Diary of a geek

May 2005
Mon Tue Wed Thu Fri Sat Sun
           
         

Andrew Pollock

Categories

Other people's blogs

Subscribe

RSS feed

Contact me

JavaScript required


Sunday, 29 May 2005

Fun and games with cross-platform database interoperability

Okay, so I'm no longer buzzword-compliant with the current fashion on Microsoft data access. That's because I haven't followed it for around 5 years.

The problem:

We've got a Windows application (it's a honking great big CD burning "appliance" (I use the term loosely, it's really a full-blown Windows box with a burn of CD burners in it and a bit of robotic stuff going on)). We want to push files to it from a Solaris box, and have it produce CDs when it's received enough to fill a CD.

The software on the Windows box driving this whole process can apparently log to a database, using OLE DB. Good for it. We don't want to delete the files from the Solaris box sending them across until we know we've successfully got them on CD.

The current school of thought on how to deal with this was to use a MySQL database on the Solaris box, and query it to find out what files have been burned to CD, and then remove them from the Solaris box.

I got involved at the point where a co-worker had been bashing on some (what appeared to be) significantly dated piece of software to do OLE DB access to MySQL. I actually don't have the foggiest on what the difference between OLE DB and ODBC is. I'd previously had success getting Microsoft Access (as a front end) to talk to MySQL (as a back end) via ODBC, so I thought I'd have a fiddle.

I threw away the MySQL OLE DB stuff and got the latest greatest MyODBC driver for Windows (which appears to be significantly better maintained). I also grabbed the latest greatest Microsoft Data Access Components (MDAC) just to get the OLE DB provider for ODBC if I didn't already have it.

So the problem appears to be that the application, when it tries to create tables in the data source provided, tries to do it the "Microsoft SQL" way, and throws square brackets around the table name, and possibly the attribute names as well. Someone muttered something about part-time DBAs creating tables with spaces in the names.

I'm of the theory that this is happening in the application, and no amount of data access crap between the application and the database is going to clean this up. It's just not talking in an ODBC compliant manner. Damn it.

So the next approach is to try using MSDE as the database, and have it on the Windows box, and use FreeTDS on Solaris to query the database. Bags not having to build that.

I'd really like a sacrificial Linux box for prototyping. It would mean I could very quickly test the viability of things like this without having to inflict building the software on Solaris on someone (and waiting for it to happen).

[17:39] [work] [permalink]

Saturday, 28 May 2005

Yummy surprise

This afternoon Sarah took me out to high tea at the Hyatt to celebrate the end of all my assignments because we haven't been able to spend a lot of time together lately because of them. It was a lovely surprise and the food was delicious.

[00:44] [life] [permalink]

On Schapelle Corby

So, she's been found guilty of drug importation and copped 20 years?

Do I think she's guilty? Of stupidity, definitely, if all the reports are accurate. Of drug trafficking, I'm not convinced.

I remember seeing footage of her months ago when she was first arrested, being dragged into court laughing. In a country with the death penalty for drug trafficking, it's no laughing matter under any circumstances. Apparently she tried to stop the customs officials from opening her bag. Apparently she admitted to the drugs being hers. I don't know about the validity of either. If it's true, then it reinforces the stupidity charge.

What I will say is that there is no way in the world I would holdiay in a country with such a fucked up judicial system. Apparently they didn't fingerprint the bag of drugs - because the customs officials had all handled it after they found it, so it was pointless. Had proper forensic process been followed, perhaps they could have connected the bag of drugs to a baggage handler in Sydney airport.

In Australia, you're innocent until proven guilty, and you only have to prove reasonable doubt. Sure, she had the drugs in a bag in her possession. A judge would take a very dim view of the lack of forensic process followed though, once it was discovered.

If the allegations of Sydney airport baggage handlers doing dodgey stuff (perhaps strengthened by something concrete) didn't equate to a bit of reasonable doubt, I don't know what would.

So whether she's guilty or not, I think she deserved a better trial and handling of her case.

I think Australians should vote with their feet. Don't holiday in a country where you are at risk of not receiving justice if you fall fowl of the law - even by accident.

[00:39] [] [permalink]

Friday, 27 May 2005

Two years

On Wednesday, I hit the two year mark as a Debian Developer, but was too busy to take the time to reflect.

