It's Never the Firewall: Diagnosing Linux Firewall Issues

Welcome back to the 2nd meeting after the awesome first one of last month that went off so well that we ended up moving to a bigger room :)

We have two technically savvy presentations planned.

Sam Stelfox will speak on diagnosing Linux Firewall Issues

----------------------------------------------------------------------------------------------------------
It's Never the Firewall: Diagnosing Linux Firewall Issues

Between network namespaces, packet routing, and forwarding there is one building block in Linux that ties them all together, and if frequently modified under your nose, the firewall. In this talk I'll demonstrate how common network services (such as docker, and libvirt) will modify various firewall primitives silently and in ways you might not expect.

You'll get a run through of how iptables works, tools that can be used to identify what is happening and if the firewall is to blame. I'll show you how higher level tools, such as firewalld, make use of, modify, and manipulate the underlying iptables framework. I'll cover best practices for firewall configuration, and common short cuts for the less paranoid among us.

If there is time, I'll also give a brief introduction to the next generation of Linux firewall primitives "nftables" and why you may want to consider switching to it.

======================================================================

Bradley Allen will speak on How to embed version information into Git files while pushing to GitHub or GitLab.

----------------------------------------------------------------------------------------------------------
Objective: I wanted to know what version a piece of code was on any system running it. The system may or may not be connected to any network. The system may or may not have Git installed. The system may or may not have access to GitHub repository or GitLab project. I wanted the same solution for several types of code. I wanted any person without knowledge of Git or GitHub or GitLab to be able to answer one question over the phone; What version are you running?

I will demonstrative a set of tools that allow you to meet this object. It is what I call a wrapper around a few Git commands. If you have a GitHub repository and git installed on your laptop you can clone these tools and follow along. git clone https://github.com/BradleyA/markit

The first tool will git commit and git push to an existing GitHub or GitLab repository. In this process it will use the tag information with other metadata and enbed it into file(s). It supports these file extensions: UNIX shell(sh) perl(pl|PL) python(py) ruby(rb) PowerShell(ps1) PHP(php|php3|php4|ph3|ph4) R(R) YAML(yml|yaml) makefile(mk|MK) text (txt) c(c) C header(h|H|hpp) C++ header(hxx|Hxx|HXX) C++(cc|cpp|c++|cxx) Go(go) Java(java|class|jar) JavaScript(js) Kotlin(kt|kts) Pascal (p|pp|paa) Rust(rs|rlib) Scala(scala|sc) XML(xml) HTML (html|htm)

The second tool checks the current local version to the GitHub repository or GitLab project version.

The third tool searches systems for local Git repositories