Search This Blog

2023-06-20

* routing process of iptables

1. Incoming packet:

Table: N/A (not applicable)

Chain: N/A (not applicable)

Rules: N/A (not applicable)

Description: An incoming packet arrives at a network interface on the system.

2. Pre-routing:

Table: `nat`, `mangle`, `raw`

Chain: `PREROUTING`

Rules: Rules in the `PREROUTING` chain can modify the packet's destination, perform DNAT (Destination NAT) to change the destination address/port, or mark the packet for further processing.

Description: The packet enters the pre-routing stage, where the `PREROUTING` chain is processed. In this chain, you can apply various rules that can modify the packet's destination, perform NAT (Network Address Translation), or mark the packet for further processing.

3. Routing decision:

Table: N/A (not applicable)

Chain: N/A (not applicable)

Rules: N/A (not applicable)

Description: After the pre-routing stage, the routing decision takes place. The system examines the destination IP address of the packet and determines the appropriate outbound interface based on the routing table.  This step is handled by the kernel's routing mechanism and not influenced by iptables rules directly. This decision is crucial for forwarding the packet to the correct destination.

4. Input processing:

Table: `filter`, `mangle`

Chain: `INPUT`

Rules: Rules in the `INPUT` chain are applied to packets destined for the local system. These rules can determine whether to accept, drop, or modify the packet based on various criteria like source, destination, protocol, port, etc. This is where packets are processed if they are targeted at the system itself.

5. Forwarding:

Table: `filter`, `mangle`

Chain: `FORWARD`

Rules: Rules in the `FORWARD` chain are applied to packets that are being forwarded to another network interface on the system. These rules can determine whether to accept, drop, or modify the packet based on various criteria like source, destination, protocol, port, connection state, etc.

  - Description: If the packet is destined for another network interface on the system (not the local system itself), it enters the forwarding stage. In the `FORWARD` chain, the packet is processed and matched against rules that determine whether to accept, drop, or modify it.

6. Output processing:

Table: `filter`, `mangle`

Chain: `OUTPUT`

Rules: Rules in the `OUTPUT` chain are applied to packets originating from the local system. These rules can determine whether to accept, drop, or modify the packet based on various criteria like source, destination, protocol, port, etc. This is where packets generated by the system are processed before being sent out.

7. Post-routing:

Table: `nat`, `mangle`, `raw`

Chain: `POSTROUTING`

Rules: Rules in the `POSTROUTING` chain can perform actions like source NAT (SNAT), masquerading, or modify the packet's source address. This is typically used for packets leaving the system to ensure proper addressing and routing.

Description: After the forwarding stage, if the packet is accepted for forwarding, it enters the post-routing stage. In the `POSTROUTING` chain, you can apply rules that perform additional modifications, such as source NAT (SNAT), masquerading, or modifying the packet's source address.

8. Outgoing packet:

Table: N/A (not applicable)

Chain: N/A (not applicable)

Rules: N/A (not applicable)

Description: The packet, after going through the pre-routing, routing decision, forwarding, output processing, and post-routing stages, is sent out through the appropriate outbound interface based on the routing decision made earlier. It leaves the system and continues its journey through the network.

Order of (table+chain) execution:

1. The packet goes through the `raw` table. Within the `raw` table, the chains are processed in order: `PREROUTING`, `OUTPUT`.

2. The packet goes through the `mangle` table. Within the `mangle` table, the chains are processed in order: `PREROUTING`, `INPUT`, `FORWARD`, `OUTPUT`, `POSTROUTING`.

3. The packet goes through the `nat` table. Within the `nat` table, the chains are processed in order: `PREROUTING`, `INPUT`, `OUTPUT`, `POSTROUTING`.

4. Finally, the packet goes through the `filter` table. Within the `filter` table, the chains are processed in order: `INPUT`, `FORWARD`, `OUTPUT`.

The `nat+OUTPUT` chain (part of the `nat` table) is processed before the `filter+INPUT` chain (part of the `filter` table). This means that any NAT-related operations in the `nat+OUTPUT` chain, such as source address translation (SNAT), will be applied before the packet reaches the `filter+INPUT` chain for filtering.

Within the same pair of table and chain, the order of adding rules matters, and the first matching rule takes effect.

Between different tables, the order of adding rules does not influence the execution order. Rules within each table are processed in their specified order.

2023-06-18

running xmonad in wayland

 #!/bin/sh

DISPLAY=${1:-:1} ;

cage -s -- Xwayland $DISPLAY & Xwayland=$! ;

export DISPLAY ; 

while ! xhost 2> /dev/null ; do sleep .1 ; done ; 

xmonad ;

kill $Xwayland ;


2021-09-19

the nice thing about writing you own languages...

