I upgraded my home gateway firewall to Edgy today in the hope of fixing some SATA problems I’ve been experiencing. The new Edgy kernel might help – we’ll see.
Anyway, it went pretty well. Two runs (?) of apt-get dist-upgrade -u, a reboot and there I was.
Unfortunately I had two problems with my Openswan IPSEC VPNs. I’m not so sure if these count as bugs. I’ll be investigating further and reporting if so. Anyway, techie details follow…
Read the rest of this entry »
The Debian ipsec-tools package doesn’t work properly with the Debian 2.4.21 kernel (you can’t specify “ipsec” as policy, it only recognises “discard” and “none”). Herbert Xu helped me out and I’ve rebuild the packages against the 2.4.21 kernel sources, and now it seems to work ok. I’ve made the packages available here.
I’ve setup and old Pentium 100 Toshiba laptop with a wireless card and Debian as a “dumb-ish X terminal” at home over my 802.11b wireless network. It works rather well and very quiet. My girlfriend now has all the wonders that RedHat 9 brings, without having to lug a big heavy expensive power-hungry laptop around the house. Up until now I’d had a hacky ssh remote session thing running, but now I use XDMCP (X -probe IP) to login directly using gdm listening on the central box. A firewall attempts to protect the XDMCP and X11 services, with minimal privacy provided by WEP. I’ll have IPSEC implemented soon enough though.
I’m also working on a fail over redundant MySQL cluster setup at the moment and hope to write a quick HOWTO on it, covering Heartbeat and MySQL 4’s replication system. I’ll announce it here as usual.
We had advanced routing working with FreeSWAN on Linux. I’m amazed it works, especially with the bridging we had in place between 2 other interfaces on the same box (I’m just a tad cynical about the FreeSWAN stuff sometimes) (read: all the time).
John Leach is a human being living in Leeds, UK.
The text of this blog is licensed under the Creative Commons BY-ND license