« July 2004 | Main | September 2004 »

August 31, 2004

Reading RSS

I've been using NetNewsWire to read RSS feeds since I started doing it, little over two years ago. So far it has been good enough and the features in the to-be-released version 2.0 seem great.

Yet, I don't see some features that I would like to see, like aggregating several items into a single one if they mention the same URL.

So I need to implement some sort of filter between the feeds I subscribe to and the feeds I read, that transforms the content into something more manageable.

I don't know if the end result is something that can be read via something like a RSS reader, or if I need some other application. I think I'll also look into reading my feeds by converting them to mail messages. Rui is using newspipe and I noticed Hep to (although I don't know if it does the same thing yet).

I really need to waste less time (30 to 40 minutes each day) catching up on RSS feeds, or become more efficient reading them.

Posted by Pedro Melo at 07:56 AM | | Comments (view)

August 29, 2004

Mirroring CPAN in your laptop

For some years now, I always have a full CPAN mirror on my laptop. I work a lot offline and I like to have it around.

Until today I did a full rsync from a public mirror from my ISP, but Nuno sent me a script to mirror only the latest versions of each module but I never got around to use it.

But I noticed that the script he sent me is now (well, I noticed it today...) on CPAN itself, so I just did:

$ sudo bash
# cpan CPAN::Mini
# cd /sw
# mv cpan cpan.full
# mkdir cpan
# minicpan -l /sw/cpan/ -r file://sw/cpan.full/ 
# du -hs cpan cpan.full
409M    cpan
3.2G    cpan.full

hmms... 1.8Gb free space... nice... I keep it up-to-date with minicpan -l /sw/cpan/ -r ftp://ftp.ip.pt/pub/perl/.

Posted by Pedro Melo at 01:40 PM | | Comments (view)

All your money are belong to us

I love a gadget as any other tech-oriented person, so I'm a regular customer of Expansys. Well, bad news: it's now much easier to spend money on them if you happen to live in this corner of Europe called Portugal - Expansys Portugal is now up and running.

I think that I'm going to give my credit card to my wife so that I don't spend too much money... Wait... That was not very smart... Give credit card to wife... does not compute... bzz... EOT

Posted by Pedro Melo at 01:14 PM | | Comments (view)

Simplicidade is now mod_deflated

I just turned on mod_defalte on this site. If you notice any problems, just drop me a comment.

The setup I'm using right now is this:

# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI .(?:gif|jpe?g|png|zip)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary

Got it from this site. I dropped the Location stuff he was using and put the directives above in the global config.

Posted by Pedro Melo at 12:34 PM | | Comments (view)

Is your Linux server too slow?

Have no phear, hdparm is here...

Check out the article of USA Lug about hdparm, it's really cool and it helped me to tune my Linux server.

I knew hdparm for some time now, but its one of those things that I didn't feel quite comfortable to do until I read about it some place else.

Posted by Pedro Melo at 12:22 PM | | Comments (view)

Coral your RSS

Now that Coral is in public beta, what about telling your RSS subscribers to use it? It will reduce your bandwidth bill.

If you subscribe to this blog, change your subscription to http://www.simplicidade.org.nyud.net:8090/notes/42.xml (notice the nyud.net:8090). You should start to get this feed from your nearest cache of Coral.

Seems to work.

If Coral is here to stay, you can even add to your config:

RedirectPermanent /notes/42.xml http://www.simplicidade.org.nyud.net:8090/notes/42.xml

Update: Rui popped up on IM and told me that this does not work, and of course he's right. It will cause a loop. I'll have to check if Coral sends a specific user agent that I can filter. Rui tells me that it sends a HTTP_VIA and he has the configuration to solve this. Now I'll wait for him to post it and copy it :).

I wonder if the choice of port (8090) was a good one. Some corporate firewalls don't allow nothing unless is on port 80.

By the way, Microsoft DNS servers have a problem with Coral. The developers are thinking about a workaround for the fact that MS DNS chokes on DNAME records (I confess I didn't know about them either, but they look pretty cool).

Posted by Pedro Melo at 12:19 PM | | Comments (view)

August 27, 2004

... and everything

Ladies, and Germs, we have a new feed for those 3 who subscribe to this waste of time: RSS 2.0 full posts with comments and trackbacks. Just use 42.xml instead of the current file.

Nuno provided the template, thanks.

Posted by Pedro Melo at 08:52 PM | | Comments (view)

August 26, 2004

Why I like nslu2

Pedro has a small rant about NSLU2 device from Linksys. His point is that any self-respecting geek already has a full linux box in his home network, that is able to do much more than the NSLU2.

Well, yes, you are right, but that's the wrong point. My point is that I hate that Linux box in my home network, and I would prefer to have a silent, the least moving parts possible box, and I don't have nothing against having several boxes, each one doing some specialized function.

Yes I could go out and by a silent-pc or whatever, but the NSLU2 is exactly that: a silent-pc, and with good looks. And with a $80 sticker price...

