Tag Archives: Ukraine

News from the blog 2022-03-22

Support to Ukraine

I’m Catalan. In 1936 the fascist military leaded by franco raised in arms against the elected government of the Spanish Republic. The Italian and nazi German fascist in power bombed the Catalan population. Hundreds of thousands of innocent citizens were assassinated and millions of Catalan and Spaniards had to exile. The sons of those that were ruling with the dictator have been insisting in naming it a “civil war”, but it was the military lead by a fascist, revolting against the legitimate Republic and ending a democracy.

The dictatorship lasted until 1975, when the dictator died in the bed. The effects of the repression never abandoned Catalonia, and nowadays in Catalonia people is still detained by the Spanish police for talking the Catalan language in front of them, and our Parliament decisions are cancelled by the Spanish courts, for example to force the exit of a President of Catalonia that they didn’t like, or to force the Catalan schools to teach 25% of the time in Spanish attacking the Catalan teaching system.

During WW2 millions of Jews were mass murdered, also people from all the nations were assassinated.

Russian population suffered a lot also fighting the nazis.

Now we have to see how Russia’s army is invading Ukraine and murdering innocent citizens.

That’s horrible.

I know Engineers from Ukraine. Those guys were doing great building wealthy based on knowledge and working well for companies across the world. Now these people are being killed or Engineers, amongst all the brave population, are arming themselves to fight the invasion. Shells destroy beautiful cities and population are starving, and young soldiers from both sides will never be seen again by their mothers.

I wrote a small article on how to identify and block in the Ubuntu firewall the Ip’s from Russia and Belarus until Russia leaves Ukraine.

Let music play in solidarity with Ukraine. First is a Catalan group. Second is a famous Irish band in this epic song dedicated to the brave International Brigades, volunteers that fought the fascism in Spain and in Catalonia trying to make a better world.

The Blog

I’ve updated the SSL Certificate. The previous one I bought was issued for two years, and I renewed as it was due to expire.

I wrote a short article about how to update the SSL Certificates for Apache 2 in Ubuntu 20.04.

Articles

I published a small Python script to show the local datetime and the Unix Epoch Time.

Open Source

carleslibs

On the 6th of January I released carleslibs v.1.0.7

https://pypi.org/project/carleslibs/1.0.7/

The new version contains these improvements:

  • Modified OsUtils.get_total_and_free_space_in_gib() to return float instead of Integer.
  • Added HashUtils class with md5 for unicode Strings.
    • Produces the same as md5sum Linux tool.
  • Created FileUtils.create_folders() which creates all the subfolders in the path deep.
  • Unit Testing:
    • Added test_get_inodes_in_use_and_free() to test_osutils.py
    • Added two tests more to test_osutils.py
    • Added test for version.py
    • Tests for HashUtils class.

My books

Python 3 Exercises for Beginners

I have updated the book, offering solution to exercises 11.1, 11.2 (simple and encapsulated in a function) and I’ve created exercise 11.3.

If you purchased the book before, you can download any update for free.

Amazon AWS

I got an offer by a super editorial to publish my book Automating and Provisioning with Amazon Python 3 SDK boto3.

Honestly, my ego was flattered. It is a lot of reputation.

Although in the past I got an offer from another monstrously big editorial to publish world wide my book Python 3 Combat Guide and I also rejected, and an offer from a digital learning platform to create an interactive course from this same book.

I’ve rejected it again this time.

If you are curious, this is what I answered to them:

Hi XXXX,

I'm well, thank you. I hope you are doing well too.

Thanks for taking the time to explain your conditions to me.

I feel flattered by your editorial thinking about me. I respect your brand, as I mentioned, as I own several of your titles.

However, I have to refuse your offer.

Is not the first time an editor has offered to publish one or more of my books. For all over the world, with much higher economic expectations.

I'll tell you why I love being at LeanPub:

1- I own the rights. All of them.
2- I can publish updates, and my readers get them for free. As I add new materials, the value is maximized for my readers.
3- I get 80% of the royalties.
4- If a reader is not happy, they can return the book for 60 days.
5- I can create vouchers and give a discount to certain readers, or give for free to people that are poor and are trying to get a career in Engineering.

The community of readers are very honest, and I only got 2 returns. One of them I think was from an editorial that purchased the book, evaluated it, and they contacted me to publish it, and after I rejected they applied for the refund.

I teach classes, and I charge 125 EUR per hour. I can make much more by my side than the one time payment you offer. The compensation for the video seems really obsolete.

Also, I could be using Amazon self publishing, which also brings bigger margins than you.

So many thanks for your offer. I thought about it because of the reputation, but I already have a reputation. I've thousands of visits to my tech blog, and because of the higher royalties, even if I sell less books through LeanPub it is much more rewarding.

