Centroid.EU Blog

(this blog is mostly encrypted - adults only)

Wrote a patch for babel routing daemon

September 3rd, 2017

We noticed in freifunk franken that sometimes there is receive buffer overruns. I wrote a patch for babel that the size of the receive buffer is dynamic to the highest attainable value (within 2^x)..

--- kernel_netlink.c.orig	2017-09-03 10:45:54.000000000 +0200
+++ kernel_netlink.c	2017-09-03 11:02:55.000000000 +0200
@@ -232,11 +232,25 @@
 netlink_socket(struct netlink *nl, uint32_t groups)
 {
     int rc;
-    int rcvsize = 512 * 1024;
+    int rcvsize = 512;
+    int i;
 
     nl->sock = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+		
     if(nl->sock < 0)
-        return -1;
+	return -1;
+
+    /* get the highest attainable RCVBUF up to 1 << 30 */
+    for (i = rcvsize; i < (1 << 30); i <<= 1) {
+        rc = setsockopt(nl->sock, SOL_SOCKET, SO_RCVBUF,
+                        &i, sizeof(i));
+	
+	if (rc < 0) 
+		break;
+
+	rcvsize = i;
+    }
+    fprintf(stderr, "rcvsize set to %d\n", rcvsize);
 
     memset(&nl->sockaddr, 0, sizeof(nl->sockaddr));
     nl->sockaddr.nl_family = AF_NETLINK;

Hopefully its correct, I didn't test it.

0 comments

Cancelled supercluster for September 17, 2017

September 2nd, 2017

I have cancelled supercluster.virgostar.net for September 17th, 2017. After moving everything off it, it will be cancelled 2 weeks earlier than planned. That's just the billing cycle though. It's been a fun three years!

0 comments

The last leg of Summer 2017

September 1st, 2017

We have about 3 more weeks of summer left (officially). Last year I turned up the heat around October 4th, 2016. So I'm hoping to be doing that this year as well. Of course if it gets cold earlier I'll have to turn the heat up earlier. In about three weeks Germany has a federal election. So politics are gonna make the people crazy the next few weeks. Have a safe and happy September everybody!

0 comments

Please welcome this website to Germany

August 30th, 2017

I have moved this website to Germany. This is related to the last article which I have found myself just doing it. One more service off supercluster.

0 comments

Change has begun

August 30th, 2017

This morning I replaced the supercluster.virgostar.net nameserver with the psi.virgostar.net nameserver for all my domains. As I'm moving away from supercluster and will wrap up its participation in my network in November likely. I'm freeing up money by the end of the year and the reason that prompted this change was the new surveillance laws in the Netherlands that go into effect January 1st, 2018. I'll be long gone then and will think twice about my privacy when entering dutch territory again.

0 comments

Ordered three books

August 28th, 2017

I'm on vacation this week and partially next week. So I've ordered some reading material.

Steganographie in WLANs: Design und Implementierung - Kuehne, Tobias
Introduction to Modern Cryptography (Chapman & Hall/CRC Cryptography and Network Security Series) - Katz, Jonathan,Lindell, Yehuda
Mastering Bitcoin: Unlocking Digital Cryptocurrencies - Antonopoulos, Andreas

Lots of books involving encryption. No I don't have anything to hide ;-) this is pure educational.

0 comments

137.226.113.0/24 can't lookup my DNS anymore

August 25th, 2017

A particular University has been probing my DNS, over and over again. Until I sent them an email informing them that they have been filtered and that they are spying.

/var/log/all.0.gz:Aug 24 13:42:18 omega delphinusdnsd[8574]: request on \
descriptor 16 interface "108.61.211.139" from 137.226.113.7 \
(ttl=0, region=255) for "_sips._tcp.virgostar.net." type=SRV(33) class=1, \
edns0, answering "NXDOMAIN" (53/130)
/var/log/all.0.gz:Aug 24 13:42:18 omega delphinusdnsd[8574]: request on \
descriptor 16 interface "108.61.211.139" from 137.226.113.27 \
(ttl=0, region=255) for "_sip._udp.virgostar.net." type=SRV(33) class=1, \
edns0, answering "NXDOMAIN" (52/129)

I asked them whether they wanted to call me because they looked up SRV records for SIP and Jabber...

Now pretend you have a house and you sit in it. Then someone comes to your door and windows and looks in to see if you have left them open. And does this repeatedly, with a different mask every time. Is that _not_ a little intrusive and scary? I call it spying. And that's exactly what comsys.rwth-aachen.de are doing. BTW I'm not spying because I only look at my own windows to see if anyone is looking in. Also we don't know what happens to the data that Uni Aachen are collecting. Chances are it's ending up in government hands.

So for the last night this is what my logs say about this subnet:

Aug 24 21:52:39 omega delphinusdnsd[29533]: UDP connection refused on \
descriptor 17 interface "108.61.211.139" from 137.226.113.12 (ttl=0, \
region=255) replying REFUSED, filter policy

And it'll stay on. On the other DNS server I put them in a pf filter.

0 comments

Added double the RAM and double the SSD to Omega

August 24th, 2017

My VPS provider vultr.com which I use for the host omega.virgostar.net, allows one to upgrade plans on the fly. So I did. I don't pay more than I did before , which is around $10 USD/mo and I have 2 GB RAM and 20 GB more drive space. When I give up supercluster in October or November, because of new surveillance laws in the Netherlands, I'll have everything stowed into omega. I'm also giving up chi.goldflipper.de at around the same time so I'll go down to 2 VPS for the time being. Those are the big plans.

0 comments

Changed nameserver for delphinusdns.org

August 23rd, 2017

I have changed chi.goldflipper.de to omega.virgostar.net for the delphinusdns.org zone. In one week I'll change the nameserver supercluster.virgostar.net to psi.virgostar.net for all my remaining domains. Hopefully it'll work nicely. I have also made a -current delphinusdnsd the master on omega, before it was a hidden master and only did AXFR. Now it answers queries. Habbie (person on #dns) told me that I don't echo RD bit upon a refused, which I put on my TODO to fix.

0 comments