Friday, August 01, 2025
Keep calm and carry on
I haven't been writing nearly as much as I would like due to my own, well, not exactly fear, I'm not sure what the best word for this is, because of LLMs being shoved down the collective throats of everybody. It's as if the rest of the world has decided to double down on crazy pills and if you aren't also taking crazy pills, you yourself are crazy and should be shunned from society.
Or something to that effect.
It just seemed so pointless to keep writing about my ANS Forth implementation when Forth itself is a rather niche language that has less “training material” than Python, Go or Rust,
running for a criminally underrated 8-bit CPU that probably has less “training data” than Forth,
for what?
A world that has decided that expertice is an outdated concept that should be handed off to a glorified random number generator?
That “time to market” has to be minimized to such a degree that programmers should use every short cut they can,
which includes LLMs,
is now The Right Thing™ to do?
[Never mind that being “first to market” hasn't stopped companies like Microsoft,
which to my recollection,
has never been first to market with anything other than a commercial version of BASIC back in 1975,
or Apple,
which wasn't the first to market a home computer
(with or without a GUI),
or Google,
which wasn't even in the first two dozen of web search engines,
or Facebook Meta,
which wasn't the first social website,
from becoming some of the largest companies in the world.
“Time to market” my XXX!]
I also find it worrying that of all the development tools created to “help” programmers with their jobs, it's LLMs that, again in my experience, has been the only one that has been mandated from the C-suite that everybody must use it! I've never found IDEs to be useful myself, yet I've never had an employer demand I use one. So why do LLMs get shoved down our throats? I just don't understand it. With IDEs, individual developers, or maybe even a team, can decide that the use of an IDE with worth the investment and I have no problem with that. And I feel the same should be for LLMs—those developers who feel an LLM is worth using should be able to use them. But being pushed by the C-suite? When the C-suite probably has no idea how programming works? It must be some herd mentality pushed by hype.
So yes, I haven't been inclined to write much about programming because who XXXXXXX cares when LLMs will do it all for us? But then I have to forcibly remind myself that the Orange Site isn't indicative of the industry as a whole and I should just keep calm and carry on. And follow through on my own advice.
Discussions about this entry
Saturday, August 02, 2025
Two more bits of surrealism while out and about in Boca Raton
I was out driving to grocery store when I saw an old man walking on the street (our neighborhood is sans sidewalks—typical for Lower Sheol), white hair, white moustache, white beard, set off by the entirely black suit he's wearing, along with a heavy black outer coat. Mind you, it's about 90°F outside (30°C for those of you who are not living in one of the three countries in the world to still use the Imperial System). That's not the oddest thing though. No, he's carrying what looks like a small wheel covered completely in fur.
It turns out it's a type of hat the man wears on certain religeous holidays. I wasn't sure what religeous holiday it was, but whatever it was, it apparently requires a hat that looks like a furry wheel while wearing all black.
On a larger road, I fall behind a man riding a motorcycle. The man in question is not wearing a shirt, which, okay, I wouldn't go shirtless on a motorcycle, but hey, it's his choice for a potentially bad case of road rash (to be fair though—he was wearing a helmet, so he wasn't completely blasé about it). Again, that wasn't the odd thing. No, the odd bit was the series of large dots covering just the right side of his back. There were a bit too uniform in shape and placement to be some form of skin condition, yet they didn't look like tatoos either. It almost looked as if he had the right side of his back cupped.
Monday, August 04, 2025
When vibe coding, isn't the source code the prompt?
I've been thinking about “vibe coding” (probably overthinking) and how that might effect development in odd ways. And by “vibe coding” I mean in its original meaning, “where you fully give in to the vibes, embrace exponentials, and forget that the code even exists.” Since February, I've come across several projects, some commercial, that have been “vibe coded” in such a manner. And I found myself asking myself, what's the source code in this case? What file should be checked into source control? And my answer was “the prompts, of course.”
