Recently, I wanted to install a legacy OS in a virtual machine with QEMU.

However, for several reasons, I did not want it to be able to access the Internet but still be able to access some services on my host.

I had already done something similar in the past with a tap interface, but it was not very convenient, as you need to bring your own DHCP server or use manual configuration.

So, by reading the fine manual, I found an option I had not heard about before: restricted=yes on the user network mode.

It makes QEMU create a virtual network, with the usual DHCP server and connection to the host, but without Internet access.

In addition, it is possible to specify various guestfwd options.

Sadly, the forward mode opens only one connection when the machine boots. Therefore, if you want to forward every new connection, you will have to go through netcat or a similar program. For example, I used this option to redirect connections to 10.0.2.100 to an HTTP server I created with Python:

-nic 'user,model=virtio-net-pci,restrict=yes,guestfwd=tcp:10.0.2.100:80-cmd:netcat 127.0.0.1 8000'

And that was enough for me to pass a few files without using Samba or swapping isos.

Recently, I had to check a legacy email address we used at home until a few years ago.

We almost stopped using it, but some services are still tied to it. The result is that whenever I need to check it, I find tons of spam, and the web interface is kinda bad, so it takes ages to delete all of it.

Some months ago, I learned to interact with IMAP from Python when I wrote a script to download and back up email accounts.

So, I modified it to output a CSV with all the senders and subjects of the emails in the mailbox. The scripts left a column empty to mark the emails that should be deleted with an x.

Then, I wrote another script to read the modified changes and to move the marked emails to the trash for a final review before emptying it.

Recently, I found myself in the same situation again, but I did not keep these scripts, so I had to write a new one.

It did not take much, but since it might be helpful to someone (at least the future me), I decided to share it here.

It takes the parameters to connect to the IMAP server on the command line. Then, it takes the action (write-csv to create the CSV with the list of emails, or read-csv to read it to send the changes to the server), and finally the name of the CSV file.

The script is released in the public domain, and, as always, it comes without any warranty.

TL; DR

Fastweb si aspetta il vostro IP pubblico anche nei messaggi SIP (ad esempio, nel campo From).

Quindi, se il dispositivo su cui gestite il VoIP si trova dietro NAT, dovete trovare il modo per configurarlo in modo che riporti l’indirizzo assegnatovi da Fastweb.

Nel mio ATA Grandstream, il campo da popolare si chiama Use NAT IP.

Per una configurazione Asterisk, bisogna aggiungere un paio di impostazioni al transport (in pjsip.conf):

[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0
local_net=10.0.0.0/8
local_net=172.16.0.0/12
external_media_address=12.34.56.78
external_signaling_address=12.34.56.78

Questo dovrebbe risolvere i 403 Forbidden quando provate a fare delle chiamate. Un sintomo dello stesso problema è che la registrazione avviene con successo, ma le chiamate non funzionano. Un errore di autenticazione (password incorretta, per esempio) restituirebbe un 401 Unauthorized, quindi dovrebbe manifestarsi in maniera diversa anche in eventuali log e/o UI.

Inoltre, potrebbe servirvi una qualche forma di keep-alive (a meno di non aprire una porta sul vostro firewall), altrimenti dopo un po’ di tempo il vostro numero potrebbe diventare irraggiungibile. … [Leggi il resto]

Dopo numerosi anni, ho cambiato ISP.

Da tempo mi ero stufato di TIM. Ogni volta che ho avuto bisogno di assistenza sono diventato matto. Inoltre prevedono aumenti di tariffe automatici e ingiustificati. Un’operatrice una volta mi ha detto che per loro sta al cliente di accorgersi della scadenza di un’offerta e chiamarli per riceverne una nuova.

Non stavo cercando attivamente un’alternativa, ma da diverso tempo ne stavo tenendo alcune sott’occhio. Il mio requisito essenziale è che non voglio (anzi, più probabilmente posso) rinunciare all’indirizzo IP pubblico. Aggiungerei anche la portabilità del numero VoIP tra le necessità.

Invece dei plus ben graditi sono il modem libero o al più in comodato d’uso gratuito, il prezzo bloccato, l’assenza di penali nascoste per il cambio di operatore e l’assenza di costi di attivazione (in quest’ordine).

L’offerta di Fastweb

Ad un certo punto mi sono imbattuto in un promotore Fastweb e ho deciso di dare loro un’opportunità.

Fastweb è nota per offrire indirizzi in NAT, ma il venditore mi ha promesso che sarebbe stato possibile averne uno pubblico in maniera gratuita (al che io ho risposto che avrei usato il mio diritto di recesso nel caso non fosse stato così). … [Leggi il resto]

Occasionally, I still work with my Intel RealSense, on my RGBD toolbox, and affine topics.

Recently, I decided to allow multiple formats for the color images (initially, I had hardcoded them to JPEG only).

Therefore, I had to modify my data structures to work with pairs of paths instead of their common stems.

The UI to add new frames to the scene lists all the valid frames once and puts them into an ordered std::set, now keyed on the path pair.

With my previous assumption on fixed formats, I could do lookups on the set to quickly check if a provided stem was valid.

After the changes, this involved a heterogeneous comparison, i.e., a comparison of different types.

The trivial way to do this is a linear search, e.g., with std::find and a lambda or a range-based for.

However, this seemed a frequent case to me, and I was curious to see if there was a way to still take advantage of the optimized algorithms provided by the containers.

Indeed, there is! But it was added only since C++14.

After implementing bool operator<(const Other &, const Key &), you can pass std::less<> as a comparator to your container instead of the default std::less<Key>.

That is a particular template specialization that was developed for this purpose. It contains an is_transparent type that enables the templated version of some methods in STL containers.

This stack overflow answer contains many details. A TL; DR is that this implementation avoids unwanted conversions that could have undesired effects (e.g., the continuous creation of temporary objects from literals).