Coronavirus Special: Subaru Impreza WRX GC8 Import

In my adventures of fixing, rebuilding and playing with old sports cars, I met a friend, Danny, who was in the need of seriously saving his Subaru Impreza WRX.

He’d been sold a less than perfect, but mostly solid JDM import WRX from a private seller. By less than perfect, I mean it was in dire need of attention. The engine wasn’t running correctly, half of the dash lights didn’t work, the wiring looked like it had been attacked by someone you’d see on an episode of Cowboy Builders and the battery had leaked, which made a nice mess of the chassis frame rail.

Him and his dad George took the brave job of stripping the car down and removing everything from the engine bay at a local workshop; where I met them and asked about their car. Realising they had no experience taking apart a car – let alone a 90s turbo car with a plumbing monstrosity – I offered my help to rebuild the car.

George and Danny tackled the corroding frame rail rather eloquently. George is a retired engineer; and had no problem fabricating new steel plates to cut the affected frame rail, reinforce it and re-plate it, resulting in a repair that you can only tell happened because of the fresh paint. He’s an old school metalworker; think of a plate and it’ll be shaped to a perfect fit and welded in very neatly, then ground down to be entirely invisible.

George had also enlisted the help of his brother John, to sandblast some of the brackets from the engine bay, and cover them in some epoxy primer and some underseal. It made a significant difference fitting brackets back to a car that weren’t covered in 15 layers of rust and salt.

Having never heard the car running myself, I had to rely off Danny’s description of the problems. From phrases like “it doesn’t idle properly” and “it hits a brick wall at about 4500rpm” – there were a multitude of problems that were impossible to pinpoint to a single cause without seeing the engine physically running. However, I suggested a full overhaul of the engine would be a good place to start, seeing as the car supposedly sat for 7 years while the mileage increased, according to the previous owner.

With the engine on a stand, I started by pulling the spark plugs. They were completely black and smelled very oily; which to me suggested the car was probably burning oil and was also probably running quite rich. My gut instinct then told me to just completely disassemble the engine as I noticed a few things that didn’t seem right. The EJ20 block didn’t seem to be the original block from the car, looking at the service manual and a few descriptions of some online forum posts. Clearly in my mind, someone’s pushed the original engine too hard in this car, and probably cracked it or caused some sort of significant bottom end damage, and just replaced the bottom end with a donor EJ20 from another car – perhaps a Legacy.

Pulling the heads, there was evidence of detonation. Scoring in one of the cylinder bores, and horrible deposits all over the pistons and valves told me that the engine was definitely in dire need of attention. Lacking the time, I advised Danny to take the engine to a local machine shop, and get the bores honed, some oversize pistons fitted, valve seats cut, stem seals replaced and to get the rods, crankshaft and bearings inspected. It was a good job he did, because one of the rods turned out to be bent too! We got the engine back from the machine shop and fitted it to the car, along with a freshly powder coated intake manifold, a fresh engine wiring harness that I handmade (and had to get a couple of sensor plugs from a Subaru Legacy in a scrap yard!), and plenty of swearing. Having timed the process, it took about an hour and a half for us to get the engine in the car and all of the components plugged in to a point where we could start it.

I disarmed the immobiliser and turned the key. The car started on three cylinders, then cut out. Strange, I thought. The car was happy to run on three cylinders but then suddenly didn’t sound great. The reason it was running on three cylinders was due to an unplugged coil, so we remedied that and tried again.

Oddly enough, the car spluttered and barely ran on one cylinder to my surprise – and sounded like it completely lost compression. It was stupidly easy to turn by hand. The starter barely needed any effort to rotate it. Weirdly enough, it made no metallic grinding noises or anything when it spluttered. Keep this in mind.

I decided to check the timing. I thought it didn’t sound like it bent the valves, but Subarus have an interesting way of controlling spark. On a four cylinder engine, you typically have a couple of ways to determine which piston needs firing on a sequential firing engine. If you have just one sensor i.e. a camshaft position sensor or crankshaft position sensor, an ECU may fire two cylinders at once in an attempt to accelerate the engine, and then determine where the sensor is in phase with the engine’s timing. Subaru EJ20s use two sensors, a camshaft position sensor on one of the intake cams, and a crankshaft position sensor. If the timing belt hasn’t been installed correctly or it skips a couple of teeth, it’s possible for the crankshaft to come out of phase with the camshaft, and the ECU will stop sending a signals to the coils and fuel injectors – perhaps in an effort to prevent bending valves?

Sure enough, the timing was a few degrees out. It looked like the timing belt had been incorrectly installed. On the off chance the engine did bend a valve, I opted to ask the machine shop to come out and correct their mistake. At least if it did bend a valve, that would be their problem then, and not mine.

