Info
2005-09-25 Proof of concept
I've done something terribly easy today. It's a simple perl script. I've been beating myself up for ages because I've not been bothered enough to learn perl. Well, it's hardly a sign of having learnt much at all, but it's a stab in the dark.
#!/usr/bin/perl use strict; use warnings; print "Content-type: text/html\n\n"; print "Proof of concept";
Something with a function
use strict;
use warnings;
sub test()
{
print "Tested!\n";
}
print "Content-type: text/plain\n\n";
print "Proof of concept\n";
test();
Something with a test
#!/usr/bin/perl
use strict;
use warnings;
sub test()
{
my $a = 3;
if( $a < 1 )
{
print "A < 1\n";
}
else
{
if( $a > 2 )
{
print "A > 2\n";
}
}
}
print "Content-type: text/plain\n\n";
print "Proof of concept\n";
test();
2005-09-23 compare
Some time ago I made a very short shell script to compare two files for a glue process between two systems. The compare script (comp.sh) would run frequently to return lines in one file which are not in another and output differences. This is not the same as a 'diff' process which is for patching. Here is the original shell script
#!/bin/bash if [ "$2" == "" ] ; then echo "Usage: $0 list1 list2" echo "returns lines that are in list2 that are not in list1" exit fi for i in `cat $2` ; do if [ "`cat $1 | grep $i -x -i`" == "" ] ; then echo "$i" fi done;
As you can see from the above, this runs cat, test and grep three times for each line in the input (test is whats used in the if statement, if is shorthand for test!). This also means that the second input file must be opened once (as part of the cat) for each line on the first input file.
I have fashioned the c code below to replace this. Although there are many places for improvement, I shall change it only when someone sends me a .diff file (could do away with one of the line arrayes through moving the comparison into the first fopen read for one thing).
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
void help()
{
fprintf( stderr, "(c)copyright 2005 Ed Neville, ed[at]usenix.org.uk\n" );
fprintf( stderr, "Usage: comp <file1> <file2>\n" );
fprintf( stderr, "where file1 is the master and file2 contains additional entries\n" );
exit(0);
}
void compare( void const *file1, const void *file2 )
{
FILE *f,*g;
char *lines1[1000000];
char *lines2[1000000];
char *tmp;
void *ptr;
int i=0,x,l1=0,l2=0;
if( ( f=fopen( (char *)file1, "r" ) ) == NULL )
{
fprintf( stderr, "could not open %s\n", file1 );
help();
}
if( ( g=fopen( (char *)file2, "r" ) ) == NULL )
{
fprintf( stderr, "could not open %s\n", file2 );
help();
}
ptr=(char *)malloc( 102400 );
tmp=ptr;
while( ( tmp=fgets( tmp, 102400, f ) ) != NULL )
{
lines1[i]=(char *)malloc( strlen(tmp) );
strncpy( lines1[i++], tmp, strlen(tmp) );
// eventually tmp holds a nil pointer
}
l1=i;
i=0;
// make tmp become ptr
tmp=ptr;
while( ( tmp=fgets( tmp, 102400, g ) ) != NULL )
{
lines2[i]=(char *)malloc( strlen(tmp) );
strncpy( lines2[i++], tmp, strlen(tmp) );
}
l2=i;
free( ptr );
fclose( f );
fclose( g );
for( x=0 ; x<l2 ; x++ )
{
int y=0;
short found=0;
while( l1 != y )
{
if( strcmp( lines2[x], lines1[y] ) == 0 )
{
found=1;
}
y++;
}
if( !found)
{
printf( "%s", lines2[x] );
}
}
}
int main( int argc, char *argv[] )
{
if( argc < 3 )
{
help();
}
compare( argv[1], argv[2] );
return(0);
}
validrcptto
There is an age-old bug in qmail that sends bounce spam. Qmail is my favourite MTA (message transfer agent) that is responsible for sending millions of emails daily from host to host around the internet. One of the things that attracted me to the mailer was that a bounce message would contain the original mail from the sender, the sender would know exactly what was rejected or bounced back to him. Unfortunatly the spammers of this world will set up email sessions to a host such as gmx.net like so:
220 {mx004} GMX Mailservices ESMTP
helo
250 {mx004} GMX Mailservices
mail from: innocentperson@somedomain.com
250 ok
rcpt to: baduser@gmx.net
250 ok
data
354 go ahead
Subject: my spam
....