I have a project where I need to parse HTML, and I wrote some PEG code to do it. But the code I checked into source control wasn't the resulting C sludge that came out of the tool, but the PEG code itself—that is the source of … um … the source, as it were. If I want to change the parser, I don't change the C code, I change the PEG code and regenerate the C code. I don't necessarily care about the C code output, much like I no longer necessarily care about the assembly output from the C compiler. And there are many DSLs out there that “compile” into some other code like C or Rust, and in those cases, it's the file that contains the DSL that is checked into source control, not the resulting output of the tool.
So how is that any different from “vibe coding,” where “you fully give in to the vibes … and forget that the code even exists?” It's not the output that you necessarily care about, but the input. So, when “vibe coding,” the source code is the prompt or prompts. And it's that source code, the prompts, that you should therefore check into source control.
I can hear the arguments, even from the pro-AI side, that this is a silly concept to even contemplate and you should check in the resulting output into source control. But, isn't a selling point that AI will improve to the point where programming will change fundamentally? That in the future, all you have to do is prompt the computer to “write a content management system for a website where updates can be made via email” and have the AI do the work? In such a scenario, it's the prompt that matters, not the resulting Rust/Go/Javescript/Python sludge that comes out. Another arguement against this would be that it would play hell with reproducable builds, but again, that can be solved by AI, right? That's the end game for this, right? To have AI write the code for us?
Full disclaimer: I find this horrifying and hope it doesn't come to pass, but I feel this is the logical outcome from “vibe coding.”
Discussions about this entry
- When vibe coding, isn't the source code the prompt? | Lobsters
- When vibe coding, isn't the source code the prompt? - Lemmy: Bestiverse
- When vibe coding, isn't the source code the prompt? | Hacker News
Tuesday, August 05, 2025
A bit of a deep dive into the Feedly bot
This Lobsters thread got me looking at Feedly again. Last month, the Feedly bot made the following requests to the Atom feed for my site:
| Resource | Response | Agent | Requests |
|---|---|---|---|
/index.atom | 200 | Feedly/1.0 | 2058 |
//index.atom | 200 | Feedly/1.0 (poller) | 86 |
/index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 37 subscribers; ) | 19 |
/index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 16 subscribers; ) | 19 |
//index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 8 subscribers; ) | 19 |
/index.atom | 200 | Feedly/1.0 (poller; 37 subscribers; ) | 11 |
/index.atom | 200 | Feedly/1.0 (+https://feedly.com/poller.html; 37 subscribers; ) | 1 |
/index.atom | 200 | Feedly/1.0 (+https://feedly.com/poller.html; 16 subscribers; ) | 1 |
One suggestion for one request for /index.atom having 37 subscribers,
and another for /index.atom having 16 subscribers was one was originally for http: and the other for https:.
That's a decent explanation,
given we have 8 subscribers for //index.atom,
telling me that Feedly is treating http://boston.conman.org/index.atom,
https://boston.conman.org/index.atom and https://boston.conman.org//index.atom as entirely separate feeds,
even though I now redirect http: to https:.
But even though I do redirect http: to https:,
it's with a temporary redirect,
not a permanent one
(because I'm still wary about making the redirect permanent)
so that one is totally on me;
the //index.atom is obviously a typo so that one is totally on Feedly.
I still can't tell the difference between the fetcher and the poller. Even the pages describing the two are identical, except one says “Fetcher” and the other says “Poller.” That's just really weird. And what's with the plain “Feedly/1.0” bot?
The 200 response means that Feedly did not do a conditional fetch of the feed
(Feedly can ask “Did the file change since I last requested it?” and my server can reply with either
“Yes, here it is” with a 200 response, or “No, it did not” with a 304 response).
I did go back before I {^2022/12/04.1 switch to https:) and there,
(from November of 2022)
I get a completely different Feedly:
| Resource | Respose | Agent | Requests |
|---|---|---|---|
/index.atom | 304 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 27 subscribers; like FeedFetcher-Google) | 2656 |
/index.atom | 304 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 28 subscribers; like FeedFetcher-Google) | 477 |
/index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 27 subscribers; like FeedFetcher-Google) | 40 |
/index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 28 subscribers; like FeedFetcher-Google) | 8 |
Aside from picking up one more subscription from Feedly,
it's what I would expect—most requests are conditional with none of that “fetcher/poller” stuff.
