When you are using the 3.8-* version of xtables-addons to harden your server with a geofense, chances are super high that things don't work anymore… The latest problem occurs after you have downloaded the geo-ip-tables from Maxmind and try to convert the tables for the geofense with xt_geoip_build. You get this error: Can't open DBIP database. The simple reason for this is that the developers of xtables-addons decided to get rid of Maxmind (maybe because they did that thing with the user accounts a couple of months ago? Read more

If you are running a Linux server, you probably want to enable that thing to send emails to you. This is useful, for instance, to tell you that someone got blocked by fail2ban. In earlier years, SSMTP has been a good candidate to achieve this kind of thing. Today, Debian, Raspbian, and probably Ubuntu server OSes have no packet for SSMTP anymore. However, you can use MSMTP to achieve the same thing. Read more

Since some time I use a geofence on my servers to ban all incoming requests that do not originate from DE. The company (Maxmind) that distributes up to date mappings from IP ranges to country codes (“geoip tables”) recently changed how they distribute these files. Now, you must have an account and license key to download the geoip tables. Note: everything is still free! The need for login credentials breaks the update mechanism for geoip tables which typically uses xt_geoip_dl. Read more

Some days ago I had the idea to dig around in my mailbox and see what people have sent me over the years. As I was especially interested in the attachments (pictures) I googled a bit and found out you can quickly extract stuff from a mbox (used by a Dovecot SMTP server). Here's what I cobbled together. #!/usr/bin/python import mailbox import dateutil.parser from datetime import datetime mbox = mailbox.mbox('/home/USER/mail/MAILBOX') def extractattachements(message): if message. Read more

tl;dr If you want to try out a Linux-based OS on your MacBook/Notebook: try Manjaro.

When I need to build a website, I typically use Hugo to generate the .html from .md. However, one thing is a bit inconvenient: deployment. If not done right, you have to do that manually (edit -> hugo -> rsync). Alternatively, and much better, you can use the Hugo-Gitlab|Hub-Netlify-toolchain I described earlier. These day, I needed a website for a new research project of mine and didn't want to ship the site with Netlify. Read more

Since a couple of years I use OpenVPN to access my home network from remote and also to protect my traffic when I am traveling and have to use WiFi networks I do not completely trust. Unfortunately, the iOS VPN client does not work for me anymore so I needed an alternative. My Fritz Box (German home WiFi router brand) actually supports an IPSec VPN. However, iOS's VPN client is horrible. Read more

Last year in June I set up geofence on my home server to ban all access not coming from DE. In January I noticed that things did not work anymore. A bit of research revealed, that the company that provides the needed GeoIP tables decided to stop shipping them in format A and only offered the tables in format B. So neither the script that downloads the tables (xt_geoip_dl) nor the script that converts the tables (xt_geoip_build) into the binary format that xt_geoip can digest to block connections attempts worked anymore. Read more

Recently I stumbled upon [Pihole](https://pi-hole.net), which is a tool that blocks advertisements and web trackers. The nifty idea of Pihole is that it is no web proxy as Privoxy but it acts as a DNS server in your network...

Since a couple of weeks I'm giving a lecture in the Master's course for Informatics at our university. One of the biggest differences of giving a lecture vs. giving a conference talk is that the lecture is more interactive. Or in other words: I ask my students stuff and they ask me stuff. Well, students are students and for this reason they do not use the first $n rows of the lecture hall. Read more