< ^ txt
Tue Dec 15 07:38:09 EST 2015
Slept from 10:30 to 5:30. Probably could use a little more sleep, but I couldn't fall back to sleep.
High of forty-nine and a chance of rain.
Goals:
Work:
- Work on remote access
No. Did some work on cable modem testing instead.
Twenty minute walk at lunch. Cloudy and cold. I should have put the lining back in my jacket.
Home:
- SEMIBUG meeting tonight at 7:00 PM
Done.
- Remember extension cord, power strip, laptop
Done.
- What do I still not get about ipfw?
Remaining questions:
- What exactly does 'antispoof' do?
The source address on incoming packets is checked.
If the source address belongs to a directly connected network,
make sure that's the packet came from the interface for that network.
E.g. with 10.0.0.0/24 connected on em1,
make sure any packet claiming to be from 10.0.0.0/24 actually entered from em1!
Why does the allow lo0 rule usually come before antispoof?
- Still not totally clear on complex kernel NAT configs.
Clearer, but not totally confident.
- What is dummynet?
traffic shaper/packet scheduler
Rules can divert packets to dummynet using the 'pipe' or 'queue' actions.
Pipes limit the bandwidth of a particular flow.
Queues govern bandwidth sharing between flows.
Interesting, but not something I need right now.
Went to SEMIBUG. Good time. We all went out to Falling Down Beer Co afterward. Cool hole-in-the-wall microbrewery with good food.
< ^ txt