Older blog entries for dwmw2 (starting at number 96)

Looking at implementing an internal IPv6 network in parallel with the existing IPv4 network on RFC1918 addresses.

At first glance it looks nice and simple. IPv6 has its equivalent of RFC1918 addresses -- with even better semantics. It has 'site scope' addresses, and machines can be given _both_ 'site' and 'global' scope addresses, and basically do the right thing in all circumstances... using the internal addresses for internal communication, and the external addresses for everything else.

So each site on the intranet can have its own _global_ IPv6 link, with optimal routing out the local connection to the Real World, while tunnelling the site-scope addresses over the CIPE links with the RFC1918 IPv4 traffic. None of this NAT-from-internal-to-public-addresses crap which we have for IPv4.

Unfortunately it seems that the concept of site scope is to be abolished. Discussion of the various possible alternative implementation plans has failed to turn up any possibilities which are even _close_ to being as simple and effective.

I wonder if the martians are to blame. They know that TCPv4 isn't good enough for us to communicate with our Martian-invasion fleet, and they're determined to scupper our IPv6 deployment efforts by fucking it up for us... so they placed mind-control anal probes into the IPv6 WG and made them abolish the part which was going to actually let people deploy IPv6 sanely in large organisations.

Or maybe not. Perhaps there are just telcos involved?

Wheee. At last Evolution can handle getting at IMAP servers by running a command and using its stdin/stdout, out of the box. I no longer have to maintain my own build just to have it do what pine, mutt and others have been doing for years -- just 'ssh $mailserver exec imapd' and let ssh-agent handle authentication, and ssh itself handle the magic it has to do to log into boxen on remote internal networks by running 'ssh $bastionhost netcat $internalmailserver 22' instead of connecting directly.

No GUI for it since that would apparently confuse people. In particular, it would hurt those people who:

  1. Do not understand 'Run a program to access the server' in the context of the above menu.
  2. Will therefore do something stupid like wetting themselves, rather than just ignoring it and selecting 'standard connection' or 'use SSL'.
  3. Yet do configure their own accounts in Evolution rather than just drooling on the floor while someone else does it for them.
  4. And who also manage to navigate past other options like namespace stuff, without similar breakage.

I don't personally know anyone who meets all the above criteria. I know people who meet #1 and #2 but not #3 and #4 -- and I know people who meet #1, #3 and #4 but not #2. I suspect the set of people who meet all four is very small.

But to be honest I don't care too much either because all my copies of Evo are already configured appropriately and it's easy enough to do with gconf from the command line.

I do wonder just how far we should be taking the usability crusade though.

What's next? People turning up on my doorstep, observing that the lack of doorbell is likely to confuse people and hence removing my front door?

Am I just getting crankier in my old age, or is the general intelligence of the world's population really declining?

A few years I ago I'm sure I didn't notice so many people displaying such incompetent usage of the English language -- now there are even signs in supermarkets with crap like "10 items or less" and some people don't even understand what's wrong with that.

Now it appears that nobody can grasp the simple concept that possessive pronouns don't have apostrophes in them. Maybe people have always done it -- maybe it's just that I happened to notice one semi-literate monkey writing "it's" where he meant "its", and now every instance of this error seems to jump off the page and assail me. I dunno...

OTOH, I have to admit I do like the idea of kernel patches which "effect" hardware -- free toys are always good, and the practice of sending hardware to people who write kernel code is to be encouraged; it's good for people to practise this practice.

Called Three to ask about data services -- after all, the whole point in 3G phones is that you'll get data connectivity which doesn't suck as much as GPRS, right?

They aren't offering data services.

They have no current plans to do so.

Er, so what's the point?

Fucking Useless Telco.

The email flood seems to be fairly easily stemmed by a few simple rules.

First, don't accept mail without a Message-ID.
Second, don't let mailing lists accept bounce messages (i.e. messages with empty MAIL FROM:<>)
Third, enable sender verification callouts; also for recipients if your machine is MX backup for anyone.

There's been no vir{uses,ii} and only one 'bounce' get through to the linux-mtd list, and that one was because some vegetable managed to configure a virus checker to send its bounces as real messages instead of bounces -- either through cluelessness or in an attempt to add mail loops to the fun which is already being had by all. Abuse@upstream duly notified.

Eventually I'd like to see all mail cryptographically signed, with the public key available in the DNS for verification purposes.

The birds sang her to sleep.

27 Jan 2003 (updated 27 Jan 2003 at 23:17 UTC) »
mwh, obi, others:

Note that filtering on List-ID or X-Mailing-List isn't 100% reliable. You probably want to filter on the SMTP reverse-path, which will usually end up in a 'Return-Path' header or the 'From ' line.

List-ID and X-Mailing-List get preserved if someone bounces (in pine parlance, aka 'redistributes') a mail to you.

Consider, for example, the case where you're on vacation so you've filtered a certain list to /dev/null, or you're just not reading it till you get back; at which point you'll read it with grep.

A colleague sees a mail he _knows_ you'll want to read from that list, and bounces it to you. With broken filters, the mail ends up in /dev/null again even though it was sent to you personally. With filters on the _actual_ sender, it lands in your inbox and gets read as intended.

You also sometimes find that lists won't add such headers if they already exist, so if someone sees a mail on one list and bounces it to another list, your filters for the latter list won't necessarily catch it. Again, the return-path works correctly.

Argh. Why is it so difficult to import an xfig diagram into OpenOffice in a vector format? Other than EPS, which OpenOffice doesn't render onscreen properly (or indeed at all).

Hmmm. Got bored last week so I played with improving JFFS2 mount time. By delaying data node and data payload CRC checks till after the mount, on the basis that we don't actually _need_ them done that early, and by using a pointer directly to the flash rather than copying into RAM every time, we get a fairly dramatic improvement in mount time -- from ~3s to ~0.3, and from ~5s to ~0.75s on a iPAQs with 14MiB and 31MiB file systems, respectively.

Not bad. Now the iPAQ bootloader is slower to scan the JFFS2 to find the kernel and parameters in it than the kernel is it mount it later :)

2 Sep 2002 (updated 2 Sep 2002 at 10:23 UTC) »
Just as I thought it was going alright
I find out I'm wrong when I thought I was right
Always the same, it's just a shame
That's All

87 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!