[music | The Pixies - Break My Body]

If you'll remember back a few months, I lost a toenail after catching a drunken pit guy at Rev. Horton Heat. In today's installment, it's a fingernail.

Today I was putting some switches in a rack, and was putting in cage nuts the un-safe way. With a screwdriver instead of a cage nut tool. Here's what the aftermath of that can look like unless you're more careful than I am.

I'm putting pictures behind here for people who are queasy:

The CSSManager is meant to allow access to certain functions of the Cisco CSS series load-balancers to less trusted (non network-engineer) staff without opening the CSS up to too much risk of misconfiguration. Currently it allows web users to suspend and activate Services in bulk quickly and safely. There are also value-added features such as "locking" servers so someone can't accidently activate a server that was suspended for a reason, comments are also useful, especially when used in conjunction with CSSPump to give context to a suspended or down server.

The first public release is right here. It should install and run fairly easily. If the Expect script gets something it doesn't like, it will simply freeze. This is again because of the target audience. If, after initial deployment, this tool doesn't complete its tasks properly, something is likely wrong with either the CSS or your route to it, and a network person should be looking at things, so I don't want it to gloss over failures.

It is very easy to make your CSS (inadvertently) write brand new config with this tool, as with anything that has the possibility of removing your entire load balanced server farm from the internet, it should be thoroughly tested before deployment.

Here are some tools I've written which could be of use to other folks. It's going to be mostly Cisco related, some of which is still being formatted before I upload it, more to come.

CSSManager is a tool to simplify suspending and activating services in a Cisco CSS load balancer. It adds a couple of features like the ability to "lock out" a server and to add comments to a suspended machine to give context for its suspension. More features to come.

CSSPump A tool to display at a click the state of all services on a Cisco CSS 11000 series load balancer. It reads the comments set by the CSSManager above and adds them to the display of active/down/suspended servers.

OpenSWAN to PIX VPN. How to configure FreeS/WAN (Now Openswan) on Linux and a Cisco PIX as endpoints for a 3DES IPSEC VPN.

[music | Bauhaus - Dark Entries (Live)]

This is the first of a few tools I have to release in the coming couple of weeks, mainly involving Cisco's CSS product. The purpose of me writing them is that Cisco's web interface to the CSS is both a terrible user experience and has shown itself to be vulnerable to trivial attacks in the past (in a security sense). I don't want to run the web gui on my CSS's, and most of our admins were terrified of the command line. So I wrote a bunch of tools to help do their jobs, without the possibility of screwing up the load balancers.