init

technology/applications/network/Mullvad VPN.md

@@ -0,0 +1,8 @@
+---
+obj: application
+android-id: net.mullvad.mullvadvpn
+website: https://mullvad.net/de
+repo: https://github.com/mullvad/mullvadvpn-app
+---
+# Mullvad VPN
+Mullvad VPN is a [Wireguard](Wireguard.md) based VPN by [Mullvad](../../internet/websites/clearnet/Mullvad.md). To use it you generate a random account number and stock up your VPN time for 5$/month. One can pay with many providers including [Monero](../../tools/Monero.md). With this setup Mullvad has almost no personal information about you allowing you to use this VPN anonymously.

technology/applications/network/NetworkManager.md

@@ -0,0 +1,87 @@
+---
+obj: application
+os: linux
+---
+# NetworkManager
+[NetworkManager](https://networkmanager.dev/) is a program for providing detection and configuration for systems to automatically connect to networks. NetworkManager's functionality can be useful for both wireless and wired networks. For wireless networks, NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network. NetworkManager-aware applications can switch from online and offline mode. NetworkManager also prefers wired connections over wireless ones, has support for modem connections and certain types of VPN. NetworkManager was originally developed by Red Hat and now is hosted by the GNOME project.
+
+After installation, you should start/enable  `NetworkManager.service`. Once the NetworkManager daemon is started, it will automatically connect to any available "system connections" that have already been configured. Any "user connections" or unconfigured connections will need _nmcli_ or an applet to configure and connect.
+
+## Usage
+NetworkManager comes with nmcli and nmtui.
+
+### nmcli examples
+List nearby Wi-Fi networks:
+`nmcli device wifi list`
+
+Connect to a Wi-Fi network:
+`nmcli device wifi connect SSIDorBSSID password password`
+
+Connect to a hidden Wi-Fi network:
+`nmcli device wifi connect SSID_or_BSSID password password hidden yes`
+
+Connect to a Wi-Fi on the `wlan1` interface:
+`nmcli device wifi connect SSID_or_BSSID password password ifname wlan1 profile_name`
+
+Disconnect an interface:
+`nmcli device disconnect ifname eth0`
+
+Get a list of connections with their names, UUIDs, types and backing devices:
+`nmcli connection show`
+
+Activate a connection (i.e. connect to a network with an existing profile):
+`nmcli connection up name_or_uuid`
+
+Delete a connection:
+`nmcli connection delete name_or_uuid`
+
+See a list of network devices and their state:
+`nmcli device`
+
+Turn off Wi-Fi:
+`nmcli radio wifi off`
+
+### Edit a connection
+For a comprehensive list of settings, see [nm-settings(5)](https://man.archlinux.org/man/nm-settings.5).
+
+Firstly you need to get list of connections:
+`nmcli connection`
+```
+NAME                UUID                                  TYPE      DEVICE
+Wired connection 2  e7054040-a421-3bef-965d-bb7d60b7cecf  ethernet  enp5s0
+Wired connection 1  997f2782-f0fc-301d-bfba-15421a2735d8  ethernet  enp0s25
+MY-HOME-WIFI-5G     92a0f7b3-2eba-49ab-a899-24d83978f308  wifi
+```
+
+Here you can use the first column as connection-id used later. In this example we pick `Wired connection 2` as a connection-id.
+
+You have three methods to configure a connection `Wired connection 2` after it has been created:
+
+nmcli interactive editor
+`nmcli connection edit 'Wired connection 2'`.  
+Usage is well documented from the editor.
+
+nmcli command line interface
+`nmcli connection modify 'Wired connection 2' setting.property value`. See [nmcli(1)](https://man.archlinux.org/man/nmcli.1) for usage. For example you can change its IPv4 route metric to 200 using `nmcli connection modify 'Wired connection 2' ipv4.route-metric 200` command.
+
+To remove a setting pass an empty field ("") to it like this:
+`nmcli connection modify 'Wired connection 2' setting.property ""`
+
+Connection file
+In `/etc/NetworkManager/system-connections/`, modify the corresponding `Wired connection 2.nmconnection` file .  
+Do not forget to reload the configuration file with `nmcli connection reload`.
+
+## Configuration
+NetworkManager will require some additional steps to be able run properly. Make sure you have configured `/etc/hosts`.
+
+NetworkManager has a global configuration file at `/etc/NetworkManager/NetworkManager.conf`. Additional configuration files can be placed in `/etc/NetworkManager/conf.d/`. Usually no configuration needs to be done to the global defaults.
+
+After editing a configuration file, the changes can be applied by running:
+`nmcli general reload`
+
+### DNS
+> **Note:** If `/etc/resolv.conf` is a symlink to `/run/systemd/resolve/stub-resolv.conf`, `/run/systemd/resolve/resolv.conf`,`/lib/systemd/resolv.conf` or `/usr/lib/systemd/resolv.conf`, NetworkManager will choose [systemd](../../linux/Systemd.md)-resolved automatically. To use dnsmasq, you must first remove that symlink, then restart NetworkManager.
+
+### VPN
+[WireGuard](Wireguard.md) is natively supported. To import a [WireGuard](Wireguard.md) Config File as a connection:
+`nmcli connection import type wireguard file <conf_file>`