I can explain the current lack of conditional requests on the http: to https: redirect throwing off the request code,
since that seems to hold true starting with December of 2022.
But in June of 2023,
when I get my first https: subscriber,
there is no conditional requests:
| Resource | Response | Agent | Requests |
|---|---|---|---|
/index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 32 subscribers; ) | 227 |
/index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 1 subscribers; ) | 136 |
/index.atom | 200 | Feedly/1.0 (+http://www.feedly.com/fetcher.html; 33 subscribers; ) | 74 |
So maybe their https: request code fails to do conditional requests?
Odd,
but it does explain why there are no conditional requests.
It also appears that they tuned their polling down from November of 2022 to June 2023.
Seems like a few easy bugs to fix to me.
But then in September of 2023,
the number of requests for the https: version shoots up over 4,000,
almost 6,000 in October 2023,
and in November of 2023 the “poller” first shows up,
only to go away in December of 2023,
only to show up again in March 2024 and stick around from there.
So it's clear to me that the backend at Feedly changed,
and from my point of view,
not for the better.
Tuesday, August 12, 2025
I'm afraid Benjamin just won't be reclaiming his property any time soon
I think I have to resign myself to perpetual confusion over people not knowing their own email addresses (and I could have picked easily a dozen other posts about this). This case, it's not some other Sean Conner not knowing their own email address, or a person attempting to mail some other Sean Conner not knowing the proper email address, but a non-Sean Conner not knowing their own email address. This time it's a Benjamin who is attempting to reclaim some property while signing up for rent assistance who also has an Electronic Arts gaming account.
I suppose it could be some elaborate troll but that's quite a bit of work to set up. Maybe some sort of tactic to get me to click on some malware laden link? Whatever it is, it's just bizarre.
Wednesday, August 13, 2025
A first world problem that is partially my own fault, but I must also lay some blame to the Monopolistic Phone Company who took untold billions from the government for infrastructure upgrades, failed to do so while at the same time driving out other DSL providers
Nearly a year ago I received the first letter from my ISP about it ditching DSL service and replacing it with “wireless service.” To me, “wireless” is bad enough but to further state that it was easy to set up from a “phone app” was just XXXXXXX icing on the cake. What if I didn't have a “phone” to put such a “phone app” on? So I kept putting the letters into the round file.
Then a little over three months ago my router just spontaneously reset to it's factory settings and I couldn't get the DSL back up. I called the ISP and trying to get up and running again, I relented to get the “wireless service” only to realize after I hung up that I had use the wrong password. I was then back on DSL. Several days later the “wireless service device” showed up at our doorstep, but I knew that just be looking at it funny, the DSL would be immediately turned off and I would be forced to use it. So I put it into a corner of the office and pretended to forget about it.
Then in late July, Bunny received two texts from the ISP. The first one said that we best return the unit within 90 days of receiving it or face additional charges. Six hours later, the ISP sent a text saying they haven't received the unit, and we were facing additional charges.
And then today, we're offline.
The DSL has solid green lights. It's just that I can't get authenticated to get onto the Internet. I then saw the “wireless service unit” in the corner of the office and decided to bite the perverbial bullet. I installed the “phone app” on Bunny's phone (since I don't have a “phone” capable of running a “phone app”) and tried to activate the unit.
I could not get the “wireless service unit” activated.
It took about two hours on the phone, but the upshot is—my ISP, the Monopolistic Phone Company that took billions in “handouts” from the government to improve their infrastructure (you know, fiber everywhere? Except here in Boca Raton, and for large portions of the US in general) and also used their position to force third party DSL providers out of business, has finally decided to call it quits on DSL, and because I did not set up the “wireless service unit” within 90 days of receiving it, it was “cancelled.” So I have to return that unit, and get a new “wireless service unit” sent to me. Oh, and if I can't run the “phone app” I don't have to worry, all I have to do is call them up and have them configure things on my behalf.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX!
