Monthly Archives: July 2011

You are not alone

Posted on by

I was thinking about random stuff last night just (actually, a few days ago now, since it took me a few days to publish this) before falling asleep.  It dawned on me that no matter what our beliefs, there’s a very good chance they’re shared by someone else.  You are truly not alone.  You might feel like you’re the only one who likes something or feels a certain way, or who has experienced a particular thing.  But you’re not.

There’s just under seven billion people on the planet (that’s 7,000,000,000 for clarity, damn you long and short scales).

One Percent (1%)

If you feel like maybe only one in a hundred people feel like you, that’s 70,000,000 (70 million) people.  That’s everyone in the UK and a few more besides.

One Tenth of a Percent (0.1%)

Maybe only one in a thousand people feel like you do.  So that’s 7,000,000 (7 million) people.  So just about everyone in London.

One One-Hundredth of a Percent (0.01%)

If one in ten thousand others have experienced what you have, that’s still 700,000 (7 hundred thousand people the world over).  In other words, everyone in Sheffield.

One One-Thousandth of a Percent (0.001%)

Maybe only one person in every one hundred thousand (100,000) people likes the same band you do.  There’s still 70,000 of you worldwide.  Enough people to fill Old Trafford.

One Ten-Thousandth of a Percent (0.0001%)

Now we’re getting down to small numbers.  If one in a million people think like you, there’s still 7000 of you knocking about the planet.  You could sell out the Hammersmith Apollo and still have to find somewhere to sit the other 2000 people.

One One-Hundred-Thousandth of a Percent (0.00001%)

Maybe you’re one in 10 million.  Maybe no one in all of London feels like you.  Even so, somewhere there are another 699 people in the world who do.  If you got the whole world together in one place, and you asked if anyone felt like you, 699 people would raise their hands.

One One-Millionth of a Percent (0.000001%)

In a land of 100 million people you are unique – but there are still 70 people on the planet who share your interest.  You could hire a London Bus, fill it and tour the world!

Trust me, you’re not alone.

SSH tunnelling made easy (part four)

Posted on by

The first three parts of this series (one, two, three) covered using SSH to tunnel across various combinations of firewalls and other hops in a forward direction.  By that, I mean you are using computer A and you’re trying to get to something on computer B or computer C.  There is another type of problem that SSH tunnels can solve.  What if you’re running a service on computer A but you can’t get to it because your network doesn’t allow any incoming connections?  Maybe it’s a home server behind a NAT router and you can’t / don’t want to poke holes in the firewall?  Maybe you’re in a cafe and no one can connect to your machine because the free wireless doesn’t allow it, but you want to share something on your local web server?

In those situations, you need reverse tunnels (or remote tunnels).  There’s nothing magical about them, they just move traffic in the other direction while still being initiated from the same starting location.

Example 4 – reverse tunnel web server

In this example, we’ll use a reverse web tunnel to enable access to a host for which incoming connections are entirely blocked.  You’re sitting with your laptop in a cafe, doing some work, and you want to show some team mates the new web site layout.  Rather than having to check the code out to a public web server, you can just allow access to the web server you run on your local machine.

The assumption here is that you can SSH into the Shared Server and that your team mate can connect to the SSH server with their web browser.

Your team mate can’t browse to the web server on your laptop, because the cafe firewall quite sensibly gets in the way.  What we need is a way to allow traffic from the SSH server into your laptop.

From your laptop, you create a reverse / remote tunnel (note -R, rather than -L),

ssh -R 203.0.113.34:9090:127.0.0.1:80 fred@203.0.113.34

I’ve used IP addresses in the tunnel so you can see what is going on.  With regular tunnels, the first IP address and port are the local machine.  With reverse tunnels, they are the interface and port on the remote server that are listening for traffic, the second IP address and port are the ones on the local machine to which that traffic is routed.  So our reverse route above connects to the ssh server (203.0.113.34) and starts listening on that network interface (203.0.113.34) port 9090.  Any traffic it gets on that port is routed over the tunnel into 127.0.0.1 port 80 (i.e. your local machine, port 80).

Your team mate can now point their browser at 203.0.113.34:9090 and will actually see the web server on your laptop.  Because you created an outgoing connection through the firewall with the tunnel, the firewall is none-the-wiser, it simply sees regular SSH traffic flowing to and from the SSH server.

In PuTTY the setup would look like this,

The Remote ports option needs to be ticked so that the tunnel will listen to external interfaces on the target machine.

NB: In order to get reverse (or remote) tunnels working in this way, you need to ensure the SSH server to which you connect supports the feature.  For OpenSSH that means you need to enable the ‘Gateway Ports’ open in the sshd_config file.

The Good, The Bad and the Brick Work

Posted on by

A day of two halves.  Our car is dying.  I hate cars.  You know that if you’ve read more than 2 posts on this blog.  I hate them and they hate me.  We can’t afford to buy into owning one at the right level where you can trade them in at the end and get another, so we run them into the ground, end up paying over the odds for maintenance and then manage to scrape together enough money to buy a new one when they die.

So here we are again.

However, in good news, the guy a friend recommended came around today and fixed our brickwork.  Let me tell you, it’s a weight the size of Everest off my shoulders, dampened only by the news of the car (which we got today).

This is how it used to look.

This is how it looks now, with some before and after shots at angles that will make your eyes bleed.

I’m calling the big one Adam

Posted on by

The miniature willow tree we planted is doing really well.  Looks pretty healthy to me – but it’s clearly still got a strong ant and aphid infestation.  Click to embiggen any of the photo’s.

Here’s the garden in general with the tree,

And here’s the ant infestation.

Frosty Brickwork

Posted on by

Been a while since I posted about the house and the garden (well, technically it’s been a while since I posted about much at all).  Anyway, in March I moaned about some stuff.  One of those issues was the brickwork around the base of the house.  A nice gentleman posted a comment which I took seriously.  We actually got the plumbing in the bathroom sorted out first, because it was easier.  However, we asked around some friends for builders / brickies they trusted, and one of them popped around yesterday and confirmed it is frost damage, and it’s not a big job for him to fix.  He’s sending us a quote.

There’s no way I’d have the confidence to fix it myself, and we need some re-pointing doing as well.  One of the bricks is partially under the path so we’ll need some cold tarmac as well.  Anyway, pleased we finally started the process of getting it sorted – he suggested once he’s fixed them up we coat them with silicon to keep the frost out.

Here’s the before shots so you know what frost damage bricks look like, and so I can remember how bad it was after we get them fixed.