All posts by joekiller

I solve hard problems and have fun doing it.

Socialism?

Did you know that employee owned companies are practicing socialism? Anything the government does, building parks, roads, defense spending, etc is technically supposed to be socialism. Ie, the government isn’t there to make a profit. We the people elect representatives to decide where our extra money goes. Socialism is pooling profits and redistributing them as the people see fit vs as the boss sees fit.

Socialism put a man in the moon.

Ideal Communism = Government runs everything
Ideal Capitalism = Everyone give profits to companies after being paid
Ideal Socialism = Everyone gets an even share of all profits after being paid

USA is totally a mix of socialism and capitalism. Communist we are not.

I think there are many shades in between where we are, where we’ve been,  and where we should go.

Fixing a Kenmore 71033 Freezer Leak Ice Over

The internet is a great place for the do it yourselfer these days. I have a Kenmore 71033 Elite Refrigerator, 795.71033.010 exactly,  and the freezer had been filling up with ice in the bottom. After a while the ice migrated to leaking as water onto the floor. The kids were pleased with the freezer sized ice cubes they could smash outside however we were tired of it.

Fixing the problem was solved through some googling and I wanted to share a trio of videos that helped work through the problem.

First up was a search on searspartsdirect.com with my model information, 79571033010. The site was helpful in that it had some Question and Answers and the first question was titled, “Leaking from Freezer Area and Ice Buildup”. This was pretty much dead on with my problem. Unfortunately the helpful answer said, “Here is an image of a repair procedure that shows how to remote that back panel inside the freezer compartment: Kenmore Refrigerator Evaporator Grill Removal” followed by a dead link. Regardless of this, it was a great sign that my problem was pretty solved so I search for a repair video and found a general disassembly video that was was easy to follow by RepairClinic.com named, “LG Refrigerator Disassembly“. Watching this while waiting for my Thai food made me confident in my endeavor and I searched on. A little later I found a video with the problem explanation and a good overview of how to fix the freezer water leak: sgrddy’s “Fixing Freezer Water Leak on Kenmore Elite Bottom-Freezer“. He took the time to share experience and his tips such as using hot water and siphon were much appreciated.

Of course here comes the gotcha. The problem with my specific Kenmore Elite was the Evaporator Cover was different than all those I had seen. It had no obvious screws and no obvious prying points.

Being that my refrigerator was sitting in the kitchen powered off and half way disassembled one could appreciate that I really didn’t want to fuck this thing up but also did want to finish the job. I desperately poured over my previous clues. I tried using the internet archive to resurrect that “Kenmore Refrigerator Evaporator Grill Removal” image but with no luck. Nothing comes up for “s7.postimg.org/719voyior/KMrefrig_GRILLremoval1.jpg” but I did now know a new term for the back panel. I googled, “how to remove freezer Refrigerator Evaporator Cover kenmore elite” and hit the jackpot. A video by grateful patron, “Kenmore Elite Refrigerator Freezer Back Panel Removal” answered my confusion of how to remove the freezer back panel, or Refrigerator Evaporator Cover as they call it on the searspartsdirect site. Apparently you need a pull and pry bar which of course I didn’t have in the tool box. Instead, I took one of those Ikea wrenches that of course I kept and of course really was never to be used again but had it. I took it and hammered a 90 degree angle on the end and that was good enough to pry and pull on the upper left side of panel to dislodge the cover. I finished up by melting that ice and problem sovled!

So thank you RepairClinic.com, sgrddy, and grateful patron for your internet contributions. I hope this post ties it together and helps another one day.

and I just hope that freezer doesn’t hit another ice age…

Fin?

 

Linux Client VPN using Meraki Cloud Controller authentication

If you want to VPN into your network using the Meraki Cloud Controller the Client VPN Instructions indicate that you may be out of luck when trying to use xl2tp.

Note: The xl2tp package does not send user credentials properly to the MX when using Meraki Cloud Controller authentication, and this causes the authentication request to fail. Active Directory or RADIUS authentication can be used instead for successful authentication.
Note: The xl2tp package does not send user credentials properly to the MX when using Meraki Cloud Controller authentication, and this causes the authentication request to fail. Active Directory or RADIUS authentication can be used instead for successful authentication.

