davemclain.com

After a long summer of no internet in the house, I’m finally waiting for the Time-Warner cable guy to get here. I started setting up the network so that I can pretty much just plug it in and have it be just like home again. Here’s a diagram of how i’m actually posting this. (yay, Visio)

I’m NAT’d at least three times between the cable box and my laptop. The packet passes through whatever proprietary OS the neighbor’s wireless is running, OSX (Internet Sharing, ftw), Linux/iptables, Libux/whatever DD-WRT uses, and finally through the WinXP network stack. I’m not sure whether my living room is an abomination or a miracle.

Coding Horror, one of the many things on the internet that sucks away my time, had a story a few years back comparing software development to moving stones for a pyramid. The gist is that there’s a big stone block a distance from your building site and you have a deadline to get it there. Brute force says take the distance, divide by days, move it that much every day, which is great, but likely to result in unhappy slaves (meh) and non-reproducible results (ouch).

The lesson is that every day you need to move the stone at least one day closer to its eventual location or do work that increases your speed such that the moving stone can get there in one less day.

I think thus far in my development efforts my approach has mostly been of the brute force method, which kinda hurts. I do my best to quickly write code that gets the job done well, without any n factorial algorithms or similar badness, but ultimately my current problem is in those first few words “I do my best to quickly write code”. I’ve succeeded in the past based on the ability to solve small problems rapidly, but ultimately the more valuable skill is the ability to solve large problems early. It’s one of the reasons I really like being at Credera, so many of the senior people in the technology practices approach problems in methodical ways that I think I used to mistake for a lack of agility, but now recognize as using proven resources and techniques.

It’s silly to walk up to a hunk of marble and say “lets not use logs to roll this piece” because it’s not made of granite.

It has frustrated me a lot that OSX displays the time in the upper right hand corner and has an option to display the freaking day of the week, but doesn’t allow you to display the actual date. Unless it does:

http://lifehacker.com/software/mac-tip/display-the-date-on-the-menubar-316029.php

That might be the most egregious use of internationalization I’ve ever seen, but it works. I love it when titles apply in more than one way.

I’m starting to want to do client side Linux again. There is no excuse for having that desire as I type this on a MacBook which has all the features I could possibly want from a UNIX-y environment with the additional features of Just Working for things like Flash movies, .doc files, power management, graphical user interfaces, wireless networking and booting. Clearly I hate myself.

I am enjoying the gradual decay of the importance of traditional media, and one of the best examples of that is how terrible the comics page is in any newspaper (and the Statesman isn’t even worth the paper its printed on what with the general availability of the Daily Texan if you need to start a fire or wash windows).

The internet allows for comics like xkcd, which continually reminds me that I am not a beautiful and unique snowflake, but rather there is an entire demographic that recognizes Timothy Zahn as the name of a Star Wars novel author and is obsessed with Ron Paul (http://xkcd.com/367/).

Anyway, I happened upon this gem: http://garfieldminusgarfield.tumblr.com/
Basically, it’s Garfield but with Garfield and his lines photoshopped out. It’s now a comic strip about an insecure man with schizophrenia.

The 360 needs direct access to the internet for a few ports, which is no problem for those people who plug in their 360s into commercial routers with upnp enabled or directly into the internet. It would be too easy to simply have things work, which is why I choose Linux. Hours of work later I have

in my iptables script:

iptables -t nat -A PREROUTING -p udp –dport 88 -i ${WAN} -j DNAT –to 10.0.1.152
iptables -t nat -A PREROUTING -p tcp –dport 3074 -i ${WAN} -j DNAT –to 10.0.1.152
iptables -t nat -A PREROUTING -p udp –dport 3074 -i ${WAN} -j DNAT –to 10.0.1.152
iptables -t nat -A POSTROUTING -p udp -s 10.0.1.152 –sport 88 -j MASQUERADE –to-ports 88
iptables -t nat -A POSTROUTING -p tcp -s 10.0.1.152 –sport 3074 -j MASQUERADE –to-ports 3074
iptables -t nat -A POSTROUTING -p udp -s 10.0.1.152 –sport 3074 -j MASQUERADE –to-ports 3074

which only makes sense because I have in /etc/dhcp3/dhcpd.conf:

host jon {
hardware ethernet 00:12:5A:E4:59:1B;
fixed-address 10.0.1.152;
}

Facebook has an inordinate amount of information about our lives and its officially for sale. I just saw the following ad on my homepage…

Now, granted it’s brutally simple to figure out that that ad might be appealing to me based on my self-identification as Christian and Single, but that’s ot to say that the process can’t/won’t become much much more powerful. The amount of knowledge they have about me is truly enormous, heck this blog automatically gets uploaded to Facebook.

A while back, one of my sisters came to Austin for freshman orientation. I called her later and asked if she had gotten anybody’s phone numbers so they can meet up when they get here for real. Her response was “No! There’s a facebook group for the session, and I’ve friended everyone who I met and we’ll message back and forth.” It was at this point that I realized that I was in a reasonably tangible way culturally distinct from my sister who is only 4 years behind me in school. if Generation X was an accelerated culture, i’ve got no words to describe what that must make my generation.

The fact that you can run one operating system in a program running on another operating system with any kind of performance is mind-blowingly amazing. The other things that VMWare purports to do (vmotion) i’m not convinced is actually legitimate, it is like some kind of black magic that simply should not be. That is all.

I finally figured out what was going wrong inside my gateway (tywin) such that when i VPN’d i could only access Tywin’s resources, not those of the rest of the network. Turns out i had the following:

iptables -A FORWARD -i ${LAN} -s ${SUBNET} -j ACCEPT
iptables -A FORWARD -i ${LAN} -d ${SUBNET} -j DROP
iptables -A FORWARD -i ppp+ -s ${SUBNET} -j ACCEPT
iptables -A FORWARD -i ppp+ -d ${SUBNET} -j DROP

When i needed the following:

iptables -A FORWARD -i ${LAN} -s ${SUBNET} -j ACCEPT
iptables -A FORWARD -i ppp+ -s ${SUBNET} -j ACCEPT
iptables -A FORWARD -i ${LAN} -d ${SUBNET} -j DROP
iptables -A FORWARD -i ppp+ -d ${SUBNET} -j DROP

oops.