I was introduced to the bash builtin /dev/tcp by warg the other day on x-tab#chat. He explained a basic use of this device by demonstrating how to download wget’s compressed tarball. The download process itself can be done with pure bash, but some post-processing of the downloaded file must be done to remove HTTP headers. I document warg’s application of /dev/tcp here because I found the idea fascinating and want this documentation for myself .

Connecting and Downloading

To read about the /dev/tcp builtin for yourself, check out the following:

$ info '(bash) Redirections'

With the exec line we initiate the connection, allocating a file descriptor and storing the numeic file descriptor into the HTTP_FD variable. Then, with the echo line, we send an HTTP request through the descriptor to the server. After sending the request, we process the server’s response with the sed line which skips over the HTTP headers sent by the server and stows the results into wget-latest.tar.gz. Note that this last command will sit around for a while. It is with this command that the builk of the data transfer is performed. And, since you’re using shell redirections to download the file, you cannot see the download progress. Instead, wait for the command to complete. This also involves waiting for the server to time out your connection since it supports pipelining. After this process is completed, the wget-latest.tar.gz file is as your disposal.

$ WGET_HOSTNAME='ftp.gnu.org'
$ exec {HTTP_FD}<>/dev/tcp/${WGET_HOSTNAME}/80
$ echo -ne 'GET /gnu/wget/wget-latest.tar.gz HTTP/1.1\r\nHost: '\
    ${WGET_HOSTNAME}'\r\nUser-Agent: '\
    'bash/'${BASH_VERSION}'\r\n\r\n'  >&${HTTP_FD}
$ sed -e '1,/^.$/d' <&${HTTP_FD} >wget-latest.tar.gz

Now you have a wget source tarball on your machine. As long as you have tar and a compiler on the machine, you are well on your way to downloading stuff using a self-compiled wget. In the commands above, you may replace “gz” with “bz2″ or “lzma” for smaller downloads if the machine you’re using has bzip2 or xz-utils installed. And, of course, it should not be too hard to repurpose the above code to download a particular version of wget or even a completely unrelated software package.

Please feel free to point out problems with this approach or give pointers on porting this to other environments .

There are numerous guides about setting up Google Voice and an incoming sip number for free outgoing calling. Sadly, all of the guides I found were written for FreePBX or some other Asterisk bundle, and also used a shell script to do much of the work (scary!). I have compiled the minimal amount that you need to put in your asterisk conf files to make things work, GUI-free and variant-independent.

Prerequisites

First off, you need a sip number. I recommend sipgate or ipkall (I use sipgate, it’s much more user-friendly). If you google around, you’ll find out how to set up your sipgate/ipkall number as an incoming number in asterisk, I won’t waste time covering it here.

Secondly, you need a google voice number. Once you get said number, turn off call presentation. Also, assign the account a password that you don’t mind having plaintext in a conf file. In addition, you must add your incoming sip number as a phone in google voice. I’d recommend connecting a softphone to your sip number to set this up with google’s verification call, or redirect all incoming calls in Asterisk to your extension.

Thirdly, you need pygooglevoice. Download and install it, or use python’s easy_install command.

The outgoing rule

Now for the actual configuration. First you need to set up an outgoing call rule, so all calls to the outside world (in this case, 10-digit numbers preceded with a “9″) are directed though google voice.

[CallingRule_LocalCalls]
exten = _9XXXXXXXXXX,1,Goto(custom-gv,${EXTEN:-10},1)

Explanation: Any outgoing 10-digit number prefixed with a 9 will match this rule and go to the custom-gv section which we will set up later. The number that was dialed is passed (the “-10″ excludes the 9 prefix from this) at the first dialplan rule.

The GV dialer

Now we need to set up the custom-gv section:

[custom-gv]
exten => _X.,1,Verbose(0, Custom-GV Preparing to call and park call at number ${EXTEN})
exten => _X.,n,Wait(1)
exten => _X.,n,Playback(pls-wait-connect-call)
exten => _X.,n,System(gvoice -e me@me.com -p GVPassword call ${EXTEN} IncomingNum &)
exten => _X.,n,Set(PARKINGEXTEN=701)
exten => _X.,n,Park()

Explanation: After you dial an outgoing number, you’ll be dropped in here. The Verbose() function tosses some output in debug level 0 and up (see the console for this output). The System() command dials the number with google voice. Make sure you change the items in strikethrough to your own personal information. The call is then parked on extension 701 (70X extensions for parking are default. Switch to your parking extension range if you are using non-default options).

Routing GV callbacks

Now you need to set up an incoming call rule. Direct all incoming calls from your sip number at this rule.

[incoming-call-sifter]
exten = s,1,NoOp(CIDredirect)
exten = s,2,Verbose(0, Got incoming CID ${CALLERID(num)}, redirecting…)
exten = s,3,GotoIf($["${CALLERID(num)}" == "GVNumber"]?custom-park,s,1)
exten = s,4,Goto(section-to-route-normal-incoming-calls,s,1)

Explanation: If your google voice number rings your PBX, you know that it’s connecting you to the call you just dialed, so we need to reconnect it to the extension you dialed from. We’ll handle linking of the incoming GV call and your outgoing call (which is now parked) in the next section (custom-park).

Bringing it all together

The custom-park section links a google voice incoming call (which is actually ringing the person you originally dialed) with your original outgoing call (which is parked).

[custom-park]
exten => s,1,Verbose(0, Got incoming GV Callback! Connecting to your original outgoing call…)
exten => s,2,ParkedCall(701)

Explanation: After you dialed your external number, your call was parked as google voice started dialing the other number. This section joins your outgoing call with google voice’s incoming call, so you are connected to the party you originally dialed.

