Marcus EfraimssonLet's Get Personalhttps://marcus-e.se/2023-09-27T18:03:17+02:00Marcus Efraimssonhttps://marcus-e.se/about/KoreBuild and Travis CI Gotchashttps://marcus-e.se/2016/07/27/korebuild-and-travis-ci-gotchas2016-07-27T00:00:00+02:00<p>In this post I will show you how I got KoreBuild to work on <a href="https://travis-ci.org/">Travis CI</a> for building and testing your .NET Core projects in a Linux and Mac environment.</p>
<p>In this post I will show you how I got KoreBuild to work on <a href="https://travis-ci.org/">Travis CI</a> for building and testing your .NET Core projects in a Linux and Mac environment.</p>
<!-- more -->
<p>Initially I wanted to setup CI for one of my .NET Core projects. I didn’t have a clue of how to achieve that so I went for my friend Google and found two awesome posts, <a href="http://andrewlock.net/publishing-your-first-nuget-package-with-appveyor-and-myget/">Publishing your first .NET Core NuGet package with AppVeyor and MyGet</a> and <a href="http://andrewlock.net/adding-travis-ci-to-a-net-core-app/">Adding Travis CI builds to a .NET Core app</a>. I highly recommend you to read these for details and tips on how to setup your .NET Core project for cross-platform CI and publish of NuGet packages using AppVeyor, MyGet, NuGet and Travis CI.</p>
<p>In the <a href="http://andrewlock.net/adding-travis-ci-to-a-net-core-app/">Adding Travis CI builds to a .NET Core app</a> post the writer mentions <a href="https://github.com/aspnet/KoreBuild">KoreBuild</a> as an alternative to implementing your own .NET Core build scripts and I found that a very interesting alternative.</p>
<p><a href="https://github.com/aspnet/KoreBuild">KoreBuild</a> is a project which is part of ASP.NET Core and provides build scripts for at least projects in the <a href="https://github.com/aspnet/">aspnet org</a>, but doesn’t stop anyone else from using it. I’m guessing that this eventually will be the offical tool of building and testing cross-plattform .NET Core projects, but I may be wrong.</p>
<p>I started with downloading the build files from the <a href="https://github.com/aspnet/KoreBuild/tree/master/template">KoreBuild master branch</a>. Then I created a <em>.travis.yml</em> file with the following content:</p>
<div class="language-yml highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="na">language</span><span class="pi">:</span> <span class="s">csharp</span>
<span class="na">sudo</span><span class="pi">:</span> <span class="s">required</span>
<span class="na">dist</span><span class="pi">:</span> <span class="s">trusty</span>
<span class="na">addons</span><span class="pi">:</span>
<span class="na">apt</span><span class="pi">:</span>
<span class="na">packages</span><span class="pi">:</span>
<span class="pi">-</span> <span class="s">gettext</span>
<span class="pi">-</span> <span class="s">libcurl4-openssl-dev</span>
<span class="pi">-</span> <span class="s">libicu-dev</span>
<span class="pi">-</span> <span class="s">libssl-dev</span>
<span class="pi">-</span> <span class="s">libunwind8</span>
<span class="pi">-</span> <span class="s">zlib1g</span>
<span class="na">mono</span><span class="pi">:</span>
<span class="pi">-</span> <span class="s">4.0.5</span>
<span class="na">os</span><span class="pi">:</span>
<span class="pi">-</span> <span class="s">linux</span>
<span class="pi">-</span> <span class="s">osx</span>
<span class="na">osx_image</span><span class="pi">:</span> <span class="s">xcode7.1</span>
<span class="na">branches</span><span class="pi">:</span>
<span class="na">only</span><span class="pi">:</span>
<span class="pi">-</span> <span class="s">master</span>
<span class="na">before_install</span><span class="pi">:</span>
<span class="pi">-</span> <span class="s">if test "$TRAVIS_OS_NAME" == "osx"; then brew update; brew install openssl; brew link --force openssl; fi</span>
<span class="na">script</span><span class="pi">:</span>
<span class="pi">-</span> <span class="s">./build.sh verify</span>
</code></pre></div></div>
<p>I got the content of the <em>.travis.yml</em> by looking at one of the <a href="https://github.com/aspnet/">aspnet org</a> projects and modified it to suit my needs.</p>
<p>After configuration of Travis CI I pushed the build scripts and <em>.travis.yml</em> to GitHub. Unfortunately both the Linux and Mac builds failed with the following message:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># Travis CI log:
...
