Monday, August 29, 2022


I never knew….
If you cannot continue in Chrome because of an ERR_CERT_INVALID error, even after pressing Advanced: there’s a secret passphrase built into the error page. Just make sure the page is selected (click anywhere on the background), and type `thisisunsafe`

Sunday, July 24, 2022

ffmpeg reminder

Personal reminder:

Download latest:
Run ffmpeg -i MyMovie.mkv and look for stream info, e.g.:

Stream #0:0: Video: h264 (High), yuv420p(tv, bt709/unknown/unknown, progressive), 1920x800, SAR 1:1 DAR 12:5, 23.98 fps, 23.98 tbr, 1k tbn, 47.95 tbc (default)
Stream #0:1(dut): Audio: ac3, 48000 Hz, 5.1(side), fltp, 448 kb/s
      title           : Dutch
Stream #0:2(dut): Audio: ac3, 48000 Hz, 5.1(side), fltp, 448 kb/s
      title           : Flemish
Stream #0:3(eng): Audio: ac3, 48000 Hz, 5.1(side), fltp, 448 kb/s
      title           : English
Stream #0:4(dut): Subtitle: subrip (default) (forced)
Stream #0:5(dut): Subtitle: subrip
Stream #0:6(eng): Subtitle: subrip

Say, I would like to have the video with the Flemish audio and all the subtitles (since they don’t take that much space)

ffmpeg -i MyMovie_2160p.mkv -vf scale=640:-2 -ac 2 -af "pan=stereo|FL=FC+0.30*FL+0.30*BL|FR=FC+0.30*FR+0.30*BR" -map 0:v:0 -map 0:a:1 -map 0:s MyMovie_640p_2ch.mkv
-vf scale=640:-2	= video filter: 640p, -2 means keep aspect ratio for vertical pixels
-ac 2			= (convert to) 2 audio channels
-af "pan=......		= audio filter: copy multichannel audio without losing center channel (dialogs)
-map 0:v:0		= copy first (0) video stream
-map 0:a:1		= copy second (1) audio stream (Start from 0. So 0 would be Dutch, 1 Flemish, 2 English)
-map 0:s		= copy all subtitles 
but if you have non-convertible subtitles (bitmapped), then first map the desired sub and copy, e.g.: -map 0:s:3 -c:s copy

Monday, July 11, 2022

ser2net p1 adapter yaml config

Because i didn’t make a backup. For next time’s reference:

connection: &p1usb
  accepter: tcp,10001
  enable: on
  connector: serialdev,/dev/ttyUSB0,local,115200n81

Older ser2net, shipped with debian buster with ‘just’ a .conf file is easy:

10001:telnet:600:/dev/ttyUSB0:115200 8DATABITS NONE 1STOPBIT banner

Thursday, July 7, 2022

pfSense Multi VLAN DNS (host) overrides

pfSense’s DNS resolver has the ability to do host overrides from the gui, but these are global overrides.
Unbound (the underlaying DNS resolver) has the ability to create DNS views to do different things based on source addresses.
It is located under Services - DNS Resolver - General - Custom options. It is a free format field.


access-control-view: vlan15activedirectory
access-control-view: vlan16guest

name: "vlan15activedirectory"
local-zone: "" static
# adding the host as a zone results in NXDomain lookup

name: "vlan16guest"
local-data: " 90 IN A"
# adding a specific host and map it to a specific ip

More info: … ring/tags-views.html

Friday, March 18, 2022

Run powershell specific function from task scheduler

Executable is powershell.exe. Arguments:

-command "& { . "c:\location\to\script.ps1"; my_function_name }"

Powershell speed hacks

Powershell can be painfully slow when dealing with larger arrays, reading files and listing large directories. Here are some workarounds.


$myarray = @()
foreach ($x in $y) {
  $myarray += $x

Much faster is working with an arraylist:

$myarray = [System.Collections.ArrayList]@()
foreach ($x in $y) {
  $null = $procarray.Add($x)

Reading files

get-content $filename



Listing large directories

$items = get-item "\\server\share\*.csv" | sort LastWriteTime

The fastest workaround i’ve been able to find is actually using a dos prompt. Use dir switches for sorting purposes.
Note: dir returns just text, while get-items returns objects with all sorts of properties. It depends on your use case whether this hack is actually usable or not.

$items = cmd /r dir "\\server\share\*.csv" /OD /B

Tuesday, October 5, 2021

Install Windows 11 without TMP 2.0

When Windows 11 complains about your system not being compliant:

  • press shift+F10
  • regedit
  • new key: LabConfig
  • new dword value: BypassTPMCheck = 1
  • new dword vlaue: BypassSecureBootCheck = 1

Go back and resume the installation again.

Thursday, February 18, 2021

ESXi 7.0 U1 on a HP DL380p Gen8

Check your CPU here. Mine are Intel Xeon E5-2600 “version 0” series.
Download the HPE customized image

Does it work?

According to the warning, the future is uncertain. But right now, 7.0 U1 is just fine!

