So I've had a hectic few days, and I'm getting close to having caught up with the things that I've been sitting on whilst I've been away.
ObRandom: Several people, independantly, have told me within the past few days that "whilst" is not a real word. it is. End of ..
Some interesting things I've been working upon recently include a fun little firewall tool. Once upon a time I wrote a firewall script which worked like this:
firewall/
`-- incoming.d
|-- smtp
|-- ssh
`-- www
`-- outgoing.d
|-- ssh
|-- smtp
|-- dns
`-- icmp
When you executed the magic firewall script it would scan the incoming.d directory, and for each file it found lookup the relevant port in /etc/services. These port numbers would then be opened. And at the end you'd just have a "-j DROP".
After a long phone conversation to a colleague on Thursday/Friday of last week I've now reworked this idea anew. There is still the notion of filenames referring to what is allowed for a pair of directories (incoming.d/ + outgoing.d/) but even more flexability and no hardwired use of /etc/servvices.
I guess some ideas are just too simple to give up ..?
Anyway there are a plethora of different firewall applications of varying sophistication and complexity in the world. I don't really want to go out of my way to promote this one - but at the same time it might be a useful idea for somebody?
The next (work) job I have is determining how to make a "kernel" + "kernel-dev" RPM package based on Debian sources. Joy. Actually the more I look around the more fiddly, annoying, and troublesome I suspect this is going to be. Sigh.
ObQuote: The Grudgy
