Once upon a time there was a user that wanted to install firefox.
The user tried to do pacman -S firefox but it didn't work. The all
mighty pacman reported that firefox-3.2.4-1.i686.pkg.tar.gz could not
be found on his mirror. So the user tried pacman -Sy firefox. It
worked and the user rejoiced since he could once again go and troll /h/.
But all was not good. The user had made a grave error!
See, when the user told the almighty pacman to -Sy firefox, pacman did
| # User authentication method. Could be set multiple times and in | |
| # that case all should succeed. To enable multiple methods use | |
| # multiple auth directives. Available options: certificate, certificate[optional], | |
| # plain, pam. | |
| #auth = "certificate" | |
| #auth = "plain[./ocserv-passwd]" | |
| #auth = "pam" | |
| # This indicates that a user may present a certificate. When that option | |
| # is set, individual users or user groups can be forced to present a valid |
由于路由管控系统的建立,实时动态黑洞路由已成为最有效的封锁手段,TCP连接重置和DNS污染成为次要手段,利用漏洞的穿墙方法已不再具有普遍意义。对此应对方法是多样化协议的VPN来抵抗识别。这里介绍一种太简单、有时很朴素的“穷人VPN”。
朴素VPN只需要一次内核配置(Linux内核),即可永久稳定运行,不需要任何用户态守护进程。所有流量转换和加密全部由内核完成,原生性能,开销几乎没有。静态配置,避免动态握手和参数协商产生指纹特征导致被识别。并且支持NAT,移动的内网用户可以使用此方法。支持广泛,基于L2TPv3标准,Linux内核3.2+都有支持,其他操作系统原则上也能支持。但有两个局限:需要root权限;一个隧道只支持一个用户。
朴素VPN利用UDP封装的静态L2TP隧道实现VPN,内核XFRM实现静态IPsec。实际上IP-in-IP隧道即可实现VPN,但是这种协议无法穿越NAT,因此必须利用UDP封装。内核3.18将支持Foo-over-UDP,在UDP里面直接封装IP,与静态的L2TP-over-UDP很类似。
Authored by Peter Rybin , Chrome DevTools team
In this short guide we'll review some new Chrome DevTools features for "function scope" and "internal properties" by exploring some base JavaScript language concepts.
Let's start with closures – one of the most famous things in JS. A closure is a function, that uses variables from outside. See an example:
Every so often I have to restore my gpg keys and I'm never sure how best to do it. So, I've spent some time playing around with the various ways to export/import (backup/restore) keys.
cp ~/.gnupg/pubring.gpg /path/to/backups/
cp ~/.gnupg/secring.gpg /path/to/backups/
cp ~/.gnupg/trustdb.gpg /path/to/backups/
This is a collection of snippets, not a comprehensive guide. I suggest you start with Operational PGP.
Here is an incomplete list of things that are different from other approaches:
| # | |
| # /etc/sysctl.conf - Configuration file for setting system variables | |
| # See /etc/sysctl.d/ for additonal system variables | |
| # See sysctl.conf (5) for information. | |
| # | |
| #kernel.domainname = example.com | |
| # Uncomment the following to stop low-level messages on console | |
| #kernel.printk = 3 4 1 3 |
| #define _XOPEN_SOURCE 500 /* Enable certain library functions (strdup) on linux. See feature_test_macros(7) */ | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <limits.h> | |
| #include <string.h> | |
| struct entry_s { | |
| char *key; | |
| char *value; |