Thanks again and have a lovely day and rest of the week.


Best,
Carles

The provisioning in Amazon AWS through their SDK is a book I’m particularly proud, as it empowers the developers so much. And I provide source code so they can go from zero to hero, in a moment. Amazon should provide a project sample as I do, not difficult to follow documentation.

Teaching / Mentoring

As I was requested, I’ve been offering advice and having virtual coffees with some people that recently started their journey to become Software Engineers and wanted some guidance and advice.

It has been great seeing people putting passion and studying hard to make a better future for themselves and for their families.

I’ll probably add to the blog more contents for beginners, although it will continue being a blog dedicated to extreme IT, and to super cool Engineering skills and troubleshooting.

For my regular students I have a discord space where we can talk and they can meet new friends studying or working in Engineering.

Free Resources

This github link provides many free books in multiple languages:

https://github.com/EbookFoundation/free-programming-books

Tricks

Zoom can zoom the view. So if they are sharing their screen, and font is too small, you can give a relax to your eyes by using Zoom’s zoom feature. It is located in View.

My health

After being in the hospital in December 2021, with risk for my life, and after my incredible recuperation, I’ve got the good news that I don’t need anymore 2 of the 3 medicines I was taking in a daily basis. It looks well through a completely recovery thanks to my discipline, doing sport every day several times, and the fantastic Catalan doctors that are supporting me so well.

Since they found what was failing in me, and after the emergency treatments I started to sleep really well. All night. That’s a privilege that I didn’t have for long long time.

Humor

Sad but true history. How many super talented Engineers have been hired and then they were given a shitty laptop/workstation super slow? That happened to me when I was hired by Volkswagen IT: gedas. I was creating projects for very big companies and I calculated that I was wasting 2 hours of my time compiling. The computer did not had enough RAM and was using swap.

JavaScript fun (or not)

Yes, this works like this.

You can try yourself:

<html>
<body>
<script>
    console.log("11" + 1)
    console.log("11" - 1)
</script>
</body>
</html>

As you can see if you open the Browser Developer tools (in Linux and Windows press F12 key):

Blocking Russian and Belarus IP Addresses in Ubuntu’s Firewall

Last update: 2022-05-14 16:01 IST

Me, as everybody in the civilized world, I’m shocked by the brutal invasion of Ukraine by Russia.

I’ve known brilliant IT Ukrainian Engineers and I have known how they have been helping companies around the world with their coding skills.

Me as everybody else have been receiving attacks from Russian and Belarus (and China) Ip Addresses in a daily basis for years, but I only blocked on the firewall the offending Ips.

But after the Russian invasion of Ukraine and the shelling over cities, and the murder of innocent people, families… not talking about the craziness of attacking the biggest nuclear power plant in Europe I think that’s enough.

I know it can be argued that if the Russian population, which is not guilty of the decisions of their dictator president, are isolated from Internet they will be more alone. But I think that people that want peace, need to do something to set it clear that we don’t want anything to do with dictators that do not respect basic Human Rights.

Must say I have very nice Russian friends that are totally against the Rusian invasion of Ukraine.

And obviously it doesn’t look like that Russian president is going to stop there. It looks to me like again, another crazy dictator is trying to invade Europe and enslave their nations. Also the repression against their own Russian population and the prosecution of Free of Speech, are unacceptable. And as a Catalan I know about this.

As Engineer, the only thing I can do is speak up and say No. This is bad. My way of doing that, is contributing to let the Russians know that the rest of the world do not approve invasions, violence and repression. And I’m adding my blog to the list of services that will not work in Russia and in Belarus.

I’ll be blocking in the Firewall any Russian and Belarus Ip Address I get to know until they leave Ukraine.

And I’ll share with you how you can do the same, and the Ip ranges that I found.

How to know if an IP belongs to Russia or Belarus

There are geographic databases that quickly will tell you.

But if you want to do it by yourself, in Linux you can do like this:

whois -a 94.231.154.121

In this case the IP that visited my blog belong to an ISP (Internet Service Provider). Their range is 94.231.144.0 to 94.231.159.255.

That range is the equivalent to 16 class C (or a mask /24 or in other words, 256 addresses):

  1. 94.231.144.0/24
  2. 94.231.145.0/24
  3. 94.231.146.0/24
  4. 94.231.147.0/24
  5. 94.231.148.0/24
  6. 94.231.149.0/24
  7. 94.231.150.0/24
  8. 94.231.151.0/24
  9. 94.231.152.0/24
  10. 94.231.153.0/24
  11. 94.231.154.0/24
  12. 94.231.155.0/24
  13. 94.231.156.0/24
  14. 94.231.157.0/24
  15. 94.231.158.0/24
  16. 94.231.159.0/24

These 16 class C /24, can be expressed as 8 /23, or 4 /22 or 2 /21 or one /20.

