-
Notifications
You must be signed in to change notification settings - Fork 0
/
feed.xml
133 lines (128 loc) · 22.2 KB
/
feed.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="assets/xml/rss.xsl" media="all"?><rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Trevor Manternach</title><link>https://trevormanternach.com/</link><description>This is my personal weblog.</description><atom:link href="https://trevormanternach.com/feed.xml" rel="self" type="application/rss+xml"></atom:link><language>en</language><copyright>Contents © 2024 <a href="mailto:[email protected]">Trevor Manternach</a> </copyright><lastBuildDate>Mon, 24 Jun 2024 13:08:22 GMT</lastBuildDate><generator>Nikola (getnikola.com)</generator><docs>http://blogs.law.harvard.edu/tech/rss</docs><item><title>Launch PS Remote Play with Controller on macOS</title><link>https://trevormanternach.com/2024/06/24/launch-ps-remote-play-with-controller-on-macos/</link><dc:creator>Trevor Manternach</dc:creator><description><p>Here is a simple way to use the "PS" button on a Playstation controller to launch the PS Remote Play app on macOS. This requires <a href="http://www.keyboardmaestro.com/">Keyboard Maestro</a>.</p>
<p>First you must disable the "Press Home button to open Launchpad" setting. This is on by default after you pair a controller to macOS. You can find it in System Settings -&gt; Game Controllers. Turn this off. Now when you press the PS button on your paired controller, nothing should happen.</p>
<p><img alt="" src="https://trevormanternach.com/images/ps-remote-play-controller-settings.png"></p>
<p>Now you can build a simple Macro in Keyboard Maestro. Set the Trigger to "USB Device Key Trigger". Press the PS button, mine shows up as "DUALSHOCK 4 Wireless Controller Button 13".</p>
<p>Now in the Actions for the Macro, choose "Activate a Specific Application" and find "PS Remote Play".
<img alt="" src="https://trevormanternach.com/images/ps-remote-play-keyboard-maestro.png"></p>
<p>This same idea could be used to launch your favorite emulator application instead of Remote Play. I tried to find a way to trigger a Macro anytime it detected the controlled was connected via Bluetooth, but it seems like querying Bluetooth devices that way is too energy hungry and isn't allowed. This is the next best thing for me.</p></description><guid>https://trevormanternach.com/2024/06/24/launch-ps-remote-play-with-controller-on-macos/</guid><pubDate>Mon, 24 Jun 2024 12:52:43 GMT</pubDate></item><item><title>Using Bartender to only display Wireguard icon if connected to VPN</title><link>https://trevormanternach.com/2024/01/12/using-bartender-to-only-display-wireguard-icon-if-connected-to-vpn/</link><dc:creator>Trevor Manternach</dc:creator><description><h4>Intro</h4>
<p>I don't remember if I figured this out myself or found the suggestion elsewhere, but I just searched and couldn't find anything online so I decided to document this neat trick.</p>
<p>I use <a href="https://www.macbartender.com/">Bartender</a> on all my Macs to clean up my Menu Bar. However I missed being able to glance up and look at the <a href="https://www.wireguard.com/">Wireguard</a> icon to tell if I was connected to a Wireguard VPN or not. Bartender has a "Triggers" feature that makes it possible to show certain menu bar icons based on the output of a shell script.</p>
<h4>Setup</h4>
<p>Open Bartender settings and visit the Triggers menu. Click Add Trigger. Name your Trigger and leave the "Activate a Preset" alone. Choose your Wireguard icon from the "Select menu bar items". Click Add Trigger Condition and choose Script. Paste the following script:</p>
<p><code>scutil --nc list | grep -c -e "\(Connected\).*wireguard"</code></p>
<p>This script uses the built-in <code>scutil</code> command to list all VPN connections configured on your Mac. It then uses <code>grep</code> to filter for only the Wireguard connections that have a status of Connected. The <code>-c</code> flag on <code>grep</code> counts the number of lines instead of outputting them. Bartender's Triggers expect a script result of <code>1</code>, <code>yes</code>, or <code>true</code> to activate the Trigger. As far as I know, Wireguard does not allow you to connect to more than one endpoint at a time, so this script should only ever output a <code>0</code> or <code>1</code>.</p>
