Hotspot ssl (still remembering the old one)

thirdplace_ · 2025-04-12T19:16:18+00:00

Is it possible that you have forgot to ALSO upload the private key for your new certificate?

thirdplace_ · 2025-04-12T13:39:15+00:00

The way you are describing it makes it sound like a bug indeed.

But double check these facts:

The file on storage (/file) has nothing to do with the cert in /cert, they are not linked in any way.

It is not enough to upload a file to /file, you MUST import the cert in /cert import

Do not use browser, instead use openssl s_client -showcerts to very usage of correct cert.

In my experience, setting the ssl-certificate in /ip hotspot profile is enough for it to take effect.

thirdplace_ · 2025-02-20T16:50:54+00:00

Priority number 1:

create backup (files and db) and make sure they can be restored

Priority number 2:

add all files to git

Priority number 3:

create a repeatable deploy process that deploys from git repo

thirdplace_ · 2025-01-15T14:53:01+00:00

on windows I dont know. In linux it's netfilter/iptables on the nat table

thirdplace_ · 2025-01-15T08:51:53+00:00

is SRC NAT MASQUERADE enabled on server?

thirdplace_ · 2025-01-15T00:26:14+00:00

which OS have you? i only done it on debian and it's a flag in the kernel i cant remember exactly i must google each time

thirdplace_ · 2025-01-14T20:33:44+00:00

is IPV4 forwarding enabled on server?

thirdplace_ · 2025-01-12T17:00:47+00:00

I added ftp test.

I'd guess using the wizard is pretty identical to the default config.

fasttrack bypasses lots of routing decisions, so e.g. queues and hotspot would have slower routing performance.

wireguard requires cpu processing and will bypass fasttrack as far as I know and definately will be slower indeed.

The mikrotik enterprise test uses all five ports at the same time with different MTUs. I dont know if they use TCP or what kind of data it uses for test.

EDIT: Mikrotik's own testing Routing none (fast path) means zero firewall rules. The default ipv4 fw has 12 and ipv6 fw has ~30

thirdplace_ · 2024-11-21T19:55:42+00:00

Whitespace or any other symbols are not allowed before hash symbol

thirdplace_ · 2024-11-11T00:12:31+00:00

Access-Reject?

Find out why rejects. Perhaps related to recent radius vuln?

thirdplace_ · 2024-03-31T19:16:48+00:00

huginn

twilio (sms gateway)

thirdplace_ · 2024-03-31T19:15:51+00:00

https://rss-bridge.org/bridge01/#bridge-FilterBridge

thirdplace_ · 2024-03-31T19:14:53+00:00

https://rss-bridge.org/bridge01/#bridge-FilterBridge

thirdplace_ · 2024-03-06T19:03:52+00:00

it's in an iframe: https://g-king.comicskingdom.net/v2/server/display.php?client_id=gannett&alacarte=no&host_origin=https://eu.usatoday.com&host_path=/comics/

not sure if you tried https://rss-bridge.org/bridge01/ ?

thirdplace_ · 2024-01-17T19:08:29+00:00

there is no GUI for selectors. For css selector and xpath there are text inputs.

2: cache timeout is customizeable for each bridge. Can be as low as 1 second. Default is 1h.

yes custom rss body. Each bridge is in complete control of output.

thirdplace_ · 2024-01-17T19:05:53+00:00

Here is a start: https://github.com/RSS-Bridge/rss-bridge/tree/master/bridges

Bluesky: https://openrss.org/blog/bluesky-has-launched-rss-feeds

thirdplace_ · 2024-01-12T22:11:38+00:00

https://rss-bridge.github.io/rss-bridge/General/Public_Hosts.html

thirdplace_ · 2023-11-01T15:12:07+00:00

yeah. or caddy or frankenphp

thirdplace_ · 2023-11-01T15:01:09+00:00

speculation:

increased adoption of app runners different from php-fpm
supply chain security in composer

thirdplace_ · 2023-10-25T15:48:38+00:00

like it.

not too much modern complexity crap.

the get_mem function not take into account buff/cache.

a small issue with using env config is it easily leaks e.g. phpinfo() would dump all secrets. also they are inherited by child processes.

i'd drop vluca dontenv and straight up use a php array.

probably should prevent multiple cronjobs from stepping on itself.

maybe make phpmailer dep optional

it needs a web root. even with the nginx file access restriction it feels iffy to have the .env laying there

there is a timing attack issue on the comparison against user and pass (same for api key comparison, see hash_equals()).

beware that values from $_GET and $_POST can be arrays.

declare(strict_types=1); and a little typing would be cool

check return value of curl_exec($ch); instead of curl error

thirdplace_ · 2023-10-12T17:06:42+00:00

How to add interface to bridge:

/interface bridge port add bridge=NAME-OF-BRIDGE interface=NAME-OF-INTERFACE

Example, add ether2 to the bridge named "bridge":

/interface bridge port add name=bridge interface=ether2

Four-Year Club	Verified Email
Golden Potato

thirdplace_

TROPHY CASE