It would seem I have configured {{OpenVPN}}, {{Squid proxy}}, and, to a lesser extent, Pi-hole well – none of the major sites that report IP, {{DNS}}, and other connection-related security issues find anything out of the ordinary when I’m either running “just” proxied, or {{VPN}}, or VPN+proxy. You should check yourself hereon: https://ipleak.net http://ip-check.info/?lang=en (ironic …
Continue reading do you leak?
a fairly comprehensive squid configuration for proxying all the http things
After combing through the docs and several how–tos on deploying the {{Squid proxy}} server – none of which really did everything I wanted, of course – I’ve finally gotten to the format below. Installing Squid is easy-peasy – it’s in the standard package repos for the major platforms ({{CentOS}}/{{Fedora}}/{{RHEL}}, {{Ubuntu}}/{{Debian}}, etc) – so just run …
Continue reading a fairly comprehensive squid configuration for proxying all the http things
turn on spf filtering with postfix and centos 7
After running my new server for a while, I was noticing an unusually-high level of bogus email arriving in my inbox – mail that was being spoofed to look like it was coming from myself (to myself). After a great deal of research, I learned there is a component of the {{DNS}} specification that allows …
Continue reading turn on spf filtering with postfix and centos 7
a smart[ish] dhcpd
After running into some wacky networking issues at a recent customer engagement, I had a brainstorm about a smart[ish] DHCPd server that could work in conjunction with DNS and static IP assignment to more intelligently fill subnet space. Here’s the scenario we had: Lab network space is fairly-heavily populated with static assigned addresses – in …
Continue reading a smart[ish] dhcpd