Our spiffy new T1 got turned up last week, and I finally found time to move the LAN over today. Yippee, a connection that works. It doesn’t have the download speed of a cable modem, but it is symmetrical, so uploads do actually go at 1.5 megs. Given the number of pictures we post, that’s a big deal.
Lisa is now making extensive use of Flickr, although we also still have a Gallery II installation on our rented server at MAE-East. We certainly have the bandwidth now to host our own text sites, but I’m a little concerned about the images. If we were starting now, I’d put the images on Flickr for $25/year and not have the $70/month server. However we have years of links to our own Gallery, and there’s some serious bandwidth used. We’d be more selective uploading to flickr. I’m thinking of ceasing to update the gallery for a while and then hauling it home when the traffic falls to something we can serve.
I’m still working through firewall issues. Our setup is elaborate enough to justify a real DMZ/firewall configuration. Dealing with Iptables straight is a serious pain. I tried a highly recommended app called Firestarter which claims a painless configuration. The jury is still out on whether it’s better than Emacs and a book. It’s not painless, but I learned better than that around 1970.
The good points are that you can point and click authorize the most common services and that you can monitor what’s being blocked, and authorize it if you wish to.
The bad points: It claims to setup DHCP for the LAN side of your firewall. Actually the cockamamie DHCPd.conf it spits out is just plain wrong and dhcpd won’t start. I’ve got everyone on static 192.168 IPs at the moment because life is too short.
The ‘most common’ list is very short: no PPtP, no AIM, no Yahoo. I need to get all three working.
And finally, it has no clue whether or not it has either restarted iptables or saved the new configuration. According to Firestarter, a restart always fails and a save configuration always succeeds. Actually, restarts work but take several minutes, and I think it only saves configuration on exit, no matter what it says.
As I said, jury still out.