Since installing SquirelMail, I've been unable to send mail out to the Internet, mainly due to the issues of running a private domain name within my network behind my cable-modem.

I spent a bit of time today making it work via the Exim4 MTA, which I ended up with on Debian. (As I recall, it's the default MTA, but I could be mistaken.)

As usual, I wrote up the effort in my Document Trove.

Here we go again. As is my regular habit, I've grown weary of my mail client, and have decided to change yet again. This time, I'm going to do something radically different and go for a web-based client. The simplicity of it is somewhat appealing, but moreso is the ability to access it easily from anywhere on the Internet. Of course, accessing it from the Internet securely is another topic all together (a topic I'll address at a later time. ;)

At first, I tried Horde, which I've been told is a really good mail client, among other things. Essentially Horde is now a framework with things like Calendars, Todo lists, and so forth. I just wanted mail, and I wanted to do get the whole thing working on my Debian box through APT, in as few commands and with as little effort as possible. Horde quickly turned out to be neither easy nor convenient to set up, so I quickly abandoned it.

My next effort was to try Squirrelmail. It's a pretty neat little application, in all, very simple and clean. It was easy enough for me to set up within a half-hour or an hour, without too much effort or digging. I've done a quick-and-dirty write-up of my efforts in my Document Trove.

It's a pretty easy to use, clean piece of software. I'm not thrilled with how it handles threading, but I've come to the conclusion I can't ever be completely happy with any mail client, so I'd better decide what's important to me.

We'll see how I like this one in a few months. Let's just hope the cycle is finally broken. (I'm tired of having my years archives of email scattered between disks and file formats.)

I've been motivated of late to work on a Network Intrusion Detection System (NIDS) on my home network a lot more lately, due to various reasons not worth stating here. The natural choice for the signature based component is Snort. Suffice it to say it's been years since I gave the software a good look, being too tired and weary of NIDS after my day-to-day at work. I think the last version I tried at home was 2.0 or 2.1, and I'm glad to say that a lot has changed, all for the better.

I won't go into the gory details about what Snort can and can't do, that's been done to death in books, online guides, and documentation. In particular, snort.org has an excellent guide about installing the latest Snort on Debian (warning, PDF link).

In addition to really neat features, Snort has become quite a resource...erm...hog <ahem>. My firewall device, running Debian Sarge, started with 196MB of RAM and 193 MB of swap space. When I tried to start up Snort with those parameters, the kernel killed it. I doubled the physical RAM, and found that it was still running out of memory, with the kernel still killing Snort. So I doubled the swap-space too in the end, and it finally ran, leaving only 66MB free.

It looks like I'm going to have to find still more RAM.

I've been neglecting my VMware server, not out of boredom, but out of disk space. Literally. I didn't have enough disk to run a proper VMware server. So, I went and found a nice deal at NewEgg, a Western Digital 250GB drive SATA for only $85. The disk arrived last week and I installed it. Then I confronted my aged VMware beta install. That's where the fun began.

I did an emerge --sync && emerge -uDav world && dispatch-conf, stopped the current VMware server, uninstalled the old version (the VMware overlay for Gentoo isn't done with proper Portage revisioning), and updated my working copy of the Subversion repository at
http://callisto.cs.kun.nl:81/svn/trees/vmware/app-emulation.

The revision number came out at 53, and I promptly had emerge errors that complained about broken VMware ebuilds.

Doing a little Googling, I came across some good sites (see the end of this post). Apparently the Gentoo Overlays are becoming official projects and have centralized Subversion repositories now. Cool! My only problem became a little one. WHERE THE HECK WERE THE REPOSITORIES??

I couldn't find any docs, either on the Gentoo Overlays site, or on gentoo-wiki.org. However, a polite email to overlays@gentoo.org gave me my answer:
http://overlays.gentoo.org/svn/proj/vmware/trunk/app-emulation.

The latest revision from there was 64, which works like a champ. So, if you're stuck like I was, just go get the latest revision from that repository, and you should be all set.

Links
* http://gentoo-wiki.com/HOWTO_Installing_3rd_Party_Ebuilds
* http://gentoo-wiki.com/TIP_Overlays
* http://overlays.gentoo.org/proj/vmware/timeline

It's been a long while in coming, but I finally got VMware working on Gentoo AMD64. I've posted the details of the problems I encountered, as well as the solutions I found here

I just finished rebuilding my firewall. What a crappy way to spend an evening.

Today when I got home, my network was in a general state of screwed up. Two of my four towers were cold, and the firewall was completely fubar'd. It wouldn' mount anything other than /dev/hda3. What was totally strange about it was that it claimed /dev/hda didn't exist...although it did mount /dev/hda3.

