| Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next

C[omp]ute

Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

C-ORM: docs, API.

Last 100 entries

Bicycle Wheels, Inertia, and Energy; Another Tax Fraud; Google's Borg; A Verion That Redirects To Local HTTP Server; Spanish Accents For Idiots; Aluminium Cans; Advice on Spray Painting; Female View of Online Chat From a Male; UX Reading List; S4 Subgroups - Geometric Interpretation; Fucking Email; The SQM Affair For Idiots; Using Kolmogorov Complexity; Oblique Strategies in bash; Curses Tools; Markov Chain Monte Carlo Without all the Bullshit; Email Para Matias Godoy Mercado; The Penta Affair For Idiots; Example Code To Create numpy Array in C; Good Article on Bias in Graphic Design (NYTimes); Do You Backup github?; Data Mining Books; SimpleDateFormat should be synchronized; British Words; Chinese Govt Intercepts External Web To DDOS github; Numbering Permutations; Teenage Engineering - Low Price Synths; GCHQ Can Do Whatever It Wants; Dublinesque; A Cryptographic SAT Solver; Security Challenges; Word Lists for Crosswords; 3D Printing and Speaker Design; Searchable Snowden Archive; XCode Backdoored; Derived Apps Have Malware (CIA); Rowhammer - Hacking Software Via Hardware (DRAM) Bugs; Immutable SQL Database (Kinda); Tor GPS Tracker; That PyCon Dongle Mess...; ASCII Fluid Dynamics; Brandalism; Table of Shifter, Cassette and Derailleur Compatability; Lenovo Demonstrates How Bad HTTPS Is; Telegraph Owned by HSBC; Smaptop - Sunrise (Music); Equation Group (NSA); UK Torture in NI; And - A Natural Extension To Regexps; This Is The Future Of Religion; The Shazam (Music Matching) Algorithm; Tributes To Lesbian Community From AIDS Survivors; Nice Rust Summary; List of Good Fiction Books; Constructing JSON From Postgres (Part 2); Constructing JSON From Postgres (Part 1); Postgres in Docker; Why Poor Places Are More Diverse; Smart Writing on Graceland; Satire in France; Free Speech in France; MTB Cornering - Where Should We Point Our Thrusters?; Secure Secure Shell; Java Generics over Primitives; 2014 (Charlie Brooker); How I am 7; Neural Nets Applied to Go; Programming, Business, Social Contracts; Distributed Systems for Fun and Profit; XML and Scheme; Internet Radio Stations (Curated List); Solid Data About Placebos; Half of Americans Think Climate Change Is a Sign of the Apocalypse; Saturday Surf Sessions With Juvenile Delinquents; Ssh, tty, stdout and stderr; Feathers falling in a vacuum; Santiago 30m Bike Route; Mapa de Ciclovias en Santiago; How Unreliable is UDP?; SE Santiago 20m Bike Route; Cameron's Rap; Configuring libxml with Eclipse; Reducing Combinatorial Complexity With Occam - AI; Sentidos Comunes (Chilean Online Magazine); Hilary Mantel: The Assassination of Margaret Thatcher - August 6th 1983; NSA Interceptng Gmail During Delivery; General IIR Filters; What's happening with Scala?; Interesting (But Largely Illegible) Typeface; Retiring Essentialism; Poorest in UK, Poorest in N Europe; I Want To Be A Redneck!; Reverse Racism; The Lost Art Of Nomography; IBM Data Center (Photo); Interesting Account Of Gamma Hack; The Most Interesting Audiophile In The World; How did the first world war actually end?; Ky - Restaurant Santiago; The Black Dork Lives!; The UN Requires Unaninmous Decisions; LPIR - Steganography in Practice

© 2006-2015 Andrew Cooke (site) / post authors (content).

Blocking MAC addresses with OpenSuse Firewall

From: andrew cooke <andrew@...>

Date: Tue, 27 Apr 2010 20:00:31 -0400

OpenSuse contains a nice wrapper for iptables, accessed via Yast.
Unfortunately, it doesn't have an option for blocking specific MAC addresses
and sometimes this is useful (a MAC address can be changed, but most people
won't know how, so this is useful for blocking specific leeches while leaving
a wifi open to infrequent casual use, for example).

Although blocking MAC addresses isn't supported directly by the Yast wrapper,
you do have the ability to call an additional "custom script", and the
iptables command can be added there.

First, you must enable the custom wrapper.  The simplest way is to edit
/etc/sysconfig/SuSEfirewall2 and uncomment the line

FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"

(alternatively you can do this via Yast in the system settings, but I find
that a bit fiddly to use).

Once that is enabled, edit that file and modify the second function as
follows:

fw_custom_after_antispoofing() {

  for target in LOG DROP; do
    for chain in input_ext input_dmz input_int forward_int forward_ext forward_dmz; do
      iptables -A $chain -m mac --mac-source 00:16:cf:2c:d4:ee -j $target
    done
  done

  true
}

(changing the MAC address as appropriate).  You can get the MAC address by
running wireshark (aka ethereal) or if it's Wifi, kismet.

Once those changes are made, restart the firewall (easiest way is from inside
Yast - there's a "save settings and restart" button).

Andrew

A Verion That Redirects To Local HTTP Server

From: andrew cooke <andrew@...>

Date: Thu, 16 Apr 2015 20:47:26 -0300

for mac in "70:f1:a1:e3:xx:xx" "00:22:5f:a7:xx:xx" "2c:81:58:f3:xx:xx" \
             "cc:52:af:98:xx:xx" "8c:3a:e3:42:xx:xx" "c4:6e:1f:14:xx:xx"; do
    iptables -t nat -A PREROUTING -p tcp -m mac --mac-source $mac \
             --dport 80 -j DNAT --to 10.1.0.9:80
    for chain in input_ext input_int forward_ext forward_int; do
      iptables -A $chain -m mac --mac-source $mac -j LOG
      iptables -A $chain -p tcp --dport 80 -m mac --mac-source $mac -j ACCEPT
      iptables -A $chain -p tcp -m mac --mac-source $mac -j DROP
      iptables -A $chain -p udp --dport 53 -m mac --mac-source $mac -j ACCEPT
      iptables -A $chain -p udp -m mac --mac-source $mac -j DROP
    done
  done

Where there's a page on 10.1.0.9:80 explaining that you've been blocked from
the network.

Andrew

Comment on this post