The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Monday, November 12, 2001

Demilitarized zone

The past few days I've been reconfiguring my firewall/proxy server here at home and I must certainly say that it's not quite as easy as I thought it was; and that supporting FTP is singularly annoying.

Prior to my mucking about I had allowed all TCP connections through, and then excluded the ones I didn't want, which meant that my rules (and I'm using ipfwadm here) looked like:


ipfwadm -I -a reject -P tcp -W eth1 -D $IP 1:19
ipfwadm -I -a reject -P tcp -W eth1 -D $IP 23:24
ipfwadm -I -a reject -P tcp -W eth1 -D $IP 26:79

And so on. Made it hard to see what ports I did support (and I stopped at 1022 because it seems that Linux 2.0 starts handing out ports at 1023 even though it's supposed to start at 1024 but that's anothe story) and I had to make sure I blocked services on high ports like Squid and I wanted to block ports that stuff like Back Oriface use (not that I'm really worried it'll attack me, but it's always nice to see attempts).

So I started mucking around.

And I'm still fine tuning everything. As Rob pointed out, I'm turning into a paranoid sysadmin.

Sigh.

But it is easier to see what I'm letting through.

Obligatory Picture

[The future's so bright, I gotta wear shades]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: https://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

https://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2024 by Sean Conner. All Rights Reserved.