Block Tracking Sites With dnsmasq

Posted by Dave Eddy on Jul 19 2018 - tags: tech

Around five years ago I started looking into different ways to block ads and trackers in the most effective way on my computers. I discovered this hosts list on someonewhocares.org and even wrote a script to automate the process of downloading, verifying, and installing the list on my machines.

https://github.com/bahamas10/someonewhocares

I recently got back into it when I was setting up Encrypted DNS with dnsmasq and dnscrypt-proxy on SmartOS using OpenNIC. I stumbled across the Pi-hole project and really liked it, however I didn’t want to run a raspberry pi in my house as part of any critical infrastructure. Instead, I took the essence of that project and found a compiled blocklist to use with my existing dnsmasq setup to block these sites at the DNS level.

notracking

I found notracking/hosts-blocklists which is an automatically updating block list compiled from multiple sources compatible with dnsmasq. I created my own set of scripts to download the latest blocklists from GitHub, verify them, and install them for use with dnsmasq, and finally restart dnsmasq so it picks up the changes.

https://github.com/bahamas10/notracking

I installed this on my nameserver zones with:

Nginx Return Remote IP Address

Posted by Dave Eddy on Jul 17 2018 - tags: tech

The nginx server that hosts this website can now return your current IP address if you hit the url /ip.

https://www.daveeddy.com/ip

I have an alias in my bashrc to quickly use this to get my current external IP.

$ type externalip
externalip is aliased to `curl -sS https://www.daveeddy.com/ip'
$ externalip
1.2.3.4

To set this up, I modified my nginx config to add a location section for /ip

I basically ripped off this stackoverflow post but modified it to only match the single URL.

location =/ip {
        default_type text/plain;
        return 200 "$remote_addr\n";
}

location / {
        root /var/www/daveeddy.com;
}

Encrypted DNS with dnsmasq and dnscrypt-proxy on SmartOS

Posted by Dave Eddy on Jul 07 2018 - tags: tech

For the last 3 years I have been using djbdns on SmartOS and it has all been working great. Recently however, I started looking into DNSSEC and DNSCrypt, which ended up leading me to the OpenNIC Project.

I decided to change my home DNS server setup to forward OpenNIC DNS servers over an encrypted channel as opposed to using OpenDNS like I did with djbdns.

To set this up, I have a zone with dnsmasq and dnscrypt-proxy running

dnsmasq - listens globally on port 53 for incoming DNS requests, answers local domain DNS requests for my network, and forwards the rest to dnscrypt-proxy
dnscrypt-proxy - listens locally on port 5300 for incoming DNS requests from dnsmasq and forwards them securely to an OpenNIC DNS server

Install

To start, install dnsmasq with the following command:

pkgin in dnsmasq

Installing dnscrypt-proxy requires a little bit more work as it is currently not in pkgsrc. To install it, we need to pull in some dependencies.

OpenVPN Server Setup With Easy-RSA on SmartOS

Posted by Dave Eddy on Jul 05 2018 - tags: tech

At home I have a zone dedicated to running an OpenVPN server. With this I can connect to my home network securely on both my laptop and phone when I’m away.

I followed this guide for getting the zone ready to route properly for OpenVPN, and then used Easy-RSA to generate the certificates needed.

Zone Setup

To get started, make sure the zone is created with allow_ip_spoofing enabled on the NIC of the zone. I used a payload similar to this to create the vpn zone.

{
  "brand": "joyent",
  "image_uuid": "221635c4-3b85-11e8-b6ba-23f68c9bf2c4",
  "autoboot": true,
  "alias": "vpn",
  "hostname": "vpn.rapture.com",
  "dns_domain": "rapture.com",
  "resolvers": [
    "10.0.1.2",
    "10.0.1.3"
  ],
  "ram": 512,
  "nics": [
    {
      "nic_tag": "admin",
      "ip": "10.0.1.41",
      "allow_ip_spoofing": true,
      "netmask": "255.255.255.0",
      "gateway": "10.0.1.1",
      "primary": true
    }
  ]
}

DHCPD New Lease Notifier

Posted by Dave Eddy on Apr 12 2018 - tags: tech

Three years ago I set up SmartOS as a Home Router which required creating a zone specifically for handling DHCP requests on my network. As part of wanting to have more visibility into my network, I wrote a program to notify me whenever a new DHCP lease was given out by the server.

https://github.com/bahamas10/node-dhcpd-notifier

dhcpd-pushover

DIY Pump It Up Pad Platform With Bars

Posted by Dave Eddy on Mar 27 2018 - tags: diy

I first found Pump It Up in my freshmen year of high school - sometime between 2003 and 2004. I would go to Kahunaville at the Galleria Mall most weekends with my friend Ben, and then later with my other friend Jeremy to play as much as possible. It was a couple months later where I discovered DDR as well, and both of those dance games have just worked their way into the person I am today. That might be a little extreme, but even when I’d go a year or two without playing I’d always come back and play them even harder than I did before.