I think my firewall problem was due to the fact that I did an emerge -uDav world on the weekend. The disk was physically fine, but the OS was totally hosed. In any case, I wasn't about to trouble-shoot so intricate an issue, particularly when the server that was down was the heart of my network. I did manage to save my iptables config files by booting to a Gentoo LiveCD copy I had lying around and scp'ing the tarball of my few config files off to another server.

So, I failed back to my old FreeBSD firewall, which had been sitting cold, ripped out the little 3GB Seagate hard-drive I'd been running on, and installed a 6GB Western Digital. I then added some more RAM and a second quad-ethernet card, and set about installing Debian.

The Debian install was a breeze, as is to be expected. The only hassle I had was the MAC cache on my cable modem, but Comcast explained that a simple reboot would flush that right out. 30 seconds later and my Debian box was sucking down dpkg files and installing.

I manually configured the file system, that was no big deal. Fortunately enough, the default kernel came with iptables installed, so I didn't have to recompile the kernel (that would have taken a while!). At the end of the Debian installer, I chose the following packages to set up the standard-issue basic home-router:
* dhcp-client
* dnsmasq
* snort
* ntop

To be honest, however, I had forgotten to install dhcp-client, installing the server instead. That too was no problem, however. I was able to set the old firewall as the new firewall's default router, just to download the package. After I had installed that, everything pretty much fell into place.

That's the first time that a Gentoo system ever crapped out on an emerge world for me. Rather disappointing, but at this point it leaves just my AMD64 box as the last Gentoo system standing. It's probably just as well, this last cycle of emerge world on the old PII I'm using for a firewall took over a day.

This evening I made a purchase that is perhaps long overdue. I bought a relatively inexpensive AMD64 motherboard and accompanying 2GHz processor, along with 1 Gig of DDR RAM. This will be the most powerful server I've put in my cabinets yet.

There are several reasons for buying this. One, I just bought an ATX mid-tower case for an old Athlon my parents gave me. Unfortunately, the board is quite toast, and I don't feel like exerting any effort to fix it, since it's so old. Secondly, Tiger Direct had a couple of good sales going on. I bough the whole kit for less than $200 (after rebates).

Thirdly, with VMware making their GSX server free, I realized that a powerful box to host a virtual suite of machines would be far more economical in the long-run, not only in terms of electricity consumed, but also in terms of time spent playing sysadmin.

I've worked with VMware Workstation for years, but now that their server product is available gratis, it really expands the possibilities and the potential. Virtual machines running resident on a server open up all kinds of possibilities for black-hat tool and malware testing and research, for honeypots, for playing with different (x86 architecture) operating systems, for virtual networks of servers to play different roles like mail server and so forth, and just for standing up special boxes on short notice or general geek play.

This will be my first foray into a 64-bit system at home. At work, I've been dealing with 64-bit for some time of course, but I've never owned a 64-bit system. The idea of making that transition is quite exciting. Upgrading architecture platforms is one of those rare moments for a geek. Clock speed increases on chips happen all the time, but to move to the next level on the overall chip architecture is a rarity indeed. The last time I made the jump, from 16 bit to 32 bit, I had never heard of Linux, and everyone was running Windows 3.11.

Naturally, I did my research for Linux support. My first inclination was Debian, since I've recently switched to it from Gentoo as my Linux distro of choice. Sadly, however, Debian does not have strong native AMD64 support. So, my second choice was Gentoo, which has robust AMD64 support.

Even before I had found that Debian didn't have good AMD64 support, I was thinking Gentoo might be what I want on this new system. After all, optimizing for the particular hardware platform it's running on is what Gentoo is great at. With such a powerful system, the compile time for software packages should be minimal, and the potential gain of a well-tuned system will pay back the effort, particularly if I'm going to stuff it full of virtual systems - every bit will count.

Having said all that, I'm going to make Gentoo my distro for this new mighty server I'll be building. For all the other hardware servers, I'll continue with Debian. It would probably be feasible to make Debian my distro of choice for the VM Linux systems I'll build, in fact.

So, having done my research and made the purchase, there's little left now but to eagerly await the arrival of my new kit. With any luck, I'll get to build it this weekend, or maybe early next week.

This morning when I checked MythTV on the web-frontend, I found that the system seemed to be broken. I was able to fix the problem, fortunately. I did a full write up on the problem and the fix, such as it is.

Okay, so the title is a little cheesy, but so is the title of every other topic in every blog on the planet. Deal. ;-)

So as those who rolled their eyes at the title have already figured out, I went ahead and built my PVR box. Having migrated everything from my old file server, I tore the old hard-drives out, slapped in the nice shiney 300GB Seagate I bought at C0mpU$4 for a C-note, installed the Win PVR-150 card, and booted off of the KnoppMythTV CD.

