I signed up for a

I signed up for a mini triathalon. It’s not too harsh, actually, it looks like it’s a perfect one to start with. It’s certainly a mini, including a 400meter swim, a 2 mile run and a 6 mile bike ride. Details can be fouind here. I figure it’ll be a good way to maybe stay in shape for any jiu jitsu or submission tournaments I may do later in the year. I did a 2 mile run today and it wasn’t bad at all, not having run in at least 3 months, although I have been cycling a lot.

On a completely unrelated note, I started playing with EvoCam today as a way to piddle with my iSight. It seems pretty cool, you can force it to do some pretty neat stuff like only record when there is motion. It can also upload via sftp, which is very, very cool. I recommend checking it out if you’re looking to do more with you iSight

EvoCam can also send images as an email, save them to folders, even record video. It also has it’s own web server that supports authentication.

MacOS Tiger had/has some issues

MacOS Tiger had/has some issues with the Cisco VPN client. It was a widely public fact. I experienced it first hand. But, being that I have admin access on our VPN concentrator I was able to get the newest clients to *kinda* work. There were still a lot of issues with the “compatible client”. Now that Cisco has released the client version 4.6.04 (0061) it’s much better, but sleeping and waking the machine with the client connected yields funkyness, yeah, I know you shouldn’t do that anyway, but some do. I forget to disconnect sometimes myself. The best way I’ve found to get it to work again is to kill the client, reload the kernel extension and restart the client. Some of this requires Command line work and most people don’t really enjoy that (personally I’m quite at home on the CLI). To alleviate this, I wrote some simple applescripts that will help automate the reload of the CiscoVPN kernel extension.

Both are fairly simple, the first one requires that your sudoers file
be set up to not require a password to execute sudo. It will simply
kill the vpnclient, reload the kext and restart the vpn client.
The second one does the same thing but will open terminal.app and
require you to authenticate. It then delays for 10 seconds (to give
you time to type your pass) and restarts the vpn client.
They are available here.

In the time that I’ve

In the time that I’ve been (what I would describe as) an IT professional, lets say, >5 years and Why can’t I find a filtering system that does everythiung I need and want?
I love the packet mangling, QoS, traffic shaping, whatever you want to call it today. I can’t use an internet cnnection without it. I NEED my ssh connections to be fast and not lagging. I WANT my surfing and email checking to be zippy and snappy. I also may want to cvsup or ftp the newest ISO of FreeBSD at the same time.
I’d LOVE to have the ability to use PF under FreeBSD with it’s beautiful syntax and ease of use. It’s like the Lamborghini of filtering. Elegant, powerful, fast. I also want to be able to do things like filter or QoS based on pattern matching or block stuff local to certain interfaces via MAC address. I want to be able to NAT OR bridge and have all the functionality in both function. Maybe it’s a pipe dream. I really like some of the abilities of netfilter. Blocking via MAC is great for something like an apartment complex on a college campus as is filtering via pattern matching. Linux has all of these features……but then I’d have to use Linux…..
Some may say that that may not be a bad thing. I don’t necessarily disagree.
Maybe thats why I feel linux is too clunky compared to the seemingly streamlined sleekness of a BSD. All the cool features weighting it down? Maybe.
Are there holes in my ideas, of course. The smarter of the users could always clone a MAC. Thats a simple workaround for MAC based filtering, BUT, 90% of users aren’t going to know how.
Pattern matching on packets for filtering, yes, I agree that it *should* be done by a proxy. After all, that is what a proxy is supposed to do. But look at the L7 filter project. It works pretty well if one understands what it can and can’t do.
I fully realize that PF is a layer 3 product…….but so many others have broadened their scope to include useful features like this. Maybe this is why PF is so powerful and clean, I don’t know. Could it be that it is because it doesn’t try to be everything to everyone? Probably. I can always speculate.

I’d love to see an independent PF based add-on project like the l7 filter. Unfortunately, I’m nowhere near at the programming level to even think about attempting it myself.
If you know of one, please email me.

I know, I can want in one hand and take a dump in the other and see which one fills up first..

It’s a pretty well known

It’s a pretty well known fact that I like Apple computers and most people have seen a lot of the spam and ads referring to getting a free mac mini or a free ipod. I always thought they were BS. A scam attempt to harvest email addresses or another version of something nasty.
Well, interestingly enough, I actually know someone who really DID get the free Mac Mini, I saw it. He already had one, and sold the one he got for free for ~$500 and bought an ipod photo. I was flabbergasted. I couldn’t believe that it actually worked. There had to be a catch, and in fact, there was.
I decided that I was going to read up on it, after all, there are tons of people selling this info on ebay, posting it on web forums, etc. Maybe I’d a actually give it a try. What the hell, right? After doing a little reading it looked to me like it was some kind of a pyramid scheme. I signed up at FreeMiniMacs.com with a GMail account I use for stuff like this and had at it.
You have to complete an “offers” meaning that you have to sign up for something. THEN, you need to refer (I believe) 10 people to do the same. For what it’s worth, my link is here.
We’ll see how long this takes…..if it ever completes.