Gunnar Guðvarðarson

icon indicating a website link https://gunni.dev/

icon location Reykjavik, Iceland icon location Icelandic Security/DevOps/Network/Linux nerd

Results 90 comments of Gunnar Guðvarðarson

Export p12 with chain but exclude root/anchor

Web servers aren't supposed to have the root cert and send it because it is assumed that the client already has and trust the root. [Openssl](https://success.qualys.com/support/s/article/000003197) is one example btw.

net/http: Unexpected "define Request.GetBody to avoid this error" error after setting Request.GetBody

Related Caddy Issue: [Transport received Server's graceful shutdown GOAWAY #3428](https://github.com/caddyserver/caddy/issues/3428) [Potential solution blogpost](https://ragoragino.dev/tech/2022-02-05-goaway-test/)?

implement a decoder for MVRP (EtherType 0x88f5)

1. Yes this was tcpdump, I went upstream without checking. My bad. 2. Yes I have a pcap, I can get it tomorrow.

implement a decoder for MVRP (EtherType 0x88f5)

~~Here is the PCAP~~. Github wasn't accepting pcap files and changing file extensions to bypass that is hacky. EDIT: Removed mega link.

implement a decoder for MVRP (EtherType 0x88f5)

Here is the pcap file with a .txt extension [mvrp.pcap.TXT](https://github.com/user-attachments/files/20867804/mvrp.pcap.TXT) sha256 49eef9799c894c657e00b907aea2a5db31b68d8ceab32e3a8e5d649353d7dbb9 encoded using `cat mvrp.pcap | gzip | xxd -p` ``` 1f8b0800000000000003ad984d4854511886cfbd7a759c99aba585a55653 9881fd8a4d414ca5865110b40a0d87a055333518824810fde04a6ad12c82 4022188b749369d0df26c490742f14b6281795396ae65f594df6be91b529 fa16df85399c191edee77ee79e7bcfb933f8f45ec236e9e6cf916e2cb423 276b23d7d7f8cc6ef4f9b12ef61ab376537f61c073bf65d65836282b86c6 2936b6f19e47af945f836c2ad854a1b15b63e657d8dc4ad714a05ff03b6c 74b0eb78efd6c530e4e0780fb2649d9296610d2ffd02ed28c84ead6a19f6 dccd116893209f686919766b225ba01d03591150d2326c2a4fa21d0719d7...

implement a decoder for MVRP (EtherType 0x88f5)

Default: ``` Multiple VLAN Registration Protocol v, length 4 ``` Verbose 1+: ``` Multiple VLAN Registration Protocol v : JoinIn: : JoinMt: ``` Something like this? Edit: Looking at some...

Please support NAT64 connections to ease IPv6-only deployment

> If the device has no v4 addrs, then how would synthesizing a v6 address from a v4 endpoint be possible (as there are none)? > > Unless, by "the...

Add global resolvers directive for DNS challenge configuration

Still draft? I'd like this feature, but I mirror the above comment about calling it `tls_resolvers` or similar.

Combination of ech and a site block for the ech name cannot use tls resolver config

Just discovered that by adding any OTHER site block, this error disappears??? The other block doesn't even need content: ```Caddyfile { acme_dns cloudflare foo ech example.com } example.com { tls...

Combination of ech and a site block for the ech name cannot use tls resolver config

@Siomachkin does that explain why it works if I add any other site block? What changes with a second site block?