Until it arrives (anytime between Friday and Monday), we are without DSL here at Chez Boca.
I also dread installing the “wireless service unit” because it's probably been designed assuming everything I use here is wireless (it's not) and that it's going to control the routing (I already have a network set up XXXX you very much). I mean, it may be possible to keep my existing network up and running, but at this point, I'm too cynical to even keep my hopes up.
Thursday, August 14, 2025
“I've got a bad feeling about this”
While on the phone with my ISP, I was told I could just take the now cancelled “wireless service unit” to the closest UPS store, give them the account number and they would take care of returning it. No charge.
At least there's that.
So I sent to my local UPS store and unlike last time the clerk was behind the desk, browsing the Intarwebs on her smart phone. “I'm here to return the Monopolistic Phone Company ‘wireless service unit,”,” I said, dropping the box on the counter.
“I'm sorry,” the clerk said, “we don't handle these at this location. You want the UPS store across the street.”
“Excuse me?”
“Yes, you can even just make it out from here, over there,” she said as she pointed. “We get a steady stream of people in here returning them. I even returned mine.”
“You did?”
“Yup, it sucked!”
“Oh.”
“Yup,” she said, “I much prefer using my phone.”
“Oh. Thank you.” I then left the store and navigated my way across the street.
This does not bode well.
I'm at the UPS store across the street. It's larger and not as cluttered as the previous UPS store. it's even closer to Chez Boca than the previous store. How did I not know about this one? Anyway, “I'm here to return the Monopolistic Phone Company ‘wireless service unit’,” I said, dropping the box on the counter.
“Okay,” said the clerk. She picked up the box, scanned it a few times and that was that.
“Done?” I asked.
“Done.”
“Do you get may people returning these?”
“All the time,” she said.
This really doesn't bode well.
Friday, August 15, 2025
Notes on an overheard conversation while at dinner
“No, I'm the one that goes ‘woo-hoo’ when you push my stomache. Woo-hoo!”
“We have a weird and wonderful relationship.”
“I'm weird, and you're wonderful?”
“Yup.”
Tuesday, August 19, 2025
It was as bad as I feared, but not in the way I was expecting
My friend Mark wrote me, asking why I was not with Comcast. I answered it was more the devil I know than the devil I don't know. Intertia is hard to overcome at times.
The “wireless service unit” finally showed up at Chez Boca yesterday. I had the “phone app” to configure the device installed on Bunny's phone and I think that was my first major mistake. I should have ignored the marketing crap about the “easy to use phone app” and configured it manually via the web interface that most home routers come with these days.
But alas, I did not do that. I opened the box, took the unit out, and started following the steps on the “phone app.” I got as far as the sign in page.
Sign in?
The “wireless service unit” is right next to me.
Why do I need to “sign in” to The Monopolistic Phone Company to configure a unit right next to me?
I tried creating a sign in account,
but didn't get very far.
Since the service is in Bunny's name,
I tried using her email address XXXXX@XXXXXXXX.conman.org but the Monopolistic Phone Company apparently doesn't like a third level .org domain.
It accepted sean@conman.org though.
But even that wasn't enough to get signed in.
So I did the second worse mistake of the day—I called tech support. I spent the first half hour getting to the right technician only to have the phone call dropped. The second call was an hour and a half and consisted of me repeating the following over and over again:
“No, I do not read email on my phone.”
“I can't check email on my phone since I never set it up.”
“No, as I have stated, I cannot check my email on my phone.”
“No, I cannot check my email since I don't have Internet access! That's what I'm trying to set up!”
“What do you mean I have to use my email password to sign in? That's for email, not this site!”
“Yes, I know my email address is my ID, but that doesn't mean your system will accept my email password.”
“What do you mean check my email on the web? I don't use the web to check my email.”
“Okay, I've got my laptop hooked up to the ‘wireless service unit” and I still haven't received your email yet.”
