I saw this on PvP Online today. The people who read this blog might get a kick out of it.

There is a bigger image at the order site (click the image above).

I ran 3.15 miles this morning and that put me just over 50% complete of my 700 mile goal.

The heat at the end of May and all of June was pretty killer on my running. I made myself run early morning and late evening to keep on trucking.

It is nice to be on target for one of my 2008 goals.

Off to Mexico in 4 days. My good friend Brian is getting married. About 40 people will be at the all-inclusive resort just south of Cancun. Should be good times.

Not much poker in the last month. I have been reading some of the books I have to try and sharpen the mind, but no felt time and very little virtual felt time.

The goal was to put a client end box behind some sort of router/gateway device
that would introduce latency and if possible bandwidth restrictions and random
packet loss.

Research indicated the best option is to use dummynet. Dummynet is a flexible
tool originally designed for testing network protocols. It can also be used
for bandwidth management (although the owner claims it is misused).

It is a built in feature of FreeBSD so that is the route I took.

The first step is to download FreeBSD which is now version 7. I download the
torrent file and used the linux command line client “rtorrent” to pull down
the ISOs. I only really needed Disk 1.

The server I found to do this task is a typical older server most IT shops will
have laying around. It is a Dell 1750 with a 2.8GHz processor and 1G of RAM.
That will be plenty of horsepower to do the routing required.

Boot the new router with FreeBSD Disk 1 and begin the install. When it asked about the partitions I used a single FreeBSD partition (type 165) made of the whole disk. For the boot manager I selected the FreeBSD BootMgr. When it came to file system layout, I used the “auto defaults”. It created enough swap and user space for me (even on a 20 Gb drive). When I selected which version to install I used the “developer + ports” version. I made sure
not to install any GUI features (X, Gnome, and the like) because this will be a
headless server sitting in a data center. Give the primary NIC an address on
your LAN and a reasonable name. I named my server “cloud” because it will
represent the “Internet Cloud” when it is fully functional. The first time I did the install, I did not do the developer version which includes all of the source tree. When it is time to update the system it will take a lot longer to update if it is not put down on the initial update. Also, be sure to install the ports tree. It will prove to be really helpful.

Once your system is up and running it is time to install some basic packages
and update the source tree.

I installed the following packages: bash, cvsup-without-gui, and
isc-dhcp3-server. One of the wonderful things about FreeBSD is the ports
system. From within /usr/ports you have access to over 18000 third party
packages with all dependencies already worked out. To install bash for example
you use the following commands:
# cd /usr/ports
# cd shells/bash
# make install clean

That’s it. Simple. I changed root’s default shell to bash because I am more
comfortable working with bash (chsh -s /usr/local/bin/bash). The other two
packages I used are found in /usr/ports/net/cvsup-without-gui and
/usr/ports/net/isc-dhcp3-server.

The next step is to compile a new kernel and world. This is required because
we need to make dummynet a known option of the kernel you are running. Before
we even get close to configuring the kernel, it is a good idea to update the
source tree. That is why we installed cvsup above.

When cvsup was installed a couple of example cvsup config files were put on
the system is /usr/share/example/cvsup. The one we are interested in is
“stable-supfile”. Copy that file to a working name such as “active-stable-supfile”. That way it will not get overwritten with the updates. Edit the new file and change the host=CHANGE_THIS.FreeBSD.org to a real cvsup host. Here is a list of cvsup mirrors. I do recomend not using the Central Servers and using one of the Primary Mirrors. Then you just need to run cvsup.
# cvsup -g -L 2 active-stable-supfile

This will probably take quite some time. If you make the mistake I made of not installing the source initially, this will take 2 or 3 hours depending on your network connection. When the cvsup is complete it is time to begin the buildworld process. It is a simple command but will take quite some time.
# cd /usr/src
# make buildworld

When that is complete you then need to build your custom kernel. Why is it
custom? Because we need to add a few options to the kernel configuration
file. To make this config file copy the generic config file. I used CLOUD because that is my machine name.
# cd /usr/src/sys/i386/conf
# cp GENERIC CLOUD


Edit the “CLOUD” file and add these three options. I put them at the end of
the options section but above the devices section:
options IPFIREWALL
options DUMMYNET
options HZ=1000

Now you are ready to compile your kernel. It is also pretty simple:
# cd /usr/src
# make buildkernel KERNCONF=CLOUD


When that is complete, it is time to install your new custom kernel. Simple:
# make installkernel KERNCONF=CLOUD

Now you need to reboot into single user mode. I have found the easiest way
to do this is to just issue the “reboot” command and sit at console. When the
FreeBSD boot menu appears select option “4″ which is boot into single user mode.

