Categories
杂七杂八 笔记

Sonatype Nexus 3 as Unity Package Mirror

By @sskaje
Link: https://sskaje.me/2019/08/sonatype-nexus-3-as-unity-package-mirror/


Unity Package Manager 使用了 npm 的协议,配置起来比较简单。安装好nexus 3之后,直接创建一个 npm 的 proxy,Remote Storage 设置成 https://packages.unity.com 就行。国内服务器有条件设置一个代理也好,毕竟unity 的服务器被墙的概率挺高的。

然而,有几个坑。

1 Unity Package Manager 启动的时候会发无数个 HEAD 请求,而 nexus 3 并不支持HEAD,直接返回了404,于是 UPM 里一片红色的报警,但是不影响安装。

2 UPM 不支持加密认证,所以要想使用本地的镜像仓库,或者用 nexus 来管理自己的包,只能开启匿名访问。而公司场景的 nexus,最好从比 http 更底层的方式控制访问,例如各层加 来源 IP 控制。官方说 2020.1 才会加认证的支持 https://forum.unity.com/threads/setup-for-scoped-registries-private-registries.573934/ 。

3 墙的问题太严重。



Sonatype Nexus 3 as Unity Package Mirror by @sskaje: https://sskaje.me/2019/08/sonatype-nexus-3-as-unity-package-mirror/
Categories
Network OS X 笔记

MacOS VPN Auto Add Routes

By @sskaje
Link: https://sskaje.me/2019/04/macos-vpn-auto-add-routes/


I tested on macOS 10.14, L2TP VPN.

I connect to my office VPN to work remotely, but I don’t want to send all traffic to VPN interface. Usually, I open a Terminal.app and execute commands after VPN connected:

192.168.2.0/24 is address block used in my office, 192.168.100.1 is VPN gateway address.

It’s really inconvenient. But I have a new solution: networksetup.

Usage: networksetup -setadditionalroutes <networkservice> [ <dest> <mask> <gateway> ]*
        Set additional IPv4 routes associated with <networkservice>
        by specifying one or more [ <dest> <mask> <gateway> ] tuples.
        Remove additional routes by specifying no arguments.
        If <gateway> is “”, the route is direct to the interface

First, find your service name.

Find your VPN connection name, in my case ‘My Office’.

If you have multiple route entries to add,

L2TP is a Point-to-Point VPN, the gateway address is not that important, that’s why I use “” instead of 192.168.100.1.



MacOS VPN Auto Add Routes by @sskaje: https://sskaje.me/2019/04/macos-vpn-auto-add-routes/
Categories
Network UBNT 笔记 路由、设备

Hijack DnsPod HttpDNS

By @sskaje
Link: https://sskaje.me/2019/04/hijack-dnspod-httpdns/


劫持DNS是个很简单的工作,家用路由器基本都自带dnsmasq,直接加解析就行。

之前某次尝试劫持某视频App的广告接口解析到一个空的本地服务器上,发现该App使用了DnsPod的HttpDNS服务,所以传统的DNS劫持方案不好用。而EdgeRouter的DPI功能也没有对外开放墙一般的高级接口,所以这次用NAT来实现。



Hijack DnsPod HttpDNS by @sskaje: https://sskaje.me/2019/04/hijack-dnspod-httpdns/

Incoming search terms:

Categories
Network VPN 笔记 路由、设备

Asus Merlin Policy Based Routing

By @sskaje
Link: https://sskaje.me/2019/02/asus-merlin-policy-based-routing/


之前写过一个版本,基于380.x的,一开始好用,最近过来发现不好使了。索性把家里路由升级到384.9,重新配置。

拓扑结构基本不变,增加了需求让两边家里能互通,所以把NAT关了。

这回直接简化,搞了个github的repo,https://github.com/sskaje/merlin-pbr,把jffs的配置脚本放进去了,依旧是 dnsmasq + ipset,但是openvpn-event脚本 也可以手工维护路由列表,自动走openvpn的网卡。



Asus Merlin Policy Based Routing by @sskaje: https://sskaje.me/2019/02/asus-merlin-policy-based-routing/
Categories
IPv6 Network

北京联通IPv6 DNS

By @sskaje
Link: https://sskaje.me/2018/12/beijing-china-unicom-ipv6-dns/


之前google搜的时候,看到有人说一个 好像是 dnslab.net 的,千万别用!!!



北京联通IPv6 DNS by @sskaje: https://sskaje.me/2018/12/beijing-china-unicom-ipv6-dns/

Incoming search terms: