Since some time I use a geofence on my servers to ban all incoming requests that do not originate from DE. The company (Maxmind) that distributes up to date mappings from IP ranges to country codes (“geoip tables”) recently changed how they distribute these files. Now, you must have an account and license key to download the geoip tables. Note: everything is still free! The need for login credentials breaks the update mechanism for geoip tables which typically uses xt_geoip_dl. Read more

Some days ago I had the idea to dig around in my mailbox and see what people have sent me over the years. As I was especially interested in the attachments (pictures) I googled a bit and found out you can quickly extract stuff from a mbox (used by a Dovecot SMTP server). Here's what I cobbled together. #!/usr/bin/python import mailbox import dateutil.parser from datetime import datetime mbox = mailbox.mbox('/home/USER/mail/MAILBOX') def extractattachements(message): if message. Read more

tl;dr If you want to try out a Linux-based OS on your MacBook/Notebook: try Manjaro.

When I need to build a website, I typically use Hugo to generate the .html from .md. However, one thing is a bit inconvenient: deployment. If not done right, you have to do that manually (edit -> hugo -> rsync). Alternatively, and much better, you can use the Hugo-Gitlab|Hub-Netlify-toolchain I described earlier. These day, I needed a website for a new research project of mine and didn't want to ship the site with Netlify. Read more

Since a couple of years I use OpenVPN to access my home network from remote and also to protect my traffic when I am traveling and have to use WiFi networks I do not completely trust. Unfortunately, the iOS VPN client does not work for me anymore so I needed an alternative. My Fritz Box (German home WiFi router brand) actually supports an IPSec VPN. However, iOS's VPN client is horrible. Read more

Last year in June I set up geofence on my home server to ban all access not coming from DE. In January I noticed that things did not work anymore. A bit of research revealed, that the company that provides the needed GeoIP tables decided to stop shipping them in format A and only offered the tables in format B. So neither the script that downloads the tables (xt_geoip_dl) nor the script that converts the tables (xt_geoip_build) into the binary format that xt_geoip can digest to block connections attempts worked anymore. Read more

Recently I stumbled upon [Pihole](https://pi-hole.net), which is a tool that blocks advertisements and web trackers. The nifty idea of Pihole is that it is no web proxy as Privoxy but it acts as a DNS server in your network...

Since a couple of weeks I'm giving a lecture in the Master's course for Informatics at our university. One of the biggest differences of giving a lecture vs. giving a conference talk is that the lecture is more interactive. Or in other words: I ask my students stuff and they ask me stuff. Well, students are students and for this reason they do not use the first $n rows of the lecture hall. Read more

I like to host (most of) the web services I use for my daily routine at home. Recently, I started shipping services using Docker containers. To make these services available via a public IP address and to conveniently enable HTTPS, I decided to use nginx as a reverse proxy. So the dockerized service becomes available via something like https://mydomain.dyndnsservice.xy/servicename. At least this was the plan. Unfortunately, I ran into the always same problem when I tried to coax a dockerized service to live happily in a “sub-folder” of my dynamic DNS domain. Read more

I recently noticed some odd HTTP requests on my web server, which I exclusively use for private purposes like hosting Nextcloud, GOGS, or Wallabag. I did a bit of research where these requests come from – just fire something like for elem in $(awk '{print $1 | "sort | uniq"}' /var/log/nginx/access.log); do curl ipinfo.io/$elem; done – and found out that they all originate from Russia, China or India. That sounds a bit suspicious to me. Read more