<p>I have mine set to run every 1 minute. This means that after you connect to a VPN with Wireguard, it could take the icon up to 1 minute to appear in your Menu Bar. Same thing after you disconnect.</p>
<p>That's it! Click Done and your new Trigger is live and ready to use.</p>
<h4>Troubleshooting</h4>
<p>If this isn't working for you, my best suggestion would be to connect to a VPN with Wireguard and run the script above in your Terminal and verify that it is outputting <code>1</code>. </p></description><guid>https://trevormanternach.com/2024/01/12/using-bartender-to-only-display-wireguard-icon-if-connected-to-vpn/</guid><pubDate>Sat, 13 Jan 2024 02:13:44 GMT</pubDate></item><item><title>Routing Wireguard networks with OSPF on Linux</title><link>https://trevormanternach.com/2023/11/10/routing-wireguard-networks-with-ospf-on-linux/</link><dc:creator>Trevor Manternach</dc:creator><description><p>I have a couple of Linux servers whose main purpose is to serve as a <a class="reference external" href="https://en.wikipedia.org/wiki/WireGuard">Wireguard</a> server. The peers on these servers are a combination of pure clients (like a mobile phone or laptop) and more traditional site-to-site tunnel connections (like a router at a remote location). The site-to-site connections usually are routing a remote network over the wireguard tunnel, something like a /24 network so you can access the far site's local network.</p>
<p>Wireguard makes this easy to do, you just add the /24 network as an "AllowedIP" for that peer. Wireguard does the work of adding that route to the routing table on the Linux server itself. If this Wireguard server is part of a more complex network, though, you need to be sending these remote networks to your Wireguard server so everyone can access them, not just those using Wireguard. I have been forced to add static routes on my main router to point those networks to my Wireguard servers.</p>
<p>Enter OSPF! If you are reading this, I am going to assume you know what OSPF is and why it's preferred over static routing. What follows is the steps I took to get my Wireguard "AllowedIPs" network automatically advertised to my main router using OSPF.</p>
<section id="install-frr">
<h2>Install FRR</h2>
<p><a class="reference external" href="https://en.wikipedia.org/wiki/FRRouting">FRR</a> is a Linux package that implements a lot of networking routing protocols. On your server running Wireguard (I'm assuming Debian/Ubuntu), running <code class="docutils literal">apt get install <span class="pre">-y</span> frr</code> gets everything you need installed. This includes a <code class="docutils literal">vtysh</code> command that dumps you into a Cisco IOS-like terminal to configure your OSPF routing.</p>
</section>
<section id="enable-ospf-daemon">
<h2>Enable OSPF daemon</h2>
<p>Before configuring OSPF, you must enable the ospfd daemon in the FRR config. Edit <code class="docutils literal">/etc/frr/daemons</code> and change the <cite>ospfd=no`</cite> line to read <code class="docutils literal">ospfd=yes</code>. Then <code class="docutils literal">systemctl restart frr</code> is needed to restart FRR with OSPF enabled.</p>
</section>
<section id="configure-ospf-inside-frr">
<h2>Configure OSPF inside FRR</h2>
<p>Run <code class="docutils literal">vtysh</code> to enter the FRR VTY interface. <code class="docutils literal">config terminal</code> to enter configuration mode. Here is the simplest configuration required to enable OSPF:</p>
<pre class="literal-block">interface ens160
ip ospf network point-to-point
!
router ospf
ospf router-id 192.168.0.0
redistribute kernel
redistribute connected
network 192.168.0.0/31 area 0</pre>
<p>Here is the same config with my comments explaining the important parts:</p>
<pre class="literal-block">interface ens160 # this is your linux interface that is facing your main router.
ip ospf network point-to-point # I am using a point-to-point style OSPF network, yours might be a broadcast type.
