weblog d’un abbe


tcpdump unable to capture on any device…

Filed under: Research — Tags: , , , , — abbe @ 2017

If you’re having problem capturing on any device with tcpdump. Then you can patch the libpcap with the diff at: http://github.com/mcr/libpcap/commit/8fa17a5a554aaeb85d3ec4118b45a31f1efd6808 and rebuild your libpcap package.

Happy sniffing on any device.



256 colors xterm

Filed under: Fun, Research — Tags: , , , , , , , , — abbe @ 1259

I’m using xterm in 256-color mode since a month. And I noticed that whenever I log in to any of the remote boxen (via ssh) from my xterm, I started getting WARNING: terminal is not fully functional, whenever I use less, screen, etc. curses applications. So this means xterm-256color (xterm in 256 color) terminfo is not available in the remote box. Now in most of the remote boxen, I don’t have superuser access, which means I can’t install this terminfo systemwide. So after going through terminfo(5) I figured out that I need to install this terminfo in my $HOME (at remote end) to get desired functionality. For that I did:

% ssh server mkdir -p .terminfo/x
% scp /usr/share/terminfo/x/xterm-256color server:.terminfo/x/

Thats it. Now I don’t get that warning anymore and I can use Emacs/vim in 256-colors :) . What more do you want from 256-colors life…:)


Gmail on IPv6 – buggy last account activity information.

Filed under: Research — Tags: , — abbe @ 0016

Gmail Activity information by wahjava, on Flickr
I’m accessing Gmail’s web UI over IPv6 internet since they launched ipv6.google.com. Recently I’ve noticed that they made available Last account activity information. So I clicked on that link to see my last account activity and I’m surprised to see an IPv4 address instead of an IPv6 address (expected). The IPv4 address is, which is a class D address reserved for multicasting. So, is this some kind of IPv{4,6} portability bug in their code, or ipv6.google.com acting as a proxy for mail UI running on IPv4 servers with a class D address assigned, hmm…?


format=flowed messages

Filed under: Research — Tags: — abbe @ 0710

format=flowed is a new way of posting text/plain messages so they can be displayed in any resolution in the desired way. For more information, check out RFC3676, Joe Clark‘s format=flowed FAQ. To send format=flowed, messages using a MUA (which sucks less), checkout Sending format=flowed messages. Details about format=flowed in Gnus will be posted later. Happy spamming format=flowed way… :)


ipv6.google.com resolves to an IPv6 address

Filed under: Fun, Hacking, Research, Yippee!! — Tags: , — abbe @ 1530
abbe [~] chateau $ dig aaaa ipv6.google.com

; <> DiG 9.4.2 <> aaaa ipv6.google.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41367
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;ipv6.google.com.               IN      AAAA

ipv6.google.com.        7062    IN      CNAME   ipv6.l.google.com.
ipv6.l.google.com.      300     IN      AAAA    2001:4860:0:1001::68

;; Query time: 390 msec
;; SERVER: ::1#53(::1)
;; WHEN: Wed Apr 16 15:43:50 2008
;; MSG SIZE  rcvd: 82
abbe [~] chateau $ telnet ipv6.google.com 80
Trying 2001:4860:0:1001::68...
Connected to ipv6.l.google.com.
Escape character is '^]'.
Host: ipv6.google.com
Connection: Close

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: PREF=ID=8b8a663a80b66872:TM=1208342637:LM=1208342637:S=5_cmeO1B5B_pcWdY; expires=Fri, 16-Apr-2010 10:43:57 GMT; path=/; domain=.google.com
Date: Wed, 16 Apr 2008 10:43:57 GMT
Server: gws
Content-Length: 0

Connection closed by foreign host.

