zhasper2.0

Simple task: set up my wrt-54g (run­ning open­wrt) with miniupnpdlinuxigd so that “Back To My Mac” works[1].

miniupnpdlinuxigd: trivial. Click a few but­tons to enable it, done. I tried miniupnpd first; but althought it ini­tially looked good, I couldn’t get it to work consistently.

How­ever, that’s when I start get­ting the MobileMe pre­fpane telling me that BTMM couldn’t start because “Your DNS server isn’t respond­ing”. A little bit of search­ing on Google finds me pages like this one, which baldly state that “Back to My Mac isn’t com­pat­ible with dnsmasq.”

Well, dear inter­nets, I’m here to tell you that you are wrong. BTMM is per­fectly com­pat­ible with dns­masq. Sure,openwrt’s default set­tings don’t work, but that doesn’t make the two incompatible.

It did take me a while to fig­ure out what was going on. The clue also came from Apple’s for­ums, which told me to do this:

betelgeuse:~ james$ echo "show State:/Network/BackToMyMac" | scutil
<dictionary> {
  zhasper.members.mac.com : <dictionary> {
    ExternalAddress : 143.211.101.234
    StatusMessage : GetZoneData failed: _afpovertcp._tcp.username.members.mac.com.
    AutoTunnelExternalPort : 4500
    StatusCode : -65554
    LLQExternalPort : 5353
    RouterAddress : 192.168.0.1
    LastNATMapResultCode : 0
  }
}

The vital clue was the StatusMes­sage, which tells you exactly which DNS lookup failed. The import­ant thing is that the host­name starts with an underscore.

Take a look at the dns­masq man page, spe­cific­ally the filterwin2k option. Once upon a time, SRV records (and records with under­scores) really were a sign that you had win2k machines on your net­work. Once upon a time, “trig­ger­ing dial-on-demand links” was actu­ally some­thing to be wor­ried about. Those times are long past.

I turned this option off (vi /etc/dnsmasq.conf, add a # at the start of that line to com­ment the option out, save the file, and run /etc/init.d/S65dnsmasq to restart the ser­vice). As expec­ted BTMM now works fine. Well, as fine as you could expect.

[1] I’m ideo­lo­gic­ally opposed to all things UPnP, and BTMM in par­tic­u­lar. What’s the point of hav­ing a fire­wall if you’re going to allow everything inside to poke so many holes in it it may as well not be there? There’s noth­ing BTMM can give me that a small fire­wall hole (to allow SSH on a non-standard port) + ssh port­for­ward­ing can’t give me in a more con­trolled way — and without shelling out $$$ to Uncle Steve, too. Nevertheless…

Also — how to make it self-destruct in <10 invalid passcode attempts.

Shtep One: Down­load the iPhone Con­fig­ur­a­tion Util­ity from Apple

Shtep Two: Futz with the Stuffz

Not shown: there’s an option at the bot­tom where you can stip­u­late self-wipe after as little as 5 incor­rect pass­phrase attempts.

Shtep 3: Upload con­fig as per instruc­tions in the “Installing Con­fig­ur­a­tion Pro­files” sec­tion of the Deploy­ment Guide.

Phdone.

I’ve noticed a trend where a lot of feeds are includ­ing large blocky ads at the bot­tom of each feed item. I can live with that; a little ugly, but I can skip them easily.

Today I saw some­thing new:

That’s right: two com­plete posts con­sist­ing of noth­ing more than the same ad.

Scrolling down shows me that the very next item is exactly the same add from “The Fail Blog”, another site oper­ated by the same company.

Ads with con­tent I can stand. Ads without con­tent?  *unsubscribe*

I just bought myself a QNAP TS-409 Pro from Sky­comp. Very happy with both the device and Sky­comp so far.

How­ever, the ini­tial setup was a struggle.

The device has a very lim­ited openwrt-style firm­ware. Very, very lim­ited: it con­tains the bare min­imum func­tion­al­ity to be able to boot­strap the device with a more cap­able OS once you have disks installed.

The doc­u­mented way of doing this is via a “QuickIn­stall Wiz­ard”, that comes on a provided CD in Mac and Win­dows fla­vors. I only have Macs on my home net­work, so the win­dows fla­vor wasn’t useable for me. The Mac fla­vor is… inter­est­ing. I ran into the prob­lem described here: In short, the full firm­ware isn’t pushed until after the drives are ini­ti­ated; but the Wiz­ard gets stuck at the “Ini­tial­iz­ing drives” stage, so the full firm­ware is never pushed.

I got around it using these instruc­tions — they’re described as being “For linux”, but as it just uses basic tools like tel­net and ftpd, it will work on any *nix.

Some notes:

• Obvi­ously, had to enable file shar­ing via FTP on my mac first. Did this under “Shar­ing” pre­fpane, “File Shar­ing”, “Share files and folders using FTP”. As the warn­ing states, this involves trans­mit­ting your user­name and pass­word in cleartext: only enable this if you’re con­fid­ent you’ll only be trans­mit­ting them across a safe net­work. Bet­ter, use a username/password you cre­ated just for this pur­pose; which has no spe­cial priv­ileges, and which will be turned off as soon as you’re done.
• Out of the box, the device listens for tel­net con­nec­tions on port 13131. User­name and pass­word are “admin”.
• Once you’ve suc­cess­fully updated the firm­are and rebooted, you won’t find a tel­netd on 13131 any more. THIS IS NOT AN ERROR, DON’T PANIC. Instead, you’ll find an sshd listen­ing on port 22.
• You’ll also find a web inter­face listen­ing on port 8080. If you visit that, you can start the pro­cess of set­ting up the device.
• It may be help­ful to have let the wiz­ard run at least to the “Ini­tial­iz­ing drives” stage at least once. After I thought I knew what I was doing I switched to a new set of disks and tried again; and this time the hard drives weren’t moun­ted at all, so I couldn’t go through the doc­u­mented process.

