NRW.social

0 Beiträge0 Beteiligte0 Beiträge heute

Thomas LiskeDas Wetter ist hier so lala: statt eines schönen Landregens ist alles nur grau bewölkt 🤪 … also gute Gelegenheit meinen CLT Vortrag nachzuarbeiten:Ihr findet neben der Aufzeichnung jetzt auch die Folien als PDF: <a href="https://chemnitzer.linux-tage.de/2025/de/programm/beitrag/306" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://chemnitzer.linux-tage.de/2025/de/programm/beitrag/306</a>Wer sich für die Demos interessiert findet hier die Quellen für das Ansible Deployment: <a href="https://codeberg.org/liske/clt2025-liske-firewalls" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://codeberg.org/liske/clt2025-liske-firewalls</a>(Bei <a href="https://mastodon.social/@clt_news" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@clt_news</a> ist wohl auch schlechtes Wetter, die Folien wurden innerhalb von 15min verlinkt 😅 - Danke! 🙏 )<a href="https://ibh.social/tags/clt2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#clt2025</a> <a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> <a href="https://ibh.social/tags/ifstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ifstate</a>

Thomas Liske<a href="https://ibh.social/tags/ifstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ifstate</a> 1.13.4 was released: <a href="https://codeberg.org/liske/ifstate/releases/tag/1.13.4" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://codeberg.org/liske/ifstate/releases/tag/1.13.4</a>(already available in <a href="https://fosstodon.org/@alpinelinux" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@alpinelinux</a> edge + 3.21 + 3.20 + 3.19 and in <a href="https://c3d2.social/@m4rc3l" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@m4rc3l</a>'s Nix flake <a href="https://codeberg.org/m4rc3l/ifstate.nix" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://codeberg.org/m4rc3l/ifstate.nix</a>)This maintenance release includes a single fix for the configuration of sysctl settings. The bug prevented ifstate from changing more than a single sysctl setting at a time. 🤦 <a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a>

Thomas LiskeMein Vortrag von den <a href="https://ibh.social/tags/clt2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#clt2025</a> ist schon als Aufzeichnung verfügbar: <a href="https://media.ccc.de/v/clt25-306-firewalls-mandantenfahig-redundant-deklarativ" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://media.ccc.de/v/clt25-306-firewalls-mandantenfahig-redundant-deklarativ</a>Vielen Dank an alle die zugeschaut haben/es sich ggf. noch anschauen werden. Ich hoffe es hat euch ein paar neue Einblicke gegeben. Mir hat es wieder sehr viel Spaß gemacht. 🤗 Und großen Dank an das Team der <a href="https://mastodon.social/@clt_news" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@clt_news</a> und das <a href="https://chaos.social/@c3voc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@c3voc</a> 🙏 <a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> <a href="https://ibh.social/tags/ifstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ifstate</a> <a href="https://ibh.social/tags/nftables" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nftables</a>

OSTechNixHow To Check And Secure Open Ports In Linux <a href="https://floss.social/tags/Linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linuxnetworking</a> <a href="https://floss.social/tags/Linuxsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linuxsecurity</a> <a href="https://floss.social/tags/Linuxadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linuxadmin</a> <a href="https://floss.social/tags/Linuxhowto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linuxhowto</a> <a href="https://floss.social/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://floss.social/tags/netstat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#netstat</a> <a href="https://floss.social/tags/ss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ss</a> <a href="https://floss.social/tags/firewalld" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#firewalld</a> <a href="https://floss.social/tags/iptables" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iptables</a> <a href="https://floss.social/tags/nmap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nmap</a> <a href="https://floss.social/tags/lsof" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lsof</a> <a href="https://ostechnix.com/check-and-secure-open-ports-in-linux/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ostechnix.com/check-and-secure-open-ports-in-linux/</a>

Thomas LiskeI wonder how DSA network interfaces can be distinguished reliable. The port interfaces can be easily identified by the phys_port_name IFLA, but what is about the master interfaces?I've access to a SoC which has a `dsa` and `eth0` interface (besides 4 port ifaces). Both have the same driver, the same businfo and the same mac address. How can they be distinguished at all, even if they have been renamed or moved into a netns?Any ideas?<a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> <a href="https://ibh.social/tags/ifstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ifstate</a> <a href="https://ibh.social/tags/DSA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DSA</a> <a href="https://ibh.social/tags/netlink" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#netlink</a> <a href="https://ibh.social/tags/iproute2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iproute2</a>

Thomas Liske<a href="https://ibh.social/tags/TIL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TIL</a> sysctl net.ipv4.conf.all.promote_secondariesWhen enabled (it is not by default) one can remove the primary (read: first assigned) ipv4 address of an interface w/o removing all other assigned ipv4 addresses. This may help when you need to renumber remotely… (…and do not have some declarative network configuration tool like <a href="https://ibh.social/tags/ifstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ifstate</a> ;-)<a href="https://sysctl-explorer.net/net/ipv4/promote_secondaries/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://sysctl-explorer.net/net/ipv4/promote_secondaries/</a><a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> <a href="https://ibh.social/tags/IPLegacyProblem" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IPLegacyProblem</a>

