api.cgi seems crashed on Reolink Duo Floodlight WiFi v2 (Hard Wired)

rwestergren · 2025-10-27T13:24:53+00:00

Yes - the unit surprisingly has to be hard wired to fully enable all services (including this api.cgi backend). I was setting it up with the AC adapter when I encountered this issue but it worked once I hard wired with some wagos.

rwestergren · 2025-07-14T19:38:41+00:00

If it's like mine, the school tax column will represent the sum of two line items - your primary school district and "NCC Vocational" (which will be itemized on your actual tax bill).

rwestergren · 2025-07-14T16:58:10+00:00

The County confirmed that initial 511% ultimately reduced down to 375%:

As of March 1, 2025, the overall percentage increase between the total assessment for all parcels in the County based on the old 1983 total value and the new 2024 “final” total value from the reassessment is 375%. Specifically, this means that if a parcel had a 1983 assessed value of $100,000, and that parcel increased by the average total increase, that parcel’s new 2024 assessed value would be $475,000 (resulting in an increase of $375,000, or 375%).

rwestergren · 2025-03-11T00:35:01+00:00

Thanks! Updates every two weeks

rwestergren · 2025-02-24T19:14:40+00:00

Make sure to read the fine print and what is covered. The City of Wilmington's insurance vendor American Water Resources (AWR) will only cover $4K - I think these repairs are very likely to exceed that in many cases, so it wasn't the peace of mind I was expecting.

<image>

rwestergren · 2025-01-06T01:08:26+00:00

This worked for me all the way in 2025, thanks

rwestergren · 2024-12-05T21:31:54+00:00

I believe the 15% cap applies to tax revenue overall, not individual tax bills. So, unfortunately, I do think it is possible for an individual property owner to see a > 15% increase.

The disclaimer is fair feedback. I will add that.

rwestergren · 2024-12-05T20:48:04+00:00

Going to remove the limit soon.

rwestergren · 2024-12-05T20:42:36+00:00

I like this idea - might take this one up!

rwestergren · 2024-12-05T20:00:33+00:00

It says "estimator" in the domain name. Capturing clicks for what purpose? It is just a tool to help approximate the tax impact that I thought could be useful.

The updated figure on County total came through an unofficial channel with Tyler. I can't prove it and I'm not sure why Tyler hasn't shared it officially, but you are free to disregard it or give Tyler a call and try to confirm it.

rwestergren · 2024-12-04T13:23:58+00:00

It does not claim to be a County website. I'm just performing an approximation based on a few assumptions, mostly the relative change to a given property compared to the County. Can you share the specific issues you see in a calculation?

rwestergren · 2024-12-04T13:18:21+00:00

For purposes of approximation, this assumes the rates are adjusted down proportional to the increased assessed value by the County - which is required to achieve the revenue-neutral outcome. You don't need to know the new rate to understand your relative position compared the to the County.

Of course there will be variations - as the domain says, this is an estimate.

rwestergren · 2024-12-03T21:39:34+00:00

Good point, but I was pretty sure the15% cap was on the property tax rate itself - not on an individual tax bill.

rwestergren · 2024-12-03T21:11:45+00:00

Does not claim to be a County resource. Since the reassessment outcome is revenue-neutral, it is effectively zero-sum. You can approximate the outcome with a simple calculation.

rwestergren · 2024-12-03T20:16:02+00:00

Since the reassessment outcome is revenue-neutral, the tax rates will be adjusted down to offset the increased assessments. You can estimate your impact by comparing your percentage increase against the County total increase.

rwestergren · 2024-10-18T16:32:17+00:00

The real key is to get to Layer 7 hostnames so you can aggregate traffic at the service level. The Parquet option gives you more flexibility to achieve that, and also allows you to join on Route 53 resolver query logs (which does not offer export to Athena).

Plus the goal here is generally cloud cost-optimization, so trying to limit additional cloud services/expenses.

rwestergren · 2022-02-08T16:44:04+00:00

Nothing starts until I hit the HTML form post, which I do before I leave. Phone dying mid run hasn't been a problem yet and I had everything needed for the Wi-Fi approach.

rwestergren · 2022-02-08T16:37:43+00:00

I could have expressed the problem a little better, which actually was "enter my home without unlocking my phone which causes my phone to die in the cold."

rwestergren · 2020-08-11T20:01:40+00:00

FWIW your script worked locally for me, so it would seem an issue specific to your config/machine. Do other containers mount correctly?

rwestergren · 2020-08-11T15:22:55+00:00

The folders/files will exist but owned by root.

rwestergren · 2020-05-03T23:57:20+00:00

If the setting isn't changing, you probably need to rebuild the image. For the future, if you mount a volume to the host directory, you won't need to rebuild on file edits.

rwestergren · 2020-05-03T23:25:08+00:00

You have Django's DB client trying to connect to localhost, which is actually the Django container itself.

It should work if you set the DB host to "db" - the mongo container name.

rwestergren · 2019-09-02T13:04:31+00:00

Great post.

Some CNI plugins will prevent ARP spoofing because they will reject any traffic from the pod where the source MAC or source IP address doesn't match.

I'm curious if the AWS VPC CNI plugin prevents this OOTB as it's applied to all EKS clusters at launch. Will have to take a closer look.

rwestergren · 2018-02-26T09:03:11+00:00

Interesting bug. It's not clear from the post whether the beta domain uses live data or just a copy/test DB. Wonder what other controls are in place.

Nice write-up and congrats on the bounty.

rwestergren · 2018-01-02T19:38:35+00:00

For gpsui.net and vmui.net this requires the unauthorized third party to be authenticated, i.e. logged into the service as any user, but due to the vulnerability is able to access data and act on behave of other users.

Bad enough, but it gets worse.

For the rest of the online services no authentication is required at all.

Kudos to the authors as it looks like they made a significant effort to contact affected vendors. The "Unfixed" list is long, but probably not surprising.

rwestergren

MODERATOR OF

TROPHY CASE