I first was introduced to Debian back when I had the ISP, and one of our technical staff suggested that when we replaced a Slackware box, we install Debian on it instead. I remember grappling with this dselect thing, but immediately liking the fact that I didn't have to compile stuff (and deal with all the complexities that went along with it). I'm thinking we're talking about bo here.

I remember when apt first came out, and the first thing you did when you installed a Debian box was download the .deb from http://people.debian.org/~jgg and could bid adieu to this hideous dselect thing. That was good. I then plodded along with Debian for the next 3 years or so, increasing my general Linux fu.

Then I had the opportunity to deploy a large-scale Debian-based Internet gateway at my current place of employment. Somewhat prodigiously, woody had just been released, and I discovered FAI.

Around this time, we also were using Argus to attempt to do data billing of our clients. The existing Debian maintainer was in the NM queue himself, and cracked the shits one day over how long New Maintainer processing was taking and decided to orphan all his packages. As we were reasonably reliant on Argus, I figured this was a good time to get involved and adopting it, and decided to get the ball rolling on becoming a developer myself.

So what have I done in my first two years as a Debian Developer? Not as much as I'd have liked, but still a fair bit. The packages that got me involved in the first place, argus-server and argus-client are in pretty good shape. Upstream is a bit dormant at the moment, and after Sarge releases I plan to look into reworking the maintainer scripts as they're a bit crufty.

I've packaged dstat and elfsign from scratch. I don't think elfsign is terribly popular, but due to the trickle of bug reports that have come in for dstat, I suspect that it has caused a little bit of interest. The upstream author has also seized upon the PTS and I suspect he thinks it is the best thing since sliced bread.

I also adopted simpleproxy and vaiostat (which I've subsequently handed over to someone who still has a VAIO) and become a co-maintainer of dhcp3. I plan on doing a lot of stuff with dhcp3 in the near future.

The two other areas that I've contributed have been debian-installer and QA. The former not as much as I'd have liked, and the latter a reasonable amount.

For the installer, my main contribution was doing some test installs. I also made a few trivial fixes to lvmcfg and mdcfg, as the functionality that both of these provided was important to me. I would have liked to have done a lot more, but d-i has a bit of a learning curve, and I just didn't have enough spare time.

QA on the otherhand, was something I could really sink my teeth into, and I could do as much or as little as I liked, due to the granular nature of the work. When I first started on the list of orphaned packages with the maintainer not set to the QA group, there were I think over 300 packages languishing there. I got stuck into them, and progressively worked through the list, making numerous uploads, suggesting removals, fixing easy to fix bugs.

It's been an enormously educational experience, as there's been some real antiques sitting there, with build systems that predate all of the stuff that is in popular use today. It was fun trying to get a handle on how those packages built so that I could attempt to fix stuff.

So that's been my first two years. I don't know what the next two will bring. I've been in two minds over whether Debian is imploding, and whether I'm better off expending my energies on Ubuntu instead. Things that I guess will help make up my mind are how the Social Contract changes are implemented, what happens with the whole Vancouver Proposal thing, and how long it takes to release etch. Time will tell.

[16:09] [debian] [permalink]

Little Cat

Or "LC" as she is known, is the name of our new cat.

A while ago, we sought permission to keep a cat in our new place, and somewhat to our surprise, we received it. We hadn't raced out and got a cat immediately though.

Someone was advertising at Sarah's work that a 10-year old desexed female cat required rehoming, so we took her. She's settled in really well, but for a cat that is so small, seems to have hollow legs. Seems like we need to work on the food rations a bit yet.

[15:24] [life] [permalink]

Calm before the storm?

Well, with one week of teaching remaining, I have passed through Assignment Hell moderately unscathed. Poor Sarah has hardly seen me for the last three weeks though.

Neither assignment that was due yesterday is spectacularly good, but hopefully I will pass both of them.

Now for exams. Luckily I have managed to get some time off for the week of them so I can do some mad cramming the whole time.

[15:17] [uni] [permalink]

Thursday, 26 May 2005

Who would have thought?

That on my favourite Unix, Solaris, you needed to have the NFS client packages installed in order to get the NFS server kernel module to load.

I love Solaris. Let's put bits of the kernel in random packages. That's the way.

[22:26] [work] [permalink]

Monday, 23 May 2005

World of pain (or 6th migration (fourth enforcement module))

Just when you thought it was safe to sleep past stupid o'clock...