Timing belt installed correctly. Notice how there’s two timing marks on the crankshaft sprocket – one is the interference safe timing mark and the other is not!

However, with the timing belt correctly installed, the engine still refused to build compression. With a tester, it showed I was getting between 40-70psi on each cylinder, compared with the 140-170psi I should have according to the Subaru service manual. Utterly bemused, me and George took the engine back out of the car, somehow shoehorned it in to the boot of Danny’s car, and plonked it on the bench at the machine shop.

I can think of things more fun to do than test the compression on a boxer engine while it’s installed in a car…

Me and George helped the machinists disassemble the engine, to identify the cause of the problem. To our surprise, there was grit in the engine! We removed the gudgeon pins and subsequently the pistons, to see the rings were completely worn and the piston skirts had been scratched. The worn piston rings would explain why we had practically no compression. The only place where grit would’ve came from would’ve been the intake manifold which was sent to a specialist to get powder coated. We collectively concluded that they hadn’t sealed the manifold properly when they grit blasted it before powder coating. Fortunately all we had to do was completely disassemble the engine, throw every part in the part washer, and replace the piston rings and head gaskets. Pretty easy rebuild. Taking no chances, we replaced the oil filter and also fitted a magnetic sump plug, on the off chance we hadn’t cleaned all of the engine properly.

In short, yes, somehow the engine was rebuilt twice, within a fortnight. Whilst the engine was at the shop for another day or two, I decided to tackle the immobiliser wiring, which looked like it had been installed by Stevie Wonder himself. Danny wanted rid of it, but I said it was easier to just relocate it and preserve the existing installation – don’t whack the wasp nest with a big stick if you don’t have to – otherwise you’re just asking for a whole world of hurt.

The driver side wiring just wasn’t pretty

I set about by temporarily colour coding all of the wires (which are black for security purposes) and cutting them, so I could relocate and secure the immobiliser, which was probably the quickest part of the process. Wire by wire, I removed the colour coding, ran the wire neatly inline with the existing wiring loom, and spliced them back together with solder and heatshrink. Finally, I taped all the wires up into the existing loom, and the result is a virtually undetectable immobiliser install, and most importantly completely out of sight now.

Just about done tidying up the wires at this point

A Scotsman once told me that fortune favours the brave; despite Danny wanting to sell the car for the seventieth time during this project, we pressed on, significantly with more caution. George washed and air blasted the manifolds for a good 6 hours before we fitted them to the car, of which I used this time to reinstall the engine, tidy up the vacuum system and some more of the car’s electrics. The indicator relays had been relocated to behind the radio, which I’m assuming was the same reason as to why I had to relocate a new horn relay there too: moisture ingress. The source of the moisture had been fixed previously, but the carpets must’ve just held the moisture and just promoted the corrosion of the relays. Simple enough to fix though, less than half an hour of soldering some new plugs to adapt for a modern, off-the-shelf relay. Did I mention I had to wire the window heater switch back up as someone repurposed it for a flame igniter in the exhaust?

Another attempt at starting the engine was made. In my anticipation, I forgot to let the fuel pump prime, but the engine sounded like it was going to catch. I cycled the ignition again, then gave it the beans.

The legendary EJ20 fitted with a TD05 turbo roared into life, sounding as smooth as a 4 cylinder boxer engine could without a downpipe installed. I feathered the throttle while we bled the coolant, to try and keep the engine above idle since it needed to be ran in properly with a bit of boost.

Unfortunately that’s where our story ends for now. With Coronavirus lockdown measures preventing access to the workshop, the Subaru sits patiently, waiting for us to fit the body panels, MOT it and get 500 miles of run in on it, before we can send all 16psi of boost to the tarmac.

1994 Subaru Impreza WRX (GC8, JDM Import)
16psi boost map circa 300BHP
Miltek turbo downpipe
Samco sport hose & clamp kit
Alloy Radiator
Air Conditioning delete
HKS Turbo Timer


Tidying the MX-5 Up

In March this year, I bought myself a fairly sought after 1.8is Mk1/NA MX-5 that needed quite a bit of work doing. Birthday present from me, to me, I thought, something to restore over time and then start turning into a modified supercharged or turbocharged project once my 25th birthday hits and I ultimately get something a little more sensible to drive daily.

Already it’s had a lot of work done to it, mostly done by myself. A new motor that’s up to 68,000 miles, new suspension shocks (is spec) and boots all around, fresh Brembo brakes on all four corners, new seats (Eunos Roadster tan tombstones), a new roof (cheapo one until I decide which colour I want on the car), new exhaust, upgraded sound system and a new steering wheel. Despite all of that, the car really owes me nothing, which is a bonus.

