February 2005 - Posts

I totally geeked out tonight.

I was searching for something else and happened upon a tutorial for tunneling VNC on windows, which led me to another article that was inspiration for the first article I found. Here was the problem with both: the webserver that I wanted to get to is behind an OpenBSD firewall. So, first things first: I added a rule to pf.conf that allowed ssh to be redirected to the private address of my webserver using rdr syntax:

rdr pass on $ext_if from any to $public_address port ssh \
-> $private_address

This rule passes ssh calls bound for the external address to be sent to the internal network address (192.168.1.blah).

But what about ssh running on Windows?

Well, if you don't already have cygwin installed on the server, I ended up using sshwindows (linked from the OpenSSH site under Windows) Just follow the instructions in readme.txt or quickstart.txt and you should be good to go there - it comes with an installer, so it was pretty easy to get up and running.

But what about the client on Windows?

For this, I use PuTTY. I've used it for a while to ssh into my OpenBSD machines from windows. What I didn't know of is the Tunnel feature that sits near the end of the config setup tree...this is how the magic happens.

See, before, when I needed to get into a firewalled computer, I would just add rules to the firewall to punch temporary holes while I did what I had to do remotely. I know, bad Chris. Using OpenSSH to tunnel the traffic that would normally be sent unencrypted over the wire makes me feel a lot safer, even tho the server in question doesn't have a whole lot of goodies to look at. It's still important to me.

So how does the magic happen?

Using the tunnel feature of PuTTY, I added a link to port 5901 and mapped it to localhost:5900. Here's the rub: localhost in this case refers to the ssh server, not the computer the client is running from. The 5901 refers to the machine that the client is running from. This wasn't clear to me in either tutorial that I read thru. So you add the tunnel link to the SSH/tunels node of PuTTY and when you fire up VNC, have it sent to localhost:1. This was also not very clear from either article (but that just probably means I'm dense).

Is that it?

For VNC, yeah, it is. However, I also run a couple of applications on my network that contain sensitive data: namely SourceGear Vault and Dragnet. I want to get to these too! Can I do it in a similar way to the VNC deal? You betcha!

This time, for the tunnel link I specified an arbitrary (but often used) high port in PuTTY: 8000. I also wanted to point to the internal server (say, so instead of specifying localhost:80 (which is already exposed -duh!) I pointed it to

Fire up PuTTY, login as some user that's configured for OpenSSH, and point my browser of choice to http://localhost:8000/dragnet. Nice!


Although he only talked about high-level stuff (Exception Handling and Memory Management), I think Brad did a pretty good job. I stopped going to the Microsoft office out here because of all the 100 level classes, I couldn't justify taking time out of the trenches for learning stuff I already knew. But hearing the lead PM on the CLR team speak? It was time to attend my first Houston .NET UG meeting. To be fair, there was also the Hal-PC C# sig there, but I've never seen that room so packed. Overflow rooms had to be set up. Way to go, Brad!

So as is usually the case with these events, I came away with a couple of golden nuggets of information, some of which is even relevant in v1.x of the framework! (Imagine that!) Here are a couple of the notes I took:

  • Finalizers keep objects alive an order of magnitude (about 10) longer than objects w/o finalizers
  • It's a really bad idea to throw an Exception from a finalizer.
  • Check out Critical Finalizers in v2.0
  • Finalizers are most appropriate for owned unmanaged resources (filestream, sqlconnection, etc classes are a case in point)
  • It's kind of an "unwritten rule" that any object that has a Close method should implement the IDisposable pattern and they should do the exact same thing. i.e. Close should just call Dispose.

I brought my digital camera, but being the jerk that I am, didn't check to see if the batteries were working first (doh!). Thankfully, I've got a camera phone and was able to take a picture with Brad anyways (I'm the short one):

This is also where I got my Channel 9 guy along with a nice smattering of other cool swag. Sorry, Scoble, it was just a joke tho - I thought it would be more appropriate to write the ransom note in 1337 than have both of my subscribers download a bunch of newspaper-clipped letter images. I still want my million, tho :)

[ Currently Playing : Napoleon Solo - At the Drive-In - In Casino Out (4:47) ]

 |}34|2 M|2. Scoble,

1 H4v3 K1|}n4pp3|} y0U|2 p|23C10U5 "CH4nn3L 9 6Uy". 1f j00 3v4|2 w4n7 70 533 H1M 4L1v3 4641n, My |}3M4n|}5 MU57 83 M37 1n fULL. My |}3M4n|}5 4|23 45 f0LL0w5:

1) 0n3 M1LL10n |}0LL4|25.
2) M1C|2050f7 MU57 0p3n-50U|2C3 w1n|}0w5 50 17 C4n 83 53CU|23 L1K3 L1nUx.

j00 H4v3 48 H0U|25 70 C0MpLy. Y0U w1LL f1n|} 7H47 1 4M v3|2y 53|210U5 1n 7H15 M4773|2.

31337 |-|4><0|2z

Well, thanks to Steven's post .Text's MetaWeblog API - Edit Post Error... I am now just a couple of revisions behind the latest incarnation of .Text over here.

This has been a serious pain to get migrated from v0.94 (all because I need to edit my posts w/ the metablog api - go figure!) but a lot of it has been due to errors on my part. When you try to add content, you've gotta keep those Identity fields intact or you end up with "Server returned a fault exception" when adding a new post. Yuck.

Update: spoke too soon. There's still bugs there. I think I'll just leave well-enough alone for now.

I recently added Tabbing functionality for indenting/outdenting (hey, it's a trident term :) in my dogfood version of PostXING.

Quoting has just become 100 times easier for me.

I prefer to use the keyboard when posting/changing text attributes when possible, and this whole no tabbing business finally got me a little fed up. Wanna know the funny part? It ended up being about 8 lines of code, give or take for whitespace:

  1 protected override bool ProcessCmdKey(ref Message msg, Keys keyData) {
  2 	if(keyData == Keys.Tab){
  3 		this._designEditor.TextFormatting.Indent();
  4 	}else if(keyData == (Keys.Tab | Keys.Shift)){
  5 		this._designEditor.TextFormatting.Unindent();
  6 	}
  8 	return base.ProcessCmdKey (ref msg, keyData);
  9 }

What other unsupported keyboard shortcuts would you like to see in PostXING (get em while I've got it fresh on my mind :)

[ Currently Playing : Dazed And Confused - Led Zeppelin - BBC Sessions CD 2 (18:36) ]

Q: You mean you didnt kill 200K people or change the tilt of the Earth's axis?
a: not yet
[Via brains-N-brawn.com]

Classic. I rather enjoyed the article, and think that a lot of people are missing the point. Not that my opinion matters anyways, but I thought it was kind of a neat POC.

More Posts