The command "./build.sh verify" exited with 126.
# Travis CI Raw log:
...
/home/travis/build.sh: line 45: ./build.sh: Permission denied (Linux)
/Users/travis/build.sh: line 45: ./build.sh: Permission denied (Mac)
</code></pre></div></div>
<h2 id="gotcha---you-need-to-make-custom-scripts-executable">Gotcha - You need to make custom scripts executable</h2>
<p>Again, my friend Google helped me, but it wasn’t that easy to find. Took me quite some time. The solution is that you need to make your custom script executable for Travis CI to work properly. When I found that I also found the following in Travis CI documentation:</p>
<blockquote>
<p>When using custom scripts they should be executable (for example, using chmod +x) and contain a valid shebang line such as /usr/bin/env sh, /usr/bin/env ruby, or /usr/bin/env python.</p>
</blockquote>
<p>You can either make a file executable using Git which will result in that the file always will be executable when cloning your Git repository.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ git update-index --chmod=+x build.sh
</code></pre></div></div>
<p>Or you can add the following to your <em>.travis.yml</em> which will result in that the file only will be executable for Travis CI, if not modified locally.</p>
<div class="language-yaml highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="na">before_install</span><span class="pi">:</span>
<span class="pi">-</span> <span class="s">chmod +x build.sh</span>
</code></pre></div></div>
<p>Since it’s possible that you or someone else will clone your .NET Core project on a Linux or Mac environment I recommend to use the Git approach which will allow them to use the <em>build.sh</em> directly without any chmod changes.</p>
DIY pfSense Firewall/Router Part 3: Wireless Access Pointhttps://marcus-e.se/2016/07/21/diy-pfsense-firewallrouter-part-3-wireless-access-point2016-07-21T15:00:00+02:00<p>In the <a href="/2016/07/21/diy-pfsense-firewall-router-part-2-installation/">second part</a> we installed pfSense and did some general setup. In this part I’ll show you how I setup my pfSense to act as a wireless access point.</p>
<p>In the <a href="/2016/07/21/diy-pfsense-firewall-router-part-2-installation/">second part</a> we installed pfSense and did some general setup. In this part I’ll show you how I setup my pfSense to act as a wireless access point.</p>
<!-- more -->
<p>By plugging in a laptop Wireless LAN card in your pfSense you could utilize pfSense to act as a Wireless access point. Please note that FreeBSD/pfSense best supports wireless networking cards that use parts made by Atheros. I think that FreeBSD development of wireless support have been made against Atheros devices and that’s why these are best supported. You may be able to get this to work with wireless cards from other manufactures, but this post will not explain how to get that to work.</p>
<h2 id="wireless-networking-card">Wireless networking card</h2>
<p>I bought a used Atheros AR5009 AR9281 AR5B91 Half Mini PCI-e WLAN Card 802.11b/g/n 300M card on the swedish e-commerce site <a href="http://www.tradera.com">Tradera</a> for about $20. I actually had a look at the <a href="https://wiki.freebsd.org/dev/ath_hal(4)/HardwareSupport">FreeBSD Atheros Wifi hardware support page</a> and AR9281 was included on that page and seemed to be supported. I also used Google and pfSense forums to find some more indications of people using this card as Wireless access point with great success.</p>
<p>You can find cheap Atheros cards everywhere, for example a copy of my card seems to be sold on both <a href="https://www.amazon.com/Atheros-AR5009-AR9281-AR5B91-802-11b/dp/B00CW8RLR8">Amazon</a> and <a href="http://www.ebay.com/itm/Atheros-AR5B91-9281-300Mbps-802-11-n-Wireless-wifi-Half-Mini-PCI-e-Wlan-Card-/181001004015">Ebay</a>.</p>
<h2 id="installation">Installation</h2>
<p>First I put my Atheros card in the available Mini PCI-e port and then attached the existing Wifi antenna cables.</p>
<h3 id="kernel-configuration">Kernel configuration</h3>
<p>To use wireless networking in FreeBSD/pfSense the kernel needs to be configured with the appropriate wireless networking support. The kernel is separated into multiple modules so that only the required support needs to be configured.</p>
