I had just settled in of a Saturday evening with a wee dram of Irish
whiskey, a good Henry Clay cigar and Linux Gazette #109. I had worked my
way to "Return of the Linux Laundrette" and reached the section "Re: [LG
87] help wanted #4". This piece caused me to drop my cigar (due to
uncontrollable grinning, giggling and guffawing), setting my sweatpants on
fire.
[39]http://linuxgazette.net/109/lg_laundrette3.html#nottag2/14 for the
terminally lazy :)
I'm fine, thanks - I extinguished the blaze by spilling my libation in my
lap - followed, of course, by the water chaser. Be advised that I will be
taking legal advice re: financial recovery for the loss of the whiskey...
Well, Ben and I have our own sideline business
([40]http://linuxgazette.net/107/misc/laundrette/lg_hitsquad.html),soIcan
say with some confidence that it won't come to that, though some recovery
may occur at some later date.
I don't know how you people manage to produce such an outstanding
combination of useful Linux information, non sequiturs and a, ah, rather
approach to humor (my kind!) - but I certainly hope you keep
doing it for a long time to come.
Well, I'll be compiling it for a while to come: it's a lot of fun to go back
over the offtopic threads every month, especially since there are so many of
them --
Dec 01 08:44:05 lucky sucker, the recent gang must be a treasur
e trove for laundrette bits.
Dec 01 08:45:29 I felt kind of duty bound to take over the laun
drette...
cos most of the time all I do is perpetuate those threads
[though I should have said 'perpetrate' :) ]
Dec 01 08:45:39 lol
Sincerely,
Mark W. Tomlinson
Thanks for writing,
Jimmy
____________________________________________________
Math bug in Advanced Features of netfilter/iptables article
Mon Dec 6 03:59:45 2004
Barry O'Donovan ([41]LG Author)
Question by Rich Price (PRICER from us.panasonic.com)
Hi Rich, all,
Advanced Features of netfilter/iptables by Barry O'Donovan [November 2004
(#10 8) ] was a very informative article.
Thanks! It's always good to hear positive feedback.
But my "math flag" flew from my pocket when I saw his example for using the
random module.
So did mine on reading the published article. I had actually planned to
point it out with an Octave example demonstrating the difference between the
right and wrong answer in this months article, but when it came to writing
it I discarded the example as it didn't fit with my layout and completely
forgot to add it as erratum.
If there is one thing I have learnt about statistics (and I've learnt quite
a lot between my degree which was top heavy on stats and my research where I
use the damn stuff every day) is that if the answer is simple, then it's
just plain wrong!
If you wish to divide the packets evenly among the four servers then the
example should look like this:
...............
-A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -m random --averag
e 25 \ -j DNAT --to-destination 192.168.0.5:80
-A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -m random --averag
e 33 \ -j DNAT --to-destination 192.168.0.6:80
-A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -m random --averag
e 50 \ -j DNAT --to-destination 192.168.0.7:80
-A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -j DNAT --to-desti
nation 192.168.0.8:80
...............
The reason is that, after 25% of the packets are NATed by the first rule,
only 75% of them will be seen by the second rule. A third of them would
equal 25% of the total. Likewise, the third rule will see only half of the
total and half of that is 25% of the total.
Correct. A subtle and simple mistake that might cause many a sys-admin a
prolonged headache!
When speaking of mistakes and statistics, I'm always reminded of a few
quotes:
...............
"There are two kinds of statistics: the kind you look up and the kind you
make up."
=4= |