!
router ospf
ospf router-id 192.168.0.0 # this could be anything, but traditionally this is your LAN IP of this wireguard server
redistribute kernel # this was the tricky part. This is required to insert the Wireguard "AllowedIPs" networks into OSPF
redistribute connected # this is required to insert your wg0 (and other) networks in OSPF
network 192.168.0.0/31 area 0 # this is your LAN network for this wireguard server. Whatever is assigned to ens160 in my case. This is required to establish a neighbor relationship with my router.</pre>
<p>This guide doesn't cover any of the OSPF configuration on your main router. There are far too many different routers out there to even attempt to cover. The main trick to getting all of this working was stumbling across the <code class="docutils literal">redistribute kernel</code> command. I was familiar with the <code class="docutils literal">redisribute static</code> and <code class="docutils literal">redistribute connected</code> commands from administering Cisco IOS, but the way that Wireguard inserts these routes into the routing table requires use of this <code class="docutils literal">redistribute kernel</code> command.</p>
</section>
<section id="save-your-changes">
<h2>Save your changes</h2>
<p>That's it! You can <code class="docutils literal">end</code> and then <code class="docutils literal">write memory</code> to save your configuration to <code class="docutils literal">/etc/frr/frr.conf</code>. If you miss this part, all of this configuration will be erased when FRR is restarted.</p>
</section>
<section id="troubleshooting">
<h2>Troubleshooting</h2>
<p>Here are a couple of commands I used in the <code class="docutils literal">vtysh</code> interface to verify my configuration.</p>
<ul class="simple">
<li><p><code class="docutils literal">show ip ospf neighbor</code> - this should return a record showing your neighbor relationship with your main router</p></li>
<li><p><code class="docutils literal">show ip route kernel</code> - this should return all of your AllowedIPs networks that you have configured in Wireguard. These are the networks we are redistributing over OSPF.</p></li>
<li><p><code class="docutils literal">show ip ospf interface</code> - this should return a record indicating <code class="docutils literal">ens160 is up</code>, or whatever your LAN interface on your Wireguard server is. You can also see neighbor count here, which should be 1 in a point-to-point OSPF network.</p></li>
</ul>
</section></description><guid>https://trevormanternach.com/2023/11/10/routing-wireguard-networks-with-ospf-on-linux/</guid><pubDate>Fri, 10 Nov 2023 23:46:25 GMT</pubDate></item><item><title>Python script to retrieve DHCP leases from Palo Alto firewall</title><link>https://trevormanternach.com/2023/11/03/python-script-to-retrieve-dhcp-leases-from-palo-alto-firewall/</link><dc:creator>Trevor Manternach</dc:creator><description><p>I have been using a Palo Alto PA-220 firewall for my home router for years. It is my DHCP server for my LAN. I often find myself needing to view the DHCP leases to see what IP address some random device (WLED, ESPHome devices, etc.) has. The web interface for the PA-220 is unbearably slow and the SSH CLI takes 30+ seconds after login to give me a prompt.</p>
<p>To speed up this task, I wrote this fairly simple script using python3. It uses the REST API that PAN-OS has to retrieve the DHCP leases. This script completes for me in less than 1 second. It outputs a JSON object. This works best for me as I find JSON to be humanly-readable and also allows me to pipe it to a utility like <cite>jq</cite> to filter it quickly.</p>
<p>Here is the code:</p>
<pre class="literal-block">import requests
import json
from xmltodict import parse, ParsingInterrupted
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
host = "192.168.2.1" # IP of Palo-Alto firewall goes here.
key = "KEY_GOES_HERE" # Run `curl -X GET 'https://&lt;host&gt;/api/?type=keygen&amp;user=&lt;username&gt;&amp;password=&lt;password&gt;'` to create API key.