It turns out that if you setup the IPSEC phase1 and phase2 algorithms then it’ll work.

It took some googling to bring it all around but combined with the Project network-manager-l2tp Github issue 34 of  “IPSec options hard coded” and the Ubuntu question “L2tp IPSEC PSK VPN client on (x)ubuntu 16.04“, I found that setting IPSEC Phase1 Algorithms to 3des-sha1-modp1024 and Phase2 Algorithms to 3des-sha1 works.

Phase1 Algorithms: 3des-sha1-modp1024 Phase2 Algorithms: 3des-sha1
Phase1 Algorithms: 3des-sha1-modp1024 Phase2 Algorithms: 3des-sha1

Now I can connect to the VPN no problem. On Arch Linux!

Participating in Season 3 of Ready Steady Pan

I participated in a competitive Team Fortress 2 tournament, aka an e-sports competitive video games tournament. My journey took place over eight weeks with a scramble weekend to sign up plus seven weeks of the regular season. We did not make the post season. It was a journey in pan play beyond even what the great degroot_keep offers. With over 10,000 kills on my Golden Frying Pan this tournament meant I got to test my mantle of pan with champions.

The journey nearly was halted before I could even begin. My awareness of this tournament was brought forth around the 20th of October when an update came through saying, “Added Ready Stead Pan Season 3 tournament medals”.

TF2 Update Released

4

I was intrigued and googled the first image I saw was:

capture2.jpg

Oh no! Panicked, I read more and instantly was relieved!

5.JPG

After some hesitation of entering such a tournament I jumped into the forums and laid it all out to find a team. With my Golden Frying Pan there was no way I was missing out. The tournament was calling.

6.JPG

7.jpg

With just over 24 hours until the deadline and no one replying to my post, I hit the Discord chat and found my team. We were formed in the last seconds. A ragtag bunch looking for glory in the Fortress world.

The team was named “we exist guys“, team number 648. Literally the last team made. We existed only in the last moments before sign ups finished. Our team was completely formed in the extension of the signups.

9.JPG

Only time would tell how my newly found comrades and I would fare. Our roster was a colorful bunch: Team Captains: Diamond and “Carl, Good to see you” followed by spacy, Axie, Dell Conaghr RSP???, red box, joekiller (myself), – VH – SnakeFawdz, and Burnt Venom.

The first week was tense and fun. King of the Hill was the game mode. Matches were played until a side reached three wins. To win a team needed to hold the capture point, the hill, for three minutes. Lacking any offensive projectile weapons, the game played out curiously compared to other first person shooter environments. With five player classes allowed there was a variance on speed and health. Players took anywhere from three to six hits to take down and all combat was melee frying pans only. There were no lucky critical hits; only loud frying pan clanging engagements. Here you could stare down an opponent for seconds beckoning each other in awkward strafing dances trying to just bring the other’s hit box within one’s own range. Overwhelming numbers were the name of the game. With a frenzied start the game quickly gave way to one side but with health slow to get to people had to leave the point leaving opportunity for lesser numbered engagements, 1 on 1, 2 on 2, etc.

Capture

In the end our team was outmatched once however all the others, despite the final scores, were closely contested. We played 5 of the 7 matches ending up with a record of 3 – 4, 2 – 3 in matches plus one win and loss from forfeit, but it felt closer to 5-2. We vanquished what turned out to be the bottom two teams and were squashed by The Knights of Nye in a shocking 6 minutes and 6 seconds. Other matches took between 18 to 30 minutes. We held our own against the mid tier teams, even the Knights of Nye whom made the playoffs. The team improved over time and had fun.

RED_Tournament_Medal_-_Ready_Steady_Pan

But of course this was journey for championing the Golden Pan. How was it? For three of five matches I was in the top. Ending the season I had 155 kills, 43 assists,106 deaths, and put out a total of 35,189 damage (about 281 scouts). The road was hard but the Golden Pan usually rang more than any other each match. With a solid 2.06 Kill and Assists per death ratio the pan performed well. It was a great journey and in the end everyone will get a Tournament Medal. GG’s everyone.

