AntonSmolkov

nginx/openresty reverse proxy ntlm support

Problem

This code allows you to pass ntlm auth in nginx reverse proxy mode. The problem with plain nginx is that ntlm requires one tcp connection for multiple http requests. Even if browser respect this behaviour, nginx will create/took new connection for each request to ntlm-awared server.

Solution

Implement nginx-like stream proxy, but parse http to understand end of sequence (first request after ntlm auth). We need end of sequence, since browser can reuse opened tcp connection and send another request, which will be passed to ntlm-aware server and this is not you expect.

Installation

Put ntlm.lua to lualib path of openresty.

Linux

You need to install lua-http-parser into openresty lualib path with luarocks.

Windows

AntonSmolkov

IP Tables (iptables) Cheat Sheet

IPTables is the Firewall service that is available in a lot of different Linux Distributions. While modifiying it might seem daunting at first, this Cheat Sheet should be able to show you just how easy it is to use and how quickly you can be on your way mucking around with your firewall.

Resources

The following list is a great set of documentation for iptables. I used them to compile this documentation.

• How-To Geek: The Beginner’s Guide to iptables, the Linux Firewall: https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
• IPTables Essentials: Common Firewall Rules and COmmands https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands

AntonSmolkov

#
# tuned configuration for PostgresSQL servers
# /usr/lib/tuned/postgres-db-server/tuned.conf
#

[cpu]
force_latency=1
governor=performance
energy_perf_bias=performance
min_perf_pct=100