01.30.06
Mac OS X firewall
Using the builtin preference pane for managing the Mac OS X 10.4 firewall is adequate for simple things, like opening service-specific ports. But when a bit more control is wanted, like allowing some traffic from specific subnets, the preference pane just doesn’t cut it.
Luckily, the firewall is controlled using the ipfw command. So disabling the firewall in the preference pane and then using a script like this one:
djn:~ djn$ cat /sw/etc/firewall
#!/bin/sh
IPFW='/sbin/ipfw -q'
AUBNET=/24
HOME=
PRIV=192.168.0.0/16
$IPFW -f flush
$IPFW add 2000 allow ip from any to any via lo*
$IPFW add 2010 deny log ip from 127.0.0.0/8 to any in
$IPFW add 2020 deny log ip from any to 127.0.0.0/8 in
$IPFW add 2030 deny log ip from 224.0.0.0/3 to any in
$IPFW add 2040 deny log tcp from any to 224.0.0.0/3 in
$IPFW add 2050 allow log tcp from any to any out
$IPFW add 2060 allow log tcp from any to any established
$IPFW add 2070 allow log tcp from any to any dst-port 22 in
$IPFW add 2080 allow log tcp from any to any dst-port 8080 in
$IPFW add 2090 allow log tcp from any to any dst-port 6881-6999 in
$IPFW add 2100 allow log tcp from any to any dst-port 80 in
$IPFW add 2110 allow log tcp from any to any dst-port 427 in
$IPFW add 2120 allow log tcp from any to any dst-port 443 in
$IPFW add 2130 allow log tcp from $AUBNET to any dst-port 139 in
$IPFW add 2131 allow log tcp from $HOME to any dst-port 139 in
$IPFW add 2132 allow log tcp from $PRIV to any dst-port 139 in
$IPFW add 2140 allow log tcp from any to any dst-port 5900-5910 in
$IPFW add 12190 deny log tcp from any to any
$IPFW add 20000 deny log icmp from any to me in icmptypes 8
djn:~ djn$
along with daemonic from fink, with a configuration file like this one:
djn:~ djn$ cat /sw/etc/daemons/firewall.xml
Firewall
djns modified firewall
/sw/etc/firewall
djn:~ djn$
then running the command sudo daemonic enable firewall and then checking /Library/StartupItems/ like this:
djn:~ djn$ ll /Library/StartupItems/daemonic-firewall/
total 8
-rw-r--r-- 1 root wheel 289 Jan 30 15:45 StartupParameters.plist
-rwxr-xr-x 1 root wheel 279 Jan 30 15:45 daemonic-firewall
djn:~ djn$
And everything should work fine. Reboot to check it 
. Running a sudo ipfw list reveals the current configuration of the firewall.
01.25.06
Virtual PC 7 and Kubuntu
I played around with Kubuntu and Virtual PC 7 for Mac. The install went flawless and so did most of the boot, except X.
The only thing that needed fixing was changing the default color depth from 24bit to 16bit or else the screen would misbehave.
WordPress: Now Reading
I have patched the popular Now Reading WordPress plugin to enable manual insertion of books in the database. Read more here.
01.24.06
Cycling application on Mac OS X
I use cmd-tab alot to browse between the open applications on my Mac. However, once in a while I’d like to cycle the other way. Doing so is possible with cmd-shift-tab but it is a cumbersome keypress.
Just today I discovered that cmd-` is equivalent to cmd-shift-tab when the application list is open. That is nice.
Battlestar Galactica: Season 1
My copy of Battlestar Galactica: Season 1 arrived today Happy, Happy!
I can’t wait to start watching it 
01.21.06
Der Untergang
I just finished viewing the movie “Der Untergang“. A movie about Hitlers last days of World War II. The story is based on the memories of Traudl Junge, the last secretary for Adolf Hitler.
The movie is very emotional and really depicts the cruelties of war. It is especially intriguing to view the paranoia and mood swings of Hitler and his surrounding officers. The Goebbels are depicted as very cruel people — or at least VERY misguided. Truly a must-view movie!
Graduation event @Daimi
I graduated from Daimi September 2005. Normally, Daimi doesn’t throw graduation events and the diplomas arrive via snail-mail — as did mine. However, once in a while they DO host a kind of post-graduation event where people who recently graduated from Daimi receives an official congratulation and a handshake.
I attended one of these events yesterday. In the invitation it was noted that the event was held together with Iha, who celebrated the first graduates from the newly created “Master of Engineering” line in cooperation with AU. There was several invited speakers, even the mayor of Aarhus was invited (although he never made it, he was stuck in a train due to bad weather).
So I was expecting a rather dull afternoon with the highlights being the chance of seeing some old friends. And I wasn’t dissappointed. The speaches was indeed dull. Some of the speakers did not even mention that we (the graduates from Daimi) was there. They only spoke about the engineers and their bright future. It was a complete waste of time — Well, except for drinking a few beers with some mates 
Which is always a good thing!
01.18.06
Battlestar Galactica
Got around to watching the mini-series for Battlestar Galatica today. I liked it. Definitively an entertaining series I’m looking forward to watch the first season!
01.15.06
Relaxed Weekend
This weekend has been quite nice, relaxed and laid-back. Except for my daughter getting a bit of fever at night. We have watched a couple of movies: Hitchhikers Guide and Bride and Prejudice. Also, we managed to complete our quest to view the first season of
Charmed.
Tonight, I’m going to watch some more TV. Got several films and series waiting to be watched
01.11.06
MacBook Pro?
So Apple finally launched some Intel based laptops and renamed their powerbook line to MacBook Pro — I guess they’ll rename the iBook line to MacBook once the Intel versions launch…
