yaleman.org

Lego City Advent Calendar 2014 Day 3

Posted on December 2, 2014 · 1 min reading time

Frosty the snow man!

[Read More]

Lego Star Wars Advent Calendar 2014 Day 3

Posted on December 2, 2014 · 1 min reading time

A laser turret, ready to defend our forces!

[Read More]

Lego City Advent Calendar 2014 Day 2

Posted on December 1, 2014 · 0 min reading time

[Read More]

Lego Star Wars Advent Calendar 2014 Day 2

Posted on December 1, 2014 · 1 min reading time

A B2 Super Battle Droid

This is the second B2 Super Battle Droid we’ve been given, the first one was on Day 21 of the 2012 Star Wars Advent Calendar 🙂

[Read More]

Lego City Advent Calendar 2014 Day 1

Posted on November 30, 2014 · 1 min reading time

A young man off to the post office

[Read More]

Lego Star Wars Advent Calendar 2014 Day 1

Posted on November 30, 2014 · 0 min reading time

[Read More]

Scripted mass-creation of WordPress posts

Posted on November 23, 2014 · 3 mins reading time

So, the last couple of years I’ve been posting the Advent Calendar set of the day from the LEGO Star Wars and LEGO City box sets. The most mind-numbing part of this was creating the page and tagging it each day, so this year I decided to pre-populate the system with the posts ahead of time.

I leveraged some information on the net and a terrible PHP script, listed below. Whatever you do, I wouldn’t recommend using this on a production system without FIRMLY understanding what’s going on 🙂

[Read More]

proFTPd timing out while requesting LIST

Posted on November 14, 2014 · 2 mins reading time

In the process of locking down our servers we’ve been setting up host-based firewalls on one of our internal FTP servers.

The default thing was to deny access to everything but ICMP and SSH, good start.

Our first command was to only allow a given host access to port 21, FTP:

sudo iptables -I INPUT 1 -s 10.1.2.3 -p tcp -m tcp --dport 21 -j ACCEPT

This allows the client to connect:

[Read More]

splunk SDK notes

Posted on October 25, 2014 · 1 min reading time

Here’s an annoying one when building a custom splunk search command using the python SDK:

"Error in 'script': Getinfo probe failed for external search command 'testscript'"

This mean you have:

"supports_getinfo = true" set in commands.conf for that particular command
failed to set a docstring for one of the splunk elements within the command.
1. Check your instances of Option and set doc=""
2. Set a docstring for the class itself, but you already did that anyhow, didn’t you? 🙂

Another issue that may occur is this one:

[Read More]

Hairpin NAT on Mikrotik v6.19

Posted on October 23, 2014 · 2 mins reading time

So, when you have services available to the world through your external address/hostname, it’s nice to be able to access them via that as well. “Hairpinning” or Hairpin NAT is the term for the NAT redirection required to make this work.

Update 14/3/16: It’s been raised to me that it’s best to use split-DNS for this particular example, but it’s designed to be a simple one for documentation purposes. There’s much better ways of solving the problem, but:

you don’t always control DNS,
the service might be entirely IP-based - like IPsec,
the service might have different internal ports to what’s externally facing (and can’t be reconfigured)

Amongst a whole host of other reasons. Just trust me 😉

[Read More]