Tobias Gion TGion
TGion
/ sysctl.conf
Created
February 1, 2023 13:45
FreeBSD 13 sysctl settings to prevent port scanning
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/sysctl.conf | |
| # Against port scanning | |
| net.inet.tcp.blackhole=2 | |
| net.inet.udp.blackhole=1 | |
| net.inet.icmp.icmplim=50 |
TGion
/ adguardhome_custom_filter.txt
Last active
February 5, 2023 19:48
AdGuard Home custom DNS rewrite for internal (vpn) access to the VPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The idea is to use the internal VPN host IP address of the server once we are connected to VPN. | |
| # Domain name stays the same and should also be accessible, even when not connected to the VPN. | |
| # | |
| # Rewrite DNS of gion.io and every subdomain to the internal VPN host IP for every client with IP 192.168.100.* | |
| ||gion.io^$dnsrewrite=NOERROR;A;192.168.100.1,client='192.168.100.1/24' | |
| # Exception for sub domain somedomain.gion.io - which is on another server | |
| @@||somedomain.gion.io^$dnsrewrite |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export PS1='[\u@\H \w]\$ ' | |
| # Alias | |
| alias show.tables="pfctl -vvsTables" | |
| alias show.badhosts="pfctl -t badhosts -T show" | |
| alias show.pf="tcpdump -n -e -ttt -i pflog0" | |
| alias show.pflog="tcpdump -n -e -ttt -r /var/log/pflog" | |
| alias gh="history|grep" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ####################################################################################### | |
| # Daily options | |
| ####################################################################################### | |
| daily_output="root" # user or /file | |
| daily_show_success="YES" # scripts returning 0 | |
| daily_show_info="YES" # scripts returning 1 | |
| daily_show_badconfig="NO" # scripts returning 2 | |
| # 100.clean-disks |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh - | |
| # | |
| # $FreeBSD$ | |
| # | |
| # Put into /usr/local/etc/periodic/daily | |
| # If there is a global system configuration file, suck it in. | |
| # | |
| if [ -r /etc/defaults/periodic.conf ] | |
| then |
TGion
/ gist:caf442def7f5bd871c3b971044c759a9
Created
June 11, 2023 21:15
Redirect stdout and stderr to /dev/null - Silent restart for nginx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| /usr/sbin/service nginx restart>/dev/null 2>&1 |
TGion
/ etc - profile
Created
June 12, 2023 10:14
System-wide shell profile for sh-based shells (e.g. sh, bash, zsh, tcsh)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Colorize terminal for micro editor | |
| TERM=xterm-256color | |
| export TERM | |
| # Some generic alias | |
| alias su="su -l" | |
| alias show.top="top -I -z -t -a -o cpu" | |
| alias gh="history|grep" | |
| # even more generic |
TGion
/ gist:f3b7b429e1c5f52585c4cd7d723477a7
Last active
June 12, 2023 15:08
Check if Wireguard to Fritz!Box is active and set rclone server accordingly
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Check if Wireguard to Fritz!Box is active | |
| if ping -c 1 fritzbox.local > /dev/null | |
| then export RCLONE_SERVER=fritz.wireguard # Access via Wireguard | |
| else export RCLONE_SERVER=fritz.extern # Access via FTP/S externaly | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Misc | |
| dumpdev="NO" | |
| cloudinit_enable="YES" | |
| swapfile="/usr/swap0" | |
| dbus_enable="YES" | |
| # Network Stuff | |
| hostname=HOSTNAME.DOMAIN.TLD | |
| defaultrouter=X.X.X.X | |
| ifconfig_vtnet0=X.X.X.X |
TGion
/ gist:f6d16d070a665bafd9ecc3e75c1d9f8e
Created
June 12, 2023 15:12
FreeBSD kernel config for pf's ALTQ
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| device pf | |
| device pflog | |
| device pfsync | |
| options ALTQ | |
| options ALTQ_CBQ # Class Bases Queuing (CBQ) | |
| options ALTQ_RED # Random Early Detection (RED) | |
| options ALTQ_RIO # RED In/Out | |
| options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC) | |
| options ALTQ_PRIQ # Priority Queuing (PRIQ) |
OlderNewer