Older blog entries for baruch (starting at number 42)

I've been distracted from AutoFW and libnl by an old idea of mine for firewall implementation, a project which is currently nameless is now working on my machine. Thanks to <whomever> in the netfilter team that thought to create the QUEUE target and libipq, it now works in user mode under the temporary name of umfw (user-mode firewall).

The first stage was to create a simple interpreter firewall, the second stage was to create a compiled firewall (compile the firewall to C and then compile to object code), the next stage is to make it work in the kernel as a target for a netfilter rule and a shared object for netfilter to be able to add this rule. Third stage is now in progress.

I've also started to learn Chinese thanks to a friend from Singapore, I've learned a few sentences, wrote them in Abiword and printed it so I can learn it offline.

I've learned to write my name in Chinese, it is written 巴湖 which is pronounced Ba-Hu, which is close but not exact, but then most languages won't be able to say my name correctly anyway.

It was a lot of pain to get chinese working, I installed tons of packages, I tried uim first but couldn't get it to work so I switched to scim. It now works pretty well, but sometimes my system gets confused in what input state it is. I can now write English, Hebrew and Chinese on my Linux machine.

I now need to find a program to teach me the alphabet, I found several programs for Gnome but they either don't work, crash or don't compile. I will turn my attention to KDE and otherwise now.

Life is hard in Ireland, it's far more expensive than it was in Israel, we get by but we are cutting a lot of corners and are way down in our life standards (smaller apartment, far less restaurants) and it rains here almost everyday. In Israel it rained "almost" every day, every day (in the winter) it would almost rain, but wouldn't.

At least I'm working on the Linux Kernel and am allowed and expected to release my work to the wide public, it is available at http://hamilton.ie/net/, I'm currently working to improve the patches, after that I need to port it to 2.6.9 (or whatever it will be at the time) and submit it to the LKML for the criticism.

I'm also trying to gather my will and do some free software work, I've got a good word from a user of AutoFW so I decided to look at it again and rewrite it in C, but now I need to access netlink directly (in Python I just run 'ip monitor link addr' and parse the output), I started to use libnl but I found that it doesn't support address types and doesn't support firewall netlink so I first need to get it to know these. Lots of work.

There was also a sign of life on the websec mailing lists which reminds me that there are some overdue issues with it.

I left my job (and my wife left hers), and we moved to Ireland, I'm doing an MSc in CS working on H-TCP (a better congestion control for TCP to make it work on Gb/sec networks).

I've ported the existing code to the 2.6 kernels (2.6.6 for now) and am now readying it for release to the kernel folks to consider it for the vanilla kernel. I've fixed a few bugs doing this and learned the code better.

I'm still lacking motivation to work on my free software projects, I do the odd job for my Debian packages, finally fixing the fribidi bugs I had, but can't say I achieve what I want to do.

Moving to Ireland

I'll be landing in Ireland on the 2nd of August, a place to sleep and transport is already arranged, We're now preparing all our belongings to the move.

The hard part is sorting and throwing away, since we are not just moving all our stuff to Ireland, but rather storing most of it we need to weed the needed from the chaffe and throw away all the amassed junk from the last six or so years.

We are now on the last day of packing and it's the hardest part, we are now in a race against time and against all the small things that still need to be done.

Tomorrow we will have the movers coming early in the morning to do the move. The day after that we meet the landlord and return him the keys and close all our utilities bills.

Life is changing

The last few weeks saw me get married, quit from my well earning job to switch to low stipend academia and preparing the move to Ireland. Life is changing, and change is good.


Moving a country is strange, from knowing all about the environment you are in, you go to knowing nothing at all. Finances, Rent, Language nuances and slang, and anything else you took for granted is non-obvious now.

I'm learning hard and fast everything I need to know about setting up financially in Ireland, how banking works there, trying to look ahead of time at a bank to open my account in, deciding how much cash I need to have for the start until I get a bank account opened (It's expected to take a month to get everything setup with the bank!).

I also need to understand the rent terms in Ireland, it's a bit different, and we will probably only figure out most when we try to actually search for a place.

We would like to rent a house, but houses are 100 euro more per month compared to an apartment, we'll probably settle for an apartment, we'd rather have some extra cash for travelling on weekends.

We are also debating how best would be to be setup with a computer, should we bring our current desktop computer and buy a monitor there, or buy a laptop and be done with that?

Lots of questions, very few answers. I've been asking the peoples at the University so much, that I feel uncomfortable to keep asking them, I get answers and it helps a lot to build the security feeling that we partially know towards what we are going, but there are always more questions.

