ふらんこ

[RYO] 手巻きタバコ 再開しました

 Roll Your Own  [RYO] 手巻きタバコ 再開しました はコメントを受け付けていません。
4月 182016
 

酔った勢いでシャグ(コルツ バニラ)を買っちゃった。

RYOて巻紙とか保湿とかイロイロ工夫できるから楽しいんだよね。

ZIG-ZAGのローラーとペーパーも買ったんだけどコルツのおまけ紙なハンドロールで済ませちゃってたり。

保湿用品とか携行用品はこれから買いそろえることになるんだけどね。

ハンドロールで巻くならシャグが入るポーチだけでも不自由はなさそう。

ローリングボックスを買うか否かで悶々ちう。

シャグも3銘柄くらいは常備したいなぁ

コルツ
ブラックデビル
レッドブル

まずはこの辺からかなぁ。

こんなzoneキライだ。

 General  こんなzoneキライだ。 はコメントを受け付けていません。
4月 112016
 

キライなzone例

dns.jp.

$ dig +norec dns.jp. soa @nsb.dns.jp.

; <<>> DiG 9.10.3-P4 <<>> +norec dns.jp. soa @nsb.dns.jp.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57230
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 12

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dns.jp.                                IN      SOA

;; ANSWER SECTION:
dns.jp.                 86400   IN      SOA     z.dns.jp. root.dns.jp. 2015011801 3600 900 1814400 86400

;; AUTHORITY SECTION:
dns.jp.                 86400   IN      NS      nsd.dns.jp.
dns.jp.                 86400   IN      NS      nsa.dns.jp.
dns.jp.                 86400   IN      NS      nse.dns.jp.
dns.jp.                 86400   IN      NS      nsf.dns.jp.
dns.jp.                 86400   IN      NS      nsg.dns.jp.
dns.jp.                 86400   IN      NS      nsb.dns.jp.

;; ADDITIONAL SECTION:
nsa.dns.jp.             86400   IN      A       203.119.1.4
nsa.dns.jp.             86400   IN      AAAA    2001:dc4::4
nsb.dns.jp.             86400   IN      A       202.12.30.134
nsb.dns.jp.             86400   IN      AAAA    2001:dc2::2
nsd.dns.jp.             86400   IN      A       210.138.175.245
nsd.dns.jp.             86400   IN      AAAA    2001:240::54
nse.dns.jp.             86400   IN      A       192.50.43.153
nse.dns.jp.             86400   IN      AAAA    2001:200:c000::99
nsf.dns.jp.             86400   IN      A       150.100.6.12
nsf.dns.jp.             86400   IN      AAAA    2001:2f8:0:100::163
nsg.dns.jp.             86400   IN      A       203.119.40.4

;; Query time: 8 msec
;; SERVER: 2001:dc2::2#53(2001:dc2::2)
;; WHEN: Mon Apr 11 12:43:27 JST 2016
;; MSG SIZE  rcvd: 422

$
$ dig +norec dns.jp. soa @z.dns.jp.

; <<>> DiG 9.10.3-P4 <<>> +norec dns.jp. soa @z.dns.jp.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9582
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 12

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dns.jp.                                IN      SOA

;; AUTHORITY SECTION:
dns.jp.                 86400   IN      NS      nse.dns.jp.
dns.jp.                 86400   IN      NS      nsa.dns.jp.
dns.jp.                 86400   IN      NS      nsg.dns.jp.
dns.jp.                 86400   IN      NS      nsb.dns.jp.
dns.jp.                 86400   IN      NS      nsf.dns.jp.
dns.jp.                 86400   IN      NS      nsd.dns.jp.

