Search theclapp.blog-city.com
Weekend wrapup, 4/30/07
My feet are cold, can I have some SOCKS?
I work at home and get in to the work network via a vpn. Part of the work network overlaps the client network, and then we have some more machines fully inside the client network. So: Work <-> Overlap <-> Client, and I have access to machines in all three areas. Now, we (my wife and I) have several machines of our own on our own LAN, with a VPN thrown in for the WiFi part. So networking between all this is fun.
I recently discovered SOCKS5, which makes it a lot easier to access client machines. Freecap is an Open Source "socksifier" for Windows, which made using several client tools a lot easier -- I could run them directly instead of via a Citrix server. But I also wanted to access the work/client network(s) from my desktop Linux box, and the socksifier I found (tsocks) basically assumed the opposite of what I wanted. That is, it assumed I was inside the firewall trying to get out whereas I was actually outside the firewall trying to get in. So you could specify local machines that didn't use SOCKS, remote networks that used a variety of SOCKS servers, and a default SOCKS server that everything else used. If a server wasn't local and you didn't give a default SOCKS server, you got an error.
I wanted to use SOCKS for two specific subnets, and ignore everything else, which meant I could easily configure those two networks as remote, but then I had to try to specify every other network as local. Well, I did it for one of them (a Class A or /8), and it was a classic Brute Force and Ignorance approach, because I don't know enough about netmasks to correctly generate the inverse or shadow of a class A address. So, for example, given A.0.0.0, I generated B.0.0.0 for 0 < B < 255 such that B != A. But that was a lot harder and annoying to do even using BFI for the other network, a Class C address. (Sure, three nested loops would have done it, but that would have sucked.)
So I downloaded the source to tsocks and fixed it. (Or broke it, depending on your point of view. :)
As I said, basically tsocks checked for a "local" specification, and if it didn't find one it checked for a "remote" spec, and if it found none it used the default SOCKS server, and if you didn't give a default it aborted with an error. I fixed the "abort" part to just continue on and not use SOCKS, and so then it did what I wanted.
Isn't Open Source fun? (Though I bet a commercial product would have done what I wanted from the get-go, cost me $20, and saved a couple of hours fiddling. Oh well. On the plus side, if I submit the patch to the author, maybe fewer people will run into this problem.)
Linux on a Mac
Just for kicks and to see if it would work, I copied my VMWare Linux "appliance" over to our mini-Mac and ran it there via VMWare's Fusion product for the Mac. It ran fine. Then I mounted my Windows machine's drive on the mini-Mac via SAMBA over WiFi and ran it that way. It ran ... less than quickly, but it ran. Probably not a configuration I'll use again, but it's good to know I can if I must, and the tradeoffs.
Spice Girl
My wife and I went to a plant festival in St. Pete and bought a few plants, among them a chili plant. We also restocked our yummy and wonderful Don's Lava Love from D&S Pepper Products, and discovered a new product of theirs, Pure Lava, pure crushed habanero, and had it on some leftover pizza that night. Mmmmm.
At the festival I got a cute little ceramic lambda. It's very functional.
Reindeer
We have a new member of the family (sort of). My wife will be working from home soon, or at least not from her office, and for various reasons we figured she'd need a laptop, so we got her one, a nice 2.33 GHz, 17" MacBook Pro. To complement our other machines (santa, rudolph, comet, donner, and vixen), we named it Blitzen. If this goes too much further we'll run out of reindeer and have to start with dwarves or something. Will it be Sleepy, Grumpy, etc, or Gimli, Gloin, etc? Only time will tell.
As an aside, buying a Mac laptop requires a lot less decision-making than a Windows laptop. First of all, there's only the one manufacturer, so there's no "Sony? Dell? IBM? er, Lenovo? ...", it's just Apple. Second, they only have, like, four models, so once you decide "I want the biggest screen you have" you're pretty much done.
VPNs
Since OSX and Windows support a PPTP VPN natively, I threw out OpenVPN and configured a PPTP-based VPN for all our WiFi-using machines.
So far the only annoyance is that the Mac PPTP VPN client doesn't auto-reconnect as soon as it wakes up from sleep mode, which OpenVPN did. (The Windows client might not, either, I just haven't tried it yet.) I think OpenVPN runs on OSX, so we may just switch back.
Linking
So I could link various keywords to some of the products I've mentioned, but hey, Google is your friend for most of them, and the few where it's not (like D&S Pepper), they're not online anywhere anyway.