haproxy
OpenVPN
haproxy | OpenVPN | |
---|---|---|
16 | 82 | |
4,482 | 9,969 | |
1.9% | 1.4% | |
9.9 | 9.2 | |
7 days ago | 8 days ago | |
C | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
haproxy
-
HAProxy is not affected by the HTTP/2 Rapid Reset Attack (CVE-2023-44487)
I wanted to try it out just now but hit a roadblock immediately - it cannot automatically obtain and maintain TLS certificates. You have to use an external client (e.g. acme.sh), set up a cron to check/renew them, and poke HAProxy to reload them if necessary. I'm way past doing this in 2023.
https://www.haproxy.com/blog/haproxy-and-let-s-encrypt
https://github.com/haproxy/haproxy/issues/1864
-
Why Haproxy is not build with PROMEX by default (Linux / BSD)
For context I think this might be useful: https://github.com/haproxy/haproxy/blob/master/addons/promex/README
-
minexmr2.com updated to p2pool v3.1, monerod v0.18.2.0, and ready for Mar 18 p2pool (not monero) hardfork
I turn on 1 relatively cheap cloud server to process DNS, https and stratum connections and route them via haproxy to one of N miner servers described above.
-
HAProxy Security Update (CVE-2023-25725) - HTTP content smuggling attack
Full technical writeup here: https://github.com/haproxy/haproxy/commit/a8598a2eb11b6c989e81f0dbf10be361782e8d32
- Request smuggling in HAProxy via empty header name
- Enormous session rate
- Update to haproxy 2.4.18 breaks WebDAV
-
HAProxy 2.7
With the recent discussions about memory safe languages, HAProxy is still surprisingly written in C [0].
[0]: https://github.com/haproxy/haproxy
-
35M Hot Dogs: Benchmarking Caddy vs. Nginx
It does not, because HAProxy does not perform any disk access at runtime and thus would be unable to persist the certificates anywhere. Disks accesses can be unpredictably slow and would block the entire thread which is not something you want when handling hundreds of thousands of requests per second.
See this issue and especially the comment from Lukas Tribus: https://github.com/haproxy/haproxy/issues/1864
Disclosure: Community contributor to HAProxy, I help maintain HAProxy's issue tracker.
-
Guide to Adapting HAProxy to openGauss
Code link: https://github.com/haproxy/haproxy
OpenVPN
- Critical OpenVPN Zero-Day Flaws
-
Ask HN: Who is hiring? (October 2023)
OpenVPN is hiring! https://openvpn.net/
C++ Developer in the United States. Full-time| Fully remote| Flexible work schedules
Link to look at vacancy details and apply:
-
Are there any work arounds for the Netflix new "household" system?
How you connect to your modem will depend on the device you are using, but for windows laptops as an example you download the OpenVPN program and input your modem details there, much like you would any other vpn service. I think there would be some guides on youtube. https://openvpn.net/
-
Can i use PFSense to control incoming user connections (without a vpn?)
I just started playing with CloudConnexa for remotely managing my second pFSense. Really nice and is free for up to 3 concurrent users. https://openvpn.net. Can also self-host OpenVPN access server with a free 2 concurrent license.
-
Is the 7spotlight Markle family interview airing now? Is anyone watching and can provide comment? 👀📺
If anyone is being blocked check out free OpenVPN
-
gluetunvpn docker help
It is likely an issue with the 'cipher' options, if any, that are in your ".opvn" file. This is telling you that the opvn setting is not finding a matching cipher it is allowed to use. The fix per the message would be to add the Servers cipher to your options. https://github.com/OpenVPN/openvpn-gui/issues/381 https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/cipher-negotiation.rst
-
Is it possible for a sysadmin to block only some packets from a VPN connection ?
I too haven't used the client-nat directive in some years (I currently implement 1:1 NAT with pfsense to access my network because I'm too lazy to change the networks subnet from the default) so I decided to retest and it does appear that OpenVPN Connect clients do not properly support the client-nat directive but the traditional OpenVPN server/clients still do. I've just tested this on OpenVPN 2.6.3 Server, OpenVPN 2.6.1 GUI for Windows from openvpn.net, and OpenVPN Connect iOS 3.3.3 and only the OpenVPN Connect client has any difficulty. Difficulty being that you can use client-nat successfully but it has to be configured server-side it can't be pushed to or setup on the client (OpenVPN Connect) side. The Server and Windows (non-OpenVPN Connect) clients work an any setup whether it's configured server-side, pushed to the client, or set up in the client config.
-
WebUI not accessible, even with port opened
Ask openvpn.net for commercial support: https://support.openvpn.com/
-
My Installed App as Developer
OpenVPN is a VPN client that I used primarily for work. We used VPN to connect to the dev server and we are using VPN. I also sometimes used that to open websites that got blocked in Indonesia like Reddit.
-
minexmr2.com updated to p2pool v3.1, monerod v0.18.2.0, and ready for Mar 18 p2pool (not monero) hardfork
I connect all the servers with secure OpenVPN private network. And block unused ports anywhere with ufw.
What are some alternatives?
zstd - Zstandard - Fast real-time compression algorithm
tinc - a VPN daemon
ClickHouse - ClickHouse® is a free analytics DBMS for big data
Pritunl - Enterprise VPN server
3proxy - 3proxy - tiny free proxy server
ocserv
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
tailscale - The easiest, most secure way to use WireGuard and 2FA.
Jool - SIIT and NAT64 for Linux
openvpn3-linux - OpenVPN 3 Linux client
brotli - Brotli compression format
SoftEther - Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.