Got these CDs nearly 10 years back with my first ever Linux magazine purchase
https://redd.it/fzax84
@r_linux
https://redd.it/fzax84
@r_linux
I recently found some relics while doing a bit of house cleaning... [Album]
https://imgur.com/a/kRGKyfY
https://redd.it/fzg7c7
@r_linux
https://imgur.com/a/kRGKyfY
https://redd.it/fzg7c7
@r_linux
Imgur
I recently found some relics while doing a bit of house cleaning... [Album]
Post with 41 views. I recently found some relics while doing a bit of house cleaning... [Album]
waybind: Dead simple remapper for wayland based on uinput
https://github.com/arnarg/waybind
https://redd.it/fzc1bg
@r_linux
https://github.com/arnarg/waybind
https://redd.it/fzc1bg
@r_linux
GitHub
GitHub - arnarg/waybind: Dead simple keyboard remapper for wayland based on uinput
Dead simple keyboard remapper for wayland based on uinput - GitHub - arnarg/waybind: Dead simple keyboard remapper for wayland based on uinput
New Qt releases possibly restricted to paying customers for 12 months
https://www.osnews.com/story/131646/new-qt-releases-possibly-restricted-to-paying-customers-for-12-months-kde-not-particularly-happy/
https://redd.it/fzf73z
@r_linux
https://www.osnews.com/story/131646/new-qt-releases-possibly-restricted-to-paying-customers-for-12-months-kde-not-particularly-happy/
https://redd.it/fzf73z
@r_linux
reddit
New Qt releases possibly restricted to paying customers for 12 months
Posted in r/linux by u/SubstantialFlamingo5 • 7 points and 6 comments
Persistent L2ARC has been added to OpenZFS
https://github.com/openzfs/zfs/pull/9582
https://redd.it/fzko1y
@r_linux
https://github.com/openzfs/zfs/pull/9582
https://redd.it/fzko1y
@r_linux
GitHub
Persistent L2ARC by gamanakis · Pull Request #9582 · openzfs/zfs
This commit makes the L2ARC persistent across reboots. It is
based on issue 3525 in Illumos by Saso Kiselkov, which was later
ported by Yuxuan Shui to zfsonlinux (#2672) with modifications by
Jorge...
based on issue 3525 in Illumos by Saso Kiselkov, which was later
ported by Yuxuan Shui to zfsonlinux (#2672) with modifications by
Jorge...
That day when I tried to flash my AMD VBIOS in Linux
https://andrealmeid.com/post/2020-04-10-vbios/
https://redd.it/fzd0qz
@r_linux
https://andrealmeid.com/post/2020-04-10-vbios/
https://redd.it/fzd0qz
@r_linux
reddit
That day when I tried to flash my AMD VBIOS in Linux
Posted in r/linux by u/andrealmeid • 11 points and 2 comments
IPTables GeoFilter + banned_hosts using ipset
I have over the course of a couple of weeks come up with a good geofiler noscript that will also cycle in IP addresses that snoop your interfaces for know services and add them to an ipset drop list.
I start off in my firewall noscript with creating new ipset kernel lists so that when my firewall noscript is run the tables are created in the kernel so that rules can be set using them.
ipset -N china hash:net
ipset -N india hash:net
ipset -N iran hash:net
ipset -N russia hash:net
ipset -N korea hash:net
ipset -N banned_hosts iphash
Then I create the iptables statements to incorporate the ipset kernel lists.
iptables -A INPUT -m set --match-set china src -j DROP
iptables -A INPUT -m set --match-set india src -j DROP
iptables -A INPUT -m set --match-set iran src -j DROP
iptables -A INPUT -m set --match-set russia src -j DROP
iptables -A INPUT -m set --match-set korea src -j DROP
Then I create a rule set to add snoopers to the banned\_hosts ipset kernel list. I have offset my ssh service to an obscure port number, and **It should be noted that I do NOT run an SMTP, WEB or SECURE WEB server on this host.** So any IP looking for such services is considered a snooper and has no business talking to my external interface.
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 22 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 25 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 80 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 443 -j SET --add-set banned_hosts src
iptables -A INPUT -m set --match-set banned_hosts src -j DROP
I have put together a noscript that refreshes the ipset kernel lists and writes out the banned\_hosts for permanent inclusion to the banned\_hosts kernel list. I call this noscript /home/fw/geofilter.sh.
# Export the banned_hosts list to a file.
ipset list banned_hosts -file /home/fw/banned_hosts.exam
# Strip the first 8 lines of exported banned_hosts.
sed -e '1,8d' banned_hosts.exam >banned_hosts.log
# Flush the ipset lists
ipset -F
# remove any old list that might exist from previous runs of this noscript
rm *-aggregated.zone
# Pull the latest IP set for geofilter
wget https://www.ipdeny.com/ipblocks/data/aggregated/cn-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/in-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ir-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kp-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kr-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ru-aggregated.zone
# Add each IP address from the downloaded list into the ipset
for i in $(cat cn-aggregated.zone ); do ipset -A china $i; done
for i in $(cat in-aggregated.zone ); do ipset -A india $i; done
for i in $(cat ir-aggregated.zone ); do ipset -A iran $i; done
for i in $(cat ru-aggregated.zone ); do ipset -A russia $i; done
for i in $(cat k*-aggregated.zone ); do ipset -A korea $i; done
for h in $(cat banned_hosts.log ); do ipset -A banned_hosts $h; done
# Restore iptables
/home/fw/firewall.sh
Call the geofilter.sh from a crontab.
00 4 * * * cd /home/fw/ && sudo ./geofilter.sh >/dev/null
Create a tmux session (alternative to screen) to watch the traffic counters in iptables. /home/fw/watchfirewall.sh
tmux new -d -s watch "sudo watch -d -n 2 iptables -nvL"
run the [watchfirewall.sh](https://watchfirewall.sh) noscript.
fw@host:/home/fw# ./watchfirewall.sh
Attach to the tmux session to watch the firewall chain incrementation.
tmux attach -t watch
https://redd.it/fzk48s
@r_linux
I have over the course of a couple of weeks come up with a good geofiler noscript that will also cycle in IP addresses that snoop your interfaces for know services and add them to an ipset drop list.
I start off in my firewall noscript with creating new ipset kernel lists so that when my firewall noscript is run the tables are created in the kernel so that rules can be set using them.
ipset -N china hash:net
ipset -N india hash:net
ipset -N iran hash:net
ipset -N russia hash:net
ipset -N korea hash:net
ipset -N banned_hosts iphash
Then I create the iptables statements to incorporate the ipset kernel lists.
iptables -A INPUT -m set --match-set china src -j DROP
iptables -A INPUT -m set --match-set india src -j DROP
iptables -A INPUT -m set --match-set iran src -j DROP
iptables -A INPUT -m set --match-set russia src -j DROP
iptables -A INPUT -m set --match-set korea src -j DROP
Then I create a rule set to add snoopers to the banned\_hosts ipset kernel list. I have offset my ssh service to an obscure port number, and **It should be noted that I do NOT run an SMTP, WEB or SECURE WEB server on this host.** So any IP looking for such services is considered a snooper and has no business talking to my external interface.
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 22 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 25 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 80 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 443 -j SET --add-set banned_hosts src
iptables -A INPUT -m set --match-set banned_hosts src -j DROP
I have put together a noscript that refreshes the ipset kernel lists and writes out the banned\_hosts for permanent inclusion to the banned\_hosts kernel list. I call this noscript /home/fw/geofilter.sh.
# Export the banned_hosts list to a file.
ipset list banned_hosts -file /home/fw/banned_hosts.exam
# Strip the first 8 lines of exported banned_hosts.
sed -e '1,8d' banned_hosts.exam >banned_hosts.log
# Flush the ipset lists
ipset -F
# remove any old list that might exist from previous runs of this noscript
rm *-aggregated.zone
# Pull the latest IP set for geofilter
wget https://www.ipdeny.com/ipblocks/data/aggregated/cn-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/in-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ir-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kp-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kr-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ru-aggregated.zone
# Add each IP address from the downloaded list into the ipset
for i in $(cat cn-aggregated.zone ); do ipset -A china $i; done
for i in $(cat in-aggregated.zone ); do ipset -A india $i; done
for i in $(cat ir-aggregated.zone ); do ipset -A iran $i; done
for i in $(cat ru-aggregated.zone ); do ipset -A russia $i; done
for i in $(cat k*-aggregated.zone ); do ipset -A korea $i; done
for h in $(cat banned_hosts.log ); do ipset -A banned_hosts $h; done
# Restore iptables
/home/fw/firewall.sh
Call the geofilter.sh from a crontab.
00 4 * * * cd /home/fw/ && sudo ./geofilter.sh >/dev/null
Create a tmux session (alternative to screen) to watch the traffic counters in iptables. /home/fw/watchfirewall.sh
tmux new -d -s watch "sudo watch -d -n 2 iptables -nvL"
run the [watchfirewall.sh](https://watchfirewall.sh) noscript.
fw@host:/home/fw# ./watchfirewall.sh
Attach to the tmux session to watch the firewall chain incrementation.
tmux attach -t watch
https://redd.it/fzk48s
@r_linux
What are some of the most epic moments in Linux history?
Lately while browsing through Linux related subs I find comments mentioning old wars in Linux history. So I was meaning to ask, what are some epic moments in Linux history that were forgotten or that just happened in the background but still had a great impact over the industry?
https://redd.it/fzrjxd
@r_linux
Lately while browsing through Linux related subs I find comments mentioning old wars in Linux history. So I was meaning to ask, what are some epic moments in Linux history that were forgotten or that just happened in the background but still had a great impact over the industry?
https://redd.it/fzrjxd
@r_linux
reddit
What are some of the most epic moments in Linux history?
Lately while browsing through Linux related subs I find comments mentioning old wars in Linux history. So I was meaning to ask, what are some...