technology/applications/network/Privoxy.md

@@ -0,0 +1,29 @@
+---
+obj: application
+os: linux
+website: https://www.privoxy.org
+arch-wiki: https://wiki.archlinux.org/title/Privoxy
+---
+# Privoxy
+Privoxy is a filtering proxy for the [HTTP](../../internet/HTTP.md) protocol, frequently used in combination with [Tor](../../tools/Tor.md). Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups, etc. It supports both stand-alone systems and multi-user networks.
+
+## Configuration
+Edit `/etc/privoxy/config`:
+```
+listen-address [SERVER-IP]:[PORT]
+```
+
+To forward [i2p](../../tools/I2P.md) sites:
+```
+forward .i2p localhost:4444
+```
+
+To forward onion sites:
+```
+forward-socks4a .onion localhost:9050 .
+```
+
+To forward all traffic through [Tor](../../tools/Tor.md):
+```
+forward-socks5 / localhost:9050 .
+```

technology/applications/network/Syncthing.md

@@ -0,0 +1,31 @@
+---
+obj: application
+os: web
+website: https://syncthing.net/
+arch-wiki: https://wiki.archlinux.org/title/Syncthing
+android-id: com.nutomic.syncthingandroid
+---
+# Synthing
+Syncthing is an open-source file synchronization client/server application written in Go, which implements its own - equally free - Block Exchange Protocol. All transit communications between syncthing nodes are encrypted using TLS and all nodes are uniquely identified with cryptographic certificates.
+#refactor 
+
+## Docker Compose
+```yaml
+version: "3"
+services:
+  syncthing_app:
+    image: ghcr.io/linuxserver/syncthing
+    environment:
+      - PUID=1001
+      - PGID=1001
+      - TZ=Europe/Berlin
+    volumes:
+      - ./config:/config
+      - ./sync:/sync
+    ports:
+      - 8384:8384
+      - 22000:22000/tcp
+      - 22000:22000/udp
+      - 21027:21027/udp
+    restart: unless-stopped
+```

technology/applications/network/Wireguard.md

@@ -0,0 +1,94 @@
+---
+website: https://www.wireguard.com/
+obj: application
+android-id: com.wireguard.android
+---
+
+# Wireguard
+[WireGuard](https://www.wireguard.com/) is an extremely simple yet fast and modern VPN that utilizes state-of-the-art [cryptography](../../Cryptography/Cryptography.md). It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the [Linux](../../linux/Linux.md) kernel, it is now cross-platform ([Windows](../../windows/Windows.md), [macOS](../../macos/macOS.md), BSD, iOS, [Android](../../systems/Android.md)) and widely deployable.
+
+## Configuration
+### Generate Key Pair
+Before configuring WireGuard, you need to generate a key pair for the server and each client.
+```shell
+# Generate private and public key for the server
+wg genkey | tee privatekey | wg pubkey > publickey
+
+# Repeat the process for each client
+wg genkey | tee privatekey-client1 | wg pubkey > publickey-client1
+```
+
+### Server Configuration
+Create a configuration file for the WireGuard server, typically named `wg0.conf`.
+
+```ini
+[Interface]
+Address = 10.0.0.1/24
+ListenPort = 51820
+PrivateKey = <server_private_key>
+
+[Peer]
+PublicKey = <client1_public_key>
+AllowedIPs = 10.0.0.2/32
+```
+
+### Client Configuration
+Create a configuration file for each client, replacing `<server_public_key>` and `<client_private_key>` with the appropriate keys.
+
+```ini
+[Interface]
+Address = 10.0.0.1/24
+ListenPort = 51820
+PrivateKey = <server_private_key>
+
+[Peer]
+PublicKey = <client1_public_key>
+AllowedIPs = 10.0.0.2/32
+```
+
+## Start WireGuard
+### [Linux](../../linux/Linux.md)
+```
+sudo wg-quick up wg0
+```
+
+### [macOS](../../macos/macOS.md) and [Windows](../../windows/Windows.md)
+Use the provided GUI application or run the following command in the terminal.
+```
+sudo wg-quick up wg0
+```
+
+## Docker Compose
+There is a simple [docker](../../tools/Docker.md) container with a fancy web GUI.
+```yaml
+version: "3.8"
+services:
+  wg-easy:
+    environment:
+      - WG_HOST=yourdomain.com
+      - PASSWORD=password
+      - WG_PORT=51820
+      - WG_DEFAULT_ADDRESS=10.8.0.x
+      - WG_DEFAULT_DNS=1.1.1.1
+      - WG_MTU=1420
+      - WG_ALLOWED_IPS=192.168.178.0/24
+      - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
+      - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
+      - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
+      - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
+    image: weejewel/wg-easy
+    volumes:
+      - ./config:/etc/wireguard
+    ports:
+    # WireGuard Port
+      - "51820:51820/udp"
+    # Web UI
+      - "51821:51821/tcp"
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+```