I wrote last week that my firewall replacement program had been put on hold. Well, due to some internal politics, I ended up replacing the last remaining one in this particular gateway this morning, rather than leaving it with two arms on new firewalls and one arm on an old one.

I didn't actually mind too much, as it's kind of nice to actually vaguely finish something. I've only got two more in this site to do (in a separate gateway), but that'll happen probably in July at the rate things are going.

Anyway, I was in a world of hurt this morning performing this change, and it was all my fault.

I like to have a repeatable, auditable process for building these firewalls, and it's served me quite well to date. I think I need to more thoroughly check what I'm doing though. I did build this one in a bit of a rush because I only learned I was doing it last Wednesday afternoon, and did most of the configuration migration on Thursday.

The main source of problems was that I managed to migrate /etc/netmasks as /etc/defaultrouter. So not only did I bring up all my interfaces with completely insane netmasks, I also brought up my firewall with 8 default routes. This left me quite miffed, as I discovered after I'd swapped to the new firewall that I had completely bogus interface netmasks and a pre-migrated /etc/netmasks file. I couldn't figure this out, as I'd ticked off migrating /etc/netmasks on my checklist. It was only after a colleague came in and noticed the 8 default routes and that /etc/defaultrouter contained /etc/netmasks, that I realised what had happened.

I'm very annoying with myself for

  1. screwing up
  2. not realising pre-swap that I'd screwed up.

The moral of the story is that I need to actively recheck my checklist after I've completed it, not trust myself to have done each line-item correctly at the time.

At least there were no kangaroos this morning.

[17:07] [work] [permalink]

Thursday, 19 May 2005

Holy crap, Canberra.pm had a meeting!

Earlier this month, Jacinta Richardson of Perl Training Australia fame emailed the Canberra Perl Mongers mailing list mentioning that Paul and herself would be in Canberra later in the month delivering some training, and was keen to have a dinner and talk.

This was met with good old apathy, and after a round of prodding, I decided I'd organise a dinner at Bernadette's in Ainslie.

There was something like 9 of us there. Paul gave a talk about Mason, and Jacinta gave a sneak preview of an upcoming Perl Security talk she's giving next month. Both talks were quite interesting, and Paul's talk got me thinking about demi again, and whether I should just stop trying to find time to learn Python, and write it in Perl with a Mason web interface instead.

I learned an interesting bit of trivia about the meaning behind the abbreviations for internationalisation (i18n) and localisation (l10n). The 18 and 10 are the number of letters between the "i" and the "n" and the "l" and the "n", respectively.

The private function room we had the dinner and presentations in worked quite well, and it was a good night.

[05:45] [life] [permalink]

Wednesday, 18 May 2005

Using bl.reynolds.net.au as a DNS RBL?

You might like to stop

[23:30] [tech] [permalink]

My brief run in with Open Source spreadsheets

Well I just tried to do (what I consider to be) a fairly basic thing I used to do a lot of in Excel, in both OpenOffice.org's Calc and Gnumeric.

That would be categorising my mobile phone bill.

In Excel, I'd turn on the auto filter, and then do an @SUM on the cost column. If I filtered by something in one of the other columns, the total at the bottom reflected the total for the current filter.

I can't seem to do this (at least not by doing the same sort of actions) in either Gnumeric or OpenOffice.

A further annoyance is that if I do use a filter, I cannot access beyond the bottom of the selected rows. So I can't add an @SUM at the bottom of the cost column after I've filtered. I can't even scroll any lower.

How annoying. (Oh and I do like how OpenOffice wants to ask me if I'd like to autosave. How polite. And useless)

[04:39] [tech] [permalink]

Tuesday, 17 May 2005

Kangaroos have the worst road sense

So I was driving in to work this morning at stupid o'clock because I had to perform a firewall replacement out of hours.

Just before I get to work, I blat along an 80 km/h zone. It alternates between two and three lanes and is a dual carriageway. It's Ginninderra Drive. Nice bit of road. Then I peel off that, and drive around the back of the AIS and then I'm all commuted out.

So it's still well and truly dark at stupid o'clock, and as I come over this bit of a hill, decelerating as I approach the bit where you peel off towards the AIS, I spot a fairly decent sized roo standing upright on the side of the road. Not wanting a repeat performance of last time, I further jump on the breaks and slow right down to about 20 km/h or so, and am nearly beside the kangaroo. At this point, Skippy the mental giant that he is, decides it's a good time to cross the road. Fortunately slamming the brakes on at 20 km/h isn't a terribly big deal, and noone was hurt.

