So I’ve taken some interest in creating an open source nextgen firewall. It’s beyond my current skill level (at least with the hobby time I have available) from a programming standpoint, but that’s how you grow, so let’s just see what I can figure out. It’ll be fun and a good learning experience to dig…
Category: Linux
How to setup Free Range Routing, FRR
Free Range Routing is an open source implementation of the most common Network Routing protocols. It seems pretty complete and uses almost EXACT Cisco configuration syntax. https://frrouting.org/ https://www.linux.com/news/2017/4/welcoming-frrouting-linux-foundation So to install and configure it do this: CONFIGURE SOME LINUX KERNEL PARAMETERS FOR OPTIMAL ROUTING PERFORMANCE: create the following file: /etc/sysctl.d/99frr_defaults.conf # this information comes from…
Cryptodev-linux howto on Debian 9 Stretch.
You may’ve seen in another post that I bought a Cavium Nitrox PX Series CN1620 Encryption offload board. It speeds up cryptographic operations commonly used in SSL and IPSec and offloads them to dedicated hardware. Linux developers have developed packages that allow us to take advantage of that. I was looking to get it working…
And just like that, Hardware Offload of SSL is working
I bought a Cavium Nitrox PX CN1620 Hardware Encryption offload board on ebay for like $20, which happens to be the same encryption offload board that a Cisco ASA 5585-X uses according to Cisco’s published specs, but you know those guys, they probably put 4 of the chips on their board. My card has one…
Renaming Interfaces in Linux Debian 9 Stretch
There are a million articles on this, but very few of them actually worked on Debian Stretch 9. So most of the other articles I think are older and all talk about writing udev rules or editing 70-persistent, bla bla bla. None of that actually works on Stretch. They changed the mechanism or something it…