Having the Cisco sticker in front is probably not its strongest point, but its weakest. Only time will tell if Cisco is going to be good to Linksys or not.

I'm buying one, as soon as see them in Portugal.

Posted by Pedro Melo at 12:18 PM | | Comments (view)

August 20, 2004

Virtual hosts via Apple Rendezvous: solution

Just finish writing a hint to MacOS X Hints, about publishing virtual hosts via rendezvous.

Here is a copy, in case it's not accepted. I'm using this as we speak.

In a previous hint it was described how to use the RegisterResource of mod_apple_rendezvous to publish additional paths of your local server via Rendezvous.

Virtual hosts are more complicated because you cannot send the hostname via rendezvous, apparently.

But that's easy to solve with mod_rewrite. To do it, create a file (I named mine virtualhosts.conf) and place it in /etc/httpd/users. Place the following inside:

# you can put anything after /.vh/ as longs as
# it starts with the site name followed by an 
# optional path
RegisterResource "MacOS X Hints" /.vh/www.macosxhints.com/
RegisterResource "Send me one, please!" /.vh/www.apple.com/displays/

# Add other RegisterResource as above to add more sites

# Magic.....
RewriteEngine On
RewriteRule /\.vh/(.+) http://$1 [R]

and then restart your Apache webserver:

$ sudo apachectl stop
$ sudo apachectl start

You can also restart with sudo apachectl restart or even sudo apachectl graceful. I prefer stop/start.

That's it. Check you Rendezvous menu in the Bookmarks Bar and you'll find "MacOS X Hints" that will redirect to this site.

We can also use this method to support HTTPS. Just add this line to the file: 
RewriteRule /\.vhs/(.+) https://$1 [R]

and register resources as:

RegisterResource "Amazon" /.vhs/www.amazon.com/

We use a prefix, /.vh/ (and /.vhs/), that should be unused in most configurations. If you happen to use it in your own configuration, change all the occurrences to something else, like /.idontusethis/.

Posted by Pedro Melo at 10:34 PM | | Comments (view)

August 18, 2004

iTunes in Motorola phones

Some phones from Motorola will be able to sync with iTunes. The phones should have removable media, so you might have a 1Gbyte storage space in there :).

I really could care less, I have an iPod. The point I that made me write this is: you will not be able to use the music as ring tones. Why? The ring tone is a $3.2Bn/year industry, the iTMS is a paltry $100M/year industry.

You know which one the phone industry wants to keep happy, right?

Via YourMacLife and Alberto Moriondo from Motorola.

Posted by Pedro Melo at 07:24 PM | | Comments (view)

Video iPod

I was listening to an old archive of Your Mac Life, the Mac-oriented radio show (check it out, it's good). The show was the July 29, and the segment that got me thinking was the Chris Breen of Macworld. He's a iPod-expert, and was there to talk about the 4th generation iPod.

He said that the iPod menu in the 4G has a 'Music' item (i assume it replaces the old 'Browse' item), and goes on to speculate what will they do next. It surely points to other type of media been supported in the iPod in the near future.

I don't share the view that the iPod should be able to play video on the screen that it has. A lot of value of the iPod is about its form factor, and getting a display good enough to show movies would probably ruin that.

Chris says that you could probably see photos (iPhoto sync) and that's also likely but displaying them is still a problem.

So what about this: make a cable that plugs into the Firewire port (with a bit of logic or active components) and outputs S-Video and Audio output. Then you can put DVDs, H.264 encoded movies with some sort of FairView DRM that Apple builds, or even your iPhoto slideshows.

You only need to port the DVD player to the iPod, put all the decoding there, including DeCSS stuff.

This would be a killer feature for those 40Gb and (we assume) 60Gb models coming out sometime this year. I could go into DVD Player, and say "Sync to iPod", or even, "Compress (H.264) and Sync to iPod", get to a Hotel somewhere, plug my iPod into the room TV set and watch the movie.

I think some hollywood people would need convincing, but Apple had some success with the music industry, so why not the hollywood industry. Steve Jobs has a feet in both worlds in this case.

We'll see.

Posted by Pedro Melo at 06:04 PM | | Comments (view)

The Douglas Adams release

42

I was looking at the new CPAN releases and saw a new release of version.

Me thinks we should call all the x.42 releases a Adams release in tribute.

Posted by Pedro Melo at 05:28 PM | | Comments (view)

August 05, 2004

More about NAT

I'm reading the meeting notes of the "behave" BOF at the latest IETF meeting.

There are some remarks that make me nervous. There is a belief that IPv6 will end the need for NAT:

NATs continue to proliferate and have seen an increasing rate of deployment. IPv6 deployments can eliminate this problem, but there is a significant interim period in which applications will need to work both in IPv4 NAT environments and with the IPv6 to IPv4 transition mechanisms (e.g. 6to4).

Maybe I'm reading this wrong, but I interpret this as: When IPv6 comes, you wont need NAT.

