Older blog entries for redowl (starting at number 1)

9 Nov 2001 (updated 14 Nov 2001 at 07:50 UTC) »

It's 4am(PST)...do you know what your firewall is doing?

Well, I was wondering why my internal net boxes (such as my whinedoze box) couldn't get to the net, but all outside requests could get in with no problem (i.e. my website).

<yawn> answer...I forgot to bind the iptables PREROUTING chain to
my external interface only. So this:

iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.3:80

was changed to this:

iptables -t nat -A PREROUTING -i $EXTERNAL -p tcp --dport 80 -j DNAT --to-destination 10.0.0.3:80

Before the change, PREROUTING the chain, by default, was applied to both interfaces. Thus, all incoming port 80 requests on my internal interface were connecting to itself. I didn't see this until I ran 'tcpdump -i eth1'. Since my workstation is my gateway (for now...), I didn't notice this problem until I tried accessing the web on my internal LAN.

Ah well, case solved.

Good night.

8 Nov 2001 (updated 8 Nov 2001 at 21:17 UTC) »

I'm glad to see that the EFF has joined the Morpheus defense team in the complaint against file sharing companies.

The case description for MGM v. Grokster can be retrieved here:

MGM v. Grokster [pdf]

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!