Christian Samsel csamsel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # I had a lot of trouble to debugging a non working portforwarding while using Suricata in IPS mode together with Shorewall. | |
| # The following configuration finally worked. | |
| # | |
| # Make sure that the tcp connection establishment is also NFQUEUE'd. | |
| # The minus at the end of DNAT prevents an ACCEPT rule to be created along the DNAT rule, because we want an NFQUEUE rule instead. | |
| # 0:3,bypass refers to 4 queues with a bypass rule in case Suricata is not available. | |
| # Example for Plex with an internal port of 32400 and external port of 32411 (target 192.168.2.20) | |
| DNAT-:info net 192.168.2.20:32400 tcp 32411 | |
| NFQUEUE(0:3,bypass) net loc tcp 32400 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # disable background scan (might prevent standby) | |
| sdparm --quiet --clear=EN_BMS --save /dev/disk/by-id/scsi-????????????????? | |
| # enable standby (powers down drive motor) | |
| sdparm --flexible --quiet --save -p po --set=STANDBY=1 /dev/disk/by-id/scsi-????????????????? | |
| # set standby to 30min | |
| sdparm --flexible --quiet --save -p po --set=SCT=18000 /dev/disk/by-id/scsi-????????????????? | |
| # enable idle (drives spins but servos are off) | |
| sdparm --flexible --quiet --save -p po --set=IDLE_B=1 /dev/disk/by-id/scsi-????????????????? | |
| # set idle to 5min | |
| sdparm --flexible --quiet --save -p po --set=ICT=3000 /dev/disk/by-id/scsi-????????????????? |
csamsel
/ create-datastore.sh
Last active
January 12, 2023 11:02
Add VMware ESXi datastore to install disk using partedUtil
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # For me atleast VMware ESXi fails to create a datastore on the drive i installed it on - although enough space is left over. | |
| # You can still do it using partedUtil on the console. | |
| # I'm using a 250 GB Sammsung 860 Evo in this example (/dev/disks/t10.ATA_____Samsung_SSD_860_EVO_250GB_______________S3YJNF0JC02559E____) | |
| # | |
| # First lets check the current partition layout using partedUtil getptbl | |
| [root@oxygen-vmhost2:~] partedUtil getptbl /dev/disks/t10.ATA_____Samsung_SSD_860_EVO_250GB_______________S3YJNF0JC02559E____ | |
| _ | |
| gpt | |
| 30401 255 63 488397168 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # So you want switch your HPE H240 controller to HBA mode for use with ESXi or UnRaid? | |
| # online you'll find the follow command for HP controllers, like the P420i. | |
| ssacli controller slot=0 modify hbamode=on | |
| # For me, it was: | |
| ssacli controller slot=255 modify raidmode=off | |
| # while you are at it, you can also switch the power mode: | |
| ssacli controller slot=255 modify powermode=minpower |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Gentoo network configuration for Draytek VigorNIC 132 in Bridge Mode for NetCologne / NetAachen | |
| # eth0 = VigorNIC, eth1 = physical NIC to internal network | |
| # | |
| # 192.168.2.0/24 default VLAN internal network | |
| # 192.168.12.0/24 VLAN12 guest network | |
| # 192.168.20.0/24 VLAN20 IOT network | |
| # 192.168.1.1 VigorNIC webinterface | |
| # | |
| # use dhcpcd for ppp0 to get a prefix delegation (see other gists) | |
| # use radvd to announce IPv6 configuration to internal network (see other gists) |
csamsel
/ gist:334726613f69ae6d2f2b9c9084fd0cf3
Created
April 19, 2019 16:10
use easyrsa for openvpn notes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### set base directory for further work | |
| oxygen-router-vm /etc/openvpn # export EASYRSA_PKI=/etc/openvpn/pki | |
| ### create base directories | |
| oxygen-router-vm /etc/openvpn # easyrsa init-pki | |
| init-pki complete; you may now create a CA or requests. | |
| Your newly created PKI dir is: /etc/openvpn/pki |
csamsel
/ dhcpcd-pd.conf
Last active
April 4, 2024 14:04
dhcpcd configuration just for IPv6 PD (Prefix delegation). radvd is required as well.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| duid | |
| noipv6rs | |
| waitip 6 | |
| # Uncomment this line if you are running dhcpcd for IPv6 only. | |
| ipv6only | |
| nohook resolv.conf, yp, hostname, ntp | |
| option rapid_commit |
csamsel
/ gist:37e14e2280b6c48bc8e4486b50b3a61c
Last active
October 21, 2023 12:25
Revert Ubiquiti NanoStation Loco M2 XW/XM to not signed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Need the following tools: binwalk, squashfs-tools | |
| The tutorial will probably work with similar devices, but i havent tested it. | |
| Adjust the firmware files. | |
| 1. Have AirOS 5.6.15 signed installed (mind the XM vs. XW, the device type is shown in the webinterface) | |
| Get it from: | |
| XM: https://dl.ubnt.com/firmwares/XN-fw/v5.6.15/XM.v5.6.15-sign.31612.170908.1458.bin | |
| XW: https://dl.ubnt.com/firmwares/XW-fw/v5.6.15/XW.v5.6.15-sign.31612.170908.1440.bin |
csamsel
/ gist:683b21035e27f51f4072d68edaf1e296
Created
July 17, 2018 21:06
mount a samba share using plaintext passwords (because ldap)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo '0x30' > /proc/fs/cifs/SecurityFlags | |
| mount.cifs //111.111.111.111/share/ /mnt/tmp -o user=username,pass=password,vers=1.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget --no-cookies --no-check-certificate --header "Cookie: oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u172-b11/a58eab1ec242421181065cdc37240b08/jdk-8u172-linux-x64.tar.gz" |
NewerOlder