Explication du fonctionnement de U32.

IPTables has always been a relatively flexible and modular firewall; if it can't currently test for a particular packet characteristic, you have the option of writing a test or modifying an existing test. The catch - as with so much of open source - is that most of us aren't programmers.

It turns out we do have an option that doesn't require programming. Don Cohen was kind enough to write an IPTables module that pulls any bytes you'd like out of the packet, does some manipulation, and sees if the result is in a particular range. For example, I can grab the Fragmentation information out of the IP header, throw away everything except the More Fragments flag, and see if that flag is set.

Without writing any C code at all. :-)

What I'll do is introduce the core concepts here, and put in hopefully enough annotated examples that you'll be able to write your own tests.

I won't be focusing on what these fields are, or why you'd want to test them; there are lots of (warning - shameless plug for my employer ahead!) resources for doing that. If you simply need a quick reference for the packet headers, see tcpip.pdf.

All byte positions in this article start counting at 0 as the first byte of the header. For example, in the IP header, byte "0" holds the 4 bit "Version" and 4 bit "IP Header Length", byte "1" holds the "TOS" field, etc.

A brief discussion of 6 facets of Linux performance:

1. Observability
2. Methodologies
3. Benchmarking
4. Profiling
5. Tracing
6. Tuning

Audience: Everyone (DBAs, developers, operations, …)

Ce document a pour objectif de présenter les bonnes pratiques de sécurité relatives au déploiement et à l’exécution de conteneur Docker. De ce fait, le Docker daemon et la gestion des images Docker sont hors périmètre de l’étude.

<IfModule mime_module>
AddHandler application/x-httpd-alt-php82___lsphp .php
</IfModule>

Firefly III

Rclone syncs your files to cloud storage: Google Drive, S3, Swift, Dropbox, Google Cloud Storage, Azure, Box and many more.

Project documentation for Gluster Filesystem

Vous avez perdu le mot de passe root de votre machine Debian (Linux) et vous êtes bloqué ? Voici la solution à ce problème en 5 étapes.

Carte des antennes de France métropolitaine et d'outre-mer

gcloud compute instances delete-access-config VM-2 --access-config-name="External NAT"
gcloud compute instances add-access-config VM-2 --zone=europe-west1-d --address=XXXXXXX

GNS3 est un logiciel libre permettant l'émulation ou la simulation de réseaux informatiques.

It's very annoying to have this limitation on my development box, when there won't ever be any users other than me.

I'm aware of the standard workarounds, but none of them do exactly what I want: