I'm starting to provide Chinese / English versions of some posts, switch with the Language menu above. 我开始提供部分文章的中文、英文翻译,请使用顶部语言菜单切换。

Writing a Simple Telegram Bot

Based on the requests of DN42 Telegram Group members, I plan to add Telegram Bot support to my Bird Looking Glass, so it is easier for them to look up whois information, testing networks and finding sources of route leaks. The bot is supposed to recognize commands starting with /, and respond to the message.My Looking Glass is written in Go, so at the beginning I looked for Telegram Bot APIs in Go language. However those popular API libraries all use the same scheme for handling requests:Telegram server sends a callback to my own server;My program handles the request, and may send multiple requests actively to Telegram server, authenticated with a locally configured Token;Finally the program actively sends a request to Telegram server to send the response.While powerful,...

Remove OpenVPN's Stable-privacy IPv6 Addresses

On my VPSes, the TAP network interface created by OpenVPN has a randomly-generated IPv6 address with scope stable-privacy.This address itself is created randomly to prevent tracking users by their IPv6 addresses. But when building a network in DN42, BGP handshakes may originate from this address (rather than your manually assigned link-local address), and fail for mismatching origin/IP.The solution is to configure the TAP interfaces with sysctl, and disable the automatic address generation options. OpenVPN can be configured to run sysctl automatically when creating the interface:# Add to OpenVPN's config filescript-security 2up "/bin/sh -c '/sbin/sysctl -w net.ipv6.conf.$dev.autoconf=0 && /sbin/sysctl -w net.ipv6.conf.$dev.accept_ra=0 && /sbin/sysctl -w net.ipv6.conf.$dev....

Install/Upgrade to Debian 10 on OpenVZ 6

It's year 2020, why are you still using OpenVZ 6 VPSes?Because they only cost one dollar per year.Since the kernel of OpenVZ 6 is extremely old (Linux 2.6.32), newer systems cannot function normally on an old kernel, so I had to stick to Debian 8 with my previous OpenVZ VPSes.But I found a modified glibc (C language runtime library) that allows running Debian 10 normally on OpenVZ 6.WARNING ¶I don't guarantee that the steps below are suitable for all OpenVZ VPSes, nor do I ensure the safety/integrity of this glibc (I didn't look into its modifications, but speaking of security, the end-of-life OpenVZ 6 is probably the farthest thing from security).Backup your data, since in worst scenarios you need to reinstall the OS.Steps ¶The author only provided DEB packages,...

Sharing Network Namespace Among Docker Containers for Bird Anycasting

At exactly one year ago, I set up an Anycast service with Docker in the DN42 network (Chinese only atm). Back then, I customized the container's image and added a Bird installation to it, then put in a config file to broadcast Anycast routes via OSPF. However, as time went by, a few problems are exposed:The process of installing Bird takes time. Instead of installing Bird with apt-get, since my Dockerfiles need to support multiple architectures (Chinese only atm), and Bird isn't available in some architecture's repos for Debian. And since my building server is AMD64, and is running images of other architectures with qemu-user-static (Chinese only atm), a lot of instruction translation is needed in the image building and software compilation progress, which is extremely inefficient....

Disabling Webcams During an Online Course

This post will explain the way to disable your webcam on Windows and Linux, so:On the OS level, prevent you from turning on the webcam by mistake, and live stream your footage of having a meal lying on the bed playing games (NSFW)Prevent certain online lecturing software from secretly turning on the webcam.Windows Procedures ¶Press Win+R combination key to open the Run window, type devmgmt.msc and enter to open the Device Manager. Your camera will be in Image Acquisition Devices category, right click on it to disable it.(The following picture is taken from a Simplified Chinese Windows XP, but the procedure and icons should be similar for Windows 7 and 10.)When you need to use the camera, come back to re-enable it, and then close and reopen your browser or online lecturing software....
Illustration

LADSPA Stereo Frequency Splitter & Bass Booster

During the Chinese Spring Festival, my dad gave me an Edifier M120 Bluetooth speaker. This speaker is not one of these high-end models featuring dedicated bass speakers, or professional Bluetooth audio codecs such as aptX and LDAC; it's just a unit with two ordinary speakers.With that said, I doubt I can hear any difference with those advanced codecs on a portable speaker anyway.But when I played some music with my phone connected to it, I realized that it does have some bass output. Speaking of bass, I'm impressed by a JBL Charge 4 speaker bought by one of by classmates. As a portable speaker that costs $150, it has a dedicated bass unit with astonishing power. Then I began to think that, although my speaker costs a mere $20 (converted from CNY),...

(Almost) Lossless Archival with Modern Formats - H265 and HEIF

Many people keep their inventory of photos and videos for their travels, parties, or whatever important moments of their lives. If you are into taking photos and recording videos, and keeping all of them, you are likely to fill up hard drives after hard drives. If you don't want to keep adding more drives to your collection, you may also try to compress your photos and videos.Speaking of compression, a common method is to reduce the resolution of images. I've used the good old Microsoft Office Picture Manager (that comes with Office 2003) and its builtin one-key image compression. Behind the scenes, it's actually downsampling images to JPEG files of around 1024x768. One major drawback is that a lot of the details are completely lost....
Illustration

OS/2 Warp 4: Trying out & Installing Firefox

OS/2 is an operating system initially developed by IBM and Microsoft, and later maintained by IBM. Back in 1990s, OS/2 was a competitive rival to Windows, but later OS/2 was defeated by Windows series, and IBM finally shut down OS/2 Warp 4's tech support on Dec 31, 2006.But this does not mark the death of OS/2. After official tech support ended, Senerity System took over OS/2's development, and continued it under the name eComStation. In 2015, another company, Arca Noae LLC, produced an OS/2 based distribution called ArcaOS, and sold it as a commercial product.At the same time, the open source community is providing some support to OS/2. They cross compiled common Unix tools (including ls, rm, etc), RPM/YUM package manager, and a series of libraries on OS/2. This makes OS/2 Warp 4,...

Cyclone IV FPGA Development Log

Last semester, the school offered a digital systems course, which involves development on FPGAs. At the end of the course, we need to gather in groups and achieve some complicated functionality with the flexible architecture of FPGA, such as creating a game or running a convoluted neural network. We are free to add extra functionalities as we wish.Our group has done a game similar to Raiden, or controlling a fighter jet and attacking enemies with bullets. In addition to course requirements, we implemented these extra functionalities:A 640x480 VGA framebuffer with 16 bit color depth, stored on SRAM chipNaturally, Simplified Chinese fonts are included (full UTF-8 Chinese range, but without punctuation marks, since they are out of that range and we're kinda lazy)...

Running Anycast DNS with Docker in DN42

2020-03-16 Notes ¶There is an updated scheme compared to this post, see Sharing Network Namespace Among Docker Containers for Bird Anycasting.It is suggested to read only the concept explanations in this post, and use the above scheme instead for deployment.What's Anycast ¶The commonly used routing protocol on Internet, the BGP, works like this:I own an IP range, 172.22.76.104/29, on DN42.With a BGP software like BIRD, I "announce" that my server has access to IP range 172.22.76.104/29.Servers with peering to me will record this message: "Over this path, I can access 172.22.76.104/29 which is 1 step away."These servers continue to announce to others with peering to them: "This server is 1 step away from the source of 172.22.76.104/29."Similarly, other servers announce that they are 2, 3,...