Most modern mailers do not do this, with thanks to John Simpson (jms1.net) there is a patch that helps counter this problem by accepting email only for valid users. Here is a writeup of how I applied this patch.
cd /usr/src/ wget ftp://ftp.ntnu.no/pub/unix/mail/qmail/qmail-1.03.tar.gz tar zxvf qmail-1.03.tar.gz cd /usr/src/qmail-1.03 wget http://qmail.jms1.net/patches/qmail-1.03-jms1.6b.patch -O - | patch make make setup check
At this point your should do your own system level configuration, such as which hosts you want to accept mail for by adding them to /var/qmail/control/rcpthosts, /var/qmail/control/smtphosts etc
You should then get the cdb tools
cd /usr/src wget http://cr.yp.to/cdb/cdb-0.75.tar.gz tar zxvf cdb-0.75.tar.gz cd cdb-0.75 make make setup check cd /usr/src wget http://search.cpan.org/CPAN/authors/id/M/MS/MSERGEANT/CDB_File-0.94.tar.gz tar zxvf CDB_File-0.94.tar.gz cd CDB_File-0.94 perl Makefile.PL make make install
The final tool to get is the mkvalidrcptto script by JMS to create the validrcptto.cdb file which the jms qmail patch will read if it exists in order to deny bounce spam.
wget http://qmail.jms1.net/scripts/mkvalidrcptto
All you have left now is to create the validrcptto.cdb file
cd /var/qmail/control umask 022 perl /usr/src/qmail-1.03/mkvalidrcptto | cdbmake-12 validrcptto.cdb validrcptto.tmp
Now test your mailer
$ telnet w.x.y.z 25 Trying w.x.y.z... Connected to w.x.y.z. Escape character is '^]'. 220 ednevitible.co.uk ESMTP helo 250 ednevitible.co.uk mail from: edward@w.x.y.z 250 ok rcpt to: someone@w.x.y.z 553 sorry, this recipient is not in my validrcptto list (#5.7.1) quit
If you get a 553 error message such as the one above then you know that your mailer is not bouncing spam around the globe. Well done. Send jms some money.
Well my .info domains are now officially expired (but will exist on the whois until they have completed their pending delete status) so I shall now delete them from my name servers and any other residule trace of them.
$ for i in $( mysql -uDNS -pDNS -e "select lngId from DNSDomains where strDomain like '%.info'" DNSData ) ; do if [ "$i" != "lngId" ] ; then mysql -uDNS -pDNS -e "delete from DNSData where lngDomain in ( $i )" DNSData ; fi ; done ; $ mysql -uDNS -pDNS -e "insert into DNSRegen values (1)" DNSData
2005-09-22 sad :(
This week draws to a close, there's just tomorrow left, then it's the weekend, and I've not yet finished the ftp server. I am instead thinking about a small bug with this page. Originally I had the code paragraphs repalce ' ' with , otherwise the browser omits them and code tabulation is all wrong. This is a bug, my code paragraphs don't wrap in some browsers.
So I changed the replace, so it now replaces ' ' with ' '. However all my other paraphs need changing, I think the shell script was getting a little ugly so I am going to write this in java and run it when I get time. But I am aware of this fact!
for i in $( echo $a ) ; do if [ "$i" != "id" ] ; then b=$( mysql -upsybb -ppass |batch -e "select ptext from article where id = $i" albums ); text=$( echo $b | sed 's/^ptext //' | sed 's/ / \ /g' ); update="update article set ptext='$text'" ; echo $update ; fi ; done ;
I have an idea to make a plugin for Gaim.
20:44 <+ed_> im going to make a delay plugin for gaim 20:45 <+secret> hmm to do wha 20:47 <+ed_> secret: just to send messages after 5 mins, if for example you want to reduce a converstations text respone 20:47 <+ed_> suppose someone asks lots of questions, you want to respond, but dont want to appear to be responding immediatly 20:47 <+secret> ah lol 20:47 <+secret> interesting
Basically I found myself talking to someone who just wanted help like a search engine. Idea being not to offend the person asking the questions, and not to see too helpful at the same time!
I have just seen a really interesting site, named Freedom Toaster. They provide free opensource software to anyone with a blank cdr!