However you may ask – if I’ve done all that work and the car “owes me nothing”, then what was the catch with it when I bought it? Quite simply, the bodywork. The sills had previously been replaced, but a previous owner obviously hadn’t paid a decent specialist to match the paint, and didn’t bother treating the arches at the same time. As such I had a couple of spots on the rear that was starting to corrode – nothing that would change the roadworthiness of the vehicle, but pretty grim to look at. That and I suppose the amount of labour it would’ve cost to do all of the above work…

Over the last couple of weekends, I decided to have a go at fixing it. To summarise, it had been a case of strip the rear quarters, boot lid, doors and rear bumper back to primer. I then filled and block sanded stage by stage with fiberglass filler, polyester filler then 1K stopper. Finally, a blast and block with some high build primer and then a few coats of 2K paint courtesy of MAJ Paints in Sunderland (matched to the original Mazda Neo Green/British Racing Green). The end result is about 100 times better than when the car looked when I bought it.

There are a couple of spots that need attention and some wet sanding to achieve a mirror finish, but I’ll do that once the paint is fully cured. 2K is notorious for a long curing time, even after a blast under heat and infrared lamps. Come end of December and the whole car will get a cut and polish.

Interestingly, I seem to have figured out why the arches are quite a weak spot for corrosion on these cars. There is a lip where the inner wing welds to the outer body panel, and road dirt, salt etc tends to accumulate on this lip. At some point, I’ll opt to get a new body panel put on the car which I’ll have to get welded in, probably in a few years time. When I do this, I want to try adding some fiberglass filler to the lip to turn it into a smooth surface. Hopefully in doing this before painting and undersealing, as I think that would stop the dirt from collecting behind the sill panel and the arches, and thus make them a little less likely to rot. Besides – fiberglass doesn’t exactly rust like steel does!

Bonus too; 4 neighbours, the care taker and the cleaner seem to appreciate the effort and have commented how much better the car looks in the garage. I suppose that also reveals the timescale of this project, roughly a week in between going to work and university. All that’s left really bodywork-wise aside from a cut and polish are some stone chips at the front, and a dent on the front wing where a neighbour managed to bump their lawn mower into it some months ago.

Next installment will either be installing a new headunit, installing a new heater control panel (old one is a bit scratched), or installing a new convertible top (may have found another I like with a heated glass screen).

I’m enjoying this project car malarkey! Big shout out to my friend Peter for being a project car advocate.


UNMS Bugs – a public service announcement

If you were an early adopter of Ubiquiti’s CRM as it tied in quite nicely with their equipment, you too probably also faced an unprecedented amount of bugs. The UNMS conversion was meant to be a saving grace, and it is for the most part.

Until I discovered that after the upgrade, at some random point, the CRM had lost the outbound email credentials without warning! Some 3500~ emails stuck in a queue sending later, it was easily fixed, but for some reason I didn’t get any SMTP failure errors for about 10 days.

The fix is simply re-entering the SMTP credentials on the new page (instead of configuring it from the CRM side, head to the UNMS side), then going back into the CRM and force sending the email queue a few times.

PSA/protip: If you recently upgraded from UCRM to UNMS, check your email settings over the next couple of weeks!!!

Thank goodness I have something else planned in the pipeline, I’m getting sick of baby sitting a CRM!!!


Blocking out the Nasties

A recent customer request lead me to start doing some forward thinking on my web hosting infrastructure to improve security and resilience that doesn’t need me to type commands in every day. Some basic thoughts here may make your life a little bit easier at adding different layers of security, fairly easily. More importantly though, can I be ruthless AND ethically responsible?

Mr Robot GIF
Mr Robot has another solution to IPv4 exhaustion according to this gif…

pfBlockerNG and Suricata are both staples of my virtual firewall stack, with a lot of focus being spent more on denying traffic before it can even get to the stage of being analysed by Suricata. The slightly off kilter thinking being maybe a bit more old school; less eggs in one basket, less cpu load than actively using regex to deny absolutely everything that could be denied earlier, better affinity scheduling (so in theory anyway), and at least I’ve always got some form of nasty filtering if I’m restarting a process or something (very rare).

pfBlockerNG had proven to be even more useful today. I decided to turn it up to 11 on a destination interface that I don’t normally provide firewall services for. However in a bid to shape up my service offering to be even more secure by default than the competition, I discovered how much easier it made my life when it seemed to automatically filter out a typical spat-kind-DDoS. The kind where someone’s just attacking a particular service in an odd way that doesn’t require a lot of bandwidth, common among those that run game servers. 45Mbps of bandwidth was enough to cause someone’s colocated server on a clear 1Gbps transit line to start sputtering a little bit!