<p>You’ll need SSH access to your pfSense. Please have a look at <a href="https://doc.pfsense.org/index.php/HOWTO_enable_SSH_access">How to enable SSH access in pfSense</a>.</p>
<p>Connect thru SSH using your favorite shell. The username is root and the password same as accessing the pfSense WebGUI.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh root@<pfSense hostname>
</code></pre></div></div>
<p>You’re now at the pfSense console menu and you should enter the FreeBSD shell, for me this is number 8) Shell.</p>
<p>Enter 8 and press enter. You should now have shell access to your pfSense. Use <em>vi</em> to edit the kernel configuration.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>vi /boot/loader.conf
</code></pre></div></div>
<p>Add if_ath_load=”1” at the end of the loader.conf file. By doing this we tell the kernel to load the <a href="https://www.freebsd.org/cgi/man.cgi?query=ath&sektion=4&manpath=freebsd-release-ports">Atheros IEEE 802.11 wireless network driver</a>.</p>
<p>Exit the FreeBSD shell by writing exit and press enter. Now back at the pfSense console menu reboot the system, for me this is number 5) Reboot system.</p>
<p>Enter 5 and press enter and then follow the instructions.</p>
<p>When system has rebooted the pfSense should hopefully have identified the new wireless networking card.</p>
<h3 id="wireless-interface-configuration">Wireless interface configuration</h3>
<p>Back in the WebGUI. Navigate to the Interface Assignments page, Interfaces => (Assign). At the bottom you should now find your new wireless networking card in the <em>Available network ports</em> dropdown. It’s possibly named ath0 or similar. Select it and click on Add. This will create a new interface in the list on the Interface Assignments page and are possibly named OPT1. Click on the new interface.</p>
<p>Here you configure your new wireless interface. In screenshots below you can see how I’ve configured my wireless interface. Make sure that you enable the interface otherwise it will not work. The IPv4 address you configure according to your network setup. Which channel you should use is highly personal. I recommend that you use a Wifi analyzer tool of some kind to find the channel most suited for you.</p>
<p><a href="/public/uploads/pfsense-wireless-configuration.png"><img src="/public/uploads/pfsense-wireless-configuration.png" alt="pfSense Wireless Interface Configuration screenshot" title="pfSense Wireless Interface Configuration screenshot" /></a></p>
<p><a href="/public/uploads/pfsense-wireless-configuration-2.png"><img src="/public/uploads/pfsense-wireless-configuration-2.png" alt="pfSense Wireless Interface Configuration 2 screenshot" title="pfSense Wireless Interface Configuration 2 screenshot" /></a></p>
<p><a href="/public/uploads/pfsense-wireless-configuration-3.png"><img src="/public/uploads/pfsense-wireless-configuration-3.png" alt="pfSense Wireless Interface Configuration 3 screenshot" title="pfSense Wireless Interface Configuration 3 screenshot" /></a></p>
<h3 id="enable-dhcp-server-on-wireless-interface">Enable DHCP server on wireless interface</h3>
<p>Navigate to the DHCP Server page, Services => DHCP Server and click on your wireless interface tab. Enable DHCP server on the wireless interface according to screenshot below. The Subnet, Subnet mask and range you configure according to your network setup.</p>
<p><a href="/public/uploads/pfsense-wireless-dhcp.png"><img src="/public/uploads/pfsense-wireless-dhcp.png" alt="pfSense Wireless DHCP Server screenshot" title="pfSense Wireless DHCP Server screenshot" /></a></p>
<p>I recommend that you reboot your pfSense before you try to connect to your wireless network.</p>
<h3 id="testing-the-wireless-network">Testing the wireless network</h3>
<p>You should now find your new wireless network on a device with wifi enabled. Just connect according to your configured WPA pre-shared key.</p>
<h3 id="stuck-beacon-problem">Stuck beacon problem</h3>
<p>After setting up my wireless network I had some problems regarding the wireless network got unresponsive after some connection time. I found some messages in the pfSense System/General log:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ath0: stuck beacon; resetting (bmiss count 4)
</code></pre></div></div>
