Removed redcarpet markdown, added new blogpost

Author: wizche

.gitignore

@@ -1,3 +1,4 @@
 _site/
 .sass-cache/
 .jekyll-metadata
+.jekyll-cache

Gemfile

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# gem "rails"
+
+gem "jekyll", "~> 4.2"

Gemfile.lock

@@ -0,0 +1,67 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.8.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    colorator (1.1.0)
+    concurrent-ruby (1.1.9)
+    em-websocket (0.5.3)
+      eventmachine (>= 0.12.9)
+      http_parser.rb (~> 0)
+    eventmachine (1.2.7)
+    ffi (1.15.4)
+    forwardable-extended (2.6.0)
+    http_parser.rb (0.8.0)
+    i18n (1.8.11)
+      concurrent-ruby (~> 1.0)
+    jekyll (4.2.1)
+      addressable (~> 2.4)
+      colorator (~> 1.0)
+      em-websocket (~> 0.5)
+      i18n (~> 1.0)
+      jekyll-sass-converter (~> 2.0)
+      jekyll-watch (~> 2.0)
+      kramdown (~> 2.3)
+      kramdown-parser-gfm (~> 1.0)
+      liquid (~> 4.0)
+      mercenary (~> 0.4.0)
+      pathutil (~> 0.9)
+      rouge (~> 3.0)
+      safe_yaml (~> 1.0)
+      terminal-table (~> 2.0)
+    jekyll-sass-converter (2.1.0)
+      sassc (> 2.0.1, < 3.0)
+    jekyll-watch (2.2.1)
+      listen (~> 3.0)
+    kramdown (2.3.1)
+      rexml
+    kramdown-parser-gfm (1.1.0)
+      kramdown (~> 2.0)
+    liquid (4.0.3)
+    listen (3.7.0)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
+    mercenary (0.4.0)
+    pathutil (0.16.2)
+      forwardable-extended (~> 2.6)
+    public_suffix (4.0.6)
+    rb-fsevent (0.11.0)
+    rb-inotify (0.10.1)
+      ffi (~> 1.0)
+    rexml (3.2.5)
+    rouge (3.27.0)
+    safe_yaml (1.0.5)
+    sassc (2.4.0)
+      ffi (~> 1.9)
+    terminal-table (2.0.0)
+      unicode-display_width (~> 1.1, >= 1.1.1)
+    unicode-display_width (1.8.0)
+
+PLATFORMS
+  x86_64-linux
+
+DEPENDENCIES
+  jekyll (~> 4.2)
+
+BUNDLED WITH
+   2.2.33

_config.yml

@@ -5,10 +5,7 @@ signoff:          GoS
 disqus_shortname: geeksonsecurity
 highlighter:      rouge
 permalink:        pretty
-markdown:         redcarpet
-redcarpet:
-  extensions:
-    - smart
+markdown:         kramdown
 
 links:
   - name:         Home

_posts/2021-12-19-mikrotik-ipsec-psk-ras.md

@@ -0,0 +1,35 @@
+---
+layout: post
+title: Configure IPSec PSK RAS on Mikrotik 
+category: tips-tricks
+tags: [networking, ipsec, mikrotik]
+disqus: y
+---
+
+The following config has been tested on MikroTik RouterOS 6.48.4 against the following RAS clients:
+* Android 11 native VPN client (IPSec PSK)
+* macOS Big Sur 11.3 native VPN client
+
+The RAS clients will get an IP in the `10.2.10.0/24` subnet. No split tunnelling.
+
+```mikrotik
+/ip ipsec peer
+add exchange-mode=ike2 name=peer1 passive=yes send-initial-contact=no
+/ip ipsec profile
+set [ find default=yes ] dh-group=ecp256,ecp384,modp2048 enc-algorithm=aes-256 hash-algorithm=sha256
+/ip ipsec proposal
+set [ find default=yes ] auth-algorithms=sha256 enc-algorithms=aes-256-cbc lifetime=1d pfs-group=none
+/ip ipsec identity
+add generate-policy=port-strict mode-config=vpn peer=peer1 secret=YOURPSKSECRET
+/ip pool
+add name=vpn-pool ranges=10.2.10.100-10.2.10.150
+/ip ipsec mode-config
+add address-pool=vpn-pool address-prefix-length=32 name=vpn static-dns=10.2.10.10 system-dns=no
+/ip ipsec policy
+add dst-address=0.0.0.0/0 src-address=0.0.0.0/0 template=yes
+/ip firewall filter
+add action=accept chain=input in-interface=ether1-wan port=1701,500,4500 protocol=udp
+add action=accept chain=input in-interface=ether1-wan protocol=ipsec-esp
+/ip firewall nat
+add action=masquerade chain=srcnat out-interface=ether1-wan src-address-list=vpn-lan
+```

stylesheets/style.css

@@ -416,11 +416,13 @@ pre {
     -moz-box-sizing: border-box;
     box-sizing: border-box;
 }
+
 code {
     font-size: 13px;
     color: #ffffff;
     background: #0e1f31;
-    padding: 2px 4px 3px;
+    padding: 5px 10px 5px 10px;
+    margin: 5px 5px 5px 5px;
     border-radius: 2px;
     line-height: 1.3em;
     display: inline-block;
@@ -429,6 +431,7 @@ code {
     *display: inline;
     *vertical-align: auto;
 }
+
 img {
     max-width: 100%;
 }