qubes-mirage-firewall
scripts
qubes-mirage-firewall | scripts | |
---|---|---|
5 | 36 | |
201 | 11 | |
0.0% | - | |
7.2 | 4.9 | |
11 days ago | 4 months ago | |
OCaml | Shell | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
qubes-mirage-firewall
-
Is running OpenBSD inside a QUBE as a router/firewall an interesting and good idea?
2) https://github.com/mirage/qubes-mirage-firewall is by far a better firewall for Qubes than OpenBSD ever will be - unikernels are far more secure than a traditional operating system is and you can read all about it on https://mirageos.org/
-
the maddening truth of using Qubes
That's correct. It does mean that the closest to a self-contained program you can run is a unikernel like the mirage-firewall, unfortunately. On the upside, those remain easily portable to essentially anything that can run VMs so long as you adjust the image format.
-
I had to relocate CHUNGUS because of the old warehouse I operate it is being torn down.
That sounds similar to a unikernel. There are actual uses for those in seL4 and Qubes OS such as a firewall-qube (in theory unikernel qubes should be able to take far less system resources to run than full Linux+distro qubes).
-
Ask HN: Examples of Microkernels?
Here's one that is "production" ready: the Mirage-Firewall microkernel running on Qubes OS.[0]
[0] : https://github.com/mirage/qubes-mirage-firewall
-
Qubes OS: A reasonably secure operating system
sys-net, sys-firewall and other administrative vms should slowly migrate to unikernels instead of running linux, which should help with ram usage. The mirage.io project seems to build a couple qubes vms, for example https://github.com/mirage/qubes-mirage-firewall is a firewall which they indicate to give 64Mb of ram.
scripts
- script: extract selected files from restic find using fzf
-
Why Do Privacy Advocates Favor Closed-Source IOS?
I made this at one point to counter that anti-Linux FUD; I still maintain it but not as religiously -- it's become too polarised and no one on that sub is logical once they've made up their minds (which perhaps applies to me also, but shrug !)
-
Question for restic users
try https://github.com/xkcd386at/scripts/blob/master/restic-find-fzf if this interests you. Like a lot of my tools, this one also uses the amazing fzf program to help you select files or directories to extract
- Running mail clients as a second user with machinectl. Works with thunderbird, kmail is tricky, and doesn't work with evolution.
-
chunk: a combination of head and tail
for people who want this kind of combination but still have muscle memory for head and tail arguments, try this: https://github.com/xkcd386at/scripts/blob/master/ht
-
Docfd: TUI fuzzy document finder
if someone wants a pure bash+fzf+ripgrep solution with slightly different behaviour, take a look at https://github.com/xkcd386at/scripts/blob/master/vgc
-
need help implementing s feature into a script
So... https://github.com/xkcd386at/scripts/blob/master/fclone (and yes the program name is probably even less imaginative than rfync -- suggestions welcome)
-
Does czkawka (or any other linux tool) have a feature for finding duplicate folders?
I have a script that identifies exact duplicate directories; see https://github.com/xkcd386at/scripts/blob/master/dirdups
-
FF primary password security effectiveness
https://github.com/xkcd386at/scripts/blob/master/usff for the win
-
Why MFA isn't Foolproof?
as for session token stealing, on Linux at least I have long advocated using multiple userids to run browsers -- I log on to gmail in a user called x3-gm, to amazon in a user called x3-amz, and so on. All simultaneously and without having to logoff/logon. https://github.com/xkcd386at/scripts/blob/master/usff has the details, but that's not important; the main idea is to not use the default locations for any important logged in site. Sure there is some pain in manually moving files between userids (e.g., move statement from bank userid to gmail userid to send to my accountant), but it's not hard and some judicious use of /tmp or similar can help a lot
What are some alternatives?
miragevpn - An opinionated implementation of the OpenVPN protocol
bat - A cat(1) clone with wings.
qubes-issues - The Qubes OS Project issue tracker
cbonsai
unikraft - FlexOS is a Unikraft-based OS allowing users to easily specialize the safety and isolation strategy at compilation time.
BorgBackup - Deduplicating archiver with compression and authenticated encryption.
unikernels - MirageOS unikernels
miniplayer - A curses based mpd client with basic functionality and album art.
reason - Simple, fast & type safe code that leverages the JavaScript & OCaml ecosystems
Clipboard - ššļøš¬ Your new, š§ššš¤š£š šŖš”šššš¤šŖšØš”š® smart clipboard manager
lk - LK embedded kernel
nnn - nĀ³ The unorthodox terminal file manager