Wednesday, February 10, 2021

Azure/O365/Teams authentication and monitoring bash curl scripts

Authorize for teams.
Use one of these client_id’s, depending on your usecase.
1fec8e78-bce4-4aaf-ab1b-5451cc387264 (Teams mobile/desktop application)
5e3ce6c0-2b1f-4285-8d4b-75ee78787346 (Teams web application)


curl -s -X POST \
-c cookies.txt \
-o auth.blob \
-F grant_type=password \
-F resource= \
-F client_id=1fec8e78-bce4-4aaf-ab1b-5451cc387264 \
-F username=YOUR_EMAIL \

This will save your bearer token, amongst others, to auth.blob in a json object.

Because the bearer token is only valid for a certain period of time, you’ll need to refresh it. Here’s how. You’ll need ‘jq’ installed to decompose the json object.


REFRESHTOKEN=`cat auth.blob | jq ".refresh_token" | sed 's/"//g'`

curl -s -X POST \
-c cookies.txt \
-o auth.blob \
-F grant_type=refresh_token \
-F resource= \
-F client_id=1fec8e78-bce4-4aaf-ab1b-5451cc387264 \
-F refresh_token=$REFRESHTOKEN

In the script you can keep repeating actions, but in order to keep your token active, you can use the following piece of code:

if [ -f "auth.blob" ]; then
  EXPIRES=`cat auth.blob | jq ".expires_on" | sed 's/"//g'`
  NOW=`date +%s`
  TTL=`expr $EXPIRES - $NOW`
  if [ $TTL -lt 60 ]; then
    echo "time for a refresh!"
  echo "no previous auth present!"
  EXPIRES=`cat auth.blob | jq ".expires_on" | sed 's/"//g'`
  NOW=`date +%s`
  TTL=`expr $EXPIRES - $NOW`

Now you can do the cool stuff like query your calendar or whatever:


BEARER=`cat auth.blob | jq ".access_token" | sed 's/"//g'`
curl -s --write-out "%{http_code}|%{time_total}n" -o bla.txt "" \
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Teams/ Chrome/80.0.3987.165 Electron/8.5.1 Safari/537.36" \
-H "authorization: Bearer $BEARER"

Or verify your local timezone:


BEARER=`cat auth.blob | jq ".access_token" | sed 's/"//g'`

date "+%Y.%m.%e %T %N"
curl -v '' \
-H "authorization: Bearer $BEARER" \
-H 'authority:'
echo ""
date "+%Y.%m.%e %T %N"

Sunday, December 6, 2020

The Linux Desktop project

Since my work laptop is too restricted, i’m trying to set up Ubuntu on a USB stick and boot from there.
Actually, it has proven to be a very smooth experience so far. I’m impressed by the overall speed and battery performance.

Couple of things i must not forget.

Get some essentials:

sudo apt install curl ffmpeg keepassxc

Latest Google Chrome Browser: link
Latest Citrix Workspace (Receiver): link
Latest Citrix RTME (HDX for Skype): link

After installing the ica client:

sudo ln -s /usr/share/ca-certificates/mozilla/* /opt/Citrix/ICAClient/keystore/cacerts
cd /opt/Citrix/ICAClient/keystore/cacerts
sudo wget
sudo /opt/Citrix/ICAClient/util/ctx_rehash

modify /opt/Citrix/ICAClient/config/wfclient.template before making the first connection


Also: modify /opt/Citrix/ICAClient/config/All_Regions.ini



sudo apt-get install --reinstall libcanberra-gtk-module
/opt/Citrix/ICAClient/util/configmgr (for mapping local drives)

Install Microsoft Teams:

sudo curl | sudo apt-key add -
sudo echo "deb [arch=amd64] stable main" > /etc/apt/sources.list.d/teams.list
apt update
apt install teams

Connecting to exchange web services (for calendar sync)

sudo apt install evolution-ews

Google drive support e.g. for keepass

sudo add-apt-repository ppa:alessandro-strada/ppa
sudo apt-get update
sudo apt-get install google-drive-ocamlfuse

edit ~/.gdfuse/default/config and set mv_keep_target=true

mkdir ~/Documents/GoogleDrive
google-drive-ocamlfuse ~/Documents/GoogleDrive

startup file for google drive mount and offline backup of keepass databases:


google-drive-ocamlfuse ~/Documents/GoogleDrive
if [ ! -d ~/BACKUP/keepass/ ]; then mkdir -p ~/BACKUP/keepass/; fi
if [ -d ~/Documents/GoogleDrive/keepass/ ]; then cp -f ~/Documents/GoogleDrive/keepass/*.kdbx ~/BACKUP/keepass/; else echo Offline; fi

gedit json formatter:
Preferences - Plugins - enable External Tools
preferences - Manage external Tools
“+”, give name e.g. “Format Json”, shortcut key Ctrl+Alt+J, input=Current Document, output=Replace current document

#! /usr/bin/env python
import json
import sys
j = json.load(sys.stdin)
print( json.dumps(j, sort_keys=True, indent=2) )


sudo apt-get install software-properties-common
sudo add-apt-repository ppa:team-xbmc/ppa
sudo apt-get update
sudo apt-get install kodi


sudo curl -L -o /usr/local/bin/youtube-dl
sudo chmod a+rx /usr/local/bin/youtube-dl
sudo ln -s /usr/bin/python3 /usr/local/bin/python