If that's correct, then I'l be the first to say it: when IPv6 comes, I'll sill want to use NAT. I don't use NAT because of IPv4 address space shortage, or lack of features in IPv4. I use NAT because I don't want the trouble of configuring a firewall in my workstation, and I prefer to have a smallish dedicated router doing it for me. It feels safer. Yes, it is very subjective.

One source of "nat is evil" seems to be rfc 3424. I read it, and I understand the problems they mention there.The third point of my wish list mentioned here seems to be very difficult.

There are also a lot of security considerations about allowing all these incoming connections, but I think that having a protocol to request such communications to happen only make it easier to block/audit/validate those requests.

Also the reliability of the communication is lessen in the sense that now the NAT box has to keep state about it, and if that box fails the communication cannot be routed around to another exit point without going through another round of "expecting connection from X, give me a IP/port pretty please" with the new NAT box.

But as I read rfc 3424 I had to rethink my goals: I might not need a NAT environment but a very smart firewall between me and the world at large when IPv6 gets widespread adoption. The turning point is the C.2 paragraph in the above RFC:

C.2 Real World Home Network Example

James Woodyatt provided the following scenario, based on current
examples of home networking products:

o the customer has existing Internet service from some broadband
service provider, using e.g. a DSL line connected to an appliance
that integrates a DSL modem with a NAT router/firewall.

o these devices are sometimes packaged with automated provisioning
firmware, so the customer may view them as part of what their ISP
provides them.

o later, the customer wants to use a host with only a wireless LAN
interface, so they install a wireless access point that ships in
its default configuration with NAT and a DHCP server enabled.

o after this, the customer has a wired LAN in one private address
realm and a wireless LAN in another private address realm.

Furthermore, most customers probably have no idea what the phrase
"address realm" means and shouldn't have to learn it. All they often
know is that the printer server is inaccessible to the wireless
laptop computer. (Why? Because the discovery protocol uses UDP
multicast with TTL=1, but that's okay because any response would just
be dropped by the NAT anyway, because there's no ALG.)

The last paragraph is what made me think: they want this to work in scenarios that, although very plausible, are also very clearly wrong :), and that lead me to the conclusion that I am thinking as a person who knows something about networking, at least enough to understand why this setup is wrong. A less technical person would not know.

Side-note: just yesterday I made this exact setup at my fathers house, and I disabled the DHCP and NAT from the Wireless Router. I also have the exact same setup at home.

I still think that the problems presented in the rfc can be solved, but until I write something about this, I'll agree that the problem is complex, and that having IPv6, with an address to everybody or everything, its easier to implement and debug.

I just need a damn good firewall it seems.

This is fun.

Posted by Pedro Melo at 07:30 PM | | Comments (view)

Aleluia

And then, at the end of the tunnel, a light tries to fight against the dark long corridor...

Jabber Architecture: IETF recognizes that NATs exist: "There was a healthy discussion from some saying that the IETF shouldn't enable "those people". The counter argument is that they're going to do it anyway, so we may as well tell them how to do it safely. The turning point in the meeting was when someone at the front asked who in the room was using private address space. About 95% of the people raised their hand. At that point, it was really difficult for people to argue with a straight face that only evil or stupid people had NATs."

Well, it's about time.

I'm sure someone will point me to some site/url/lava pit for saying this, but I really do like NAT. With the exception of the office in Lisbon, all the other 3 or 4 places I usually work from are behind some sort of Apple or Linksys wireless router doing NAT (more precisely NAPT), and this has become my preferred connection to the Net.

The thing that I like the most is that I don't have to worry to much about having a very strict personal firewall policy (I trust the persons at the office more that the average Internet person), and that allows me to have a richer local-net experience (becoming much more important in a world of Rendevous^H^H^H^H^H^H^H^H^HOpenTalk).

The problems I have with NAPT are a direct consequence of IETF "nat is evil" mantra. The lack of specs makes certain simple things almost impossible: VoIP, IM File Transfer are the first two that come to mind.

Side-note: I'm still impressed how "just-works-level" Apple has made iChat voice and video-conferencing, even with NAPT on both sides.

But back to NAPT and what I miss: I really would like to see a spec/protocol from IETF that would allow me to write applications that are NAT/NAPT-aware (the second one more important than the first).

The things that I see as most important are:

  1. Am I running behind NAT/NAPT? An application must have a way to discover if they are being NAT/NAPT-ed;
  2. My application must have a way of telling the NAT box that it's expecting a incoming connection TCP or UDP. The NAT box must give back the specific IP address and port number that the remote side must use. Optionally, the request could include the origin IP and port number of such incoming request;
  3. All of the above must work for two or more levels of NAT.

Must check IETF to see if the WG is already created.

Posted by Pedro Melo at 06:45 PM | | Comments (view)

Official waste of time for today

Ok, so the day is long and you must waste some time. Have no phear, Lemmings is here...

In glorious javascript and dhtml....

Posted by Pedro Melo at 03:00 PM | | Comments (view)