interface = "ethernet1/2" # can also use "all"
def get_dhcp_leases(host, key, interface):
url = "https://{host}/api/?type=op&amp;cmd=&lt;show&gt;&lt;dhcp&gt;&lt;server&gt;&lt;lease&gt;&lt;interface&gt;{interface}&lt;/interface&gt;&lt;/lease&gt;&lt;/server&gt;&lt;/dhcp&gt;&lt;/show&gt;&amp;key={key}".format(host=host, key=key, interface=interface)
response = requests.get(url,verify=False)
return response
if __name__ == "__main__":
dhcp_leases = get_dhcp_leases(host, key, interface)
data = parse(dhcp_leases.content)
entries = data['response']['result']
print(json.dumps(entries, indent=4))</pre>
<p>I also have this hosted as a <a class="reference external" href="https://gist.github.com/tmanternach/21e3bba23261cbd5bacba2e50588acf6">gist</a> on github. Any changes I make to it are more likely to end up there than here. Comments are welcome over there, too!</p></description><guid>https://trevormanternach.com/2023/11/03/python-script-to-retrieve-dhcp-leases-from-palo-alto-firewall/</guid><pubDate>Fri, 03 Nov 2023 22:50:34 GMT</pubDate></item><item><title>Control Palo Alto GlobalProtect VPN using AppleScript</title><link>https://trevormanternach.com/2023/08/17/control-palo-alto-globalprotect-vpn-using-applescript/</link><dc:creator>Trevor Manternach</dc:creator><description><p>I know it's a little strange to still be writing AppleScript in 2023, but this was the best way I found to easily connect and disconnect from a GlobalProtect VPN "automatically". I trigger this from a Keyboard Maestro shortcut, you are free to trigger it any way you wish!</p>
<p>This is a simple script that will toggle the connect/disconnect state of GlobalProtect on macOS. Tested with the latest version of GlobalProtect (v6.2.0-89) and macOS Ventura (13.4.1).:</p>
<pre class="literal-block">(*
Toggle GlobalProtect VPN with AppleScript
Tested using macOS Ventura 13.4.1 and GlobalProtect version 6.2.0-89
Written by Trevor Manternach, August 2023.
*)
tell application "System Events" to tell process "GlobalProtect"
click menu bar item 1 of menu bar 2
set statusText to name of static text 1 of window 1
if statusText is "Not Connected" then
# GlobalProtect is disconnected, so let's connect
click button "Connect" of window 1
set entireContents to entire contents of window 1
else if statusText is "Connected" then
# GlobalProtect is connected, so let's disconnect
set windowText to entire contents of window 1
repeat with theItem in windowText
if (class of theItem is button) then
if (value of attribute "AXTitle" of theItem is "Disconnect") then
# We found a Disconnect button on the main page, let's click it.
click theItem
exit repeat
else
# We did not find a Disconnect button on the main page, let's hope there is one in the Settings Menu.
click button "Global Protect Options Menu" of window 1
click menu item "Disconnect" of menu "Global Protect Options Menu" of button "Global Protect Options Menu" of window 1
exit repeat
end if
end if
end repeat
end if
click menu bar item 1 of menu bar 2
end tell</pre>
<p>I also have this hosted as a <a class="reference external" href="https://gist.github.com/tmanternach/cbd4c213eab8569e38d6cd021b6255e5">gist</a> on github. Any changes I make to it are more likely to end up there than here. Comments are welcome over there, too!</p></description><guid>https://trevormanternach.com/2023/08/17/control-palo-alto-globalprotect-vpn-using-applescript/</guid><pubDate>Fri, 18 Aug 2023 01:35:22 GMT</pubDate></item><item><title>Home Assistant Quick Bar</title><link>https://trevormanternach.com/2023/08/04/home-assistant-quick-bar/</link><dc:creator>Trevor Manternach</dc:creator><description><p>I discovered that <a class="reference external" href="https://www.home-assistant.io/">Home Assistant</a> has a not-so-recent feature called "<a class="reference external" href="https://www.home-assistant.io/docs/tools/quick-bar/">Quick Bar</a>" that I somehow missed when it was released in 2020. In short, it allows you to press the <cite>e</cite> (for entity search) or <cite>c</cite> (for command search) anywhere in the Home Assistant web interface to access a Spotlight-style search box. This allows you access settings and devices in Home Assistant with just a few keystrokes.