When you are in single user mode you will want to do the following commands:
# mergemaster -p
# make installworld
# mergemaster
# reboot

It sounds simple, but mergemaster can be a bit of a pain. Since this is a
brand new system you can almost always choose “i” to install the temporary
version of the file. If you had done any custom work prior to this merge
you will need to make sure your changes do not get undone.

When you boot to full multi-user and login run this:
# uname -a
FreeBSD cloud.qa.example.com 7.0-STABLE FreeBSD 7.0-STABLE #2: Tue Jun 17 17:17:47 CDT 2008 root@cloud.qa.example.com:/usr/obj/usr/src/sys/CLOUD i386

Now you are ready to make the router. FreeBSD really shines here because you
just need to make a couple of config changes.

First, set up your second network adapter. On my 1750 this is bge1. In
/etc/rc.conf I added these three lines:
ifconfig_bge1="inet 10.250.15.1 netmask 255.255.255.0"
gateway_enable="YES"
ipnat_enable="YES"

Then I created a file called “ipnat.rules” with these two lines:
map bge0 10.250.15.0/24 -> 10.10.10.5/32 portmap tcp/udp 40000:65000
map bge0 10.250.15.0/24 -> 10.10.10.5/32

The “10.10.10.5″ address is my network address to the outside world, adjust
that as necessary.

Now you need to setup DNS forwarding. Named is already installed on your
system you just need to enable and configure it. In /etc/rc.conf add this
line:
named_enable="YES"

Then edit /etc/namedb/named.conf. Comment out the “listen-on” entry so it
looks like this:
// listen-on { 127.0.0.1; };

That will enable named to listed for anything on the network. Then un-comment
the “forward only” line. You also need to un-comment the forwarders section
and enter your upstream DNS server. Mine looks like:
forwarders {
10.10.10.71;
};

To make it easier to have clients on your new internal network you may want to
configure the dhcpd server installed above. The file is located at
/usr/local/etc/dhcpd.conf. Mine looks like this:
option domain-name "example.com";
option domain-name-servers 10.250.15.1;
option subnet-mask 255.255.255.0;
default-lease-time 86400;
max-lease-time 86400;
ddns-update-style none;
subnet 10.250.15.0 netmask 255.255.255.0 {
range 10.250.15.150 10.250.15.200;
option routers 10.250.15.1;
}


You also need to enable the dhcpd server by adding this line to your rc.conf
file:
dhcpd_enable="YES"

There a few other options in rc.conf you should add now because we will need
them for dummynet specifically:
firewall_enable="YES"
firewall_type="OPEN"
dummynet_enable="YES"

Now make sure your 2nd NIC is plugged into a hub/switch/vlan segment and reboot.

When your system comes up an ifconfig should reveal that you have both NICs up
and the network configured. The command “ipnat list” should show your two
NAT rules from above.

Hook up a client box to the internal network segment. Use DHCP and get a
lease. When you have a lease, do a nslookup of a known host (like www.cnn.com).
Fire up a web browser and make sure you can surf the web. Life should be good
at this point.

Now we are at the point of this computing adventure. Time to add latency!

On your client box set up a continuous ping. For windows this would look like:
C:\> ping -t www.google.com
Pinging www.l.google.com [74.125.47.147] with 32 bytes of data:
Reply from 74.125.47.147: bytes=32 time=36ms TTL=241
….
Reply from 74.125.47.147: bytes=32 time=37ms TTL=241

Now on your new network device issue these two commands:
# ipfw pipe 10 config delay 50
# ipfw add 1000 pipe 10 all from 10.250.15.0/24 to any

Look back at your client box. The ping times should jump 100ms. The 50 from
the first command is actually done twice, once on the way out and once on the
way back in. You have just added 100ms latency to your connection.