As, you can see ipv6.google.com is resolving to an IPv6 address, and also I can connect to it :). karora on #ipv6 at irc.freenode.net told me that at Google, most of the IPv6 transition work has been done. So like sig_wall I also changed my /etc/hosts to point {mail,reader,www}.google.com to IPv6 address of ipv6.google.com, and to my surprise couple of google.com services worked but not orkut.com (I don’t use it :P)

abbe [~] chateau $ cat /etc/hosts |tail -1
2001:4860:0:1001::68 www.google.com mail.google.com www.orkut.com reader.google.com orkut.com ipv6.google.com

Anyways, happy IPv6ing….;)


Wanna print to HP LJ 1005 on CentOS

Filed under: Research — abbe @ 1711

I discovered that I need foo2zjs while trying to print to an HP LaserJet 1005 printer (attached to a Windows XP Professional box) from a CentOS 5 client. foo2zjs not only supports HP LaserJet 1005 but also couple of other printers too, so do check out its homepage. Unfortunately there’re no prebuilt RPMs available for this on any repository, so I’ve to hack my own. Anyways, Ubuntu has a package for foo2zjs in their repository, so no worries Ubuntu users.

So the whole episode (i.e. trying to figure out what I’m missing) was frustrating for me. /me thought this earlier, but now I think things like this should happen, so that I’m forced to learn. Anyways happy printing ;)


How Split Debug Symbols work ?

Filed under: Research — abbe @ 0147

I’ve been using a custom built package for a software since a long time, But it used to crash (reproducible) sometimes, so tonight I thought, it’ll be great to debug the problem, so I checked my package directories to see if I’ve built any -dbg package (I use Gobuntu, a distro based on Debian, so no -debuginfo packages for me :-P ). And I found that I’ve not built any -dbg package, so I quickly added --dbg-package=foo-dbg to dh_strip (yup I use debhelper too) invocation in binary-arch target of debian/rules Makefile, and also added a entry for foo-dbg in debian/control. And, then I built (dpkg-buildpackage -rfakeroot) and installed (dpkg -i) the -dbg package.

Now, I fired gdb, started executing foo, it SIGSEGVed, and I did bt, oops no symbols listed. So, then I joined #gdb on irc.freenode.net, and there bauermann told me that about debug-file-directory option in gdb. I showed that option, and found that it is set to /usr/lib/debug. Then I tried manually loading symbols, using symbol-file option. And symbols are loaded without any problem.

Now, the problem is how to autoload those symbols, so I followed the path of RTFM and then I opened gdb.info, searched for debug-file-directory, and there I found this:

So, for example, if you ask GDB to debug `/usr/bin/ls', which has a
link containing the name `ls.debug', and the global debug directory
is `/usr/lib/debug', then GDB will look for debug information in
`/usr/bin/ls.debug', `/usr/bin/.debug/ls.debug', and

and this:

A debug link is a special section of the executable file named

And then I did objdump -x /usr/bin/foo |fgrep debuglink to see if it has .gnu_debuglink section, oops, its not present. So, I installed the newly built package, as I’ve only installed -dbg package earlier. And now again I did objdump -x /usr/bin/foo |fgrep debuglink, and this time its present.

So I fired gdb again, and started executing foo, and now this time when it SIGSEGVed, I’m able to get the symbol names, and the line no. where it segfaulted. So gdb rocks :)


How IPv6 tunnelling keeps me connected with IRC servers

Filed under: Research — Tags: , , — abbe @ 0041

These days I used to IRC a lot. And also these days, my dynamic IPv4 based ADSL Broadband connection disconnects frequently, couple of time it is at ADSL level, sometimes its at PPPoE level. IRCing over an IPv6 tunnel keeps me logged-in to IRC even when my ADSL links goes down, and I was waiting for it to up. But this works with only my freenet6 tunnel, not 6to4. How all this happens ?

  1. I connect to Internet by PPPoE dialing to my ISP.
  2. I start my freenet6 tunnel (IPv6-over-UDP-over-IPv4).
  3. Now, I connect to IPv6 IRC servers like (ipv6.chat.freenode.net, or irc6.oftc.net) using my IRC client.
  4. ADSL links goes down after some time.
  5. PPPoE connection also times out, destroying my IPv6 tunnel .
  6. Within 10-15 seconds ADSL link is up.
  7. PPPoE session is re-established.
  8. freenet6 IPv6 tunnel is re-established.
  9. I check my IRC client to see whether I was disconnected or not. To my surprise, I am still online, getting all messages. never disconnected.