You've just got to love how kangaroos seem to like to try and cross the road at the least opportune time. They'll wait until the one car on the entire highway is right in front of them. They must have a liking for being caught in headlights or something.

[00:14] [life] [permalink]

Fifth migration (third enforcement module)

This morning I did another Firewall-1 replacement. Not a lot to report. It was a bit more of an inconvience because I couldn't rack the new one in alongside the old one because of rack space constraints, so I had to start extra-early so as to get it all done before the testers all did their thing.

The remainder of the rollout has been put on hold as I'm being transferred over to a disaster recovery project (well, it's really a project to build a fully DR-capable replica of the existing site for deploying up in Sydney).

At this stage it's just for June, but who knows how long it'll really be?

[00:01] [work] [permalink]

Monday, 16 May 2005

On HTML email

From the SANS Internet Storm Centre Incident Handler's diary:

If God had intended for email to be written in HTML, then the traditional signoff of prayers would be </amen>.

Heh.

[14:14] [humour] [permalink]

Friday, 13 May 2005

Damn

apollock@debian:~$ date -d '13 dec 1976 + 10000 days'
Fri Apr 30 00:00:00 EST 2004

No 10K days party for me :-(

[05:18] [geek] [permalink]

Thursday, 12 May 2005

The clock is ticking...

Tonight Sarah and I went to see the marriage celebrant to lodge the Notice of Intended Marriage, which we had no idea was a legal requirement for getting married until we rang the celebrant earlier this week.

Apparently you have to wait a month after lodging this thing before you can get married, and have up to 18 months to tie the knot. As there is the possibility we might be moving overseas for work, and we might need to have a quickie wedding beforehand, we thought there was no harm in lodging this thing now.

[05:48] [life] [permalink]

Sunday, 08 May 2005

Adventures in User Mode Linux

I have an upcoming application for some UML hosts, so I blew the cobwebs off the Debian packages over the last week and had a bit of a fiddle.

kernel-patch-skas

So if you want to run a UML guest, you really want to have the Seperate Kernel Address Space patch in the kernel of the host running the guests. As I track Sarge, and currently run a bog standard Sarge 2.6.8 kernel, I wanted to be able to just patch SKAS into it. I didn't want to deviate drastically.

So first cab off the rank was hacking kernel-patch-skas so that it would patch a 2.6.8 kernel. This was relatively easy, I just had to retrofit the 2.6.8.1 patch, which was already in there. I took out the hunk that patched the top level Makefile, and it applied perfectly to both a clean 2.6.8 kernel source, and a 2.6.8 source with kernel-patch-debian-2.6.8 applied. It built, I'm running it on my test box.

kernel-patch-uml

This is where the fun starts. At present, this patches 2.4.26 or 2.6.8.1. I naturally wanted to have it work with everything in Sarge, so I added 2.6.8 to the mix, with the same patch as 2.6.8. This applied fine to the 2.6.8 sources.

user-mode-linux

This is where the fun stops.

As it currently stands, this package is just a bit of glue between the kernel-source package and the kernel-patch package. It also introduces a few patches of its own, which I haven't been able to figure out yet. With some slight modifications to this package, I had it build-depending on kernel-source-2.6.8 and my new and improved kernel-patch-uml and had all the patches applying. Building was a different story.

I've temporarily given up on trying to get UML to work with everything in Sarge. Apparently there are some security issues with anything older than 2.6.9, so I've turned by attention to Sid for the time being. I believe 2.6.11 has all the UML patches merged in, so I've gutted user-mode-linux to just essentially build-depend on kernel-source-2.6.11 and not apply any patches at all, and build with ARCH=um. That's currently building, so we'll see what sort of a mess that leaves me with.

I NMUed kernel-patch-skas this morning, don't know if the release team will accept it into Sarge or not, given it is frozen, but if they do, at least you will be able to build a UML hostable kernel from Sarge. Building a guest will be a different story, unfortunately.

Matt Zimmerman replied to my NMU asking me if I'd like to adopt the UML packages. I probably will, given I'll be having a bit to do with it again. Unfortunately I have no kernel fu whatsoever, so if I hit problems, I'm going to be stuck between a rock and a hard place.

