pf

Protect the ESXi virtual machines with OpenBSD

    

I own a server at Online.net which now runs VMware ESXi free edition. The thing is VMs have to access the Wild Wild Web and provide public services while still being protected. So let’s configure OpenBSD to do so.

Continue reading...


Automated OpenBSD deployment on vmd(8)

    

Now that I have an OpenBSD server hosted in the Wild and capable of doing virtualization , I’ll migrate all my VM hosted on Synology Virtual Machine Manager. But even if the OpenBSD installer is straight forward, deploying tens of VM takes some time. So I set up an automated environment that provides fast and (nearly) finger-less deployment.

Continue reading...


Monitoring pf(4) using snmpd(8), Telegraf and Grafana

    

I regularly check my pf(4) activity using pfctl(8) and pflogd(8). I already monitored pf using collectd(1) and rrdtool. This time, I wanted to use my already configured InfluxDB/Grafana system. The thing is, Telegraf is not (yet) available in OpenBSD 6.3. So I used a Telegraf container to remotely poll OpenBSD using the native SNMP OPENBSD-PF-MIB.

Continue reading...