Andrew Cooke | Contents | Latest | RSS | Previous | Next

C[omp]ute

Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Choochoo Training Diary

Last 100 entries

Surprise Paradox; [Books] Good Author List; [Computing] Efficient queries with grouping in Postgres; [Computing] Automatic Wake (Linux); [Computing] AWS CDK Aspects in Go; [Bike] Adidas Gravel Shoes; [Computing, Horror] Biological Chips; [Books] Weird Lit Recs; [Covid] Extended SIR Models; [Art] York-based Printmaker; [Physics] Quantum Transitions are not Instantaneous; [Computing] AI and Drum Machines; [Computing] Probabilities, Stopping Times, Martingales; bpftrace Intro Article; [Computing] Starlab Systems - Linux Laptops; [Computing] Extended Berkeley Packet Filter; [Green] Mainspring Linear Generator; Better Approach; Rummikub Solver; Chilean Poetry; Felicitations - Empowerment Grant; [Bike] Fixing Spyre Brakes (That Need Constant Adjustment); [Computing, Music] Raspberry Pi Media (Audio) Streamer; [Computing] Amazing Hack To Embed DSL In Python; [Bike] Ruta Del Condor (El Alfalfal); [Bike] Estimating Power On Climbs; [Computing] Applying Azure B2C Authentication To Function Apps; [Bike] Gearing On The Back Of An Envelope; [Computing] Okular and Postscript in OpenSuse; There's a fix!; [Computing] Fail2Ban on OpenSuse Leap 15.3 (NFTables); [Cycling, Computing] Power Calculation and Brakes; [Hardware, Computing] Amazing Pockit Computer; Bullying; How I Am - 3 Years Post Accident, 8+ Years With MS; [USA Politics] In America's Uncivil War Republicans Are The Aggressors; [Programming] Selenium and Python; Better Walking Data; [Bike] How Fast Before Walking More Efficient Than Cycling?; [COVID] Coronavirus And Cycling; [Programming] Docker on OpenSuse; Cadence v Speed; [Bike] Gearing For Real Cyclists; [Programming] React plotting - visx; [Programming] React Leaflet; AliExpress Independent Sellers; Applebaum - Twilight of Democracy; [Politics] Back + US Elections; [Programming,Exercise] Simple Timer Script; [News] 2019: The year revolt went global; [Politics] The world's most-surveilled cities; [Bike] Hope Freehub; [Restaurant] Mama Chau's (Chinese, Providencia); [Politics] Brexit Podcast; [Diary] Pneumonia; [Politics] Britain's Reichstag Fire moment; install cairo; [Programming] GCC Sanitizer Flags; [GPU, Programming] Per-Thread Program Counters; My Bike Accident - Looking Back One Year; [Python] Geographic heights are incredibly easy!; [Cooking] Cookie Recipe; Efficient, Simple, Directed Maximisation of Noisy Function; And for argparse; Bash Completion in Python; [Computing] Configuring Github Jekyll Locally; [Maths, Link] The Napkin Project; You can Masquerade in Firewalld; [Bike] Servicing Budget (Spring) Forks; [Crypto] CIA Internet Comms Failure; [Python] Cute Rate Limiting API; [Causality] Judea Pearl Lecture; [Security, Computing] Chinese Hardware Hack Of Supermicro Boards; SQLAlchemy Joined Table Inheritance and Delete Cascade; [Translation] The Club; [Computing] Super Potato Bruh; [Computing] Extending Jupyter; Further HRM Details; [Computing, Bike] Activities in ch2; [Books, Link] Modern Japanese Lit; What ended up there; [Link, Book] Logic Book; Update - Garmin Express / Connect; Garmin Forerunner 35 v 230; [Link, Politics, Internet] Government Trolls; [Link, Politics] Why identity politics benefits the right more than the left; SSH Forwarding; A Specification For Repeating Events; A Fight for the Soul of Science; [Science, Book, Link] Lost In Math; OpenSuse Leap 15 Network Fixes; Update; [Book] Galileo's Middle Finger; [Bike] Chinese Carbon Rims; [Bike] Servicing Shimano XT Front Hub HB-M8010; [Bike] Aliexpress Cycling Tops; [Computing] Change to ssh handling of multiple identities?; [Bike] Endura Hummvee Lite II; [Computing] Marble Based Logic; [Link, Politics] Sanity Check For Nuclear Launch; [Link, Science] Entropy and Life

© 2006-2017 Andrew Cooke (site) / post authors (content).

OpenSuse Leap 15 Network Fixes

From: andrew cooke <andrew@...>

Date: Sat, 23 Jun 2018 14:58:34 -0400

I just updated from Leap 42.3 to 15.0 (no idea why the numbering
changed).

Since I have had the same config that is updated over the years things
slowly slide into disuse.  This time the networking side took a hit.
Here's what I had to do to get things working again:

* ifconfig has disappeared, so use "ip a" instead.

* My network is pppoe (yeah).  That seems to need restarting explcitly
  but still works (systemd start ppp@...).  I still need to
  understand why this doesn't auto-start.

* Both named and dhcpd seemed to be uninstalled.  So I re-installed
  them and restarted them.  The dhcpd config was moved so had to be
  copied back (/etc/dhcpd.config.rpmsave or similar).

* /etc/resolv.conf seemed to have changed, so copied the netconfig
  version into its place.

* The Firewall has changed.  Yast now delegates to firewalld, but there
  is no text GUI so Yast gives a disturbing message.  What you need to
  do is:

  * Install firewalld, firewall-config and firewall-cmd

  * systemctl start firewalld

  * Run firewall-config and put the local interface in internal
    (the one running 10.1.0.0) and the remote interface (ppp0 in
    my case) in external.  Then enable approriate services in
    internal (and none in external).  Enable masquerading on the
    internal too.

  * There's a "runtime" and "permanent" mode.  You do things in
    runtime first to make sure it works but then seem to have to
    duplicate everything in permanent to make it stick across
    firewall restarts.

  * To get full masquerading you need to follow the incantations
    at https://www.centos.org/forums/viewtopic.php?t=53819:

    firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o eth_ext -j MASQUERADE
    firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_int -o eth_ext -j ACCEPT
    firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_ext -o eth_int -m state --state RELATED,ESTABLISHED -j ACCEPT

    To make those stick, once they appear to work:

    firewall-cmd --direct --permanent --add-rule ipv4 nat POSTROUTING 0 -o eth_ext -j MASQUERADE
    firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i eth_int -o eth_ext -j ACCEPT
    firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i eth_ext -o eth_int -m state --state RELATED,ESTABLISHED -j ACCEPT

With all that, things seem to work.

Andrew

PS Also, the schumacher clean font has changed, making terminals ugly.

SSH Forwarding

From: andrew cooke <andrew@...>

Date: Wed, 11 Jul 2018 20:39:36 -0400

To open port XX to ssh on 22:

  firewall-cmd --zone=external --add-port=XX/tcp
  firewall-cmd --zone=external --add-forward-port=port=XX:proto=tcp:toport=22

with --permanent for permanent

Andrew

You can Masquerade in Firewalld

From: andrew cooke <andrew@...>

Date: Sun, 18 Nov 2018 13:10:27 -0300

There's no need for the --direct rules above, just enable masquerading
in firewall-config.

I have no idea why I didn't do this originally - I think I tried it
and it didn't work, but it does know so...

Andrew

Comment on this post