Igor Bubelov

About Blog Notes Photos Portfolio

September 2020

Notes ยท Oct 1, 2020

Table of Contents

The World Needs Another RSS/Atom Reader

Okay, maybe it’s just me. Anyway, here is the source code:

https://github.com/bubelov/news

I’ve been working on this thing for the last few weeks and it’s still a bit rough around the edges but I already use it and it serves me well. I tried to post it to Google Play but it seems like Google is trying to force the developers to use Chrome instead of Firefox, again:

Illustration

It only supports Nextcloud but I’m planning to add standalone mode in the coming weeks.

PostgreSQL 13

PostgreSQL is my favorite database and it just got a new major update. Here are some of the new features that I find interesting:

  • Built in UUID generation: It always bothered me that I have to add uuid-ossp extension on order to be able to generate UUIDs. With the introduction of the built in gen_random_uuid function, there is no need to use that extension any more. This is my favorite change since I don’t maintain large databases so I won’t notice many other improvements.

  • B-Tree Deduplication: This feature reduces the size of your indices. It’s not that important if you have a bunch of small tables but it’s certainly good news for anyone who stores a lot of data in their databases.

  • Parallel VACUUM: Now it’s possible to clean several indices simultaneously. Again, you need to have a lot of tables with a lot of indices to benefit from this feature.

Useful links:

https://www.postgresql.org/about/news/2077/

https://pganalyze.com/blog/postgres13-better-performance-monitoring-usability

History of Object-Oriented Programming

https://www.sciencedirect.com/science/article/pii/S0890540113000795

I enjoyed reading this article and is sparked my interest in the history of different programming paradigms.

OOP is a dominant approach to software engineering but not everyone likes it and there are good reasons behind many of its criticisms. It’s easy to dismiss stuff we don’t like but it’s more interesting to try to understand why some people have different opinions and why they come with certain ways of solving their problems.

I spent many years working on Java and Kotlin programs and of course I love OOP, although I never read about it’s roots. Not that I found anything unexpected in this article, except the fact that objects were supposed to be “active” which is pretty odd by modern standards. It got me thinking about other programming paradigms and the reasons why their inventors created them. I certainly should experiment more with other programming paradigms and read about their history, it seems like a lot of fun. Passing Lisp exams in my university wasn’t that fun, by the way.

Getting Familiar With nftables

The more I experiment with nftables, the more I like it. It’s not high level enough to be a black box Voodoo magic and it’s not low level enough to be a royal pain in the ass.

Let’s look at the following example:

#!/usr/sbin/nft -f

flush ruleset

### CHAINS
# INPUT - all incoming packets are checked against the rules in this chain
# OUTPUT - all outgoing packets are checked against the rules in this chain
# FORWARD - all packets being sent to another computer are checked against the rules in this chain
###

### CT STATES
# NEW - the packet has started a new connection
# ESTABLISHED - the packet is associated with a connection which has seen packets in both directions
# RELATED - the packet is starting a new connection, but is associated with an existing connection
###

table inet filter {
  chain input {
    type filter hook input priority 0; policy drop;
    iif lo accept comment "Accept localhost traffic"
    ct state established,related accept comment "Accept traffic originated from here"
    tcp dport ssh accept comment "Accept SSH traffic"
  }

  chain output {
    type filter hook output priority 0;
  }

  # Drop everything, it's not a router
  chain forward {
    type filter hook forward priority 0; policy drop;
  }
}

Not much code to describe a firewall ruleset! It’s also easy to read and modify. All of the action happens in the input chain which is responsible for filtering all of the incoming traffic. It starts with a default-deny mode which means it doesn’t allow any incoming traffic to pass unless you add a special rule that allows certain kinds of traffic under certain conditions.

First, I wanted to allow any traffic coming from the loopback interface:

## iif = 'if input interface is ...'
## lo = loopback interface
iif lo accept comment "Accept localhost traffic"

Next, it would be nice to tell the firewall to accept any traffic sent to this computer as a response to locally initiated requests:

### CT STATES
# NEW - the packet has started a new connection
# ESTABLISHED - the packet is associated with a connection which has seen packets in both directions
# RELATED - the packet is starting a new connection, but is associated with an existing connection
###
ct state established,related accept comment "Accept traffic originated from here"

And finally, it would be nice to have an SSH port open if you’re dealing with the remote machine. Shutting yourself from your own server can be a costly mistake and it’s not uncommon. Here is how to allow SSH traffic, assuming your SSH daemon is set to listen on a well known port 22 (which you should change, by the way):

tcp dport ssh accept comment "Accept SSH traffic"

If you don’t want to get spammed by unwelcome SSH login attempts, just set your SSH daemon to listen to another port. Let’s say our SSH daemon is listening on the port 40736. That would mean that we need to add the following rule:

tcp dport 40736 accept comment "Accept SSH traffic"

If you decide to host an HTTP server on this machine, just add http and https ports to that rule:

tcp dport { 40736, http, https } accept comment "Accept SSH and HTTP(S) traffic"

That’s it. Opening additional ports is trivial and the documentation is good. I’m just starting with this thing and I’m planning to experiment with the logging and tracing tools in the following weeks.

Game: Bloodborne

Illustration

I never played “Souls” games but I heard from a few friends that Bloodborne is a “Dark Souls clone”. Personally, I tend not to label new games as “clones” of something older. Many people consider Dark Stone a Diablo clone but I truly believe that is much better than Diablo despite having a lot in common.

That said, I don’t know if Bloodborne is worth your time or if it’s better to play something more “original”. What I can say for sure is that Bloodborne is fucking amazing. It has this “tough love” appeal: it’s absolutely merciless to the player and it’s terrible at explaining how to actually play this damn game but it all somehow makes it even more interesting.

Bloodborne aesthetic is extremely dark and gothic. Religion and church are the common themes which is rather unexpected from a Japanese studio. What I like about video games is the fact that they keep innovating. I get that this game is just a part of the Souls genre but this genre by itself is pretty new. I can’t name any new and interesting literary genres since cyberpunk, for example, and cyberpunk happened many decades ago. Video games tend to have stories but they give their authors many other tools to experiment with, leading to a crazy amount of wild mixes that are sufficiently different from each other.

Illustration

I don’t want to spoil the story but you have to fight a lot, level up in an unusual way and be ready to die countless times. All of that wrapped in bizarre gothic world, what’s not to like about it?

RSS   Atom   PostgreSQL   OOP   nftables   Games

This page doesn't show ads and the reasons are simple:

  • Most people don't want to see ads (what a surprise)
  • Ads can track you and violate your privacy
  • Ads is the main reason why many websites are so slow

If you find this content valuable or you want to see more content like this, you can leave a tip with bitcoin:

34CXtg7c4Vbw8DZjAwFQVsrbu9eDEbTzbA
bitcoin tips QR