echo "service iptables restart"| at now + 2 min
iptables --flush
### Drop invalid packets ###
iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
HacKanCuBa
/ find-https-debian-archives.py
Last active
May 26, 2024 03:45
— forked from eighthave/find-https-debian-archives.py
Script to find official Debian mirrors that support HTTPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """Find Debian HTTPS archives. | |
| Script based on https://gist.github.com/eighthave/7285154 | |
| I made it asynchronous and parallel, so overall I measured it to be 6 times faster or more. | |
| Requires Python 3.7+ | |
| Additional resources not exactly related to this script but could be helpful for |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| First, update and upgrade all packages: | |
| sudo apt-get update | |
| sudo apt-get upgrade | |
| sudo -i # Change to root | |
| cd /usr/local/src | |
| Main docs: | |
| https://wiki.asterisk.org/wiki/display/AST/Installing+Asterisk+From+Source |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # to install directly from the Gist | |
| # curl https://gist.githubusercontent.com/realslacker/6dce254e16003fbec5451689c9ba1e49/raw/ | bash -s -- -i | |
| # test getopt | |
| getopt --test > /dev/null | |
| if [[ $? -ne 4 ]]; then | |
| echo "Error: `getopt --test` failed in this environment, please update to a newer 'getopt' package" | |
| exit 1 |
voluntas
/ sysctl.conf
Created
October 14, 2017 13:07
— forked from techgaun/sysctl.conf
Sysctl configuration for high performance
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### KERNEL TUNING ### | |
| # Increase size of file handles and inode cache | |
| fs.file-max = 2097152 | |
| # Do less swapping | |
| vm.swappiness = 10 | |
| vm.dirty_ratio = 60 | |
| vm.dirty_background_ratio = 2 |
This sample script is for embedding animation GIF in a cell using custom function on Spreadsheet.
I think that this method is one of various ideas.
There are some limitations.
- Images of jpeg and png can be embedded in a cell using
=IMAGE(). But when animation GIF is embedded using it, GIF is not played.
nwaywood
/ bash-menu.sh
Created
March 15, 2017 03:47
Template structure for a bash script with simple menu and command line args
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### 1: Drop invalid packets ### | |
| /sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP | |
| ### 2: Drop TCP packets that are new and are not SYN ### | |
| /sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP | |
| ### 3: Drop SYN packets with suspicious MSS value ### | |
| /sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP | |
| ### 4: Block packets with bogus TCP flags ### |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TCP port to bind to | |
| # Change to a high/odd port if this server is exposed to the internet directly | |
| Port 22 | |
| # Bind to all interfaces (change to specific interface if needed) | |
| ListenAddress 0.0.0.0 | |
| # Force SSHv2 Protocol | |
| Protocol 2 |
jokey2k
/ sshfilter.sh
Last active
April 22, 2024 14:18
Tuned version of sshfilter.sh to allow for ipv6 filtering
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # based on script from http://www.axllent.org/docs/view/ssh-geoip | |
| # License: WTFPL | |
| # UPPERCASE space-separated country codes to ACCEPT | |
| ALLOW_COUNTRIES="DE EU GB" | |
| LOGDENY_FACILITY="authpriv.notice" | |
| if [ $# -ne 1 ]; then | |
| echo "Usage: `basename $0` <ip>" 1>&2 |
NewerOlder