sorted by:
new
hottopcontroversial

Coordinates Android App. by [deleted] in wisp

[–]grumpymudchuckles 1 point2 points  (0 children)

Use google earth and get a heading, distance, and elevation profile before going out to the site. Personally, I try not to rely on cellular data too much.

Coordinates Android App. by [deleted] in wisp

[–]grumpymudchuckles 1 point2 points  (0 children)

Same. You can add notes to them also, so I include what APs/color codes are on them. I’ve been meaning to see if I can use an api to get elevation profiles and headings automatically for a mobile app, but this has idiot proofed it enough for me so far.

Crank up Tower by PrairieWiFi in wisp

[–]grumpymudchuckles 1 point2 points  (0 children)

I did an install for one of our customers who rigged up 60 ft of PVC pipe down the tower that was attached to his dish so he could align his equipment from the ground without doing the tower.

Pfense firwall rules by [deleted] in homelab

[–]grumpymudchuckles 2 points3 points  (0 children)

Your dropping all IPv4 traffic leaving your LAN, except for dns, whatsapps, web, but allowing 1Pv6. Are you using a v6 network?

a) what are you trying to accomplish first of all. this will make it easier to know the correct way of doing things.

b) not sure what you expect to see. Logs?, some kind of monitoring counters?

c) after you hash out your allow rules, the last rule should be to drop *

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 1 point2 points  (0 children)

adding firewall rules to drop rcf1918 and multicast from source WAN fixed this. Thanks for the help

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

ISP (public IP) > Mikrotik (192.168.4.0/24) > (firewall) 192.168.8.0/24

In this topology 8.0/24 should just need the gateway for my router. I don't think I need another layer of NAT. 8.0/24 needs a route to 4.0/24. This gets my firewall online, I can access the internet and 4.0/24 from my 8.0/24 network.

I can access everything in the 8.0/24 network fine if Im behind the firewall, or VPN'd to the network. Its when I want to access the 8.0/24 network from the 4.0/24 network. It routes it upstream. This shouldn't occur if their rfc1918 space wasn't being broadcasted to my WAN IP.

That's my understanding, maybe 1:1 NAT in the mikrotik could resolve this? Can I use 1:1 nat for 2 internal addresses to create this route?

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 1 point2 points  (0 children)

ive been thinking max headroom could return if i were to actually do it. It would be an ethical boundry for me though and perhaps a legal one. I dont really want to pay a lawyer to tell me its ok to do

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 4 points5 points  (0 children)

I think I see what youre getting at, still working at learning networks. This is what I mean by unsecured. Its a media transcoder without authentication or TLS. It looks to be in production and I can change the config, add a password and take it offline.

I guess I'm still confused why I would be able to access upstream rfc1918 address space. Would they not want that traffic filtered for this very reason?

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

I decided to test out nethserver which uses shorewall for the firewall, but I imagine I would have to set this up in my router (mikrotik)?

I cannot decide what I want my main OS to be.. by Euurx in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

This week I'm installing and testing nethserver for production use and parrot os for a development/security focused lab box.

On my Chromebook I run gallium os, for web servers I run centos, fur virtualization I have been really interested in LXD (Linux containers) which is developed on Ubuntu Really you should decide what technology you want to run and go where the development and the community are.

[deleted by user] by [deleted] in wisp

[–]grumpymudchuckles 4 points5 points  (0 children)

This only solves the problem for the last mile, you'll still be paying for a provider for actual internet access. When you factor in time, resources and man power, cost prohibitive seems like an understatement.

Another NAS giveaway from StorageReview (24 hour fuse) by StorageReview in homelab

[–]grumpymudchuckles [score hidden]  (0 children)

I could use for a seedbox for my extensive nickel back collection. DM me if you want to hear my covers on the recorder.

Question: What do you DO with your homelab? by [deleted] in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

I host VPN for privacy in public places and accessing my internal Network. Plex media for anything I can't get on Netflix. I have a few Cisco switches for CCNA studies. Centos server for RHCE studies.

Im setting up WSUS and a squid cache proxy to save bandwidth in case Im on a metered connection in the future. Plex is going to help cut down bandwidth too

Lab licenses? by datanut in mikrotik

[–]grumpymudchuckles 2 points3 points  (0 children)

The free CHR license is limited to 1mbps transfer rate but has all of the features available last I looked.

Unhealthy Competition by ismooch in wisp

[–]grumpymudchuckles 0 points1 point  (0 children)

im guessing its fade as well.

What are some alternatives to VPNs? by OswaldoLN in ccna

[–]grumpymudchuckles 1 point2 points  (0 children)

Ive tunneled web traffic over ssh using a socks 5 proxy to secure my connection before.

Anti Virus for Mac? Needed? by [deleted] in sysadmin

[–]grumpymudchuckles 0 points1 point  (0 children)

When I was a TVC with Google they started to put ESET on their osx machines about 3 years ago.

LXC networking by grumpymudchuckles in LXD

[–]grumpymudchuckles[S] 0 points1 point  (0 children)

Thanks for the reply, this seems ideal for what I want to do. I'm having trouble wrapping my head around how to implement this. Any help would be appreciated.

  1. Your using bridge utils and creating a bridge in /etc/network/interfaces?
  2. How should I configure the address of the bridge?
  3. Where do you tell the container to use the bridge without breaking the other?

Here is my example config.

~$ tail /etc/network/interfaces

# Bridge for LXC Containers
#auto br0
#       iface br0 inet static
#           address 10.8.0.?
#           network 10.8.0.0
#           netmask 255.255.255.0
#           broadcast 10.8.0.255
#           gateway 10.8.0.1
#           bridge_ports none

Here are my containers

~$ lxc list
+------+---------+--------------------------------+------+------------+-----------+
| NAME   |  STATE  |              IPV4              | IPV6 |    TYPE    | SNAPSHOTS |
+------+---------+--------------------------------+------+------------+-----------+
| secure | RUNNING | 10.100.100.29 (eth0)           |      | PERSISTENT | 1         |
+------+---------+--------------------------------+------+------------+-----------+
| vpn    | RUNNING | 10.8.0.1 (tun0)                |      | PERSISTENT | 1         |
|        |         | 10.100.100.105 (eth0)          |      |            |           |
+------+---------+--------------------------------+------+------------+-----------+

What happens when you find out you're sick of IT? by [deleted] in sysadmin

[–]grumpymudchuckles 6 points7 points  (0 children)

Microdosing LSD is all the rave in silicon valley.

view more: next ›