The long and short of it is, a PentiumII is just fine as a MythTV for recording only. I can download the mpgs and watch them full screen, with good sound. The only bitch is, it's about 1.1GB for a half-hour of programming. I had intended to put shows on my 1GB flash card that I have in my PocketPC, and have a poor-mans video iPod. I'm going to have to look into the settings on the Myth box, and see if I can downgrade the quality just a smidge. That, or I could use mpeg2cut to slice out the commercials, bringing a typical show under the 1GB ceiling.

Forget about streaming on such a thin box, though, it doesn't have the juice. It might be able to watch TV at the same time, but I haven't set it up for that. Besides that, the Compaq I'm running it on has a sound card that Linux didn't like the first time around. I'm not going to spend any time trouble-shooting, since I'll probably upgrade the CPU before long.

The details of my experience can be found here in my private Wiki. Hopefully, someone can make use of them.

So my efforts to rebuild my home network have been largely stalled for the last four months. One of the main reasons for this is all the effort I've been putting into trying to make mainting multiple Gentoo boxes as low-overhead as possible. As I posted before, I've been trying to make a "standard build" for Gentoo, deciding on typical package installs, USE flags, and disk partitions.

I had mostly finished this, and have been spending the last few weeks testing my builds. However, I have yet to actually manage a completed build. I've tried with the 2005.1 ISO twice, but both times failed on emerge -e system. My largely wasted efforts of late have convinced me of two issues with the Gentoo Linux distribution, both of which are actually fairly self evident when looking at the docs.

The first, is that the Gentoo has absolutely NO installer. The entire OS build is done by hand, typing in each command. This can be rather tedious when a person is building more than one system.

The second is that the emerge tool has poor support for binary distributions of software packages. The support is poor because the Gentoo project does not offer binary distribution servers. You have to roll your own binary packages.

My experiences have accentuated these aspects of Gentoo, making them a clear disadvantage to me. Some people may prefer the manual build process and always compiling software, but it doesn't suit me at all. The overhead of administration that introduces is simply prohibitive in my situation.

I've learned a lot with Gentoo, but those aspects of it are making it a pain in the CPU. I'm now willing to try other distributions. First on my list is Debian, which is by comparison a vernerable distribution. The main reasons I find it appealing are those that answer the flaws in Gentoo. Debian is a hard-core Linux geeks distro (like Gentoo), and has the two things Gentoo lacks - a installer system, and a package management system that allows for (in fact, it prefers) binary installs.

So today I did the first part, installing the base Debian system. It was an absolute breeze. A usable, though not particularly shiney, ncurses-driven menu interface walks you through the entire process. Unlike Gentoo, I never had to look at the manual to do the install, I was able to figure it out on my own, following the prompts from the installer.

It should not be considered that there are less choices than with Gentoo, however. I definitely had full control over the install. The partitions I had already created in Gentoo were easily configured via the menu. EVERYTHING was autodetected and loadable kernel modules were chosen appropriately (the video was the only one I had to choose myself - from a simple menu).

To determine which software would be installed, I had the option to select multiple system profiles (Desktop, webserver, fileserver, and so on) as well as the option to manually add packages. I chose my preferences, and within two hours had a perfectly functional File Server. Samba was already up and running, no configuration needed. Apache was also. I quickly and easily installed Subversion and the Apache module. I had to do a little bit of configuration there, but it was fairly self evident. (editing /etc/apache2/mods-enabled/svn.conf and running /etc/init.d/apache2 reload)

I was completely shocked by how quickly the software installed. It all made perfect sense, of course - the install consisted of apt-get, Debian's equivalent of emerge, simply downloading the packages and doing a bunch of file operations. Something that would have taken up to an hour on Gentoo took mere minutes. Wahta concept!

So now, after just two hours today, I have the new file-server for my network built, just the way I want it. After months of planning and weeks of failed attempts, I couldn't achieve the same with Gentoo.

My one big worry with Debian was the ability to keep my systems up to date. It seems that apt-get has an update feature, though. I'm anxious to try it out, with any luck, it will work as seemlessly as emerge -uDav world. I certainly imagine it will be faster. ;)

So the issues I'm already finding with Debian are the ability to see what packages are installed on the system already. My initial searches through manpages and first-page Google searches haven't been helpful. Other than that, I have no issues with Debian so far. :P

One concern I had was support. Gentoo has a pretty rich documentation set, and a large community of geeks that offer their help. After some Google searches, I've quickly learned that Debian also has a treasure trove of documentation and support, however. You just need to know where to find it. For those who don't feel like looking, here's what I've got so far:

Debian Resources

Debian install guide using a minimal CD (network install)
APT HOWTO
Debian Forums
Debian Wiki