logs archiveBotHelp.net / Freenode / #2f30 / 2015 / August / 7 / 2
dami0
https://en.wikipedia.org/wiki/IPsec#Alleged_NSA_interference
lel
stateless
yeah
:P
those were just allegations, they never found anything in the stack
:P
you are free to audit if you don't believe me
haha
dami0
nah, i just don't believe in security anymore
stateless
lol
you can defeat security with a baseball bat
dami0
so true
stateless
I've found that latency suffers quite a bit with ipsec
but it is not an issue for emails
cool thing is that it doesn't require changes to the programs
you can use netcat and it will be encrypted :>
dami0
that last one is quite interesting
stateless
well between the ipsec peers
dami0
obviously
otherwise the other side wouldn't be able to decrypt
still though, if you can't be bothered with ssh, encrypted netcat is useful
although i guess the latency could wreak havoc with tcp and slow it to a crawl
nvm those last comments, i reroute rerouted packets
Evil_Bob
http://media.giphy.com/media/EldfH1VJdbrwY/giphy.gif
dami0
damn. i just spent about two hours reading the tcpipguide.com about ipsec. my brain is fried
stateless: have you got time to explain some of the problems & solutions to ipsec problems and mail exchanges?
stateless
well
there's no inherent problem
thing is our setup uses ipsec for retrieving email
and also smtps over ipsec for sending email
so you have ipsec flows for those two between client and server
if you want to have a secondary mail server
you need an ipsec flow to that one as well
so I need to tell mutt, if you cannot connect to the primary, fall back to the other
alternatively, it may be possible to have a single server
that has ipsec flows to the two mail servers
then the clients only have a single ipsec flow to the multiplexer
if the multiplexer is down, mail will still be delivered to the mail servers at the front
so you do not lose them, you just cannot access them temporarily
next step is to keep the spamd database in sync between the two mail servers
dami0
ah, ok
i figure the load balancer/multiplexer is the more scalable solution, but probably involves another machine
stateless
yes
k0ga
I have asked to mpu about K&R functions (if I should support them). What do you think guys?
stateless
k0ga, I don't see the point
vim uses them :P
lol
k0ga
hahaha
and gdb
stateless
lol
if you want this sh*t to compile then yes :P
k0ga
the question is if we really want a comforming compiler or not
Evil_Bob
stateless: i dont know enough about the topic tbh, but maybe you can use relayd as a loadbalancer/fallback at some endpoint
not sure if it plays well with the other tools though
i mean relayd does, but the others
stateless
https://imgur.com/a/7yy6b
insane
rak
Evil_Bob
http://i.imgur.com/5KGgu.gif
dami0
http://ss64.com/bash/syntax-pronounce.html
dusty`
hey
how about a suckless sh ?
dami0
can it be written in haskell?
dusty`
no it should be in C or something
dami0
but haskell is more secure
Evil_Bob
dusty`: just use mksh
stateless
dami0, already posted that link :P
yes mksh is awesome
dami0
^
stateless
if you want to stay withim the realm of a standard shell
otherwise use rc
:P
dusty`
ok let me look into mksh
yeah i was curious about rc, have'nt learned it yet
stateless
well it is much simpler/cleaner than sh
but sh is here to stay and you practically cannot live without it
Evil_Bob
yea
stateless
as an interactive shell you can have whatever you want, it doesn't matter
but it is nice to write portable shell scripts
dusty`
dont remind me ;(
it's really bash i've got a prolbem with
stateless
haven't used bash in ages
on openbsd i dont bother installing mksh so i use pdksh there
mksh would have been better there for utf8 stuff
but cant be bothered
i use it at work on my linux machine
Evil_Bob
same, i only wish mg had utf8 support though (it is coming at some point :))
stateless
pdksh will obtain utf8 support soon
and mg + vi yeah
I will throw a party that day
dusty`
mg getting utf8 is really nice
i love mg
stateless
:>
$ du -sh `which mg`
224K /usr/bin/mg
$ du -sh `which vi`
384K /usr/bin/vi
$
;)
just some proof for those who complain about emacs
« prev 1 2 3 4 5 6 next »