New Qt releases possibly restricted to paying customers for 12 months
https://www.osnews.com/story/131646/new-qt-releases-possibly-restricted-to-paying-customers-for-12-months-kde-not-particularly-happy/
https://redd.it/fzf73z
@r_linux
https://www.osnews.com/story/131646/new-qt-releases-possibly-restricted-to-paying-customers-for-12-months-kde-not-particularly-happy/
https://redd.it/fzf73z
@r_linux
reddit
New Qt releases possibly restricted to paying customers for 12 months
Posted in r/linux by u/SubstantialFlamingo5 • 7 points and 6 comments
Persistent L2ARC has been added to OpenZFS
https://github.com/openzfs/zfs/pull/9582
https://redd.it/fzko1y
@r_linux
https://github.com/openzfs/zfs/pull/9582
https://redd.it/fzko1y
@r_linux
GitHub
Persistent L2ARC by gamanakis · Pull Request #9582 · openzfs/zfs
This commit makes the L2ARC persistent across reboots. It is
based on issue 3525 in Illumos by Saso Kiselkov, which was later
ported by Yuxuan Shui to zfsonlinux (#2672) with modifications by
Jorge...
based on issue 3525 in Illumos by Saso Kiselkov, which was later
ported by Yuxuan Shui to zfsonlinux (#2672) with modifications by
Jorge...
That day when I tried to flash my AMD VBIOS in Linux
https://andrealmeid.com/post/2020-04-10-vbios/
https://redd.it/fzd0qz
@r_linux
https://andrealmeid.com/post/2020-04-10-vbios/
https://redd.it/fzd0qz
@r_linux
reddit
That day when I tried to flash my AMD VBIOS in Linux
Posted in r/linux by u/andrealmeid • 11 points and 2 comments
IPTables GeoFilter + banned_hosts using ipset
I have over the course of a couple of weeks come up with a good geofiler noscript that will also cycle in IP addresses that snoop your interfaces for know services and add them to an ipset drop list.
I start off in my firewall noscript with creating new ipset kernel lists so that when my firewall noscript is run the tables are created in the kernel so that rules can be set using them.
ipset -N china hash:net
ipset -N india hash:net
ipset -N iran hash:net
ipset -N russia hash:net
ipset -N korea hash:net
ipset -N banned_hosts iphash
Then I create the iptables statements to incorporate the ipset kernel lists.
iptables -A INPUT -m set --match-set china src -j DROP
iptables -A INPUT -m set --match-set india src -j DROP
iptables -A INPUT -m set --match-set iran src -j DROP
iptables -A INPUT -m set --match-set russia src -j DROP
iptables -A INPUT -m set --match-set korea src -j DROP
Then I create a rule set to add snoopers to the banned\_hosts ipset kernel list. I have offset my ssh service to an obscure port number, and **It should be noted that I do NOT run an SMTP, WEB or SECURE WEB server on this host.** So any IP looking for such services is considered a snooper and has no business talking to my external interface.
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 22 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 25 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 80 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 443 -j SET --add-set banned_hosts src
iptables -A INPUT -m set --match-set banned_hosts src -j DROP
I have put together a noscript that refreshes the ipset kernel lists and writes out the banned\_hosts for permanent inclusion to the banned\_hosts kernel list. I call this noscript /home/fw/geofilter.sh.
# Export the banned_hosts list to a file.
ipset list banned_hosts -file /home/fw/banned_hosts.exam
# Strip the first 8 lines of exported banned_hosts.
sed -e '1,8d' banned_hosts.exam >banned_hosts.log
# Flush the ipset lists
ipset -F
# remove any old list that might exist from previous runs of this noscript
rm *-aggregated.zone
# Pull the latest IP set for geofilter
wget https://www.ipdeny.com/ipblocks/data/aggregated/cn-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/in-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ir-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kp-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kr-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ru-aggregated.zone
# Add each IP address from the downloaded list into the ipset
for i in $(cat cn-aggregated.zone ); do ipset -A china $i; done
for i in $(cat in-aggregated.zone ); do ipset -A india $i; done
for i in $(cat ir-aggregated.zone ); do ipset -A iran $i; done
for i in $(cat ru-aggregated.zone ); do ipset -A russia $i; done
for i in $(cat k*-aggregated.zone ); do ipset -A korea $i; done
for h in $(cat banned_hosts.log ); do ipset -A banned_hosts $h; done
# Restore iptables
/home/fw/firewall.sh
Call the geofilter.sh from a crontab.
00 4 * * * cd /home/fw/ && sudo ./geofilter.sh >/dev/null
Create a tmux session (alternative to screen) to watch the traffic counters in iptables. /home/fw/watchfirewall.sh
tmux new -d -s watch "sudo watch -d -n 2 iptables -nvL"
run the [watchfirewall.sh](https://watchfirewall.sh) noscript.
fw@host:/home/fw# ./watchfirewall.sh
Attach to the tmux session to watch the firewall chain incrementation.
tmux attach -t watch
https://redd.it/fzk48s
@r_linux
I have over the course of a couple of weeks come up with a good geofiler noscript that will also cycle in IP addresses that snoop your interfaces for know services and add them to an ipset drop list.
I start off in my firewall noscript with creating new ipset kernel lists so that when my firewall noscript is run the tables are created in the kernel so that rules can be set using them.
ipset -N china hash:net
ipset -N india hash:net
ipset -N iran hash:net
ipset -N russia hash:net
ipset -N korea hash:net
ipset -N banned_hosts iphash
Then I create the iptables statements to incorporate the ipset kernel lists.
iptables -A INPUT -m set --match-set china src -j DROP
iptables -A INPUT -m set --match-set india src -j DROP
iptables -A INPUT -m set --match-set iran src -j DROP
iptables -A INPUT -m set --match-set russia src -j DROP
iptables -A INPUT -m set --match-set korea src -j DROP
Then I create a rule set to add snoopers to the banned\_hosts ipset kernel list. I have offset my ssh service to an obscure port number, and **It should be noted that I do NOT run an SMTP, WEB or SECURE WEB server on this host.** So any IP looking for such services is considered a snooper and has no business talking to my external interface.
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 22 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 25 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 80 -j SET --add-set banned_hosts src
iptables -A INPUT -i $UNTRUSTED -p tcp --dport 443 -j SET --add-set banned_hosts src
iptables -A INPUT -m set --match-set banned_hosts src -j DROP
I have put together a noscript that refreshes the ipset kernel lists and writes out the banned\_hosts for permanent inclusion to the banned\_hosts kernel list. I call this noscript /home/fw/geofilter.sh.
# Export the banned_hosts list to a file.
ipset list banned_hosts -file /home/fw/banned_hosts.exam
# Strip the first 8 lines of exported banned_hosts.
sed -e '1,8d' banned_hosts.exam >banned_hosts.log
# Flush the ipset lists
ipset -F
# remove any old list that might exist from previous runs of this noscript
rm *-aggregated.zone
# Pull the latest IP set for geofilter
wget https://www.ipdeny.com/ipblocks/data/aggregated/cn-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/in-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ir-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kp-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/kr-aggregated.zone
wget https://www.ipdeny.com/ipblocks/data/aggregated/ru-aggregated.zone
# Add each IP address from the downloaded list into the ipset
for i in $(cat cn-aggregated.zone ); do ipset -A china $i; done
for i in $(cat in-aggregated.zone ); do ipset -A india $i; done
for i in $(cat ir-aggregated.zone ); do ipset -A iran $i; done
for i in $(cat ru-aggregated.zone ); do ipset -A russia $i; done
for i in $(cat k*-aggregated.zone ); do ipset -A korea $i; done
for h in $(cat banned_hosts.log ); do ipset -A banned_hosts $h; done
# Restore iptables
/home/fw/firewall.sh
Call the geofilter.sh from a crontab.
00 4 * * * cd /home/fw/ && sudo ./geofilter.sh >/dev/null
Create a tmux session (alternative to screen) to watch the traffic counters in iptables. /home/fw/watchfirewall.sh
tmux new -d -s watch "sudo watch -d -n 2 iptables -nvL"
run the [watchfirewall.sh](https://watchfirewall.sh) noscript.
fw@host:/home/fw# ./watchfirewall.sh
Attach to the tmux session to watch the firewall chain incrementation.
tmux attach -t watch
https://redd.it/fzk48s
@r_linux
What are some of the most epic moments in Linux history?
Lately while browsing through Linux related subs I find comments mentioning old wars in Linux history. So I was meaning to ask, what are some epic moments in Linux history that were forgotten or that just happened in the background but still had a great impact over the industry?
https://redd.it/fzrjxd
@r_linux
Lately while browsing through Linux related subs I find comments mentioning old wars in Linux history. So I was meaning to ask, what are some epic moments in Linux history that were forgotten or that just happened in the background but still had a great impact over the industry?
https://redd.it/fzrjxd
@r_linux
reddit
What are some of the most epic moments in Linux history?
Lately while browsing through Linux related subs I find comments mentioning old wars in Linux history. So I was meaning to ask, what are some...
Tips for those who want to start contributing with linux.
Hello guys!
I'm a software developer and I've been use linux for 9 years. Now, I want to know some tips to start help the linux community, such tools, what level of knowledge in hardware and software are needed.
If you remember some cool, or critical project (In need of more developers) that want some help, let us know and post a comment.
Books and links to get started are welcome!
And not forget \#stayhome
https://redd.it/fzrr3d
@r_linux
Hello guys!
I'm a software developer and I've been use linux for 9 years. Now, I want to know some tips to start help the linux community, such tools, what level of knowledge in hardware and software are needed.
If you remember some cool, or critical project (In need of more developers) that want some help, let us know and post a comment.
Books and links to get started are welcome!
And not forget \#stayhome
https://redd.it/fzrr3d
@r_linux
reddit
Tips for those who want to start contributing with linux.
Hello guys! I'm a software developer and I've been use linux for 9 years. Now, I want to know some tips to start help the linux community, such...
First Distro
My first distro. I remember back the I could not figure out why Doom or was it Duke Nukem would not load on the computer. Little did I know then that Linux was not the same as Windows.
https://preview.redd.it/lzcp2bb9tbs41.jpg?width=1600&format=pjpg&auto=webp&s=0d4afacac1d79f80928f10063c6ff174f7ecfbab
https://redd.it/fzr5j7
@r_linux
My first distro. I remember back the I could not figure out why Doom or was it Duke Nukem would not load on the computer. Little did I know then that Linux was not the same as Windows.
https://preview.redd.it/lzcp2bb9tbs41.jpg?width=1600&format=pjpg&auto=webp&s=0d4afacac1d79f80928f10063c6ff174f7ecfbab
https://redd.it/fzr5j7
@r_linux
Kernel Level Anti Cheat (EAC or /dev/null) potential solutions
Firstly, I wanted to originally post on /r/linux_gaming , but I thought that since this was more about software development, it was better to post here.
I'm speaking as a bit of a noob in terms of kernel level and wine programming, but I'm quite frankly frustrated with the lack of communication from part of devs from EAC regarding Wine compatibility, so I ask you this:
How realistic is the possibility of a solution being worked on from Wine to this problem?
I'm not asking whether Codeweavers is working on fixing this, just hypothetically if it could even be accomplished. If so, what would be the steps to overcoming this barrier.
If this is in the wrong sub, I apologize.
https://redd.it/fzuc14
@r_linux
Firstly, I wanted to originally post on /r/linux_gaming , but I thought that since this was more about software development, it was better to post here.
I'm speaking as a bit of a noob in terms of kernel level and wine programming, but I'm quite frankly frustrated with the lack of communication from part of devs from EAC regarding Wine compatibility, so I ask you this:
How realistic is the possibility of a solution being worked on from Wine to this problem?
I'm not asking whether Codeweavers is working on fixing this, just hypothetically if it could even be accomplished. If so, what would be the steps to overcoming this barrier.
If this is in the wrong sub, I apologize.
https://redd.it/fzuc14
@r_linux
reddit
Kernel Level Anti Cheat (EAC or /dev/null) potential solutions
Firstly, I wanted to originally post on /r/linux_gaming , but I thought that since this was more about software development, it was better to post...
cron.weekly issue #129: http3, brim, pagure, mosh, git & more
https://ma.ttias.be/cronweekly/issue-129/
https://redd.it/fztgk1
@r_linux
https://ma.ttias.be/cronweekly/issue-129/
https://redd.it/fztgk1
@r_linux
ma.ttias.be
cron.weekly issue #129: http3, brim, pagure, mosh, git & more
Hi everyone! 👋
Welcome to cron.weekly issue #129.
I’ve been exploring HTTP/3 some more last week, so you’ll find a couple of HTTP/3 references lower in here.
Welcome to cron.weekly issue #129.
I’ve been exploring HTTP/3 some more last week, so you’ll find a couple of HTTP/3 references lower in here.
Faking your webcam background under Linux
https://github.com/fangfufu/Linux-Background-Blur-Webcam/
https://redd.it/fzxct4
@r_linux
https://github.com/fangfufu/Linux-Background-Blur-Webcam/
https://redd.it/fzxct4
@r_linux
GitHub
fangfufu/Linux-Fake-Background-Webcam
Faking your webcam background under GNU/Linux, now supports animated background and hologram - fangfufu/Linux-Fake-Background-Webcam
Multi "Device Not Managed" error on create_ap tool.
When I start create\_ap using
`systemctl start create_ap`
after configured the `/etc/create_ap.conf` file.
I get this :
​
https://preview.redd.it/gvhh81qwmes41.png?width=363&format=png&auto=webp&s=10e5752aee68c42cc545062df8984ded459ec790
And my phone has no interent connection even though it's connected to AP created.
PS: I'm using Arch.
https://redd.it/fzyk4p
@r_linux
When I start create\_ap using
`systemctl start create_ap`
after configured the `/etc/create_ap.conf` file.
I get this :
​
https://preview.redd.it/gvhh81qwmes41.png?width=363&format=png&auto=webp&s=10e5752aee68c42cc545062df8984ded459ec790
And my phone has no interent connection even though it's connected to AP created.
PS: I'm using Arch.
https://redd.it/fzyk4p
@r_linux
This week in KDE: Libinput scroll speed, Dolphin remote access improvements, and more
https://pointieststick.com/2020/04/11/this-week-in-kde-libinput-scroll-speed-dolphin-remote-access-improvements-and-more/
https://redd.it/fzz7lk
@r_linux
https://pointieststick.com/2020/04/11/this-week-in-kde-libinput-scroll-speed-dolphin-remote-access-improvements-and-more/
https://redd.it/fzz7lk
@r_linux
Adventures in Linux and KDE
This week in KDE: Libinput scroll speed, Dolphin remote access improvements, and more
This week’s update includes an eclectic collection of bugfixes and new features, some of them quite annoying or longstanding–such as being able to use Dolphin’s terminal panel on …
Just installed antiX on my dad's laptop. Now I am paranoic. What are these bookmarks?
https://redd.it/g01v02
@r_linux
https://redd.it/g01v02
@r_linux