James Raftery
Here you'll find programs, patches and reference material related to DNS, email systems, FreeBSD, perl and other assorted whatnots. There are also some lecture slides, essays, notes and that sort of thing; some serious, some very much not. If you're not a geek, this site is dull, dull, dull.
This site is served by RedBrick, the DCU Networking Society. Email me: james .at. now .dot. ie
Software
DNS related
dnsrend
MD5 (dnsrend-0.08.tar.gz) = 83a1059f84b25223a0189edb92db43e5
Released 8th November 2010
dnsrend is a DNS message dissector, showing excruciating detail to
diagnose malformed message contents.
You can grab the source below along with some of the documentation or
look at the more informative dnsrend page for more
information.
route53d
MD5 (route53d-0.01-alpha.tgz) = 490a7229b1e5044a7bfad6f97a440d30
Released 15th December 2010
route53d
is a DNS frontend to the Amazon Route 53 API, letting you
use dynamic updates and (soon) zone transfers to push DNS changes into Route
53.
The full rundown is on the route53d page.
SRV-aware WHOIS client
Download whois-srv to get a WHOIS client which can use DNS SRV resource records to locate the appropriate WHOIS server to send the query to. Written in perl, with the Net::DNS module. It doesn't have much documentation. This client includes support for the SRV location process described in draft-whois-srv-02.txt
db2dns
A perl filter to write both BIND master-zone-file format and tinydns-data format DNS records for domain objects found in a version 2 RIPE-like database. Feed a v.2 database on stdin and get BIND and/or tinydns zone data appended to files of your choice!
dnsnotify
dnsnotify manually sends DNS NOTIFY messages to DNS servers. Written in perl and requires Net::DNS. Based on Jos Backus's original script. Andrew Pam took dnsnotify and turned it into something better. [local copy of dnsnotify]
djbdns (dnscache) cache hit/miss statistics
This patch to djbdns
1.05 modifies the dnscache program to keep a counter of cache hits and
cache misses. Two new fields are added to the stats
output
line: the fifth number is the number of cache hits; the sixth number is
the number of cache misses.
@400000003fa92ccc317d70f4 stats 3 1201 1 0 21 49
A stats
line such as the above indicates 21 hits and 49
misses since dnscache
was started. We plot the statistics
in rrdtool graphs: (1), (2).
DNS reference for Palm
A MobileDB format database for the Palm specifying all of the DNS parameter numbers (3KB) maintained by the IANA.
djbdns mirror
The Irish mirror of tinydns.org, the usersite for Dan Bernstein's excellent djbdns software is hosted here. Its canonical URL is http://djbdns.now.ie/.
dnspython Resolver patch
I wanted an easy way to send non-recursive queries using the python dnspython module. I extended the Resolver object's query() function to accept a dns.message.Message argument to allow me to create a complete Message object with my choice of flags, opcodes, etc. and hand that to query() to send. There's more discussion in the dnspython-dev mailing list archive. Apply this patch to dnspython.
dnsassert
MD5 (dnsassert-0.04.tar.gz) = d3cd82ef8f93409e22711d80c11d0f0c Released 25th August 2009We run a busy set of DNS boxes serving zones for a very informal
community. Users regularly move their delegation elsewhere without telling
us. To manage the cruft accumulation I wrote dnsassert to check that various
DNS records are as expected. In our particular case I feed it the list of
names from our BIND and MTA configs. and have it flag any NS or MX RRsets
that we're not listed in any more. It's written in Python and uses the dnspython module. It has nothing
to do with the BIND UPDATE assert()
bug.
Why is dnsassert not threaded, you ask? Because dnspython
isn't thread-safe. I have a patch to fix that but I'm not distributing it.
Sorry.
Email servers, tools and patches
vodmr
MD5 (vodmr-0.13.tar.gz) = d51b823e974c1e0be44f6015d21694af
Released 30th August 2005.
This program is an
RFC 2645
On-Demand Mail Relay (ODMR) / Authenticated TURN (ATRN) server for vpopmail/vchkpw mail servers
running qmail.
You can grab the source below along with some of the documentation or
look at the more informative vodmr page for more
information.
Net::QMTP perl module
MD5 (Net-QMTP-0.06.tar.gz) = cca980e12f14808164e70ff2786f15d1
Released 2nd November 2004.
Net::QMTP is a perl module which provides an object interface to a Quick Mail Transfer Protocol
(QMTP) client. QMTP is a replacement for the Simple Mail Transfer
Protocol (SMTP). The module is in very early development. Net::QMTP can
be downloaded from my
CPAN directory. You can also browse the module's documentation on
CPAN. The qmail package includes a
QMTP server.