 ... is that one can change the grammar at any time... :)

and just simplify things a bit more... :)

what was simple has become simpler... :)

  https://www.youtube.com/watch?v=nRIiyCWRGTo

noticed the difference?... :)



2021-09-18

a bit of the leafer language grammar draft... :)

the grammar used to write leafers... :)

written in the `chaos' language... :)
the one written in the home `planck' language... :)
the one written in the core `planck' language... :)


 

a bit of the leafer language draft... :)

used to write leafs... :)


2020-12-04

setuid reminder

"Linux ignores the setuid¹ bit on all interpreted executables (i.e. executables starting with a #! line)."

2020-09-29

programming us keyboard layout with pt characters

!! ~/.xmodmaprc

  !! make AltGr to switch mode

keycode 108 = Mode_switch

  !! Programming keys

keycode 34 = bracketleft braceleft parenleft less
keycode 35 = bracketright braceright parenright greater

keycode 18 = 9 parenleft less
keycode 19 = 0 parenright greater degree

  !! Acentuação e sinais auxiliares

  ! A Á À Â Ã   Á Â
  ! E É - Ê -   É Ê
  ! I Í - - -   Í À  *
  ! O Ó - Ô Õ   Ó Ô 
  ! U Ú - - -   Ú Õ  *

  ! C - - - -   Ç Ã  *

  ! note: use caps lock to select case.

keycode 38 = a A aacute acircumflex
keycode 26 = e E eacute ecircumflex 
keycode 31 = i I iacute agrave
keycode 32 = o O oacute ocircumflex
keycode 30 = u U uacute otilde

keycode 54 = c C ccedilla atilde

  !! primeir@ :: º and ª

keycode 48 = quoteright quotedbl masculine ordfeminine

  !! « » at < >

keycode 59 = comma less guillemotleft
keycode 60 = period greater guillemotright

  !! r R ® ©

keycode 27 = r R registered copyright

  !! Superiors

  ! 1 ! ¹
  ! 2 @ ²
  ! 3 # ³

keycode 10 = 1 exclam onesuperior
keycode 11 = 2 at twosuperior
keycode 12 = 3 numbersign threesuperior

  !! Currency :: 4 $ € £

keycode 13 = 4 dollar EuroSign sterling

  !! αβit

keycode 90 = KP_Insert KP_0 Greek_alpha
keycode 91 = KP_Delete KP_Decimal Greek_beta

test if directory is empty ... :)

https://stackoverflow.com/questions/91368/checking-from-shell-script-if-a-directory-contains-files

https://superuser.com/questions/352289/bash-scripting-test-for-empty-directory

https://www.cyberciti.biz/faq/linux-unix-shell-check-if-directory-empty/

# ?O.o ... well ::: dash/bash only... :)

[ "`echo *`" = '*' -a "`echo **`" = '**' ] && {
  echo has no public files ;
  [ "`echo .*`" = '.*' -a "`echo .**`" = '.**' ] &&
    echo also has no hidden files, is empty ;
} ;

there it is ... :)

# example of use ... :)

cdl ()  # cd and maybe list
{
  local owd="`pwd`" ;
  cd "$@" &&  {
    [ "$owd" = "`pwd`" ] ||
    # actually changed directory,
      [ "`echo *`" = '*' \
      -a "`echo **`" = '**' ] ||
        # has public files,
        { echo ; .ls ; }  # list them.
  };
} ;

2020-09-24

keyboard tips...

https://wiki.debian.org/Keyboard

http://xahlee.info/linux/linux_keybinding_index.html

https://unix.stackexchange.com/questions/249122/why-do-my-xmodmap-binds-involving-altgr-only-work-on-some-keys

& there you go update...

xmodmap -e 'keycode 108 = Mode_switch' ;

xmodmap -e "keycode 34=bracketleft braceleft parenleft less"

xmodmap -e "keycode 35=bracketright braceright parenright greater"


2019-09-30

nix

install...

sh <(curl https://nixos.org/nix/install) --no-daemon
change to nixos stable channel... (downgrades nix)

nix-channel --add https://nixos.org/channels/nixos-19.03 nixpkgs
nix-channel --update
nix-env -iA nixpkgs.nix

entering a shell with ghc and necessary packages to compile abxm...

nix-shell -p "haskellPackages.ghcWithPackages (pkgs: with pkgs; [ xmonad xmonad-contrib ])"

install development enviroment...

