Am having fun learning bash sed and awk.
Have spent 30 years writing very complicated .bat then .cmd file's first for dos then for Win NT CMD, so am having to convert my brain over for sh and bash. I did a course on youtube on sh and unfortunately learnt a ton of very out of date stuff, the course was from c.2002, so am now realising the error of my ways and trying to get my mind right with bash sane replacement techniques. God what a mess it all is, although powerful in some respects.
I have written my first genuinely useful bash tool. A kind of ping program which in addition works out what ipv6 and ipv4 addresses some target box has by looking something up in the dns.
I wrote my very first tiny awk program today, simply to optionally help with reformatting textual output in a cleaner appearance, to be used by the aforementioned bash tool. Awk is nice. Not yet sure when to use it and when to stay away.
Not got very far with sed yet - bit confused by the apparent relationship between the presence or absence of the command line switches and requirements for escaping certain characters in regexes for reasons unknown to me. Different regex dialects are a pain too. Have got too used to expecting PCRE dialect to always be available. Need to do a lot more reading and dig out some meatier examples. A lot of sed tutorials I've stumbled upon get bogged down in explaining regexes, which I don't need, have been doing regexes for 30 yrs, and don't get on with the real actual sed stuff.
Some of this stuff is so sophisticated that it starts to make me wonder if I would just be getting seduced by madness and should just be writing a C program to do some job or other instead and be done with it. (The D programming language [google dlang] is my new love affair, so it would probably be D instead of C now.)
Having destroyed my raspberry pi yet again by making config mistakes that mean that ssh into it no longer works, I have given up in embarrassment for the time being.
Instead, I have rented a pi from Mythic Beasts which is physically parked somewhere near docklands I imagine. I have ipv6 (only, I think, sort-of) ssh access in to the box as root and it is running very stripped down 32-bit arm Ubuntu (no 64-bit arm AAarch64 builds yet from these guys unfortunately, great shame). The o/s comes perfectly lean for headless-only use, ie no graphics, human input devices etc. There is a choice of three different linux flavours, I picked Ubuntu at random. I did try one of the other flavours as well, one which I believe is most commonly used by pi users. For some reason I seem to have settled on Ubuntu, have no idea what the practical differences are, maybe not much especially if you are headless.
I have failed so far to get firewalling set up and I suspect there isn't any at the moment. Attempts to do so and to secure ssh slightly better simply mean I ended up locking myself out umpteen times so that I had to nuke the installation and format the disk. Luckily one can just hit a button and remotely format the disk and reinstall an o/s image of your choice in a few seconds by using Mythic Beasts’ clever remote admin tools, and I have done that a lot. :-( :-) That’s one huge advantage over owning my own pi, which I cannot nuke and reinstall without help. God knows how they do it and god only knows what it is booting from.
Fun learning bash etc on the system anyway.
I have managed to apt-get two D compilers - GDC (GCC family) and LDC (LLVM family) which are both superb. Unfortunately the packages that are available pre-built and all packaged up are quite old versions. I would love to get the latest releases built for arm, but trying to download and compile them from sources has proved a nightmare of twisty passages as I don't possess a complete shell script to do the whole job and I got lost in very long confusing instructions and was not sure exactly where some files needed to be parked after I downloaded huge dollops of stuff from amazingly slow servers on dialup or something.
I would like to think up some good things that I can do with a hosted external pi, to give it some work to do. Any suggestions?
I would also like to give it a security check up. I want make sure it can't be exploited by bad guys. Being effectively ipv6-only helps a little bit as things are at the moment.
I am trying to get a mail server, set up it. Chose postfix somehow. Think the config is done but it needs a lot of proper testing, which I have not even started yet. I want to smtp some outbound mail into the box and then forward it onwards to AA's outbound SMTP servers. The reason is that I have some iot devices that produce email for log reports and are quite old-fashioned and cannot handle AA's recent requirements for well-secured best practice email transport. To be sure of doing the right thing, I need the email to ultimately go through AA’s outbound SMTP servers because that is what my own SPF policy rules declare. So the idea is that the pi can pick up outbound SMTP, but only from a tight range of src ip addresses (if I have done the job right) and send everything on to AA if I have got the mail server config correct, following instructions from an article on this very topic which I found on the web.
I could do with someone trying to test the security of the mail setup, hopefully would fail to get mail injected into it from src addresses that are disallowed. I could do some tests myself using a temporarily tweaked config. A volunteer would need ipv6.
I also wonder about other kinds of abuse possibilities, whether the box could be used in traffic amplification, given the presumed lack of firewalling. Like almost all Pis, it only has a miserable 100Mbps nic, so it isn't going to be able to take down Facebook on its own. (I'm told that you can do quite a good bit better than 100mbps network i/o by using certain USB nic hardware, but the internal horrible nasty bus is the ultimate limiting factor that cannot be surmounted and gigabit nics are just throttled by that.)