There is the essential things behind the point, that we are going to build a second UNIX workstation in my laboratory, the bedroom part of it. This will make a good enough system to keep things under tabs, and maintain a coherent view of the world. That is, this system is going to run most likely OpenBSD, or FreeBSD, I haven't decided yet. The point seems to be that there are no enough things out there to warrant for the fuckups we do. FreeBSD would perhaps be a bit more amicable, and perform better under the load that I'm putting on the box. That is, it should be able to debug hard kernel problems without much trouble just about whenever, and however. I'm not picky. The debugging, happening over firewire is going to be exhaustive. I'm going to take the concept further, and add some machines to the lot, that need to be developed on, and so forth. Granted that I'm also a hardware geek (yes I have experience in both Verilog and VHDL to amount for maybe 50k lines), and I do know how things come together, so there shouldn't be essentially any problem in getting things to happen in some way, and then just runa kernel debugger, and try to fix a problem, when you find one. This can be hard if you don't have a good enough debugger with the system, but that's not my problem really. FreeBSD provides everything I need, for free, essentially. I'm having a hard time justifying the things that I don't do, to replace the things I do, with some other things, and so forth. So the deal is to have a couple of 21" CRT screens, and a 19" CRT screen on the board. They are run by a dual opteron machine, running radeonhd and mga drivers. I just need my Emacs, GUD mode, kgdb, firewire, a fresh checkout from the source code tree, and so forth, and I'm ready to rock and roll. Essentially atleast. This is the whole point behind the thing, and the thing that I'm going to leverage upon.
Debugging kernels is interesting, since there are a lot of things you probably need to take into account, more so than in an application level. Ok, granted, the application level is harder. A lot harder, but not because of the code and the machine, but because of the asshole who sits infront of the machine and does something. If there is something that can go wrong, you can be damned sure that things will fuck up in that case quite properly. And I do mean properly. Not like in an nice way properly, but really fucked up shit to begin with.
Oh well, I should probably start working for myself, produce some Linux drivers for some obscure hardware (that is hardware which nobody is supposed to know even exists, because it will go into a plastic enclosing package and be sold at a premium price. I've done these kinds of things before. There was a PowerPC based platform, 403 if I remember correctly, or was it 405?, anyhow there was a RTOS on the thing, Linux wasn't quite as hot back then as it is now, and it did a thing I better not say anything about, but the point still stands: not a soul using the thing could care less what the fuck there was beneath the panel), or maybe BSD drivers. Or system level code, or whatever the hell there is to do really. I'm no too picky. Oh well, the point as it stands is more complex than that. Need to look into this.
Maybe there is light at the end of the tunnel, I don't know.
Tomorrow I should have the possibility of finally doing some work around the house, maybe setup some things that need setting up, and so forward. I would like to have the intel core 2 quad parts as soon as possible, and probably also the essential rest of the machine, like the 24" LCD panel. We do what we do, essentially, and that's just about it, no buts, no nothing essentially. I'm left feeling that I need the IKEA board really soon, since I need the machine that it entails. Maybe I'm going to go all the way and make things amicable in essence, that is, make things so functional that they have a large impact on things. I could put a 4-way AMD Phenom on the task, and move it around in a circular manner. This should provide the things I have with a great enough support and particular things that are relevant in the context. The bedroom is a good place for these things, because as it stands, the machine is going to be dealt with in a way that is highly suspectible. There are obviously going to be other systems as well, that are going to perform some task. But the bedroom phenom machine is going to be a defining factor thereof, because it is such an efficient piece of technology, really, when you look at it. The machines that we do there, they are not up to the facts behind the whole thing. I'm going to be running the latest and greatest of FreeBSD, quite obviously, and that means I can debug things in quite an elaborate way to begin with. Nothing strange with that. Been doing that for many years, but just not over firewire, and rs232c is quite, hum, slow. If you have a little bit larger system to take care of, things are not going to be very amicable in any way. Ok, that's not the point. The point is strictly to have and operate a functional system behind it. This shouldn't be hard at all, infact, the point should be fairly simple, and less than complicated. That thing is going to be the defining part really, the thing that we do manage in some way, and the thing that makes the most possible things happen in our small network of things. Which reminds me to cancel my ipnetwork, I won't be needing it for anything soon enough. I mean, 32 addresses, from an allocation that aren't used for anything clever, that's just madness, and that needs to be handled, and buried. Unless ofcourse, the cost of the addresses is less than affordable, I might keep it. Or then not, why should I in the first hand do that? It makes the network plan that I have completely fucked up, and second, it doesn't provide any better service really. You see, the point behind the whole concept is that there is a DMZ that you almost invariably need to have, and I don't want that. I want a NAT, a firewall, and then some things that go with it. Ofcourse, this wouldn't take away the need for a bridge mode firewall at the outer border, but that's not the biggest concern right now. Maybe that will take some time for them to figure out, but once it's done, I have my things in order, and stuff will work just like before, expect for the fact that I don't have to pay anything for the thing.
