Saturday, May 30, 2015

Kamikazi downloads may go away soon...

Howdy all. After reading the various threads on Riddell's dismissal, I've sent the following email to canonical via their web form. Since I didn't get a CC from the form, I'll have to reproduce it here.


After reading the email threads around Riddell's dismissal on lwn, I'm now quite fearful for my project, Kamikazi, which is a remix of the Lubuntu ISO with the Xen hypervisor packages integrated. If my reading of the IP policy is correct, "and will need to recompile the source code to create your own binaries", my 'open source' project is now totally worthless and apparently even illegal to redistribute?

How much of Lubuntu do I have to remove? Do I have to remove every reference to Ubuntu including the lubuntu-* packageset and remove Ubuntu's logos and trademarked imagery even in places like about dialogs and generated HTML documentation?!

Half of my embedded Linux single board computers like the Odroid C1 and my raspberry pis run Lubuntu, and it's most certainly not from canonical sources...

I'm currently at a loss on how to legitimately  continue my project without infringing, and throwing away two years worth of work figuring out how casper and the whole ISO system works...

Please let me know the list of packages from the lubuntu-14.10-amd64.iso that I must rebuild or replace (preferably not on a legal letterhead -- I can barely afford to eat, let alone pay any legal bills) and if I truly need to rebuild every single binary in every single .deb and if that would include the .debs made available in various PPAs as well, or if I need to completely cease and desist with my project...


So far, I've only received an automated response from the form posting.
Depending on the result; I may have to stop providing prebuilt kamikazi images and instead provide a set of scripts and an original lubuntu ISO with which to modify yourself.

Either way, I have no choice in the matter of stopping the project itself; it is a freight train that will overcome all obstacles somehow. Until I receive a response, the kamikazi ISO and USB image is still available for download at the links from the github repository.

Wednesday, May 20, 2015


Some people have asked me in the past what traffic in my IRC channel looks like. Here's a glimpse:

Tuesday, December 23, 2014

Openwrt 14.07 as a Xen DomU

Collecting information on xen domu builds of openwrt...

So far, having problems with getting ext4 images to mount.

Does anyone have a working .config?

Friday, June 20, 2014

Death to Skype Ads

Here's how to murder the goddamned annoying Skype ads in version 6+.

Fortunately (or unforunately), Skype embeds the Internet Explorer controls.
(Yes, that means you still need to keep your IE up to date, even if you use Chrome or Firefox.)

0) Exit Skype to unload the Internet Explorer ActiveX control.
1) Open Internet Explorer or Control Panel
2) Open Internet Options
3) Go to Security and select Restricted sites
4) Click Sites
5) Add and click OK
6) Add and click OK
7) Go to General, click Delete, and click Delete again
8) Open Skype, the blank space should be gone and there will be no ads

I don't know what the implications are and whether there any issues with other skype apps. Your milage may vary.

If you want to go further:

Seriously, Microsoft, you make millions/billions and you still need 3 cents a click? Pitiful.

Oh, right I forgot, you decided to turn skype from a free peer to peer application that elected supernodes automatically into a server-sided monstrosity to support E911 calling. Bravo. *facepalm*

Sunday, March 11, 2012

Fun with OpenWRT

I've been using OpenWRT for a while. When Backfire 10.03.1 final was released, I flashed it the next day.
My router is Buffalo's WZR-HP-G300NH, which is pretty powerful for it's price.

As I've been tinkering, I've run across some annoyances.

Sysctl Settings

First up: Something seems funky in conntrack. Running logread shows lots of entries like:

nf_conntrack: table full, dropping packet.

nf_conntrack: table full, dropping packet.

nf_conntrack: table full, dropping packet.

In my google searches to solve it, I came across some "P2P settings" that lowers the timeouts to keep the tables from filling as quickly. Pop the following in /etc/sysctl.conf:


I've also stuffed a usb stick in the back and I've been trying to get Squid working on it to supplement my WiMAX connection.

Installing SQUID

Downloading/Installing SQUID

# opkg install squid
Installing squid (2.7.STABLE9-1) to root...
Installing libopenssl (0.9.8p-1) to root...
Installing zlib (1.2.3-5) to root...
Installing libpthread ( to root...
Installing librt ( to root...
Configuring librt.
Configuring libpthread.
Configuring zlib.
Configuring libopenssl.
Configuring squid.


