Today I was playing with OpenBSD routing domains the first time. Traditionally, multiple interfaces are connected to one routing table. A global switch called 'IP forwarding' will turn packet flows between all interfaces on or off. A more fine-grained control requires some kernel level packet filtering, usually done by PF on OpenBSD. However, with rdomains one can easily isolate traffic to specific routing domains, to separate networks in kernel space.
OpenBSD
Monday, August 15 2016 11:32
OpenBSD and PCEngine's APU
For quite a while, PCEngine's devices have been known to work well under OpenBSD. In the meantime, their famous Alix boards have been superseded by the next generation systems called APU. At work, we wanted to build a cheap sniffing device that could be used to tap and investigate 'interesting' traffic. An ideal use case to learn about the current state of affairs: OpenBSD on APU.
Thursday, July 14 2016 16:45
Let's Encrypt on OpenBSD
UPDATE: letskencrypt
has been merged into the base system of OpenBSD and renamed to acme-client
When Let's Encrypt has hit the planet and euphoria calmed down, I decided to give it a spin as soon as a clean, secure and simple OpenBSD client would be available. I may be late some months: letskencrypt has been published on Github on May 12th, 2016 and is currently available in version 0.18. I won't go into the merits of "why yet another client". Read Kristaps Dzonsons page on his beautiful design using isolated independent components. No Python. No Ruby. No Bash.