Ok, so this morning woke up early, decided that wasn’t a good way to start the day so went back to sleep. Got up later, had breakfast, drank espresso then took the dog for a two and a half hour walk. Came back, mowed the lawn, hung the washing out. Had lunch (boiled eggs on Sunday) then spent 3 hours digging out the hedge. Which is now finished, just needs some serious raking before I can seed it. So that’s a job well done.

Then retired to my lair… dug out the netbook and connected it to the service port. Added all the Wan1 inbound rules, doesn’t appear to have caused any problems. Then added the gateways for the load balancing. Decided to connect the Wan2 port to the existing local lan, this is on the same subnet as the new lan local lan subnet. To cut a very long firewall log short, it wasn’t happy. So dug through my junk box and found a long network cable. I then connected the Virgin router directly to Wan2 and behold load balancing actually appeared to start working. The final straw to resolve was accessing the web interfaces of the two routers, the Virgin router played ball straight away and I could access it’s web page. The Draytek on the other hand is not being quite so nice, I’ve found a bit of a tutorial on how to solve it, but part way through testing it I managed to kill all connectivity, so decided to call it a night.

Jamie is off ‘fapping’ to blue people. Time for me to drink a nice glass of white and have a bath. I think I’ll have the new pfSense thing all running by the end of the week.

So finally getting there. I gave up on trying to get it to work with public facing IP’s on the server. So reconfigured the server to use port forwarding with a couple of IP’s from the local subnet. Got this working with a few fixups on postfix, courier and amavis. Then used my old Draytek to port forward. All worked fine provided you are outside the local then. Inside you get lots of nat reflection problems. Rather than piss about I decided just to move over to the pfSense box.

So, deleted the old bridges and created one bridge which contained the FLAN (fixed lan), WLAN and DMZ. After loads of rule fiddling I finally got the whole thing to work. Same problem with nat reflection, but thankfully pfSense has a couple of options to get round that, so after more fiddling it now all works inside and outside the local lan.

So now it’s up and running with the old Draytek running on the Virgin line and running my main lan and pfSense running on the pfSense box running my server. So at the moment they arn’t linked. Next step is to add more firewall rules to the incoming lan (the Virgin one can all be blocked). Then add the second wan to the pfSense box and do all the routing for load balancing. So, all a bit of a mess, but I think it’s finally getting there.

Went to the gym and ran far too much.

Started the day with far too many postman and couriers turning up. Why can’t Jamie get his arse out of bed for once. My new sunglasses turned up anyway, they look cool. Lost another pound in weight, that’s 10 pounds now, keep it up for the holiday.

Been working on mobile game which made a nice change, finished the bulk of it by lunchtime, so moved back to the M4A codec thing. I’ve managed to produce an M4A file, it just doesn’t play, but the binary is close, so I guess it’s getting there. And avoided most conversations about anti-aliasing.

So started back on pfSense again. Got the new ethernet modem out. That actually had a later firmware on than available on the support site, which makes a change. Modem worked fine, unlike pfSense.

Spent a couple of hours buggering about with it, managed to get normal routing to work eventually. Couldn’t get a peep out of the server though. Went to gym, ran lots. Came back and gave it another couple of hours. By the look of it, bridges confuse it. Especially if you have the same interface bridged twice. In the end I couldn’t get DHCP on the server or anything. I think what I’ll have to do is delete it all down and start again one step at a time from scratch, with multiple reboots in between. Anyway, it’ll keep me busy and off the wine for a few more evenings I’m sure.

Spent most of the day trying to write out an m4a file, which is more problematic than it first seemed. M4A/MP4 is one of those lovely encapsulation formats designed by the mpeg people. Which means is very complex, over engineered but very flexible.

Ended up using a massive lib that supports stuff like album cover art. I’ll get it all to work first then strip all the crap out. Tomorrow I’ve got some work on another mobile project to do.

Walked the dog, fed the dog, which is considerably more than Jamie ever manages.

Decided to play with pfSense again before I went to the gym. I now have (hopefully) all the firewall rules set up, plus all the gateways and the load balancing stuff. Reset the DHCP server and now ready for some live testing I guess. Next step is to set up the Draytek on PPoE and see what works (probably not much). By the time I finished piddling about I left late for the gym, so only did half an hour, but still got out the house.

Again a wine free evening, but I did have some cake.

And oh yes, last night I did dream about firewall rules, sad isn’t it.

So the day started well, I took the woof for a two hour walk. Weather started out miserable but I started sweating buckets as the sun finally decided to show it’s face. It defo wasn’t woolly hat weather.

Got back and did the garden poo run, emptied the kitchen compost and refilled the bird table. I then preceded to have the standard Sunday lunch of two boiled eggs, while I read the paper.

Then it was time to venture out to the front garden again. I’m slowly trying to clear a hedge. Slowly being the operative word. I had a tree stump in my path and three hours later it was finally out.

Then on to the next job….pfSense firewall. Well this one’s been on going for a while. So after the strange firewall error from last time I decided to reinstall from scratch. First thing I did was set up one of the spare NIC’s as a backup emergency access for when I inevitably locked my self out of the web config. This time I set up all the bridged lans as ‘none’ and then created the bridge and assigned that to LAN. After some playing with the server firewall it all actually started working. So I’ll leave it there for this evening. Next job is to create a proper set of firewall rules.

And now bath time (I’m already on the wine, but digging was hard work), then I’m going to watch the Olympics closing ceremony.