Many of the developers where I work have been looking for a persistent chat alternative to SfB. While there are several good options in this space, in order to satisfy internal security concerns we ultimately decided on Mattermost. Unfortunately, many of the more advanced authentication features in Mattermost are locked behind the E20 licensing. Eventually we’d like to move to a licensed instance to ease administration, but in the short term we have both a desire to switch to Mattermost quickly and a desire to integrate with LDAP.
While Keycloak is not able to reproduce all the functionality the Gitlab integration provides, it does help us avoid having to run and support a fairly heavy Gitlab instance. …
UPDATE: There are reports that AT&T is currently testing an additional authentication layer in certain markets. It is possible this bypass method will no longer function in the near future. See this thread for more info.
Disclaimer: I am not responsible for any issues that may occur as a result of following this guide. If you have any concerns about what you’re doing, please stop and do your own research.
This new version of the guide requires no gateway.config.json …
I’d like to preface this story by stating this is my theory based on observations made so far.
Update: As of 10/2/2018 ATT has released a version of their firmware for the Pace 5268AC in certain markets. This new firmware (11.1.0.531418) includes several changes to resolve the issues routing 1.1.1.1. Primarily, changing binding addresses for AirTies from 1.1.1.X to 203.0.113.X.
All references to the new address range can be found (here).
On April 1st 2018 CloudFlare announced their new public DNS offering, and shortly after DSLReports users started complaining about their inability to reach the service.
Despite using the same modem and internet service as these users, I observed no issues reaching CloudFlare’s IPs. Seemingly, the only difference between my setup and theirs, was that I have bypassed my ATT gateway entirely. Without a bypassed gateway you can perform a trace route and see just one sub-millisecond hop, indicating the address is being routed to a resource within your own network. …
