Bogon Filtering using Regex

, posted: 24-Jan-2018 13:16

I had to filter the Bogon (RFC1918 + CGNAT (RFC6598) + Loopback (RFC990) + Link Local (RFC3927)) from within a proxy server I was setting up. RFC5735 covers a lot of the non-routeable addresses all in a single RFC with the exception of CGNAT. I used this page as a start and tweaked it to my own requirements.

My regex testing site of preference is: as it has an excellent UI to test with and breaks out what the regex is doing.

This is the regex I ended up with:


Reading it the regex blocks the following ranges: &

Regex: ((?:10|127)(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3})

Explanation - A non capture group ?: match 10 or 127 then capture ". + 1-255" {3} times as a non capture group. &

Regex: ((?:192\.168|169\.254)(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2})

Explanation: A non capture group ?: match 192.168 or 169.254 then capture ". + 1-255" {2} times as a non capture group.

Regex: ((172\.(?:1[6-9]|2[0-9]|3[0-1])(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2})

Explanation: "172." then non capture group 16-19 or 20-29 or 30-31 then capture ". + 1-255" {2} times as a non capture group.

Regex: ((100\.(?:6[4-9]|[7-9][0-9]|1[0-1][0-9]|12[0-7])(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2})

Explanation: "100." then non capture group 64-69 or 70-99 or 100-119 or 120 to 127 then capture ". + 1-255" {2} times as a non capture group.


Hope someone finds this useful.

Extracting encrypted passwords from Sun Identity Manager

, posted: 2-Nov-2011 20:25

For my sins I am using Sun IDM.  And I was somewhat disappointed at how easy it is to extract any password from Sun IDM without needing any authentication.  As long as you have comand line access to call the LH you can extract the configurator password.  Here are a few links I found on this topic.

The second link includes the javascript code needed, but a session needs to be established first.  So this is the modified code I used.

/* Decrypt Sun IDM Passwords */
var _lhSession = new InternalSession();
print("Encrypted = " + arguments[0]);
var pwd = new EncryptedData();
print("Decrypted = " + pwd.decryptToString());
/* End */

Then have the above script called pwd.js.  Calling it as shown below:

./lh js pwd.js "3A961D0D453E218C:6BCF235D:122ED7C4BB6:-7FA4|GsggQAq2YSSbb1sZE9Xaxw=="
Encrypted = 3A961D0D453E218C:6BCF235D:122ED7C4BB6:-7FA4|GsggQAq2YSSbb1sZE9Xaxw==
Decrypted = configurator

So... to get the encrypted password you want, a modified version of the JS to take an input file and return the passwords:

/* Decrypt Sun IDM Passwords */
var _lhSession = new InternalSession();
var file = new FileReader(arguments[0]);
var br = new BufferedReader(file);
var line;
while ((line = br.readLine()) != null) {
var obj = _lhSession.getObject(Type.USER, line);
var pwd = new EncryptedData();
print(obj.getName() + "," + pwd.decryptToString());
/* End */

Plus i've now got the offline decryption working too by extracting out the encryption key:

$WSHOME/bin/lh console -c "getObject EncryptionKey *"

And the Misc data:

/* Extract Misc Data */
var _lhSession = new InternalSession();
var obj = _lhSession.getObject(Type.MISCELLANEOUS, "miscData");
print("Result" + obj.toXml());
/* End */

Then call the javascript:

$WSHOME/bin/lh js misc.js

Using the code shown above from Dark Edges.

Sad.. But true.

NZ Cell Site location information - Now with Google Fusion Tables!

, posted: 26-Aug-2011 13:00

Many of you may know that I have an existing blog entry with KML files you can download or load up in Google Earth here:

So... Now thanks to Mark Hansen and is great work he did drawing all the links nationwide

I've come to learn of Google Fusion Tables.  Now the super cool thing about Fusion Tables is you can map data from a table in fusion tables directly into Google Maps and not have the annoying 1000 Placemark limit you have with KMLs plus sluggish response when loading a KML file into Google Maps.

