Further adventures in Firewall upgrades

[Brian Densmore]

> we have serious
> code bloat happening in Linux.  It could be argued that at 
yep!
That's why I'm building a new one!

> of professional coders with cushy jobs or backing.  Programs 
> that should be
> runnable on a minimal, text-based system are being developed on
> multiprocessor RAM hogs with dual-head graphic displays.
I think it is default RPM building, people aren't taking time to filter
out unneeded
code when making RPMs

> discovered that some 400+Mb was accounted for by the Kernel Source.  
Remember that 400+ is for ALL architectures Linux runs on. And since
Linux runs
on virtually any hardware still in existence, it's quite large. One of
the first things I do is
delete all the other platform directories from the source tree.

> after the upgrade.  Which brings up another point - isn't one 
> of the big
> complaints about Microsoft that you have to reboot to 
> upgrade?  This upgrade
> required two reboots, one to launch the upgrade, and one to 
> implement it.
> That, and several to recover from it.
no comment

>Although a script is provided with the
>(8.2?) version of BIND that's supposed to translate your old config
files to
Do you mean convert Bind 8 to 9? 
Doesn't work. ;') 
[yep, I've already been there]
[see previous rant on apache]

> kernel 2.4.x IPTABLEs system is reverse-compatible with the 
> old IPCHAINS commands
Not true. Don't know who wrote that! They are close, but not entirely

Brian