Talking of which, we have a rather oversized shell server over at an service provider, that I'm going to take down, and so forth. The reason to take it down is simple, it doesn't work, or most of the time, it simply doesn't do the things I expect it to do really. Ofcourse it's nice to have a remote server, but as it stands, I don't quite see the point with the whole issue. Nah, this is just something I need to keep in par with. The machine is not small in any way, infact, it's rather large, and very efficient at that. Four Opteron processors make it fly, and 4GB of memory really put a twist on the thing. Then there is four 500GB SATA2 disks attached to a SATA RAID controller. I should get maybe 600-750 euros for the thing at huuto.net when selling. I need to look into this shit essentially, and as quickly as possible. Maybe I could put up the ad at huuto.net at sometime next week. The starting bid should be 600 euros, and then we offer to sell it to anyone really wanting this kind of machine. It has cost me more, but I don't care, it's just money. Money sucks by the way. I would like an anarchistic society a lot more than this one we live in. The reasons are all to clear at this point, nothing is going to change the fact now. It'll be a good machine to someone, but as it stands, the machine is just way too harsh. I kindof need the money for it, and I need it bad. Or maybe I'm letting the thing stay at the place where it is for a 3 month period, and then take it away, and sell when everybody's back from their summer holidays.
Changing the ip-network thing doesn't affect my freenet in any way. It shall be whatever it is really, and as I've come to understand, there are some one time charged static ip-addresses, if I still want my freaking DMZ. I'm not just sure how the hell they are supposed to be allocated, or how the whole system works. This is a small problem to me in that way, I'm not sure how the technology works. Well it doesn't matter, the DMZ is good to place outside of the internal network, that is, the NAT device, and so forth. This is the reason I need the Soekris box to begin with, it's going to provide all the necessary things that I need for the freenet. Obviously, the freenet shall be constructed in such a fashion that it doesn't really matter what we do about the thing. There is going to be QoS, but not much, I'm not going to differentiate between my traffic and that of somebody elses, it just doesn't make sense at all, infact, it never makes sense. But if I start out with a couple of base stations, I need to check a few things with the house hold, and determine some others. I have the need for uhm, three static addresses as it stands, that is, one for the freenet, one for the DNS server and one for the NAT device. I could ofcourse get more, but I'm not going to, no point in that essentially. It just costs money. Hmm, I'm bound to think something about the freenet, some more of it. That is, I might do a few tricks, with ALTQ and authpf, to do a few things. I could make the speed of people downloading something from the network considerably slower, and make a system that lets them authenticate, use authpf, and get more bandwidth. Something like that, yes. It should be fairly amicable. Looking at the thing, this is the most important part of the whole system in essence, that authpf works so that nobody can hijack your ip and use more bandwidth that way. Should he arppoison you or something, the ssh connection will die, and you're going to get back into the normal luser group. This is nothing like rocket science, it's pure and simple in my opinion. Ok, FTP won't work, but neither will some other things too, like P2P, and that kind of stuff, for the essential reason that we have put up firewall rules with the system. I'm going to be pretty restrictive in the outbound port thing, and inbound, there won't be such a thing, never. This makes the whole point a whole lot less secure. As always, I'm going to play with priority and queue assignments, that is, what goes where, and so on, and what the bandwidth is for the queue, and the priority, that is, games and interactive traffic such as SSH and Counter-Strike will go through a very narrow but fast path. HTTP and other porn downloading protocols will go through a wide, but very slow path. Nothing wrong or strange with that in my opinion.
The whole home freenet designing needs some strict planing ahead, and things should be thought out before executed, to make them all work in a way that is mostly good. If there is a chance to draw coax cable to the other side of the freaking house, I might just go ahd put a high gain antenna on the other balcony, on the other side of the house. The coax run will cause some loss, but it's nothing terrible to begin with, since the whole point seems to be to have a system that in the first hand just works, or works wonders. This way a whole lot more of people could get the signal, and it could be replicated further and further. This is probably where we are going to stand, and what we are going to be doing. The more people joining the better it is, and in the end, if there are enough of these people, they will just move ahead to another place altogether, that is, buy a faster line for their own usage and so forth. Fairness queuing should be employed, so that everybody gets their share of the bandwidth. It doesn't matter if you have a 1000 downloads going on from different places on the net, and the grandma in the next appartment needs to have some other things done, like just look at the current TV shows that are playing. If there is an aggregate bandwidth of 800kB/sec. for the leecher, and the site grandma goes on has a bandwidth possible of 800kB/sec., there is going to be a whole lot less bandwidth allocated for the leecher, and the grandma gets her pages very quickly. This is the plan, but as it stands, I need to do some things around here before those things can really be realized. I need to have a system that is secure to begin with. This means a few things. Maybe I should be putting the nameserver in the dmz of the freenet, and then there were a few other services that were also needed, very dearly. This makes a point behind the whole system essentially. DHCP will obviously share the stuff that there is to share, the IP-addresses, and it will do it in a very eloquent fashion. No hassles here. Infact, I'm left to believe in certain things behind the whole fact. There is this cool feature in OpenBSD that prevents unleased hosts from connecting, so you better connect to the DHCP server or you won't get on the net to begin with. I would like to take the time to implement authpf, but I figure that might be a little bit too much for the essential things that we are working with. Nothing wrong with this thing, it's just a minor, or small, or how you would like to put it, strange thing put somewhere where people will look at it and wonder what the fuck it stands for. Usually atleast, the whole concept is very amicable. I provide people with a free network connectivity. It's not free as in beer, but it's free as in freedom ("vapaus" in Finnish). I hate to be the one however who limits the freedoms of other people by placing firewalls in the path essentially. This is against my own convictions, and I'm not doing it because I happen to just feel like it. There are more things to it than that. Running almost any port possible outbound will make certain things happen, and I'm afraid of them. Not because that treads on anyones rights, ok, it treads a little bit, but that's not the point. The rights that I grant people are just that, highly demanding rights. Now, fundamentalists