</p></description><guid>https://trevormanternach.com/2023/08/04/home-assistant-quick-bar/</guid><pubDate>Fri, 04 Aug 2023 23:00:00 GMT</pubDate></item><item><title>Trying out Nikola</title><link>https://trevormanternach.com/2023/07/09/trying-out-nikola.html</link><dc:creator>Trevor Manternach</dc:creator><description><p>I discovered a new static site generator today, <a class="reference external" href="https://getnikola.com/">Nikola</a>.</p></description><guid>https://trevormanternach.com/2023/07/09/trying-out-nikola.html</guid><pubDate>Mon, 10 Jul 2023 02:11:29 GMT</pubDate></item><item><title>Audiobooks</title><link>https://trevormanternach.com/2022/11/25/audiobooks.html</link><dc:creator>Trevor Manternach</dc:creator><description><p>It’s been years since I last paid for an Audible.com subscription. I just signed up this week ($5/month for 3 months) and it’s been a delight so far. I discovered that you can pretty easily remove the DRM on the audiobook .aax file. I am using <a href="https://audible-converter.ml/">Audible Tools</a> to help me create the ffmpeg command to do this.</p>
<p>Another recent discovery is that <a href="https://overcast.fm/">Overcast</a>, my podcast player of choice, seems to natively support .m4b files (audiobook file format). It even includes artwork and chapters, so it behaves just like most of the podcasts I listen to.</p></description><guid>https://trevormanternach.com/2022/11/25/audiobooks.html</guid><pubDate>Sat, 26 Nov 2022 00:39:11 GMT</pubDate></item><item><title>1997 Photo at computer</title><link>https://trevormanternach.com/2022/08/18/the-earliest-photo.html</link><dc:creator>Trevor Manternach</dc:creator><description><p>The earliest photo I have of me at a computer. Circa 1997!</p>
<img alt="/images/1997-Trevor.jpg" src="https://trevormanternach.com/images/1997-Trevor.jpg"></description><guid>https://trevormanternach.com/2022/08/18/the-earliest-photo.html</guid><pubDate>Thu, 18 Aug 2022 16:35:00 GMT</pubDate></item><item><title>My iPod history</title><link>https://trevormanternach.com/2022/06/04/my-ipod-history.html</link><dc:creator>Trevor Manternach</dc:creator><description><p>Last month Apple <a href="https://www.apple.com/newsroom/2022/05/the-music-lives-on/">announced</a> the end of the iPod. I thought it might be fun to document my history with the product.</p>
<p>--</p>
<p>I got my first iPod in March 2005. I believe I bought mine at Best Buy on a weekend trip 350 miles away from home.</p>
<p><img src="https://trevormanternach.com/images/4th-Gen-iPod.jpg" width="600" alt="Picture of my first iPod"></p>
<p>I was listening to a lot of podcasts in those early days and had to use <a href="https://en.wikipedia.org/wiki/Juice_(aggregator)">"podcatcher" software</a> because iTunes didn't support podcasts yet. That changed later that year when <a href="https://en.wikipedia.org/wiki/History_of_iTunes#iTunes_4">iTunes 4.9</a> added podcasts and the rest is history.</p>
<p>I visited that same Best Buy a couple years later when the iPod Touch was released. I remember checking their website and they said they had them in stock, but when I got to the store I couldn't find them. I finally asked and they were still in the back, they went and got one for me.</p>
<p><img src="https://trevormanternach.com/images/iPod-Touch.jpg" width="600" height="450" alt="My first iPod Touch"></p>
<p>The iPod Touch was so much fun back then. The iPhone wasn't "in" Montana back then (no joke) and so the Touch was as close as I could get. I remember jailbreaking the thing, and even hanging out in IRC chatrooms trying to troubleshoot my jailbreak attempts. :-D</p>
<p>This past winter I spent ~$100 on new parts to revive my old 4th gen iPod. It now has new life with <a href="https://www.ifixit.com/Store/iPod/iPod-4G-Photo-Battery/IF193-016?o=3">a fresh battery</a> and <a href="https://www.iflash.xyz/store/iflash-solo/">an SD card</a> in place of the 20GB spinning hard drive. It's hard to believe a piece of consumer technology from 17 years ago is still alive and well.</p>
<p>I love iPod. It was one of my first adventures into a lifetime of technology.</p></description><guid>https://trevormanternach.com/2022/06/04/my-ipod-history.html</guid><pubDate>Sat, 04 Jun 2022 13:41:00 GMT</pubDate></item></channel></rss>