SanjuroE's blog

A future without JavaScript

Web programming without HTML, JS, or CSS

Posted on May 29, 2021

A while ago I came across an article indicating that Google was planning to switch to using the Canvas API for Google Docs. This let to some contemplation as to why Google is doing this and what this could mean for the future of the web. A short re-cap of... [Read More]

Tags: javascript opinion group9

nftables basics

Introduction to nftables

Posted on May 24, 2021

nftables is a very powerful packet filtering framework, otherwise known as a firewall. In this tutorial I will introduce the most important mechanism which will allow you to build your own firewall. The tutorial assumes you are running Debian 11 “Bullseye”. It will not work on earlier version of Debian,... [Read More]

Tags: ops sec

iptables vs nftables

Upgrade, or not yet

Posted on May 23, 2021

nftables will eventuelly replace iptables as the Linux kernel packet classification framework, more comply referred to as ‘the firewall’. Both are still maintained, and will be for a while. So which one should you choose? Well obviously, nftables replacing iptables, the answer is nftables, at least in the long run.... [Read More]

Tags: ops sec

Creating an unmarshaller using bytecode

An example of code generation at deploy-time

Posted on May 15, 2021

In this blog we will create a simple unmarshaller at deploy-time using bytecode and measure its performance. This blog is part 4 of 4, the series consists of the following posts: Writing an unmarshaller by hand Constructing an unmarshaller using reflection Generating an unmarshaller using annotations Creating an unmarshaller using... [Read More]

Tags: java group9

Generating an unmarshaller using annotations

An example of code generation at compile-time

Posted on May 5, 2021

In this blog we will construct a simple unmarshaller at compile-time using an annotation processor and measure its performance. This blog is part 3 of 4, the series consists of the following posts: Writing an unmarshaller by hand Constructing an unmarshaller using reflection Generating an unmarshaller using annotations Creating an... [Read More]

Tags: java group9

Debugging an annotation processor

Using JUnit5 and Java Tool API

Posted on May 2, 2021

An annotation processor is a plug-in to the Java compiler itself. So in order to debug a processor it either needs to run inside the compiler itself or be provided with a mock Compiler API. The Compiler API is rather complex and extensive to mocking it, even using mocking libraries... [Read More]

Tags: java

Safe reload with nftables

Reducing the risk of getting locked out

Posted on May 1, 2021

As of Debian Buster the default package filtering mechanism is nftables replacing iptables1. When using iptables I have always used the excellent Shorewall to help manage the firewall. Unfortunately Shorewall does not, and probably never will, support nftables2. Nftables has a number of improvements over iptables including features which provide... [Read More]

Tags: ops sec

Constructing an unmarshaller using reflection

An example of code generation at run-time

Posted on April 25, 2021

In this blog we will construct a simple unmarshaller at runtime using reflection and measure its performance. This blog is part 2 of 4, the series consists of the following posts: Writing an unmarshaller by hand Constructing an unmarshaller using reflection Generating an unmarshaller using annotations Creating an unmarshaller using... [Read More]

Tags: java group9

Writing an unmarshaller by hand

An example of code generation at code-time

Posted on April 11, 2021

In this blog we will write a small unmarshaller by hand at code-time and measure its performance. This blog is part 1 of 4, the series consists of the following posts: Writing an unmarshaller by hand Constructing an unmarshaller using reflection Generating an unmarshaller using annotations Creating an unmarshaller using... [Read More]

Tags: java group9

Multiple Redis databases on Debian

Running multiple Redis instances on a Debian host

Posted on April 3, 2021

Occasionally you may want to run multiple Redis database on the same host. Redis has a concept of databases, however these are less like a traditional database, and more like a namespace. Redis databases have a number of drawbacks: Redis databases have a number (typically 0-15) rather than a name... [Read More]

Tags: ops

Phases for generating code

Code-time, compile-time, deployment-time, and run-time

Posted on March 27, 2021

Code is generated at many phases during the development & deployment cycle. Everyone is familiar with compile-time at which the compiler generates (byte)code. However code is generated at other times/phases as well. In this post I divide code generation into four phases. I will also discusses some of the benefits... [Read More]

Tags: java

Time sync KVM guest on Debian

Using PTP to synchronize the time of a KVM guest VM

Posted on March 14, 2021

Synchronizing the time inside KVM guests is essential for a large number of reasons, including correlating logs from multiple guests and Maildir locking. When a KVM guest start up it is provided with the host clock. This is used initialize the clock of the guest to the correct time. On... [Read More]

Tags: ops