will look at this thing and decide that there are either rights or no rights. Well fuck me and call me Suzie. Who the hell did anyways give them the right to choose my ethics in the first place? They don't seem to understand that I'm going to grant a fucking right to begin with to people. Just because I grant a right, you are not going to call me a buttfucker or Hitler or whatever. I must choose to limit the right a lot infact, to prevent the following things which are not on the scale of nice things to look at: 1) p2p networks, 2) illegal material 3) highly offensive highly illegal material, and so on. There are granted to be sick puppies who go around and download child pornography. My theory is that they use somekind of p2p networks to share their sick stuff. And otherwise too, I don't want anyone to really take the point and shove it in my face. P2p usage uses bandwidth, and it tends to use a lot of it. If I give people the right to the web, usenet, irc, messenger, games, and so on, isn't that amicable enough? The point behind the sickest of sick shit, that is pedophiles is neither my idea, nor is it my thing to control them. I hate control, it's always a form of coercion. Just because I don't take anything for granted, I neither take anything the pedophiles do for granted. I'm not forming an opinion on a probably vast amount of people in this world just because of their desire to look at sick photos or films or whatever the fuck there is. If I was a man with real balls, I'd allow everything through, and face the music. The child pornography thing is somewhat difficult. Now if you read what I said and want to play devil's advocate, then by all means do that. Just note that I'm not saying that possession of child pornography shouldn't be highly illegal. For all I care, they should be shot for their crimes, but, I still refuse to believe in the whole concept of an sinister manipulative type of person who is highly suspectible to commit somekind of crime. Being a pedophile is the fucking right of every goddamned asshole who wants to live like that. We don't have a concept (yet) about thoughtcrime, it's when you cross the line of what's legal and what's illegal, and then you should face the music. Hell I've met thousands of people, literarily. I'm not sure about how many people are statistically pedophiles, but I must have met some, and this is what makes me feel vary about the thing. It's not the thinking that goes on that is sick beyond belief. Every man has the fucking undeniable right to think whatever the fuck he wants. And then the thing that most people link together with the thought, that is, serious criminal activity. I don't care if you didn't hurt anyone when you got your fucking child pornography or something like that, the whole concept of having the material is enough to put you behind bars in my opinion. But that doesn't change the whole point. Pedophilia is such an stigmatized issue that it becomes almost impossible to have a coherent discussion about it, anywhere. And that's when things get sad. This is a difficult thing, and as it stands, I'm not going to allow illegal things to be done with a network connection I own. There are legal, borderline and illegal activities. I'm not going to allow the illegal ones. But the point was with rights. In a sense, I'm not offering a free product in every ambiguous meaning of the word, but rather something else. There are prerequisites about the whole thing. To connect, you need a computer, and that computer must have IEEE802.11X support in some way, it must have a recent operating system, probably, and then that's just about all you need moneywise. Ofcourse running the computer will cost something, but that's hardly the point really. So you see, it's not free as in beer, I'm really sorry it isn't, but there is exactly fucking shit I can do about that. Then there is the right to use a few services, and some services through a proxy (not to tamper with the stream of data and get addresses and what the fucking ever, that can be achieved in other ways very easily, and there is exactly null anyone can do about it), but I have the permission to deny access to certain ports. Infact, I will start from the bottom, and work my way up. In the beginning there'll be exactly zero open ports, and then that is increased. I try to regain the most popular services, but I'm not just sure if it is possible in this case. Well, there is not full freedom in the connectivity because of my fascist regime, or something like that. I bet I'll be the first one they put against the wall when the revolution starts. That about sums the rights concept. My idealism is that the internet is a right, not a privilege, but that's a pipe dream. It's not completely impossible in my opinion to have things arranged in a way that makes freedoms available to people, but limit them in a couple of facts. This is the thing that I'm looking at. There is just no way that I could give out a few hundred machines to people, just like that. And besides, what the hell am I supposed to be doing about it? It's not like I'm somekind of a fucking Jesus coming to rescue us all.
I feel that I'm promoting a right, and in rational senses, I am, infact, doing just that. I mean, I have a setup at home that will essential do everything there is to do about some things, and I give it out for free. I mean, how is that not providing people with freedoms?
Ok, so I need to have my home lab in order, properly setup, and so forth, before I move to the phase of putting on the first access point. That should be fairly simple, and I'm probably going to be doing just that, have hop points on different routers essentially, and then move forwards in the mist of it. There are some things that I'm probably going to provide with the service as it stands. That is, better connectivity, if there is any such concept around here really? When there is the whole concept of services that are provided. I don't want to provide any services really, because that's hazard, and it's not safe, and so forward. Also any service to the user will cause problems, so maybe I'm just going to stay in the starting configuration the whole time essentially. There are a few machines that are needed for the deal, and those should be granted to me without any question. Hum, I'm feeling good about the freenet. The fear that some fucking asshole downloads child pornography is not my problem, because of two fucking reasons, I don't have the legal right to monitor the activity of my "users", and I cannot be guilty of a crime I didn't know I committed. I'm not sure what they would call it, but I'd say I have good grounds to call myself crazy and be left without charge because of that, should I allow the fucking childpornography to go through. No, this is not the point I'm working with, not at all, I'm going to go through the whole thing, sniffing with a sniffer the urls that people visit, and so on, and report any crimes straight to the police. I'm not going to do anything more, I just wait that the police come up, I give them the evidence, and they can start guessing who the hell it is that uses the net, granted I give them a MAC number to start with. When all fear is gone, and all that is left is a system behind the whole thing that is highly amicable, and more so to the point than against it really. There is simply nothing that can touch me. I'm not intending to commit crime, and neither will I allow other people to commit crime, or atleast I'm trying to prevent them from doing things. If they feel like they need to do that, break the laws, then they can do it with somebody elses connection.
