Block spammers/abusive IPs with Pf-badhost in OpenBSD. A 'must have' security tool!
Pf-badhost is a very practical, robust, stable and lightweight security script for network servers.
https://www.undeadly.org/cgi?action=article;sid=20210119113425
#network #security
Pf-badhost is a very practical, robust, stable and lightweight security script for network servers.
https://www.undeadly.org/cgi?action=article;sid=20210119113425
#network #security
How To Setup Cloudflare Warp on OpenBSD.
Here we look at how to setup Cloudflare Warp on OpenBSD.
https://rodneylab.com/how-to-setup-cloudflare-warp-openbsd/
#wireguard #vpn #network
Here we look at how to setup Cloudflare Warp on OpenBSD.
https://rodneylab.com/how-to-setup-cloudflare-warp-openbsd/
#wireguard #vpn #network
Introducing veb(4) - a new Virtual Ethernet Bridge
In this commit, David Gwynne (dlg@) adds a new veb(4) driver to the tree. David's goal is to replace the old bridge(4) driver...
https://undeadly.org/cgi?action=article;sid=20210223111210
#network
In this commit, David Gwynne (dlg@) adds a new veb(4) driver to the tree. David's goal is to replace the old bridge(4) driver...
https://undeadly.org/cgi?action=article;sid=20210223111210
#network
pftable-rs
A small Rust library for managing pf tables on OpenBSD.
https://github.com/d3npa/pftables-rs
#pf #security #network
A small Rust library for managing pf tables on OpenBSD.
https://github.com/d3npa/pftables-rs
#pf #security #network
In this guide we're going to take a look at how we can use cheap and "low end" hardware to build an amazing OpenBSD router with firewalling capabilities, segmented local area networks, DNS with domain blocking, DHCP and more.
We will use a setup in which the router segments the local area network (LAN) into three separate networks, one for the grown-ups in the house, one for the children, and one for public facing servers (a DMZ), such as a private web server or mail server. We will also look at how we can use DNS to block out ads, porn, and other websites on the Internet. The OpenBSD router can also be used on small to mid-size offices.
https://openbsdrouterguide.net/
#hardware #system #network
We will use a setup in which the router segments the local area network (LAN) into three separate networks, one for the grown-ups in the house, one for the children, and one for public facing servers (a DMZ), such as a private web server or mail server. We will also look at how we can use DNS to block out ads, porn, and other websites on the Internet. The OpenBSD router can also be used on small to mid-size offices.
https://openbsdrouterguide.net/
#hardware #system #network
pfstat on OpenBSD: analyze stream on IPv4 and IPv6 through PF.
pfstat is a project made by Daniel Hartmeir to generate graphic statistiques about the network stream through the firewall PF.
https://framagit.org/sh-web/hugo/doc.huc.fr.eu.org/raw/master/content/en/monitor/pfstat-openbsd.md
#network #firewall #pf
pfstat is a project made by Daniel Hartmeir to generate graphic statistiques about the network stream through the firewall PF.
https://framagit.org/sh-web/hugo/doc.huc.fr.eu.org/raw/master/content/en/monitor/pfstat-openbsd.md
#network #firewall #pf
Fair Internet bandwidth management on a network using OpenBSD.
The point of this article is to explain how to use OpenBSD as a router on your network to allow the Internet access to be used fairly by devices on the network to guarantee everyone they will have at least a bit of Internet to continue working flawlessly.
I will use the queuing features from the OpenBSD firewall PF (Packet Filter) which relies on the CoDel network scheduler algorithm, which seems to bring all the features we need to do what we want.
https://dataswamp.org/~solene/2021-08-30-openbsd-qos-lan.html
#network #pf
The point of this article is to explain how to use OpenBSD as a router on your network to allow the Internet access to be used fairly by devices on the network to guarantee everyone they will have at least a bit of Internet to continue working flawlessly.
I will use the queuing features from the OpenBSD firewall PF (Packet Filter) which relies on the CoDel network scheduler algorithm, which seems to bring all the features we need to do what we want.
https://dataswamp.org/~solene/2021-08-30-openbsd-qos-lan.html
#network #pf
Full WireGuard setup with OpenBSD.
We want all our network traffic to through a WireGuard VPN tunnel automatically, both WireGuard client and server are running OpenBSD, how to do that? While I thought it was simple at first, it soon became clear that the "default" part of the problem was not easy to solve, fortunately there are solutions...
https://dataswamp.org/~solene/2021-10-09-openbsd-wireguard-exit.html
#vpn #wireguard #network
We want all our network traffic to through a WireGuard VPN tunnel automatically, both WireGuard client and server are running OpenBSD, how to do that? While I thought it was simple at first, it soon became clear that the "default" part of the problem was not easy to solve, fortunately there are solutions...
https://dataswamp.org/~solene/2021-10-09-openbsd-wireguard-exit.html
#vpn #wireguard #network
What are the VPN available on OpenBSD.
I wanted to write this text for some time, a list of VPN with encryption that can be used on OpenBSD. I really don't plan to write about all of them but I thought it was important to show the choices available when you want to create a VPN between two peers/sites.
https://dataswamp.org/~solene/2021-12-11-openbsd-vpn.html
#vpn #network
I wanted to write this text for some time, a list of VPN with encryption that can be used on OpenBSD. I really don't plan to write about all of them but I thought it was important to show the choices available when you want to create a VPN between two peers/sites.
https://dataswamp.org/~solene/2021-12-11-openbsd-vpn.html
#vpn #network