Introduction

Hello,

Today I will speak about slrn, a nntp client. I’m using it to fetch mailing lists I’m following (without necesserarly subscribing to them) and read it offline. I’ll speak about using nntp to read news-groups, I’m not sure but in a more general way nntp is used to access usenet. I’m not sure to know what usenet is, so we will stick here by connecting to mailing-list archives offered by gmane.org (which offers access to mailing-lists and newsgroups through nntp).

Long story short, recently I moved and now I have a very poor DSL connection. Plus I’m often moving by train with nearly no 4G/LTE support during the trip. I’m going to write about getting things done offline and about reducing bandwith usage. This is a really interesting topic in our hyper-connected world.

So, back to slrn, I want to be able to fetch lot of news and read it later. Every nntp client I tried were getting the articles list (in nntp, an article = a mail, a forum = mailing list) and then it download each article when we want to read it. Some can cache the result when you fetch an article, so if you want to read it later it is already fetched. While slrn doesn’t support caching at all, it comes with the utility slrnpull which will create a local copy of forums you want, and slrn can be configured to fetch data from there. slrnpull need to be configured to tell it what to fetch, what to keep etc… and a cron will start it sometimes to fetch the new articles.

Configuration

The following configuration is made to be simple to use, it runs with your regular user. This is for gentoo, maybe some another system would provide a dedicated user and everything pre-configured.

Create the folder for slrnpull and change the owner:

$ sudo mkdir /var/spool/slrnpull
$ sudo chown user /var/spool/slrnpull

slrnpull configuration file must be placed in the folder it will use. So edit /var/spool/slrnpull/slrnpull.conf as you want, my configuration file is following.

default 200 45 0
# indicates a default value of 20 articles to be retrieved from the server and
# that such an article will expire after 14 days.

gmane.network.gopher.general
gmane.os.freebsd.questions
gmane.os.freebsd.devel.ports
gmane.os.openbsd.misc
gmane.os.openbsd.ports
gmane.os.openbsd.bugs

The client slrn needs to be configured to find the informations from slrnpull.

File ~/.slrnrc:

set hostname "your.hostname.domain"
set spool_inn_root "/var/spool/slrnpull"
set spool_root "/var/spool/slrnpull/news"
set spool_nov_root "/var/spool/slrnpull/news"
set read_active 1
set use_slrnpull 1
set post_object "slrnpull"
set server_object "spool"

Add this to your crontab to fetch news once per hour (at HH:00 minutes):

0 * * * * NNTPSERVER=news.gmane.org slrnpull -d /var/spool/slrnpull/

Now, just type slrn and enjoy.

Cheat Sheet

Quick cheat sheet for using slrn, there is a help using “?” but it is not very easy to understand at first.

• h : hide/display the article view
• space : scroll to next page in the article, go to next at the end
• enter : scroll one line
• tab : scroll to the end of quotes
• c : mark all as read

Tips

• when a forum is empty, it is not shown by default

I found that a slrnconf software provide a GUI to configure slrn exists, I didn’t try it.

Going further

It seems nntp clients supports a score file that can mark interesting articles using user defined rules.

nntp protocol allow to submit articles (reply or new thread) but I have no idea how it works. Someone told me to forget about this and use mails to mailing-lists when it is possible.

leafnode daemon can be used instead of slrnpull in a more generic way. It is a nntp server that one would use locally as a proxy to nntp servers. It will mirror forums you want and serve it back through nntp, allowing you to use any nntp client (slrnpull enforces the use of slrn). leafnode seems old, a v2 is still in development but seems rather inactive. Leafnode is old and complicated, I wanted something KISS (Keep It Simple Stupid) and it is not.

Others clients you may want to try

nntp console client

• gnus (in emacs)
• wanderlust (in emacs too)
• alpine

GUI client

• pan (may be able to download, but I failed using it)
• seamonkey (the whole mozilla suite supports nntp)

Today I will present you a nice port (from Gentoo this time, not from a FreeBSD) and this port is even linux only.

nethogs is a console program which shows the bandwidth usage of each running application consuming network. This can be particulary helpful to find which application is sending traffic and at which rate.

It can be installed with emerge as simple as emerge -av net-analyzer/nethogs.

It is very simple of use, just type nethogs in a terminal (as root). There are some parameters and it’s a bit interactive but I recommend reading the manual if you need some details about them.

I am currently running Gentoo on my main workstation, that makes me discover new things so maybe I will write more regularly about gentoo ports.

This is the kind of Port of the week I like. This is a software I just discovered and fall in love to. The tool r2e which is the port mail/rss2email on OpenBSD is a small python utility that solves a problem: how to deal with RSS feeds?

Until last week, I was using a “web app” named selfoss which was aggregating my RSS feeds and displaying it on a web page, I was able to filter by read/unread/marked and also filter by source. It is a good tool that does the job well but I wanted something that doesn’t rely on a web browser. Here comes r2e !

This simple software will send you a mail for each new entry in your RSS feeds. It’s really easy to configure and set-up. Just look at how I configured mine:

$ r2e new my-address+rss@my-domain.com
$ r2e add "http://undeadly.org/cgi?action=rss"
$ r2e add "https://dataswamp.org/~solene/rss.xml"
$ r2e add "https://www.dragonflydigest.com/feed"
$ r2e add "http://phoronix.com/rss.php"

Add this in your crontab to check new RSS items every 10 minutes:

*/10 * * * * /usr/local/bin/r2e run

Add a rule for my-address+rss to store mails in a separate folder, and you’re done !

NOTE: you can use r2e run –no-send for the first time, it will create the database and won’t send you mails for current items in feeds.

Today I will talk about net/dnscrypt-proxy. This let you encrypt your DNS traffic between your resolver and the remote DNS recursive server. More and more countries and internet provider use DNS to block some websites, and now they tend to do “man in the middle” with DNS answers, so you can’t just use a remote DNS you find on the internet. While a remote dnscrypt DNS server can still be affected by such “man in the middle” hijack, there is a very little chance DNS traffic is altered in datacenters / dedicated server hosting.

The article also deal with unbound as a dns cache because dnscrypt is a bit slow and asking multiple time the same domain in a few minutes is a waste of cpu/network/time for everyone. So I recommend setting up a DNS cache on your side (which can also permit to use it on a LAN).

At the time I write this article, their is a very good explanation about “how to install it” is named dnscrypt-proxy–1.9.5p3 in the folder /usr/local/share/doc/pkg-readmes/. The following article is made from this file. (Article updated at the time of OpenBSD 6.3)

While I write for OpenBSD this can be easily adapted to anthing else Unix-like.

Install dnscrypt

# pkg_add dnscrypt-proxy

Resolv.conf

Modify your resolv.conf file to this

/etc/resolv.conf :

nameserver 127.0.0.1
lookup file bind
options edns0

When using dhcp client

If you use dhcp to get an address, you can use the following line to force having 127.0.0.1 as nameserver by modifying dhclient config file. Beware, if you use it, when upgrading the system from bsd.rd, you will get 127.0.0.1 as your DNS server but no service running.

/etc/dhclient.conf :

supersede domain-name-servers 127.0.0.1;

Unbound

Now, we need to modify unbound config to tell him to ask DNS at 127.0.0.1 port 40. Please adapt your config, I will just add what is mandatory. Unbound configuration file isn’t in /etc because it’s chrooted

/var/unbound/etc/unbound.conf:

server:
    # this line is MANDATORY
    do-not-query-localhost: no

forward-zone:
    name: "."
    forward-addr: 127.0.0.1@40
    # address dnscrypt listen on

If you want to allow other to resolv through your unbound daemon, please see parameters interface and access-control. You will need to tell unbound to bind on external interfaces and allow requests on it.

Dnscrypt-proxy

Now we need to configure dnscrypt, pick a server in the following LIST /usr/local/share/dnscrypt-proxy/dnscrypt-resolvers.csv, the name is the first column.

As root type the following (or use doas/sudo), in the example we choose dnscrypt.eu-nl as a DNS provider

# rcctl enable dnscrypt_proxy
# rcctl set dnscrypt_proxy flags -E -m1 -R dnscrypt.eu-nl -a 127.0.0.1:40
# rcctl start dnscrypt_proxy

Conclusion

You should be able to resolv address through dnscrypt now. You can use tcpdump on your external interface to see if you see something on udp port 53, you should not see traffic there.

If you want to use dig hostname -p 40 @127.0.0.1 to make DNS request to dnscrypt without unbound, you will need net/isc-bind which will provide /usr/local/bin/dig. OpenBSD base dig can’t use a port different than 53.

Today I will present misc/rlwrap which is an utility tool when you use some command-line software which doesn’t provide you a nice readline input. By using rlwrap, you will be able to use telnet, a language REPL or any command-line tool where you input text with an history of what you type, ability to use emacs bindings like C-a C-e M-Ret etc… I use it often with telnet or sbcl.

Usage :

$ rlwrap telnet host port

When I started port of the week articles I was planning to write an article every week but now I don’t have much ports too speak about.

Today is about x11/stumpwm ! I wrote about this window manager earlier. It’s now available in OpenBSD since 6.1 release.

I will talk about security/pwgen for the current port of the week. It’s a very light executable to generate passwords. But it’s not just a dumb password generator, it has options to choose what kind of password you want.

Here is a list of options with their flag, you will find a lot more in the nice man page of pwgen:

• -A : don’t use capital letters
• -B : don’t use characters which could be missread (O/0, I/l/1 …)
• -v : don’t use vowels
• etc…

You can also use a seed to generate your “random” password (which aren’t very random in this case), you may need it for some reason to be able to reproduce password you lost for a ftp/http access for example.

Example of pwgen output generating 5 password of 10 characters. Using –1 parameter so it will only display one password per line, otherwise it display a grid (on column and multiple lines) of passwords.

$ pwgen -1 10 5
fohchah9oP
haNgeik0ee
meiceeW8ae
OReejoi5oo
ohdae2Eisu

Today I will talk about graphics/feh, it’s a tool to view pictures and it can also be used to set an image as background.

I use this command line, invoked by stumpwm when my session starts so I can a nice background with cubes :)

feh --bg-scale /home/solene/Downloads/cubes.jpg

feh as a lot of options and is really easy to use, I still prefer sxiv for viewing but I use feh for my background.

If you ever need to modify the tags of your music library (made of MP3s) I would recommend you audio/puddletag. This tool will let you see all your music metadata like a spreadsheet and just modify the cells to change the artist name, title etc… You can also select multiple cells and type one text and it will be applied on all the selected cells. There is also a tool to extract data from the filename with a regex. This tool is very easy and pleasant to use.

There is an option in the configuration panel that is good to be aware of, by default, when you change the tag of a file, the modification time isn’t changed, so if you use some kind of backup relying on the modification time it won’t be synchronized. In the configuration panel, you will find an option to check which will bump the modification timestamp when you change a tag on a song.

Profanity is a command-line ncurses based XMPP (Jabber) client. It’s easy to use and seem inspired from irssi for the interface. It’s available in net/profanity.

It’s really easy to use and the documentation on its website is really clear.

To log-in, just type /connect myusername@mydomain and after the password prompt, you will be connected. Easy.

Profanity official website

OpenSCAD is a software for creating 3D objects like a programming language, with the possibility to preview your creation.

I am personaly interested in 3D things, I have been playing with 3ds Max and Blender for creating 3d objects but I never felt really comfortable with them. I discovered pov-ray a few years ago which is used to create rendered pictures instead of creating objects. Pov-ray use its own “programming language” to describe the scene and make the render. Now, I have a 3D printer and I would like to create things to print, but I don’t like the GUI stuff of Blender and Pov-ray don’t create objects, so… OpenSCAD ! This is the pov-ray of objects !

Here is a simple example that create an empty box (difference of 2 cubes) and a screw propeller:

width = 3;
height = 3;
depth = 6;
thickness = 0.2;

difference() {
    cube( [width,depth,height], true);

translate( [0,0,thickness] )
    cube( [width-thickness, depth-thickness, height], true);
}

translate( [ width , 0 , 0 ])
    linear_extrude(twist = 400, height = height*2)
        square(2,true);

The following picture is made from the code above:

![“static/openscad-rendu.png”][static/openscad-rendu.png](OpenSCAD rendered image) There are scad-mode and scad-preview for emacs for editing OpenSCAD files. scad-mode will check the coloration/syntax and scad-preview will create the OpenScad render inside a Emacs pane. Personaly, I use OpenSCAD opened in some corner of the screen with option set to render on file change, and I edit with emacs. Of course you can use any editor, or the embedded editor which is a Scintilla one which is pretty usable.

OpenSCAD website

OpenSCAD gallery

Today the Port of the week is x11/arandr, it’s a very simple tool to set-up your screen display when using multiple monitors. It’s very handy when you want to make something complicated or don’t want to use xrandr in command line. There is not much to say because it’s very easy to use!

Port of the week is now presenting you x2x which stands for X to X connection. This is a really tiny tool in one executable file that let you move your mouse and use your keyboard on another X server than yours. It’s like the other tool synergy but easier to use and open-source (I think synergy isn’t open source anymore).

If you want to use the computer on your left, just use the following command (x2x must be installed on it and ssh available)

$ ssh -CX the_host_address "x2x -west -to :0.0"

and then you can move your cursor to the left of your screen and you will see that you can use your cursor or type with the keyboard on your other computer ! I am using it to manage a wall of screen made of raspberry Pi first generation. I used to connect to it with VNC but it was very very slow.

This Port of the week is a bit special because sadly, the port isn’t available on OpenBSD. The port is mbuffer (which you can find in misc/mbuffer).

I discovered it while looking for a way to enhance one of my network stream scripts. I have some scripts that get a dump of a postgresql base through SSH, copy it from stdin to a file with tee and send it out to the local postgres, the command line looks like

$ ssh remote-base-server "pg_dump my_base | gzip -c -f -" | gunzip -f | tee dumps/my_base.dump | psql my_base

I also use the same kind of command to receive a ZFS snapshot from another server.

