Diary of a geek

March 2005
Andrew Pollock


Wednesday, 09 March 2005

Enforcement module migration SNAFU redux

Just when you thought it was safe to push a firewall policy...

Today one of the Operations guys tried to push an updated policy to the enforcement module that I migrated recently and was greeted by some errors regarding "No valid FM license". (I still haven't figured out what FM stands for yet).

I've no idea why this happened out of the blue. I could certainly push a policy after I finished the migration. I restarted Firewall-1, and also received some "No valid FM licenses" during the initialisation messages.

I pulled up the SmartUpdate application, and detached the licenses associated with that node and reattached them (well I noticed that one of them was for an IP address that wasn't on that firewall so I left that detached) and did a cprestart, and everything came good. I gave it a reboot just to make sure it wasn't going to return to SNAFUness after a reboot, and it was still good.

I look forward to the next enforcement module migration with much fear and trepidation.

[21:08] [work] [permalink]

Finally, a QFE card

I finally managed to get my hands on a QFE card today.

These things pop up reasonably frequently on the Australian EBay, but they are always hotly contested, and the price usually ends up skyrocketing by the end of the auction. They're popular because Sun has effectively discontinued them in favour of the Quad GigaSwift Ethernet adapters. They're pricing a QFE at $US 1,795 compared to $US 895 for a GigaSwift. I heard this was to deter customers from buying the QFEs as Sun want to stockpile what they currently have to use as spare parts for customers on hardware maintenance contracts. At around $AUD 100 - $AUD 150 on EBay, arguably brand new, they're a huge bargain.

After losing the third auction for one, I got sick of stuffing around with the auction process, and bought one outright from EBay in the US for less than what they were going for in Australian dollars on the Australian EBay. Gotta be happy with that.

I think I only paid for it on Saturday, and it turned up in the mail today, which totally blew me away for $AUD 12 in shipping. I don't imagine I could send something in the opposite direction for that much...

I quickly chucked it in my desktop PC to make sure it actually worked before providing some feedback to the seller. Linux picked it up fine, but my other NIC seems to be playing up. It didn't get a DHCP lease. Audio also went a bit bonkers. I suspect I have a resource issue of some sort, or I managed to scratch the motherboard when I snapped off the blanking plate for the last PCI slot in the box. I'll deal with it later.

I want to start having a play bridging under Linux, and build a bridging firewall that is totally transparent. I also want to build an inline transparent Argus probe. All these require lots of interfaces, so having four on one card is perfect.

Now I just need to have the spare time (and additional hardware) to do this. Argh. I have too many projects going at once.

[04:32] [tech] [permalink]

Wednesdays are officially hectic, first aid, meeting new people

That's why I'm blogging at 11pm instead of Zzzing.

A the best of times, I have a 2 hour lecture at 1pm, for which finding a carpark seems to be a nighmare on a Wednesday (Monday at 3pm and Friday at 1pm is significantly easier). Then I dash back to work for a token hour or so of work, then I dash back to Uni again for a 1 hour tutorial at 5pm, which for the next four weeks, I have to leave a bit early so as to make it to Deakin to a Senior First Aid course at 6pm until 10pm.

But it's all good. The First Aid course is interesting. The four hours went fairly quickly tonight. I met Renee, who has just started doing a PhD at ANU and just moved here from overseas (she's French-Canadian, but I'm not sure if that's where she's most recently from) with her Australian husband (who has just started a lecturing job at the ANU). One of the reasons she was doing the course was to meet people, so I might invite her and her husband around for dinner when I see her next week.

[04:17] [life] [permalink]