“Yes, I can receive email. I've received several pieces of emails in the time you've tried sending me email.”
“No, I cannot check my email on my phone.”
“No, I don't read my email on the web.”
“Gmail? You want me to log into Gmail? Look, I know that 95% of people use Gmail, but I'm in that 5% that don't use Gmail.”
“Okay, I'll click on the link you sent to my phone for a video call. Okay, see? There's my email client—no email from you.”
“You want me to log into Gmail on the web? Did you not hear me? I do not have a Gmail account.”
“Okay, see where it says ‘Sign up for Gmail”? Oh, now you believe me?”
“Okay, can you give me the number for Comcast?”
Did I mention that was an hour and a half long conversation?
It was clear during the conversation that the “wireless service unit” was preconfigured with default settings,
enought for my laptop (and Bunny's laptop) to get onto the Internet.
After hanging up,
I did what I should have done and went to https://192.168.1.254
(as printed on the back of the unit)
and configure it via its web interface
(I'm now convinced that the “phone app” is nothing more than a web browser that loads the web app from the “wireless service unit”).
It was at this point that I have to move three book shelves to get to the mess of existing wires supporting the now dead DSL link. My existing wireless router decided to have a fit and for a good half hour I thought it was dead (no, it just took an exceptionally long time to reboot—yes, I was having a grand ol' time here).
Over the course of a few hours, I was able to get the “wireless service unit” configured to get everything back online. I had to dig for the advanced Wi-Fi settings to get it to send different SSID for the 2.4GHz and 5GHz radio bands (something my old wireless router did automatically). I wish it came with more than two Ethernet ports, but I'm really only using one port anyway (it's the principle). It may be faster than the DSL, but I can't really tell since I'm not downloading huge files nor a hardcore gamer. The only things I don't like is the lack of multicast support (which I did use but can't now) and I think it drops inactive NAT TCP connections a bit too quickly for my liking (still testing that).
The only positive thing is that the “wireless service unit” supports IPv6 and not only did it assign a
(I hope)
static IPv6 address,
but it's a /64,
so now my main computers all have a public IP address,
something I haven't had in 25 years.
I'll see how today goes, but I'll double check the phone number for Comcast.
Wednesday, August 20, 2025
Notes on an overheard conversation while at lunch with friends
“Could I please have a menu?”
“Wait! What? A menu?”
“Yes.”
“Really?”
“Yes.”
“Oooookay … here you go.”
“Thank you.”
“Did Hell freeze over or something?”
“I just feel like having something different today.”
“…”
“I'll have the pork sandwich, with cornbread.”
“I … I … I don't know how to act. Okay, pork … cornbread … ”
“Thank you.”
“A. just said you were ordering something different? Is that true?”
“Yes, I ordered something different today.”
“Really?”
“Yes.”
“…”
“I just felt like having something different.”
“I … I don't know how to act.”
“That seems to be happening a lot here today.”
More issues with the Monopolistic Phone Company's “wireless service unit”
Day three of the “wireless service unit” and it's becoming clear why so many people are returning it. Bunny's laptop seems to drop consistently from the network, and I can't figure out why it's happening. She needs to turn off Wi-Fi, then turn it back on again, and she can use the Internet for some random period of time.
There was a spontaneous reboot of the “wireless service unit” last night. The thing takes an unusually long time to boot up. We're talking a solid five minutes or so.
The signal strength of the internet connection fluctuates wildly throughout the day.
And the only positive aspect I found,
the IPv6 assignment,
isn't what I thought it was.
It,
too,
is reassigned at random like the IPv4 address.
There is no need for that to happen!
The IPv6 address space is large enough to almost assign every grain of sand on Earth its own IPv6 /64 network address space!
There is no reason to reassign IPv6 addresses at all!
Sheesh.
Thursday, August 21, 2025
“Bro, ban me at the IP level if you don't like me!”
