first day trip on the Suzook

My betrothed and I bought a 2007 Suzuki C50 motorcycle and took it on our first day trip, from Columbus to Millersburg Ohio. On the way up we took 62 to 541 to Coshocton. 541 is an amazing road :) Beautiful hill country. We were apparently chasing a storm, because the road was freshly wet most of the way, but the sun was shining and steam was rising off of the road.

We soon decided that what we had read was right, that the stock seats and no passenger back rest on the C50 is not really practical for touring. We took a lot of breaks through the day.

We stopped in Coshocton for lunch at a great Italian place on Main Street in the old downtown. The sausage and peppers are highly recommended.

I then took 83 up to 62 and into Millersburg for a short break, that's where the picture of the bike was taken. The pink helmet with polka dots belongs to my wife, mine is a flat black half-helmet with silver flames :)

The passenger rest is supposed to arrive today and I ordered seats from Ultimate (www.ultimate.ca), which are supposed to be the best touring seats for Suzuki Boulevards and Volusias. So far the modern technology, power, and ride are really amazing :)

netflow on Ubuntu 8.04

To generate and collect netflow data on your Ubuntu 8.04 box, I had to install a couple of packages:

sudo apt-get install fprobe
sudo apt-get install nfdump

fprobe is the daemon that will listen to the traffic and generate a netflow stream to a collector. The nfdump package includes nfcapd, which listens to the netflow stream and generates the flow files on your disk or wherever.

On Ubuntu 8.04 x86-64, fprobe installed an /etc/default file and an /etc/init.d/fprobe file. However, with a quick customization of the files, I found that my changes were ignored and fprobe did not actually run. For now I just ran it manually as root:

fprobe -p -i eth1 -fip localhost:555

The -p flag tells it not to bother putting the interface in promiscuous mode. I did that because I had already put the interface into promiscuous mode manually, after seeing that in /var/log/messages eth0 had been put into promiscuous mode, even though it had no ip address, and was not being used.

The -i flag tells it which interface to get traffic from.

The -f flag tells fprobe to get ip traffic, and is currently required to get any traffic collected at all.

Finally the hostname and port to send the netflow stream to be collected are the last arguments. With that, I had flows being exported!

Next I needed to collect the flows. I was able to edit the /etc/init.d/nfdump file to customize nfdump to work with my machine. You can get it at marmot. The main ingredients are the arguments you feed to nfcapd, here are mine:
DAEMON_ARGS="-D -p 555 -4 -l /home/lincolnr/incoming/nfcap/"

That tells nfcapd to run as a daemon, listen on port 555 for netflow data, use IPv4, and use /home/lincolnr/incoming/nfcap as the storage area for the flow files. This might not be a good production setup, as there is no filtering of where the netflow data comes from. So any netflow stream that is received will get processed, and maybe somebody could do something bad with that somehow...

Then I restarted it with sudo /etc/init.d/nfdump restart.

So running ls -al /home/lincolnr/incoming/nfcap, I started getting some non-empty flow files :)
drwxr-xr-x 21 lincolnr root 16384 2010-06-08 09:26 ..
-rw-r--r-- 1 root root 276 2010-06-08 09:37 nfcapd.201006080932
-rw-r--r-- 1 root root 276 2010-06-08 09:43 nfcapd.201006080937
-rw-r--r-- 1 root root 276 2010-06-08 09:48 nfcapd.201006080942
-rw-r--r-- 1 root root 1120 2010-06-08 09:56 nfcapd.201006080951
-rw-r--r-- 1 root root 756 2010-06-08 10:01 nfcapd.201006080956
-rw-r--r-- 1 root root 1900 2010-06-08 10:06 nfcapd.201006081001
-rw-r--r-- 1 root root 1484 2010-06-08 10:11 nfcapd.201006081006