The cost of one of those machines that I'm looking at, is quite high, and it doesn't get any more easier by some other facts either. I'm left to believe certain things about the users. But that doesn't affect the way I do treat them. I know it wasn't Voltairé who said it, but it's in the spirit of his opinions, that "I may disagree with what you have to say, but I will defend your right to say it to death." Now that's some brass balls. I wish I was as fundamental as Voltairé was. So, people may post whatever the hell they like using my line, obviously. They may be fascist militarist pigs for all I care, and still I'm going to stand on the freaking wall and declare death or freedom. Freedom is really that. Most people view freedom as something out of a fairy tale or something equal, like it was borned from a silent void and just was granted to people, but that's complete and utter bullshit. You fight for freedom, and after a fight, you are granted the freedom. The question is, are you ready to die for you convictions? I certainly am. They can put a bullet in my head instead of making more fascist laws into the EU and our beloved country. But then again, I'm not afraid of dying. This is not just something you say, try to sound macho or whatever. The thing is, I've gone through the whole concept of death so many times in my head, it has grown to be a secondary nature of me. I've since stopped looking right and left before stepping out on the driveway, and so forth. I simply have stopped caring. I know now that I'll leave this life through my own hand, that's something that is taken as granted. So why would I be afraid of death? It might hurt? So fucking what, many things hurt, but I don't fear them. Pain is a temporary thing, it is nothing compared to psychological pain. You would know if you had some neat condition that fucks you up properly. So, why not, I'm ready to go down just to preserve the right of the fascist military pig from the house next to ours, his right to speak lies and hate speech is more important than my life. Needless to say, that is the concept with all of us. I'm going to take the point, and push it far back. So why not. I mean, I'm not idealistic if that's what you think, I'm not suicidal, or so forth. I've just stopped believing in this world, and all the inanities it entails.
But I was talking about freenets, wireless such. I have a couple of access points that could be used as the jump points towards a OpenBSD computer that handles some other things as well. Infact, the OpenBSD machine would need to be fairly fast, because it has some things to take care off, and it must do them quickly. There are some tasks like that, which are very good at that.
Looking past the thing, I have a few things to do, a very small server farm to setup, and so forth. I would like to get more 1U rack mountable machines, maybe, or 2-3U machines, as long as they have a gigahertz or more of clock cycles going on a second. To the outside world atleast, we need a few things that are highly amicable in the sense that they work somehow, and they are distinct in that configuration. Nothing beats this kind of approach essentially. An IRC server is almost mandatory, likewise is a web page, which must be hosted on the most outer border to the network. Any traffic coming through the wireless network should be subject to redirections, that is, connections to port 80 are never done, so all port 80 connections are transfered to the wireless-gw port number 80, no matter what. And that will define things, and explain things and so forward. I should probably start writing those pages, and think a bit about the whole concept of the essential traffic that we do have. Oh well.
I'm left to believe a lot of things about the whole concept in essence. Hmm, there should be a firewall over a transparent bridge that acts as a tool to deny access from and to bad juju ports and so, Snort magic, and then also the concept behind the whole thing that if runs iproute2 tc tool, to classify certain data as very important, and very strictly to the point. I'm fairly sure that things are going to take off of that situation. I'm not even going to bother calling the stuff something special. My own domain name will suffice. There are need for some computers, which shouldn't be a big thing, something donated or bought very cheaply could suffice just perfectly. I'm not even going to take the point behind it all, that is, just run things off of some stuff.
Well bleah, there are things that are good and there are things that are bad. A good enough service in my opinion is the fact behind it all, that is, what to do with the whole concept, and where to move the stuff. I'm most likely just going to run squid with very low caching parameters set, because it doesn't actually help a lot the execution of the whole system, even if you put higher values, I've tried, but it didn't exactly help. So what to do, where is the score? What is the essential thing behind it, and who do we contact.
There are some few and small differences in the whole operation of well, everything. I'm just left to believe a few things about the whole concept, this is the point that I want to push essentially. Freedom for everyone, or death. I prefer the freedom part. But they may give me death as well.
There are obviously some things that I would like to see done, and dealt with, essentially, making a more clear system behind it. That is, what I would need, is to have the following kind of network structure, something that will separate some things from each others, essentially. There will be the ADSL line, and the modem, and behind the modem there will be an ethernet bridge that drops clearly nasty packets, and makes new rules on new nasty packets. Behind this there is a switch, which connects to 4 computers, the bridge being one of them. One machine is a Sun Ultra 1, that is a DNS server. One computer is the machine that I will use to connect to the network from my internal networks, essentially. The third will connect to the machine that does somekind of natting for the machine that will be named freenet.something.foobar. Inside the NAT there is a 10/8 network, I won't bother yet with IPv6, they are not up to par with that around here. Oh well. This 10.254.254.0/24 network is reserved for the servers primarily, and only. Then there is going to be the wireless-gw, which is a computer that connects to somekind of clear wireless network, that is, a set of access points. This is the machine that effectively handles all things not essentially clear. Inside the network there will be a couple of machines, let's say, two 1U machines, and a bigger Intel machine, I'm not sure yet what, or how. There are some things that would need to be taken graciously. I need to think about the machines inside the network.
There are some things around the globe which will stay only as temporary. I'm going to take the co-lo server home when possible, and nearest that, as close as possible to ths date. The thing is that I want to sell the computer.
I don't want to maintain a machine on the net that might be owned at any point because of a crappy operating system, or something like that. I ponder, that you could start off with 700€ on huuto.net for the machine. It's loaded, that's for sure, looking at the point we are to believe certain things about the whole system. It's damned fast, and it's more than capable of running even harsh things.
Debugging kernels is interesting, since there are a lot of things you probably need to take into account, more so than in an application level. Ok, granted, the application level is harder. A lot harder, but not because of the code and the machine, but because of the asshole who sits infront of the machine and does something. If there is something that can go wrong, you can be damned sure that things will fuck up in that case quite properly. And I do mean properly. Not like in an nice way properly, but really fucked up shit to begin with.
Oh well, I should probably start working for myself, produce some Linux drivers for some obscure hardware (that is hardware which nobody is supposed to know even exists, because it will go into a plastic enclosing package and be sold at a premium price. I've done these kinds of things before. There was a PowerPC based platform, 403 if I remember correctly, or was it 405?, anyhow there was a RTOS on the thing, Linux wasn't quite as hot back then as it is now, and it did a thing I better not say anything about, but the point still stands: not a soul using the thing could care less what the fuck there was beneath the panel), or maybe BSD drivers. Or system level code, or whatever the hell there is to do really. I'm no too picky. Oh well, the point as it stands is more complex than that. Need to look into this.
Maybe there is light at the end of the tunnel, I don't know.
Tomorrow I should have the possibility of finally doing some work around the house, maybe setup some things that need setting up, and so forward. I would like to have the intel core 2 quad parts as soon as possible, and probably also the essential rest of the machine, like the 24" LCD panel. We do what we do, essentially, and that's just about it, no buts, no nothing essentially. I'm left feeling that I need the IKEA board really soon, since I need the machine that it entails. Maybe I'm going to go all the way and make things amicable in essence, that is, make things so functional that they have a large impact on things. I could put a 4-way AMD Phenom on the task, and move it around in a circular manner. This should provide the things I have with a great enough support and particular things that are relevant in the context. The bedroom is a good place for these things, because as it stands, the machine is going to be dealt with in a way that is highly suspectible. There are obviously going to be other systems as well, that are going to perform some task. But the bedroom phenom machine is going to be a defining factor thereof, because it is such an efficient piece of technology, really, when you look at it. The machines that we do there, they are not up to the facts behind the whole thing. I'm going to be running the latest and greatest of FreeBSD, quite obviously, and that means I can debug things in quite an elaborate way to begin with. Nothing strange with that. Been doing that for many years, but just not over firewire, and rs232c is quite, hum, slow. If you have a little bit larger system to take care of, things are not going to be very amicable in any way. Ok, that's not the point. The point is strictly to have and operate a functional system behind it. This shouldn't be hard at all, infact, the point should be fairly simple, and less than complicated. That thing is going to be the defining part really, the thing that we do manage in some way, and the thing that makes the most possible things happen in our small network of things. Which reminds me to cancel my ipnetwork, I won't be needing it for anything soon enough. I mean, 32 addresses, from an allocation that aren't used for anything clever, that's just madness, and that needs to be handled, and buried. Unless ofcourse, the cost of the addresses is less than affordable, I might keep it. Or then not, why should I in the first hand do that? It makes the network plan that I have completely fucked up, and second, it doesn't provide any better service really. You see, the point behind the whole concept is that there is a DMZ that you almost invariably need to have, and I don't want that. I want a NAT, a firewall, and then some things that go with it. Ofcourse, this wouldn't take away the need for a bridge mode firewall at the outer border, but that's not the biggest concern right now. Maybe that will take some time for them to figure out, but once it's done, I have my things in order, and stuff will work just like before, expect for the fact that I don't have to pay anything for the thing.
Talking of which, we have a rather oversized shell server over at an service provider, that I'm going to take down, and so forth. The reason to take it down is simple, it doesn't work, or most of the time, it simply doesn't do the things I expect it to do really. Ofcourse it's nice to have a remote server, but as it stands, I don't quite see the point with the whole issue. Nah, this is just something I need to keep in par with. The machine is not small in any way, infact, it's rather large, and very efficient at that. Four Opteron processors make it fly, and 4GB of memory really put a twist on the thing. Then there is four 500GB SATA2 disks attached to a SATA RAID controller. I should get maybe 600-750 euros for the thing at huuto.net when selling. I need to look into this shit essentially, and as quickly as possible. Maybe I could put up the ad at huuto.net at sometime next week. The starting bid should be 600 euros, and then we offer to sell it to anyone really wanting this kind of machine. It has cost me more, but I don't care, it's just money. Money sucks by the way. I would like an anarchistic society a lot more than this one we live in. The reasons are all to clear at this point, nothing is going to change the fact now. It'll be a good machine to someone, but as it stands, the machine is just way too harsh. I kindof need the money for it, and I need it bad. Or maybe I'm letting the thing stay at the place where it is for a 3 month period, and then take it away, and sell when everybody's back from their summer holidays.
