10 Apr 2000 cynick   » (Apprentice)

So I'm attempting to build a new, somewhat cleaner and more modular rc.firewall startup script for FreeBSD.

Instead of having a editable /etc/rc.firewall, I'm redoing it so that loads scripts and ipfw rules from /etc/ipfw/ (or maybe /etc/fw/) when it's run, so that after bootup you can say "sh /etc/rc.firewall safe" and it resets the firewall rules to something safe, and you can specify a group of rulesets you want in rc.conf. Or that's the current idea, I'm still playing with ideas as to what would be nicer, both for the end luser who just wants people not to be able to spam through their systems and the firewall guy (such as I style myself) who ends up having to build a new firewall rule system for every new system he puts together based on the flaws she found last time.

And it gets me thinking how old POSIX sh seems. I don't go five minutes without saying "Gee, I wish I had <some TCL feature>" or "this would be so much easier in zsh." We're so spoiled these days.

Urgh. They took away my dimwit cert. I feel so betrayed. Comic self-debasement is important, dammit!

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!