maurorappa maurorappa
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # tshark -r /root/md.pcap -q -n -z dests,tree | |
| Running as user "root" and group "root". This could be dangerous. | |
| ======================================================================================================================================= | |
| IPv4 Statistics/Destinations and Ports: | |
| Topic / Item Count Average Min val Max val Rate (ms) Percent Burst rate Burst start | |
| --------------------------------------------------------------------------------------------------------------------------------------- | |
| Destinations and Ports 127892 12.7895 100% 49.6000 0.075 | |
| 222.10.9.3 127892 12.7895 100.00% 49.6000 0.075 | |
| UDP 127892 12.7895 100.00% 49.6000 0.075 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.ele.uri.edu/research/hpcl/2012/SBAC.pdf | |
| how it compiled: | |
| objdump -s --section .gnu.build.attributes /usr/lib64/liblzo2.so.2.0.0 | |
| or check the spec file! face with tongue |
maurorappa
/ gist:1d56fbc513a8988a27f4d9a410d0575d
Created
October 9, 2024 06:48
Who does adjust my clock?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from man adjtimex : | |
| Linux uses David L. Mills' clock adjustment algorithm (see RFC 1305). The system call adjtimex() reads and optionally sets adjustment parameters for this algorithm. | |
| on Centos7 , you can use systemtap to monitor who calls this syscall. | |
| you need to install all kernel development and debuginfo packages and only then you can run this: | |
| #cat clock.stp | |
| probe kernel.function("sys_adjtimex") { printf("time adjusted by %s(%d)\n",execname(), pid()); } |
maurorappa
/ gist:6735334a7717e4f5f07fa7ff1b00fc41
Created
October 9, 2024 06:46
Supermicro server management
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IPMITOOL Utility | |
| #ipmitool lan print 1 | |
| Set in Progress : Set Complete | |
| Auth Type Support : NONE MD2 MD5 PASSWORD | |
| Auth Type Enable : Callback : MD2 MD5 PASSWORD | |
| : User : MD2 MD5 PASSWORD | |
| : Operator : MD2 MD5 PASSWORD | |
| : Admin : MD2 MD5 PASSWORD |
maurorappa
/ gist:55265c21b57433f910eefa0e24fc8c81
Created
September 27, 2024 18:01
see all new processes created in real time
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bpftrace -e 'tracepoint:syscalls:sys_enter_exec*{ printf("pid: %d, comm: %s, args: ", pid, comm); join(args->argv); } | |
| ``` | |
| pid: 2110851, comm: vmxadmin, args: /usr/bin/whoami | |
| pid: 2110853, comm: vmx_status, args: sed -nE s/.*is running.../1/p | |
| pid: 2110854, comm: vmxadmin, args: /usr/bin/whoami | |
| pid: 2110856, comm: vmxadmin, args: grep -q -i release 6 /etc/redhat-release | |
| pid: 2110857, comm: vmx_status, args: grep KALEID_TEST2_PATH= /vmx/install/mauro/server/bin/env-instances.sh | |
| pid: 2110858, comm: vmx_status, args: awk -F = {print $NF} | |
| pid: 2110859, comm: vmx_status, args: sed -E s/\/opt\/tsa\/bin\/([a-z3]+)_packet_decoder.*/\1/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ifneq ($(KERNELRELEASE),) | |
| obj-m := proc.o | |
| else | |
| KERNELDIR ?= /lib/modules/$(shell uname -r)/build | |
| PWD := $(shell pwd) | |
| KBUILD_CFLAGS += $(call cc-option,-Wno-error,) | |
| default: |
maurorappa
/ gist:652b5234881684f6a6d5f646f757af86
Created
March 21, 2023 09:49
bpftrace example for debugging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Check all available kernel tracepoints, for example: | |
| # cat /sys/kernel/debug/tracing/events/syscalls/sys_enter_adjtimex/format | |
| name: sys_enter_adjtimex | |
| ID: 345 | |
| format: | |
| ….. | |
| field:int common_pid; offset:4; size:4; signed:1; | |
| ….. |
maurorappa
/ gist:b1a02c98d0e98c30323dcf9911439922
Created
August 19, 2022 14:47
Bitbucket webhook parser
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Enable webhook for a Bitbucket repository, get the json of the events, parse the json and notify (here in Slack) | |
| // This is well suited to run serverless | |
| package main | |
| import ( | |
| "bytes" | |
| "encoding/json" | |
| "fmt" | |
| "io/ioutil" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vanilla image | |
| maurorappa$ docker run -it --rm --entrypoint=sh nginx | |
| # nginx -V | |
| nginx version: nginx/1.19.0 | |
| built by gcc 8.3.0 (Debian 8.3.0-6) | |
| built with OpenSSL 1.1.1d 10 Sep 2019 | |
| TLS SNI support enabled | |
| configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-ht |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM golang:buster as builder | |
| WORKDIR /go/src/mockApi | |
| COPY . /go/src/mockApi | |
| RUN go get github.com/gorilla/mux | |
| RUN CGO_ENABLED=0 GOOS=linux go build -o mock_api *.go | |
| FROM busybox:latest | |
| COPY --from=builder /go/src/mockApi/mock_api /bin/mock_api | |
| RUN chmod +x /bin/mock_api |