──────────────────────────────────────────────────────────────────────────────────────────────────────────────── ════════════════════════════════════════════════════════════════════════════════════════════════════════════════ Blog ──────────────────────────────────────────────────────────────────────────────────────────────────────────────── ════════════════════════════════════════════════════════════════════════════════════════════════════════════════

│ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║ ║

Blog

Welcome to the Blog.

Mailboxes to Internet 2: Mail Under Real Traffic

Postfix, hostile traffic, and trust on weekdays

2007-02-27

If Part 1 was about building a bridge, Part 2 is about learning to drive trucks across it in bad weather.

Once mail leaves “small local utility” territory and becomes a central service, the conversation changes. You stop asking “can it send and receive?” and start asking: ... continue

Linux Networking 5: iptables in Practice

Netfilter hooks, tables, and operator-grade change discipline

2006-10-09

If ipchains was a meaningful step, iptables with netfilter architecture was the real modernization event for Linux firewalling and packet policy.

This stack is now mature enough for serious production and broad enough to scare teams that treat firewalling as an occasional script tweak. It demands better mental models, better runbooks, and better discipline around change management. ... continue

Mailboxes to Internet 1: Gateway Years

Crosspoint, dial-up culture, and the beige-box Linux bridge

2006-03-14

By the time people started saying “everything is online now,” many of us had already lived through two different worlds that barely spoke the same language.

The first world was mailbox culture: dial-up nodes, message bases, Crosspoint setups, nightly rituals, packet exchanges, and local sysops who could fix a broken feed with a modem command and a pot of coffee. The second world was internet service culture: DNS, MX records, SMTP relays, POP boxes, always-on links, and users asking why the web was “slow today” as if bandwidth was weather. ... continue

Linux Networking 4: iproute2 Replaces ifconfig

Policy routing and QoS when route stops being enough

2004-06-09

Linux admins in 2004 usually have muscle memory for:

Those tools build competent operators. They are not “bad.” They are simply limited for the routing complexity we run now. ... continue

Debian Woody Home Router

iptables, BIND 9, Squid, and the box the flat finally trusts

2003-03-02

Now the router is in a phase where I trust it.

This is a good feeling. It is not the first excitement feeling from the early SuSE days, and it is also not the hack-pride feeling from the D-channel/syslog trick. It is something else. The machine is simply there. It routes. It resolves. It gives leases. It proxies web. It zaps ads. It survives reboot. It is part of the flat now like the switch or the shelf. ... continue

▲

▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ █ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒ ▒

▼