Stats:

Kills Assists Deaths Damage Damage/Minute Kill and Assists / Death Kills / Death Damage Taken Damage taken / Minute HP* Capture Point Captures

Week 1 20 10 25 6191 287 1.2 0.8 6061 281 28 3
Week 3 36 10 10 7227 385 4.6 3.6 4985 266 55 4
Week 4 45 13 40 9649 364 1.4 1.1 9084 342 63 9
Week 5 2 2 8 1170 190 0.5 0.3 1952 317 7 0
Week 7 52 8 23 10952 371 2.6 2.3 8169 277 76 9
Totals or Average 155 43 106 35189 30251 229 25
Averages 31 8.6 21.2 7037.8 319.4 2.06 1.62 6050.2 296.6 5

HP is “Health pickup rating: Small 1p, Medium 2p, Large 4p”

Extra:

Week 1

https://pan.tf/matches/209
http://logs.tf/1867410
https://demos.tf/120979

Week 3

https://pan.tf/matches/363
https://demos.tf/124937
http://logs.tf/1877758

Week 4
https://pan.tf/matches/418
http://logs.tf/1883017
https://demos.tf/126974

Week 5

https://pan.tf/matches/483
http://logs.tf/1889411
https://demos.tf/129329
B4nny Merc for Top Team Note: Not related to our team but b4nny is a popular player and the top team is playing.

Week 7

https://pan.tf/matches/607
http://logs.tf/1899194
https://demos.tf/133012

Anti-Immigration or Anti-Refugee Bills are immoral and not in Virginia’s interest

In sync with President Trumps push to persecute refugees and immigrants, the Virginia General Assembly has had a number of bills introduced that do not represent what America stands for nor are they in the best interest of the citizens of Virginia. The majority of these bills increase the burden of running day to day services for the state. The burden of work is increased for entities providing immigration or refugee services, education, and just general contracting with government entities.

I urge you to find out who your legislatures are (http://whosmy.virginiageneralassembly.gov/) and get in touch telling them that these laws are not in the interest of Virginia.

Below are my letters outlining my objections to HB 1468, HB 1723, HB 2000, HB 2001, HB 2002, HB 2236, and SB 1262.

America’s morals and responsibility to take in those who are escaping war or are trying to make a better life are parts of what I believe make America great. I feel that discrimination and additional laws against refugees or immigrants, illegal or not, are unnecessary and our existing laws are well in place to punish those who intend to harm our citizens, community or country.

I urge you to not support HB 1468 as it applies a double standard of justice which America cannot stand for. Justice is a right of all people and if a person is within our borders they will experience the same justice everyone else does. HB 1468 introduces a broad stroke burden and strain upon the families and law enforcement who face incarceration. If a person is not an immediate threat to our safety they shouldn’t burden our justice system any more than anyone else.

I urge you to not support HB 1723 as it is unnecessary to track individuals movement outside of the current systems that exist. If an entity within the state enters an agreement to settle some refugees, Virginia doesn’t need to have a “refugee list” that is updated prior to settlement agreements being executed. This increases the burden of the government and those most affected by the refugee status. This slows down organizations ability to help these people who are most vulnerable.

I urge you to not support HB 2000 as it increases the burden to do work within the state with the state and is ridiculous to write a law that chains our state’s freedom and self governance to a minimum standard held by the federal government. Virginia doesn’t need laws that remind us what the federal law is. What a waste of time.

I urge you to not support HB 2001. The law places unnecessary burden on the education system to perform law enforcement. Furthermore the law casts a cloud of suspicion where none is needed. The education of those seeking to better themselves is in the interest of America and our institutions are not a place for a dark cloud of suspicion but enlightenment and promise.

I urge you to not support HB 2002. The law places an unnecessary burden on the entities who are trying their best to help immigrants and refugees find a better life. The immigrants and refugees are already cleared by the federal government. The law is made to create red tape and excessive state mechanism to disrupt these important services. I urge you not to support systems requiring the registry of individuals age, gender, and national origin of each individual. They are not in the interest of America.