But there is an issue, the end server is relatively slow, postgresql and ZFS will eat lot of data from stdin and then it will stop for sometimes writing on the disk, when they are ready to take new data, it’s slow to fill them. This is where mbuffer takes places. This tool permit to add a buffer that will take data from stdin and fill its memory (that you set on the command line), so when the slowest part of the command is ready to take data, mbuffer will empty its memory into the pipe, so the slowlest command isn’t waiting to get filled before working again.

The new command looks like that for a buffer of 300 Mb

ssh remote-base-server "pg_dump my_base | gzip -c -f -" |  gunzip -f | tee dumps/my_base.dump | mbuffer -s 8192 -m 300M | psql my_base

mbuffer also comes with a nice console output, showing

• bandwith in

• bandwith out

• percentage/consumption of memory filled

• total transfered

  in @ 1219 KiB/s, out @ 1219 KiB/s, 906 MiB total, buffer 0% full

In this example the server is too fast so there is no wait, the buffer isn’t used (0% full).

mbuffer can also listen on TCP, unix socket and have a lot of parameters that I didn’t try, if you think that can be useful for you, just go for it !

This week we will have a quick look at the tool rdesktop. Rdesktop is a RDP client (RDP stands for Remote Desktop Protocol) which is used to share your desktop with another machine. RDP is a Microsoft thing and it’s most used on Windows.

I am personally using it because sometimes I need to use Microsoft Word/Excel or Windows only software and I have a dedidated virtual machine for this. So I use rdesktop to connect in fullscreen to the virtual machine and I can work on Windows. The RDP protocol is very efficient, on LAN network there is no lag. I appreciate much more using the VM with RDP than VNC.

You can also have RDP servers within virtual machines. VirtualBox let you have (with an additional package to add on the host) RDP server for a VM. Maybe VmWare provides RDP servers too. I know that Xen and KVM can give access through VNC or Spice but no RDP.

For its usage, if you want to connect to a RDP server whose IP address is 192.168.1.100 in fullscreen with max quality, type:

$ rdesktop -f -x 0x80 192.168.1.100

The -x 0x80 bit is needed to set the quality at maximum. If the machine needs username and password you can add -u my_user -p my_plaintext_pass to login automatically. I have an alias in my zsh shell, I just type “windows” and I get logged in in fullscreen to the windows machine.

To exit fullscreen type ctrl+alt+return to switch to windowed mode and again to go in fullscreen mode. I wasn’t able to remember the keyboard shortcut the first times and was stuck in Windows ! ;-)

In the OpenBSD ports tree, check x11/rdesktop.

This week I will talk about the command line image viewer sxiv. While it’s a command line tool, of course it spawn a X window to display the pictures. It’s very light and easy of use, it’s my favorite image viewer.

Quick start: (you should read the man page for more informations)

• sxiv file1 file2… : Sxiv open only files given as parameter or filenames from stdin
• p/n : previous/next
• f : fullscreen
• 12 G : go to 12th image of the list
• Return : switch to the thumbnails mode / select the image from the thumbnails mode
• q : quit
• a lot more in the well written man page !

For power users who have a LOT of pictures to sort: Sxiv has a nice function that let you mark images you see and dump the list of marked images in a file (see parameter -o).

Tip for zsh users, if you want to read every jpg files in a tree, you

can use **sxiv **/*.jpg** globbing as seen in the Zsh cheat sheet

).

In OpenBSD ports tree, check graphics/sxiv.

I am starting a periodic posting for something I wanted to do since a long time. Take a port in the tree and introduce it quickly. There are tons of ports in the tree that we don’t know about. So, I will write frequently about ports that I use frequently and that I find useful, if you read this, maybe I will find a new tool to your collection of “useful program”. :-)

For a first one, I would like to present net/bwm-ng. Its name stands for “_BandWitch Monitor next-generation_”, it allows the user to watch in real-time the bandwith usage of the different network interfaces. By default, it will update the display every 0.5 second. You can change the frequency of updating by pressing keys ‘+’ and ‘-’.

Let see the bindings of the interactive mode :

• ‘t’ will cycle between current rate, maximum peak, sum, average on 30 seconds.
• ‘n’ will cycle between data sources, on OpenBSD it defaults to “getifaddrs” and you can also choose “sysctl” or “netstat -i”.
• ‘d’ will change the unit, by default it shows KB but you can change to another units that suits better your current data.

Summary output after downloading a file

bwm-ng v0.6.1 (probing every 5.700s), press 'h' for help
input: getifaddrs type: sum
-         iface                   Rx                   Tx                Total
==============================================================================
            lo0:           0.00  B              0.00  B              0.00  B
            em0:          19.89 MB            662.82 KB             20.54 MB
         pflog0:           0.00  B              0.00  B              0.00  B
------------------------------------------------------------------------------
          total:          19.89 MB            662.82 KB             20.54 MB

It’s available on *BSD, Linux and maybe others.

In OpenBSD ports tree, look for net/bwm-ng.