ishmaelen

The netfilter hooks in the kernel and where they hook in the packet flow

The figure below calls out

The netfilter hooks
The order of table traversal

This gist includes a certificate renewal script, which I use to renew both of my LetsEncrypt certificates, as well as the systemd unit files necessary to automate it. It's currently set to run every 12 hours, and renews the certificates if they expire in less than 3 days. The certbot tool is required in order to use this script. Note that I generated my keys and CSR manually because I needed to add specific extensions to my certificates. That process is not covered here.

Filename	Description
`01-getcert.sh`	The certificate renewal script.
`02-cli.ini`	Example Certbot configuration.
`03-getcert.timer`	The systemd timer unit file.
`04-getcert.service`	The systemd service unit file.
`05-openssl.conf`	Example openssl.conf for the CSR
`06-getcert-ddns.sh`	DDNS version of the renewal script.

	#!/bin/bash
	# check_user_lastseen - report on users who have not logged in for a while
	# Purpose:
	# This script tries to find idle accounts and any orphaned homedirs
	# Currently is Linux biased but capacity for portability is there
	# Author: Rawiri Blundell
	# Copyright: See provided LICENCE file
	###############################################################################
	# Source the config mapping library
	# Provides variables "${thisHost}", "${thisJob}" and