Image result for bgp blackholing
How BGP blackholing works – you keep the nasties away from your network in the first place – don’t let it ingress past the edge! However it still requires a netadmin to do some things unless you’re as state of the art as Cloudflare

Sure, as a provider I can do things like BGP blackholing with my upstream to not even allow the traffic to enter my network, but for low bandwidth, low effort attacks, is it even worth my time if it doesn’t make a dent in my IP transit bill? Plus, can I make a creative way to possibly let people know they’re likely to have something compromised on their network at home? I’m definitely an advocate for us all carrying the responsibility to make the internet more secure, collectively.

pfBlockerNG turned up to 11 is great at throwing reported spammy IP addresses (DNSBL based lists, Geo reputation lists, IP addresses you might have written in the back of your Mum’s cook book, etc) into a big fat deny rule, which by idea I love. Practically I’ve never ran into an issue with it, but I’ve always stayed on the side of caution by making advisories only previously, and acting upon them in an audit. What would happen if an innocent family tried to access a website, and to them it just looks like the website is down, because Dad’s PC just tripped up their IP address on to a DNSBL list after trying to get a free “premium video membership” and inevitably not getting what he bargained for?

So instead I’ve been getting creative and experimenting with turning this big fat deny rule into one a system that’s more ethical and responsible. Why not filter traffic looking for web ports and naturally redirect them to an off-the-grid web server that hosts a very primitive static site? That very primitive static site being one that humanly tells them they have an issue and how they can sort it. I’m still building said primitive static website, the biggest challenge explaining these security issues in plain English. But on another note, I can at least have a brutal GTFO rule for my networks that you may consider DMZ, whilst passing the book of responsibility to someone’s ISP in one of these botnet edge cases. I have the intention of moving this to production for even shared hosting. And if someone really has a problem with this, I can always just make a very specific exception rule.

I’m sure we all do basic things like blocking nasty ports that should be anywhere near the internet by standard (like SMB!) – but surely there’s a way we can spend less time bashing things into route reflectors and more time fixing the internet?

Let me know your thoughts – how brutally secure do you make your DMZ networks?

To perhaps also clarify on my configuration, I myself colocate racks and sometimes sell shared U space within them, and separate racks cross connected back.


Blogging Reboot

So here I am again internet, sharing my life through a simple web domain as social media isn’t enough for me. I’m working on a few projects that deserve a little more exposure to the internet rather than 280 characters and maybe a better than average smartphone image.

I used to showcase my photography work here, however since I don’t do that professionally anymore, I took the decision to re-use my site as a blog. Perhaps this may be a blogging point for me as I work on my personal projects?

As I sit here at my desk at home in Newcastle upon Tyne, I’m a third year university student that’s having a mid-life crisis at the ripe age of 22. The discipline? Computer Science. Unversity? Newcastle. Gap year? Two, midway through my course. Was it an interesting gap? Absolutely incredible, but a story for another day, maybe.

I spend my time doing quite a few different things outside of my course. Thankfully the reduced contact hours of third year enable me to allocate time to do coursework sensibly, while cracking on with a few odd hobbies. Cars are big thing for me, mostly heroes from the 90s that I grew up racing in Gran Turismo on a Playstation. Needless to say that spurs on to me tinkering and organising cross country road trips with friends of similar enthusiasm.

My friend Jack’s ’92 Mazda MX-5 NA that he was restoring and we tinkered with

History and travelling are also keen passions of mine too; pair this with my passion for cars and naturally that turns into a 22 year old bloke trying to visit as many National Trust properties as possible. Not quite run of the mill, eh? Definitely underrated.

Naturally as a CompSci geek that likes fiddling, I occasionally build things. I’ve made a commitment to try and share some of my projects more this year.

A body control module I’m working on for ’90s Mazda MX-5s, mostly for my car

Since becoming a musician from a young age, music has became an incredibly important part of my life. Not in an insular way either; I love going to see concerts and performances of new artists with friends, and spend a decent amount of time building up my Spotify profile. You may wish to follow me here (and I typically follow back so I can find more music!) and drop me some recommendations.

Playing one of Kirk Hammett’s guitars before a Metallica concert

I also work, primarily doing magical things on the internet. I operate a small hosting company, specialising in hosting WordPress websites typically, which has been my bread and butter for years. Having gotten the WordPress bug since I left school, there’s little I haven’t done with the CMS. Hand in hand with this is freelance IT consultancy I do for SME businesses.

I’m also impartial to a good outing to the pub with some friends; grab some grub and maybe a pint or two if the occasion strikes!

Even pooches get excited at the thought of vegan hot dogs