Yay! Notice that root owns the files and they are world readable. I don't really like that part but it's fine for what I'm trying to do now. Using nfdump, then I can get reports on the traffic:
Date flow start Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows
2010-06-08 10:20:10.788 0.000 IGMP 192.168.2.1:0 -> 239.255.255.250:0 1 32 1
2010-06-08 10:20:11.497 0.000 IGMP 192.168.2.2:0 -> 224.0.0.251:0 1 32 1
2010-06-08 10:21:14.270 0.000 TCP 208.94.232.254:80 -> 192.168.2.2:54213 1 52 1
2010-06-08 10:21:14.270 0.000 TCP 192.168.2.2:54213 -> 208.94.232.254:80 1 52 1
2010-06-08 10:17:16.609 310.298 TCP 199.18.249.12:59457 -> 192.168.2.2:22 45 2548 1
2010-06-08 10:17:16.568 310.303 TCP 192.168.2.2:22 -> 199.18.249.12:59457 63 58444 1
2010-06-08 10:17:49.883 244.052 UDP 192.168.2.1:1900 -> 239.255.255.250:1900 85 29625 1
2010-06-08 10:22:09.351 0.000 IGMP 192.168.2.1:0 -> 224.0.0.1:0 1 28 1
2010-06-08 10:22:09.804 0.000 IGMP 192.168.2.2:0 -> 224.0.0.251:0 1 32 1
2010-06-08 10:22:17.191 0.000 IGMP 192.168.2.1:0 -> 239.255.255.250:0 1 32 1
2010-06-08 10:22:19.042 0.000 IGMP 192.168.2.1:0 -> 224.0.0.2:0 1 32 1
2010-06-08 10:22:46.366 0.000 UDP 192.168.2.2:138 -> 192.168.2.255:138 2 493 1
2010-06-08 10:23:14.321 0.000 TCP 208.94.232.254:80 -> 192.168.2.2:54213 1 52 1
2010-06-08 10:23:14.321 0.000 TCP 192.168.2.2:54213 -> 208.94.232.254:80 1 52 1
2010-06-08 10:24:15.953 0.000 IGMP 192.168.2.1:0 -> 239.255.255.250:0 1 32 1
2010-06-08 10:24:14.373 0.000 IGMP 192.168.2.1:0 -> 224.0.0.1:0 1 28 1
2010-06-08 10:24:21.405 0.000 IGMP 192.168.2.1:0 -> 224.0.0.2:0 1 32 1
2010-06-08 10:24:19.438 0.000 IGMP 192.168.2.2:0 -> 224.0.0.251:0 1 32 1
Summary: total flows: 18, total bytes: 91630, total packets: 209, avg bps: 1725, avg pps: 0, avg bpp: 438
Time window: 2010-06-08 10:17:16 - 2010-06-08 10:24:21
Total flows processed: 18, skipped: 0, Bytes read: 948
Sys: 0.000s flows/second: 0.0 Wall: 0.000s flows/second: 23076.9

Yay! We can generate netflow data from traffic on our Linux box, and also capture it. I will start another post to explain more about what this is, and why I'm doing it. Hope this helps someone, yes it does work if you trick into working :)

cabin fever

can't be zen all the time

The dead of winter in the midwest has an effect on people. I have been fighting it pretty successfully this year. It's been a struggle, because everyone around me has been struggling. Today it finally got me. It made me angry, because it's the people closest to me whose anguish I now feel. All I could do was cry, and use my words to describe my feelings. You can't be zen all the time. Then I went and had some quiet time to myself, went window shopping for books.

The last two days I had a fun project, I found a rim and tire for my Jeep. I have big tires on my Jeep, and I needed to find a big tire for a spare, and a big rim for the tire to fit on. I ended up buying everything from some really cool guys with eastern European accents, at a little independent used tire shop. They like my ride, and they picked on me for having mismatched lug nuts. I spent the rest of the evening sanding and prepping the rim, and painted it a nice flat black. It turned out better than I really was attempting to make it.

autumn in ohio

Yeah so a lot has happened since I got the Eee... I have turned my fiance into a wife on August 22nd, and had a great time in Aruba on our honeymoon. We got some great gifts and it was all a really special experience. The picture is from the back side of Aruba, we were exploring the lava fields.

I am feeling kruddy today, a flu bug or something has wrestled me to the ground. I'm just trying to think happy thoughts and remember how good I felt last week when I was mountain biking! It's funny, I often start feeling blue and melancholy, and then the next day realize "Oh, I'm sick". My humor is usually a good way to tell how healthy I am. Unfortunately I'm usually not self-aware enough to see it coming.

I've been reading some Melodie Beattie again, "Beyond Codependency". The way she communicates really connects with me. I am reading about intimacy. It's funny how in the past I used to think that obsession was the same thing as intimacy. I'm not sure I really know what intimacy is yet, but at least I'm starting to understand what it is not.

not a mac, not a pc, i'm a eee!

Yeah I picked up a Eee PC. For those unaware, the Eee is product of ASUS or Asustek. It's a little computer like a small laptop, some folks call them "netbooks". Mine is a model 700, known as a "2G Surf", mostly white in color except the back of the display which is baby blue.

Some models of the Eee come with Microsoft Windows, but mine did not. It runs the Eee PC 1.0.2 system. The system is a Linux based system, with some parts of it from the Xandros version of Linux, and finally customized by Asus. This allowed Asus to use free software to build their product, and be competitive with Windows based products. It is really cool technology.

The really cool part is that if you are a programmer or systems person, you can actually make changes to the system *any way you want*. The code for all of the programs, including the operating system kernel and even device driver code, are all freely available. You can edit them in any plain old text editor!

But if you aren't really interested in that kind of thing, but rather want to email, surf the internet, watch YouTube videos, or watch a movie from a file share or similar, you can just do that too! It is designed for ease of use. My fiance is not a technical person, but she doesn't have any trouble using the Eee.


I am also very pleased that I snagged mine in brand-new condition for $106.00 on eBay!

It's like the future is here now; a $100 computer that doesn't need any help from Microsoft. It won't be long now before inexpensive computers that are built without Intel or Microsoft can become the norm.

I gotta run but I posted this from the Eee! Maybe I'll post some technical tweaks and tricks soon!

microsoft and nationalism

During this time of nationalism and Americans pulling together, I couldn't help but notice Microsoft's sponsorship choice for endurance racing in 2009. Yes, they are sponsoring the French automaking industry this year.

I couldn't help but notice that Sun Microsystems is sponsoring Ford.

Still no cigarettes, today is two weeks.