• Tags
A10
ACME
AD
AES
AI
Aliyun
Ansible
APP
Application Delivery Controller
Arceus
Argo CD
ASCII
Authentication
Authorization
AWS
BASH
Bayonet
Benchmark
BGP
BIRD
Board Game
Browser
Byte
Cache
CDN
Channel
Chart
Checklist
Chrome
Chrome OS
Chrony
CI
Cilium
Cisco
Cloud-Native
Cloudflare
Cluster
Command Line
Completion
Config
Container
CPU
CURL
Data
Database
Debug
Dehydrated
Design
DevSecOps
Diagrams
Dmg
DNS
DNS-01
Docker
EFF
ElasticSearch
ELK
Emoji
EMQX
Encode
Encrypt
ESXi
Extension
Firewall
Fortigate
Fortinet
FortiOS
Game
GeoIP
GIN
Git
GitBook
Github
Gitlab
GitOps
Gluetun
Go
Go-Mysql-Elasticsearch
Golang
Google
GPG
GraphQL
HA
HAProxy
Hash
HomeLab
Htop
HTTP
Infra
Infrastructure
Input Method
Interview
Introduction
IPhone
Iptables
Iso
Issue
ITerm2
Jenkins
Jsoniter
Juniper
JWT
Kibana
Kubernetes
LDAP
Leetcode
Lightweight
Linkerd
Links
Linux
Llamafile
LLM
Log
Lua
Lullaby
LVM
Machinelearning
MacOS
Markdown
Mattermost
Mermaid
MinIO
Module
MQTT
MSS
MTU
Music
MyDumper
MySQL
NAS
Netcat
Network
Nftables
Nginx
OAuth
OIDC
Ollama
OpenResty
Parquet
Percona
Pinyin
Pip
Plugin
Pokemon
PostgreSQL
PowerDNS
PowerShell
Pprof
Principle
Prometheus
Protobuf
Proxy
Push
Python
QRCode
R
RAID
RDP
Redis
Regex
Ringtone
Route
Rust
S3
ScreenShot
Security
Selenium
Sentry
Service Mesh
SFTP
SHELL
Slides
Snow
Software
SonarQube
SQL
SSH
SSL
String
Switch
Sync
Synology
System
Tcpdump
Telegram
Terminal
Terraform
Test
Testing
Time
Timeout
TLS
Tor
Trace
Traefik
Travel
Tunnel
Typora
Ubuntu
URL
UserAgent
V2Ray
Vagrant
Video
Vim
Virtualization
Visualization
VNC
VPN
VSCode
WAF
Web
WebAssembly
Webp
Windows
WSL
YAML
Youtube
Zabbix
Zero Trust
Zim
ZSH
台語

Load Balancing with iptables and ip rule

Load Balancing with iptables and ip rule Steps This example uses an Arch Linux device with two Internet uplinks: eth0 and eth1. The mapping is: Mark 10 (0xa) - Routing table #110 - use eth0 Mark 11 (0xb) - Routing table #111 - use eth1 We decide which uplink to use based on the packet mark. First, use ip rule to map each mark to its routing table. The default routing table priority is 32768. To ensure our tables are used, set a higher priority (for example 31000).

Wednesday, December 4, 2019 Read

Fighting ISP Cache Hijacking Again with iptables

Fighting ISP Cache Hijacking Again with iptables Cause The fight against the carrier cache problem started two years ago. The carrier even cached cnpm data. Worse, their cache servers were not only slow like a turtle in a marathon, they also crashed frequently, so I just wanted to write code but had to face a wall of red errors. Fix iptables -I FORWARD -p tcp -m tcp -m ttl --ttl-gt 20 -m ttl --ttl-lt 30 -j DROP

Monday, October 7, 2019 Read