Brain Phrye

code cooking diy fiction personal photos politics reviews tools 

FreeBSD ipfw Notes

Last week I wrote about fail2ban on FreeBSD. One note about that is that service ipfw restart seems to break all connections. This is frustrating / terrifying when you’re ssh’d into a machine and running that command. In my case I thought the box was inaccessible for a number of days before realising I could just reconnect (always test assumptions - advice I still fail to heed regularly). I’ve read a number of discussions about this, but the answer that seems best is in this answer. Read more


My primary memory of the diner was that is was brown. It was 1983 and interior design hadn’t fully shaken off the 1970s. Memory is odd. I remember the color of the diner, but not why we were there. I’m pretty sure it was for my great-aunt Cassie’s memorial, but that’s largely due to the timing and who was there. And I’m not really sure where it was - Concordia, Great Bend? Read more

Fail2ban on FreeBSD

I’ve come across a number of posts describing how to set up fail2ban on FreeBSD. Every damn one of them modifies a .conf file which is a fail2ban no-no. And the package in ports even tells you this: 1 2 3 4 5 6 7 8 9 10 Please do not edit the fail2ban.conf, jail.conf, or any other files in the distributen as they will be overwritten upon each upgrade of the port. Read more


I don’t tend to do much php but it comes up from time to time. The package manager for php is composer and it’s generally not in distro packages. So I wrote the following for my home dir to make it easier to get on the odd time I need it. This would go in ~/bin/composer 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 #! Read more

Systemd User

A while back I set up a CO2 sensor in my office. The setup requires a prometheus server to scrape it and a python script to get the data off the sensor and expose them for prometheus to scrape. I’ve been running it in two open terminals for several months now. You can upgrade Linux desktops without rebooting or restarting your desktop session for quite a while. Eventually though it will start getting kinda flakey. Read more

Brexit Timeline

This is a simple Brexit General Election calculator. It does not factor in public holidays. Enter the date and press return. Date No Confidence Vote proposed: Date of No Confidence Vote: Date to schedule election (14 days): Date of election (25 working days): Date of count (1 day): Date government formed (3 days): Some of these time periods are set in stone by the Fixed Term Parliaments Act (2011). Read more

Burren CO2

There have been a number of discussions about carbon taxes and reducing co2 generation in Ireland due to our likely failure to meet emission targets in 2020 and beyond. The Burren is a manmade landscape. Thousands of years ago the Burren was a forest - primarily hawthorn and pine. The people living here then likely spent generations clearing it for farming and then, without the trees there, the weather stripped the top soil away. Read more

Continuous Integration repo reminders - revisited

Back in 2017 I wrote about CI reminders. It was specific to 3rd party tools, but it turns out there are other use cases. It turns out my infrastructure configs have a number of things that I need reminding about. For web servers I need to know the latest recommendations for SSL configurations. More importantly I need to make the changes and check them. For terraform I need to review my provider versions and update them. Read more

Sensor, part2

The other day I was playing with a CO2 sensor. I think I promised to publish the changes I’d made to the original code and I finally have. I also included some of the files you’d need to install it. I’m not happy with the udev configuration. First the "add" line seems to cause several co2sensor@.service starts for different values of the %k format string. I’m not clear why. And the "remove" line doesn’t seem to work at all. Read more

CO2 Sensor

A while back I bought a CO2 sensor I could get readings off USB for. I finally deployed it in the office using a modified version of this and prometheus. I’ll write up the code bit later but the graph of the first two days is interesting. The initial, pretty flat bit is the weekend. And then people start coming in on Monday morning. One of the guys remembered to check it and then opened a window as we saw it was nearing 1,200 ppm. Read more


A while back I had some ssl fun. Amusingly that fix worked for exactly one week. The docker container that was being generated there was based on Debian wheezy. Apparently that was so old that not only was it deprecated, the next version seems to soon be deprecated too. So I’ve spent the last two weekends feverishly porting it to Debian stretch. I’m not really a Debian user for most things so I don’t follow their release ecosystem. Read more

Pyramid Power

When I was in school, I devoured school libraries. I read them all and there was some weird shit in some of them. In junior high school I remember several books in particular. They were a series of conspiracy theories books - but written by someone who seems to have believed them and written like they were all totally true. It seemed believable. And up till then, books were clearly fiction or not fiction. Read more


I ended up reading about zram today and decided to give it a go. The install process on Ubuntu (and I assume Debian) is simple: 1 2 3 sudo apt install zram-config sudo systemctl start zram-config cat /proc/swaps You should now see several zram devices. They’ll have a higher priority than the disk based swap. This means that they’ll swap in and out cheaper with a slight cpu/memory cost. Read more

Tabs v Spaces

A new angle on the tabs v spaces debate: how it affects your salary. Personally I’m a tabs and spaces person, but I’m pretty relaxed about it.

Father’s Day

My question before venturing off down the canyon to the right was whether to go barefoot or wear flip-flops. I was wonderfully unprepared for this adventure. However I was convinced by wiser people - my girlfriend, sister, dad, essentially everyone - that shoes would be wise. Though based on the dirt ground into the bottom of my t-shirt, perhaps wearing them on my feet was a mistake. Around the time we’d reached the bottom my nephew had managed to get into some difficulty and got stuck on the opposite side of the river at the bottom of the canyon. Read more

Vim CVE 2019 12735

Sigh. There’s a modelines vulnerability in vim that’s rather simple to exploit. Thankfully there’s a simple workaround - just disable that functionality. Add this to your ~/.vimrc and then it won’t affect you but you’ll get modelines back when fixed versions arrive. However there’s some question about the fix so might keep an eye out on this issue and adjust the if statement as appropriate. 1 2 3 4 5 6 7 8 9 " Disabled due to https://nvd. Read more

New Vim Tricks

This article is a bit wordy but get towards the end and there’s lots of new stuff in there. Really want to play with C-n and the thing with tabs and sessions looks interesting but lots of new keystrokes there.


Every now and then I skim through this till I find something I’m wrong about. I’ve read lists like this for years and always, every time, learned something new. An assumption I’d incorrectly made or something I’d read before that was wrong. I often promptly forget it, but over time some of it sticks. The world’s a big ol’ place. A guy I worked with once made the following observation: Read more

APC tic tac toe

The text programs have been amusing, but this video shows the one I really want to port. I’m not generally a front-end dev, and this was about as close as I ever got to doing it. Some things to background info about what’s there: First, IIRC, the project was to demonstrate how to use two dimensional arrays. I obviously understood the concept of “feature creep” before I learned the term. Read more

APC to fpc - notes

Some notes on the conversion: My coding style was far less consistent back then and that makes it harder to read the code. In this first pass I’ve made one-line summaries of the code as I’ve ported them and my style back then has made some programs a bit unscrutible. Indenting varied so following program flow is a bit harder. Pascal is not case-sensitive and my capitalisation varied which makes it hard to find variables and include files. Read more