Skip to main content


pfsense: Create multiple vLAN and segregate traffic

pfsense: Create multiple vLAN and segregate traffic Summary pfSense is an excellent product and can be customised better than professional devices available from large vendors. pfSense is open-source, can be installed into an old laptop or Mini-PC and can scale from home lab setup to medium-large enterprises. This article focus on Creating "multiple LAN segments" within your home network, thus segregating traffic for different type of devices Pre-Reqs device with pfsense installed. I have installed pfsense in an OLD laptop with 2 ethernet ports VLAN switch  with ability to Securely separate networks (VLAN) (New type of plus switches are cheaper around £20/$30 for 8 ports) Quite few Ethernet cables (short lengths would be perfect) Setup within pfsense The settings are divided mainly into 3 parts Creation of VLANs (For instance I've created 3 VLANs as below). The VLAN tag is quite important setting which is used to filter within the Switch Configuration of VLANs (eg shown

Setup VPN protected Private Wifi out of Public Wifi

Setup VPN secured Private Wifi from Public Wifi A word on Privacy While you are travelling, it is essential that you connect your mobile phone or laptop to Public Wifi especially in Airports, Hotels, Cafe's, Malls etc. Remember quite a lot of your personal information is exposed by such direct connections and is quintessential you isolate your personal device from public Wifi even if you have VPN. It is recommended to turn-off WiFi , BlueTooth during the course of journey but until unless you need it. What are we trying to do So the aim of this article is to ensure that you detach your device from public network as below.  So using the GL.inet device, we will  Accept a Public Network connection (WAN) via wired or wireless Apply VPN settings Create a separate Private Network (LAN) which your personal devices can connect to Pre-Reqs OpenWRT based devices (such as GL-MT300N , GL-MT1300 Beryl etc LAN cable (for first time setup) is highly recommended VPN connection (eg NORDVPN, SurfS

Kubernetes & n8n: Setup n8n using K8S (Part 1)

Deploying n8n workflow automation with Kubernetes  Intro Aim of this article is to Publish n8n workflow automation tool into a Kubernetes environment.  n8n is quite flexible and can be used for IOT devices for your hobby projects to act as a SOAR tool at enterprise level. Pre-Reqs Familiarity with Kubernetes (k8s) Package components The deployment is split into following n8n-pvc0.yaml   - PersistentVolumeClaim To mount directory for n8n database and configs n8n-pvc1.yaml   - PersistentVolumeClaim To mount directory for n8n workflows n8n-deployment.yaml   - Actual deployment definitions n8n-svc.yaml   - Service To expose n8n for UI access n8n-pvc0.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: creationTimestamp: null labels: io.kompose.service: n8n-claim0 name: n8n-claim0 spec: accessModes: - ReadWriteOnce resources: requests: storage: 2Gi status: {} n8n-pvc1.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: creationTimestamp: null

Syslog Standards: A simple Comparison between RFC3164 & RFC5424

Syslog Standards: A simple Comparison between RFC3164 (old format) & RFC5424 (new format) Though syslog standards have been for quite long time, lot of people still doesn't understand the formats in detail. The original standard document is quite lengthy to read and purpose of this article is to explain with examples Some of things you might need to understand The RFC standards can be used in any syslog daemon (syslog-ng, rsyslog etc.) Always try to capture the data in these standards. Especially when you have log aggregation like Splunk or Elastic, these templates are built-in which makes your life simple. Syslog can work with both UDP & TCP  Link to the documents the original BSD format ( RFC3164 ) the “new” format ( RFC5424 ) RFC3164 (the old format) RFC3164 originated from combining multiple implementations (Year 2001)

Elastic Beats on pfSense : Installation and configuration

Summary Though in many cases syslog is preferred to transport the pfSense logs to external system, Elastic beats provides quite a niche way to send the logs while modelling the data alongside. This makes it ready-made to send to ElasticSearch directly and get ready-made outcomes like SIEM, performance etc. Pre-reqs A build server (preferably Ubuntu or Fedora) with internet connectivity shell access to pfsense server Basic knowledge of Elastic Stack (filebeat.yml configurations etc) Ensure connectivity is allowed from pfsense machine to your Elastic Stack receiver Setup Summary Connectivity tests Install dependencies in build server (vagrant, virtualbox, gmake, go etc) Download Elastic Beats source Make elastic Beats package for FreeBSD Copy binary packages to pfsense server Configure Beats to send to destination Configure ElasticSearch to view the data Installation Steps Connectivity tests Logon to pfsense server via Shel

Listing Installed Modules in Perl

perl (Swiss Army Knife of Programming) is quite efficient in data processing. Though though not enterprise class as python, perl has a substantial presence in many packages including - git downloads for Windows - present in all Linux Enterprise installations - PAR (Perl Archive Toolkit) acts like a JAR file to be packaged up One of the main problems you hit is the non-availability of packages or modules within perl. For instaance take the example of CSV module in perl. This is a very useful module if you want to play around with manipulating CSV. If you need to do cross platform scripts, below script is an efficient way to check the packages that are available "locally" in that server or machine before you start configuring your complex code.  This can be a life saver and thus you can include your packages alongside if you need. #!/usr/bin/perl # list all of the perl modules installed use File::Find ; for (@INC) { find(\&modules,$_) ; } sub modules {

World of Crypto Currencies and should I take a punt?

You might have heard of " BitCoin ". But did you know  BitCoin is just ONE out of many decentralised crypto-currencies out there in the market? This article is just to summarise some of these crypto-currencies and makes you to judge whether to invest or try-out on them. Just a word of caution: These are highly volatile and risky. DO AT YOUR OWN RISK What is crypto-currency? A cryptocurrency is a digital asset designed to work as a medium of exchange. Many of us express it in terms of USD or GBP or EUR, but always consider them as old plain " Barter " system to exchange goods and services. BlockChain and why is it powerful? A blockchain is a decentralised digital ledger that records transactions. Think of it as a huge sheet of paper which records every transactions in the world which are unique and is permanently written and cannot be reverted. This makes validating transactions transparent to anyone in the world, thus making it extremely secure to trade goo