Adding a sidebar to this blog

Contents

One thing I’ve noticed about the more visually appealing and user friendly blogs is they have sidebars. So this week I set about adding one to this blog.

I use Nikola for building my blog, and there’s a sidebar plugin for it. But it’s far from plug and play. The plugin can generate the required HTML for the sidebar, but it’s up to the user to get it displaying in the output. That means playing around with the template system and CSS, and adding the sidebar content to the HTML pages generated by Nikola.

Read more (23 paragraphs) …



Setting up and using Wake-on-LAN on Linux (2020 edition)

Contents

Introduction to Wake-on-LAN

This week I decided to see if I could get Wake-on-LAN (WoL) working. I’ve tried a couple of times in the past with no success.

Wake-on-LAN is a protocol for turning on a computer that is (mostly) powered off by sending a “magic packet” over the local area network. Refer to the Wikipedia article for a full description.

The computer’s on-board network interface and BIOS have to support it. The WoL Magic Packet technique, where the computer wakes up when the network interface sees FFFF FFFF FFFF followed by 16 repetitions of its MAC address, was defined twenty years ago, so even most older computers support it.

But you can’t simply set the BIOS to start the computer on WoL and expect it to work. The WoL feature has to be enabled in the network interface every time the system is restarted. If that’s not done there’s a good chance the card’s firmware will turn off the interface altogether when the system is shut down, so it can’t listen for the magic packet. That’s why my earlier attempts to use Wake-on-LAN failed.

Getting Linux to set the Wake-on-Lan feature on system restart has been the topic of many blog posts over the years. However, systems descended from Red Hat, including Fedora and CentOS, changed how they configure the network interface starting with Red Hat Enterprise Linux version 6. Prior to that the best practice was to add a line to /etc/sysconfig/network-scripts/ifcfg-ethX. That can still be done, but it also requires having to configure a startup feature that was deprecated by systemd.

So now the hest practice for setting the network interface to watch for the WoL magic packet is to use a tecnhique that Debian and Ubuntu systems have been using for a while: set up a little systemd target to do the work.

Read more (19 paragraphs) …



In search of a good proportional sans-serif font

This week I searched on fontlibrary.org for a proportional sans-serf font that displays different glyphs for upper-case ‘i’, lower-case ‘L’, the digit ‘1’ (one), and the vertical bar. Many fonts use nearly identical glyphs for these, which can be vexing for a programmer.

KDE has a font viewing tool that lets the user enter arbitrary text for displaying a sample. I used the following text:

UC(i),LC(L),ONE,BAR=I,l,1,|  Oh,Zero=O,0   Uu Vv Ww

Many of the sans-serif fonts at Font Library suffer from the same problem as the one I was trying to solve: nearly identical glyphs for some characters. I found the following that didn’t have that issue.

  • Comme Regular
    • Comme is a fork from the Oxygen Font family by Vernon Adams, designed for Free desktops and UIs.
  • Go Regular
    • A family of high-quality WGL4 TrueType fonts, created by the Bigelow & Holmes type foundry specifically for the Go project
  • Linik Sans
    • Linik Sans is developed from Inter, version 3.3, and Manix Sans HL fonts. The changes are: truly tabular figures, ‘6’ changed so it doesn’t look like a rotated ‘9’, and tailed ‘l’
  • LVC Sans Regular
    • LVC Sans is a modification of IBM Plex Sans fonts - the key modifications are the glyphs containing “g” and the use of a slashed zero. This family contains only four weights.
  • Recurso Sans
    • Recurso Sans is developed from fonts Recursive Sans Linear. Changes are made to make the characters more legible, such as the dotted ‘0’ and ‘l’

Read more (20 paragraphs) …



Brian's Useful Utilities Set

This week I made another long term goal of my blog with the addition of Brian’s Useful Utilities Set. The page has descriptions and source code for about two dozen utility program I’ve written and make use of on almost a weekly basis.

Setting up the page was not without its complications. Due to the way the blog software (nikola) works, I need to maintain a separate copy of the source files in a subdirectory named listings. But I didn’t want the overhead of having to update the listings directory any time I made a change to one of the programs.

My solution was to save SHA1 checksums of the original scripts in a file. As part of building the blog, a script runs that computes the current checksums of the source files and compares them with the stored values. If any are different the script copies the new file into place and updates the checksum.

