Prasetiyo Hadi Purwoko prasetiyohadi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "os" | |
| "path/filepath" | |
| "regexp" | |
| ) | |
| func main() { |
prasetiyohadi
/ resume.json
Last active
August 20, 2019 05:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "basics": { | |
| "name": "Prasetiyo Hadi Purwoko", | |
| "label": "System Engineer", | |
| "summary": "Master in Computational Science and bachelor in Engineering Physics graduate from Institut Teknologi Bandung, and was member of Himpunan Mahasiswa Fisika Teknik and Amateur Radio Club ITB. Worked as Network Administrator at USDI ITB and FMIPA ITB when studying in bachelor degree and while pursuing master degree, continued to work as Mail Administrator at DitSTI ITB and now currently work as System Engineer at PT. Bukalapak.com.", | |
| "website": "https://deuterion.net", | |
| "email": "[email protected]", | |
| "location": { | |
| "city": "Jakarta Selatan", | |
| "countryCode": "ID" |
prasetiyohadi
/ vsphere_info.py
Last active
October 26, 2017 03:28
— forked from deviantony/vsphere_info.py
VMWare Vsphere info in Python using pyvmomi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import pyVmomi | |
| import argparse | |
| import atexit | |
| import itertools | |
| from pyVmomi import vim, vmodl | |
| from pyVim.connect import SmartConnectNoSSL, Disconnect | |
| import humanize |
prasetiyohadi
/ Ansible bootstrap BSD
Created
July 15, 2016 04:14
Ansible command to initialize operation for BSD servers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ansible -i ./hosts server -bkK -m raw -a 'env ASSUME_ALWAYS_YES\=YES pkg install python' foobar |
prasetiyohadi
/ logstash-grok-pattern
Last active
January 28, 2019 20:04
Logstash grok patterns for many types of logs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Nginx access log | |
| # log_format main '$http_host $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time $upstream_response_time [for $host via $upstream_addr] "$http_x_forwarded_for"'; | |
| NGINXACCESS %{IPORHOST:http_host} %{IPORHOST:clientip} - %{USER:clientuser} \[%{HTTPDATE:timestamp}\] \"(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})\" %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{QS:referrer} %{QS:agent} %{NUMBER:request_time:float} (?:%{NUMBER:upstream_time:float}|-) \[for %{IPORHOST:host} via (?<upstream_group>%{NOTSPACE:upstream_addr}.*)\] %{QS:http_x_forwarded_for} | |
| # Squid HTTP Proxy | |
| # http://wiki.squid-cache.org/Features/LogFormat | |
| # time elapsed remotehost code/status bytes method URL rfc931 peerstatus/peerhost type | |
| SQUIDACCESS %{NUMBER:timestamp}\s+%{NUMBER:response_time} %{IPORHOST:src_ip} %{WORD:squid_request_status}/%{NUMBER:response_status} %{NUMBER:response_size:byte} %{WORD:http_metho |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/ | |
| # DDOS characteristics: | |
| # - traffic originates from a fixed set of IP addresses, much higher than requests from forward proxies | |
| # - traffic is much higher than a human user can generate | |
| # - The User-Agent header is sometimes set to a non-standard value | |
| # - The Referer header is sometimes set to a value you can associate with the attack | |
| # Limiting the rate of requests (example: 30 connection per minute per IP or allow request only every 2 seconds) | |
| limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source https://www.nginx.com/blog/tuning-nginx/ | |
| # A good rule to follow when tuning is to change one setting at a time, and set it back to the default value if the change does not improve performance | |
| # Tuning your Linux configuration | |
| # | |
| # The backlog queue: settings relate to connections and how they are queued | |
| # If you have a high rate of incoming connections and you are getting uneven levels of performance (for example some connections appear to be stalling), then changing these settings can help | |
| # | |
| # net.core.somaxconn – The maximum number of connections that can be queued for acceptance by Nginx | |
| # Note: if you set this to a value greater than 512, change the backlog parameter to the Nginx listen directive to match |
prasetiyohadi
/ nginx.conf
Created
December 23, 2015 07:23
Using Nginx to protect against CVE-2015-1635
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # See https://www.nginx.com/blog/nginx-protect-cve-2015-1635/ | |
| # Using Nginx to protect against CVE-2015-1635 | |
| # Exploit: https://ma.ttias.be/remote-code-execution-via-http-request-in-iis-on-windows/ | |
| # Identifying and handling reconnaisance traffic | |
| # HTTP requests with a large byte range in the **Range** header trigger the crash: | |
| # | |
| # GET / HTTP/1.1\r\n | |
| # Host: stuff\r\n | |
| # Range: bytes=0-18446744073709551615\r\n |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # load authentication key | |
| cd $HOME | |
| source keystonerc_admin | |
| # list neutron routers | |
| neutron router-list --max-width 50 | |
| # remove router gateway |
prasetiyohadi
/ openvpn-fw.sh
Last active
August 2, 2024 23:16
Firewall-cmd configuration for OpenVPN service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf | |
| sudo sysctl -p | |
| sudo systemctl start firewalld.service | |
| sudo firewall-cmd --zone=public --add-service openvpn --permanent | |
| sudo firewall-cmd --zone=public --add-masquerade --permanent | |
| # confirm | |
| sudo firewall-cmd --zone=public --query-masquerade |
NewerOlder