1) Filter Table
Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.
#!/bin/bash | |
# Restrictive Iptables Based Firewall for Webserver script | |
# Copyright (C) 2012 Cédric Walter - www.waltercedric.com | |
# Credits to all various authors | |
# | |
# This program is free software: you can redistribute it and/or modify | |
# it under the terms of the GNU General Public License as published by | |
# the Free Software Foundation, either version 3 of the License, or | |
# (at your option) any later version. |
############################################################################### | |
# The MIT License | |
# | |
# Copyright 2012-2014 Jakub Jirutka <jakub@jirutka.cz>. | |
# | |
# Permission is hereby granted, free of charge, to any person obtaining a copy | |
# of this software and associated documentation files (the "Software"), to deal | |
# in the Software without restriction, including without limitation the rights | |
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
# copies of the Software, and to permit persons to whom the Software is |
# This script can be used to raise a graylog2/gelf message | |
# gzip it and send it to a graylog server using netcat (nc) | |
hostname='gelftester' | |
short_message='test message short version' | |
full_message='longer test message. dont\n worry be happy' | |
level=1 | |
facility='gelftester' | |
# gnu date | |
date=$(date +'%s.%N') |
##################### ElasticSearch Configuration Example ##################### | |
# This file contains an overview of various configuration settings, | |
# targeted at operations staff. Application developers should | |
# consult the guide at <http://elasticsearch.org/guide>. | |
# | |
# The installation procedure is covered at | |
# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup.html>. | |
# | |
# ElasticSearch comes with reasonable defaults for most settings, |
import java.util.Iterator; | |
import java.util.Map; | |
import java.util.TreeMap; | |
import javax.net.ssl.SSLServerSocketFactory; | |
/* | |
* Source from Christopher Schultz | |
* @see http://markmail.org/message/zn4namfhypyxum23 | |
*/ | |
public class SSLInfo |
#!/usr/bin/env bash | |
# names of latest versions of each package | |
export NGINX_VERSION=1.15.5 | |
export VERSION_NGINX=nginx-$NGINX_VERSION | |
export VERSION_LIBRESSL=libressl-2.8.1 | |
export VERSION_PCRE=pcre-8.42 | |
#export NPS_VERSION=1.9.32.10 | |
#export VERSION_PAGESPEED=v${NPS_VERSION}-beta | |
1) Filter Table
Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key | |
# Don't add passphrase | |
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub | |
cat jwtRS256.key | |
cat jwtRS256.key.pub |
#!/usr/bin/env bash | |
# Names of latest versions of each package | |
export VERSION_PCRE=pcre-8.39 | |
export VERSION_ZLIB=zlib-1.2.8 | |
export VERSION_LIBRESSL=libressl-2.4.2 | |
export VERSION_NGINX=nginx-1.11.3 | |
# URLs to the source directories | |
export SOURCE_LIBRESSL=http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ |
Emulating wide area network delays | |
This is the simplest example, it just adds a fixed amount of delay to all packets going out of the local Ethernet. | |
# tc qdisc add dev eth0 root netem delay 100ms | |
Now a simple ping test to host on the local network should show an increase of 100 milliseconds. The delay is limited by the clock resolution of the kernel (Hz). On most 2.4 systems, the system clock runs at 100 Hz which allows delays in increments of 10 ms. On 2.6, the value is a configuration parameter from 1000 to 100 Hz. | |
Later examples just change parameters without reloading the qdisc | |
Real wide area networks show variability so it is possible to add random variation. |