Thursday, February 9, 2012

iptables be liberal cheatsheet

A while ago I posted about how Cisco firewalls can make certain packets' state look invalid to iptables which causes slow performance because packets would be dropped and had to be retransmitted. This was inspired by a much more interesting post on endpoint.com. Since then I've often had to relax the invalid checks on iptables by setting the following proc values on rhel5 or rhel6:
rhel5
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal

rhel6:
/proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal

Wednesday, February 1, 2012

emacs usb foot switch

Found an entry on emacswiki.org about foot switches. I see that xkeys now has a GPL'd SDK. I think it's time to get my feet in on the action...