It is not always possible to use a mask for all the Ip’s of a provider, as they may have an even distribution, so in case of doubt you can use the route listed by whois for the ip you queried.

In this case I can use 94.231.144.0/20 so, 4,096 IP Addresses. I’m going to block them:

sudo ufw insert 1 deny from 94.231.144.0/20 to any

I’m going to block 2,097,152 of IP Addresses assigned to Russia in four ranges of 512K:

ufw insert 1 deny from 5.136.0.0/13 to any
ufw insert 1 deny from 95.24.0.0/13 to any
ufw insert 1 deny from 176.208.0.0/13 to any
ufw insert 1 deny from 178.64.0.0/13 to any

And few more blocks of 64K, 32K, 16K, 8K, 4K, 1K, 2K, 512 and 256 (/24) IP Addresses:

ufw insert 1 deny from 5.18.0.0/16 to any
ufw insert 1 deny from 37.192.0.0/16 to any
ufw insert 1 deny from 109.252.0.0/16 to any
ufw insert 1 deny from 128.71.0.0/16 to any
ufw insert 1 deny from 194.220.0.0/16 to any
ufw insert 1 deny from 92.101.0.0/17 to any
ufw insert 1 deny from 92.255.128.0/17 to any
ufw insert 1 deny from 178.154.128.0/17 to any
ufw insert 1 deny from 37.9.64.0/18 to any
ufw insert 1 deny from 93.100.64.0/18 to any
ufw insert 1 deny from 93.100.128.0/18 to any
ufw insert 1 deny from 93.124.64.0/18 to any
ufw insert 1 deny from 141.8.128.0/18 to any
ufw insert 1 deny from 46.3.160.0/19 to any
ufw insert 1 deny from 46.38.96.0/19 to any
ufw insert 1 deny from 85.174.192.0/19 to any
ufw insert 1 deny from 85.234.32.0/19 to any
ufw insert 1 deny from 90.188.224.0/19 to any
ufw insert 1 deny from 94.242.0.0/19 to any
ufw insert 1 deny from 37.9.0.0/20 to any
ufw insert 1 deny from 37.9.32.0/20 to any
ufw insert 1 deny from 37.9.144.0/20 to any
ufw insert 1 deny from 46.148.192.0/20 to any
ufw insert 1 deny from 77.245.208.0/20 to any
ufw insert 1 deny from 79.110.64.0/20 to any
ufw insert 1 deny from 93.182.16.0/20 to any
ufw insert 1 deny from 95.152.32.0/20 to any
ufw insert 1 deny from 95.152.48.0/20 to any
ufw insert 1 deny from 109.168.224.0/20 to any
ufw insert 1 deny from 217.25.224.0/20 to any
ufw insert 1 deny from 217.114.144.0/20 to any
ufw insert 1 deny from 37.9.48.0/21 to any
ufw insert 1 deny from 37.9.128.0/21 to any
ufw insert 1 deny from 37.9.240.0/21 to any
ufw insert 1 deny from 85.202.0.0/21 to any
ufw insert 1 deny from 90.151.136.0/21 to any
ufw insert 1 deny from 95.72.24.0/21 to any
ufw insert 1 deny from 95.72.104.0/21 to any
ufw insert 1 deny from 195.133.152.0/21 to any
ufw insert 1 deny from 5.164.228.0/22 to any
ufw insert 1 deny from 5.164.248.0/22 to any
ufw insert 1 deny from 37.113.12.0/22 to any
ufw insert 1 deny from 37.113.32.0/22 to any
ufw insert 1 deny from 37.113.44.0/22 to any
ufw insert 1 deny from 37.113.52.0/22 to any
ufw insert 1 deny from 37.113.60.0/22 to any
ufw insert 1 deny from 37.113.136.0/22 to any
ufw insert 1 deny from 46.146.4.0/22 to any
ufw insert 1 deny from 62.217.188.0/22 to any
ufw insert 1 deny from 79.173.88.0/22 to any
ufw insert 1 deny from 91.204.148.0/22 to any
ufw insert 1 deny from 91.210.4.0/22 to any
ufw insert 1 deny from 91.219.56.0/22 to any
ufw insert 1 deny from 94.181.44.0/22 to any
ufw insert 1 deny from 94.181.164.0/22 to any
ufw insert 1 deny from 95.79.88.0/22 to any
ufw insert 1 deny from 95.170.152.0/22 to any
ufw insert 1 deny from 109.194.240.0/22 to any
ufw insert 1 deny from 109.194.244.0/22 to any
ufw insert 1 deny from 109.194.252.0/22 to any
ufw insert 1 deny from 178.17.180.0/22 to any