With Google Fusion you can either map directly from with Fusion from your dataset, or write up a small web page and do some pretty stuff.  I've got the web page so then I can add a Fusion Tables style in so all the place marks have a "T"/"V" etc depending on if it's a Telecom or Vodafone site.

Try V2 of The NZ Cell Information:

If you look in the html it lists the Fusion Table data that I extracted out of RSM which can be found here: 1355049

NZ Cell Site Information

, posted: 26-Sep-2010 14:52

I have extracted the data out of the Radio Spectrum Management Database Spectrum Search Lite which is the Government agency who controlls all radio frequencies in NZ. They kindly put up their whole database as a Access 97 DB free for download (Yay for Open Govt!).  So this is the frequencies that the companies are allowed to transmit from, not necessarily an actual Cell Site.  But more often that not it IS a cell site.
First I transferred the Access Database into a SQLite Database using mdb-sqlite. Then using a SQL Query and Saxon I manipulated the files into KML Files.


I've been playing around with Google Fusion thanks to Mark Hanson's great entry showing how he used the RSM data to get all the radio links:

Now I have a Google Fusion site showing all sites.

Update: I've just added Carrier specific kml's with icons at each site saying what frequencies are transmitted from that site.

Update, this is a work in progress with updated data and displaying the data slightly differently.

RSM Database dump 20 June 2011

If you want a copy of the whole archive to create the KMLs from the RSM Database download just PM me and I will send you the link.

All Sites

All Cell Sites by Carrier:
This lists all Cell Sites broken down by carrier.  The Google Maps 1000 Feature Limit means that it won't load properly in anything other than Google Earth.
KML and Google Maps Link

This has just Telecom, Voda, 2Deg and Woosh, and all the frequencies on a per-site basis.  It still doesn't open very well in Google Maps due to the large number of Placemarks.
And a GPS with the Site Name - Provider and Location all in the Name string: or Google Maps Link


All Telecom Sites: CDMA, XT850 and XT2100
KML or Google Maps Link

Telecom CDMA:
KML or Google Maps Link
Telecom XT 850 Mhz:
KML or Google Maps Link
Telecom XT 2100 Mhz:
KML or Google Maps Link


All Vodafone Sites: 900, 1800 and 2100
KML or Google Maps Link

Vodafone GSM 900:
KML or Google Maps Link
Vodafone GSM 1800:
KML or Google Maps Link
Vodafone WCDMA 2100:
KML or Google Maps Link

Note: I'm not sure which 900Mhz sites are 2G and which are 3G Extended.  This isn't registered in RSM since Vodafone own the frequency and can do what they like with it.

Two Degrees

All Two Degrees Sites: 900, 1800 and 2100
KML or Google Maps Link

Two Degrees GSM 900:
KML or Google Maps Link
Two Degrees GSM 1800:
KML or Google Maps Link
Two Degrees WCDMA 2100:
KML or Google Maps Link

Custom Two Degrees Maps

And New Cell Site Locations (that only have microwave backhaul so far).

KML or Google Maps Link

And All 2D Locations across the country.

KML or Google Maps Link


Woosh TD-CDMA 2067.5:
KML or Google Maps Link

Any other mobile networks I should add, just PM me.

Feel free to redistribute in any format you want, as this is public information from RSM anyway.

Fun with Snapper - Take 1

, posted: 20-Jul-2009 08:15

After getting a Snapper USB I thought I would look into what it's all about a bit more, and see if I can see what's going on and look into the card using Linux. Firstly it took a while to figure out where to find the USB Driver software, as the Snapper site isn't exactly obvious on where you download it from: <- The main start page <- Download the ActiveX control <- Download either the USB or Snapper Feeder driver Or direct links: <- Phone home to see if it all works. Ok, so you can start off with getting the ActiveX control installed, this is why you need IE (ugh) Then after I had the drivers installed I found out it's a Smartcard, in fact it's a JCOP 3.1 card as per its ATR. Using standard smartcard interrogation tools, I found the ATR for the USB is: "3B 69 00 FF 4A 43 4F 50 33 31 56 32 32" which means it's a JCOP 31 v22 72K as per: Ok, so it's a pretty secure card, banking quality so doing anything untoward is pretty much out. Now on to see if I can get GPShell working with it: ... Watch this space.

