If you are having trouble resolving a domain name with an A record as an intranet address when using pfSense, add the following field to the Custom options of your DNS Resolver settings.
server: private-domain: "example.com"
继续阅读Solution for unable resolving an A record with an intranet address when using pfSense
esxcli network firewall set --enabled false
wget https://example.com/folder/file -P /vmfs/volumes/datastore/folder
esxcli network firewall set --enabled true
The purpose of this article is to realize the local machine X can communicate over local router A running pfSense through the WAN gateway of the remote router B also with pfSense.
The lab environment
Local machine X:
[IP_ADDR]=192.168.0.254 [Mask]=255.255.255.0 [GW]=192.168.0.1
Local router A:
[IP_ADDR]=192.168.0.1 [Mask]=255.255.255.0 [GW]=Router_A_WAN_ADDR
Remote router B:
[IP_ADDR]=192.168.11.1 [Mask]=255.255.255.0 [GW]=Router_B_WAN_ADDR
OpenVPN client on router A:
[Mode]=TUN [Interface]=OVPN_A [IPv4 Tunnel Network]=192.168.30.49/30
OpenVPN server on router B:
[Mode]=TUN [Interface]=OVPN_B [IPv4 Tunnel Network]=192.168.30.50/30
1. Establish an OpenVPN TUN tunnel between router A and B anyway. This is not the focus of this article.
2. Set a allow all rule for OVPN_B on router B
[Area]=OVPN_B
[Action]=Pass
[Interface]=OVPN_B
[Protocol]=Any
[Src]=any
[Dst]=any
3. Set an Outbound NAT on the firewall of router B
[Interface]=WAN
[Protocol]=Any
[Src]=192.168.0.0/24 (or any area you want)
[Dst]=any
[Translation addr]=Interface Address
4. Set a rule for routing traffic to OVPN_A on the LAN firewall table of router A
# Route all traffic of local machine X
[Area]=LAN
[Action]=Pass
[Interface]=LAN
[Protocol]=Any
[Src]=192.168.0.254
[Dst]=any
[Gateway]=OVPN_A# Route specific destnation IP traffic
[Area]=LAN
[Action]=Pass
[Interface]=LAN
[Protocol]=Any
[Src]=any
[Dst]=192.168.11.1 (example)
[Gateway]=OVPN_A
Result: (Tested on local machine X)
> tracert 192.168.11.1
Tracing route to 192.168.11.1 over a maximum of 30 hops
1 20 ms 20 ms 20 ms 192.168.30.49
2 30 ms 30 ms 30 ms 192.168.11.1
Trace complete.
1. apt install required paackages
$ sudo apt update $ sudo apt install doxygen dia graphviz
2. generate the Doxyfile
$ cd [SOME_PATH] $ doxygen -g
3. edit the Doxyfile
OUTPUT_DIRECTORY = [YOUR_OUTPUT_DIRECTORY] INPUT = [YOUR_SOURCE_CODE] RECURSIVE = YES EXTRACT_ALL = YES EXTRACT_PRIVATE = YES EXTRACT_STATIC = YES CLASS_DIAGRAMS = YES DIA_PATH = /usr/bin/dia HAVE_DOT = YES CLASS_GRAPH = YES COLLABORATION_GRAPH = YES
4. run doxygen
$ doxygen [YOUR_Doxyfile]
5. result examlple
继续阅读Use Doxygen to generate documents and diagrams or graphs for your source code
socat tcp-listen:[LISTENING PORT],fork,reuseaddr tcp-connect:[TARGET ADDRESS]:[TARGET PORT]
# apt install collectd # nano /etc/collectd/collectd.conf # service collectd start # apt-get install git # apt-get install python # apt-get install librrds-perl libjson-perl libhtml-parser-perl libcgi-session-perl # cd ~ # git clone https://github.com/httpdss/collectd-web.git # cd collectd-web # chmod +x cgi-bin/graphdefs.cgi # nano runserver.py Change listen IP address to 0.0.0.0 # ./runserver.py & # killall python
Check swap file
# swapon -s
Create swap file
# dd if=/dev/zero of=/swap.img bs=1G count=8
Set swap file right
chmod 600 /swap.img
Check swap file right
# ll /swap.img
Format swap file
# mkswap /swap.img
Activate swap file
# swapon /swap.img
Deactivate swap file
# swapoff /swap.img
Check swap
# swapon -s # free -h
Auto mount swap fs
# echo "/swap.img none swap sw 0 0" >> /etc/fstab
Check your kernel version >= 4.9
uname -a
Enable BBR
sysctl -w net.core.default_qdisc=fq sysctl -w net.ipv4.tcp_congestion_control=bbr sysctl -w net.ipv4.tcp_notsent_lowat=16384 sysctl -p
Add stream config to /etc/nginx/nginx.conf
stream {
include /etc/nginx/tcp.d/*.conf;
}
Create a new config for Minecraft server
upstream [YOUR_MINECRAFT_SERVER] {
server [YOUR_MINECRAFT_SERVER]:[PORT];
}
server {
listen [PORT];
proxy_pass [YOUR_MINECRAFT_SERVER];
}
Test Nginx config
nginx -t
Reload Nginx
nginx -s reload
Optional: Add DNS SRV record
Name _minecraft._tcp.[YOUR_MINECRAFT_SERVER].tld Priority [0-65535] Weight [0-65535] Port [PORT] Value [YOUR_MINECRAFT_SERVER]
Server config: /etc/rsyncd.conf
uid = www-data gid = www-data max connections = 4 use chroot = no log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock #hosts allow = 0.0.0.0 #hosts deny = 192.168.100.0/24 [rsync] path = /var/www/html comment = rsync auth users = rsync ignore errors read only = yes list = yes auth users = rsync secrets file = /etc/rsyncd.pwd
Secret: /etc/rsyncd.pwd
rsync:rsync
Server run:
$ rsync --daemon --config=/etc/rsyncd.conf
Client connect:
$ rsync --list-only -rsh=rsh --port=873 [email protected]_TARGET_ADDRESS::rsync
This is quick note for configuring congenial-octo-system created by imi415.
System:
ubuntu-18.04.3-live-server-amd64
Command:
apt install ruby-dev gcc make nodejs zlib1g-dev libsqlite3-dev redis-server bundle install bin/rails db:migrate RAILS_ENV=development rails s
Result: 