<p>After some investigation I found a setting that solve the problem for me. Please note that this may or may not work for you. You’ll have to try it yourself.</p>
<p>Navigate to System => Advanced => System Tunables. Click on the New button and add the Tunable=hw.ath.bstuck and Value=8 and click Save.</p>
<h2 id="more-wireless-interfaces-oh-my">More wireless interfaces, oh my</h2>
<p>Suppose that you want to setup a wireless guest network, well pfSense could help you with that. pfSense actually lets you create multiple wireless interfaces. Navigate to Interfaces => (assign) and click on the Wireless tab. Click on Add and select the parent interface which is your wireless interface, select the Mode <em>Access Point</em> and give it some nice description. Now going back to Interface Assignments you should find your newly created wireless interface in the Available network ports dropdown. Just add it and configure it similar to your first wireless network and you have yourself a nice wireless guest network.</p>
<p><a href="/public/uploads/pfsense-wireless-interfaces.png"><img src="/public/uploads/pfsense-wireless-interfaces.png" alt="pfSense Wireless Interfaces screenshot" title="pfSense Wireless Interfaces screenshot" /></a></p>
<h2 id="conclusion">Conclusion</h2>
<p>I’ve used this wireless setup for several months and I must say that it’s working really well and are extremely stable. Please leave a comment if something is unclear or if you have a question. This concludes the third part of my pfSense firewall/router.</p>
<h3 id="related-articles">Related articles</h3>
<ul class="related-posts">
<li><a href="/2016/07/19/diy-pfsense-firewall-router-part-1-introduction/">DIY pfSense Firewall/Router Part 1: Introduction</a></li>
<li><a href="/2016/07/21/diy-pfsense-firewall-router-part-2-installation/">DIY pfSense Firewall/Router Part 2: Installation</a></li>
</ul>
DIY pfSense Firewall/Router Part 2: Installationhttps://marcus-e.se/2016/07/21/diy-pfsense-firewall-router-part-2-installation2016-07-21T13:31:00+02:00<p>In the <a href="/2016/07/19/diy-pfsense-firewall-router-part-1-introduction/">first part</a> I introduced pfSense and the hardware I’m using for building my firewall/router. In this part I’ll show how to install pfSense and do some general setup.</p>
<p>In the <a href="/2016/07/19/diy-pfsense-firewall-router-part-1-introduction/">first part</a> I introduced pfSense and the hardware I’m using for building my firewall/router. In this part I’ll show how to install pfSense and do some general setup.</p>
<!-- more -->
<h2 id="installation">Installation</h2>
<p>The official pfSense documentation is actually really good so I recommend you to follow the <a href="https://doc.pfsense.org/index.php/Installing_pfSense">Installing pfSense</a> to get a fresh installation in place.</p>
<p>I used a USB thumb drive and made it a bootable drive with 64-bit Memstick VGA image (as of writing pfSense-CE-memstick-2.3.1-RELEASE-amd64.img). I choosed the full installation, i.e. installed pfSense on my internal 8GB SSD drive.</p>
<p>First, the installer console can be changed to use a different font, screenmap, or keymap. Most people do not need to change these, but it may help with some international keyboards.</p>
<p>I’ve actually had some needs of using an attached keyboard in the FreeBSD shell after the installation to do some tasks and it’s really a pain in the ass with a Swedish keyboard and an american/english keymap setting (default). I didn’t find an easy way to change the keymap after the installation so changing the keymap settings during installation is something that I would take into consideration.</p>
<p>Second, in the installer console I went for the Custom Install just to be sure that I was going to install it on the SSD drive and not the USB thumb drive. Going through the custom install lets you format and partition your selected disk. Besides formatting and partioning you basically choose Yes, Accept and Create. Easy as that. If you’re unsure you can have a look at step 8 to 17 in <a href="http://www.tecmint.com/how-to-install-and-configure-pfsense/">this article</a>, it should be fine even though an older version of pfSense are referenced.</p>
<h2 id="connect-and-configure-wan-and-lan">Connect and configure WAN and LAN</h2>
<p>After the installation is complete, a shell menu is presented on the console with a number of options. If the installation identified your two Ethernet ports as em0 (WAN) and em1 (LAN) you can see those above the console menu. If so DHCP should already have been setup for your WAN interface and a static IPv4 address should have been assigned to your LAN interface which means that you now should be able to connect your computer to the LAN port on the pfSense and connect to the WebGUI by browsing the assigned IPv4 address (shown above the console menu), usally this is https://192.168.1.1.</p>
<p><a href="/public/uploads/Installer_08_consolemenu.png"><img src="/public/uploads/Installer_08_consolemenu.png" alt="pfSense console shell menu screenshot" title="pfSense console shell menu screenshot" /></a></p>
<p>If you don’t see any assigned interfaces above the console menu or if you’re having problems connection to the WebGUI I recommend that you first check that you’re using the correct port. Second choose the Assign Interfaces option in the console menu and follow the guidelines. Third choose the Set interface(s) IP address option in the console menu and follow the guidelines.</p>
<h2 id="general-setup-wizard">General setup wizard</h2>
<p>Open a web browser and navigate to https://<your lan ip>, using the default username <em>admin</em> and password <em>pfsense</em> to login. The first time you access the pfSense WebGUI you’ll need to change the default admin password and so some general setup.</p>
<h3 id="1-general-information">1. General Information</h3>
<p>These settings are quite self-explanatory. The hostname and domain are primarily for locating your firewall/router by DNS on your local network(s), LANs. As you can see on the screenshot below I’m using <a href="https://developers.google.com/speed/public-dns/">Google Public DNS</a> as primary and secondary DNS servers. In general third-party DNS servers may be faster and more reliable than the DNS servers provided by your Internet Service Provider (ISP). I’ll recommend that you use something like <a href="https://code.google.com/archive/p/namebench/">namebench</a> to find the fastest DNS servers for your scenario.</p>
<p><a href="/public/uploads/pfsense-wizard-general-information.png"><img src="/public/uploads/pfsense-wizard-general-information.png" alt="pfSense setup wizard, general information screenshot" title="pfSense setup wizard, general information screenshot" /></a></p>
<h3 id="2-time-server-information">2. Time Server Information</h3>
<p>Here you provide time servers and timezone. For the time server hostname you provide a list of servers (space separated) to use for NTP (time synchronization). The use of NTP pool servers is recommended, such as 0.pfsense.pool.ntp.org 1.pfsense.pool.ntp.org and so on. Have a look at <a href="http://www.pool.ntp.org/">NTP Pool Project</a> for more information.</p>
<p><a href="/public/uploads/pfsense-wizard-time-server-info.png"><img src="/public/uploads/pfsense-wizard-time-server-info.png" alt="pfSense setup wizard, time server information screenshot" title="pfSense setup wizard, time server information screenshot" /></a></p>
<h3 id="3-configure-wan-interface">3. Configure WAN Interface</h3>
<p>For the WAN interface configuration you need to provide your configuration based on your ISP requirements. My ISP using DHCP so I’ll choose that type. Here you can spoof the MAC address of your WAN interface. That may come in handy when your switching from a router provided by your ISP to your own since it can take a while (hours) for the ISP to accept a new MAC address and assign an IP address for your WAN interface.</p>
<p>I’ll leave everything else as default except the last two checkboxes, Block RFC1918 Private Networks and Block bogon networks, which I check. It’s a good practice to check these for your WAN interface.</p>
<p><a href="/public/uploads/pfsense-wizard-configure-wan-interface.png"><img src="/public/uploads/pfsense-wizard-configure-wan-interface.png" alt="pfSense setup wizard, configure WAN interface screenshot" title="pfSense setup wizard, configure WAN interface screenshot" /></a></p>
<p><a href="/public/uploads/pfsense-wizard-configure-wan-interface-2.png"><img src="/public/uploads/pfsense-wizard-configure-wan-interface-2.png" alt="pfSense setup wizard, configure WAN interface 2 screenshot" title="pfSense setup wizard, configure WAN interface 2 screenshot" /></a></p>
