Skip to content

Instantly share code, notes, and snippets.

View wujcheng's full-sized avatar

wujcheng

9 followers · 145 following
View GitHub Profile
@wujcheng
wujcheng / dns.md
Created August 19, 2018 06:42 — forked from roge/dns.md
Public DNS Servers

DNS.md

A list of reasonably reliable DNS servers that I've personally tested to ensure that they fully support DNSSEC and do not hijack NXDOMAIN responses.

IPv4

Address Organization Location Service
8.8.8.8 Google Worldwide (Anycast) Google Public DNS
8.8.4.4 Google Worldwide (Anycast) Google Public DNS
@wujcheng
wujcheng / gfw_and_cannon_traceroute.py
Created August 19, 2018 10:30 — forked from jim3ma/gfw_and_cannon_traceroute.py
A Tool for Tracerouting the GC and GFW
#!/usr/bin/env python
import time
import threading
from scapy.all import *
import sys
import socket
maxhop = 25
@wujcheng
wujcheng / dnscrypt-proxy
Created August 19, 2018 14:14 — forked from Zenithar/dnscrypt-proxy
Unbound + DNSCrypt configuration
DNSCRYPT_LOCALIP=127.0.0.1
DNSCRYPT_LOCALIP2=127.0.0.2
DNSCRYPT_LOCALPORT=9053
DNSCRYPT_RESOLVERPORT=443
DNSCRYPT_USER=nobody
DNSCRYPT_PROVIDER_NAME=2.dnscrypt-cert.resolver2.dnscrypt.eu
DNSCRYPT_PROVIDER_NAME2=2.dnscrypt-cert.resolver1.dnscrypt.eu
DNSCRYPT_PROVIDER_KEY=3748:5585:E3B9:D088:FD25:AD36:B037:01F5:520C:D648:9E9A:DD52:1457:4955:9F0A:9955
DNSCRYPT_PROVIDER_KEY2=67C0:0F2C:21C5:5481:45DD:7CB4:6A27:1AF2:EB96:9931:40A3:09B6:2B8D:1653:1185:9C66
DNSCRYPT_RESOLVERIP=77.66.84.233
@wujcheng
wujcheng / nginx.conf
Created August 19, 2018 17:20 — forked from huacnlee/nginx.conf
Nginx http proxy cache to mirror of Rubygems.org
# 在本地服务器建立 rubygems.org 的镜像缓存,以提高 gem 的安装速度
# 此配置设置缓存过期为1天,也就是说,新上的 gem 无法马上安装
# 做这个起什么作用?
# rubygems 的很多资源文件是存放到 Amazon S3 上面的,由于 GFW 对某些 S3 服务器又连接重置或丢包,导致 gem 安装异常缓慢或有时候根本无法连接安装。
# 而通过这种跳板的方式可以很好的解决这个问题,当然前提是 Nginx反向代理 服务器需要在国外
proxy_cache_path /var/cache/rubygems levels=1:2 keys_zone=RUBYGEMS:10m
inactive=24h max_size=1g;
server {
listen 80;
@wujcheng
wujcheng / setup_proxy.sh
Created August 20, 2018 16:05 — forked from RichardBronosky/setup_proxy.sh
transparent proxy on a router
#!/usr/bin/env sh
PROXY_PORT=8080
if uname -a | grep -iq 'linux'; then
# Since the "ip route" command only changes the destination IP, it still comes in port 80 and must be rerouted (unless you run your proxy on port 80)
iptables --append PREROUTING --table nat --in-interface eth0 --protocol tcp --destination-port 80 -j REDIRECT --to-port $PROXY_PORT
else
# or on a Mac...
ipfw add 100 fwd 127.0.0.1,$PROXY_PORT tcp from any to me 80
fi
@wujcheng
wujcheng / apnic_pku.sh
Created August 23, 2018 00:17 — forked from lsylsy2/apnic_pku.sh
从APNIC下载中国IP,并挑出免费地址
#!/bin/bash
echo "Downloading IP list from APNIC...."
apniclist=`wget -q -O- http://ftp.apnic.net/stats/apnic/delegated-apnic-latest |grep "apnic|CN|ipv4|"`
echo "Checking blocks..."
rm cidr.txt
for ipblock in ${apniclist[@]}
do
ip=`echo $ipblock | cut -d "|" -f4`
@wujcheng
wujcheng / chnroute-gen.sh
Created August 23, 2018 00:18
#!/bin/sh
export PATH="/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:$HOME/bin"
# download chnroute, if faied, then stop
echo "* * * begin"
curl 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' | grep ipv4 | grep CN | awk -F\| '{ printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > chnroute.txt && echo "chnroute.txt generated" || exit 1
# use cidrmerge to compress chnroute, if tailed, then exit
cat chnroute.txt | cidrmerge > chnroute.lite.txt && echo "chnroute.lite.txt generated" || exit 1
# generate new chnroute-action to use with ~/bin/acd
rm -f chnroute-action
while read cnip ; do echo "route -nq \${_action} ${cnip} \${current_gw}" >> chnroute-action ; done < chnroute.lite.txt && echo "chnroute-action generated, copy them to the script"
@wujcheng
wujcheng / chnroute_update.txt
Created August 23, 2018 00:19 — forked from lixingcong/chnroute_update.txt
chinaroute路由表更新命令
路由表使用cidrmerge进行合并
cat route.txt| cidrmerge > route_merged.txt
ChinaRoute ipv4路由表
wget -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' | awk -F\| '/CN\|ipv4/ { printf("%s/%d\n", $4, 32-log($5)/log(2)) }' > /tmp/route.txt
Adblock_china_easylist去广告:
wget -4 --no-check-certificate -O - https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt | grep -E '^\|\|[^\*]*\^$' | sed -e 's:||:address\=\/:' -e 's:\^:/127\.0\.0\.1:' | sort | uniq > /tmp/adblock.conf
AdAway去广告:大体积版本:2.1MB...注意这个ad_server.txt行尾是DOS,这里使用sed替换为Unix!
@wujcheng
wujcheng / cidr.py
Created August 23, 2018 00:23 — forked from toringe/cidr.py
Merge CIDR blocks into super blocks if possible
#!/usr/bin/env python
#
# Example 1: All blocks in list.txt, one CIDR per line
# cat list.txt | cidr.py
#
# Example 2: Echo CIDR blocks to stdout
# echo 1.2.3.0/25 1.2.3.128/25 | cidr.py
import sys
from netaddr import *
@wujcheng
wujcheng / merge-cidr.pl
Created August 23, 2018 00:23 — forked from wongsyrone/merge-cidr.pl
merge-cidr.pl
#!/usr/bin/perl
## ArchLinux install package via pacman: perl-net-cidr-lite
use strict;
use warnings;
use Net::CIDR::Lite;
my $cidr = Net::CIDR::Lite->new;
while (my $line=<>) {
$cidr->add($line);
}
foreach my $line( @{$cidr->list} ) {