Random Musings

Posession is the order of the day, apparently, especially if you’re in Dutch Orange. Yes, I’m watching the match right nw, and writing as I watch, which explaints the many typos. I got a new apartment today, so I’ll be shifting next week. All very nice.

The Dutch are the flying dutchmen today. They’re going to win Euro 2008, I bet you much and much. Total football perhaps not, but totally engrossing. France is as usual, very French.. muttering to themselves and casting dark looks at the referee.

Mom’s here for a bit, but she’s leaving all too soon.. only this Monday. Sigh. And I couldn’t even take a day or two off.

I’ve got writer’s block. Gnight

Random

I went nuts trying to find a simple tutorial to set up port forwarding in Iptables. So I’ve got this here. Non-linux people, skip it.

First ensure IP Forwarding is enabled:

/etc/sysctl.conf
net.ipv4.ip_forward=1

In a running system

echo 1 > /proc/sys/net/ipv4/ip_forward

Then, setup iptables for SNAT

For static IP

iptables -t nat -A POSTROUTING -o $EXTERNAL_INTERFACE(eth0,ppp0,etc) -j SNAT –to xxx.xxx.xxx.xxx

where xxx.xxx.xxx.xxx = the static IP assigned to you by the ISP

For dynamic IP

iptables -A POSTROUTING -t nat -o $EXTERNAL_INTERFACE -j MASQUERADE

Add some security

iptables -A INPUT -j DROP -m state –state NEW,INVALID -i $EXTINTERFACE
iptables -A FORWARD -j DROP -m state –state NEW,INVALID -i $EXTINTERFACE

Now to add the forwarding rules!! Finally!

iptables -A PREROUTING -t nat -p tcp –dport $PORTNUMBER -i $EXTINTERFACE -j DNAT –to-destination aaa.aaa.aaa.aaa:bbbb

where aaa.aaa.aaa.aaa:bbbb = IP of internal machine : port number (192.168.110:6900, for example)

iptables -I FORWARD 1 -d aaa.aaa.aaa.aaa -p tcp –dport $PORTNUMBER -j ACCEPT

To forward a range of ports to one machine:

–dport 6920:6980
and remove any port from the –to-destination,
just
–to-destination 192.168.4.75

to add multiple rules, for more than one machine, remember to change the FORWARD 1 to FORWARD 2 and so on.

Once done, don’t forget to save everything

iptables-save > /etc/sysconfig/iptables

Random

I’m up late, watching the Euro 2008 match between Greece and Sweden, and it’s bally hilarious. The poor Swedes are trying their best to play football–you know, put the ball in the net–but the Greeks seem determined to play via the Socratic Method. If you’ve ever faced this in school or college, you know how irritating it is.

” Socrates used to tick off people doing this; they thought he was mocking them by asking them stupid questions or tricking them into being confused because he was clever. They brought him to trial, convicted him, and executed him. While execution is not as much a potential problem today, the method still really irritates people when you (as it seems to them) “show them up” in subjects they think they are expert. Illogical people do NOT like this method used “on” them; and they cannot see it as a method that is being used “with” them in order to help them.”

So in football, the Greek chappies pass the ball around in the back line.. and pass in the back line.. and KEEP PASSING IN THE BACK LINE!! For TEN MINUTES.

It’s extremely boring, and frankly, I was nodding off. I think Sweden was nodding off too, and I’m certain I saw Ibrahminovic pull out a cell phone and send a SMS. It might be an iPhone, that holy of all phone holies, and he might be watching a couple of Youtube videos of the Brazilians.

In any case, it’s half time now, nil-nil (inevitably), and the teams are out of the dugout. Let’s hope that Greece remembers what happened to poor old Socrates.

Random