Stuff I'm Up To

Technical Ramblings

iptables – Part 1 — April 7, 2020

iptables – Part 1

My understanding of iptables is rudimentary and I thought it’s time to improve on it. I have an understanding of firewalls, nat and packet filtering, but putting this into iptables always seems hard work.

There are lots of online resources, but nothing seems to be comprehensive enough to cover everything I wanted and writing these posts also acts as a means of driving the material into my own brain. So I thought I’d document it myself in the way that I would typically use it.

Continue reading
Sophos UTM Up2date CLI — April 4, 2017

Sophos UTM Up2date CLI

After buying some replacement UTM430’s to replace the UTM525’s the new 430’s came in with some ancient firmware. As I’ve not got them plugged into the network right now I want to get them up to the same firmware as the current 525’s.

In our case the shipped firmware was 9.311 and the current 525’s was 9.411. There’s quite a few updates between those releases!

Continue reading

OpenVPN — September 19, 2016


Some months ago we bought a Barracuda firewall/VPN box to allow IT staff to connect and manage other IT devices securely. The idea was that the Barracuda would not only authenticate them against Active Directory and support two-factor authentication, but also carry out some Network Access Control and only allow devices that meets specific criteria connect to the network. Eg. Must be a domain member with a current Anti-virus and active firewall.

Well it turns out that the Barracuda couldn’t meet these needs. If you wanted to connect to the Barracuda using it’s web interface for portal type access it was fine. It used an agent based NAC and would allow two-factor auth using Google, but sadly not RADIUS.

However, if you wanted to use the network connection feature that is provided by using OpenVPN then you were going to be sadly disappointed.

Continue reading

Backing Up Juniper Configs — March 1, 2016
Linux Firewall — January 4, 2016