted, ref is interpreted as a reference of style L1C1. Now, the big question is, if a1 is omited how will ref be interpreted?\nThe Online Help (English version) is correct, somebody wanted to confuse Spanish users! ;)\n(Online version of Office Help available here)\n","permalink":"https://www.marcfargas.com/2008/02/ms-excel-help-little-gem/","summary":"We know Microsoft likes to be ambiguous, I just got this on MS Excel Help (In Spanish):\nSi a1 es VERDADERO o se omite, ref se interpreta como una referencia estilo A1. Si a1 es FALSO o se omite, ref se interpreta como una referencia estilo L1C1. This can be translated to:\nIf a1 is TRUE or omitted, ref is interpreted as a reference of style A1. If a1 is FALSE or omitted, ref is interpreted as a reference of style L1C1.","title":"Ms Excel Help Little Gem"},{"content":"A friend of mine has a nice MythTV box on his bedroom. Suddently the box decided to not open outgoing connections anymore\u0026hellip; I say outgoing because I could still connect to it from my home.\nI could not find out what was last changed, maybe an aptitude upgrade or did he change ISP?\nAfter some time looking around the only thing I could find out was a small difference between a SYN packet send from a remote place and the SYN packets send by the broken system:\n22:56:47.855219 IP Banner.local.33509 \u0026gt; google.es.www: S 206185417:206185417(0) win 5840 \u0026lt;mss 1460,sackOK,timestamp 218414628 0,nop,wscale 5\u0026gt; 23:24:16.072713 IP golfos.net.42742 \u0026gt; Banner.local.ssh: S 1705835822:1705835822(0) win 5840 \u0026lt;mss 1460,sackOK,timestamp 5636642 0,nop,wscale 4\u0026gt; You see, his box was sending wscale 5 and remote sites sent wscale 4, google, google, more google until I read this:\n I think OpenBSD\u0026rsquo;s claim (they did have the bug and probably still do for all that I know) was that they wanted to make their firewalling \u0026ldquo;stateless\u0026rdquo; source.\n Maybe the router does not know what wscale means? I disabled the router\u0026rsquo;s firewall completelly (I was sure I already did this\u0026hellip;) and suddently everything worked fine\u0026hellip;\nSure, I have to read more about windows scaling and try to understand what is wrong with the router\u0026rsquo;s firewall but for now: things work.\n","permalink":"https://www.marcfargas.com/2008/01/outgoing-connections-from-linux-not-working/","summary":"A friend of mine has a nice MythTV box on his bedroom. Suddently the box decided to not open outgoing connections anymore\u0026hellip; I say outgoing because I could still connect to it from my home.\nI could not find out what was last changed, maybe an aptitude upgrade or did he change ISP?\nAfter some time looking around the only thing I could find out was a small difference between a SYN packet send from a remote place and the SYN packets send by the broken system:","title":"Outgoing connections from Linux not working"},{"content":"Hi there,\nThis is a first post just to make sure something appears there. I created this blog just to see if my Nokia N95 can publish stuff there via Lifeblog or Share Online. But it doesn\u0026rsquo;t seem to like Google as it won\u0026rsquo;t publish to Blogger, neither Picassa\u0026hellip; Just flickr, Vox and Typepad\u0026hellip;\nMaybe that changes someday. But atleast I have a place to take notes of public interest.\nThat is, a place to say things like: GNOME rocks, Debian rocks even more, my N95 is awesome\u0026hellip; or things like that.\n","permalink":"https://www.marcfargas.com/2007/10/trying-blogger/","summary":"Hi there,\nThis is a first post just to make sure something appears there. I created this blog just to see if my Nokia N95 can publish stuff there via Lifeblog or Share Online. But it doesn\u0026rsquo;t seem to like Google as it won\u0026rsquo;t publish to Blogger, neither Picassa\u0026hellip; Just flickr, Vox and Typepad\u0026hellip;\nMaybe that changes someday. But atleast I have a place to take notes of public interest.","title":"Trying Blogger"}]