technology/applications/network/Wireshark.md

@@ -0,0 +1,7 @@
+---
+obj: application
+Website: https://www.wireshark.org
+---
+
+# Wireshark
+#wip #🐇 #notnow 

technology/applications/network/iperf.md

@@ -0,0 +1,37 @@
+---
+obj: application
+---
+# iperf
+iPerf is an open-source tool that is used for testing the performance of a network. It is widely used by network administrators, network engineers, and other IT professionals to measure the bandwidth and speed of a network.
+
+## Usage
+Once iPerf is installed, you can use it to test the performance of your network. The basic usage of iPerf involves running a server on one machine and a client on another machine. The client sends data to the server, and iPerf measures the bandwidth and speed of the network.
+
+To run an iPerf server, use the following command:
+```shell
+iperf -s
+```
+
+This will start an iPerf server on the default port 5001.
+
+To run an iPerf client, use the following command:
+```shell
+iperf -c <server_ip_address>
+```
+
+Replace `<server_ip_address>` with the IP address of the machine running the iPerf server. This will start an iPerf client that sends data to the server and measures the bandwidth and speed of the network.
+
+By default, iPerf uses TCP as the transport protocol. If you want to use UDP instead, you can add the `-u` option to the iPerf command:
+```shell
+iperf -u -c <server_ip_address>
+```
+
+This will start an iPerf client that sends data using UDP.
+
+## Advanced options
+iPerf provides many advanced options that you can use to customize your network performance testing. Some of the common options are:
+-   `-t`: Specifies the duration of the test (in seconds). By default, iPerf runs for 10 seconds.
+-   `-i`: Specifies the interval between periodic bandwidth reports. By default, iPerf reports the bandwidth every second.
+-   `-p`: Specifies the port number to use for the iPerf server. By default, iPerf uses port 5001.
+-   `-w`: Specifies the TCP window size. This option is only applicable when using TCP as the transport protocol.
+-   `-b`: Specifies the bandwidth to use for the test. This option is only applicable when using UDP as the transport protocol.