You’re done!

Well that turned out to be a bit longer than I expected, but if you know what you’re doing, you can just ignore the italicized text.

As a Gentoo user, I value the ability to compile and install things from source. Yet I don’t want the messiness of a completely manual “distribution” such as LFS. Yet I feel like I’m missing out of a big chunk of the GNU/Linux experience when I have to tell people that I’ve only ever used Gentoo. Also, if one wants to make his package available from multiple distributions, he may find more success if he is able to facilitate creation of the binary packages for these other distributions.

Thus, I have committed sys-apps/pacman into Sunrise. I still have to get permission to commit a few fixes (hopefully by tomorrow). Also, archlinux’s take on mirrorselect, reflector, has been committed but awaits review. When these things get through, the following may actually be worth something:

I have attempted to write a guide to setting up an archlinux chroot on Gentoo. Don’t actually try the guide until about a week from now, when my stuff clears review, of course . However, in the meantime, I would gladly accept:

• Technical criticisms
• (if you are tommy[d], please ignore the following) Alerts about the misuse of the apostrophe or general grammatical problems
• Documentation storage format suggestions — I suppose it would be a good exercise for me to learn docbook someday. Should I start now?

The problem: you have a computer sitting behind a firewall. You want to access it from a different location, but you don’t have the ability to forward any ports to it. The answer: SSH tunneling.

The Solution

Using an SSH tunnel, you can reverse-forward ports from one computer to another. To do this, you will need a computer running linux and sshd to reverse-forward the ports to. It is very convenient if this is the computer you will be using to access the remote machine. Otherwise, additional steps must be taken.

The Setup

The easiest way to set up and maintain a reverse port-forwarding tunnel is with ohnobinki’s insurgent script. The script allows you to specify a remote host and the ports you want to reverse-forward. To start off, create a new user on your system, such as insurgent. Log in or start a shell as this user. Assuming you have mercurial installed, run:

hg clone https://ohnopublishing.net/hg/insurgent

Now cd to the newly created insurgent/bin directory. Finally, place the contents of insurgent/share/contab.txt into your crontab (use crontab -e to edit your crontab).

Now you simply need to configure the script. To do so, open insurgent.sh in your favorite editor, and update the REMOTE_HOST and other variables. The format for ports is [remoteport]:hostname:[localport] (ssh(1) ). I recommend starting with reverse-fowarding SSH (port 22), a vnc session (590x where x is the VNC display number), and nfs.

If you have not done so already, you need to set up passwordless public key authentication for the new insurgent user.

You’re Done!

If you’ve gotten this far, you may be ready to go. You should be able to access any port on your insurgent box via the corresponding port on your local box. Have any problems? Drop some comments below or pop into irc.ohnopub.net#protofusion and speak to ohnobinki or normaldotcom.

Image credit: star6. Used under Creative Commons CC BY-SA 2.0

1. ssh-keygen -t rsa      (don’t enter a passphrase)
2. ssh-copy-id -i ~/.ssh/id_rsa user@remotehost
3. ssh user@remotehost

Wasn’t that easy?

First off, install your DRAC card in the server, before going any further. Hook up a cat3/5/6/7 up to it for good measure as well, and get it on your network. Done? Good. Now comes the fun part.

Boot up your system, then hop over to this page on Dell’s site to download the drivers and utilities for your DRAC II card. Unzip the file somewhere on your filesystem, and cd into the rpm directory. You should see 4 RPM files. You need to install the rpm corresponding to the kernel you use (most users will want the “UP” rpm, for standard kernel, EP is Enterprise Kernel, SMP is the SMP kernel).

To make this process a bit less painful (maybe), use yum localinstall <DRAC-RH70-XX-2.3.2-X.X.rpm to install the driver package you need. (Note: don’t install the “Common” RPM yet)

Now, type yum localinstall DRAC-RH70-Common-2.3.2-2.i386.rpm to install the utilities package.

As of this point, both of these commands will probably fail miserably on a more modern system (e.g., CentOS 5) due to missing dependencies. Fixing this is extremely hard, because the software wants ucd-snmp, which has been renamed to net-snmp as of late. “module-info” is also reported unresolvable and should be present on the system. Any ideas on how to fix these? Check out the comments. I will post a workaround once I learn of one.

Until then…

Start out by telnetting to your server, in this example, ProtoFusion’s IRC server on the default port for IRC

telnet irc.protofusion.org 6667

Now you should see something like this:

:irc.protofusion.org NOTICE AUTH :*** Looking up your hostname…
:irc.protofusion.org NOTICE AUTH :*** Found your hostname (cached)

If not, ensure that your port and server settings are correct. Now that you’re connected, you need to set your nickname and your user info. This is done with a simple series of commands:

USER your name * * :Your Description
NICK yournickname

Now you should see some log-on output, and you should autojoin #protofusion if you’re on protofusion.org. If not, you cna join channels with the JOIN [channel] command. Of course you will probably want to talk in the channel, which is a bit tedious uneless you put the first part in your clipboard.

PRIVMSG #protofusion Write your message text here

The privmsg command can also be used with a username instaed of a channel to PM an individual IRC user. Other stuff you may want to know:

• The server usually pings users every once and a while, and you need to “pong” back to the server so your session doesn’t time out and disconnect. If the server sends you a “PING :protofusion.org” or the like, you must respond “PONG :protofusion.org” in a somewhat timely fashion, depending on the server’s configuration.
• Your connection can also time out if you d on’t set your USER and NICK data in a timely fashion

…And you’re good to go! Feel free to run /etc/init.d/network restart if you feel like it.