So it seems that Real’s Helix project is being GPL’d. That’s pretty sweet, meaning we get another multimedia player for linux and it can be distributed and used freely. But somehow it will now become the default media player for Novell (SUSE), Red Hat, Sun, and Turbolinux. WTF mate?
WHAT. There is also a WHATWG. (thats WHAT working group)
Update: OMG I found their actual website
We now have a working SMTP server for staff to use. The server will securely authenticate users to insure they are a staff member. See the wiki page EmailAccount for details on configuring your mail client. There is a kink that Nick and I are trying to fix around CRAM-MD5 vs LOGIN auth types. The next step is to setup SPF records for our domains.
In anticipation of Deb wanting old apps to actually be working, I fixed up Styx to show student data from IPreg2. The styx index.pl code is the worst thing I have ever seen. Changing the code wasn’t to hard, but I did a half ass job since we should be replacing that soon. Also remembered that mystats was likely hosed, and Pat got that all fixed up.
We have a new idea for how the virus page should work. When marked virus, a student will be moved to a 10.242.0.0 subnet with fake DNS. The dynamic wpad file will setup IE to use a different proxy server that only allows access to windowsupdate, mcafee, etc. Since they are on an internal network, no traffic will reach the internet. Now we need to find a way to prevent unregistered machines and virus machines from talking to the 66.165.0.0 or 140.160.0.0 networks.
I’m trying to setup a staff SMTP server, and qmail is not cooperating. Here is the log file message:
Some error detected, sleeping for 30 seconds for safety
Mike :: Jun.28.2004 :: General :: 2 Comments »
We now have a bridging firewall setup in the office.
The bridging is pretty easy. I’m using a patch from ebtables to the 2.4.25 kernel.
Blocking an IP is easy: ebtables -A FORWARD -p 0800 --ip-src 140.160.214.86 -j DROP It would be ebtables -A FORWARD -p IPv4 --ip-src 140.160.214.86 -j DROP but our install of ebtables does’t like where gentoo put /etc/ethertypes or something.
Heres how to limit an IP to a certain rate with a bridging firewall: (br100 is a bridge on eth0 and eth1)
ebtables -F ebtables -A FORWARD -p 0800 --ip-src 140.160.214.86 -j mark --set-mark 2 --mark-target CONTINUE tc qdisc del dev eth0 root tc qdisc add dev eth0 root handle 1: htb default 10 tc class add dev eth0 parent 1:1 classid 1:2 htb rate 500kbit tc filter add dev eth0 protocol ip parent 1: prio 1 handle 2 fw flowid 1:2 tc qdisc del dev eth1 root tc qdisc add dev eth1 root handle 1: htb default 10 tc class add dev eth1 parent 1:1 classid 1:2 htb rate 500kbit tc filter add dev eth1 protocol ip parent 1: prio 1 handle 2 fw flowid 1:2
This works really well for limiting iperf. It’s fun to watch the Windows XP network graph hit various plateaus as I set different limits. I can’t wait to start testing this with more of a load. We should get a test box into bond hall.