More and more I think I'm coming around to Jihad Alex Schroeder's Butlerian Jihad. For reasons, I'm looking into web activity and so far, the top webbot this month is one identifying itself as “Thinkbot,” which may be related to this AI company but I can't be sure. Here's how it itentifies itself: “Mozilla/5.0 (compatible; Thinkbot/0.5.8; +In_the_test_phase,_if_the_Thinkbot_brings_you_trouble,_please_block_its_IP_address._Thank_you.)”.
Seriously,
that's it.
No URL to read up on it.
It doesn't look at the robots.txt file.
Just “bro,
ban me at the IP level if you don't like me!”
Yeah, block its IP address. You mean the 74 unique addresses it used this month alone? Checking each IP address for the ASN it's from shows the 74 address coming from 41 (41!) network blocks!
A further check showed that all the network blocks are owned by one organization—Tencent. I'm seriously thinking that the CCP encourage this with maybe the hope of externalizing the cost of the Great Firewall to the rest of the world. If China scrapes content, that's fine as far as the CCP goes; If it's blocked, that's fine by the CCP too (I say, as I adjust my tin foil hat).
In any case, I added the following network blocks to my “badbots firewall rule set:”
43.130.0.0/18 43.130.64.0/18 43.130.128.0/19 43.130.160.0/19 43.131.0.0/18 43.132.192.0/18 43.133.64.0/19 43.134.128.0/18 43.135.0.0/18 43.135.64.0/18 43.135.192.0/19 43.153.0.0/18 43.153.192.0/18 43.154.64.0/18 43.154.128.0/18 43.154.192.0/18 43.155.0.0/18 43.155.128.0/18 43.156.192.0/18 43.157.0.0/18 43.157.64.0/18 43.157.128.0/18 43.159.128.0/19 43.163.64.0/18 43.164.192.0/18 43.165.128.0/18 43.166.128.0/18 43.166.224.0/19 49.51.132.0/23 49.51.140.0/23 49.51.166.0/23 101.32.0.0/20 101.32.48.0/20 101.33.64.0/19 119.28.64.0/19 119.28.128.0/20 129.226.160.0/19 150.109.32.0/19 150.109.96.0/19 170.106.32.0/19 170.106.176.0/20
The above list probably doesn't exhaustively enummerate Tencent's network block ownership, but it's a start. The above covers 476,590 unique IP addresses (excluding the base network and broadcast address for each network block). I think it's bad that I had to do this, but with the current landscape of the Internet, it seems inevitable. We can't have nice things it seems.
Commenting runtime state changes
As I was banning Thinkbot, I saw the previous entries in the “badbots firewall rule set”. The first one was banning a particularly bad Gemini bot that would make an invalid empty request only to immediately follow up with a valid request, for every request it made! That was the first bot I actually banned, and it was very recent ban too—June 19th.
But it was the second entry on the list that puzzled me:
Chain badbot (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 77.25.18.172 0.0.0.0/0 tcp dpt:1965
138 8280 DROP all -- * * 185.177.72.0/24 0.0.0.0/0
(the count of 0 for the first rule—I had to reboot my server recently for reasons I'm still trying to resolve). I will have to go through the log archives to see why I banned the 185.177.72.0/24 network, and that reminded me of an idea I had years ago but never did anything about it.