;; ADDITIONAL SECTION:
nsa.dns.jp.             86400   IN      A       203.119.1.4
nsa.dns.jp.             86400   IN      AAAA    2001:dc4::4
nsb.dns.jp.             86400   IN      A       202.12.30.134
nsb.dns.jp.             86400   IN      AAAA    2001:dc2::2
nsd.dns.jp.             86400   IN      A       210.138.175.245
nsd.dns.jp.             86400   IN      AAAA    2001:240::54
nse.dns.jp.             86400   IN      A       192.50.43.153
nse.dns.jp.             86400   IN      AAAA    2001:200:c000::99
nsf.dns.jp.             86400   IN      A       150.100.6.12
nsf.dns.jp.             86400   IN      AAAA    2001:2f8:0:100::163
nsg.dns.jp.             86400   IN      A       203.119.40.4

;; Query time: 8 msec
;; SERVER: 203.119.1.10#53(203.119.1.10)
;; WHEN: Mon Apr 11 12:44:26 JST 2016
;; MSG SIZE  rcvd: 379

$

なんかね。

[試作] iptables な FILTER-53

 Server  [試作] iptables な FILTER-53 はコメントを受け付けていません。
2月 202016
 

リゾルバに仕込む用? の部品? かな?
阿弥陀な chain でごめんなさい☆

FILTER-53 chain

iptables -N FILTER-53-HIT
iptables -N FILTER-53-TCP
iptables -N FILTER-53-UDP

DNS TCP Response
:FILTER-53-TCP

iptables -A FILTER-53-TCP -m string --hex-string=\|80\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|81\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|82\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|83\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|84\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|85\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|86\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|87\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|88\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|89\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|8A\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|8B\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|8C\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|8D\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|8E\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|8F\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|90\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|91\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|92\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|93\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|94\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|95\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|96\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|97\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|98\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|99\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|9A\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|9B\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|9C\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|9D\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|9E\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|9F\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A0\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A1\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A2\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A3\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A4\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A5\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A6\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|A7\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B0\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B1\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B2\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B3\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B4\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B5\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B6\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -m string --hex-string=\|B7\| --algo bm --from 56 --to 57 -j FILTER-53-HIT
iptables -A FILTER-53-TCP -j RETURN

DNS UDP Response
:FILTER-53-UDP

iptables -A FILTER-53-UDP -m string --hex-string=\|80\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|81\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|82\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|83\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|84\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|85\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|86\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|87\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|88\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|89\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|8A\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|8B\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|8C\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|8D\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|8E\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|8F\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|90\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|91\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|92\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|93\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|94\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|95\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|96\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|97\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|98\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|99\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|9A\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|9B\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|9C\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|9D\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|9E\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|9F\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A0\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A1\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A2\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A3\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A4\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A5\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A6\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|A7\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B0\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B1\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B2\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B3\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B4\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B5\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B6\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -m string --hex-string=\|B7\| --algo bm --from 30 --to 31 -j FILTER-53-HIT
iptables -A FILTER-53-UDP -j RETURN

長くて通さないのを REJECT
:FILTER-53-HIT

iptables -A FILTER-53-HIT -p tcp -m length --length 1024: -j REJECT --reject-with tcp-reset
iptables -A FILTER-53-HIT -p udp -m length --length 512: -j REJECT --reject-with icmp-admin-prohibited
iptables -A FILTER-53-HIT -j RETURN

長いのを喰わせたくない Query-IF を FILTER-53
:INPUT

iptables -A INPUT -i {Query-IF} -p udp --sport 53 -j FILTER-53-UDP
iptables -A INPUT -i {Query-IF} -p tcp --sport 53 -m state --state ESTABLISHED -j FILTER-53-TCP

長いのを吐かせたくない Response-IF を FILTER-53
:OUTPUT

iptables -A OUTPUT -o {Response-IF} -p udp --sport 53 -j FILTER-53-UDP
iptables -A OUTPUT -o {Response-IF} -p tcp --sport 53 -m state --state ESTABLISHED -j FILTER-53-TCP

適当に query

$ drill -a4 nic.ad.jp. a
$ drill -a4 129.192.41.192.in-addr.arpa. ptr
$ drill -a4 nic.ad.jp. any
$ drill -a4 -o rd nic.ad.jp. @ns3.nic.ad.jp. a
$ drill -a4 -o rd 129.192.41.192.in-addr.arpa. @ns3.nic.ad.jp. ptr
$ drill -a4 -o rd nic.ad.jp. @ns3.nic.ad.jp. any

