Forwarding Ports 80 and 443 on OPNsense Correctly

If you’re like me and run your own home server, you might find yourself needing to forward TCP ports 80 and 443 on your router. I recently changed my firewall from OpenWrt to OPNsense and obviously needed to forward ports 80 and 443 to my home server, a M1 Mac Mini running Fedora Asahi Remix. By default, OPNsense tries to listen it’s web UI on all ports, well sort of. Many suggestions online say you should change the port the web UI listens on. [Read More]

Twitter and Reddit: All Social Media Sites Will Die (And Get Replaced)

If you haven’t been under a rock, we’ve all heard about Reddit’s API changes resulting in blackouts. We’ve also heard Elon Musk taking over Twitter and in the usual private equity fashion, wreck it. If you’ve been on the internet for a while, we’ve all seen social media platforms die: MySpace, Digg, Tumblr, Google+ had a shelf life of a couple of years, and then all either died, or didn’t but faded from mainstream consciousness. [Read More]

Edward Snowden Leaks: 10 Years Later

It’s interesting how fast time flies. I remember the 16-year-old me thinking “a government backdoor is hacker’s backdoor” when reading criticism of OpenBSD, and the next day Edward Snowden’s first NSA leaks hit the media, that with my mom subsequently defending the surveillance programs. Since then, we’ve all seen things change. Many of NSA’s programs were ruled unconstitutional, we took a big leap on privacy and security in some places (e. [Read More]

The Decline of Net Neutrality Activism

For many years, telecom and Net Neutrality-related policies have been a hot-button political issue for me, to the extent that I, an ordinary software engineer at Microsoft have been blocked on Twitter by former FCC chairman Ajit Pai because I tweeted support for Net Neutrality publicly. I also noticed that Net Neutrality is less of a hot-button topic than it was, presumably because of a deadlocked FCC that couldn’t pass anything. [Read More]

Bypassing Gmail's spam filters with ChatGPT

If you haven’t been living under a rock, you probably already know what ChatGPT is. I am an operator of high bandwidth Tor exit relays, and with that, I get a lot of abuse complaints. Combined with the fact that I have ai lease on a “/24” of IPv4 space, basically a block of 256 IP addresses, I have the IP space’s contact to my LLC’s email address. What does this have to do with ChatGPT, you may ask? [Read More]

How to clone your Calix GPON ONT (Optical Network Terminal)

WARNING: This guide is for instructional purposes only. I am not responsible for any damages caused by this guide. This guide may violate your ISP’s terms of service and is possibly illegal. Proceed at your own risk. When I got CenturyLink Fiber at my current residence, I initially had an issue which looked like “latency spikes and packet loss”. Little did I know that the ONT (Optical Netowrk Terminal) given, a Calix 716GE-I R2 has a hard cap of 16384 TCP sessions, not unlike AT&T Fiber’s forced routers. [Read More]

Setting up Login for Windows Server/Samba Active Directory on FreeBSD

Disclaimer: I work at Microsoft, but not on Windows Server or Active Directory. Recently, in my homelab, I decided to enable a single sign-on using Active Directory on my two servers. Despite my employment, my homelab is very FreeBSD-centric, due to me having used it for 9+ years versus 2+ at my current job. While I could use OpenLDAP which is technically more Unix-centered than Windows-centered, I hate OpenLDAP. I find it easier to use Active Directory, whether Windows or Samba, as I am currently using a Samba 4. [Read More]

Optimizing FreeBSD Power Consumption on Modern Intel Laptops

My current FreeBSD laptop is a 2020 14" HP Spectre x360, which uses Intel’s 11th Gen CPU and “Evo” platform, although I previously also had the 13" 2020 version with a similar setup (but lacked working audio on non-Windows). This article isn’t specific to HP: your shiny-new Lenovo ThinkPad, Dell XPS, or Framework Laptop can also apply. One thing with FreeBSD is that unlike Windows or desktop Linux, the default configuration is poorly optimized for laptops that are newer than your ancient ThinkPad T420, or maybe a T460s. [Read More]

FreeBSD (or pfSense/OPNsense) on the HP t740 Thin Client

While expensive and hard to find on eBay (thanks, ServeTheHome), the HP t740 “Thin Client” is a great pfSense box if you want more power, or a compact home server. While I could get away with a t730 or t620 Plus, but I have CenturyLink Fiber and PPPoE is more computationally intensive versus pure DHCP. That running a Tor relay, so I’d like some headroom and upgrade path to 10 Gigabits. [Read More]

Tuning Power Consumption on FreeBSD Laptops and Intel Speed Shift (6th Gen and Later)

When running FreeBSD on laptops with a 6th Gen (Skylake) or later Intel CPU, for me these are HP Spectre x360s (sorry, I’m not a ThinkPad fan), one annoyance with the out of the box FreeBSD configuration is the fact that the fan is running most of the time. In comparison, a HP Envy with an AMD Ryzen does not have this issue with an out-of-the-box FreeBSD. One thing that Intel has done with these modern CPUs is include a technology called Speed Shift. [Read More]