Aleksei Niemi

## firewall.sh
#!/bin/bash

# Restrictive Iptables Based Firewall for Webserver script
# Copyright (C) 2012 Cédric Walter  - www.waltercedric.com
# Credits to all various authors
#
#  This program is free software: you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation, either version 3 of the License, or
#  (at your option) any later version.

## rules-both.iptables
###############################################################################
# The MIT License
#
# Copyright 2012-2014 Jakub Jirutka <jakub@jirutka.cz>.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is

## gelfsender.sh
# This script can be used to raise a graylog2/gelf message
# gzip it and send it to a graylog server using netcat (nc)

hostname='gelftester'
short_message='test message short version'
full_message='longer test message. dont\n worry be happy'
level=1
facility='gelftester'
# gnu date
date=$(date +'%s.%N')

## elasticsearch.yml
##################### ElasticSearch Configuration Example #####################

# This file contains an overview of various configuration settings,
# targeted at operations staff. Application developers should
# consult the guide at <http://elasticsearch.org/guide>.
#
# The installation procedure is covered at
# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup.html>.
#
# ElasticSearch comes with reasonable defaults for most settings,

## SSLInfo.java
import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import javax.net.ssl.SSLServerSocketFactory;

/*
 * Source from Christopher Schultz
 * @see http://markmail.org/message/zn4namfhypyxum23
 */
public class SSLInfo

## build_nginx.sh
#!/usr/bin/env bash

# names of latest versions of each package
export NGINX_VERSION=1.15.5
export VERSION_NGINX=nginx-$NGINX_VERSION
export VERSION_LIBRESSL=libressl-2.8.1
export VERSION_PCRE=pcre-8.42
#export NPS_VERSION=1.9.32.10
#export VERSION_PAGESPEED=v${NPS_VERSION}-beta


## Netfilter-IPTables-Diagrams.md

      
              1 file
            
          
              82 forks
            
          
              7 comments
            
          
              187 stars
            
          
                nerdalert
                / Netfilter-IPTables-Diagrams.md
            
            
              Last active
              April 9, 2024 09:18
            
              
                Linux NetFilter, IP Tables and Conntrack Diagrams
              
          
    Linux NetFilter, IP Tables and Conntrack Diagrams

IPTABLES TABLES and CHAINS

IPTables has the following 4 built-in tables.

1) Filter Table
Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.

  
## jwtRS256.sh
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
# Don't add passphrase
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
cat jwtRS256.key
cat jwtRS256.key.pub

## nginx-libressl-static.sh
#!/usr/bin/env bash

# Names of latest versions of each package
export VERSION_PCRE=pcre-8.39
export VERSION_ZLIB=zlib-1.2.8
export VERSION_LIBRESSL=libressl-2.4.2
export VERSION_NGINX=nginx-1.11.3

# URLs to the source directories
export SOURCE_LIBRESSL=http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/

## gist:3dbb3801ed763ac3f3176852d2e345cc
Emulating wide area network delays

This is the simplest example, it just adds a fixed amount of delay to all packets going out of the local Ethernet.

# tc qdisc add dev eth0 root netem delay 100ms
Now a simple ping test to host on the local network should show an increase of 100 milliseconds. The delay is limited by the clock resolution of the kernel (Hz). On most 2.4 systems, the system clock runs at 100 Hz which allows delays in increments of 10 ms. On 2.6, the value is a configuration parameter from 1000 to 100 Hz.

Later examples just change parameters without reloading the qdisc

Real wide area networks show variability so it is possible to add random variation.
	#!/bin/bash

	# Restrictive Iptables Based Firewall for Webserver script
	# Copyright (C) 2012 Cédric Walter - www.waltercedric.com
	# Credits to all various authors
	#
	# This program is free software: you can redistribute it and/or modify
	# it under the terms of the GNU General Public License as published by
	# the Free Software Foundation, either version 3 of the License, or
	# (at your option) any later version.
	###############################################################################
	# The MIT License
	#
	# Copyright 2012-2014 Jakub Jirutka <jakub@jirutka.cz>.
	#
	# Permission is hereby granted, free of charge, to any person obtaining a copy
	# of this software and associated documentation files (the "Software"), to deal
	# in the Software without restriction, including without limitation the rights
	# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	# copies of the Software, and to permit persons to whom the Software is
	# This script can be used to raise a graylog2/gelf message
	# gzip it and send it to a graylog server using netcat (nc)

	hostname='gelftester'
	short_message='test message short version'
	full_message='longer test message. dont\n worry be happy'
	level=1
	facility='gelftester'
	# gnu date
	date=$(date +'%s.%N')
	##################### ElasticSearch Configuration Example #####################

	# This file contains an overview of various configuration settings,
	# targeted at operations staff. Application developers should
	# consult the guide at <http://elasticsearch.org/guide>.
	#
	# The installation procedure is covered at
	# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup.html>.
	#
	# ElasticSearch comes with reasonable defaults for most settings,
	import java.util.Iterator;
	import java.util.Map;
	import java.util.TreeMap;
	import javax.net.ssl.SSLServerSocketFactory;

	/*
	* Source from Christopher Schultz
	* @see http://markmail.org/message/zn4namfhypyxum23
	*/
	public class SSLInfo
	#!/usr/bin/env bash

	# names of latest versions of each package
	export NGINX_VERSION=1.15.5
	export VERSION_NGINX=nginx-$NGINX_VERSION
	export VERSION_LIBRESSL=libressl-2.8.1
	export VERSION_PCRE=pcre-8.42
	#export NPS_VERSION=1.9.32.10
	#export VERSION_PAGESPEED=v${NPS_VERSION}-beta
	ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
	# Don't add passphrase
	openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
	cat jwtRS256.key
	cat jwtRS256.key.pub
	#!/usr/bin/env bash

	# Names of latest versions of each package
	export VERSION_PCRE=pcre-8.39
	export VERSION_ZLIB=zlib-1.2.8
	export VERSION_LIBRESSL=libressl-2.4.2
	export VERSION_NGINX=nginx-1.11.3

	# URLs to the source directories
	export SOURCE_LIBRESSL=http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/
	Emulating wide area network delays

	This is the simplest example, it just adds a fixed amount of delay to all packets going out of the local Ethernet.

	# tc qdisc add dev eth0 root netem delay 100ms
	Now a simple ping test to host on the local network should show an increase of 100 milliseconds. The delay is limited by the clock resolution of the kernel (Hz). On most 2.4 systems, the system clock runs at 100 Hz which allows delays in increments of 10 ms. On 2.6, the value is a configuration parameter from 1000 to 100 Hz.

	Later examples just change parameters without reloading the qdisc

	Real wide area networks show variability so it is possible to add random variation.