KadinAm I correct in thinking that <a href="https://mastodon.sdf.org/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ubuntu</a>'s default networking configuration, for a non-server install, uses both <a href="https://mastodon.sdf.org/tags/NetworkManager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetworkManager</a> for network configuration management and <a href="https://mastodon.sdf.org/tags/Systemd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Systemd</a> Resolved as a local stub DNS resolver?Because that's how my workstation apparently works, and I don't remember doing anything to configure it that way explicitly.And what an unholy fucking mess.<a href="https://mastodon.sdf.org/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://mastodon.sdf.org/tags/LinuxNetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxNetworking</a>

Thomas Liske<a href="https://ibh.social/tags/TIL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TIL</a> routes on Linux can have two different netlink attributes (NLA) for the next-hop: RTA_GATEWAY and RTA_VIA. The latter is set when a NLRI from another address family is used, only.(And luckily nobody uses net-tools anymore: the old route command just ignores the RTA_VIA NLA and the route looks like a connected one 🤷)…<a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> <a href="https://ibh.social/tags/routing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#routing</a> <a href="https://ibh.social/tags/netlink" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#netlink</a>

Dresden Internet ExchangeWe've just published our latest article in our "IXP from Scratch" series on <a href="https://mastodon.social/@ripencc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ripencc</a> Labs! Dive into how we designed the network and security infrastructure at DD-IX. From choosing MicroVMs (<a href="https://c3d2.social/@astro" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@astro</a>) on <a href="https://chaos.social/@nixos_org" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nixos_org</a> and <a href="https://fosstodon.org/@alpinelinux" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@alpinelinux</a> to navigating the challenges of IPv6-only networks. Learn about our services and the thought process behind each decision.<a href="https://labs.ripe.net/author/liske/ixp-from-scratch-network-and-security-design/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://labs.ripe.net/author/liske/ixp-from-scratch-network-and-security-design/</a><a href="https://dresden.network/tags/Networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Networking</a> <a href="https://dresden.network/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://dresden.network/tags/IXP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IXP</a> <a href="https://dresden.network/tags/IPv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IPv6</a> <a href="https://dresden.network/tags/DDIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDIX</a> <a href="https://dresden.network/tags/Dresden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Dresden</a> <a href="https://dresden.network/tags/LinuxNetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxNetworking</a> <a href="https://dresden.network/tags/AlpineLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlpineLinux</a> <a href="https://dresden.network/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NixOS</a>

OSTechNixDisable IPv6 in Linux: A Step-by-Step Guide <a href="https://floss.social/tags/ipv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ipv6</a> <a href="https://floss.social/tags/internetprotocol" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#internetprotocol</a> <a href="https://floss.social/tags/disableipv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#disableipv6</a> <a href="https://floss.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://floss.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> <a href="https://floss.social/tags/linuxadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxadmin</a> <a href="https://floss.social/tags/linuxcommands" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxcommands</a> <a href="https://floss.social/tags/linuxhowto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxhowto</a> <a href="https://ostechnix.com/disable-ipv6-in-linux/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ostechnix.com/disable-ipv6-in-linux/</a>

Thomas Liskeifstate 1.9.0 has been released: <a href="https://github.com/liske/ifstate/releases/tag/1.9.0" rel="nofollow noopener noreferrer" target="_blank">https://github.com/liske/ifstate/releases/tag/1.9.0</a>This version adds netns superpowers! 💪 All features can now be used in network namespaces and the master and link options got netns support. For example, it is now possible to attach (|ip|mac)vlan sub-interfaces across network namespace boundaries.<a href="https://ibh.social/tags/ifstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ifstate</a> <a href="https://ibh.social/tags/release" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#release</a> <a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a>

Elias ProbstGiving up for today trying to get <a href="https://mastodon.social/tags/8021x" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#8021x</a> (via ethernet, only using credentials, no certificates) working on <a href="https://mastodon.social/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NixOS</a> using <a href="https://mastodon.social/tags/wpa_suplicant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wpa_suplicant</a> and <a href="https://mastodon.social/tags/NetworkManager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetworkManager</a> authing against a <a href="https://mastodon.social/tags/UniFi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UniFi</a> infrastructure...The debug output from both, NetworkManager, and (especially) wpa_supplicant is quite useless in this regard, as it focuses on technical mumble-jumble that might be useful to someone knees-deep into <a href="https://mastodon.social/tags/RADIUS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RADIUS</a>, but helps zero when it comes to a regular admin trying to get this working.<a href="https://mastodon.social/tags/LinuxNetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxNetworking</a>

Thomas Liskeifstate 1.8.1 has been released: <a href="https://github.com/liske/ifstate/releases/tag/1.8.1" rel="nofollow noopener noreferrer" target="_blank">https://github.com/liske/ifstate/releases/tag/1.8.1</a>This release contains many (critical) bugfixes. I had two recent incidents where routers booted without a network config due to these bugs in ifstate 😖 <a href="https://ibh.social/tags/ifstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ifstate</a> <a href="https://ibh.social/tags/release" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#release</a> <a href="https://ibh.social/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> <a href="https://ibh.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a>

ChrisAnyone out there have <a href="https://fosstodon.org/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> experience on <a href="https://fosstodon.org/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> machines. Needing to get <a href="https://fosstodon.org/tags/RockyLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RockyLinux</a> talking to a windows domain controller and mount an smb share... or looking for other <a href="https://fosstodon.org/tags/linuxnetworking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxnetworking</a> solutions/suggestions.

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#linuxnetworking