I urge you to not support HB 2236. In this time of change, it is important to not to bludgeon localities found to violate the law nor is it necessary to chain our law to that of the federal system. First the language of the law is despicable to take away funding to a locality just because they are found to violate the law. Note that it doesn’t include willful or not just found in violation. The law is designed to hurt localities that fail to enforce immigration laws which of course will be localities with immigrants. The law is designed to reduce services which will cause unnecessary stress and harm to the members of the locality and is sinister in its attempt to drive people away. It is an awful law that is in no way representative of American values.

I urge you to not support any of the following: HB 1468, HB 1723, HB 2000, HB 2001, HB 2002, and HB 2236.

Re: SB 1262

I live in Charlottesville VA and am alarmed at the rate of anti-immigration bills being introduced into the Virginia state legislature. Having a locality be libel for an illegal immigrant’s actions via VA SB1262 is just disguised discrimination and intimidation. There are already plenty of laws in place to address illegal activity regardless of a persons immigration status. I urge you to vote, debate and take a stand against VA SB1262 and other proposals in its vein.

 

What the heck have I been doing?

I haven’t made much effort to blog recently so I figured I would do a catchup article on some of the projects I’ve worked on recently.

gor is a http traffic replay tool written in go. When I first found Gor, it was a great tool but there were several bugs that made it unstable or unreliable. When I had a little time, I submitted several enhancements.
  • https://github.com/buger/gor/pull/116 added dynamic http worker scaling which was key for throughput.  I also provided documentation updates to help others discover and identify bottlenecks in their testing systems.
  • https://github.com/buger/gor/pull/94 sorted the TCP packets properly which was pretty crucial for replaying connections that had out of sequence packet arrival. Alejandro Martinez of Vivid Cortex helped me in spotting the problem.

moto is a mock AWS endpoint written in Python. We use AWS a ton at Room Key and needed to better test our internal Python tools. Moto had a good feature set but didn’t quite implement the more advanced things we were using so I added to the library over 11 different PRs.  Here are a few of the biggest features I added:

logstash-kafka and jruby-kafka are my Ruby projects that I created to make the Kafka plugin for Logstash. The following link is where the Elasticsearch blog announces support for Kafka in Logstash and they credit my project as being the origin of the support, https://www.elastic.co/blog/logstash-1-5-0-beta1-released. Because 1.5 isn’t out yet, I still maintain support for my independent plugin and provide input and support otherwise for the official plugins logstash-output-kafka and logstash-input-kafka.

 Sometimes other projects just aren’t getting enough attention for their PRs from their primary owner and I occasionally will volunteer to be a maintainer (as I want my PR’s merged). They are generally low volume projects that don’t need much love beyond a merge here and there combined with a release. These include:
  •  s3_file, a Chef resource for downloading files from S3 for Chef recipes
  • grunt-aws-sdk, a wrapper for AWS’s Javascript SDK for Grunt tasks.

I’ve touched quite a few different projects over the last year or so. In many cases I consider these projects to be an act of standing on the shoulder of giants and adding a little extra to each. That being said, even as I contribute to these external projects, most of my work happens internally at Room Key. You can see the difference between my public activity graph versus my private graph:
Screen Shot 2015-05-07 at 11.02.16 PM Screen Shot 2015-05-07 at 11.02.33 PM
So there you have it.  A small snapshot into what’s been happening over the last year.

Ubuntu 12.10 and 12.04.1 LTS release note snippets

With the release of Ubuntu 12.10 and 12.04.1 LTS to the world, Ubuntu is showing their preference for Tomcat 7, Java 7 and Python 3.  Check out some highlights of the release below.

12.04.1 PrecisePangolin https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuServer

12.10 QuantalQuetzal https://wiki.ubuntu.com/QuantalQuetzal/ReleaseNotes/UbuntuServer

 
12.04.1 Highlights:
 
Please note that Tomcat 7 will replace Tomcat 6 as the supported version of Apache Tomcat in Ubuntu 12.10.
Please note that OpenJDK 7 will become the default Java implementation in Ubuntu 12.10.
Chef 0.8.16 (948437) and corresponding Ohai packages (948438) removed from precise at the request of OpsCode.
 
12.10 Highlights:
Chef 10.12.0 has been re-introduced to Ubuntu in-conjunction with OpsCode.
 
canonical urges people to migrate to python 3: If you have your own programs based on Python 2, fear not! Python 2 will continue to be available (as the python package) for the foreseeable future. However, to best support future versions of Ubuntu you should consider porting your code to Python 3. Python/3 has some advice and resources on this.
 

