+ <div class="entry">
+ <div class="title"><a href="https://people.skolelinux.org/pere/blog/OpenSnitch_available_in_Debian_Sid_and_Bookworm.html">OpenSnitch available in Debian Sid and Bookworm</a></div>
+ <div class="date">25th February 2023</div>
+ <div class="body"><p>Thanks to the efforts of the OpenSnitch lead developer Gustavo
+IƱiguez Goya allowing me to sponsor the upload,
+<a href="https://tracker.debian.org/pkg/opensnitch">the interactive
+application firewall OpenSnitch</a> is now available in Debian
+Testing, soon to become the next stable release of Debian.</p>
+
+<p>This is a package which set up a network firewall on one or more
+machines, which is controlled by a graphical user interface that will
+ask the user if a program should be allowed to connect to the local
+network or the Internet. If some background daemon is trying to dial
+home, it can be blocked from doing so with a simple mouse click, or by
+default simply by not doing anything when the GUI question dialog pop
+up. A list of all programs discovered using the network is provided
+in the GUI, giving the user an overview of how the machine(s) programs
+use the network.</p>
+
+<p>OpenSnitch was uploaded for NEW processing about a month ago, and I
+had little hope of it getting accepted and shaping up in time for the
+package freeze, but the Debian ftpmasters proved to be amazingly quick
+at checking out the package and it was accepted into the archive about
+week after the first upload. It is now team maintained under the Go
+language team umbrella. A few fixes to the default setup is only in
+Sid, and should migrate to Testing/Bookworm in a week.</p>
+
+<p>During testing I ran into an
+<a href="https://github.com/evilsocket/opensnitch/issues/813">issue
+with Minecraft server broadcasts disappearing</a>, which was quickly
+resolved by the developer with a patch and a proposed configuration
+change. I've been told this was caused by the Debian packages default
+use if /proc/ information to track down kernel status, instead of the
+newer eBPF module that can be used. The reason is simply that
+upstream and I have failed to find a way to build the eBPF modules for
+OpenSnitch without a complete configured Linux kernel source tree,
+which as far as we can tell is unavailable as a build dependency in
+Debian. We tried unsuccessfully so far to use the kernel-headers
+package. It would be great if someone could provide some clues how to
+build eBPF modules on build daemons in Debian, possibly without the full
+kernel source.</p>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
+</div>
+ <div class="tags">
+
+
+ Tags: <a href="https://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="https://people.skolelinux.org/pere/blog/tags/english">english</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
<div class="entry">
<div class="title"><a href="https://people.skolelinux.org/pere/blog/Is_the_desktop_recommending_your_program_for_opening_its_files_.html">Is the desktop recommending your program for opening its files?</a></div>
<div class="date">29th January 2023</div>
</div>
<div class="padding"></div>
- <div class="entry">
- <div class="title"><a href="https://people.skolelinux.org/pere/blog/geteltorito_make_CD_firmware_upgrades_a_breeze.html">geteltorito make CD firmware upgrades a breeze</a></div>
- <div class="date">20th April 2022</div>
- <div class="body"><p>Recently I wanted to upgrade the firmware of my thinkpad, and
-located the firmware download page from Lenovo (which annoyingly do
-not allow access via Tor, forcing me to hand them more personal
-information that I would like). The
-<a href="https://support.lenovo.com/no/en/search?query=thinkpad firmware bios upgrade iso&SearchType=Customer search&searchLocation=Masthead">download
-from Lenovo</a> is a bootable ISO image, which is a bit of a problem
-when all I got available is a USB memory stick. I tried booting the
-ISO as a USB stick, but this did not work. But genisoimage came to
-the rescue.</p>
-
-<P>The geteltorito program in
-<a href="http://tracker.debian.org/cdrkit">the genisoimage binary
-package</a> is able to convert the bootable ISO image to a bootable
-USB stick using a simple command line recipe, which I then can write
-to the most recently inserted USB stick:</p>
-
-<blockquote><pre>
-geteltorito -o usbstick.img lenovo-firmware.iso
-sudo dd bs=10M if=usbstick.img of=$(ls -tr /dev/sd?|tail -1)
-</pre></blockquote>
-
-<p>This USB stick booted the firmware upgrader just fine, and in a few
-minutes my machine had the latest and greatest BIOS firmware in place.</p>
-</div>
- <div class="tags">
-
-
- Tags: <a href="https://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="https://people.skolelinux.org/pere/blog/tags/english">english</a>.
-
-
- </div>
- </div>
- <div class="padding"></div>
-
<p style="text-align: right;"><a href="index.rss"><img src="https://people.skolelinux.org/pere/blog/xml.gif" alt="RSS feed" width="36" height="14" /></a></p>
<div id="sidebar">
<li><a href="https://people.skolelinux.org/pere/blog/archive/2023/01/">January (3)</a></li>
+<li><a href="https://people.skolelinux.org/pere/blog/archive/2023/02/">February (1)</a></li>
+
</ul></li>
<li>2022
<li><a href="https://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
- <li><a href="https://people.skolelinux.org/pere/blog/tags/debian">debian (187)</a></li>
+ <li><a href="https://people.skolelinux.org/pere/blog/tags/debian">debian (188)</a></li>
<li><a href="https://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (159)</a></li>
<li><a href="https://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
- <li><a href="https://people.skolelinux.org/pere/blog/tags/english">english (443)</a></li>
+ <li><a href="https://people.skolelinux.org/pere/blog/tags/english">english (444)</a></li>
<li><a href="https://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (23)</a></li>
projects / homepage.git / blobdiff