You can download version 0.06 from here or the latest files from CVS instead, but please do try to use your nearest CPAN mirror. FreeBSD users can use the ports collection: cd /usr/ports/mail/p5-Net-QMTP && make install
vpopmail vadddomain patch
The -e flag to vadddomain configures a virtual domain's default delivery to reinject a message to the specified user rather than delivering into the user's Maildir (as qmailadmin does). This means the envelope information from the original message is lost. This patch modifies the behaviour of the -e flag to deliver into the specified user's Maildir if the argument to -e does not contain an @ symbol. (This patch has been incorporated into the 5.3.20 development release of vpopmail, upon which the 5.4.0 stable release will be based)
assign-lint for qmail
assign-lint highlights problems and inconsistencies in a users/assign file as created by qmail-newu and used by qmail-lspawn, both components of the qmail MTA. Checks syntax and semantics, written in perl. [local copy of assign-lint]
qmail ETRN logging
A small patch for qmail's SMTP daemon (version 1.03) to log ETRN commands, instead of reject them. A log watcher can follow the daemon's log output and fire off an appropriate dequeuing procedure (send an ALRM to qmail-send, start serialmail, etc). Based on Markus Stumpf's patch. I've patched Postfix 1.1.8 to do the same. While Postfix supports ETRN it rejects ETRNs for domains not in $fast_flush_domains, and doesn't log approved ETRNs without increasing the logging level to an unacceptable verbosity. Apply this patch to src/smtpd/smtpd.c.
qmail canonicalised recipient logging
qmail-remote fulfills the canonicalisation requirements of SMTP
for qmail -- that is, the standard prohibits host names in `RCPT TO'
(recipients) from being aliases. qmail-remote, like other MTAs, rewrites
aliases in `RCPT TO' to the canonical host name found in DNS.
The logs however only show the address before canonicalisation.
starting delivery 90: msg 12642 to remote some_user@www.redbrick.dcu.ie
If you were to try to diagnose a problem with this, it would be useful to know that qmail actually sent the message to some_user@prodigy.redbrick.dcu.ie because www.redbrick.dcu.ie isn't canonical (especially if the remote site has since removed the CNAME).
Apply this patch to qmail-remote.c to have delivery reports (and bounce messages) log the real recipient.
delivery 90: success: <some_user@prodigy.redbrick.dcu.ie>_136.206.1.5_accepted_message./ Remote_host_said:_250_<3D738B0800096B73>_Mail_accepted/
qmailadmin support for vpopmail mailbox flags
The qmailadmin web administration tool for vpopmail does not permit a user to view or modify mailbox flags. Such a flag is required to enable ODMR access to a mailbox. If you want to be able to view and change mailbox flags with qmailadmin apply this patchset to qmailadmin 1.0.12 (or later) sources. (This patch has been incorporated into the 1.0.16 development release of qmailadmin. If you're using that release or later this patch is redundant)
The patch adds a new ## output tag: ##Jx. ##J0 selects V_USER0 if set, ##J1 V_USER0 if unset, ##J2 selects V_USER1 if set, ##J3 V_USER1 if unset, and so on.
An older and cruder version of this patch for qmailadmin 1.0.6 has similar functionality. It isn't as clever as the 1.0.12 patch. Don't use it unless you're desperate.
vpopmail.pm vauth_getpw uid/gid/clear_passwd patch
Sean Scanlon's vpopmail.pm module provides access to the vpopmail C API from your perl programs. The current version of the module (0.08) doesn't fully implement the C vauth_getpw function -- it does not return the uid, gid or clear_passwd field of the user. This patch to vpopmail.xs adds that functionality. You should only attempt to apply this patch if you have a vpopmail that supports clear text passwords (4.10 or newer).
mutt message rescore patch
The mutt mail client supports message scores to rank, sort and display messages according to user specified policies. Scores are calculated when a folder is opened and are not updated as messages' statuses change (from `New' to `Read'; from `Unflagged' to `Flagged'; etc). If you're like me, with over 3000 messages in a folder on a very slow IMAP server, reopening the folder (which takes about 90 seconds) to update scores isn't pleasant. mutt-rescore.mesg.patch is a small patch to mutt which updates message scores in real-time.
mutt scoring extended patterns patch
The mutt message score system, mentioned above, forbids "for efficiency reasons" some patterns that match on message parts not shown in the index. It seems to me that the user should decide if any performance decrease is acceptable to them, rather than endure a blanket ban. Here is a patch to remove the pattern restriction for scoring.
SMTP client bash script
This script is a simple SMTP client written in bash. I use it to quickly send test emails through SMTP servers I'm working on, especially from demonic 'appliance' type platforms that don't provide telnet/netcat/etc.