2005-09-21 back in england
Friday night had some ill effects for Saturday, I was rather hung over all through Saturday until late Sunday, really. I advise anyone who bout-drinks that they should consider greatly the effects of their drink especially when mixing hops and distilled liquor. This lead to a lateness of my departure to Edinburgh through sleeping most of Saturday.
Got to Scotland on Sunday, lovely looking place. Life there is either up hill or down hill, the land is rather scenic, albeit uneven.
Now the disaster, I had my laptop, charger, ideas for coding, a powersocket adjacent to my seat on the train, but what's this, NO POWER CABLE. This was probably the most frustration I have ever been faced with after years of using the train to and from college and having to ensure my laptop was fully charged before all train journeys finding seats equiped with power sockets was quite a surprise.
So with dwinding power supply I decided that making a java ftp deamon could be quite a cool program to take up. Once I have completed something that is worthy of posting here I shall.
A general observation of England and Scotland is that Scotland has a rather uneven surface, York/Norfolk is rather flat, but further south it's a little hilly.
Java 1.5 (or JDK 5) now prefers to use generics for classes. Rather than writing code like this
ArrayList al = new ArrayList();
It must now be written as so
ArrayList <object> al = new ArrayList <object> ();
This has several benefits to ensure that the objects in your arraylist are only of the declared type.
Have got an email from the London Linux User Group about a meet on 5th October (20051005) which I am thinking about going to, it's the same day as the Linux Expo at the Olympia. Sounds like a really cool event so I'm up for that.
Here's a little note about pasv connections and how to use them in telnet connections. First log into a FTP server using telnet
ed@workstation:~$ telnet 192.168.0.1 21 Trying 192.168.0.1... Connected to 192.168.0.1. Escape character is '^]'. 220 ProFTPD 1.2.10 Server (Debian) [80.5.148.152] user ed 331 Password required for ed. pass secret 230 User ed logged in.
Then you must issue the pasv command to tell the server that you intend to request some data
pasv 227 Entering Passive Mode (80,5,148,152,253,99).
The first four octects (80,5,148,152) are the IP address where you must connect to deliver the data. The last two (253,99) are the port, but require some maths (253*256)+99 = 64867. This is the port which you open a second telnet session to.
$ telnet 192.168.0.1 64867 Trying 192.168.0.1... Connected to 192.168.0.1. Escape character is '^]'.
In the first session (the control session) issue the command 'LIST' on a line by itself and the data session will output the result of the LIST command and then close.
The control session will output the following
150 Opening ASCII mode data connection for file list 226 Transfer complete.
A day of hard work, and I have a half functional FTP server. I have to move things around a bit so that I have a passive class and an active class which are there to do very different things, but essentially just provide a socket to a tranasfer class. This over view should provide some abstraction for the whole process.
My next set of thoughts will be directed at the security of a filesystem model. I will not be overly impressed with my own work if it's rather easy for an outsider to transfer core operating system files. My main goals on this project are to provide a functional server which end users including myself can perform administration tasks from command line or graphical shell. It would be good to make it work with the operating system users, but with Java that just isn't really possible. Perhaps this is the wrong paradigm, perhaps I should be using C++, since with that I can change the permissions on files once they are created in the file system. The only way that I can currently see to change the file access rights post/pre upload are to execute a system program to do so, this could be costly for the process table if a user were to upload 1,000 small HTML files.
2005-09-17 missed my train this morning
I got rather drunk at a party last night, had a hang over from hell till about 2030 today.
I like gvim. It's a really good programmer's editor. Here is my ~/.gvimrc config file which contains settings for 2 col tab-spaces, auto indentation, syntax highlighting, and white-on-black text colour.
set number set ts=2 set sw=2 colors torte set ignorecase set softtabstop=2 set expandtab
To use with vim, just remove the colors torte entry.
If you are using dnscache and you want to use a specific DNS server for a certain domain, you can enter the IP address of the DNS server into /etc/dnscache/root/servers/domainname.tld. This has a lot of benefits with split horizon DNS situations.
For example, you might enter 127.0.0.1 into /etc/dnscache/root/servers/mydomain.com and then create a zone called mydomain.com in /etc/tinydns/root/data.
In some situations you need to provide a different copy of 'mydomain.com' so that there are different IP addresses for the zone given to your local computers.
2005-09-15 going to scotland this weekend
Have planned a short vaction to scotland this weekend. I've no idea why, it's rather cold there, perhaps that will take my mind off the other sex for a while. Either way I intend to do a metric ass load of code and get some downtime too.