technology/applications/network/rclone.md

@@ -0,0 +1,150 @@
+---
+obj: application
+website: https://rclone.org
+repo: https://github.com/rclone/rclone
+---
+
+# rclone
+Rclone is a command-line program to manage files on cloud storage. It is a feature-rich alternative to cloud vendors' web storage interfaces. Over 70 cloud storage products support rclone including S3 object stores, business & consumer file storage services, as well as standard transfer protocols. Virtual backends wrap local and cloud file systems to apply encryption, compression, chunking, hashing and joining.
+
+## Usage
+### `rclone config`
+Enter an interactive configuration session.
+
+### `rclone cat`
+Concatenates any files and sends them to stdout.
+```shell
+rclone cat remote:path/to/file
+```
+
+#### Options
+| Option         | Description                                     |
+| -------------- | ----------------------------------------------- |
+| `--count int`  | Only print N characters (default -1)            |
+| `--head int`   | Only print the first N characters               |
+| `--offset int` | Start printing at offset N (or from end if -ve) |
+| `--tail int`   | Only print the last N characters                | 
+
+### `rclone copy`
+Copy files from source to dest, skipping identical files.
+```shell
+rclone copy source:sourcepath dest:destpath
+```
+
+#### Options
+| Option         | Description                                  |
+| -------------- | -------------------------------------------- |
+| `-u, --update` | Skip files that are newer on the destination |
+
+### `rclone delete`
+Remove the files in path.
+
+```shell
+rclone delete remote:path
+```
+
+### `rclone ls`
+List the objects in the path with size and path.
+
+```shell
+rclone ls remote:path
+```
+
+### `rclone listremotes`
+List all the remotes in the config file.
+
+```shell
+rclone listremotes
+```
+
+### `rclone mkdir`
+Make the path if it doesn't already exist.
+
+```shell
+rclone mkdir remote:path
+```
+
+### `rclone move`
+Move files from source to dest.
+
+```shell
+rclone move source:path dest:path
+```
+
+### `rclone sync`
+Make source and dest identical, modifying destination only.
+
+```shell
+rclone sync --interactive SOURCE remote:DESTINATION
+```
+
+### `rclone serve`
+Serve a remote over a protocol.
+
+Protocols:
+- [FTP](../../internet/FTP.md)
+- [HTTP](../../internet/HTTP.md)
+- SFTP
+- [WebDAV](../../tools/WebDAV.md)
+
+```shell
+rclone serve <protocol> <remote>
+```
+
+### `rclone mount`
+Mount the remote as file system on a mountpoint.
+
+```shell
+rclone mount remote:path/to/files /path/to/local/mount
+```
+
+## Storage Providers
+### Alias
+The `alias` remote provides a new name for another remote.
+
+### Amazon S3 Storage
+The S3 backend can be used with a number of compatible providers (including [Minio](../web/Minio.md)).
+
+## Chunker
+The `chunker` overlay transparently splits large files into smaller chunks during upload to wrapped remote and transparently assembles them back when the file is downloaded. This allows to effectively overcome size limits imposed by storage providers.
+
+## Crypt
+Rclone `crypt` remotes encrypt and decrypt other remotes.
+
+A remote of type `crypt` does not access a storage system directly, but instead wraps another remote, which in turn accesses the storage system. This is similar to how alias, union, chunker and a few others work. It makes the usage very flexible, as you can add a layer, in this case an encryption layer, on top of any other backend, even in multiple layers. Rclone's functionality can be used as with any other remote, for example you can mount a crypt remote.
+
+Accessing a storage system through a crypt remote realizes client-side encryption, which makes it safe to keep your data in a location you do not trust will not get compromised. When working against the `crypt` remote, rclone will automatically encrypt (before uploading) and decrypt (after downloading) on your local system as needed on the fly, leaving the data encrypted at rest in the wrapped remote. If you access the storage system using an application other than rclone, or access the wrapped remote directly using rclone, there will not be any encryption/decryption: Downloading existing content will just give you the encrypted (scrambled) format, and anything you upload will _not_ become encrypted.
+
+## FTP
+[FTP](../../internet/FTP.md) is the File Transfer Protocol.
+
+## HTTP
+The [HTTP](../../internet/HTTP.md) remote is a read only remote for reading files of a webserver. The webserver should provide file listings which rclone will read and turn into a remote.
+
+## Mega
+Mega is a cloud storage and file hosting service known for its security feature where all files are encrypted locally before they are uploaded. This prevents anyone (including employees of Mega) from accessing the files without knowledge of the key used for encryption.
+
+This is an rclone backend for Mega which supports the file transfer features of Mega using the same client side encryption.
+
+## Memory
+The memory backend is an in RAM backend. It does not persist its data.
+
+The memory backend behaves like a bucket-based remote (e.g. like s3). Because it has no parameters you can just use it with the `:memory:` remote name.
+
+## SMB
+SMB is a communication protocol to share files over network.
+
+## Union
+The `union` backend joins several remotes together to make a single unified view of them.
+
+During the initial setup with `rclone config` you will specify the upstream remotes as a space separated list. The upstream remotes can either be a local paths or other remotes.
+
+The attributes `:ro`, `:nc` and `:nc` can be attached to the end of the remote to tag the remote as **read only**, **no create** or **writeback**, e.g. `remote:directory/subdirectory:ro` or `remote:directory/subdirectory:nc`.
+- `:ro` means files will only be read from here and never written
+- `:nc` means new files or directories won't be created here
+- `:writeback` means files found in different remotes will be written back here.
+
+Subfolders can be used in upstream remotes. Assume a union remote named `backup` with the remotes `mydrive:private/backup`. Invoking `rclone mkdir backup:desktop` is exactly the same as invoking `rclone mkdir mydrive:private/backup/desktop`.
+
+## WebDAV
+To configure the [WebDAV](../../tools/WebDAV.md) remote you will need to have a [URL](../../internet/URL.md) for it, and a username and password

technology/applications/network/ufw.md

@@ -0,0 +1,35 @@
+---
+obj: application
+os: linux
+---
+# ufw
+Ufw stands for Uncomplicated Firewall, and is a program for managing a netfilter firewall on [Linux](../../linux/Linux.md). It provides a command line interface and aims to be uncomplicated and easy to use.
+
+## Basic configuration
+
+A very simplistic configuration which will deny all by default.
+```shell
+ufw default deny
+```
+
+The next line is only needed _once_ the first time you install the package:
+```shell
+ufw enable
+```
+
+See status:
+```shell
+ufw status
+```
+
+Enable/Disable
+```shell
+ufw enable
+ufw disable
+```
+
+Allow/Deny ports
+```shell
+ufw allow <app|port>
+ufw deny <app|port>
+```