FreeBSD
FreeBSD ``Freeze-dried Workstation''
MD5 (fdws-skeleton-0.02.tar.gz) = e756353aea4bd2cc81aef70559b54fdb
Released 18th October 2003.
The ``Freeze-dried Workstation'' is a FreeBSD
port skeleton which will do a pretty good job of turning a freshly
installed FreeBSD machine into one suitable for my desktop, with minimal
effort. It works by installing nothing itself but having dependencies
upon the tools and applications I want. It's here
because it may be useful to you too. Be aware that this will download,
compile and install a lot of software. It will likely take a very long
time and use a lot of disk. All told, fdws will install 105 ports
(mostly dependencies [16 Oct. 2003 ports tree]).
Download the skeleton,
extract it into /usr/ports
, then do make
install
in /usr/ports/misc/fdws
. Go for a long
coffee break.
FreeBSD SCSI DA kernel patch
A small patch for the FreeBSD 4 kernel's SCSI Direct Access driver to get my USB pen flash drive working -- a Wincan [branded as ``Copera''] 64MB USB pen flash drive. The kernel detects it as <Wincan HARD DRIVE DISK 1.05> Removable Direct Access SCSI-0 device. The patch, and hardware details, are in FreeBSD PR kern/37378. [local copy of scsi_da.c.patch]
FreeBSD ps(1) format patch
This patch to
/usr/src/bin/ps/print.c stops ps
printing an empty line
when empty headers are specified. After this patch ps -o pid= -o
cpu= -p 1
, for example, prints on one line not two. [FreeBSD PR
bin/43389] (This has been fixed in RELENG_4 since Nov. 30
2002.)
FreeBSD whois(1) patch for IANA/TLD lookups
This patch to
/usr/src/usr.bin/whois/whois.{1,c} adds a -I
flag to
whois
to query the IANA whois server,
whois.iana.org. Top-level domain network information is now
served by this host. It is no longer available from NetSol. or InterNIC
WHOIS. [FreeBSD PR
bin/48914] (This patch was commited to HEAD/-CURRENT on June 14
2004, and to RELENG_4 on December 12 2004.)
FreeBSD port maintenance
I am the maintainer of a few FreeBSD ports, namely mail/p5-vpopmail, mail/vodmr, mail/p5-Net-QMTP and textproc/p5-Text-Netstring. I no longer maintain net/vnc.
Everything else
cram-auth
MD5 (cram-auth-0.1.tar.gz) = 4d69dc4636492be69c5a92cde38da9a3
This program produces
CRAM-MD5 authentication responses as used in SASL (e.g. SMTP AUTH). It's
written in perl and requires the Digest::HMAC_MD5 and MIME::Base64
modules.
Snakes and Ladders
I wrote a pretty basic Snakes and Ladders applet in Java for a university programming class. I still get a steady stream of email about it, and I'm happy to help with genuine queries. Please don't bother trying to get me to do your homework. I won't. Oh, and things you need to do to pass your assignment but are "missing" from this game are not "bugs".
RedBrick Code decoder
rbdecode is a RedBrick Code decoder. The RedBrick Code is similar to the Geek Code, but, well, it's a little closer to home. Here's an example of what it does.
Text::Netstring perl module
MD5 (Text-Netstring-0.07.tar.gz) = df1fd67977d687a1b104e8756dff4761
Released 20th November 2006.
The Text::Netstring module gives your perl programs an easy way to
create and manipulate netstring encoded strings, as used by the QMTP and
QMPC protocols. The module can be downloaded from my CPAN directory.
You can also browse the module's documentation on CPAN.
You can download version 0.07 from here or the latest files from CVS instead, but please do try to use your nearest CPAN mirror. FreeBSD users can use the ports collection: cd /usr/ports/textproc/p5-Text-Netstring && make install
Unix::Supervise perl module
MD5 (Unix-Supervise-0.01.tar.gz) = 906bab7792c4893a8fd9238f6bfee241
Released 3rd February 2003.
Unix::Supervise is an object interface to svscan/supervise monitored
unix services. svscan and supervise are components of Dan
Bernstein's daemontools
package. You can download
version 0.01 from here. This is alpha software.
Mozilla / Firefox searchbar plugins
With these plugins, use the Mozila/Firefox Search Bar to search cisco.com or docs.sun.com.
N.B. for Unix: Search plugins can't
be installed unless you can write to the searchplugins directory. This
is /usr/X11R6/lib/firefox/lib/firefox-0.9.1/searchplugins
for my Firefox 0.9.1.
"date +%s" for Solaris
Getting the number of seconds since the epoch in a Solaris userland
is a pain: strftime(3C) doesn't have a +s
conversion so date(1) is no help. I'm sick of it. Here is a tiny C program,
with source and Solaris/SPARC dynamic and statically linked binaries
that prints seconds since the epoch.
