September 25, 2019

SSH: How to identify which key to use when AgentFowarding is in use 

You can use the public part of a key to to specify which private key you want to use from the forwarded agent. This requires creating an extra file (the public part of the key) on any “intermediate” machines (machines to which you forward your local ssh-agent).
  1. Arrange for the intermediate machine to have a copy of the public part of the desired key in a convenient location (e.g. ~/.ssh/
    From any machine that already has the public part of the key:
    scp intermediate:.ssh/
    or, on the intermediate machine:
    ssh-add -L | grep something_unique > ~/.ssh/
    You may want to edit the trailing “comment” part of the public key to better identify the key’s origin/owner/purpose (or attempt to hide the same).
  2. Use the pathname to the above public key file with -i or IdentityFile.
  3. You may also need to use IdentitiesOnly yes (in .ssh/config or -o) to keep ssh from trying to offer any additional identities from your forwarded agent.

September 8, 2019

Lego EV3 Sound file .rsf format

Lego EV3 support play sound files, and the Lego programmer software comes with many built-in sound files. If you want to add new sound files,  you can use the "Sound Editor" that came with the software. Or you can convert an existing sound file to it.

The found file ends with .rsf extension (probably standing for Robotic Sound File). It has the following format:

[ 8 bytes of header]
[ raw sound data ]

The first 8 bytes of the file are meta data with the following meaning:

byte 0, byte 1: 0x01 0x00
byte 2, byte 3:  length, in big-endian, of raw sound data.
byte 4, byte 5: 0x1f, 0x40 (demical 8000, the sampling rate)
byte 6, byte 7: 0x00, 0x00.

raw sound data
The raw sound data is 8-bit of PCM data, with sampling rate of 8000 samples per second.

Example Script

On a Mac OS computer, one can use the following command to generate a audio file:
say "hello world" -o hello.aiff

Then you can use "ffmpeg" (you need to use brew to install it) to convert it to raw audio
ffmpeg -i hello.aiff -acodec pcm_u8 -f u8 -ar 8000 hello.raw

Then you can use the above mentioned tool "raw2rsf" to conver the raw file to .rsf file
raw2rsf hello.raw > hello.rsf

Then you can copy the hello.rsf file to your Lego Programmer sound file directory and then use it from the programmer software!

raw2rsf.c: a simple C program to convert a .raw file to .rsf file.

August 23, 2019

Instant file sharing without logging in

1. Web-RTC based; Local LAN transfer doesn't leave LAN

2. HTTP streaming and Web-RTC based.

3. HTTP streaming, supporting curl based command line.

Source code at:, and a minimal golang version at

Blog at

4. HTTP Streaming

WebRTC Demo using peer.js:

July 30, 2019

Windows 10 spotlight image files location


July 18, 2019

Search Linux Kernel to find out when a feature was added

Use the LKDDB (Linux Kernel Driver DataBase):

Search a CONFIG_xxx and it will tell you since what version of Linux kernel it was added.

May 15, 2019

TCP socket send buffer deep dive

A typical TCP socket send buffer is composed of three parts: unacked-bytes, unsent-bytes, and free-buffer.
                               |                |
                               |                |
                               |  FREE BUFFER   |
                               |                |
                               |                |
                               |                |
                               |  UNSENT BYTES  |
                               |                |
                               |                |
                               |  UNACKED BYTES |
                               |                |

Total send buffer size

Total send buffer size = unacked-bytes + unsent-bytes + free-buffer.  
It can be obtained using the SO_SNDBUF socket option. The buffer size could dynamically change its size as seen needed by the OS. This works for both Linux and macOS.
        slen = sizeof(sndbufsiz);
        err = getsockopt(sd, SOL_SOCKET, SO_SNDBUF, &sndbufsiz, &slen);

