Configs 2008-01-23T16:45:53+09:00 Michal Čihař http://blog.cihar.com http://blog.cihar.com/ NanoBlogger Munin and OpenWrt Michal Čihař http://blog.cihar.com/archives/2006/07/28/munin_and_openwrt/ 2006-07-28T11:15:23+09:00 2006-07-28T11:15:23+09:00

Last thing which was missing was to add new router to monitoring using Munin which I use for this purpose. The only reasonable way seemed to be SNMP so I installed it to OpenWrt.

And the rest was incredibly simple! Just add snmp host to munin.conf:

[openwrt.lan]
    address localhost

And run SNMP discovery on monitoring host (the one which runs munin-node):

munin-node-configure-snmp openwrt.lan | sh

It automatically creates symlinks for everything it detects (network interfaces, load, disk space and users) and only remaining thing is to restart munin-node.

 GnuPG path grabbing Michal Čihař http://blog.cihar.com/archives/2006/05/29/gnupg_path_grabbing/ 2006-05-29T22:12:54+09:00 2006-05-29T22:12:54+09:00

Many times I needed "intelligent" way to grab key path from my key (and others I somehow trust for signing purposes) to other random key that gets to me.

Receiving keys for all signatures is quite expensive operation and you soon end with most of PGP keys on the world in your database. The best seems to fetch only needed keys. You can find path using PGP pathfinder & key statisticsby Henk P. Penning. It's extremely useful site, where you can find many information about PGP keys.

So the logical step seems to be to write down script which will grab needed keys:

#!/bin/sh

if [ "$#" -lt 1 -o "$#" -gt 2 ] ; then
    echo usage `basename $0` ID [gpgparam]
    exit 1
fi

url=http://www.cs.uu.nl/people/henkp/henkp/pgp/pathfinder/mk_path.cgi

(
links -dump "$url?FROM=36E75604&TO=$1"
links -dump "$url?FROM=B3B2A12C&TO=$1"
links -dump "$url?FROM=65D0FD58&TO=$1"
) | grep -o '[0-9A-F]\{8\}'  | sort -u | xargs gpg --recv-keys --no-auto-check-trustdb $2

gpg --check-trustdb $2

And special bonus for Sylpheed-Claws users. Here is action to call above script:

ID=`gpg --verify %p /dev/null 2>&1 | \
grep "key ID" | tr -d "[:space:]" | \
tail -c8`;echo "==== Fetching $ID ===="; \
~/bin/gpg_get_path $ID --no-tty
DNS blacklists in Exim Michal Čihař http://blog.cihar.com/archives/2006/05/11/dns_blacklists_in_exim/ 2006-05-11T23:22:50+09:00 2006-05-11T23:22:50+09:00

Well I expected this would be more complicated than defining DNS blacklist servers list. Hower thanks to great defaults, all you need is to put list into user defines (separate file which is included early like /etc/exim4/conf.d/main/000_localdefsshould be best place):

CHECK_RCPT_DOMAIN_DNSBLS = dnsbl.njabl.org : \
                            bl.spamcop.net : \
                            blackholes.five-ten-sg.com : \
                            cbl.abuseat.org : \
                            smtp.dnsbl.sorbs.net : \
                            spam.dnsbl.sorbs.net : \
                            zombie.dnsbl.sorbs.net : \
                            web.dnsbl.sorbs.net : \
                            rhsbl.sorbs.net : \
                            sbl-xbl.spamhaus.org : \
                            psbl.surriel.com : \
                            list.dsbl.org