Open Source Projects on Daniel 'f0o' Preussker

cline-vertex-gw

Wed, 20 May 2026 16:10:47 +0000

I love coding with AI agents, but my wallet absolutely hates it. If you have ever run Cline or other agentic loops, you know exactly what I mean. The token multiplier effect can turn a 20-minute debugging session into a three-figure cloud bill before you even finish your first coffee.

To make matters worse, Google Cloud Vertex AI has incredibly cheap and reliable access to models like Claude and Gemini, but its REST API is completely different from the standard OpenAI or Ollama endpoints that most developer tools expect.

Oubliette

Sat, 18 Apr 2026 00:00:00 +0000

DDoS attacks are a massive pain for anyone trying to keep a service online, especially TCP SYN Floods with spoofed source IPs. Because some ISPs still do not implement BCP38 correctly, attackers can easily spoof source IPs with zero consequences, flooding targets until they fall over.

To combat this without dropping a fortune on proprietary scrubbing hardware, I built Oubliette — a high-performance, linerate DDoS scrubber that runs on semi-commodity hardware. By hooking directly into the NIC’s driver using eBPF and XDP (eXpress Data Path), it filters out malicious traffic before it can even touch the Linux kernel network stack.

Tor Relay Performance Datasets

Mon, 09 Jun 2025 06:36:18 +0000

Analyzing performance characteristics of anonymity networks is notoriously difficult. In the Tor network, bandwidth measurements are traditionally concentrated within a few core directory authorities or testing agents.

Because these measurement nodes are mostly located inside North American and European datacenters, the resulting performance metrics suffer from severe geographical bias.

If you are a privacy researcher trying to analyze how well Tor relays perform in the Global South or the APAC region, existing public datasets are sparse, unreliable, and heavily skewed.

PromCache

Mon, 31 Mar 2025 10:25:56 +0000

Prometheus is a beast of a monitoring system, but Grafana dashboards can easily bring it to its knees. If you have ever set up a company-wide wallboard that auto-refreshes every ten seconds, or if you have multiple SRE teams querying the exact same raw metrics, you have probably seen your Prometheus CPU usage spike into a terrifying sawtooth pattern.

The obvious solution is to slap an HTTP cache in front of it. But if you try doing that with a generic proxy like Varnish or Nginx, you will quickly realize it is completely useless.

Quickwipe

Sun, 16 Mar 2025 15:11:03 +0000

Wiping old hard drives is a total drag. If you have ever decommissioned a server with a couple of high-capacity SATA drives, you know exactly what I mean. Scurrying to write randomized bytes across several terabytes of magnetic platters can easily drag on for seventy or eighty hours.

If you try to run a naive dd if=/dev/urandom of=/dev/sdX, you are bound to fail. Standard tool chains are throttled by the Linux page cache, buffer copying overhead, and CPU-bound random number generators.

fn0rd.io Scanner

Fri, 07 Mar 2025 09:11:18 +0000

Mapping the entire internet is a massive challenge. If you try to scan large blocks of IPv4 addresses from a single server, you will get rate-limited, blocklisted, or network-saturated almost immediately.

To conduct community-driven security auditing without dropping thousands of dollars on enterprise hosting networks, we need a distributed approach. By dividing up the target IP space into manageable scopes and spreading the work across dozens of volunteer nodes, we can map systems safely and efficiently.

Looking Glass

Sat, 20 Apr 2024 06:32:42 +0000

Most public looking glasses are outdated CGI or raw PHP scripts from 1997. They parse user inputs insecurely, lack any form of caching, and put a heavy CPU load on core routers during diagnostics. When core public routers go down, troubleshooting BGP route flaps at 3 AM becomes a nightmare.

To solve this, I built Looking Glass — a stateless, horizontally scalable, and secure diagnostic daemon built with Go, ConnectRPC, and Svelte 5. It manages a fleet of multi-vendor core routers over concurrent, isolated SSH sessions and streams real-time diagnostic outputs through a raw API, a neat CLI (lg-cli), and a snappy web client.

Netbench

Fri, 21 Jul 2023 08:03:57 +0000

Benchmarking network systems is usually a static affair. You spin up ApacheBench or wrk, tell it to run at a fixed fifty concurrent connections for two minutes, and look at the resulting average latency.

But real-world traffic is never static. In the wild, servers face dynamic traffic surges, sudden micro-bursts, and predictable diurnal waves (like the slow ramp-up of users starting their workday followed by a quiet night-time dip).

To test how my network infrastructure and auto-scalers handle these fluid concurrency transitions, I built Netbench (written in Go, ofc). It is an high-concurrency network and HTTP traffic generator that dynamically scales its worker thread concurrency using real-time mathematical wave functions.

Cloudflare Runners

Wed, 07 Jul 2021 15:58:52 +0000

Commercial CI/CD runners are expensive, and hosting your own GitLab runner fleet is a chore. You have to patch host OS kernels, manage Docker daemon storage, prune orphaned volumes, and keep an eye on monthly VM bills.

What if you could run your entire CI/CD workload on enterprise-grade infrastructure completely for free, with zero servers to manage?

Cloudflare Pages lets developers build and host Jamstack sites for free. On every git commit, Cloudflare spins up a fully functional, high-performance Linux build container to compile your frontend assets. I figured, since they are giving us a free Linux container with root privileges and outbound internet access, we might as well put it to work.

prom_hosts

Wed, 28 Apr 2021 06:47:28 +0000

Standard flat-file /etc/hosts name resolution is ancient, but it is still incredibly common in local home labs, small environments, and custom Kubernetes ingress networks. It is simple, stateless, and gets the job done without the headache of provisioning a heavy authoritative BIND or Knot DNS infrastructure.

Most modern networks run CoreDNS to manage internal name resolution, and CoreDNS has a built-in hosts plugin to serve zones straight from flat /etc/hosts files.

Guacamole PKI

Thu, 03 Oct 2019 07:05:40 +0000

Managing TLS/SSL certificates at scale across multi-tenant cloud platforms is an absolute nightmare. In large deployments, you want every project and service to have its own isolated Certificate Authority (CA) namespace, but providing this capability without leaking private Root Keys or running into permission conflicts is incredibly difficult.

While the OpenStack ecosystem has dedicated services for Compute (Nova), Networking (Neutron), and Key Storage (Barbican), it has long lacked a native, production-ready PKI-as-a-Service (PKIaaS) component.

Terranetes

Tue, 06 Aug 2019 15:53:32 +0000

Deploying Kubernetes is usually a massive headache. You either suffer through opaque, hundred-line Ansible playbooks that fail halfway through, or you bind yourself to complex, vendor-locked managed services like EKS or GKE.

If you are running on your own hardware or open cloud platforms like OpenStack, your options are even worse. You are left managing state across multiple detached tools: one to spin up the VMs, another to compile PKI certificates, and a third to bootstrap the cluster.