A good source of information is Move To Ireland website, I've paid for the full site to get some more answers, it's been useful, but it's not targetted at students, so information on residency permits for students and student-dependents (my wife) is non-existent.

We've called the Police in Ireland to ask about the status of my wife, it took quite a bit of effort to do the conversation, but it paid off, she will get a residency permit, so we can stay there together.


Three last days to work, Then a week and a half of prepartions to pack our belongings, move everything to a storage place in my wifes parents house, return the rented apartment to its owner, than a bit less than a week to leave with the parents of each side, say goodbyes, and on the 2nd of August we will be on the plane to Ireland for a fun adventure!


Released version 0.3 of AutoFW today, since I got no user feedback on it I've asked a couple of friends of mine to provide some.

So far the feedback includes an error in documentation and that the code doesn't work for Python 2.2, it does work on Python 2.3. I'll need to see how I can solve the problem for Python 2.2

The following code:

int('FFAABBCC', 16)
Emits an error for Python 2.2 but not for Python 2.3, if you know how to solve this, send me the solution to baruch@ev-en.org. Thanks!

Amongst the correct solvers an incorrect solver will be awarded. (It sounds better in Hebrew: בין הפותרים נכונה יוגרל פותר שלא ענה נכונה)


Another release (0.2) made yesterday, I've noticed that it was added in the tools section of SecurityFocus, it's nice to know what someone else thought it's worth adding to some tool list.

There are also a few web site accesses that came from peoples webmails, I wish the referrer would show me the message content too ;-) but I guess the privacy is more important than my curiosity.

I've prepared a roadmap for AutoFW, at least until the 1.0 stage, though it gets updated with various bits that I find that need to be done to make it a correctly functioning daemon.

By now it acts ok, can daemonize, log to syslog, kill another daemon by the -q option and generally tries to be a good daemonetizen.

I'm still missing removing the pid file on exit and some bug where I don't exit immediately when getting SIGTERM, some issue with a signal not stopping a system call probably.

I've got myself a small script to summarize what issues need to be handled for the current version so I can easily see what I've got to do before release. It's a good motivational. The script needs to be expanded to show the various TODOs sprinkled in the code, these are not bugs, just things I didn't have the time to implement.

Speaking about bugs, My current Bug Tracking System (BTS), is a Known Bugs section in the README file, for now it works fine, there is no external feedback anyhow and by committing the removal of a bug from the README, I also mark when in the repository life I thought I solved the bug.

New project

I've been hacking in the last few days on a new project called AutoFW, a script to automatically configure the firewall for the home broadband user who wants to be firewalled and still access BitTorrent to serve the Debian ISO images (They really want to serve Debian ISOs, movies and mp3s just don't interest them!).

So far I've published it on FreshMeat and WhatsUp.co.il (a local Israel Linux board), and there were over 250 visits to the site and 100 downloads. The thing I forgot was to provide an easy to find contact point to send me praises, curses and anything in between.


It's getting closer, my SO started counting weeks.


My SO put me on a diet, luckily to me we had Independence Day and it's mandatory to eat a barbeque during that day, so I got to eat plenty of dead cows.

We also entertained (or made him suffer :-) a professor from the institute I'm going to do my MSc at, and we got to eat well, but it was seafood and it should have far less fat than in dead, grilled cows.

Life, Universe and Everything

It's good out there, the problem is that I'm in here.

Future MSc

I've started to look at the TCP handling code of the Linux kernel, it's a huge body of code and I need to get a little familiar with it for my upcoming MSc studies.

The professor with whom I'm going to work published his code patches to the kernel and some updated articles so I've got a lot to read about, I intend to organize all my data on a Wiki for which I got a domain HighPerf.net. I'm also looking into keeping the articles that I find, I just know I'll forget where I found them a few months from now, just when I'll need them.


I've gotten some prods from Debian fellows and gotten back on track to fix my packages, I've done most of them, now I've got syscalltrack left, which is up for adoption but no-one wants to handle it.

Kernel modules and patches are the most annoying types of packages, they require quite a bit of work to get them done properly.

During the initial stages of my packaging work I looked around at the code, found some things to improve, and some bugs waiting to happen in sctrace, fixed them, sent them upstream and they were accepted (or so I'm told, didn't check the CVS repository).

I still need to fix some bugs in ChkTeX, a program I maintain, some bugs on it were filed in the Debian BTS, but the code is so annoying there with lots of weird defines, that everytime I touch it I feel the urge to clean this mess, which then goes to waste the time I needed to fix the actual bugs. Hopefully, I'll get it all cleaned up soon enough and fix the bugs themselves.

33 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!