Istio traffic hijacking process

Opening The article about Istio traffic hijacking can be found in a very detailed article in the servicemesher community at present. You can refer to: Sidecar injection and transparent traffic hijacking in Istio . In particular, the "traffic hijacking diagram" collated by the blogger can clearly see the hijacking process. Here I use ...

Added by river001 on Fri, 29 May 2020 09:27:35 +0300

A concise guide to firewall D on Linux

Firewall D is the front-end controller of iptables, which is used to implement persistent network traffic rules. It provides command line and graphical interfaces, which are available in the repositories of most Linux distributions. There are two main differences between using firewall D and controlling iptables directly: Firewall D uses zone ...

Added by 01706 on Thu, 28 May 2020 07:10:56 +0300

linux open source mailbox server building

1. Install Postfix yum -y install postfix After installation, you need to replace the sendmail that comes with the system: rpm -e sendmail perhaps yum remove sendmail Modify MTA (default mail transfer agent) alternatives --config mta and enter directly. 2. Install Dovecot (post office forwarding) yum -y i ...

Added by bongbong on Wed, 20 May 2020 18:04:50 +0300

Detect whether kernel functions are hook ed by trace stack

Rootkit needs to find out if there is a program catching it in time, and the detection program itself needs to be vigilant about Rootkit injection and left-right interaction. The instrumentation program found Rootkit to be very versatile, and I've previously described how to static scan through address ranges that are called from each other by ...

Added by psychowolvesbane on Mon, 04 May 2020 17:14:17 +0300

Firewall firewalld learning summary for RHEL Linux 7

Firewall firewalld learning summary for RHEL Linux 7   This paper describes firewalld, a firewall configuration tool under RHEL 7.Before RHEL 7, we generally used iptables firewall management tools. In fact, neither iptables nor firewalld are real firewalls. They are just firewall management tools used to define firewall policies, or they are j ...

Added by alpha2zee on Sun, 01 Mar 2020 18:37:06 +0200

Squid Cache Agent Deployment - Traditional + Transparent (Ultra Detail)

Main points: 1. Introduction to Squid 2. Cache Agent 3. Compile, install and optimize Squid manually 4. Establishing Traditional Agents 5. Setting up transparent agents 1. Introduction to Squid (1) Squid is a high performance proxy cache server that supports FTP, gopher, HTTPS and HTTP protocols.Unlike general proxy caching software, Squid ha ...

Added by procoder on Tue, 24 Dec 2019 21:02:40 +0200

LVS-NAT Load Balancing Cluster Deployment

Introduction to LVS LVS (Linux Virtual Server), the Linux virtual server, is an open source load balancing project led by Dr. Zhang Wensong. At present, LVS has been integrated into the Linux kernel module.The project implements an IP-based load balancing scheduling scheme for data requests in the Linux kernel. The architecture of the scheme ...

Added by Optimo on Wed, 27 Nov 2019 05:19:33 +0200

[operating system Linux] solutions without iptables

I. check iptables service status First check the status of iptables service [root@woxplife ~]# service iptables status iptables: Firewall is not running. The iptables service is installed, but the service is not started. You can install it directly if it is not installed. yum install -y iptables ...

Added by Flukey on Thu, 31 Oct 2019 13:33:03 +0200

Network management of Docker (configuration of communication between containers)

Blog Outline: I. Bridge mode (communication between containers on the same Docker server) 2. Deploy the consumer service to realize cross host communication of Docker container Preface: When you start using docker on a large scale, you will find that you need to know a lot about the network. Docker, as the most popular lightweight containe ...

Added by xenoalien on Sat, 19 Oct 2019 00:12:16 +0300

kube-proxy source code parsing

kubernetes Off-line Installation Package, only three steps kube-proxy source code parsing ipvs has higher performance and stability than iptables mode. This paper focuses on the source code analysis of iptables mode. If you want to understand the principle of iptables mode, you can refer to its implementation. There is no difference in architec ...

Added by plaggypig on Wed, 07 Aug 2019 10:49:26 +0300