I had to create the following directories:
# mkdir -p /mnt/usbstorage/squid/squid-cache
# mkdir -p /mnt/usbstorage/squid/log

SQUID config file

My /etc/squid/squid.conf looks like:
pid_filename /var/run/

cache_effective_user root
cache_effective_group nogroup
visible_hostname fusion

# These default to lru if commented. Broken on '2.6'? (squid 2.6? Kernel 2.6?)
#cache_replacement_policy heap LFUDA
#memory_replacement_policy LFUDA

ipcache_size 2048
cache_swap_low 90
cache_swap_high 95
maximum_object_size_in_memory 100 KB

# If you have 64/8MB Router you can use 16MB cache_mem. If smaller, use 8MB ram. Any less, no worky well.
cache_mem 16 MB

# cache_dir: change it if you want. 100 meams 100MB cache size.
cache_dir ufs /mnt/usbstorage/squid/squid-cache 100 16 256

logfile_rotate 10
fqdncache_size 2048
memory_pools off
maximum_object_size 16384 KB
quick_abort_min 0 KB
quick_abort_max 0 KB
log_icp_queries off
client_db off
buffered_logs on
half_closed_clients off
negative_dns_ttl 10 second
connect_timeout 60 second
read_timeout 80 second
request_timeout 80 second

# Logs, goes to USB stick
cache_access_log /mnt/usbstorage/squid/log/squid-access.log
cache_log /mnt/usbstorage/squid/log/squid-debug.log
cache_store_log /mnt/usbstorage/squid/log/squid-storage.log

# Logs, goes into openwrt's existing log folder.
#cache_access_log /var/log/squid-access.log
#cache_log /var/log/squid-debug.log
#cache_store_log /var/log/squid-storage.log

hierarchy_stoplist on

# Our internal IP and listen port
http_port transparent

# Global ACL-Definitions (Access control lists)
acl idents ident REQUIRED
acl manager proto cache_object
acl localhost src
acl all src
acl intern dst
acl FTP proto FTP
always_direct allow FTP

# Allowed External Ports and Internal Lan IPs
acl Allowed_Ports port 80 99 443 21 563 488 777 210 1025-65535
acl yourLAN src

#http_access definition
http_access allow idents
http_access allow all
http_access allow intern
http_access deny manager all
http_access allow yourLAN
http_access deny all
icp_access deny all
miss_access allow all
always_direct allow intern


Check if everything is ok
# squid -f /etc/squid/squid.conf -z


This is the dd-wrt startup file I'm adapting. It starts SQUID and setting up the transparent iptables rules.

# Uncomment this to short circuit setting iptables.

case "$1" in
        echo -n "Starting proxy server: "
        /usr/sbin/squid -f /etc/squid/squid.conf
        if [ -z $TRANSPARENT_PROXY ]; then
            /usr/sbin/iptables -t nat -A PREROUTING -i br0 -s $INTERNAL_NETWORK -d $INTERNAL_NETWORK -p tcp --dport 80 -j ACCEPT
            /usr/sbin/iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_SERVER -p tcp --dport 80 -j DNAT --to $PROXY_SERVER:$PROXY_PORT
            /usr/sbin/iptables -t nat -A POSTROUTING -o br0 -s $INTERNAL_NETWORK -p tcp -d $PROXY_SERVER -j SNAT --to $ROUTER_IP
            /usr/sbin/iptables -t filter -I FORWARD -s $INTERNAL_NETWORK -d $PROXY_SERVER -i br0 -o br0 -p tcp --dport $PROXY_PORT -j ACCEPT
            export TRANSPARENT_PROXY="1"
            echo "This script has already run!"
            echo "If it hasn't, unset $TRANSPARENT_PROXY manually via the shell."
        echo "done."
        echo -n "Stopping proxy server: "
        /usr/sbin/squid -f /etc/squid/squid.conf -k shutdown

