Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next


Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

C-ORM: docs, API.

Last 100 entries

[Programming,Exercise] Simple Timer Script; [News] 2019: The year revolt went global; [Politics] The world's most-surveilled cities; [Bike] Hope Freehub; [Restaurant] Mama Chau's (Chinese, Providencia); [Politics] Brexit Podcast; [Diary] Pneumonia; [Politics] Britain's Reichstag Fire moment; GPS Vehicle Tracking for Cat Soft LLC; install cairo; Credit Card Processing for Cat Soft LLC; [Programming] GCC Sanitizer Flags; VOIP quote for Cat Soft LLC; Copier Quotes for Cat Soft LLC; Costs; [GPU, Programming] Per-Thread Program Counters; Now Is Cat Soft LLC's Chance To Save Up To 32% On Mail; My Bike Accident - Looking Back One Year; [Python] Geographic heights are incredibly easy!; [Cooking] Cookie Recipe; Efficient, Simple, Directed Maximisation of Noisy Function; And for argparse; Bash Completion in Python; [Computing] Configuring Github Jekyll Locally; [Maths, Link] The Napkin Project; You can Masquerade in Firewalld; [Bike] Servicing Budget (Spring) Forks; [Crypto] CIA Internet Comms Failure; [Python] Cute Rate Limiting API; [Causality] Judea Pearl Lecture; [Security, Computing] Chinese Hardware Hack Of Supermicro Boards; SQLAlchemy Joined Table Inheritance and Delete Cascade; [Translation] The Club; [Computing] Super Potato Bruh; [Computing] Extending Jupyter; Further HRM Details; [Computing, Bike] Activities in ch2; [Books, Link] Modern Japanese Lit; What ended up there; [Link, Book] Logic Book; Update - Garmin Express / Connect; Garmin Forerunner 35 v 230; [Link, Politics, Internet] Government Trolls; [Link, Politics] Why identity politics benefits the right more than the left; SSH Forwarding; A Specification For Repeating Events; A Fight for the Soul of Science; [Science, Book, Link] Lost In Math; OpenSuse Leap 15 Network Fixes; Update; [Book] Galileo's Middle Finger; [Bike] Chinese Carbon Rims; [Bike] Servicing Shimano XT Front Hub HB-M8010; [Bike] Aliexpress Cycling Tops; [Computing] Change to ssh handling of multiple identities?; [Bike] Endura Hummvee Lite II; [Computing] Marble Based Logic; [Link, Politics] Sanity Check For Nuclear Launch; [Link, Science] Entropy and Life; [Link, Bike] Cheap Cycling Jerseys; [Link, Music] Music To Steal 2017; [Link, Future] Simulated Brain Drives Robot; [Link, Computing] Learned Index Structures; Solo Air Equalization; Update: Higher Pressures; Psychology; [Bike] Exercise And Fuel; Continental Race King 2.2; Removing Lowers; Mnesiacs; [Maths, Link] Dividing By Zero; [Book, Review] Ray Monk - Ludwig Wittgenstein: The Duty Of Genius; [Link, Bike, Computing] Evolving Lacing Patterns; [Jam] Strawberry and Orange Jam; [Chile, Privacy] Biometric Check During Mail Delivery; [Link, Chile, Spanish] Article on the Chilean Drought; [Bike] Extended Gear Ratios, Shimano XT M8000 (24/36 Chainring); [Link, Politics, USA] The Future Of American Democracy; Mass Hysteria; [Review, Books, Links] Kazuo Ishiguro - Never Let Me Go; [Link, Books] David Mitchell's Favourite Japanese Fiction; [Link, Bike] Rear Suspension Geometry; [Link, Cycling, Art] Strava Artwork; [Link, Computing] Useful gcc flags; [Link] Voynich Manuscript Decoded; [Bike] Notes on Servicing Suspension Forks; [Links, Computing] Snap, Flatpack, Appimage; [Link, Computing] Oracle is leaving Java (to die); [Link, Politics] Cubans + Ultrasonics; [Book, Link] Laurent Binet; VirtualBox; [Book, Link] No One's Ways; [Link] The Biggest Problem For Cyclists Is Bad Driving; [Computing] Doxygen, Sphinx, Breathe; [Admin] Brokw Recent Permalinks; [Bike, Chile] Buying Bearings in Santiago; [Computing, Opensuse] Upgrading to 42.3; [Link, Physics] First Support for a Physics Theory of Life; [Link, Bike] Peruvian Frame Maker; [Link] Awesome Game Theory Tit-For-Tat Thing; [Food, Review] La Fabbrica - Good Italian Food In Santiago

© 2006-2017 Andrew Cooke (site) / post authors (content).

OpenSuse Leap 15 Network Fixes

From: andrew cooke <andrew@...>

Date: Sat, 23 Jun 2018 14:58:34 -0400

I just updated from Leap 42.3 to 15.0 (no idea why the numbering

Since I have had the same config that is updated over the years things
slowly slide into disuse.  This time the networking side took a hit.
Here's what I had to do to get things working again:

* ifconfig has disappeared, so use "ip a" instead.

* My network is pppoe (yeah).  That seems to need restarting explcitly
  but still works (systemd start ppp@...).  I still need to
  understand why this doesn't auto-start.

* Both named and dhcpd seemed to be uninstalled.  So I re-installed
  them and restarted them.  The dhcpd config was moved so had to be
  copied back (/etc/dhcpd.config.rpmsave or similar).

* /etc/resolv.conf seemed to have changed, so copied the netconfig
  version into its place.

* The Firewall has changed.  Yast now delegates to firewalld, but there
  is no text GUI so Yast gives a disturbing message.  What you need to
  do is:

  * Install firewalld, firewall-config and firewall-cmd

  * systemctl start firewalld

  * Run firewall-config and put the local interface in internal
    (the one running and the remote interface (ppp0 in
    my case) in external.  Then enable approriate services in
    internal (and none in external).  Enable masquerading on the
    internal too.

  * There's a "runtime" and "permanent" mode.  You do things in
    runtime first to make sure it works but then seem to have to
    duplicate everything in permanent to make it stick across
    firewall restarts.

  * To get full masquerading you need to follow the incantations

    firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o eth_ext -j MASQUERADE
    firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_int -o eth_ext -j ACCEPT
    firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_ext -o eth_int -m state --state RELATED,ESTABLISHED -j ACCEPT

    To make those stick, once they appear to work:

    firewall-cmd --direct --permanent --add-rule ipv4 nat POSTROUTING 0 -o eth_ext -j MASQUERADE
    firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i eth_int -o eth_ext -j ACCEPT
    firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i eth_ext -o eth_int -m state --state RELATED,ESTABLISHED -j ACCEPT

With all that, things seem to work.


PS Also, the schumacher clean font has changed, making terminals ugly.

SSH Forwarding

From: andrew cooke <andrew@...>

Date: Wed, 11 Jul 2018 20:39:36 -0400

To open port XX to ssh on 22:

  firewall-cmd --zone=external --add-port=XX/tcp
  firewall-cmd --zone=external --add-forward-port=port=XX:proto=tcp:toport=22

with --permanent for permanent


You can Masquerade in Firewalld

From: andrew cooke <andrew@...>

Date: Sun, 18 Nov 2018 13:10:27 -0300

There's no need for the --direct rules above, just enable masquerading
in firewall-config.

I have no idea why I didn't do this originally - I think I tried it
and it didn't work, but it does know so...


Comment on this post