TCP window size scaling problem

I encountered a strange problem earlier when I tried to visit a website: the TCP connection would just hang. I ran Wireshark to see what was happening and noticed a pair of strange acks that made no sense to me.

I tried to access the same website from two other machines, and ran tcpdump to capture the traffic. Both the other machines were able to complete the request.

I loaded the tcpdump output into Wireshark to compare with the failing connection. The only significant difference was the TCP window size. The failing connection had a window size of 5888, while both working connections had window sizes of 5840. But it wasn’t quite that simple. The failing connectian and one of the working connections were using window scaling, so I had the following three situations:

working? TCP win scale window size
no 0x002e 7 5888
yes 0x05b4 2 5840
yes 0x16d0 0 5840
I switched window scaling off using sysctl net/ipv4/tcpwindowscaling=0 and I could access the website!

Now that I know what the problem is I am happy to switch window scaling back on and not visit that website until they fix their buggy router or firewall.

What is a Cultural Creative?

I don’t know why I did the test, and I don’t know what the result means, but:

You scored as Cultural Creative. Cultural Creatives are probably the newest group to enter this realm. You are a modern thinker who tends to shy away from organized religion but still feels as if there is something greater than ourselves. You are very spiritual, even if you are not religious. Life has a meaning outside of the rational.
Cultural Creative 81%
Postmodernist 63%
Fundamentalist 56%
Existentialist 44%
Modernist 31%
Romanticist 31%
Materialist 25%
Idealist 25%

Axe Wielding Maniac

I bought a small axe yesterday.  It’s great!  And it was fun using it to chop the branches off a small tree.  But the fun stopped when I sliced through the top of my thumb half way into my thumbnail.

This story would sound more dramatic and impressive if I finished it here, letting you believe that I injured myself with the axe.  But it wasn’t the axe that hurt me.  I was very accurate with the axe, and survived the branch removal with only three thorn stabs.  It was the cheese sandwich making that hurt me.  I’m blaming the deceptively dangerous cheese slicer.  Maybe I’ll chop it up with my new axe.

Spork and chopsticks

At YAPC::Asia Ingy told us all about Sporx, explaining that it was a combination of Spork and Takahashi, and so should be pronounced “Sporkahashi”.  When I began to tell Karen about “Sporkahashi” she said “That was clever” when I had only mentioned the name.  Because she knew little about Spork and nothing about Takahashi she had assumed the “hashi” was 箸 instead of 橋.

Well, Karen wouldn’t have thought about the kanji characters, but she knew that “hashi” (箸) meant “chopsticks”, so she thought a “spork and chopsticks” name was a smart idea from Ingy.

I don’t think anyone else spotted that.  The “hashi” (橋) in Takahashi (高橋) means “bridge”; 高橋 is a surname that means “high bridge”.

Two years is not such a long time

I used to have a blog, but I stopped writing two years ago. I’m going to try to start again, and my first step is switching from MovableType to WordPress by mostly following Tony’s example. I also convinced Karen to switch too, by moving her blog so she didn’t have much choice.

I needed to perform the same Kwiki format cleanup that Tony did, but I wanted a different permalink structure: I prefer the date and name based option in WordPress. So I didn’t need to hack the WordPress import script or worry about matching IDs. Instead I needed to generate a list of redirects, one for every blog entry. I wrote a short Perl script to create the list from the Movable Type export:

use strict;

my $user = shift or die "usage: $0 user\n";

local $/ = "--------\n";

while(<>) {
  my ($id) = /^ID: (\d+)/m;
  $id = sprintf "%06d", $id;
  my ($title) = /^TITLE: (.*)$/m;
  $title = lc $title;
  $title =~ s/\s+/-/g;
  $title =~ s/[^\w-]//g;
  my ($m,$d,$y) = m{^DATE: (\d+)/(\d+)/(\d+)}m;
  print "Redirect permanent /$user/archives/$id.html$user/$y/$m/$d/$title\n";

etcon #0

Despite the name, it isn’t a conference for extra terrestrials. ETCon, or ETech, is O’Reilly’s emerging technology conference. It started today with tutorials that we didn’t enroll for, so we just came down to use the network. We did try to register this morning, but we were told that we had to wait until this afternoon because we are all evil terrorists who might sneak into one of the tutorials we didn’t enroll for and infect everyone with a new lethal virus we have developed, or something like that.

Apache2 cgi userdir

A simple reqest: I wanted to run a cgi script from my public_html dir in my home dir. So I set the appropriate permissions and the ExecCGI option in my Apache2 config and tried the script. It failed. The error log reported “Premature end of script headers”, so there was obviously something wrong with the script.

But no! The script worked when I tested it. It just wouldn’t work when Apache2 tried it.

I had no idea what was happening, so I tried some other scripts. A pattern soon emerged: any script in my home dir would fail. After spending so long getting this far, I’m glad that my first guess at the real problem was correct.

It appears that Apache2 won’t execute scripts in userdirs if it suspects that someone other than the user may be able to affect them, so it didn’t like my scripts because my directories had group write permission. A quick

chmod g-w ~/public_html

was enough to make it all work.