ufw insert 1 deny from 178.76.220.0/22 to any
ufw insert 1 deny from 195.133.16.0/22 to any
ufw insert 1 deny from 212.192.244.0/22 to any
ufw insert 1 deny from 212.193.184.0/22 to any
ufw insert 1 deny from 5.188.158.0/23 to any
ufw insert 1 deny from 31.173.242.0/23 to any
ufw insert 1 deny from 37.113.56.0/23 to any
ufw insert 1 deny from 46.148.234.0/23 to any
ufw insert 1 deny from 46.242.8.0/23 to any
ufw insert 1 deny from 80.95.44.0/23 to any
ufw insert 1 deny from 81.9.126.0/23 to any
ufw insert 1 deny from 83.220.238.0/23 to any
ufw insert 1 deny from 90.154.72.0/23 to any
ufw insert 1 deny from 93.159.230.0/23 to any
ufw insert 1 deny from 188.124.46.0/23 to any
ufw insert 1 deny from 188.130.136.0/23 to any
ufw insert 1 deny from 212.109.196.0/23 to any
ufw insert 1 deny from 5.188.170.0/24 to any
ufw insert 1 deny from 5.188.211.0/24 to any
ufw insert 1 deny from 37.113.58.0/24 to any
ufw insert 1 deny from 46.8.155.0/24 to any
ufw insert 1 deny from 46.8.156.0/24 to any
ufw insert 1 deny from 46.8.222.0/24 to any
ufw insert 1 deny from 46.161.48.0/24 to any
ufw insert 1 deny from 62.76.153.0/24 to any
ufw insert 1 deny from 62.113.118.0/24 to any
ufw insert 1 deny from 83.220.227.0/24 to any
ufw insert 1 deny from 91.230.107.0/24 to any
ufw insert 1 deny from 91.241.19.0/24 to any
ufw insert 1 deny from 91.243.44.0/24 to any
ufw insert 1 deny from 91.244.183.0/24 to any
ufw insert 1 deny from 94.103.80.0/24 to any
ufw insert 1 deny from 94.103.81.0/24 to any
ufw insert 1 deny from 94.103.82.0/24 to any
ufw insert 1 deny from 94.103.83.0/24 to any
ufw insert 1 deny from 94.103.84.0/24 to any
ufw insert 1 deny from 94.103.85.0/24 to any
ufw insert 1 deny from 94.103.86.0/24 to any
ufw insert 1 deny from 94.103.87.0/24 to any
ufw insert 1 deny from 94.103.88.0/24 to any
ufw insert 1 deny from 94.103.89.0/24 to any
ufw insert 1 deny from 94.103.90.0/24 to any
ufw insert 1 deny from 94.103.91.0/24 to any
ufw insert 1 deny from 94.103.92.0/24 to any
ufw insert 1 deny from 94.103.93.0/24 to any
ufw insert 1 deny from 94.103.94.0/24 to any
ufw insert 1 deny from 94.103.95.0/24 to any
ufw insert 1 deny from 109.107.180.0/24 to any
ufw insert 1 deny from 109.194.21.0/24 to any
ufw insert 1 deny from 109.248.128.0/24 to any
ufw insert 1 deny from 176.113.115.0/24 to any
ufw insert 1 deny from 178.20.43.0/24 to any
ufw insert 1 deny from 178.176.214.0/24 to any
ufw insert 1 deny from 178.204.251.0/24 to any
ufw insert 1 deny from 179.60.149.0/24 to any
ufw insert 1 deny from 185.9.187.0/24 to any
ufw insert 1 deny from 185.63.61.0/24 to any
ufw insert 1 deny from 185.76.147.0/24 to any
ufw insert 1 deny from 185.88.102.0/24 to any
ufw insert 1 deny from 192.166.119.0/24 to any
ufw insert 1 deny from 193.218.118.0/24 to any
ufw insert 1 deny from 194.87.218.0/24 to any
ufw insert 1 deny from 194.186.207.0/24 to any
ufw insert 1 deny from 194.190.90.0/24 to any
ufw insert 1 deny from 213.135.156.0/24 to any

I’ve identified this range of 32K, 8K IP Addresses and a class C from Belarus:

ufw insert 1 deny from 178.154.0.0/17 to any
ufw insert 1 deny from 134.17.160.0/19 to any
ufw insert 1 deny from 86.57.147.0/24 to any

If you need a CIDR / subnet calculator this is great: https://www.calculator.net/ip-subnet-calculator.html

I write all these ranges in a script, so I can apply to all my Servers, and so I can remove them from the Firewalls when Russia and Belarus leave Ukraine.