Total in-flight bytes

Total inflight bytes = unacked-bytes + unsent-bytes. 
It can be obtained using SO_NWRITE socket option on macOS, and SIOCOUTQ ioctl on Linux.
int get_socket_used(int sd){
    int err;
    int used;
#ifdef __APPLE__
    socklen_t slen = sizeof(used);
    err = getsockopt(sd, SOL_SOCKET, SO_NWRITE, &used,&slen);
    if(err < 0) {
        perror("getsockopt 2");
    err = ioctl(sd, SIOCOUTQ, &used);
    if(err < 0) {
        perror("ioctl SIOCOUTQ");
    return used;
On macOS, it seems that this can also be obtained using the TCP_INFO struct, but it is a private API.
u_int32_t       tcpi_snd_sbbytes;       /* bytes in snd buffer including data inflight */


On Linux, unacked-bytes can be obtained from the TCP_INFO structure, but the result is number of segments, or bytes. On macOS, TCP_INFO seems to contain this infomration (private API).
int get_socket_unacked(int sd){
    struct tcp_info tcp_info;
    socklen_t tcp_info_length = sizeof(tcp_info);
    if ( getsockopt(sd, IPPROTO_TCP, TCP_INFO, (void *)&tcp_info, &tcp_info_length ) == 0 ) {
        return tcp_info.tcpi_unacked;
    return 0;

//For macOS, use TCP_INFO
    u_int64_t       tcpi_txunacked __attribute__((aligned(8)));    /* current number of bytes not acknowledged */
macOS tcp_info definition

unsent-bytes (not including un-acked bytes)

On Linux, unsent-bytes can be obtained from the tcpi_notsent_bytes field of the TCP_INFO structure. NOTE that this requires kernel version to be 4.6 or newer. For Android that means Android 8 or newer. On Linux, it can also be obtained using SIOCOUTQNSD ioctl. It’s not clear how to do this on macOS.
//defined in /usr/include/linux/sockios.h 
int get_socket_unsent(int sd){
    int err;
    int unsent;
    err = ioctl(sd, SIOCOUTQNSD, &unsent);
    if(err < 0) {
        perror("ioctl SIOCOUTQNSD");
    return unsent;


int get_socket_unsent(int sd){
    struct tcp_info tcp_info;
    socklen_t tcp_info_length = sizeof(tcp_info);
    if ( getsockopt(sd, IPPROTO_TCP, TCP_INFO, (void *)&tcp_info, &tcp_info_length ) == 0 ) {
        return tcp_info.tcpi_notsent_bytes;
    return 0;

Stackoverflow discussion on getting unsent bytes

epoll and kevent

epoll on Linux, and kevent on macOS, get triggered by the unsent-bytes, when the TCP option TCP_NOTSENT_LOWAT is set. On macOS, kevent() doesn’t report socket as writable until the unsent TCP data drops below specified threshold (typically 8 kilobytes).

May 9, 2019

Enable user-id based packet routing on Mac OS

If you would like to route all socket (TCP/UDP) traffic from processes running by a particular user on a Mac OS to be routed differently, you can do that.

1. Add the user to your Mac OS if not already done. In this example, I will add an user named "test1"
2. run the command:
        sudo vi /private/etc/pf.conf
    and add the following line before ' anchor "*"
         pass out quick on en0 route-to { utun4 } user test1

   a) change en0 to your default network interface name on Mac
   b) change utun4 to the network interface you would these packets to be routed to

3. restart pf by doing:
    sudo pfctl -d; sudo pfctl -e -f /etc/pf.conf

Now all processes running by user test1 should be routed to the new interface as specified.

February 26, 2019

keep ssh running in background for tunneling

1. write the following script to a file, named "" and make it executable (make sure user has public auth enabled on remote host):

while true; do ssh -t -n -R "while true; do ps -ef; sleep 1; done" ; sleep 1; done

2.  Run the the above script in a detached screen session:
    screen -S tunnel -d -m /path/to/

 That's all. This creates a background screen session, which runs the script, which loops an ssh command to keep it up and running.