Author Archives: Lasse Karstensen

PROXY protocol in Varnish

Posted on 2015-01-19 by Lasse Karstensen

Dag has been working implementing support for HAProxy’s PROXY protocol[1] in Varnish. This is a protocol adds a small header on each incoming TCP connection that describes who the real client is, added by (for example) an SSL terminating process. … Continue reading →

Posted in varnish | Tagged english, haproxy, proxy, ssl, varnish, work | Leave a comment

Announcing libvmod-tcp: Adjust Varnish congestion control algorithm.

Posted on 2014-10-03 by Lasse Karstensen

I’ve uploaded my new TCP VMOD for Varnish 4 to github, you can find it here: http://github.com/lkarsten/libvmod-tcp. This VMOD allows you to get the estimated client socket round trip time, and then let you change the TCP connection’s congestion control … Continue reading →

Posted in varnish | Tagged tcp, varnish, varnish4, vmod | Leave a comment

Disable Spotify song change notification in Debian Linux

Posted on 2014-06-27 by Lasse Karstensen

Recently Spotify started sending notifications to the desktop on song change. This is unnecessarily annoying and breaks my flow, so it had to go. (and since I usually just listen to the same playlists anyway, I’m very well aware what … Continue reading →

Posted in Uncategorized | Tagged debian, english, linux, stuff | 5 Comments

What happened to ban.url in Varnish 4.0?

Posted on 2014-06-03 by Lasse Karstensen

tl;dr; when using Varnish 4 and bans via varnishadm, instead of “ban.url EXPRESSION”, use “ban req.url ~ EXPRESSION”. In Varnish 3.0 we had the ban.url command in the varnishadm CLI. This was a shortcut function expanding to the a bit cryptic (but powerful) … Continue reading →

Posted in stuff | Tagged english, varnish, work | 1 Comment

Converting a Varnish 3.0 VMOD to 4.0

Posted on 2013-12-19 by Lasse Karstensen

So we’re getting closer to releasing the first proper 4.0 version of Varnish Cache. One of the things we need to fix is to get all the vmod writers to make sure their vmod works with the new version. Here … Continue reading →

Posted in Uncategorized | Tagged varnish, varnish4, vmod | 2 Comments

DNS RBL test address for development

Posted on 2013-12-11 by Lasse Karstensen

If you are writing code that checks a DNS real-time blockhole list (RBL), it looks like 127.0.0.2 is the standard address that is always in the black/white -list. This is probably know for most sysadmins/security people and whatnot, but wasn’t … Continue reading →

Posted in stuff | Tagged dns, dnsrbl, linux, sorbs, varnish | Leave a comment

Varnish and Ghost blogging software

Posted on 2013-09-25 by Lasse Karstensen

So there is a new shiny blogging platform out called Ghost. Looks pretty good to me. If you want to run it behind Varnish, you’ll soon notice it has the usual problem of setting session cookies everywhere leading to 0% … Continue reading →

Posted in stuff | Tagged ghost, varnish, vcl | 1 Comment

GSM A5/1 rainbow tables in Oslo, Norway

Posted on 2013-08-08 by Lasse Karstensen

The A5/1 encryption algorithm used in (traditional) GSM networks were proven to be breakable by brute force back in 2009/2010. This means that GSM calls can be intercepted, decoded and listened to by anyone. (SMS also, but that is a … Continue reading →

Posted in stuff | Tagged brute force, encryption algorithm, gsm, gsm networks, hack, rainbowtables, usrp | 66 Comments

Setting client.ip in Varnish VCL with libvmod-ipcast

Posted on 2013-07-22 by Lasse Karstensen

I’ve written a new Varnish 3.0 VMOD called ipcast. It has a single function; ipcast.clientip(ipstring) which sets the internal Varnish variable client.ip to whatever IPv4/IPv6 address you give as the argument. You need this if you want to do ACL checks … Continue reading →

Posted in stuff | Tagged ssl, varnish, vcl, vmod, work | Leave a comment