On the subject of downtime, I made quite an error on the company firewall, at the worst possible time a change was requested and things went pear shaped.
Noticed something odd with some OO PHP.
$this->arr[0] = new className(); $c = $this->arr[0]; $c->var = 2; print_r( $this->arr[0] );
With the above you might expect $this->arr[0]->var to be 2, instead it will appear to not have been initialised. The assignment must take place once $c has been changed, and only then shoudl $this0>arr[0] be given the assignation of $c, otherwise $c will be treated as thought it has nothing to do with $this->arr[0].
One good thing has happened at least this week. The main DNS servers at work are all running TinyDNS now. This has many great advantages, besides just being able to store it all in a database which can reproduce in a given format. The original project started here, as a java/mysql solution to provide users with a free dynanmic address. This work will continue. Perhaps I will develop it a bit more when in Scotland.
Oh, and slackware 10.2 is now available.
2005-09-11 stop it with the changes
Right I hope this is the last change for a while to the taill program. I have it rigged now so that I can combine many log files into a single output. I had some trouble with a redirect > not writing what it should be, so theres a parameter for specifying the target file for the combined log file, this is useful with programs such as apachetop which monitor up to a certain number of logfiles (50 in the case of apachetop).
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/stat.h>
/*
20050911 en made changes to allow for greate than one logfile on the
argument list and output as if dealing with one log
for use with programs like apachetop log monitor (limit of
50 log files).
suggest future change of reading log file list from file
as command line has limits.
20050908 en started the taill program to watch a log file. unlike tail
this closes the file after reading, and resets the
pointer to 0 if the file becomes smaller.
*/
int help()
{
printf( "Usage: taill file\nWhere file is the file to monitor\n" );
printf( " -[file] specifies where output should be sent\n" );
exit( 0 );
}
int main( int argc, char *argv[] )
{
FILE *fp,*fp2;
char *ptr = malloc( 10000 );
struct stat fsize;
long sizes[argc];
int counter;
char *output=NULL;
if( argc < 2 )
{
help();
return( 0 );
}
for( counter=1 ; counter < argc; counter++ )
{
if( argv[counter][0] == '-' )
{
output = argv[counter]+1;
fprintf( stderr, "%s", output );
}
}
/* do some reading here */
for( ;; )
{
int i;
sync();
for( i=1 ; i<argc ; i++ )
{
if( argv[i][0] == '-' )
{
// fprintf( stderr, "continue\n" );
continue;
}
// fprintf( stderr, "Checking %s\n", argv[i] );
if( ( fp = fopen( argv[i], "r" ) ) == NULL )
{
fprintf( stderr, "Sorry I cannot open %s\n", argv[i] );
help();
}
stat( argv[i], &fsize );
if( fsize.st_size < sizes[i] )
{
// fprintf( stderr, "File has rotated\n" );
sizes[i] = 0;
}
if( fsize.st_size > sizes[i] )
{
// fprintf( stderr, "%s has changed\n", argv[i] );
fseek( fp, sizes[i], SEEK_SET );
while( fgets( ptr, 10000, fp ) != NULL )
{
if( output != NULL )
{
if( ( fp2=fopen( output, "a+" ) ) == NULL )
{
fprintf( stderr, "I cannot open %s for append\n", output );
help();
}
fprintf( fp2, "%s", ptr );
fclose( fp2 );
}
else
{
printf( "%s", ptr );
}
}
sizes[i] = ftell( fp );
// printf( "%ld %ld\n", fsize.st_size, size );
}
fclose( fp );
}
sleep( 1 );
}
free( ptr );
return( 0 );
}
This makes watching two log files at the same time, or into the same place very easy. For example, to watch both a dnscache and tinydns server log at the same time to the current terminal you may do the following:
# tailr /etc/tinydns/log/main/current /etc/dnscache/log/main/current
2005-09-10 might be true
I have noticed this site slip a bit in the search engine rankins since moving to a database format, perhaps it is because the pages are linked to with query strings in the format of ./?variable=value style. I have decided to change the links around a bit so that this is masked through the use of a 404 page. Here is the code which translates some plain text characters to query string and then includes it.
