- Linux Kernel Documentation: from the freedesktop.org people.
- Free Electrons Linux Source Browser
- Reviewing Kernel Code to add an nft function
Monday, August 21. 2017
Linux Kernel Jump Points
Sunday, August 20. 2017
SaaS Social Media Ideas
- mastodon: with thousands of interconnected communities to choose from, and the tools to make your own, Mastodon is the world’s largest free, open-source, decentralized microblogging network. In a Planet Debian entry, Carl Chevet talks about https://carlchenet.com/the-importance-of-choosing-the-correct-mastodon-instance/" target=_blank>The Importance of Choosing the Correct Mastodon Instance.
- sandstorm: self-hostable web productivity suite. It's implemented as a security-hardened web app package manager.
- agorakit is a web based open source groupware for citizens initiatives. By creating collaborative groups, people can discuss, organize events, store files and keep everyone updated when needed. Agorakit is a forum, agenda, file manager, mapping tool and email notifier.
- diaspora: instead of everyone’s data being held on huge central servers owned by a large organization, diaspora* exists on independently run servers (“pods”) all over the world. You choose which pod to register with, and you can then connect seamlessly with the diaspora* community worldwide.
- matrix: An open network for secure, decentralized communication. There is a Synapse, which is a reference server.
- 2018/03/12 Matrix - Slack alternative, from Planet Debian (2018/03/10)
The Slack Threat has some pro and con arguments for the alternative communication channels.
2018/05/18: a Slack alternative: Mattermost
2018/06/11: #DeleteFacebook and alternative Social Networks
2018/09/02: #Friendica vs #Hubzilla vs #Mastodon.
2018/09/25 ManyVerse: is a social network mobile app with features you would expect: posts, threads, likes, profiles, etc. But it's not running in the cloud owned by a company, instead, your friends' posts and all your social data live entirely in your phone. Remarks at Hacker News.
Saturday, August 19. 2017
Linux Network Testing
Etherate code on Github is supplemented with some documentation and comments at 53bits Etherate. Etherate sends traffic directly over Ethernet so it goes without saying that all tests between Tx and Rx hosts are run within the same layer 2 broadcast domain, it can not test over a layer 3 boundary.
TRex Low-Cost, High-Speed Stateful Traffic Generator
MoonGen is a fully scriptable high-speed packet generator built on DPDK and LuaJIT. It can saturate a 10 Gbit/s connection with 64 byte packets on a single CPU core while executing user-provided Lua scripts for each packet. Multi-core support allows for even higher rates. It also features precise and accurate timestamping and rate control.
NFPA: Network Function Performance Analyzer: is a publicly available, open-source measurement application, which is not only in accordance with standardized methodologies (RFC 2544), but also makes possible to comprehensively compare performance metrics of NFs in an exhaustive range of dimensions. Uses DPDK PktGen.
- TCP Statistic and Analysis Tool
- tcpick: is a textmode sniffer libpcap-based that can track, reassemble and reorder tcp streams
- tcpflow a tool similar to tcpick
Wednesday, August 16. 2017
Building Free Range Routing on Debian Stretch as a Package
Basic instructions for building Debian packages for FRR (Free Range Routing), a fork of Quagga, can be found in the github repository as Building your own FRRouting Debian Package.
These build notes have a slight twist -- using a kernel from backports. It actually doesn't affect the build, but here is my sequence.
sudo apt install -t stretch-backports linux-image-4.14.0-0.bpo.3-amd64 iproute2 sudo reboot sudo apt --no-install-recommends install \ libjson-c-dev \ libpython-dev \ libsystemd-dev \ linuxdoc-tools \ autoconf automake \ libtool \ make \ gawk \ libreadline-dev \ texinfo \ pkg-config \ bison flex \ python-pip \ libc-ares-dev \ python3-dev \ devscripts equivs \ git git clone https://github.com/frrouting/frr.git frr cd frr ./bootstrap.sh ./configure --with-pkg-extra-version=-qvsl-1.0 make dist make dist export WANT_CUMULUS_MODE=1 mv debianpkg debian make -f debian/rules backports mkdir frrpkg cd frrpkg/ tar xf ~/frr/frr_*.orig.tar.gz cd frr* . /etc/os-release tar xf ~/frr/frr_*${ID}${VERSION_ID}*.debian.tar.xz sudo mk-build-deps --install debian/control debuild -b -uc -us
As of this writing, the following packages are built, with the first being the one of interest:
frrpkg/frr_4.1-dev-rpb-1.0-1~debian9+1_amd64.deb frrpkg/frr-pythontools_4.1-dev-rpb-1.0-1~debian9+1_all.deb frrpkg/frr-dbg_4.1-dev-rpb-1.0-1~debian9+1_amd64.deb frrpkg/frr-doc_4.1-dev-rpb-1.0-1~debian9+1_all.deb
gcc -v for debian/stretch yields:
gcc version 6.3.0 20170516 (Debian 6.3.0-18)
2017/11/17: a build note, BGP RPKI available in FRouting
To use this code, ensure that you have installed a new dependant library rtrlib available here: http://rtrlib.realmv6.org/ And configure FRR with `--enable-rpki` when compiling it.
2018/04/16 groff, groff-base packages - I am keeping this as a note here because with a minimal list of packages during a build, I may be missing one of these. Next time I perform a build, I'll try to remember to come back here and see what I missed.
Wednesday, August 9. 2017
nftables network namespace logging
From a recent netfilter mailing list message:
Logging from network namespaces other than init has been disabled since kernel 3.10 in order to prevent host kernel log flooding from inside a container.
If you have kernel >= 4.11 or one with commit 2851940ffee3 ("netfilter: allow logging from non-init namespaces") backported, you can enable netfilter logging from other network namespaces by
echo 1 >/proc/sys/net/netfilter/nf_log_all_netns(the command must be issued from init_net).
Logging via NFLOG target and ulogd2 should work even without the sysctl mentioned above, IIRC.
nftables connection tracking helpers
From the netfilter mailing list:
... connection tracking helpers assignation can only be used with nft 0.8 and Linux 4.12.
You can set automatic assignment with:
echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper