You can use Yahoo!'s SSLized pop, imap amd smtp services if you register your account within specific geographical regions. For me Australia worked like a charm. If you know other regions for which Yahoo! offers SSLized pop3/imap/smtp, let me know by commenting to this post ;)
How to enable the services:
Showing posts with label bunny operator from heaven. Show all posts
Showing posts with label bunny operator from heaven. Show all posts
console autologin
have you ever been woke up in the mid of the night by a phone call, booted your computer and spent the next 20 minutes trying to type your 16 chars beautifully randomized password so you can get console access? cry no more. here's the malfunctioning mind's login program. with some more infos on launchpad
grub autoboot next
useful tip to deface a failed kernel upgrade and no console access situation: grub autoboot next
getting your proxy to work with iptables DNAT
here are some things you should consider when writing your DNAT rules for having some traffic forwarded to a transparent proxy that you wrote it, no matter what you do with the packets :)
getting the next available tcp port (freebsd only)
in doing some automated sysadmin tasks like ssh port forwarding you may need to dig at runtime for a free tcp port to use
linux huawei 3g modem ppp vodafone setup
when I bought this modem and the subscription from vodafone like a year ago the above mentioned dudes had no idea how to make it run under linux. they said they do tho. they had an entire dev team developing python guis that weren't working. thats tipical for corporates.
ipfw pf processing order
it depends on who hooks first into pfil framework and where it hooks.
the hooking:
ipfw hooks into pfil when the module is loaded
pf hooks into pfil when pf gets enabled via pfctl -e, not when the module is loaded
both are hooking into ip_output and ip_input. the pfil hooks are maintained in tailq lists and the order used with insertion is dependent on the direction where the hook is added.
both ipfw and pf have hooks for both input and output.
the input hooks are inserted in the head of tailq. the output hooks are inserted at the tail of tailq. this to maintain the order of hooks-calling in sync with the packet flow.
let's talk about hooking in ip_input:
when ipfw module gets kldload-ed, it hooks into pfil's tailq head with its input hook and into pfil's tailq tail with its output hook
when pf gets loaded, it doesn't hook yet
when pf gets enabled via pfctl -e, it hooks into pfil's tailq head with its input hook and into pfil's tailq tail with its output hook through an ioctl call.
at this moment, the order is:
if you kldunload the ipfw module and kldload it back the order will change:
by default, on a freshly installed freebsd system, the firewall startup sequence is the one mentioned just above:
ipfw gets enabled second so its input hook will be called first on input and last on output chain.
if you run this sequence of commands:
things will change backwards.
the hooking:
ipfw hooks into pfil when the module is loaded
pf hooks into pfil when pf gets enabled via pfctl -e, not when the module is loaded
both are hooking into ip_output and ip_input. the pfil hooks are maintained in tailq lists and the order used with insertion is dependent on the direction where the hook is added.
both ipfw and pf have hooks for both input and output.
the input hooks are inserted in the head of tailq. the output hooks are inserted at the tail of tailq. this to maintain the order of hooks-calling in sync with the packet flow.
let's talk about hooking in ip_input:
when ipfw module gets kldload-ed, it hooks into pfil's tailq head with its input hook and into pfil's tailq tail with its output hook
when pf gets loaded, it doesn't hook yet
when pf gets enabled via pfctl -e, it hooks into pfil's tailq head with its input hook and into pfil's tailq tail with its output hook through an ioctl call.
at this moment, the order is:
ip_input: pfil -> ipfw
ip_output: ipfw -> pfil
if you kldunload the ipfw module and kldload it back the order will change:
ip_input: ipfw -> pfil
ip_output: pfil -> ipfw
by default, on a freshly installed freebsd system, the firewall startup sequence is the one mentioned just above:
godel# rcorder /etc/rc.d/* | grep -nE '/i?pfw?$'
38:/etc/rc.d/pf
52:/etc/rc.d/ipfw
freebsd default packet filtering order:
- ip_input: ipfw -> pfil ->
- ip_output: pfil -> ipfw ->
 |
| FreeBSD default filtering sequence |
pf gets enabled first, with its input hook inserted into head and its output hook inserted into tail
if you run this sequence of commands:
pfctl -d
pfctl -e
things will change backwards.
NFS clients behind NAT routers
when trying to mount filesystems over NFS from NAT-ed machine (that is, a machine behind a NAT router) you have big chances to get the following error:
Subscribe to:
Comments (Atom)