IPv6 and default routes

Following on from my first tutorial, we have a box set up which has basic IPv6 connectivity. There’s a firewall in place with a simple but sufficient configuration. And we can ping6 from this box to remote IPv6 destinations.

All of this has, so far, made use only of one network interface (in my case eth0) to set things up. However looking ahead to the next step I am aware that I will want devices inside my network (i.e. my workstations, etc.) to have IPv6 connectivity through this device I am setting up. In other words, this device must, as it does today for IPv4, act as a router.

With IPv4 this is, at a basic level (so forgetting about firewalling and so on) very easy: enable IPv4 forwarding and away you go.

For IPv6? A little more complicated…

Read the rest of this entry »

Posted in FPage, IT, Networking | No Comments »

IPv6 – logging and shorewall6

Following on from my early success at get IPv6 running, I soon hit a significant issue: firewall logging.

Now this need not be a “blocker” for everyone, but I take my firewall logging duties quite seriously…!

shorewall IPv4 logging

Currently I have IPv4 shorewall configured to log not using the standard syslog mechanism, but instead to use ulogd instead. This allows me to easily log firewall activity to an entirely separate set of log files very easily. It is entirely not mandatory, but it’s neat and tidy. I then have fwlogwatch to nightly analyse the logs and automatically email the interesting bits to me for occasional checking.

To enable this I have appropriate pointers to use of ULOG in shorewall’s policy and rules files as follows:

Posted in FPage, IT, Networking, Software | No Comments »

IPv6 at home – a guide to getting started

With IPv6 slowly becoming more visible, it was time to get to grips with it. While absolutely not essential (yet!) it seemed like a fun idea: my ADSL provider offers native IPv6 in parallel with IPv4, and my hosting provider is running an IPv6 beta. So I can do native IPv6 end to end between my home and a remote host. “Home” in this case consists of a Linux firewall running iptables, fronted by shorewall. Two ethernet ports: one to the ADSL modem (my “external” interface) and one to the house infrastructure (“internal”)

The Ubuntu server distribution in use is, like most Linux distros, fully IPv6 ready. For example, do an ifconfig and we see

Now I may not know much about IPv6 on Linux yet, but I can see that I’ve got a line beginning “inet addr” which looks kinda IPv6-ish. Good start. Let’s go…

Read the rest of this entry »

Posted in FPage, Hardware, IT, Software | 2 Comments »

Bless me father for I have punched

Several newspapers report today (e.g. here and here) that a British judge this week chose not to jail a violent criminal because he was religious.

The judge said “You are a religious man and you know this is not acceptable behaviour.”

The fact that the judge in question is Cherie Blair, wife of former-prime minister Tony Blair, just confirms that this couple appear able to justify almost anything in their own minds based upon their beliefs and superstitions.

Apparently the UK’s National Secular Society has complained about it, but in true British don’t-kick-up-a-fuss tradition not much more will happen.

So remember: before violently assaulting someone in Britain, say a prayer. No, not to ask for any sort of forgiveness for what you will do, just pray that you get this lunatic women as your judge afterwards.

Posted in FPage, Life | No Comments »

Leave them kids alone

Pope Benedict XVI is apparently set to visit Britain soon. However he has also decided to attack the laws giving gay couples similar rights to married (heterosexual) couples, as a variation on the church’s more general disgust with anyone who does not share their own twisted sexual views

Aware that this is unpopular (the laws have widespread support) he has chosen a rather devious and obfuscated line of attack.

He singles out for criticism the UK’s Equality Bill, currently passing through Parliament. He tells us the effect of some of the legislation designed to achieve this goal has been to impose unjust limitations on the freedom of religious communities to act in accordance with their beliefs. Unjust. That’s the key word there. And then goes on:

“In some respects it actually violates the natural law upon which the equality of all human beings is grounded and by which it is guaranteed.”

Of course the concept of Natural Law is wonderfully vague. One assumes he is referring to some or other Aquinas-style philosophy of everything is OK, so long as it is OK with God too. However that aside, what is he really objecting to? Well, that is made fairly clear by further Church-comment on the matter. Firstly we are told that:

Religious leaders have voiced concern that the Equality Bill may force churches to employ sexually active gay people and transsexuals when hiring staff other than priests or ministers.