Great, now it is time to remove that latency. These two commands will do it:
# ipfw delete 1000
# ipfw delete pipe 10

Poof. Latency gone.

You now have a router with a high cool factor. Why cool? Because you have a lot more control over your internal network than your normal plug-n-play routers.

I have updated my gallery from YaPig (yet another picture image gallery) to Gallery2.

The main reason was comment spam. I disabled comments the hard way (by removing the comment page) but the system needed a newer better version.

You can find the new one here Steve’s Gallery. Don’t be too freaked out by the hand wound pictures, it has basically fully healed by now.

Gallery2 installed quite easily; The only “tricky” part was the database, and that was just recalling how to grant privileges to a new db user.

As many of you know, I don’t shop at Walmart if I can at all avoid it. I don’t like the way they run business. That mainly stemmed from vendors and employees because they focused on getting the lowest prices to the consumer. I’m not sure they have the lowest prices anymore- since I don’t price shop at places where I won’t actually buy anything.

I now have another reason NOT to shop there: FMF recently went and was trying to buy a bunch of merchandise. He ran into a sign that read:

No human checkers for carts with more than 10 items.

Really? Are you kidding? That is ridiculous. Especially now with the “Super Walmart” where they expect you to do all of your grocery and household shopping in one place.

Read about his experience yourself: I’m Done with Walmart

Done with Walmart indeed.

Kelly, a friend of mine, pointed me to this wonderful piece of research and documentation: The Etymology of Human Male Non-Verbal Communications (or, Why Men Fist-Bump)

Enjoy.

Damn it. I guess I am growing up. What fun is that?

Tim Schrick is not the Stig. Or at least the only one.

I’m finally got to use my new toy on Sunday morning. What is it you ask? It is a Smith and Wesson Sigma .40. It may prove to be the most wildly in-accurate gun I have ever shot. At 7 yards, 4 different people shot at a paper target and no one has any clue where the shots were going. Sickening. I took it apart last night and made sure the spring was centered and that the barrel looks clean so maybe next time out it won’t suck. .40 ammo is not cheap- about $17 for 50 rounds, so it would be a true waste to have it be useless.

Canada is going to try and ask the border guards to check iPods and the like for infringing material. Um… how? If I move all of my CDs onto my iPod I am still qualifying for fair use. How do they know if I still have the CD or if I borrowed it or if I downloaded it from limewire? You really can’t tell one way or the other. Irritating.

Neat article about the changing demographics of stray dogs in Moscow. Even the dogs are adapting to the changing Russian society- including stopping at lights to let traffic go and riding the subway.

Have a great Thursday everyone. The weekend is almost here, I can nearly taste it.

Grisoft has a new version of their virus scanner out, AVG 8.0. I spent a bit of time installing it today on my laptop and found a big annoyance: by default it actively scans all of the web pages you visit and every link on those pages for “malicious” code. The intent is nice- make sure I don’t go to a web page that will infect my computer. BUT I don’t like it one bit. It slows down and clutters up my web experience by modifying the pages I am on with little green check marks and pop-ups to let me know the link is safe. In addition I use Firefox with no flash, no java, and no active-x controls. This severely limits the way malicious code can run.

How to fix it? First, uninstall AVG 8.0 and reboot. Then you need to run the installer from a command line with these arguments:


c:\avg_free_stf_en_8_100a1295.exe /REMOVE_FEATURE fea_AVG_SafeSurf /REMOVE_FEATURE fea_AVG_SafeSearch


Obviously if you have a different installer executable version, use that. This will start up like the normal installer and once installed, it will update and scan just like the full version- only without “SafeSurf” and “SafeSearch”.

Hope this helps.

Lozo over at Why Don’t We Get Drunk and Blog? is reminiscing about his blogging past and brought up, what I feel is, one of the best blog posts ever.

The Girl Sports Fan: An In-depth Study

It is just amazing how accurate it is. I often find myself at the bar sitting near a GSF and thinking- yep there is a wading pool’s worth of depth in that one’s sports fandom.

Give it a read, I promise you will enjoy it. Double your money back if you don’t.

Worst chess set ever? Maybe.