        if [ -z $TRANSPARENT_PROXY ]; then
            /usr/sbin/iptables -t nat -D PREROUTING -i br0 -s $INTERNAL_NETWORK -d $INTERNAL_NETWORK -p tcp --dport 80 -j ACCEPT
            /usr/sbin/iptables -t nat -D PREROUTING -i br0 -s ! $PROXY_SERVER -p tcp --dport 80 -j DNAT --to $PROXY_SERVER:$PROXY_PORT
            /usr/sbin/iptables -t nat -D POSTROUTING -o br0 -s $INTERNAL_NETWORK -p tcp -d $PROXY_SERVER -j SNAT --to $ROUTER_IP
            /usr/sbin/iptables -t filter -D FORWARD -s $INTERNAL_NETWORK -d $PROXY_SERVER -i br0 -o br0 -p tcp --dport $PROXY_PORT -j ACCEPT
            export TRANSPARENT_PROXY="1"

            /usr/sbin/iptables -t filter -L
            /usr/sbin/iptables -t nat -L
           echo "This script has already run!"
           echo "If it hasn't, unset $TRANSPARENT_PROXY manually via the shell."

        echo "done."
        echo -n "Reloading proxy server configuration files: "
        /usr/sbin/squid -f /etc/squid/squid.conf -k reconfigure
        echo "done."
        echo -n "Restarting proxy server: "
        echo "done."
        echo "Usage: /etc/init.d/S80squid {start|stop|reload|force-reload|restart} "
        exit 1

Wednesday, January 4, 2012

Really, Brother?

This is popping up on my screen every five minutes.

Really? Ink Low?
Doesn't look low to me, and certainly not low enough to be BUGGING ME EVERY FIVE MINUTES.

I'd expect it to be complaining at 15%-25%, not "hey, your black dropped below 50%!"

I think I'm going to change the printer's assigned hostname from the router to 'navi'.

Friday, December 9, 2011

1976 Jaguar XJ-12 with Chevy 350 For Sale!

Hello, all my friends on the internet reading this.

My friends and I are in a bit of a rough spot. We're sort of short on the rent, this month. Y'see, we're about 45 days into bootstrapping a little film business here in california, trying to run things in a 'stack-all-the-added-value' sort of way. We've got some fancy camera gear (Epic X & 5D Mk2, KesslerCrane 12' Jib, Zoom H4N & Mics), but it ain't all ours yet. We rented a fancy location to shoot and live in, but it ain't all ours yet. We're still linking up with people and pitching for jobs.

Here's some of the awesomeness we've thrown together in the last few weeks:

As part of our awesome film gear, we had to have an awesome car to film. She shows up in the first clip.

It's Nate North's Silver Jaguar XJ-12.

She's had her Jaguar V-12 engine replaced about 10000 miles ago with a reliable Chevy V-8 350, since the Jaguar has a relatively standard GM-compatible driveline. There are two gas tanks with a dashboard console button to switch between them.

I believe it also has a T700-R4 transmission with a 30% overdrive, so for a V8, it does pretty well on the road.
She's all mechanical, so if you're looking to increase milage, HHO Kits Direct has some pretty awesome holiday deals right now.
Plenty of room under her hood, Power windows, Heater, Working AC, Viper car alarm controlling power locks, spiffy clean red interior.

Anyway, I'll get to the point.  Sadly, we're going to have to let her go. But I'd like her to find a good home.
She'd make a wonderful holiday gift for a car tinkerer. That's where you come in, internet.

To make sure my friends have a cheerful holiday, I'm willing to pack her on a U-Haul car-hauler off the back of a 10' U-Haul truck,
and drive her to any destination out to as far as, maybe Texas, maybe further.
I'm willing to show up at your place, christmas evening or morning to unload her, then take a Greyhound back home to Los Banos.

Right now, we're asking $7000, or taking the best offer we get.

I'm sorta hoping there's someone out there with some holiday spirit willing to keep us burning into January with a little more to eat with; but we are humble folk, and will continue on our diet of homemade bisquick pan-pizzas and spaghetti with various sauces. Inexpensive, yet delicious!

Alternatively... If you don't want the car, We're for hire doing all sorts of things... :)

Pass this around your G+ Circles, give us a holler here in the comments, send me an email at, a voicemail* at (408) 890-7463, or track down one of my housemates on the internet, we'd love to hear from you!

* My apologies, I have run out of money to pay T-Mobile this month, but Google Voice will still be happy to transcribe your message and email it to me!