remove
Safely Processing a Queue of Jobs
Tue, 02/18/2020 - 10:29 — Alexis WilkeWhat is a Queue
In software a queue is a container which is used to add items on one side and remove them on the other in a very efficient manner.
Sorted Queues
When used by a Journal, a queue is often going to support some kind of sorted order. Some jobs are more important than others and these should be built sooner. In other words, we give those jobs a higher priority and we sort the queue by priority first then using the time at which the job gets inserted.
Note that the C++ std::queue and std::unque containers do not offer anyway to support a priority. Instead you have to use ...
Docker, an advanced chroot utility
Fri, 11/29/2019 - 19:09 — Alexis Wilke
SECURITY WARNING
Before installing Docker and containers with services on your Linux system, make sure to read and understand the risks as mentioned on this Docker and iptables page. Especially, Docker will make all your containers visible to the entire world through your Internet connection. This is great if you want to indeed share that service with the rest of the world, it's very dangerous if you are working on that container service since it could have security issues that need patching and such. Docker documents a way to prevent that behavior by adding the following rule to your firewall:
iptables -I DOCKER-USER -i eth0 ! -s 192.168.1.0/24 -j DROP
This means that unless the IP address matches 192.168.1.0/24, the access is refused. The `eth0` interface name should be replaced with the interface name you use as the external ethernet connection. During development, you should always have such a rule.
That has not worked at all for me because my local network includes many other computers on my LAN and this rule blocks them all. So really not a useful idea.
Instead, I created my own entries based on some other characteristics. That includes the following lines in my firewall file:
*filter :DOCKER-USER - [0:0] -A DOCKER-USER -j early_forward -A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 80 --ctdir ORIGINAL -j DROP -A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8080 --ctdir ORIGINAL -j DROP -A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8081 --ctdir ORIGINAL -j DROP
My early_forward allows my LAN to continue to work. These are my firewall rules that allow my LAN computers to have their traffic forwarded as expected.
Then I have three rules that block port 80, 8080, and 8081 from Docker.
Docker will add new rules that will appear after (albeit not within the DOCKER-USER list) and will open ports for whatever necessary service you install in your Dockers.
Note that the only ports you have to block are ports that Docker will share and that you have otherwise open on your main server. If Docker opens port 5000 and your firewall does not allow connections to port 5000 from the outside, then you're already safe. On my end I have Apache running so as a result I block quite usual HTTP ports from Docker.
Docker
As we are helping various customers, we encounter new technologies.
In the old days, we used chroot to create a separate environment where you could have your own installation and prevent the software from within that environment access to everything on your computer. This is particularly useful for publicly facing services liek Apache, Bind, etc.
Put the label of an HTML Input inside the Input element
Mon, 10/29/2018 - 14:41 — Alexis Wilke
Update:
With HTML5 running on pretty much all platforms, you want to use the placeholder attribute instead of any sort of tricks to place a label inside your input widgets.
This is done like this:
<input type="text" placeholder="Phone Number"/>
This example will show "Phone Number" inside the input box until the user types some text in that box.
You can test with the box right here. This is just that one <input .../> tag I placed in my page HTML. (It is not in a form, but the widget itself will work as expected.)
For additional details, I ...
Deleting a (Duplicate) Retweet from your Twitter Feed
Sat, 02/03/2018 - 17:30 — Alexis WilkeDouble Retweeting and How to Avoid Over-Duplication
I have seen many people retweeting like crazy and I've noticed that once in a while these people have been retweeting the exact same tweet more than once.
I'm pretty sure that in most cases these people ignore the fact. Personally I find their twitter feed annoying because of that. Retweeting is totally okay, it's sharing what others have tweeted and there is nothing wrong with it. However, seeing the exact same tweet 2, 3, 4, or even 5 times pretty much in a row is rather bad taste. I understand that this very tweet is super ...
Getting Rid of Deactivated Facebook Friends
Thu, 12/21/2017 - 14:25 — Alexis WilkeLast updated in Dec 31, 2017 as many things have changed.
Not only that, I also noticed that "dead" accounts are not always really dead.
Read below to learn more.
I was slowly nearing 5,000 friends when all of a sudden I had 5,089!
Wondering what was happening, a post on the Blackhat World forum caught my eye as someone mentioned the fact that he had 5,700 friends. The answer was that deactivated friends do count against your 5,000 friends limit. They are counted as part of your friends even though they do not have an account anymore and they don't get automatically removed ...
Make sure your Thunderbird does not use SSL to avoid POODLE attack
Thu, 10/23/2014 - 16:39 — Alexis WilkeA few days ago the news that SSLv3 was no good came out. The protocol allows for patterns that can be used by a hacker to decipher an encrypted message without the need for the private key. In other words, encryption using SSLv3 is no good (anymore--it never was, but we know this only now.)
We fixed our Apache2 settings, for those interested, you just have to turn off SSLv3 with the following setting:
SSLProtocol all -SSLv2 -SSLv3
Although to really remove all the encryption methods that are not that secure (can easily be cracked) you also want to change the list of ciphers with:
...
Another reason to like SeaMonkey!
Tue, 03/04/2014 - 12:48 — Alexis WilkeAs I mentioned before, I like to use SeaMonkey. In general, browsing wise, it is very much like Firefox so that's good for those people who like Firefox, they can switch without losing much else than the location where the toolbar buttons are (Quite a few are in different places).
The thing I discovered today, though, is really cool. I put a path to an email saved on my disk to see whether the HTML in that email was valid or not and it loaded at once. Just before hitting Enter I though, wait... I probably should remove the email header. Nope. No need. It actually recognized the data and ...
Protected Node Global Settings
The protected node module has global settings found under:
Administer » Site configuration » Protected node
Protected node Statistics
The page starts with statistics to let you know how pages are protected on your website. All the counts include published and unpublished content.
- Total nodes — the total number of nodes on your website
- Unprotected nodes — number of nodes that do not have a password
-
Protected nodes — number of nodes that are current protected by a password
- Showing title — number of nodes showing their ...
Drupal Aggregator
The default Aggregator Drupal module does not work very well. There are several problems with the Drupal Core module, one of which we have not fixed in our version (i.e. the flatness of the item table.)
There is a list of the known issues and our comments and whether we fixed the problem:
| Problem | Solution in m2osw's version of Aggregator |
|---|---|
| Missing XML marker | The <?xml ... ?> marker is missing from some RSS feeds, add it as required |
| Spurious data | Some RSS feeds add spurious data ... |
Table of Contents tags and parameters
Syntax
Supported Tags
The module supports 3 tags that all generate a Table of Contents.
The most popular is now [toc] since it is easy to type and works in WYSIWYG editors.