mkdir ~/.config/nixpkgs
echo '{ allowUnfree = true; }' > ~/.config/nixpkgs/config.nix

nix-env -f '' -iA sublime3


nix-env -i cachix
cachix use all-hies


nix-env -iA selection --arg selector 'p: { inherit (p) ghc864; }' -f https://github.com/infinisil/all-hies/tarball/master

nix-env -i ghc

configure sublime... (no need, but still testing on that)

https://github.com/haskell/haskell-ide-engine#using-hie-with-sublime-text
## https://packagecontrol.io/installation#st3

# Tools >> Preferences >> LSP Settings
{
"clients": {
  "haskell-ide-engine": {
    "command": ["hie"],
    "scopes": ["source.haskell"],
    "syntaxes": ["Packages/Haskell/Haskell.sublime-syntax"],
    "languageId": "haskell",
  },
},
}

other packages...

  subllime-merge
  icecat

possible errors during installs...

  Error: cloning builder process: Operation not permitted installing

  solution ::: echo 'sandbox = false' >> .config/nix/nix.conf
    ( maybe undo this after whatever succeeded )

2019-08-12

the tablet.rasi for the children's rofi (draft)

* {
font: "Bitstream Vera Sans Mono 12";
background-color: black;
foreground-color: white;
text-color: silver;
}
window {
border: 1px 5px 5px 1px;
border-color: gold;
border-radius: 3px;
margin: 62px 0px 0px 0px;
width: 50%;
}
listview {
cycle: false;
dynamic: true;
fixed-height: false;
lines: 16;
margin: 7px;
scrollbar: true;
}
element {
background-color: #111111;
margin: 1px;
padding: 10px 10px;
}
element selected {
background-color: dimgray;
text-color: black;
}
element selected.active {
background-color: white;
text-color: black;
}
scrollbar {
handle-color: dimgray;
handle-width: 64px;
padding: 0px;
}
inputbar {
margin: 14px;
}
prompt {
text-color: gold;
}

textbox {
font: "Bitstream Vera Sans Mono 7";
padding: 5px 20px 5px 20px;
border: 1px 0px 1px 0px;
border-color: dimgray;
}

and it actually works daily... :)

yet another run-time fully recompile-able editable x interface... yet just another "proof of concept"... looks great... and it does work better than it already looks... :) ... feels like ~ ... kind of and editable ide... that also runs other applications... :) ... while someone else still lives in the past... :( ...

... and lol :: don't download that torrent... worthless quality!

2019-08-11

dwell now works well... :)

... and goes well with xmobar... :)

  Run CommandReader "/path/to/x-touch .5 2 3 1 @" "touch"

our first alpha code craft of a dwell... that works quite well... in chromium overridden... but that's ok... lol

- - - - - - -
#!/bin/sh

x_touch ()

# usage: [ dwell=0 [ touch3=0 [ touch2=0
#          [ show=0|1|2|3|4|5 [xchar=@] ]
#        ] ] ]

#   dwell: timeout in seconds,
#          disable with: 0 | [0].0

#   touch3: touched fingers count for click 3,
#           disable with: 0, sugested: 2

#   touch2: touched fingers count for click 2,
#           disable with: 0, sugested: 3

#   show: output population, disable with: 0

#     0 ) quiet
#     @ stdout:
#       1 ) xmobar: gold, orangered, transparent
#       2 ) events: TIMING, LOCKED, UNLOCKED
#       3 ) extra: + KILLED
#     @ stderr:
#       4 ) show: + EVENT lines
#     >=5 ) debug: + event descriptions

#   xchar: string to use in xmobar mode

{ xinput test-xi2 --root | {

local dwell=yes d=${1:-0} \
  t3=${2:-0} t2=${3:-0} s=${4:-1} x=${5:-X} ;

[ $d = 0 -o $d = .0 -o $d = 0.0 ] &&
{ d=0 ; dwell=no ; }

[ $d = 0 -a $t3 -eq 0 -a $t2 -eq 0 ] && {
echo 'Nothing to do... :(' >&2 ;
return 1 ;
} ;

local last_event=none color= ;
event () { [ $s -gt 0 -a "$*" != "$last_event" ] && {
if [ $s -eq 1 ] ; then
local color=
case $1 in
T* ) color=darkred ;;
L* )
case $2 in
2 ) color=gold ;;
3 ) if [ "$3" = dwell ] ;
then color=limegreen ;
else color=green ;
fi ;
esac ;
;;
U* ) color=#222222 ;;
esac;
echo "$x" ;
else echo $* ;
fi ;
last_event="$*";
} ; } ;

show () { [ $s -gt 3 ] && echo "$@" >&2 ; } ;

local line=

while read line ; do
case "$line" in
*TouchScreen*slave*pointer* )
show $line ;
break ;
esac ;
done ;

to_after_empty ()
{
local line ;
while read line ; do
  [ -z "$line" ] && break ; done ;
} ;