<p><a href="/public/uploads/pfsense-wizard-configure-wan-interface-3.png"><img src="/public/uploads/pfsense-wizard-configure-wan-interface-3.png" alt="pfSense setup wizard, configure WAN interface 3 screenshot" title="pfSense setup wizard, configure WAN interface 3 screenshot" /></a></p>
<h3 id="4-configure-lan-interface">4. Configure LAN Interface</h3>
<p>Set the LAN IP address, this address/network will be used to access the router/firewall. Here you should select a <a href="https://en.wikipedia.org/wiki/Private_network">Private Network address space</a> and you should use one of 10.0.0.0, 172.16.0.0 or 192.168.0.0 for your LAN network(s). I choose to use addresses in the 10.0.0.0 space. The default LAN IP address are 192.168.1.1 with subnet mask 24.</p>
<p><a href="/public/uploads/pfsense-wizard-configure-lan-interface.png"><img src="/public/uploads/pfsense-wizard-configure-lan-interface.png" alt="pfSense setup wizard, configure LAN interface screenshot" title="pfSense setup wizard, configure LAN interface screenshot" /></a></p>
<h3 id="5-set-admin-webgui-password">5. Set Admin WebGUI Password</h3>
<p>Change the default password since it will be used for accessing the admin WebGUI and SSH (if enabled).</p>
<p><a href="/public/uploads/pfsense-wizard-admin-password.png"><img src="/public/uploads/pfsense-wizard-admin-password.png" alt="pfSense setup wizard, set admin WebGUI password screenshot" title="pfSense setup wizard, set admin WebGUI password screenshot" /></a></p>
<h2 id="conclusion">Conclusion</h2>
<p>This concludes the second part. In the next post I’ll show how I enabled wireless capabilities in my pfSense firewall/router.</p>
<h3 id="related-articles">Related articles</h3>
<ul class="related-posts">
<li><a href="/2016/07/19/diy-pfsense-firewall-router-part-1-introduction/">DIY pfSense Firewall/Router Part 1: Introduction</a></li>
<li><a href="/2016/07/21/diy-pfsense-firewallrouter-part-3-wireless-access-point/">DIY pfSense Firewall/Router Part 3: Wireless Access Point</a></li>
</ul>
DIY pfSense Firewall/Router Part 1: Introductionhttps://marcus-e.se/2016/07/19/diy-pfsense-firewall-router-part-1-introduction2016-07-19T18:25:00+02:00<p>When i moved to a new appartment some time ago there was already a router installed and provided by my ISP. The router was responsible for routing WAN and IPTV traffic and acted as a Wireless Access Point. However the router was completely locked down and there were no way to access it. I started to look for a replacement and quite soon I found a match made in heaven - pfSense as firewall/router on my own hardware.</p>
<p>When i moved to a new appartment some time ago there was already a router installed and provided by my ISP. The router was responsible for routing WAN and IPTV traffic and acted as a Wireless Access Point. However the router was completely locked down and there were no way to access it. I started to look for a replacement and quite soon I found a match made in heaven - pfSense as firewall/router on my own hardware.</p>
<!-- more -->
<p>In this multipart series I will show you how I built and configured my own firewall/router with Wireless capabilities and a lot more using pfSense.</p>
<h2 id="what-is-pfsense">What is pfSense?</h2>
<blockquote>
<p><a href="https://www.pfsense.org/">pfSense</a> is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint. pfSense supports installation of third-party packages like Snort or Squid through its Package Manager.
– <cite><a href="https://en.wikipedia.org/wiki/PfSense">Wikipedia</a></cite></p>
</blockquote>
<h2 id="hardware">Hardware</h2>
<p>I found an Intel Celeron 1037U Mini Desktop Computer on <a href="http://www.aliexpress.com/item/Free-Shipping-Cost-Celeron-1037U-Mini-Desktop-Computer-PC-2GB-RAM-8GB-SSD-Mini-ITX-Case/1958958173.html?spm=2114.13010608.0.56.GAH3ZF">AliExpress</a> that suited me perfectly:</p>
<ul>
<li>Small form-factor</li>
<li>Fanless system</li>
<li>Faily good processor power and speed and enough RAM</li>
<li>Support for AES-NI for hardware encryption/decryption that can come in handy when using VPN technologies sush as OpenVPN</li>
<li>Dual Intel Gigabit Ethernet NICs with support for teaming if needed</li>
