# /etc/stunnel/stunnel.conf
cert = /etc/stunnel/cert.pem
sslVersion = TLSv1 TLSv1.1 TLSv1.2
chroot = /var/run/stunnel/
David Wittman DavidWittman
DavidWittman
/ check_peer_interfaces.py
Last active
April 3, 2021 19:12
Checks to see if two interfaces are on the same network on Linux. Useful when bonding interfaces.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # check_peer_interfaces.py | |
| # Author: David Wittman <david@wittman.com> | |
| # | |
| # Checks to see if two interfaces are on the same network by sending a | |
| # unique broadcast packet out of the first interface and listening for that | |
| # packet on the second interface. | |
| # | |
| # Assumes that you're running a Linux variant, and that both interfaces |
DavidWittman
/ stunnel-chroot-reload.md
Created
March 25, 2015 03:28
Reloading stunnel configurations when in a chroot
DavidWittman
/ naglite.go
Last active
August 29, 2015 14:16
Status.dat parser for Icinga in Go. I'm sorry.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bufio" | |
| "bytes" | |
| "encoding/json" | |
| "fmt" | |
| "os" | |
| "strconv" | |
| "strings" |
DavidWittman
/ supermicro-psblock-fix.expect
Last active
January 27, 2022 20:02
This expect script secures SuperMicro IPMI implementations which are vulnerable to viewing the IPMI password in plaintext on port 49152.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/expect -f | |
| # This script secures SuperMicro IPMI implementations which are vulnerable | |
| # to viewing the IPMI password in plaintext on port 49152. It does this by | |
| # using the shell available in some SuperMicro BMCs to drop traffic to port | |
| # 49152 in iptables. | |
| # | |
| # See http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/ | |
| # for more details on the vulnerability. | |
| # |
DavidWittman
/ supermicro-bmc-reset.sh
Created
September 11, 2014 22:24
Issues a reset of the SuperMicro BMC via the web interface
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Issues a reset of the SuperMicro BMC via the web interface | |
| # | |
| # usage: supermicro-bmc-reset.sh <ipmi-host> | |
| # e.g.: supermicro-bmc-reset.sh 10.0.0.1 | |
| # | |
| set -x |
DavidWittman
/ ansible-lxc.py
Created
July 9, 2014 15:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| # (c) 2014, Kevin Carter <kevin.carter@rackspace.com> | |
| # | |
| # This file is part of Ansible | |
| # | |
| # Ansible is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation, either version 3 of the License, or |
DavidWittman
/ supermicro-ipmi-mac-address.md
Last active
August 17, 2023 08:05
Pull the LAN1/eth0 MAC address from SuperMicro IPMI
You can find the MAC address for LAN1/eth0 (not the BMC MAC) via the SuperMicro IPMI interface by running the following command:
$ ipmitool -U $IPMI_USER -P $IPMI_PASS -H $IPMI_HOST raw 0x30 0x21 | tail -c 18The eth0 MAC address will be output in this format:
00 25 90 f0 be ef
DavidWittman
/ hipchat-relay.go
Last active
May 10, 2016 14:37
Room-to-room message relay for Hipchat, with support across accounts.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "flag" | |
| "fmt" | |
| "github.com/andybons/hipchat" | |
| "log" | |
| "os" | |
| "path" | |
| "strings" |
DavidWittman
/ coreos.ipxe
Created
May 27, 2014 22:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!ipxe | |
| set base-url http://beta.release.core-os.net/amd64-usr/current | |
| kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" | |
| initrd ${base-url}/coreos_production_pxe_image.cpio.gz | |
| boot |
DavidWittman
/ supermicro-mount-iso.sh
Last active
December 10, 2022 18:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Loads and mounts an ISO over SMB via the | |
| # SuperMicro IPMI web interface | |
| # | |
| # usage: supermicro-mount-iso.sh <ipmi-host> <smb-host> <path> | |
| # e.g.: supermicro-mount-iso.sh 10.0.0.1 10.0.0.2 '\foo\bar\windows.iso' | |
| set -x |