Read the rest of this entry »

Posted in FPage, Life | 1 Comment »

Passion for nails

I love the Internet. Not for the more typical use of finding what you need to know quickly and easily, but rather for the effortless ability to tell you what you did not need to know.

In the space of ten minutes or so today I moved from fruit juice to triclavianism, via the Cathars.

Started with a quick visit to Wikipedia to get some information on the chemical composition of passion-fruit juice. But then you just can’t resist haring off down those links that you find and end up in the most byzantine (tee hee) backwaters of medieval theology… Or at least I can’t.

So my dull juice enquiry ends up with me discovering that triclavianism was declared a sin by Pope Innocent III, much to the annoyance of the Albigenses and the Waldensians, who heretically insisted that only three nails were used to hang Jesus from the cross, and he got a spear in the left side. The Pope’s infallible word was that four nails were used and he got speared on the right side.

Which is wonderful enough. Until you cross-reference to The Catholic Encyclopedia (“Copyright © 2009 by Kevin Knight. Dedicated to the Immaculate Heart of Mary.”), subsection “Holy Nails”, where we discover that there are apparently still in existence up to 30 of the original nails used.

Who’d have thought it?

Posted in FPage, Life | No Comments »

BMW France – To be avoided

More fine customer service from the French arm of a large company…

BMW France – you just lost my business. A few weeks ago my wife bought a new car. A BMW. Fine car. Superbly designed and tremendous quality. As a car, we are delighted with it.

Next year I’ll be replacing my car. I had my eye on a sparkling new BMW estate. But so long as I have to buy it from BMW France, it’s not going to happen. Shame, as I really do like the cars. I just can’t stand the company. In the short time we’ve had the new car I’ve had two major issues. Neither concern the quality of the car itself. Read the rest of this entry »

Posted in FPage, France, Life | 1 Comment »

Bit torrent web clients

As detailed in previous posts, I have a server at home which I use to download and seed torrents (and, before you ask, yes most of the torrent are indeed legal!!) The torrent-side of this server needs to be remotely accessible and manageable to me from a number of places, so some sort of web-interface is required.

There are surprisingly few good web-based applications out there to do this. For a long time I’ve been using torrentflux-b4rt to provide a web-interface to BitTornado. It’s a great piece of software, but I’m now stopping using it. It’s always been a bit bloated and heavy, but once set up the way you want it, this has not mattered too much. Read the rest of this entry »

Posted in FPage, IT, Software | No Comments »

Amazon France – Adieu, not Au Revoir

You know how it goes: you discover a company that pleases you and can’t stop raving about it to friends and family. I’ve been like that regarding Amazon for some years. These days I mainly used Amazon France: books, toys, cameras, you name it. In the last couple of years I’ve spent more than 2000 Euros with Amazon France. I was what I would think of as a Good Customer.

I was even, ironically, signed up as one of their Premium Customers, which ensured they got even MORE business out of me!

I liked their prices – not always cheapest, but close enough.

I liked their web-site.

I liked their customer service – when something “went wrong” they would sort it out. It has to be said, though, that my experience of Amazon’s customer service is more based upon dealing with Amazon UK in times past, not so much with Amazon France.

So I was a keen customer and advocate, and spent oodles of money with Amazon. So how come today I cancel my Premium account and, once my final orders have limped in some time next week, will cancel my whole account and never, ever, darken their web site again? Read the rest of this entry »

Posted in FPage, France, Life | 2 Comments »

Sockstress mitigation on Linux using Shorewall

This week’s hot security issue in the networking world is sockstress.

Nasty little vulnerability, found in all known TCP implementations. Given the right circumstances (read up on it) it allows a very neat DoS attack to be mounted on a large destination with minimal attacking resource. And the really elegant part is that it exploits a fundamental weakness in the very architecture of TCP as implemented on all major platforms. Read the rest of this entry »

Posted in FPage, IT, Software | 2 Comments »