[19:52] [debian] [permalink]

Friday, 06 May 2005

New category

I've created a new category in my blog for cool technical gadgets that I come across in the course of my work or play. Because I don't want to be accused of advertising and get struck off any Planets, I won't be feeding it Planet Debian or Planet Linux Australia.

Update

Due to technical difficulties with the fakecat plugin for Blosxom, I'll be spamming all you Planet readers with my gadget posts. Sorry, I tried. It's vaguely product-reviewy as opposed to blatant advertising anyway.

Update

Due to extreme responsiveness from fakecat's author, Planet Debian and Planet Linux Australia readers are now spared.

[02:06] [tech] [permalink]

I have a green helmet

No, I don't have a gangrenous penis.

Today, I was issued with my helmet as I had passed my first aid course.

For some reason, first aid officers get a green helmet. Chief fire wardens get a red helmet, floor wardens get a yellow one.

I'm not quite sure why someone who performs first aid requires a helmet. If I don't wear it, can I still provide first aid?

[01:47] [work] [permalink]

Thursday, 05 May 2005

iBoot

Product
iBoot
Vendor
Dataprobe
Australian reseller
Zantech
SAGE-AU member discount?
Yes
Why do I think this is cool?
This is great for the situations where you want remote controlled power, but don't want to go all out for (or need as many ports as supplied by) something like what Cyclades or APC sell.

[23:53] [tech/gadgets] [permalink]

Wednesday, 04 May 2005

On the state of law and order in the Australian Capital Territory

So Sarah's car got broken into last night and her purse stolen.

It's bad enough that the theft occurred in a dense townhouse complex, to a car parked in a driveway metres from our front door, but when the police were called this morning, they weren't even interested in coming out to fingerprint the car.

As Sarah said to me today, it means thieves can just go about doing their thing with impunity if the police won't even attempt to follow them up.

You'd think with a place as small as Canberra, that if everyone knows someone who knows someone else (i.e. 2 degrees of separation), that the criminal population would have to be well known to the police. You'd think with a bit of a concerted effort, they'd be able to wipe out a lot of theft.

It reminds me of another time (Christmas Eve in fact) when we were living in Ainslie. We were woken at around the crack of midnight by a nearby house burglar alarm going off. After it continued making an ungodly noise for about 5 minutes, Sarah called the police attendance number, and the police weren't interested in coming out, even though there may have been a burglary in progress.

I told my mate Nick, who is a cop in Queensland about it, and he said that up there, they'd make it a priority to attend such a call, as it meant they could potentially nab a burglar "in the act".

ACT police are so lax.

[05:10] [opinion] [permalink]

Star Wars day

"May the Fourth be with you".

Groan.

[04:53] [humour] [permalink]

Drowning, not waving

To quote Mikal

It's just hit me this week that I'm not going to be able to just sail blithely through this semester and pop out the other end passing everything. It's just not going to happen. Steve's right, full-time work, part-time study is hard. (I mean, it's not like I haven't done it before, and I wasn't terribly successful back then).

I'm off to bury myself in a textbook. If you're looking for me most weeknights and weekends, try the University.

[02:30] [uni] [permalink]

Monday, 02 May 2005

Devastated

Yep. I think that pretty much sums it up. My oldest, dearest friends are looking like they're going to split up.

I've known Nick since around 1995, when I was working in my first job as a Mainframe Operator at the Brisbane City Council. He had worked with my Dad as a chainman in the Survey Section of the Works Department before that. I think he was engaged to Susan from the point that I knew him.

Nick's a top bloke. Really cool, funny, with a really quick, smart mouth. He's in his thirties now, so he must have been about 22 or 23 when I first met him. As an 18 year old, I hero-worshipped him.

I can't remember what year they got married, but I went to their wedding. The one thing that has stayed with me to this day is a line from Nick's speech at the reception. It went something along the lines of

Marriage is the ultimate game, and I'm in it to win it.
with some sort of reference to football (he's always been an avid Rugby League and Touch Football player.

Nick left the Brisbane City Council to work for Australia Post, intially as a postman, and later as a night sorter. Susan was always a paediatric nurse. We shared many a drunken party, camping trip, dinner, and picnic together. I have a fantastic photo from a camping and fourwheel drive trip to Stradbroke Island, which I used to proudly display until I broke up with the girlfriend who was also in the photo.