Net::Pcap::Reassemble perl module
MD5 (Net-Pcap-Reassemble-0.05.tar.gz) = 6ac8784e652e2ad3d516a25c579403e0
Released 14th May 2010.
This module is a wrapper around the loop()
function in
Net::Pcap. It performs reassembly of IPv4 and IPv6 fragments in the
capture data and so provides a complete, reassembled datagram to the
caller via the normal callback mechanism. The module can be downloaded
from my CPAN directory.
You can also browse the module's documentation on CPAN.
You can download version 0.05 from here or the latest files from CVS instead, but please do try to use your nearest CPAN mirror.
Writings
Of varying quality.
- Some notes on Internationalized Domain Names (IDN) at http://pógmothóin.now.ie/
- I keep short notes, mostly about technology that's annoyed me, on my Jottit site.
- Building a custom, patched FreeBSD ISO install image.
- The Europa Hotel in Belfast, and the traditions that befall it.
- I try to rationalise my decision to vote yes to Nice.
- A longish piece on my day at the anti-war protest in Shannon Airport on October 12 2002.
- The New York Post tells us that France has forgotten World War Two. I disagree.
- A presentation entitled Legal Aspects of Computer System Security given at HEAnet's Security - Protecting our Resources seminar.
- I wrote an article for the Irish Linux Users Group describing DNS transaction signatures.
- The guys are right and the girls are wrong: Men and Primary Colours. There are eleven primary colours.
- Saddam Hussein is a villainous menace, but perhaps he's not all bad.
- The dosser's dictionary; my personal lexicon of madeupisms.
- More ...
Brain food
Currently reading: Psychology: the Science of Mental Life by George A. Miller, A Brief History of Time by Stephen Hawking and Adrian Mole: the Cappuccino Years by Sue Townsend.
Guardian Unlimited and The New York Times publish first chapters on the web. Read them.
USENIX have collated the Best Papers winners. The ACM have published some of their best too, including Ken Thompson's infamous Reflections on trusting trust.
Freedom of information, protection of human rights and a little social justice wouldn't harm anyone would they? Help fight online bully-boy tactics. Indulge in a little heresy. Or perhaps you'd like to join me in laughing at the state of modern justice.
Nonsense
Help the manhunt for an escaped GAA
player.
US foreign policy: spot (and explain)
the difference.
Is latin really such a daunting
challenge?
Has non-judgemental political
correctness gone too far?
RFCs
RFC4042 UTF-9 and UTF-18: Efficient Transformation Formats of Unicode
RFC4041 Requirements for Morality Sections in Routing Area Drafts
RFC3514 The Security Flag in the IPv4 Header
RFC3252 Binary Lexical Octet Ad-hoc Transport
RFC3251 Electricity over IP
RFC3093 Firewall Enhancement Protocol (FEP)
RFC3092 Etymology of Foo
RFC3091 Pi Digit Generation Protocol
RFC2795 The Infinite Monkey Protocol Suite (IMPS)
RFC2551 The Roman Standards Process -- Revision III
RFC2550 Y10K and Beyond
RFC2549 IP over Avian Carriers with Quality of Service
RFC2325 Definitions of Managed Objects for Drip-Type Heated Beverage Hardware Devices using SMIv2
RFC2324 Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0)
RFC2323 IETF Identification and Security Guidelines
RFC2322 Management of IP numbers by peg-DHCP
RFC2321 RITA -- The Reliable Internetwork Troubleshooting Agent
RFC2100 The Naming of Hosts
RFC1927 Suggested Additional MIME Types for Associating Documents
RFC1926 An Experimental Encapsulation of IP Datagrams on Top of ATM
RFC1925 The Twelve Networking Truths
RFC1882 The 12-Days of Technology Before Christmas
RFC1607 A View From The 21st Century
RFC1606 A Historical Perspective On The Usage Of IP Version 9
RFC1605 SONET to Sonnet Translation
RFC1438 Internet Engineering Task Force Statements Of Boredom (SOBs)
RFC1437 The Extension of MIME Content-Types to a New Medium
RFC1217 Memo from the Consortium for Slow Commotion Research (CSCR)
RFC1216 Gigabit Network Economics and Paradigm Shifts
RFC1149 A Standard for the Transmission of IP Datagrams on Avian Carriers
RFC1097 Telnet SUBLIMINAL-MESSAGE Option
RFC968 Twas the night before start-up
RFC748 Telnet RANDOMLY-LOSE Option
RFC602 "The stockings were hung by the chimney with care"
RFC527 ARPAWOCKY
Mumbo jumbo
Ideas, prejudices and cynism are © James Raftery, 1998-2010.
Information comes with no warranty.