HackerTrans
TopNewTrendsCommentsPastAskShowJobs

champtar

no profile record

comments

champtar
·3 個月前·discuss
There is also OVH (not affiliated, just happily using their VPS), but I would consider switching to 2 providers, as any provider can have data loss or just lock your account at anytime for any reasons. 2 providers with free egress so you can easily replicate data between them.
champtar
·4 個月前·discuss
TIL `badblocks -t random` repeats the same random block over and over :(
champtar
·5 個月前·discuss
Just being able to inject traffic is already huge as it allow you to send IPv6 router advertisement, which sometimes allows you to change the DNS config
champtar
·7 個月前·discuss
You need working switch level filtering, many implementations can be bypassed / will never be fixed: https://blog.champtar.fr/VLAN0_LLC_SNAP/
champtar
·7 個月前·discuss
CAP_NET_RAW also allow to capture packets (tcpdump) so you really can have some fun like running a TCP stack in user space or MITM http connections: https://blog.champtar.fr/IPv6_RA_MITM/ / https://blog.champtar.fr/Metadata_MITM_root_EKS_GKE/
champtar
·9 個月前·discuss
Good news that it was found and fixed, but 140 days response time seems rather slow for such a critical vulnerability
champtar
·10 個月前·discuss
Curious what are the main benefits ? (I've only ever used DD-WRT and OpenWrt)
champtar
·10 個月前·discuss
In OpenWrt there is ujail, you give it an ELF (or multiple) to run, it'll parse them to find all the libraries they need, then it creates a tmpfs and mount bind read only the required files. https://github.com/openwrt/procd/blob/dafdf98b03bfa6014cd94f...
champtar
·11 個月前·discuss
It'll not, the new behavior is just a new naming scheme, and you just choose not to use any, which is totally fine if you have a single NIC.
champtar
·11 個月前·discuss
You can easily keep the current naming behavior with the 'net.naming_scheme=' kargs
champtar
·11 個月前·discuss
Hopefully the last breaking change.

enoX should always stay stable, as it's the BIOS (in some ACPI table) telling that this device/port has this ID.

ensX means the NIC in PCIe slot X, but in your PCIe tree you can have PCIe bridges, so technically you could have multiple NIC in the same slot (what the BIOS declare as a slot), so there was a lot of breaking NIC naming changes over the years in systemd to figure out the right heuristics that are safe, enabling/disabling slot naming if there is a PCIe bridge, but just in some cases.

Also for historical reasons the PCIe slot number was read indirectly leading to some conflicts in some cases (this was fixed in systemd 257)
champtar
·12 個月前·discuss
I once had to maintain a CalDAV server that was developed in house, computing the "free busy" with recurring events, exceptions, different timezone than the organizer + some DST is a bug source that keeps on giving.
champtar
·2 年前·discuss
The mailing list announcement might be a better link https://lists.openwrt.org/pipermail/openwrt-devel/2024-Janua...
champtar
·4 年前·discuss
HPE had the same issue on some of their SSDs. We received an advisory months before it would have been a problem, and had time to upgrade all our customers ... except 2 servers that we missed. Luckily when I saw all disk in error in the iLO on one of the server I remembered this issue, googled the model, confirmed it was affected, and was able to shutdown the second server and start the upgrade. Not sure client was happy but at least it was only a 1h outages instead of maybe a day to get the disks + restoring from backup. HPE did replace the disks under warranty.