Changing the ip-network thing doesn't affect my freenet in any way. It shall be whatever it is really, and as I've come to understand, there are some one time charged static ip-addresses, if I still want my freaking DMZ. I'm not just sure how the hell they are supposed to be allocated, or how the whole system works. This is a small problem to me in that way, I'm not sure how the technology works. Well it doesn't matter, the DMZ is good to place outside of the internal network, that is, the NAT device, and so forth. This is the reason I need the Soekris box to begin with, it's going to provide all the necessary things that I need for the freenet. Obviously, the freenet shall be constructed in such a fashion that it doesn't really matter what we do about the thing. There is going to be QoS, but not much, I'm not going to differentiate between my traffic and that of somebody elses, it just doesn't make sense at all, infact, it never makes sense. But if I start out with a couple of base stations, I need to check a few things with the house hold, and determine some others. I have the need for uhm, three static addresses as it stands, that is, one for the freenet, one for the DNS server and one for the NAT device. I could ofcourse get more, but I'm not going to, no point in that essentially. It just costs money. Hmm, I'm bound to think something about the freenet, some more of it. That is, I might do a few tricks, with ALTQ and authpf, to do a few things. I could make the speed of people downloading something from the network considerably slower, and make a system that lets them authenticate, use authpf, and get more bandwidth. Something like that, yes. It should be fairly amicable. Looking at the thing, this is the most important part of the whole system in essence, that authpf works so that nobody can hijack your ip and use more bandwidth that way. Should he arppoison you or something, the ssh connection will die, and you're going to get back into the normal luser group. This is nothing like rocket science, it's pure and simple in my opinion. Ok, FTP won't work, but neither will some other things too, like P2P, and that kind of stuff, for the essential reason that we have put up firewall rules with the system. I'm going to be pretty restrictive in the outbound port thing, and inbound, there won't be such a thing, never. This makes the whole point a whole lot less secure. As always, I'm going to play with priority and queue assignments, that is, what goes where, and so on, and what the bandwidth is for the queue, and the priority, that is, games and interactive traffic such as SSH and Counter-Strike will go through a very narrow but fast path. HTTP and other porn downloading protocols will go through a wide, but very slow path. Nothing wrong or strange with that in my opinion.
The whole home freenet designing needs some strict planing ahead, and things should be thought out before executed, to make them all work in a way that is mostly good. If there is a chance to draw coax cable to the other side of the freaking house, I might just go ahd put a high gain antenna on the other balcony, on the other side of the house. The coax run will cause some loss, but it's nothing terrible to begin with, since the whole point seems to be to have a system that in the first hand just works, or works wonders. This way a whole lot more of people could get the signal, and it could be replicated further and further. This is probably where we are going to stand, and what we are going to be doing. The more people joining the better it is, and in the end, if there are enough of these people, they will just move ahead to another place altogether, that is, buy a faster line for their own usage and so forth. Fairness queuing should be employed, so that everybody gets their share of the bandwidth. It doesn't matter if you have a 1000 downloads going on from different places on the net, and the grandma in the next appartment needs to have some other things done, like just look at the current TV shows that are playing. If there is an aggregate bandwidth of 800kB/sec. for the leecher, and the site grandma goes on has a bandwidth possible of 800kB/sec., there is going to be a whole lot less bandwidth allocated for the leecher, and the grandma gets her pages very quickly. This is the plan, but as it stands, I need to do some things around here before those things can really be realized. I need to have a system that is secure to begin with. This means a few things. Maybe I should be putting the nameserver in the dmz of the freenet, and then there were a few other services that were also needed, very dearly. This makes a point behind the whole system essentially. DHCP will obviously share the stuff that there is to share, the IP-addresses, and it will do it in a very eloquent fashion. No hassles here. Infact, I'm left to believe in certain things behind the whole fact. There is this cool feature in OpenBSD that prevents unleased hosts from connecting, so you better connect to the DHCP server or you won't get on the net to begin with. I would like to take the time to implement authpf, but I figure that might be a little bit too much for the essential things that we are working with. Nothing wrong with this thing, it's just a minor, or small, or how you would like to put it, strange thing put somewhere where people will look at it and wonder what the fuck it stands for. Usually atleast, the whole concept is very amicable. I provide people with a free network connectivity. It's not free as in beer, but it's free as in freedom ("vapaus" in Finnish). I hate to be the one however who limits the freedoms of other people by placing firewalls in the path essentially. This is against my own convictions, and I'm not doing it because I happen to just feel like it. There are more things to it than that. Running almost any port possible outbound will make certain things happen, and I'm afraid of them. Not because that treads on anyones rights, ok, it treads a little bit, but that's not the point. The rights that I grant people are just that, highly demanding rights. Now, fundamentalists will look at this thing and decide that there are either rights or no rights. Well fuck me and call me Suzie. Who the hell did anyways give them the right to choose my ethics in the first place? They don't seem to understand that I'm going to grant a fucking right to begin with to people. Just because I grant a right, you are not going to call me a buttfucker or Hitler or whatever. I must choose to limit the right a lot infact, to prevent the following things which are not on the scale of nice things to look at: 1) p2p networks, 2) illegal material 3) highly offensive highly illegal material, and so on. There are granted to be sick puppies who go around and download child pornography. My theory is that they use somekind of p2p networks to share their sick stuff. And otherwise too, I don't want anyone to really take the point and shove it in my face. P2p usage uses bandwidth, and it tends to use a lot of it. If I give people the right to the web, usenet, irc, messenger, games, and so on, isn't that amicable enough? The point behind the sickest of sick shit, that is pedophiles is neither my idea, nor is it my thing to control them. I hate control, it's always a form of coercion. Just because I don't take anything for granted, I neither take anything the pedophiles do for granted. I'm not forming an opinion on a probably vast amount of people in this world just because of their desire to look at sick photos or films or whatever the fuck there is. If I was a man with real balls, I'd allow everything through, and face the music. The child pornography thing is somewhat difficult. Now if you read what I said and want to play devil's advocate, then by all means do that. Just note that I'm not saying that possession of child pornography shouldn't be highly illegal. For all I care, they should be shot for their crimes, but, I still refuse to believe in the whole concept of an sinister manipulative type of person who is highly suspectible to commit somekind of crime. Being a pedophile is the fucking right of every goddamned asshole who wants to live like that. We don't have a concept (yet) about thoughtcrime, it's when you cross the line of what's legal and what's illegal, and then you should face the music. Hell I've met thousands of people, literarily. I'm not sure about how many people are statistically pedophiles, but I must have met some, and this is what makes me feel vary about the thing. It's not the thinking that goes on that is sick beyond belief. Every man has the fucking undeniable right to think whatever the fuck he wants. And then the thing that most people link together with the thought, that is, serious criminal activity. I don't care if you didn't hurt anyone when you got your fucking child pornography or something like that, the whole concept of having the material is enough to put you behind bars in my opinion. But that doesn't change the whole point. Pedophilia is such an stigmatized issue that it becomes almost impossible to have a coherent discussion about it, anywhere. And that's when things get sad. This is a difficult thing, and as it stands, I'm not going to allow illegal things to be done with a network connection I own. There are legal, borderline and illegal activities. I'm not going to allow the illegal ones. But the point was with rights. In a sense, I'm not offering a free product in every ambiguous meaning of the word, but rather something else. There are prerequisites about the whole thing. To connect, you need a computer, and that computer must have IEEE802.11X support in some way, it must have a recent operating system, probably, and then that's just about all you need moneywise. Ofcourse running the computer will cost something, but that's hardly the point really. So you see, it's not free as in beer, I'm really sorry it isn't, but there is exactly fucking shit I can do about that. Then there is the right to use a few services, and some services through a proxy (not to tamper with the stream of data and get addresses and what the fucking ever, that can be achieved in other ways very easily, and there is exactly null anyone can do about it), but I have the permission to deny access to certain ports. Infact, I will start from the bottom, and work my way up. In the beginning there'll be exactly zero open ports, and then that is increased. I try to regain the most popular services, but I'm not just sure if it is possible in this case. Well, there is not full freedom in the connectivity because of my fascist regime, or something like that. I bet I'll be the first one they put against the wall when the revolution starts. That about sums the rights concept. My idealism is that the internet is a right, not a privilege, but that's a pipe dream. It's not completely impossible in my opinion to have things arranged in a way that makes freedoms available to people, but limit them in a couple of facts. This is the thing that I'm looking at. There is just no way that I could give out a few hundred machines to people, just like that. And besides, what the hell am I supposed to be doing about it? It's not like I'm somekind of a fucking Jesus coming to rescue us all.
I feel that I'm promoting a right, and in rational senses, I am, infact, doing just that. I mean, I have a setup at home that will essential do everything there is to do about some things, and I give it out for free. I mean, how is that not providing people with freedoms?
Ok, so I need to have my home lab in order, properly setup, and so forth, before I move to the phase of putting on the first access point. That should be fairly simple, and I'm probably going to be doing just that, have hop points on different routers essentially, and then move forwards in the mist of it. There are some things that I'm probably going to provide with the service as it stands. That is, better connectivity, if there is any such concept around here really? When there is the whole concept of services that are provided. I don't want to provide any services really, because that's hazard, and it's not safe, and so forward. Also any service to the user will cause problems, so maybe I'm just going to stay in the starting configuration the whole time essentially. There are a few machines that are needed for the deal, and those should be granted to me without any question. Hum, I'm feeling good about the freenet. The fear that some fucking asshole downloads child pornography is not my problem, because of two fucking reasons, I don't have the legal right to monitor the activity of my "users", and I cannot be guilty of a crime I didn't know I committed. I'm not sure what they would call it, but I'd say I have good grounds to call myself crazy and be left without charge because of that, should I allow the fucking childpornography to go through. No, this is not the point I'm working with, not at all, I'm going to go through the whole thing, sniffing with a sniffer the urls that people visit, and so on, and report any crimes straight to the police. I'm not going to do anything more, I just wait that the police come up, I give them the evidence, and they can start guessing who the hell it is that uses the net, granted I give them a MAC number to start with. When all fear is gone, and all that is left is a system behind the whole thing that is highly amicable, and more so to the point than against it really. There is simply nothing that can touch me. I'm not intending to commit crime, and neither will I allow other people to commit crime, or atleast I'm trying to prevent them from doing things. If they feel like they need to do that, break the laws, then they can do it with somebody elses connection.