I moved to Canberra. I was never very good at staying in touch with people, but the one set of friends I always called, and always made a point of visiting when I was in Brisbane were Nick and Sue. Nick wasn't always fantastic at returning the calls, and if it were anyone else, I would have written them off as not worth the effort.

Nick left Australia Post, and was successfully recruited into the Queensland Police. I flew up for his swearing in.

They decided to have kids. Susan had a hell of a time falling pregnant with their first child. I know Sue got very depressed, and I think Nick, being a fairly, umm, emotionally withdrawn type (a "bottler") wasn't necessarily seen as being terribly supportive by her during this time. I suspect it is around this point where things started to come unstuck. As an outside observer, who saw them infrequently, it was hard to tell. I know for a fact there was a lot of tension around this time.

After about two years, and some medical intervention, Susan fell pregnant, and had a healthy son Jack. I have nice framed photos on display in my living room. I was so happy for them when Susan finally fell pregnant I cried.

That was a little over 2 years ago. A year ago, Susan fell pregnant again, totally out of the blue and three months ago, gave birth to their second son, Harry.

We were in Brisbane on the weekend for the wedding of one of Sarah's cousins, and I'd been looking forward to it as it was to be the first time I'd see Harry.

Nick was on duty when we dropped around to see everyone, and he only popped in briefly. After he'd left, Susan told me that he'd moved back with his parents 2 weeks previously. She said she couldn't understand why. I'd seen things becoming increasingly strained between them over the years, but I'd hoped things wouldn't ever come to this.

Today, I gave Nick a call, to hear things from his side. He said that he'd fallen out of love with Susan. There wasn't anything there any more. He only thought of her as a friend and was like a sister to him, not a lover. He wanted to remain amicable with her, and not have a messy split that was the result of a spirally relationship, and most of all, he didn't want it to all go totally pear-shaped in front of the kids. He said he felt trapped.

I can understand where he's coming from. I've been in a similiar relationship in the past (sans the kids), and it's hard. When you aren't a fantastic communicator, it's even harder. I just think it's sad how society has gotten to the point where "till death do us part" is really "until it gets too hard". I personally don't see what's wrong with spending the rest of your life with someone who is your best friend.

I'm really sadened by this development. I love Nick and Sue enormously. Nick realises that this is going to totally turn his life on its head, as they have so many mutual friends, and it'll kill him financially. I'd asked Nick to be my best man at our wedding next year. He said (and I agree) that maybe that isn't the best idea. That makes me sad as well. I was going to mention that line that has stayed with me all these years in my speech at the reception, but it doesn't really mean that much if the person who said it didn't win the game...

Sadness.

[23:43] [life] [permalink]

On Ian Murdock and Debian

When I first read today that our progenitor had been kicked off Planet Debian, I was absolutely outraged.

Now that Scott has explained himself I can more or less accept that he did the best he could given his situation at the time. Mind you, I'm not sure how pressingly urgent it was that he get struck off as quickly as it happened, but I don't know the full circumstances.

So now I direct my anger at the > 80 people who complained to Scott about Ian's post about Componentized Linux RC1.

Oh eighty complainants, how does one person blogging about one Linux product differ from a multitude of others blogging about another Linux product, that is, Componentized Linux and Ubuntu? I just don't see where these people get off. Both are derived from Debian, both employ Debian developers. Most importantly, I am happy and interested to read about both of them.

The sheer inequality of this pisses me off immensely.

While we're at it, why is it that one half of what the project is named after has to sit in the New Maintainer queue for a year this month? I think that is grossly offensive in and of itself.

Anger.

[21:45] [debian] [permalink]

Fourth migration (second enforcement module)

This morning I got up at a quarter to 5 to get into work and do the next firewall migration. This one had to be done "out of hours" because I'm getting into the territory of the firewalls that see all the action now.

I was really apprehensive about this one, given that I first started building this firewall about a month or more ago. With a lot of politics, hardware orders taking forever to turn up, and me taking a couple of weeks off to help run a conference, the schedule got pushed back a lot. It had been so long since I'd done a migration, and so long since I'd built this firewall, that I was really worried I'd mess something up.

Fortunately all my checklists I'd made seemed to hold up alright. Yay for quality assurance. Some strange anti-spoofing problems crept in, but a co-worked is going around doing a general anti-spoofing cleanup after me, so I've left that for them to resolve in a more permanent fashion that I did.

[21:27] [work] [permalink]