結果こんな感じ

$ sudo iptables -nvL|grep -vE ^\ *0
Chain INPUT (policy ACCEPT 44 packets, 11572 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   11  4689 FILTER-53-UDP  udp  --  {Query-IF} *       0.0.0.0/0            0.0.0.0/0            udp spt:53
   42 34706 FILTER-53-TCP  tcp  --  {Query-IF} *       0.0.0.0/0            0.0.0.0/0            tcp spt:53 state ESTABLISHED

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 79 packets, 6517 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FILTER-53-HIT (96 references)
 pkts bytes target     prot opt in     out     source               destination         
    3  3168 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0            length 512:65535 LOG flags 0 level 4
    3  3168 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            length 512:65535 reject-with icmp-admin-prohibited
   21 26980 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            length 1024:65535 LOG flags 0 level 4
   21 26980 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            length 1024:65535 reject-with tcp-reset
   12  2135 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FILTER-53-TCP (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   18 19476 FILTER-53-HIT  all  --  *      *       0.0.0.0/0            0.0.0.0/0            STRING match  "|80|" ALGO name bm FROM 56 TO 57
    3  7504 FILTER-53-HIT  all  --  *      *       0.0.0.0/0            0.0.0.0/0            STRING match  "|84|" ALGO name bm FROM 56 TO 57
   21  7726 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FILTER-53-UDP (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    7  3782 FILTER-53-HIT  all  --  *      *       0.0.0.0/0            0.0.0.0/0            STRING match  "|80|" ALGO name bm FROM 30 TO 31
    3   246 FILTER-53-HIT  all  --  *      *       0.0.0.0/0            0.0.0.0/0            STRING match  "|81|" ALGO name bm FROM 30 TO 31
    1   368 FILTER-53-HIT  all  --  *      *       0.0.0.0/0            0.0.0.0/0            STRING match  "|83|" ALGO name bm FROM 30 TO 31
    2   419 FILTER-53-HIT  all  --  *      *       0.0.0.0/0            0.0.0.0/0            STRING match  "|84|" ALGO name bm FROM 30 TO 31
    2   488 FILTER-53-HIT  all  --  *      *       0.0.0.0/0            0.0.0.0/0            STRING match  "|86|" ALGO name bm FROM 30 TO 31
    8  1521 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

[nginx] ssl_ciphers

 General  [nginx] ssl_ciphers はコメントを受け付けていません。
11月 052015
 

すこしだけ手抜きを減らして?書いてみた。

※openssl1系

・ngninx.conf

ssl_ciphers 
TLSv1.2+kEECDH+AESGCM:
TLSv1.2+kEDH+aRSA+AESGCM:
TLSv1.2+kEECDH+AES:
TLSv1.2+kEDH+aRSA+AES:
TLSv1+kEECDH+aRSA+AES:
TLSv1+kEDH+aRSA+AES:
TLSv1+kEDH+aRSA+CAMELLIA:
TLSv1+RSA+3DES;

・ciphers

ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES256-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-RSA-AES128-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH       Au=RSA  Enc=Camellia(256) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH       Au=RSA  Enc=Camellia(128) Mac=SHA1
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1

systemd de zabbix-2.2.9 agent

 ArchLinux, Fedora, Gadget, Raspberry Pi, ZABBIX  systemd de zabbix-2.2.9 agent はコメントを受け付けていません。
5月 222015
 

久々にめぽ

# cat > /etc/tmpfiles.d/zabbix-agentd.conf <<END
d /run/zabbix 0755 zabbix zabbix
END
# systemd-tmpfiles --create zabbix-agentd.conf
# cat > /etc/systemd/system/zabbix-agentd.service <<END
[Unit]
Description=Zabbix Agentd Daemon
Requires=network-online.target
After=network-online.target

[Service]
Type=forking
PIDFile=/run/zabbix/zabbix_agentd.pid
ExecStart=/usr/local/sbin/zabbix_agentd
Restart=on-failure
RestartSec=10

[Install]
WantedBy=multi-user.target
END