The figure below calls out
- The netfilter hooks
- The order of table traversal
Ruben Nicolaides rubot
rubot
/ git-cache-meta.sh
Created
July 26, 2018 11:12
— forked from andris9/git-cache-meta.sh
git-cache-meta
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh -e | |
| #git-cache-meta -- simple file meta data caching and applying. | |
| #Simpler than etckeeper, metastore, setgitperms, etc. | |
| #from http://www.kerneltrap.org/mailarchive/git/2009/1/9/4654694 | |
| #modified by n1k | |
| # - save all files metadata not only from other users | |
| # - save numeric uid and gid | |
| # 2012-03-05 - added filetime, andris9 |
rubot
/ iptables-cheatsheet.md
Created
April 15, 2018 10:38
— forked from mcastelino/iptables-cheatsheet.md
iptables-cheatsheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eu | |
| # Solves the problem with open ports with docker and ufw | |
| # As Docker uses the nat table, the filter table FORWARD chain is used and does not touch ufw-input chains as expected. | |
| # Even for ufw-forward chains it would not work, as DOCKER chains are inserted in front. | |
| # This is a simple fix that worked for me. | |
| # https://github.com/moby/moby/issues/4737#issuecomment-420264979 | |
| # Unfortunately this fix stops forwarding users origin ip to host mode configured service |
rubot
/ gist:e3b01a34c23524063fe65c223171e410
Created
April 6, 2018 12:15
— forked from krisnod/gist:56ff894f400cce7c742fb11fb2fde9cf
RancherOS on Hetzner using software RAID (RAID 1)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install: | |
| ---------- | |
| * Activate Hetzner Rescue System (Debian) | |
| * Connect to Hetzner Rescue System using SSH and live boot RancherOS | |
| (thanks goes to William Fleurant for showing how this can be done: https://github.com/wfleurant/boot-rancheros-hetzner/) | |
| * apt-get update | |
| * apt-get install kexec-tools aria2 |
rubot
/ FireHOL config file with docker tunnel.md
Created
February 23, 2018 11:34
— forked from StudioEtrange/FireHOL config file with docker tunnel.md
FireHol with docker
# from https://github.com/WonderBeat/docker-archive/blob/master/firehol.conf
# FireHOL config file with docker tunnel
#
# eth0 (World) <-> FireHOL <->
# <-> Docker
# tun0 (Internal VPN) <->
#
version 5
server_ssh_ports="tcp/222"
rubot
/ docker-nftables.conf
Created
February 22, 2018 22:13
— forked from dearing/docker-nftables.conf
nftables with docker
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/systemd/system/docker.service.d/docker-nftables.conf | |
| # disable iptables in docker, allowing nftables to do work | |
| [Service] | |
| ExecStart= | |
| ExecStart=/usr/bin/docker daemon -H fd:// --iptables=false |
rubot
/ interfaces
Created
April 22, 2017 15:21
— forked from hazanjon/interfaces
Hetnzer Network Interface settings for Proxmox and pfSense
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Hetzner Online AG - installimage | |
| # Loopback device: | |
| auto lo | |
| iface lo inet loopback | |
| # device: eth0 | |
| auto eth0 ##Hetzner Interface | |
| iface eth0 inet static | |
| address <Main IP> | |
| broadcast <Broadcast IP> |
rubot
/ README.md
Created
February 23, 2017 13:06
— forked from taylor/README.md
wrapper to support SSH SRV records
ssh-srv-wrapper is bash shell script which tries to find a SSH SRV record for the first host and uses what is found rather than what was passed (if a valid record is found).
Run the script directly or feel free to rename or symlink to the name ssh. It will look for another ssh in your path to execute.
rubot
/ watch.sh
Created
August 17, 2016 14:21
— forked from mikesmullin/watch.sh
watch is a linux bash script to monitor file modification recursively and execute bash commands as changes occur
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # script: watch | |
| # author: Mike Smullin <[email protected]> | |
| # license: GPLv3 | |
| # description: | |
| # watches the given path for changes | |
| # and executes a given command when changes occur | |
| # usage: | |
| # watch <path> <cmd...> | |
| # |
rubot
/ idletime.sh
Created
May 9, 2016 13:45
— forked from Neil-Smithline/idletime.sh
Mac OS X Idle Time Shell Script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Get MacOSX idletime. Shamelessly stolen from http://bit.ly/yVhc5H | |
| /usr/sbin/ioreg -c IOHIDSystem | /usr/bin/awk '/HIDIdleTime/ {print int($NF/1000000000); exit}' |