Firewall script without service

Sometimes on Linux systems for one reason or another it is not practical to use the built-in iptables-services or iptables-persistent to handle your firewall rules. For example, cPanel/WHM manages its own firewall rule set and does not care what is in the normal iptables rules file.

A very straight forward solution to this is run a script in cron to check if your rules exist presently and if not, add them.

# This script is run with cron to make sure iptables rules to block Portmap are present

function addrules {
  iptables -I INPUT -m tcp -p tcp --dport 111 -j DROP -m comment --comment "Portmapper Vulnerability"
  iptables -I INPUT -m udp -p udp --dport 111 -j DROP -m comment --comment "Portmapper Vulnerability"

numrulesfound=$(iptables -nL |grep -c "Portmapper Vulnerability")

if [ $numrulesfound -eq 0 ]; then
  echo "Portmapper iptables rules NOT found, adding"
elif [ $numrulesfound -gt 0 ]; then
  echo "$numrulesfound Portmapper iptables rules found, exiting"

And some kind of cron to run it periodically:

0 * * * * /root/ > /dev/null 2>&1
, , , ,

Disable password in Windows 10

Run netplwiz and uncheck “Users must enter a user name and password to use this computer”


It will ask you for your current password, then you are done.

Automatically sign in

Now to prevent Windows from asking for a password when you come back from suspend, search for ‘sign-in’ > set “If you’ve been away, when should Windows require you to sign in again?” to ‘Never’

, ,

Change Gitlab URL

Because I am lazy I set up Gitlab by way of deploying a VM with a cloud hosting provider. By default it uses its public IP as the URL and that won’t do so here is how I changed it.
Assuming you installed gitlab through your OS’ repository like I did,

change ‘external_url’ in /etc/gitlab/gitlab.rb
and issue a:
gitlab-ctl reconfigure


Firefox Disable Ctrl+Q Accidental Quit

Are you tired of hitting Ctrl+Q and quitting your whole Firefox session when you just meant to hit Ctrl+W to close a single tab?

Unless I am mistaken the latest versions of Firefox have the “Are you sure?” dialog for Ctrl+Q disabled by default. This is a terrible idea. On Windows and Mac you can use this extension to completely disable the shortcut:

Unfortunately because Mozilla sucks you can’t use that add-on on Linux. Instead fix it by going to about:config and changing browser.showQuitWarning to true. This will enable the “Are you sure?” dialog so at least you can cancel closing the window.


Asus RT-AC52U Factory Reset

I’ve been working on my home grown wired and wireless network a bit this week and found myself needing to reset the Asus RT-AC52U I use as a WiFi access point. The USB WiFi adapter I have attached to my NAS/Router is pretty short ranged, so I ran a network cable across the house so this AP can cover the rest.

Anyway, as is often the case I forgot my credentials. This router actually lets you change the admin login and I am sure I did but have no idea to what.

So, to reset it, find the reset annoyingly located on the bottom of the device and press it with a paperclip until the LEDs start turning off.

Once it is reset, it has reverted to setup mode. In this state it runs an unencrypted WiFi network which you need to connect to and configure the router. It has also defaulted to You will likely get alerted by your browser that you need to log in to a captive portal but the router does not actually prompt for credentials during setup.


Windows 7 VM “Unsupported Hardware”

I recently resurrected an old Windows 7 VM to deal with some iCloud bullshit. Naturally, Microsoft has decided that “old Windows doesn’t work with new CPUs”.
I knew there was some way around this but I didnt see an option in the VirtualBox GUI to specify the CPU. This thread saved me from perusing the lengthy man page.

Unsupported Hardware

Unsupported Hardware

I turned off the VM, ran: VBoxManage modifyvm Win7 –cpu-profile “Intel Xeon X5482 3.20GHz” where Win7 is the name of my VM, and turned it back on again. Lo and behold:

Windows Update Successful

Windows Update Successful

A minor victory.


WordPress – Missed Schedule 2

So, it didn’t work. Why? I think CloudFlare is caching the response. Let’s change that.

You could do this with ‘Page Rules’ but on the free tier of CloudFlare you only get three. I am going to skirt that by telling CloudFlare to not cache any url with a query string, and change my wp-cron.php request accordingly.

CloudFlare Query String

CloudFlare Query String

* * * * * wget

Begrudgingly Increased the frequency from every three minutes to every minute. I tested it and it did not work.

What did work was instead of getting it, I executed it:

* * * * * php /var/www/
Actually it would show up as ‘Missed Schedule’ for a minute or so and then it would show published. Fixed.


WordPress – Missed schedule

Plenty of folks want to write articles and schedule when they actually go live on their WordPress instance.  I’ve run into the ‘Missed Schedule’ issue with a customer before but recently ran into this on my own blog.

The post scheduler uses wp-cron. One critical thing about wp-cron is it requires visitors to actually visit your page!  That is probably why I have a problem with it, I have doubts anybody reads this shit and well hey here is the proof.

Per the wordpress docs found here, the easy solution, assuming you have access to your webserver and it is a linux box, is to automate some hits to your site side-stepping the problem that no one reads it.

[email protected]:~# crontab -e

*/3 * * * * wget

I will have to test this to make sure it actually solves the problem, but I suspect it will.


Rack Mount Gaming PC

I’m not sure when I originally had this idea, but I always though it would be cool to put my gaming PC in a rack.  At one time I envisioned putting game consoles in rack mount boxes of some sort as well, but that has not come to fruition.  Rack mount gaming PC on the other hand is nearly done, I just have a few loose ends to wrap up.

First things first, the case.  Most of the benefits of rack mount server cases, hot swap disks, fast access to replace parts, redundant power, are unnecessary for a gaming pc.

Rack Mount PC Case Rack Mount PC Case

To that end, I wasn’t trying to drop serious coin.  These things can easily go for $200 without even a being bundled with a power supply.  Cheap shit on craigslist to the rescue! I found a case much like the one pictured for $60.

I don’t have the rack in the same room.  That is part of the allure of this set up: How nice would it be to have zero noise and zero heat from your gaming desktop? How nice would it be to have zero clutter from cables and what not? It’s very nice! It poses the obvious problem of long range cabling.  The ubiquitous Category cable to the rescue!  I already had a small patch panel in my office since I planned on only having one large Cisco switch on the premises. I just hate having little desktop switches adding clutter and unruly patch cables.

HDMI over Cat5/6 Extender HDMI over Cat5/6 Extender

For video, this passive HDMI over Cat5/6 Extender for $18 from Monoprice suits my purposes well.  It has limitations, namely that [email protected] is the most you can push through it. Presently I only have a [email protected] monitor and do not have a card that can handle higher resolutions so I have not attempted to see if those are indeed hard limits. In the case that they are, some active unit would be necessary. I think if I do move toward 4k gaming the whole idea of having the PC remote might be reconsidered anyway.

USB over Cat5/6 USB over Cat5/6

For input, USB Extender over Cat5/6 for $12 again from Monoprice allows me to put a USB hub on my desk.  For ultra wirelessness I could of course get a wireless keyboard and mouse, but I prefer not having to deal with batteries.  Plus I like using a keyboard that support serious remapping with zero dependency on drivers or software.

I still have a bunch of Cat5e from whenever I bought a box of 1000ft of it way back when. Sadly, at ~75ft with Cat5 the extender did not work. Begrudgingly I picked up 250ft of Cat6 and some Cat6 patch cables and it works great. I am curious if Cat6 patches on the Cat5 would be any different.  I tested MechWarrior Online and did not perceive any additional buffering.  Success!

I still need to figure out what to do about audio.  The monitor does have built in speakers and the HDMI audio passes through the extender just fine, however the only output the monitor has is analog two channel by way of 1/8″ stereo jack.  I’ll be on the market for at least a surround USB headset if not a pc surround sound setup.

At this point, all I really need is to make some cables for remote power / reset / power LED / HDD LED.  More on that later.


Crustang Teardown 1

Well, I need space in my driveway so it’s time to dismantle my 1986 Mustang.  The Crustang will be giving up its ghost for a project that I plan to start in the coming months, more on that later.  It’s a crusty pile of shit so has got to go:

Yeah that is the rear passenger seat belt flopping in the breeze.

Underneath that huge hole in the passenger side and the hastily tossed in plate we find a nice pin hole:

I believe that actually turned out to be a vent.  Instead of venting to the tank its would vent into the passenger carpet.  Perfect!  This fucking death trap.

Now I don’t know the exact path this overflow tube is supposed to take from factory but you can be damn sure it wasn’t meant to dump into your trunk.

Of course this heap of shit has more than five gallons of gas in it making this process take up all night with my rinky dink $5 siphon. Don’t buy this kind of siphon ever. So I had to stop what I was doing and go fill up my Fairmont with this slightly yellow gas.  It doesn’t seem to have bothered the carb yet, and the Crustang did run on it so I meh its okay.