endlessh was pretty cool and a more modern version is even better ! I’ll give it a shot !
On a side note, I found a way to trap HTTP connections too while working on my cyb.farm project. The go implementation is ridiculously simple: tarpit.go. It works by providing an endless stream of custom headers to the client, which it is supposed to ingest before getting to the content itself.
Keeping the source IP intact means you’ll have troubles routing back the traffic through host B.
Basically host A won’t be able to access the internet without going through B, which could not be what you want.
Here’s how it works:
On host A:
On host B:
This should do what you need. However, if I may comment it out, I’d say you should give up on carrying the source IP address down to host A. This setup I described is clunky and can fail in many ways. Also I can see no benefits of doing that besides having “pretty logs” on host A. If you really need good logs, I’d suggest setting up a good reverse proxy on host B and forwarding it’s logs to a collector on host A.
OpenBSD is the most pleasing expérience I’ve had with an OS. It’s fully contained and has all the tools you need without needing to install anything (eg a DNS, HTTP, SMTP servers, a proxy, a good firewall). All config files look alike and use the same keywords for the same things, making it straightforward to configure everything.
And regarding RAID 1, I’ve never done it myself, but it totally works out of the box (as well as full disk encryption).
OpenBSD for all of them.
The thing is, this layout moves symbols to places that are much easier to remember (~ is altgr+n, ç is altgr+c, $ is altgr+d, parenthesis/brackets are next to each other, etc…) I got used to it very quickly because the new placement makes sense, and the fact you only have to remember symbols and not alphanum chars helps a lot. Definitely worth trying IMO.
Did you know about the New AZERTY ? I’ve been using it for a few years now and it’s definitely a great improvement, while remaining compatible enough with the standard one so you are not lost when you use a colleague’s setup.
When I talk about alignment it’s not about function arguments, but values, “=” signs and such. You simply cannot use tabs for that because alignment must be fixed and indentation independent:
CreateOrderRequest(
user,
productDetails => order.detail,
pricingCalculator => DEFAULT_CALCULATOR,
order => order.internalNumber)
struct Ident arr = [
{
.id
= 0,
.name
= "Bob",
.pubkey
= "",
.privkey
= ""
},
{
.id
= 1,
.name
= "Alice",
.pubkey
= "",
.privkey
= ""
}
];
Tabs for indent, spaces for alignment. This is the way, I can’t believe people are still fighting that ?
ELI5
So it’s saturday afternoon, a very hot one, so you ask your daddy for an ice cream (hosted service). The shop you go in is very bizarre though, as there is one vendor (TCP port) for each flavor (docker service/virtualhost). But it’s tricky because they’re all roaming in the shop, and you don’t know who’s responsible for each flavor. Your dad is also not very comfortable paying these vendors directly because they only accept cash and do not provide any receipt (self-signed certificate/no TLS).
Hopefully, there is the manager (reverseproxy) ! This girl is right where you expect her: behind the counter (port 80/443), accept credit cards and has a receipt machine (Domain name + associated certificate). She also knows everyone on her team, and who’s responsible for each flavor !
So you and your dad come to see the nice lady, ask for a strawberry + chocolate ice cream, and pay her directly. Once done, she forwards your request directly to the vendors responsible for each flavor, and give you back your ice cream + receipt. Life is good, and tasty !
To be honest, Ed.
When I’m forced to edit text on my phone (eg. to fix a broken server while on the go), I ssh in and fire up ed. This is what takes the less screen space on my already to small screen, and because it’s line oriented the screen doesn’t bounce/resize/screw up when the keyboard appears/disappear.