flak rss random www

easy gopher-lua bridge

I have some go code that I’d like to be a little more flexible at runtime. Like a config file, but maybe with some conditional logic based on string matching. If this sounds like a proxy deciding which filtering functions to apply based on URL, that’s a good guess.

more...

Posted 04 Dec 2017 23:02 by tedu Updated: 04 Dec 2017 23:02
Tagged: go lua programming

whose xterm is it anyway?

As part of the effort to find idle hogs, I noticed some xterms were heavier than others.

more...

Posted 25 Sep 2015 05:46 by tedu Updated: 25 Sep 2015 05:46
Tagged: lua openbsd programming

adding comefrom to luajit

After reading about a function decorator that rewrites the bytecode to enable goto in Python, I realized a very similar technique could be used to manipulate the bytecode in luajit. Of course, being the superior language, Lua already has goto, so for this example we need to add even more advanced control flow, comefrom.

more...

Posted 22 Sep 2015 15:09 by tedu Updated: 22 Sep 2015 15:23
Tagged: lua programming

easy mobile passwords

Matthew Green asked for a password generator that’s easy to enter on a phone.

more...

Posted 01 Sep 2014 23:00 by tedu Updated: 30 Nov 2014 22:18
Tagged: gadget lua programming security web

timing attacks vs interned strings

Some experiments with trying to extract strings from a Lua process via timing attacks.

more...

Posted 31 Jul 2014 15:03 by tedu Updated: 31 Jul 2014 15:03
Tagged: lua programming security web

userland traffic shaping

A short program to demonstrate network filtering with Lua. Although the kernel provides pf filtering and some bandwidth shaping facilities, they don’t cover every scenario. For example, consider the case where our server is connected to a network port where we pay for some amount of bandwidth, but have burstable speeds much faster than that. Commonly seen as 95th percentile billing. As long as we’re under our five minute quota, we want to pass traffic full speed, but as we approach that mark, we want to start clamping down. The pf.conf burst queueing rules can’t quite handle this situation.

For more flexibility, we can pass all our network traffic through userland using tun and have an arbitrary program analyze and shape it. This setup requires a whole mess of virtual interfaces to be configured with ifconfig, but it’s really not so bad. We want to pass ethernet frames, so we use the link0 flag.

ifconfig tun0 create link0
ifconfig bridge0 create add em0 add tun0
ifconfig tun1 create link0
ifconfig vether0 create
ifconfig bridge1 create add vether0 add tun1

Now we have a vether interface connected, via bridges and tuns, to the network. We configure this interface with our IP (run dhclient if you like), and it effectively replaces em0 as the primary interface. This is an endpoint configuration; vether can be replaced by a physical interface for a router. All that’s missing is a program to pass traffic between the two tun interfaces.

Here’s a short Lua (luajit) program. It reads from the two tun interfaces and passes packets between them as they arrive. As the amount of traffic passed approaches our five minute quota, it starts probabilistically dropping packets. As written it lets you use 75% of your quota at full speed before rather sharply curtailing it. (As a bonus, it will occasionally print a frequency count of each byte to demonstrate other uses.)

netfilt.lua

See also trickle.

Posted 15 Jun 2014 02:49 by tedu Updated: 15 Jun 2014 02:49
Tagged: lua network openbsd programming

efficient uniform shuffling

Spotify had a blog post about how to shuffle songs, which included a link to earlier work on the art of shuffling music. The original algorithm uses a lot of both memory and CPU (in particular, a playlist containing a lot of loosies will be extremely memory hungry as each song is expanded). I think I understand how to implement the Spotify “dithering” algorithm efficiently, but there’s no pudding.

more...

Posted 11 Mar 2014 04:53 by tedu Updated: 11 Mar 2014 06:40
Tagged: lua programming