The cost of one of those machines that I'm looking at, is quite high, and it doesn't get any more easier by some other facts either. I'm left to believe certain things about the users. But that doesn't affect the way I do treat them. I know it wasn't Voltairé who said it, but it's in the spirit of his opinions, that "I may disagree with what you have to say, but I will defend your right to say it to death." Now that's some brass balls. I wish I was as fundamental as Voltairé was. So, people may post whatever the hell they like using my line, obviously. They may be fascist militarist pigs for all I care, and still I'm going to stand on the freaking wall and declare death or freedom. Freedom is really that. Most people view freedom as something out of a fairy tale or something equal, like it was borned from a silent void and just was granted to people, but that's complete and utter bullshit. You fight for freedom, and after a fight, you are granted the freedom. The question is, are you ready to die for you convictions? I certainly am. They can put a bullet in my head instead of making more fascist laws into the EU and our beloved country. But then again, I'm not afraid of dying. This is not just something you say, try to sound macho or whatever. The thing is, I've gone through the whole concept of death so many times in my head, it has grown to be a secondary nature of me. I've since stopped looking right and left before stepping out on the driveway, and so forth. I simply have stopped caring. I know now that I'll leave this life through my own hand, that's something that is taken as granted. So why would I be afraid of death? It might hurt? So fucking what, many things hurt, but I don't fear them. Pain is a temporary thing, it is nothing compared to psychological pain. You would know if you had some neat condition that fucks you up properly. So, why not, I'm ready to go down just to preserve the right of the fascist military pig from the house next to ours, his right to speak lies and hate speech is more important than my life. Needless to say, that is the concept with all of us. I'm going to take the point, and push it far back. So why not. I mean, I'm not idealistic if that's what you think, I'm not suicidal, or so forth. I've just stopped believing in this world, and all the inanities it entails.
But I was talking about freenets, wireless such. I have a couple of access points that could be used as the jump points towards a OpenBSD computer that handles some other things as well. Infact, the OpenBSD machine would need to be fairly fast, because it has some things to take care off, and it must do them quickly. There are some tasks like that, which are very good at that.
Looking past the thing, I have a few things to do, a very small server farm to setup, and so forth. I would like to get more 1U rack mountable machines, maybe, or 2-3U machines, as long as they have a gigahertz or more of clock cycles going on a second. To the outside world atleast, we need a few things that are highly amicable in the sense that they work somehow, and they are distinct in that configuration. Nothing beats this kind of approach essentially. An IRC server is almost mandatory, likewise is a web page, which must be hosted on the most outer border to the network. Any traffic coming through the wireless network should be subject to redirections, that is, connections to port 80 are never done, so all port 80 connections are transfered to the wireless-gw port number 80, no matter what. And that will define things, and explain things and so forward. I should probably start writing those pages, and think a bit about the whole concept of the essential traffic that we do have. Oh well.
I'm left to believe a lot of things about the whole concept in essence. Hmm, there should be a firewall over a transparent bridge that acts as a tool to deny access from and to bad juju ports and so, Snort magic, and then also the concept behind the whole thing that if runs iproute2 tc tool, to classify certain data as very important, and very strictly to the point. I'm fairly sure that things are going to take off of that situation. I'm not even going to bother calling the stuff something special. My own domain name will suffice. There are need for some computers, which shouldn't be a big thing, something donated or bought very cheaply could suffice just perfectly. I'm not even going to take the point behind it all, that is, just run things off of some stuff.
Well bleah, there are things that are good and there are things that are bad. A good enough service in my opinion is the fact behind it all, that is, what to do with the whole concept, and where to move the stuff. I'm most likely just going to run squid with very low caching parameters set, because it doesn't actually help a lot the execution of the whole system, even if you put higher values, I've tried, but it didn't exactly help. So what to do, where is the score? What is the essential thing behind it, and who do we contact.
There are some few and small differences in the whole operation of well, everything. I'm just left to believe a few things about the whole concept, this is the point that I want to push essentially. Freedom for everyone, or death. I prefer the freedom part. But they may give me death as well.
There are obviously some things that I would like to see done, and dealt with, essentially, making a more clear system behind it. That is, what I would need, is to have the following kind of network structure, something that will separate some things from each others, essentially. There will be the ADSL line, and the modem, and behind the modem there will be an ethernet bridge that drops clearly nasty packets, and makes new rules on new nasty packets. Behind this there is a switch, which connects to 4 computers, the bridge being one of them. One machine is a Sun Ultra 1, that is a DNS server. One computer is the machine that I will use to connect to the network from my internal networks, essentially. The third will connect to the machine that does somekind of natting for the machine that will be named freenet.something.foobar. Inside the NAT there is a 10/8 network, I won't bother yet with IPv6, they are not up to par with that around here. Oh well. This 10.254.254.0/24 network is reserved for the servers primarily, and only. Then there is going to be the wireless-gw, which is a computer that connects to somekind of clear wireless network, that is, a set of access points. This is the machine that effectively handles all things not essentially clear. Inside the network there will be a couple of machines, let's say, two 1U machines, and a bigger Intel machine, I'm not sure yet what, or how. There are some things that would need to be taken graciously. I need to think about the machines inside the network.
There are some things around the globe which will stay only as temporary. I'm going to take the co-lo server home when possible, and nearest that, as close as possible to ths date. The thing is that I want to sell the computer.
I don't want to maintain a machine on the net that might be owned at any point because of a crappy operating system, or something like that. I ponder, that you could start off with 700€ on huuto.net for the machine. It's loaded, that's for sure, looking at the point we are to believe certain things about the whole system. It's damned fast, and it's more than capable of running even harsh things.
Profile
![[info]](http://l-stat.livejournal.com/img/userinfo.gif)
paranoic_puppy- paranoic_puppy