Gemini image blowing up Clone Dreamboxes

, posted: 19-Apr-2008 14:14

Just a FYI for you clone dreambox owners out there.

It seems that in an "Attack on the Clones" the Gemini team have released a kill switch after you have been running the image for a while as part of their 4.x (but especially 4.3 and 4.31) images that will brick your Clone DM500 to a point that you will never be able to get it back.

My recommendation is to run the PLi image, but for those looking at putting a Gemini image on your clone box ... just say no.

Daylight Savings in NZ

, posted: 2-Apr-2008 20:23

One thing you Kiwi's may be having is the DST Start & Stop times in all the Dreambox images (PLi & Gemini) are not correct, so you need a correct Timezone file.

I have posted a entry on the PLi site about this here:

You need to download the zoneinfo.tgz, extract out the file "Auckland" and rename it to "localtime" then ftp it to /var/etc which is where the localtime with incorrect DST start and stop times is at.  Then reboot your box by telneting to the box and typing reboot.

Then you should be done and the timezone should be fine!.

Changing MAC address

, posted: 4-Feb-2008 09:38

I was asked this and didn't know the answer, as the boxes I have had always have unique mac address, so it was never a problem... however it was pretty easy to change as detailed below:

Telnet to the DM, and type the following commands:

cd /var/etc
rm init
echo \#!/bin/sh >> init
echo ifconfig eth0 down >> init
echo ifconfig eth0 hw ether xx:xx:xx:xx:xx:xx >> init
echo ifconfig eth0 up >> init
chmod 755 init

You need to change the xx:xx:xx to the mac address you want.  Then the box will reboot... and the MAC address is changed.   Easy!

Moteck Motor Setup on a Dreambox

, posted: 18-Jan-2008 13:44

After playing around for a while deeply confused why I couldn't get my newly purchased Moteck Satellite motor (ex trademe!) to correctly point to Optus D1 I figured out my problem.

I found on another site the following:

The file you need to modify is the /var/tuxbox/config/enigma/config file. The Diseqc 1.2 motor settings are in the line starting with 's:/elitedvb/DVB/config/lnbs/0/RotorTable'

Example Settings are:

Yours may/will well be different but you get the idea..... The format is:
Entry "-0300014"
"-0300" = 030.0 West (Hispa)
"014" = stored position 14


+0192 = 019.2 East
002 = stored position 2

Whenever I load a new image I select diseqc complex setup, untick the USALS setting, save and exit, then load captains settings, reboot.

So What I needed to do was change:


As I had configured D1 (160.0 East) to Stored Position 0. So I needed to remove that and set it to:


This then meant that the GotoXX was always used and hopefully (once the motor is up on my roof!) the motor will move to the right location for each satellite!.

that took me ages to figure out!

Dreambox SCART Connector for Component

, posted: 8-Jan-2008 09:31

I have had various questions about the SCART Connector on the Dreambox.

The SCART supports (from what I have tested) Composite and Component, however in theory it also supports S-Video (as per what you can configure in the On Screen Display setup).

For a SCART to Component connection I recommend buying a JayCar WQ7255 which at $48 seems not such a bad price (I don't work for Jaycar nor do I have shares in them, just a cheap place to go and get a cable that works IMHO).

The wiring that you should look for is shown below, the three connectors in the middle of the right hand side of the SCART connector are the component out, the two down the bottom are the Left & Right Audio.

Once you have the right cable go into the AV Setup under Setup -> System Settings and set the Colour Format to "YPbPr" for Component instead of "RGB" or "CBVS" for Composite.

BarTender's profile

Bar Tender
New Zealand