It’s not clear from the doc­u­ment­a­tion, but the device cre­ates a RAID-1 seg­ment 500Mb in size on each disk you insert (/dev/md9 in my case), and mounts this on /mnt/HDA_ROOT. This is where con­figs for the device, pack­ages you install, and so on are stored.

The device can handle mul­tiple raid­sets — although with only 4 disks to play with, you’re not likely to end up with >2 sets. In my cause I cur­rently have 3 1Tb drives in a RAID-5 set, and a single 500Gb disk sit­ting on its own.

Same view, 1920.

View Lar­ger Map

That’s the Power­house Museum, loc­ated between Pyr­mont and Ultimo. If you could hover above it in a heli­copter, the view would look some­thing like this:

Ima­gine if you could magic­ally click a link and jump back in time, and see the same view from some­time between 1900 and 1939…

If you’re lost: in the older pic­ture, look bey­ond the chim­ney­stack, and just to the left. Imme­di­ately bey­ond the chim­ney is a vacant block of land; at the top end of this is a short road, which has on the right a not-quite-right-angle corner. The road then con­tin­ues up the pic­ture — but it’s not quite straight, it bends a little to the right. If you look at the mod­ern pic­ture, you can see the same not-quite-right-angle corner and the same not-quite-straight road — although now the West­ern Dis­trib­utor flys across the not-quite-straight road.

See the large build­ing inside the block bounded by the not-quite-straight road? That build­ing is Global Switch Sydney — built in the last days of “Build it and they will come”. It’s only in the last few years that it’s start­ing to reach full capacity.

The rail­way line vis­ible in the earlier pic­ture was the Darling Har­bour Goods line, which formed the first part of the Met­ro­pol­itan Goods Rail­way Line. It’s now used as the Metro Light Rail line.

Talk­ing to a work­mate who has a sick cat led to look­ing at Med­ibank Private’s pet cover.

This led to the source of (appar­ently) all pet insur­ance in Aus­tralia; which then led to com­par­ison shop­ping between the vari­ous resellers.

The dif­fer­ences are amus­ing, but annoy­ing. One provides 15k total cover; but only $500 for tick para­lysis. Another only offers 9k total cover; but removes the restric­tions on what per­cent­age of that can be used for drugs/medication vs how much is for dental care. None of them cover treat­ment for leuk­emia in cats; but some add an addi­tional clause declin­ing to cover any con­di­tion for which there is a vaccine.

I’d like to go with the RSPCA - if someone has to make a profit, they seem like a bet­ter choice than some of the for-profit com­pan­ies. But the lim­its are half that provided by Med­ibank, while the premi­ums are double. Sure you can skim profit off the top, but that doesn’t mean I want you to gouge me for every cent I own.

Gah. Choices, that aren’t really choices. Just what I wanted.

I was in the super­mar­ket get­ting some laun­dry powder last night and noticed some­thing really strange: every single brand of con­cen­trated laun­dry powder was advert­ising on their pack­aging the fact that they’re about to be relaunched in a new ver­sion. The new powders are all going to be 2x as con­cen­trated, and most brands made a big deal out of the fact that the new pack­aging will there­fore be half the size.

Golly. Every brand? All at once? All decid­ing to redo their for­mu­la­tion, redo their pack­aging, and retool their man­u­fac­tur­ing plants, all with identical changes to for­mu­la­tion and pack­aging, all at the same time? Unpossible!

You’d almost think that every brand of powder was actu­ally exactly the same, made at the same plant, and just pack­aged slightly dif­fer­ently. But that would surely never happen!

Lind­say did an excel­lent blog post yes­ter­day titled “Everything old is new again”, about the re-emergence of multi-dimensioned databases.

Great title, but just to prove his point, it applies even bet­ter to a post he shared on Google Reader a few days ago, writ­ten by Kurt Schrader and titled “Liv­ing in a Post Rails World”. To quote that post:

I think that the Ruby world is even­tu­ally going to end up in a model like this, writ­ing small simple apps that all talk to each other, and can be replaced or upgraded at any time.

<snip two paragraphs>

All of my hard/long run­ning logic is well tested, encap­su­lated, and most likely run­ning in little agents on the wire.

Sound famil­iar? It should. Kurt has re-discovered the same prin­ciples that the Holy Fath­ers of Unix dis­covered, over a quarter of a cen­tury ago. Doug McIl­roy, circa 1978:

(i) Make each pro­gram do one thing well. To do a new job, build afresh rather than com­plic­ate old pro­grams by adding new features.

(ii) Expect the out­put of every pro­gram to become the input to another, as yet unknown, pro­gram. Don’t clut­ter out­put with extraneous inform­a­tion. Avoid strin­gently colum­nar or bin­ary input formats. Don’t insist on inter­act­ive input.

Later, he sim­pli­fied it:

This is the Unix philo­sophy: Write pro­grams that do one thing and do it well. Write pro­grams to work together. Write pro­grams to handle text streams, because that is a uni­ver­sal interface.

Of course, Henry Spen­cer said it the best:

Those who don’t under­stand UNIX are con­demned to rein­vent it, poorly.