Skip to content

Instantly share code, notes, and snippets.

@extremecoders-re
extremecoders-re / qemu-networking.md
Last active April 1, 2025 13:41
Setting up Qemu with a tap interface

Setting up Qemu with a tap interface

There are two parts to networking within QEMU:

  • The virtual network device that is provided to the guest (e.g. a PCI network card).
  • The network backend that interacts with the emulated NIC (e.g. puts packets onto the host's network).

Example: User mode network

1:设置

sudo vi /etc/sysctl.conf
net.ipv4.ip_forward=1
sudo sysctl -p

2:安装

https://www.wireguard.com/install/
@evvil
evvil / Naive-VPN.md
Created November 5, 2017 15:55 — forked from klzgrad/Naive-VPN.md
朴素VPN:一个纯内核级静态隧道

朴素VPN:一个纯内核级静态隧道

由于路由管控系统的建立,实时动态黑洞路由已成为最有效的封锁手段,TCP连接重置和DNS污染成为次要手段,利用漏洞的穿墙方法已不再具有普遍意义。对此应对方法是多样化协议的VPN来抵抗识别。这里介绍一种太简单、有时很朴素的“穷人VPN”。

朴素VPN只需要一次内核配置(Linux内核),即可永久稳定运行,不需要任何用户态守护进程。所有流量转换和加密全部由内核完成,原生性能,开销几乎没有。静态配置,避免动态握手和参数协商产生指纹特征导致被识别。并且支持NAT,移动的内网用户可以使用此方法。支持广泛,基于L2TPv3标准,Linux内核3.2+都有支持,其他操作系统原则上也能支持。但有两个局限:需要root权限;一个隧道只支持一个用户。

朴素VPN利用UDP封装的静态L2TP隧道实现VPN,内核XFRM实现静态IPsec。实际上IP-in-IP隧道即可实现VPN,但是这种协议无法穿越NAT,因此必须利用UDP封装。内核3.18将支持Foo-over-UDP,在UDP里面直接封装IP,与静态的L2TP-over-UDP很类似。

创建一个朴素VPN

@vialib
vialib / Ubuntu_Dnsmasq_pdnsd实现无快速污染DNS解析.md
Last active August 18, 2018 09:39
Ubuntu Dnsmasq + pdnsd 实现无快速污染DNS解析

安装软件

安装 dnsmasq

sudo apt install dnsmasq

安装 pdnsd

sudo apt install pdnsd

@jim3ma
jim3ma / gfw_and_cannon_traceroute.py
Created August 11, 2016 07:37
A Tool for Tracerouting the GC and GFW
#!/usr/bin/env python
import time
import threading
from scapy.all import *
import sys
import socket
maxhop = 25
@lenage
lenage / dnscrypt.csv
Created July 30, 2016 04:29
DNScrypt server list
We can make this file beautiful and searchable if this error is corrected: It looks like row 5 should actually have 14 columns, instead of 6 in line 4.
Name,Full name,Description,Location,Coordinates,URL,Version,DNSSEC validation,No logs,Namecoin,Resolver address,Provider name,Provider public key,Provider public key TXT record
4armed,4ARMED,DNSCrypt Server provided by www.4armed.com,France,,https://www.4armed.com,1,yes,yes,no,51.254.115.48:443,2.dnscrypt-cert.dnscrypt.4armed.io,FD3E:5887:63EA:17A9:1AF8:4325:DE82:1507:6ED0:01AB:2F9E:55DE:689B:F491:4D8E:526E,
cisco,Cisco OpenDNS,Remove your DNS blind spot,Anycast,,https://www.opendns.com,1,no,no,no,208.67.220.220:443,2.dnscrypt-cert.opendns.com,B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79,
cisco-familyshield,Cisco OpenDNS with FamilyShield,Blocks web sites not suitable for children,Anycast,,https://www.opendns.com/home-internet-security/parental-controls/,1,no,no,no,208.67.220.123:443,2.dnscrypt-cert.opendns.com,B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79,
cisco-ipv6,Cisco OpenDNS over IPv6,Cisco OpenDNS IPv6 sandbox,Anycast,,https://www.op
@alexniver
alexniver / golang, ubuntu go get in china.md
Last active April 26, 2023 11:15
ubuntu下, 使用shadowsock和Privoxy帮助你在命令行中, 无障碍进行go get

#前言 由于大家都懂的, 国内使用go get的时候, 经常会各种失败, 如果有vpn的话, 打开vpn, 问题就解决了, 但vpn其实挺不灵活的.

相对来说shadowsock则灵活得多.

#解决方案 shadowsock + Privoxy

思路就是, 使用shadowsock建立一个本地sock5代理, 但因为go get 需要http代理, 所以需要使用privoxy把sock5代理转为http代理.

@Zenithar
Zenithar / dnscrypt-proxy
Last active January 29, 2024 17:42
Unbound + DNSCrypt configuration
DNSCRYPT_LOCALIP=127.0.0.1
DNSCRYPT_LOCALIP2=127.0.0.2
DNSCRYPT_LOCALPORT=9053
DNSCRYPT_RESOLVERPORT=443
DNSCRYPT_USER=nobody
DNSCRYPT_PROVIDER_NAME=2.dnscrypt-cert.resolver2.dnscrypt.eu
DNSCRYPT_PROVIDER_NAME2=2.dnscrypt-cert.resolver1.dnscrypt.eu
DNSCRYPT_PROVIDER_KEY=3748:5585:E3B9:D088:FD25:AD36:B037:01F5:520C:D648:9E9A:DD52:1457:4955:9F0A:9955
DNSCRYPT_PROVIDER_KEY2=67C0:0F2C:21C5:5481:45DD:7CB4:6A27:1AF2:EB96:9931:40A3:09B6:2B8D:1653:1185:9C66
DNSCRYPT_RESOLVERIP=77.66.84.233
@lsylsy2
lsylsy2 / apnic_pku.sh
Last active August 23, 2018 00:17
从APNIC下载中国IP,并挑出免费地址
#!/bin/bash
echo "Downloading IP list from APNIC...."
apniclist=`wget -q -O- http://ftp.apnic.net/stats/apnic/delegated-apnic-latest |grep "apnic|CN|ipv4|"`
echo "Checking blocks..."
rm cidr.txt
for ipblock in ${apniclist[@]}
do
ip=`echo $ipblock | cut -d "|" -f4`
@azadkuh
azadkuh / vim-cheatsheet.md
Last active April 2, 2025 09:27
vim / vimdiff cheatsheet - essential commands

Vim cheat sheet

Starting Vim

vim [file1] [file2] ...