Page MenuHomePhabricator

Asteroza (N/A)
User

Projects

User does not belong to any projects.

User Details

User Since
Mar 3 2016, 10:58 PM (171 w, 5 d)

Recent Activity

Apr 25 2019

Asteroza created T1353: Termshark • A terminal UI for tshark, inspired by Wireshark.
Apr 25 2019, 3:27 AM · VyOS 1.3 Equuleus, VyOS 1.2 Crux

Nov 5 2018

Asteroza added a comment to T962: Intel 520 card requires modprobe option when using non-Intel SFP.

I think Intel now even recommends using Brocade 1gigabit modules for SFP+ modules when needing to down grade a 10G port to gigabit now, since they no longer manufacture 1G modules, so this is bound to bite people. Perhaps default to adding the allow_unsupported_sfp=1 for the various intel drivers perhaps?

Nov 5 2018, 12:02 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc8)

Aug 8 2018

Asteroza added a comment to T427: Wireguard support.

Apparently Linus loves Wireguard as well now.

Aug 8 2018, 5:19 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)

Jun 29 2018

Asteroza added Q50: Any hope for DPDK? (Answer 207).
Jun 29 2018, 5:17 AM

Jun 27 2018

Asteroza created T718: add minor console monitoring utilities to base image (htop, bmon, iotop, atop).
Jun 27 2018, 6:29 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc4)

Jun 13 2018

Asteroza updated the task description for T694: netboot PXE/gPXE/iPXE support.
Jun 13 2018, 7:35 AM · VyOS 1.3 Equuleus
Asteroza added a comment to T692: TFTP server functionality.

Added a child feature request for iPXE.

Jun 13 2018, 7:11 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)
Asteroza added a parent task for T694: netboot PXE/gPXE/iPXE support: T692: TFTP server functionality.
Jun 13 2018, 7:09 AM · VyOS 1.3 Equuleus
Asteroza added a subtask for T692: TFTP server functionality: T694: netboot PXE/gPXE/iPXE support.
Jun 13 2018, 7:09 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)
Asteroza created T694: netboot PXE/gPXE/iPXE support.
Jun 13 2018, 7:08 AM · VyOS 1.3 Equuleus

Jun 12 2018

Asteroza added a comment to T692: TFTP server functionality.

If you are going to do this, then there's the related issue of whether or not to put in PXE/gPXE/iPXE related stuff to support netbooting things.

Jun 12 2018, 2:35 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)

May 28 2018

Asteroza added a comment to T427: Wireguard support.

Algo VPN, the premier personal IPSEC VPN distro is now preparing to bake in wireguard. Admittedly their distro is intended for disposable VPN VM's but they seem to think wireguard is is close to production ready. It seems they are moving to wireguard for android client connections.

May 28 2018, 11:52 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)

May 21 2018

Asteroza added a comment to T637: Replace tshark with tcpdump.

I wasn't sure if we were maintaining our own package or not. If we're pulling updates from Debian security updates directly, then I see no problem. The researcher is still collecting and analyzing the fuzzer run so no published reports as of yet.

May 21 2018, 12:38 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)

May 17 2018

Asteroza added a comment to T637: Replace tshark with tcpdump.

fair warning, there's a security research currently fuzzing tcpdump who has been finding some stack overflow bugs so expect a package update or two in the not so far future...

May 17 2018, 4:41 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)

Feb 9 2018

Asteroza added a comment to T380: Add system service fail2ban.

straight firewalling won't help if the logon attempts still come from a presumably trusted LAN. I like the idea of at least a temporary lockout to prevent mass attempts when someone is running a big password list, though the utility of this naturally drops if VyOS can be fingerprinted before the attempt and the instance runs with a default password, but that's a sysadmin problem.

Feb 9 2018, 4:08 AM · Invalid
Asteroza added a comment to Q132: Supported dynamic DNS providers.

How about

Feb 9 2018, 4:03 AM · Restricted Project, VyOS 1.2 Crux
Asteroza added a comment to T427: Wireguard support.

Q82 Wireguard?

Feb 9 2018, 3:52 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)

Nov 29 2017

Asteroza added a comment to V5: Should we keep web proxy functionality in base 1.2/1.3/2.0?.

I suppose I should also mention that I am also using a proxy PAC file hosted on the internal lighttpd instance as well over HTTP (again, can't use HTTPS due to certificate trust issues for unknown client PC's) which is important due to DHCP server URL designation of a PAC/WPAD file currently.

Nov 29 2017, 7:12 AM · VyOS 1.3 Equuleus, VyOS 1.2 Crux

Nov 27 2017

Asteroza created T478: Firewall address group (multi and nesting).
Nov 27 2017, 12:48 AM · VyOS 1.3 Equuleus
Asteroza added a comment to V5: Should we keep web proxy functionality in base 1.2/1.3/2.0?.

I do use squid in production, but without the hardcoded blacklists, rather my own local list only, and as an explicit proxy with a rejection message locally hosted as HTTP on the inbuilt lighttpd instance (can't serve HTTPS rejections because of certificate trust issues).

Nov 27 2017, 12:45 AM · VyOS 1.3 Equuleus, VyOS 1.2 Crux

Nov 23 2017

Asteroza asked Q115: OpenR for routing engine?.
Nov 23 2017, 3:38 AM · VyOS 2.0.x

Sep 15 2017

Asteroza added a comment to T379: UDP Broadcast Packet Relay.

This could be possibly used for targeted Wake-on-LAN packet relaying as well...

Sep 15 2017, 4:06 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)