Then another issue arose. I prefer to indent all my programs using tabs at four space intervals. Howver, the nikola program that generates colour highlighted HTML versions of the source files expands tabs on eight spaces. (The Nikola configuration doesn’t have a setting for this, and I haven’t bothered digging into the code to see if there’s an easy workaround.)

My initial fix was to modify the files as stored in the listings directory to use only spaces. But that caused another problem. Each colourised HTML page includes a link to download the original source file in the listings directory—which gives the user the version that has tabs converted to spaces. But I wanted to make available the version that uses tabs.

So I made another change to the blog build script. Now it initially stores the files with tabs conterted to spaces in the listings direcotry so the highlighter script can generate HTML showing the correct spacing. Once that’s done, I replace the files in listings with original (with tabs) versions.



Whitelist-AGI: Whitelisting a number from your extension

Whitelist-AGI has a limited ability to add numbers to the whitelist by using feature code *33. You can choose to add either the last caller into the extension or an arbitrary number.

Because the existing set of sounds in FreePBX doesn’t have the same support for whitelisting as it does blacklisting, some of the prompts and responses are a touch … inventive.

Do the following to add a number to the whitelist from your extension.

Read more (10 paragraphs) …



Setting up Whitelist-AGI

Contents

Caution: These notes may be out of date. As of February 2020 I plan to build a proper FreePBX module for Whitelist-AGI, which should render these instructions obsolete.


This section provides a step-by-step guide to setting up whitelist-AGI on FreePBX.

Read more (46 paragraphs) …



Whitelist-AGI Design goals

Contents

I had the following goals in mind when designing and programming Whitelist-AGI:

You are in control

The system administrator has control over how incoming numbers (and names) are handled, including:

  • Where to route a call that passes the whitelist check
  • Where to route a call that’s not on the whitelist but has a reasonaable name
  • Where to route a call that’s not on the whitelist and the name is hidden or is otherwise not useful
  • Who is and is not on the whitelist

Read more (10 paragraphs) …



Whitelist-AGI: Whitelisting strategy

Whitelist-AGI is implemented in FreeBPX as follows.

  • A new context named whitelist is added to the Dialplan. It runs an AGI script that checks the CallerID number against the Whitelist group in the Contact Manager.
    • If the CallerID number is in the group, the result is success
    • If the CallerID number is not in the group but the CID name looks legitimate, the result is softfail
    • If the CallerID number is not in the group and the CID name is suspicious, the result is hardfail
  • A note on hardfail: a “suspicious” CallerID name is one of the following:
    • Blank
    • Consists of only digits
    • Starts with “Anonymous”, “Blocked”, “Spam”, “Unknown”, or “Withheld”
    • Has the same value as the one set in the “Artificial CNAM” field of the CID Superfecta “Abandon Lookup” data source
    • “Private” is not on the list. Many people have a legitimate desire or need to have an unlisted number and should not be treated as a telemarketer or scammer.
  • The system administrator sets up a Custom Destination named Call Whitelisting that uses the whitelist context
  • The sysadmin sets two options in Connectivity > Inbound Routes > (route):
    • Set Destination is set to Custom Destinations > Call Whitelisting
    • Other > CID Lookup Source is set to a value, typically ContactManagerWhitelist
  • The sysadmin sets up a Custom Destination for each of the three possible results from the whitelist.agi script (success, softfail, hardfail) to tell FreePBX how to handle the call

Introduction to Whitelist-AGI

A downside of easily configurable PBX systems combined with ubiquitous internet is a plague of unwanted robocallers. Billions of calls are now made annually to people and businesses with the intent to sell services or, worse, scam them out of some money.

FreePBX has had the ability to blacklist callers for a long time. Unfortunately the blacklist works only when the inbound number is consistent. But these days very few telemarketing companies and scammers use the same CallerID number for each call, making the backlist ineffective for these callers.

This is where whitelisting comes in. Each call on an inbound route gets its number vaidated against a whitelist that can be pre-seeded during setup with a list of known good numbers and names, and is then built up over time. The validation returns one of three results:

  1. Success: The number is on the whitelist
  2. Softfail: The number is not on the whitelist but the CallerID name looks good
  3. Hardfail: The number is not on the whitelist and the CallerID name looks suspicious

The FreePBX administrator can choose what happens for each of these results.

Here is the source code for the Whitelist-AGI script