<li>Wireless support/dual antenna with extension card</li>
<li>Cheap, about $184 plus $50 in custom (imported from China to Sweden)</li>
</ul>
<p><a href="/public/uploads/celeron-1037u-mini-desktop-computer-inside.jpg"><img src="/public/uploads/celeron-1037u-mini-desktop-computer-inside.jpg" alt="Intel Celeron 1037U Mini Desktop Computer inside look" title="Intel Celeron 1037U Mini Desktop Computer inside look" /></a>
<em><a href="http://g03.a.alicdn.com/kf/HTB1dErxGXXXXXcxXVXXq6xXFXXXp/202292472/HTB1dErxGXXXXXcxXVXXq6xXFXXXp.jpg">Image</a> by <a href="http://www.eglobaltech.cn/">Eglobal Technology Co Ltd</a></em></p>
<h3 id="technical-specification">Technical Specification</h3>
<table>
<tbody>
<tr>
<td colspan="2"><strong>General</strong></td>
</tr>
<tr>
<td>Processor</td>
<td>Intel Celeron 1037U 1.8GHz Dual Core 2 thread</td>
</tr>
<tr>
<td>Storage</td>
<td>SSD 8GB</td>
</tr>
<tr>
<td>RAM</td>
<td>DDR3 2GB</td>
</tr>
<tr>
<td>Model</td>
<td>Intel HM77 Express High Speed Chipset</td>
</tr>
<tr>
<td colspan="2"><strong>Processor Details</strong></td>
</tr>
<tr>
<td>CPU</td>
<td>Intel Celeron 1037U</td>
</tr>
<tr>
<td>Processor number</td>
<td>2 core / 2 threads</td>
</tr>
<tr>
<td>Technique</td>
<td>22NM</td>
</tr>
<tr>
<td>Slot</td>
<td>Socket H2(LGA 1155)</td>
</tr>
<tr>
<td style="vertical-align: top;">Buffer RAM</td>
<td>
L1 data cache: 32 KB, 8-Way, 64 byte lines<br />
L1 code cache: 32 KB, 8-Way, 64 byte lines<br />
L2 cache: 256 KB, 8-Way, 64 byte lines<br />
L3 cache: 2 MB, 8-Way, 64 byte lines<br />
</td>
</tr>
<tr>
<td>Characteristic</td>
<td>MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, EM64T, EIST</td>
</tr>
<tr>
<td colspan="2"><strong>Display Card Details</strong></td>
</tr>
<tr>
<td>Graphic Cards</td>
<td>
INTEL Ivy Bridge Graphics Controller<br />
Intel HD Graphics 2500
</td>
</tr>
<tr>
<td>Resolution (MAX)</td>
<td>Support 1920*1080 HD resolution, 32 bit color depth 60Hz</td>
</tr>
<tr>
<td>Audio Cards</td>
<td>Intel(R) display audio Intel Panther Point High Definition</td>
</tr>
<tr>
<td colspan="2"><strong>Network</strong></td>
</tr>
<tr>
<td>Network Card</td>
<td>Intel 82574L PCI-E Gigabit Ethernet NIC</td>
</tr>
<tr>
<td>Ethernet</td>
<td>10/100/1000Mbps Adaptive</td>
</tr>
<tr>
<td>WIFI</td>
<td>802.11.b/g/n(150M or 300M Optional)</td>
</tr>
<tr>
<td colspan="2"><strong>I/O Port</strong></td>
</tr>
<tr>
<td>Display port</td>
<td>1x VGA+ 1x HDMI</td>
</tr>
<tr>
<td>USB port</td>
<td>2x USB 2.0 ports; 4x USB 3.0</td>
</tr>
<tr>
<td>Ethernet port</td>
<td>2x RJ 45 10/100/1000Mbps Adaptive</td>
</tr>
<tr>
<td>Power input port</td>
<td>1 inner diameter 2.5mm, external diameter 5.5mm</td>
</tr>
<tr>
<td>Audio</td>
<td>Standard 3.5 Audio input and output</td>
</tr>
<tr>
<td colspan="2"><strong>Power and Working Environment</strong></td>
</tr>
<tr>
<td>Input</td>
<td>DC100-240V AC/50-60Hz</td>
</tr>
<tr>
<td>Output</td>
<td>DC 12V/3A</td>
</tr>
<tr>
<td>Type</td>
<td>External power adapter mode</td>
</tr>
<tr>
<td>Type</td>
<td>17W</td>
</tr>
<tr>
<td>Noise</td>
<td>Fanless System</td>
</tr>
<tr>
<td>Temperature</td>
<td>0-70 Centigrade</td>
</tr>
<tr>
<td>Humidity</td>
<td>10%-85%</td>
</tr>
</tbody>
</table>
<h2 id="assembly">Assembly</h2>
<p>Everything arrived pre-assembled. Just needed to plugin the power cord and I was good to go. Really good first time experience of shopping at AliExpress.</p>
<p><a href="/public/uploads/celeron-1037u-mini-desktop-computer-box.jpg"><img src="/public/uploads/celeron-1037u-mini-desktop-computer-box.jpg" alt="Intel Celeron 1037U Mini Desktop Computer box" title="Intel Celeron 1037U Mini Desktop Computer box" /></a>
<em><a href="http://g03.a.alicdn.com/kf/HTB1qZ4TLVXXXXXbapXXq6xXFXXXs/Barebone-Fanless-Mini-PC-N3150-Barebone-Nettop-PC-No-RAM-No-HDD-SSD-RTL8111DL-RJ45-Lan.jpg">Image</a> by <a href="http://www.eglobaltech.cn/">Eglobal Technology Co Ltd</a></em></p>
<p><a href="/public/uploads/celeron-1037u-mini-desktop-computer-parts.jpg"><img src="/public/uploads/celeron-1037u-mini-desktop-computer-parts.jpg" alt="Intel Celeron 1037U Mini Desktop Computer parts" title="Intel Celeron 1037U Mini Desktop Computer parts" /></a>
<em><a href="http://g02.a.alicdn.com/kf/HTB1pF8kIXXXXXa8XpXXq6xXFXXX4/Free-Shipping-Cost-Celeron-1037U-Mini-Desktop-Computer-PC-2GB-RAM-8GB-SSD-Mini-ITX-Case.jpg">Image</a> by <a href="http://www.eglobaltech.cn/">Eglobal Technology Co Ltd</a></em></p>