Around 2013 I discovered the Dave & Busters by my house had a Pump It Up machine and it had a lot of Kpop songs on it - that pulled me back in for a while. I’ve always thought it would be cool to own my own machine, but to find one used was proving to be very difficult, and buying new I was looking at upwards of $9,000… a lot more than I was looking to spend.

Towards the end of 2016 I pulled the trigger on some pads I had been eyeing up for a while - I bought 2x Precision Omega 5x Pads. I had setup a computer with a hacked up version of StepMania on it (skinned like PIU Prime) and it all worked. It wasn’t the best setup - I was lacking a bar for support, and the software would sometimes crash or the songs were horribly out of sync with each other.

I got back into the game heavily a couple months ago in January thanks to the wonderful PIU Upstate Squad :D. After pushing myself hard on the machine and really increasing my skills, I decided it was time to create the machine properly. This meant getting the software working 100% (spoiler: I’m using StepF2 - It works great!) as well as an actual platform for the pads with real metal support bars to use.

Wooden Countertop

Posted by Dave Eddy on Mar 18 2018 - tags: diy

I’ve been in the process of redoing my kitchen for over 2 years now. I’m going to dedicate an entire blog post to that whole process once it is finished (it’s getting close!) but for now, I have this post that’ll just go over the wooden countertop I built.

I’ve thought about building my own countertops for some time, but didn’t think I really had the skill, or was just overwhelmed by the idea of it. I was at Home Depot a while back with my parents when we were looking at different countertop options for my kitchen. I pretty much ended up either hating all of them, or being, at the very best, not enthused about others. The one countertop I liked the best was (of course) made out of wood, but came with a steep price tag of well in the thousands.

By building my own countertops out of 2x6’s I cut and assembled myself, I ended up being able to create and finish the countertop for just about $150.

Note: In this picture the kitchen isn’t completely finished. There is no backsplash behind the counter (I haven’t built it yet), no trim on or under the cabinets, and the pole going through the countertop is actually holding the house up - so I will be facing that in dark stained wood eventually like I did upstairs.

Replace Glass With Wood Shelves

Posted by Dave Eddy on Mar 07 2018 - tags: diy

I got this shelf piece sometime around 2012 when I was living in California from a consignment shop in Burlingame. It’s been a great piece and has worked well, but as more and more wood pieces have made their way into my house, this piece has started to stick out. I decided to, in the same fashion as the Ikea Patio Table Wood Top, replace the glass shelf with wooden ones.

Three New Albums - Winter, Summer, and Signal EP

Posted by Dave Eddy on Oct 20 2017 - tags: music

In July, I created a new music website to host all the music I have written. I put my 2014 album Memories on it and promised three new albums in 2017. Well, today I deliver on that promise with three brand new albums: Winter, Summer, and Signal EP.

Just like Memories, these three albums are available to download completely for free in FLAC or mp3 (v0) format.

http://music.daveeddy.com

Persistent ssh-agent on Bash on Ubuntu on Windows

Posted by Dave Eddy on Oct 18 2017 - tags: tech

After installing Bash on Ubuntu on Windows I realized some interesting side effects related to how processes and daemons in the Unix environment are handled. Running a process in the background, or daemonizing a process, will work so long as there is a Bash session open on Windows. Once the last window is closed, all of the processes are cleaned up and killed.

I use ssh keys for authentication when connecting to remote servers which requires the use of ssh-agent. I can run this program manually and it will work so long as there is at least one bash session running on my computer, but once I close the last window the ssh-agent is killed and my keys are unloaded. I’ve found a couple guides online regarding ssh-agent and WSL specifically, but most of them assume the keys you are using are not password protected.

To remedy this situation, I managed to find a way to create a hidden terminal session that runs ssh-agent in foreground mode when I login to my computer which persists through sleeps and hibernations. This way, ssh-agent will run and stay running from the moment I login until the moment I logout (which is almost never, unless I reboot).

« Newer Posts 3 of 22 Older Posts »

Gravatar