]> Configs http://blog.cihar.com/archives/configs/ Random thoughts about everything… en-us Michal Čihař 2008-10-22T16:19:21+02:00 http://blog.cihar.com/archives/2006/07/28/munin_and_openwrt/ Munin and OpenWrt 2006-07-28T11:15:23+02:00 Michal Čihař Linux, Configs Last thing which was missing was to add new router to monitoring using Munin which I use for this purpose. The only reasonable way seemed to be SNMP so I installed it to OpenWrt.

And the rest was incredibly simple! Just add snmp host to munin.conf:

[openwrt.lan]
    address localhost

And run SNMP discovery on monitoring host (the one which runs munin-node):

munin-node-configure-snmp openwrt.lan | sh

It automatically creates symlinks for everything it detects (network interfaces, load, disk space and users) and only remaining thing is to restart munin-node.

]]> http://blog.cihar.com/archives/2006/05/29/gnupg_path_grabbing/ GnuPG path grabbing 2006-05-29T22:12:54+02:00 Michal Čihař Configs, Coding Many times I needed "intelligent" way to grab key path from my key (and others I somehow trust for signing purposes) to other random key that gets to me.

Receiving keys for all signatures is quite expensive operation and you soon end with most of PGP keys on the world in your database. The best seems to fetch only needed keys. You can find path using PGP pathfinder & key statistics by Henk P. Penning. It's extremely useful site, where you can find many information about PGP keys.

So the logical step seems to be to write down script which will grab needed keys:

#!/bin/sh

if [ "$#" -lt 1 -o "$#" -gt 2 ] ; then
    echo usage `basename $0` ID [gpgparam]
    exit 1
fi

url=http://www.cs.uu.nl/people/henkp/henkp/pgp/pathfinder/mk_path.cgi

(
links -dump "$url?FROM=36E75604&TO=$1"
links -dump "$url?FROM=B3B2A12C&TO=$1"
links -dump "$url?FROM=65D0FD58&TO=$1"
) | grep -o '[0-9A-F]\{8\}'  | sort -u | xargs gpg --recv-keys --no-auto-check-trustdb $2

gpg --check-trustdb $2

And special bonus for Sylpheed-Claws users. Here is action to call above script:

ID=`gpg --verify %p /dev/null 2>&1 | \
grep "key ID" | tr -d "[:space:]" | \
tail -c8`;echo "==== Fetching $ID ===="; \
~/bin/gpg_get_path $ID --no-tty
]]> http://blog.cihar.com/archives/2006/05/11/dns_blacklists_in_exim/ DNS blacklists in Exim 2006-05-11T23:22:50+02:00 Michal Čihař Configs, Debian Well I expected this would be more complicated than defining DNS blacklist servers list. Hower thanks to great defaults, all you need is to put list into user defines (separate file which is included early like /etc/exim4/conf.d/main/000_localdefs should be best place):

CHECK_RCPT_DOMAIN_DNSBLS = dnsbl.njabl.org : \
                            bl.spamcop.net : \
                            blackholes.five-ten-sg.com : \
                            cbl.abuseat.org : \
                            smtp.dnsbl.sorbs.net : \
                            spam.dnsbl.sorbs.net : \
                            zombie.dnsbl.sorbs.net : \
                            web.dnsbl.sorbs.net : \
                            rhsbl.sorbs.net : \
                            sbl-xbl.spamhaus.org : \
                            psbl.surriel.com : \
                            list.dsbl.org
]]>