<p>This concludes the first part. In the next post I’ll show how to install pfSense and do some general setup.</p>
<h3 id="related-articles">Related articles</h3>
<ul class="related-posts">
<li><a href="/2016/07/21/diy-pfsense-firewall-router-part-2-installation/">DIY pfSense Firewall/Router Part 2: Installation</a></li>
<li><a href="/2016/07/21/diy-pfsense-firewallrouter-part-3-wireless-access-point/">DIY pfSense Firewall/Router Part 3: Wireless Access Point</a></li>
</ul>
Put your GitHub pages on warp speed with CloudFlarehttps://marcus-e.se/2016/07/18/put-your-github-pages-on-warp-speed-with-cloudflare2016-07-18T00:00:00+02:00<p>By using a custom domain for your GitHub page you can utilize <a href="https://www.cloudflare.com">CloudFlare</a> to make your site secure and faster for your visitors, for free. I will also show you some more features that CloudFlare has to offer.</p>
<p>By using a custom domain for your GitHub page you can utilize <a href="https://www.cloudflare.com">CloudFlare</a> to make your site secure and faster for your visitors, for free. I will also show you some more features that CloudFlare has to offer.</p>
<!-- more -->
<p><a href="https://www.cloudflare.com">CloudFlare</a> has already written an excellent post on their blog on how to use GitHub and CloudFlare together to enable SSL/HTTPS and strict caching of static content, see <a href="https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/">Secure and fast GitHub Pages with CloudFlare</a>.</p>
<p>However, CloudFlare has more to offer than just SSL/HTTPS and strict caching. Below are some examples.</p>
<h2 id="auto-minify-static-content">Auto minify static content</h2>
<p>If your lazy as I am Cloudflare can automatically minify all your hosted static content such as HTML, JavaScript and CSS. Just go to the speed tab and check the options you would like to be automatically minified. This way you don’t need to setup Grunt/Gulp for your personal website and you can focus on coding and drinking beer instead.</p>
<p><a href="/public/uploads/cloudflare-minify.png"><img src="/public/uploads/cloudflare-minify.png" alt="CloudFlare auto minify screenshot" title="CloudFlare auto minify screenshot" /></a></p>
<h2 id="rocker-loader">Rocker Loader</h2>
<p>This feature improves load time for pages that include JavaScript. It decreases the number of network requests by bundling JavaScript files, even third party resources, to avoid slowing down page rendering. You find this feature under the speed tab. This feature is still in BETA, but it works good for me.</p>
<p><a href="/public/uploads/cloudflare-rocket-loader.png"><img src="/public/uploads/cloudflare-rocket-loader.png" alt="CloudFlare Rocket Loader screenshot" title="CloudFlare Rocket Loader screenshot" /></a></p>
<h2 id="domain-name-system-dns">Domain Name System (DNS)</h2>
<p>CloudFlare gives you a complete Domain Name System for free which I find very convenient. I mainly use it for subdomains besides hosting this site. It allows you to use A, AAAA, CNAME, MX, LOC, SRV, SPF, TXT and NS records to suit your needs.</p>
<p>I had to setup a wildcard subdomain pointing to one of my networks which had a dynamic IP address. The issue was that my dynamic dns updater only allowed to update an A record in the DNS and not any CNAME records.</p>
<p>I solved this by creating an A record, i.e. subdomain.marcus-e.se, that pointed to my network IP address and then creating a wildcard CNAME record, i.e. *.subdomain.marcus-e.se, that pointed to my A record (subdomain.marcus-e.se). With this I can let my dynamic dns updater update the A record and I’ll still be able to access everything under *.subdomain.marcus-e.se.</p>
<p><a href="/public/uploads/cloudflare-dns.png"><img src="/public/uploads/cloudflare-dns.png" alt="CloudFlare DNS screenshot" title="CloudFlare DNS screenshot" /></a></p>
<h2 id="conclusion">Conclusion</h2>
<p>CloudFlare gives you a lot of security and speed for your visitors for free and makes your life easier. I highly recommend it. Please inspect this site using Chrome dev tools or similar and have a look what CloudFlare has given my site in comparison with <a href="https://github.com/marefr/marefr.github.io">the source code</a>.</p>