New year's resolutions21 Dec 2006 2007 is approaching fast and I need a couple of resolutions for the coming year.
First, I will set up a netfilter wiki which has information on the internal workings of netfilter. Right now, the code is the documentation and that can be a bit disorienting when trying to debug some problems. I've tracked down plenty of problems in the kernel so far, some of which I documented on my blog (like the RTSP connectiontracking stuff). But a blog is not the correct place for something like that. A wiki can be of much more use. Proof of concept: http://www.linux-mm.org.
This wiki will serve as a personal platform to do some work on netfilter. Specifically, I'm working on both IPP2P and NF-hipac. IPP2P is a kernel module to do peer-to-peer filtering. I've done some modifications in the code to do better filtering. I have a couple of ideas to merge both ipp2p and layer7 (another p2p filter) and perfect the filtering. NF-hipac is an optimisation of iptables that should minimize the amount of memory lookups per inspected packet, thus speeding up the firewalls. It should have been merged with the 2.6 kernel for a while now, but it seems the work on it has stopped. Since I use the nf-hipac patch in a heavy-duty production environment, I need these optimisations. I started by looking at the hipac presentation (netfilter meeting 2005 or so), which confirmed my assumptions about the algorithm. Further investigation led me to the paper "Tradeoffs for Packet Classification by Anja Feldmann and S. Muthukrishnan, which describes the algorithm in more detail. I plan to reimplement this algorithm on netfilter directly (or maybe as a module).
In both cases, I will need a better understanding of netfilter. So while I research and implement, I'll document my findings on the wiki. In addition, this wiki could be helpful to the internet but that's not my main concern at the moment.
Second, I need a new website. I'm happy with drupal, but I've messed it up quite a bit trying to integrate everything. I want to use my website mainly for blogging and maybe the "Useful Content" section. My pictures will move to somewhere else. Possibly a gallery-type website. I can still link to that from my blog and it will broaden my options when chosing a gallery-software package (it doesn't have to be compatible with drupal).
In addition, I would like to append to my blog, without having to go through the webinterface. This will hopefully increase the amount of posts on this blog. Likewise, a photo-gallery tool to which I can upload directly from my digital camera would be nice. I *HATE* webinterfaces. They impose unnecessary restrictions to the user, like how to upload files or edit texts. I have a perfectly good upload utility (scp) and text editor (vim) without having to use some web interface.
Third and (for now) last: I want to move my website off of the ekonomika server. I've been admining this server for 8 years now or so and I'm more or less fed up with the situation. I see no reason why I should invest my free time in helping people who apparently don't show any gratitude. It's time they stop taking me for granted.
To this end, I'll be on the lookout for better hosting elsewhere.