to_after_empty ;

click () { /usr/bin/xdotool click ${1:-3} ; } ;

local dwelling=yes \
  LOCK=/tmp/x-touch-dwell.ing"$DISPLAY" \
  lock= touched=0 ;

thouched ()
{
touched=$(( $touched + 1 )) ;
[ $touched -eq 1 -a $dwell = yes ] && {
dwelling=yes ;
{
sleep $d ;
touch $LOCK ;
event LOCKED 3 dwell ;
} &
pid=$! ;
event TIMIMG $d @ $pid
} ;
} ;

local dwelling=no ;

undwell ()  # click?
{
[ $dwelling = yes ] && {  # dwelling?
dwelling=no ;
if [ -e $LOCK ] ; then # locked?
rm $LOCK ;
[ "$1" = yes ] &&  # click?
click ;
else
kill $pid ;
[ $s -gt 2 ] && event KILLED $pid ;
fi ;
} ;
} ;

unlock ()  # click?
{
touched=0 ;
[ $dwell = yes ] && undwell $1 ;
event UNLOCKED;
} ;

# delete any previous lock
[ -e $LOCK ] && rm $LOCK ;
# for xmonad: first event
if [ $s -eq 1 ] ; then
# sleep 1s ;
event UNLOCKED ;
else last_event=UNLOCKED ;
fi;

local line= showing=yes touching=0 ;
while read line ; do
case "$line" in EVENT* )
showing=no
case "$line" in
# *22* ) show $line ;;  # RawTouchBegin
*18* )  # TouchBegin
show $line $touching touching ;
touching=$(( $touching + 1 )) ;
thouched ;
case $touched in
$t3 ) undwell ; event LOCKED 3 ;;
$t2 ) undwell ; event LOCKED 2 ;;
* ) [ $touched -gt $t3 -o $touched -gt $t2 ] &&
  event UNLOCKED ;;
esac ;
showing=yes ;
;;
# *24* ) show $line ;;  # RawTouchEnd
*20* )  # TouchEnd
show $line $touching touching ;
touching=$(( $touching - 1 )) ;
if [ $touching -eq 0 ] ; then
case $touched in
1 ) unlock yes ;
continue ;
;;
$t3 ) click ;;
$t2 ) click 2 ;;
esac ;
unlock ;
fi ;
showing=yes ;
;;
*19* )  # TouchUpdate
show $line $touching touching ;
unlock ;
;;
*Touch* )
show $line ;
showing=yes ;
esac ;
;;
* ) [ $showing = yes -a $s -gt 4 ] &&
  show ::\\t"$line" ;
esac ;
done ;
} ; } ;

x_touch "$@" ;

2019-07-17

meet one of "the competition"...

more at the beginning, around year 2000, we did tried to join their effort and emailed them (http://www.sergeydmitriev.com/) about that... to which "they" never replied... :(

https://www.youtube.com/watch?v=iN2PflvXUqQ

... while we are still quite loosing this lop "race"... :(

... "but hey" ::: "they" have lots of slaves... :( ... lulz...
while we only count on our poor kidnapped retarded children yet to reeducate ... :(

yet they're still not wining as we expected ::: therefore still quite useless to us...

  though "that doesn't really work, does it? did you try?..."

    just kidding ::: we don't even yet have a shell... :(

though we could ::: be actually using MPS to code my point of view of these issues ::: but that would feel like not fair play... so i did not even tried using it... and it just feels like a joke that "the competition" has lots of human resources... lolz ::: i wish i had humans resources too... unfortunately i'm not a buyer that would have money enough even to barely pay my self to put up with my self at work barely getting nowhere slowly trying to get somewhere... :) ... which is actually good ::: not having too much money to explode so much... https://www.youtube.com/watch?v=A40ww5M53d4

to sergey ::: in case you ever read this, please laugh out loud upon this post... for the sake of my kidnapped retarded children that feed you today ::: obviously for the past 8+ years we barely work... for that part ::: please give your thanks to the sick people that enslave you... but ::: surely you wouldn't actually be even quite aware of that... and now you wonder... wtf is this about?... which is actually even more fun... advise ::: if you read this, just forget you read this... it only took my a few minutes to write.

( this is one o those posts that may as well vanish (or not) at any time, enjoy )

2019-05-11

noticed odds...

... harder to tell apart when using odd based alphabets... like base 3, for example...

  0, 1, 2, 10, 11, 12, 20, 21, 22

check oddness by reducing to digital root...

  https://en.wikipedia.org/wiki/Digital_root#Congruence_formula

the core trinity...

... in rude humble words ::: data | relate | invert

... maybe aka ::: generator | operator | destroyer