Ubuntu 12.10 ships OpenJDK7 as the default Java implementation. This brings improved performance, new features and better compatibility with other Java 7 implementations.

Use of the OpenJDK6 is now deprecated and the openjdk-6-* packages in universe for Ubuntu 12.10 will not be provided in future releases of Ubuntu.

Install Firefox on Amazon Linux x86_64 Compiling GTK+

Amazon Linux doesn’t offer the Gimp Tool Kit (GTK+) so if you want to run Firefox on an Amazon Linux system, say for Selenium testing, you are left having to compile the system yourself.  Luckily you have found this post.  Create the script below, run it as root and it will build all the components needed for GTK+ and its dependencies for Firefox to run just fine on the system.

vi ./gtk-firefox
chmod 755 ./gtk-firefox
sudo ./gtk-firefox

After you have built the packages, add the /usr/local/bin to your path by updating your .bashrc file.

cat << EOF >> ~/.bashrc
PATH=/usr/local/bin:\$PATH
export PATH
EOF

Here is the gtk-firefox file for your pleasure.

If you are running OSX Mountain Lion or above and cannot get Firefox to run via the SSH -X command, make sure you have XQuartz installed as Apple removed X11 by default.

Edited to make Firefox latest release more reliable. Updated with Gist.

Edit 11/21/2012: Added dbus-glib dependency to gist. Added notes about running on OSX

Creating a X.509 or Signing Certificate for AWS EC2 using Powershell and Windows SDK

Currently Amazon AWS only allows Base-64 encoded certificates to be used as an EC2 credential.  Further when creating a user in IAM, Amazon doesn’t provide a convenient certificate generator which it does allow for the root user.  If you want to create these type of certificates on Windows you will find that it is not easy to get the certificate out of a binary (DER) format.  Many will point you to OpenSSL to do the conversion and that is fantastic however some may not be able to use OpenSSL.

I am going to lay out some steps that will help you quickly create an X.509 certificate and private key using the Windows SDK makecert.exe utility and Powershell.

First download the Windows SDK.  When installing, only the Tools option is necessary.  Usually the SDK installs to C:\Program Files\Windows SDK\version\bin.  I would suggest that you modify your path to include the SDK bin directory if you are going to make a lot of these certificates.  These instructions assume that makecert is in your path.

Makecert has a number of functions, but the feature we are interested in is its ability to generate self signed certificates with a straightforward command.  All certificates output are in a DER binary format so they are currently unsuitable for AWS consumption.  We will use powershell to convert from a binary object to a Base-64 string.  Note that makecert normally creates a single file containing both the private key and the public key.  Since we want these elements in separate files, we use the -sv toggle which saves the private key to a .pvk file.  One last gotcha to note is that the tool seems to want you to specify the resulting files with the extensions as show in the help and examples.  If you don’t use the .pvk and .cer extensions it might not output the file.

Assuming that you have the SDK install and can run makecert, here are the steps to get your certificate AWS ready.

Create the self signed certificate and corresponding private key file using makecert:

makecert -sv privatekey.pvk certificate.cer

Next we are going to use powershell and some .NET magic to process the binary files into a text friendly BASE-64 format (PEM).

Process the certificate first:

[byte[]] $x = get-content -encoding byte -path .\certificate.cer

[System.Convert]::ToBase64String($x) > .\cer-ec2creds.PEM

Next Process the private key:

[byte[]] $x = get-content -encoding byte -path .\privatekey.pvk

[System.Convert]::ToBase64String($x) > .\pk-ec2creds.PEM

You can now examine the resulting files in notepad to confirm that they are indeed in a BASE-64 format.

notepad .\cer-ec2creds.PEM

notepad .\pk-ec2creds.PEM

The files should work fine even if they are missing the proper headers and footers.  If you want to include them, they should be as follows.  Remember to add an end line character to the file as well.

For the certificate PEM file:

-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----

For the private key PEM file:

-----BEGIN PRIVATE KEY-----

-----END PRIVATE KEY-----

I hope this is useful.  Please feel free to comment and share other methods.

Here are some references:

-Joe