IOS-config-mode
tiny-snitch
IOS-config-mode | tiny-snitch | |
---|---|---|
2 | 9 | |
8 | 63 | |
- | - | |
10.0 | 3.1 | |
about 4 years ago | 3 months ago | |
Emacs Lisp | Go | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
IOS-config-mode
- Ask HN: Have you created programs for only your personal use?
-
Cisco iOS Scripting with Tcl
This brings back memories. I used to work at Cisco in the early 2000s.
Unlike many of the places I worked at since, Cisco (atleast the BU where I worked at) had a dedicated team to implement the libraries and tools needed to script/automate the routers via the consoles. It was a library based on TCL/Expect that connected directly to the command line to get things done. It had a core library maintained by the team and an extensions directory that had modules developed by separate teams for their own features. Finally, there was a regression suite that tested complex setups to make sure that everything was performing well. It also had routines to connect to traffic generators. The one we used was from a company called Ixia. The whole thing had regular release cycles and was treated as a first class internal product rather than just a script someone had written. As part of the work I needed to do, I even wrote a little Emacs mode to handle IOS config files https://github.com/nibrahim/IOS-config-mode
I thought this was the standard way of doing things but several of the companies I worked in since didn't have this polished an infrastructure team and it showed.
I don't know if was because of lack of adoption of TCL but several years later (2017 or so), they moved a lot of the tooling from TCL to Python and I actually went back to deliver some trainings to reskill the engineers on the new technologies.
tiny-snitch
-
OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
i use a kind of tui. it is actually a gui, pops up fullscreen. you can’t click it though, just keypress interaction.
i agree with you. especially if i’m filtering all traffic, i need to be able to y/n quickly and easily.
https://github.com/nathants/tinysnitch#demo
-
Switch to VPC Endpoints from NAT Gateways to Reduce Bandwidth Charges
the libnetfilterqueue setup i use locally is here: https://github.com/nathants/tinysnitch
- an interactive firewall for inbound and outbound connections
- Show HN: An interactive firewall for inbound and outbound connections
- Ask HN: Have you created programs for only your personal use?
- Chrome 0day is being exploited now for CVE-2022-1096; update immediately
-
Wayland Keylogger (2021)
> There isn't even a single decent dynamic firewall with those annoying popups.
even benign apps that phone home like pulumi and terraform are fun to see and block with annoying popups.
monitoring egress really is the only realistic play. i rolled my own[1], inspired by opensnitch[2].
netfilter_queue is really great, and definitely makes annoying popup dynamic firewalls possible.
1. https://github.com/nathants/tinysnitch
What are some alternatives?
ChezScheme - Chez Scheme
opensnitch - OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
sim - Multi Party Authorization version of sudo/doas
wayland-keylogger - Proof-of-concept Wayland keylogger
refpolicy - SELinux Reference Policy v2
nitter - Alternative Twitter front-end
place
epanet-js - Model a water distribution network in JavaScript using the OWA-EPANET engine
ppp_thing - A poorly written, minimum viable PPPoE client with session handoff between redundant FreeBSD routers
Keimeno - A lightweight text user interface library in Crystal
bcc - BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
kondo - Cleans dependencies and build artifacts from your projects.