<?php header( "HTTP/1.1 200 OK" ); header( "Status: 200 OK", TRUE, 200 ); $url = strtolower( $_SERVER['REQUEST_URI'] ); $url = preg_replace( "/_/", "?", $url ); $url = preg_replace( "/~/", "&", $url ); $url = preg_replace( "/\./", "=", $url ); include( "http://www.usenix.org.uk/index.php" . $url ); ?>
Of course, this may not be at all true and the search rankings might just be a result of having less keywords on each page. But we will shall see.
2005-09-10 bug in tail code
Sorry, I hadnt really tested it properly. The file assignment was wrong, it was not looking at the arguments. Here is the correct version.
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/stat.h>
/*
20050908 en started the taill program to watch a log file. unlike tail
this closes the file after reading, and resets the
pointer to 0 if the file becomes smaller.
*/
int help()
{
printf( "Usage: taill file\nWhere file is the file to monitor\n" );
exit( 0 );
}
int main( int argc, char *argv[] )
{
FILE *fp;
long size,date = 0;
char *ptr = malloc( 10000 );
if( argc < 2 )
{
help();
return( 0 );
}
/* do some reading here */
for( ;; )
{
struct stat fsize;
if( ( fp = fopen( argv[1], "r" ) ) == NULL )
{
help();
}
stat( argv[1], &fsize );
if( fsize.st_size < size )
{
size = 0;
}
if( fsize.st_size > size )
{
fseek( fp, size, SEEK_SET );
while( fgets( ptr, 10000, fp ) != NULL )
{
printf( "%s", ptr );
}
size = ftell( fp );
}
fclose( fp );
sleep( 1 );
}
free( ptr );
return( 0 );
}
2005-09-10 python rules
Ok I got a book about python earlier this month, what can I say, this language is pretty good. Just take a look at how easy it is to do some simple recursion.
$ python Python 2.3.5 (#2, Jun 19 2005, 13:28:00) [GCC 3.3.6 (Debian 1:3.3.6-6)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> def multi( x,y ): ... return x*y ... >>> multi ( 4,6) 24 >>> multi( multi( 4, 6 ), multi( 5,5 ) ) 600 >>>
This is quite special. It's nothing exterodinary for a programming language to perform, but this is a quite cool, its only a couple of lines in length. When I can find some reason to use it rather than java, bash, or c/c++ then I'll grab hold of the bull by it's horns. This may have some advantage for use in web applications, but I can't see any immediate reasons just yet.
2005-09-09 finally a peaceful day
Finally, after the choas of this week I get half a day that's nearly quiet. This is super good for me. This weekend I'm going to focus on a couple of programming projects and then come Monday one of the support team is on holiday for a week. Boring stuff I know but life on the work network will have to be kept as quiet as possible as I don't want to be speaking to customers a great deal.
Nothing suprisingly technical has happened today. Someone has pointed out to me that pf has been ported to linux, it's available from here http://abstractvoid.se/pf4lin.html.
I shall be giving this a go very shortly I hope it proves useful.
2005-09-08 tail doesnt do it
Tail doesnt work when files get rotated, so I wrote my own.
I've been wanting this functionality for some time now, just never got around to doing something about it. I'm sure soemone else somewhere will have done this already, but I've not seen it.
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/stat.h>
/*
20050908 en started the taill program to watch a log file. unlike tail
this closes the file after reading, and resets the
pointer to 0 if the file becomes smaller.
*/
int help()
{
printf( "Usage: taill file\nWhere file is the file to monitor\n" );
exit( 0 );
}
int main( int argc, char *argv[] )
{
FILE *fp;
long size,date = 0;
if( argc < 2 )
{
help();
return( 0 );
}
/* do some reading here */
char *ptr = malloc( 10000 );
for( ;; )
{
if( ( fp = fopen( argv[1], "r" ) ) == NULL )
{
help();
}
struct stat fsize;
stat( "./taill.c", &fsize );
if( fsize.st_size < size )
{
size = 0;
}
if( fsize.st_size > size )
{
fseek( fp, size, SEEK_SET );
while( fgets( ptr, 10000, fp ) != NULL )
{
printf( "%s", ptr );
}
size = ftell( fp );
}
fclose( fp );
sleep( 1 );
}
free( ptr );
return( 0 );
}
To compile; gcc taill.c -o taill. I have named it taill, where the additional l is for log, I suppose tailr (r = rotata?) could be better. who knows..
2005-09-07 finally happened
The main line at work was switched over to the NAT network at 0815 hours this morning. The change over was fairly painless, except many staff whined about their particular little problem in comparison to the grand scheme of things. This is where being a sysadmin can really suck.
I have found a couple of problems with some of my pf rules, everything was perfect as planned except for one of the wonderful thwarting rules which I wanted to have running, for example
rdr pass on $ext_if proto tcp from any to 1.2.3.4 port {80,3389} -> 10.10.10.10block quick drop from abuse_src
pass in on $ext_if proto tcp from any to $range port {80,3389} keep state ( max-src-conn 3, max-src-conn-rate 2/5, overload flush global )
According to some advice on the pf mail list I should be able to correct this with one of the two things:
- Adding the port number to the end of the rdr rule, so rdr on $if from any to $add port {22} -> $add port {22}
- Separating the rdr pass rule into two parts
I think splitting the rule up will probably help, but this will have to be done after some other more important issues.
And finally. I have ordered a openbsd t-shirt. I really love this OS. It does not have all the bells and whistles that Linux or in some cases FreeBSD might have but it sure does work well for servers.
Oh, just a quickie. If you want to find out which package contained a certain file in debian, you can use the following script with some alterations to one of the greps to search for the file you're interested in. I don't know if there's a better way, but it works.
for i in $( dpkg --get-selections | sed 's/\t.*//' ) ; do A=$( dpkg -L $i | grep -E "dig|host" ) ; if [ "$A" != "" ] ; then echo $i ; fi ; done ;
2005-09-06 wow what a cluster fuck
Today has been just one cluster fuck after another. While making arrangements to switch pc's from one network into another network (as part of a NAT), some rules on mail servers meant that mail was bounced, (nearly 2000 messasges).
Problems were caused mainly though some DNS server details that were over looked and rules were not updated for the mail server relay settings. All in all, a busy day of explaining to people why stuff was not working.
I choose the subject 'wow what a cluster fuck' because that is the phrase that I am coining to mean that something has gone terribly wrong with an automated system. It's clustered because more than one thing has been impacted by the disaster.
I got some certificates through the post from www.brainbench.com, which I had waited about 8 weeks for. They're not all that bad really. I have BSc, HND, and OND certificates already and these are not a whole lot different. These included:
- Linux Administration (general)
- Network Security
- RDBMS Concepts
- Java I
- HTML 3.2
- Computer Technical Support
- Computer Fundamentals (WinXP)
- Computer Fundamentals (Win 95/98)
Despite them being in envelopes marked "Fragile do not bend" in large letters the postal service still folded them to fit the letter box. No they did not have the sense to push them all the way through but to leave half the envelope exposed to the weather and get well and truely creased. Well done.
Although I rate my skills as a unix/linux person quite highly the Linux exam is quite tough, I advise anyone with a bit of experience to take this as it does open your eyes a bit.
There was a test which I took and failed! Yes myself, a seasoned computer techie failed a computer tech exam. This was of course the Windows 2003 administration exam.
2005-09-03 great news for me!
A company that I worked for is going down the pan! Well, that's great news for me, bad news for any of the subscribers or remaining employees. Well, tough luck, you should have found alternative employment or broad band provider by now. Anyone who knows me will know exactly which company I am talking about. I am rather disgruntled, and rightly so, I am about 500 quid out of pocket.
2005-09-01 new month, new stuff
Today has been interesting, can not use IIS Ftp on the windows boxes because the NAT has an interesting problem related to reflection, which I mentioned last month.
The IIS box cannot find it's external IP address, it goes through a NAT router, and could only hope to guess it's outside address. This is fair enough, but it shoudl at least allow the end user to change the address that it gives out during the PASV session.
So, I have found something called GuildFtpd which allows for specifying a arbitary address to use during the PASV session. Quite good as a free program, however, it's not open source, so I have no way of creating the userbase. Quite a shame really, it means I have to do lots of manual work. I even asked for their specification so that I could make use of it.
I think the authors just want to keep it as a mIRC puppy program.
On the UNIX front. There's nothing new today. Other than if you want to cover your tracks when sending mail through a qmail system, just send 10megs of mail commands to the server so that multilog rotates the logged data out.
I've got myself a google login and have configured my front page (www.google.com/ig) and it's pretty cool, they allow the end user to set their own RSS content (well, netscape had this about three years ago).