Twenty-eight years ago (sigh) I wrote the greylist daemon (source code, and for the record, I'm still using it). It tracks a tuple of sending host, from address, to address and the default is to just greylist (that is, artifically delay) a tuple never seen before. But you can override the default behavior for the hosts, from address and to address. So for instance, I can reject hosts:
gld-mcp>iplist reject 206.214.64.0/19
But now, years later, why did I ban that network? I mean, I did set it at some point:
gld-mcp>show iplist
106 GREYLIST 0.0.0.0 0.0.0.0
0 ACCEPT 64.12.0.0 255.255.0.0
0 ACCEPT 64.233.160.0 255.255.224.0
0 ACCEPT 66.94.224.0 255.255.224.0
0 ACCEPT 66.102.0.0 255.255.240.0
0 ACCEPT 66.163.160.0 255.255.224.0
0 ACCEPT 66.218.64.0 255.255.224.0
0 ACCEPT 66.220.144.128 255.255.255.128
0 ACCEPT 66.249.80.0 255.255.240.0
0 ACCEPT 66.249.64.0 255.255.224.0
0 ACCEPT 66.252.224.0 255.255.252.0
0 ACCEPT 69.63.176.0 255.255.240.0
0 ACCEPT 69.147.64.0 255.255.192.0
0 ACCEPT 70.34.16.0 255.255.240.0
0 ACCEPT 72.14.192.0 255.255.192.0
0 ACCEPT 74.125.0.0 255.255.0.0
0 ACCEPT 127.0.0.1 255.255.255.255
0 ACCEPT 140.211.11.3 255.255.255.255
0 ACCEPT 149.174.0.0 255.255.0.0
0 REJECT 172.128.0.0 255.128.0.0
0 ACCEPT 192.168.0.0 255.255.0.0
0 ACCEPT 204.127.217.0 255.255.255.0
0 ACCEPT 204.127.0.0 255.255.0.0
0 ACCEPT 205.152.58.0 255.255.254.0
0 ACCEPT 205.188.156.0 255.255.254.0
0 ACCEPT 205.188.0.0 255.255.0.0
0 REJECT 206.214.64.0 255.255.224.0
0 ACCEPT 207.115.11.0 255.255.255.192
0 ACCEPT 207.115.0.0 255.255.192.0
0 ACCEPT 207.171.188.0 255.255.255.0
9 ACCEPT 209.85.128.0 255.255.128.0
0 ACCEPT 209.131.32.0 255.255.224.0
0 ACCEPT 216.39.48.0 255.255.240.0
0 ACCEPT 216.239.32.0 255.255.224.0
but there's no indication of when, or why. A fews years of use, and I wish I had added a way to comment such entries. For instance, I blocked 172.128.0.0/16 at some point, but since then, the block is now owned by Microsoft in the United Kingdom. I think I can remove that block now (maybe?).
And I think that iptables
(and related commands,
I think the preferred firewall interface for Linux is now nftables?
Good lord, the churn in this industry is insane)
having a way to add comments might be nice,
like:
# iptables -A badbots --comment "Thinkbot daring me to ban it 2025-08-21" -s 43.131.0.0/18 -j DROP
I don't know, it's just a random idea I have.
Friday, August 22, 2025
I did not get the memo, because if I did get the memo, it went straight into the spam bucket
My biggest spam folder by far is the one for emails addressed to my registrar email address. It gets spammed because I've been using it for years, back at the time when WHOIS information was public and you had to pay extra to hide it. So any emails sent to my registrar email address not from my registrar got filtered into a specific spam folder (and yes, I think I might be the only person to filter spam into different folders). Email from my actual registrar is filtered into another folder, where I get notices about upcoming domains expiring.
Today I just happened to notice in the registrar spam folder that Network Solutions was sending me emails about an expired domain. That's weird, I thought. I haven't used Network Solutions in decades. I first used Network Solutions back in the late 90s, but I pretty quickly switched to Dotster which I found to be decent enough, and when they finally stopped the upsells for services I don't want or need, they got bought out by Web.com several years ago. Web.com was … meh. Very slow, not many upsells, but damned if I could change my payment method throught their website (I had to update my credit card info with a new expiration date and security code and it was impossible to do so via the web; even tech support had issues with changing it so I had to switch to a new card—literally, how hard is it to give you money, Web.com?). So Network Solutions telling me I have an expired domain just seemed weird.
But I decided to check with Web.com anyway, and … WHAT THE XXXX?
It's now Network Solutions?
In the three months since I renewed a domain, Web.com got bought out by Network Solutions?
No wonder I didn't get the memo, it went straight to spam.
Many upsells, and (because I did not get the memo in time) an additional “reactivation fee” for the now-expired domain. And as icing on the perverbial payment cake, I couldn't change my credit card info.
Sigh.