Why I was not disconnected from IRC despite my IPv6 tunnel get destroyed, my IPv4 address changed ? Is my IRC client doing any magic ? No, its not anything special my IRC client does, its all due to my OS, GNU/Linux‘s network stack. Hmm…? Yes, when my IPv6 tunnel (underlying channel) goes down, TCP connection to IRC servers stays in ESTABLISHED state until TCP connection times out. Now another question is why, IRC server hasn’t disconnected from its side ? Because my link went down suddenly, so no time for tunnel client to send the message to the remote endpoint to close the tunnel. So, for remote endpoint (i.e. freenet6 server) I’m still up, its just that I’m not sending ACK packets, so it’ll keep transmitting retransmitted packets (from IRC server) until tunnel times out. For IRC server also, I’m still up, its just that I’m not sending ACK packets, so it’ll keep retransmitting packets unless, (i) I acknowledge with ACK packets, or (ii) TCP retransmission timeout happens at IRC server’s end, or (iii, not sure on this, as I don’t how its all happening at tunnel broker’s end) freenet6 server sends an ICMPv6 Destination Unreachable to IRC server, when tunnel timeout happens. BtW, its no special treatment for IPv6 tunnels its there for other networks also, provided address of your network interface is static and you regain connectivity before retransmission timeout happens :) . Not sure, if this is part of Internet Host Requirements RFCs. I’ll read them soon as I get some time, anyways happy IPv6ing… :)


Unable to view IPv6 site over 6to4 connection in Firefox

Filed under: Research — Tags: , , , — abbe @ 0318

If you got into such problem, which I ran into today, I’ve got the reason why it behaves so. But let me first describe the problem:

When I connect to IPv6 internet via 6to4, Firefox doesn’t display IPv6 sites (by default), those also have corresponding IPv4 site. To be precise, in spite of presence of an AAAA DNS RR for a domain name, Firefox refers to the A DNS RR. If no A DNS RR exists, then only Firefox refers to AAAA. And this happens only when I’m connected via 6to4 tunnel not on Freenet6 tunnel which offers a non 6to4 address.

When, I told about this to one of my CentOS-tic friend, who told me I should try CentOS as it works fine in IPv4 free environment. So I thought its some bug. But after posting this question on #ipv6 at irc.freenode.net, jakllsch (a nick in #ipv6) pointed me to RFC 3484. As clear from the title of RFC, Default Address Selection for Internet Protocol version 6 (IPv6) it deals with address selection. So I became confident that due to this RFC, this all is happening. But to became 100% sure, I started reading RFC, and in section Destination Address Selection, I found the solution of my problem. So following is a practical-case (filled with sample data) of my problem:

I’ve 2 addresses a 2002::/16 (a 6to4 address) and a 122.xxx.yyy.zzz (an IPv4 address). I wanted to visit website of www.sixxs.net ( 2001:838:1:1:210:dcff:fe20:7c7c, ) . So to which destination address should Firefox try. According to the rule no. 5:

Rule 5:  Prefer matching label.
If Label(Source(DA)) = Label(DA) and Label(Source(DB)) <> Label(DB), then prefer DA. Similarly, if Label(Source(DA))<> Label(DA) and Label(Source(DB)) = Label(DB), then prefer DB.

So in my case, Label(2002::/16) <> Label(2001:838:1:1:210:dcff:fe20:7c7c) ⇒ 2 <> 1 and Label(122.xxx.yyy.zzz) = Label( ⇒ 4 = 4, Thanks to courmisch and jakllsch for confirming this. And I later discovered that its not only applicable for Firefox but also for other applications using getaddrinfo() routine of POSIX API. So mystery solved. Anyways, happy IPv6ing… :)


Fixing usplash on Gobuntu

Filed under: Research — abbe @ 0130

The usplash screen (splash screen shown at the bootup) of Gobuntu is cool. So if you’re unable to get that screen because display mode set during usplash is unsupported, edit the configuration file at /etc/usplash.conf to suit your needs. Following is mine to display usplash at 1440x900 resolution.

abbe [~] chatteau $ cat /etc/usplash.conf 
# Usplash configuration file

After modifying, execute update-initramfs to update the initrd. I’m not sure if that is necessary. Anyways, Happy Gobuntuing… :)

Older Posts »

Blog at WordPress.com.