Skip to content

Instantly share code, notes, and snippets.

View TGion's full-sized avatar

Tobias Gion TGion

View GitHub Profile
@TGion
TGion / sysctl.conf
Created February 1, 2023 13:45
FreeBSD 13 sysctl settings to prevent port scanning
View sysctl.conf
# /etc/sysctl.conf
# Against port scanning
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.icmp.icmplim=50
@TGion
TGion / adguardhome_custom_filter.txt
Last active February 5, 2023 19:48
AdGuard Home custom DNS rewrite for internal (vpn) access to the VPS
View adguardhome_custom_filter.txt
# The idea is to use the internal VPN host IP address of the server once we are connected to VPN.
# Domain name stays the same and should also be accessible, even when not connected to the VPN.
#
# Rewrite DNS of gion.io and every subdomain to the internal VPN host IP for every client with IP 192.168.100.*
||gion.io^$dnsrewrite=NOERROR;A;192.168.100.1,client='192.168.100.1/24'
# Exception for sub domain somedomain.gion.io - which is on another server
@@||somedomain.gion.io^$dnsrewrite
@TGion
TGion / .bashrc
Created April 14, 2023 13:41
Some aliases and nice bash prompt
View .bashrc
export PS1='[\u@\H \w]\$ '
# Alias
alias show.tables="pfctl -vvsTables"
alias show.badhosts="pfctl -t badhosts -T show"
alias show.pf="tcpdump -n -e -ttt -i pflog0"
alias show.pflog="tcpdump -n -e -ttt -r /var/log/pflog"
alias gh="history|grep"
@TGion
TGion / periodic.conf
Created April 24, 2023 11:27
Customized Daily Crontabs
View periodic.conf
#######################################################################################
# Daily options
#######################################################################################
daily_output="root" # user or /file
daily_show_success="YES" # scripts returning 0
daily_show_info="YES" # scripts returning 1
daily_show_badconfig="NO" # scripts returning 2
# 100.clean-disks
@TGion
TGion / 420.backup-system
Created April 24, 2023 11:30
Sample custom periodic script
View 420.backup-system
#!/bin/sh -
#
# $FreeBSD$
#
# Put into /usr/local/etc/periodic/daily
# If there is a global system configuration file, suck it in.
#
if [ -r /etc/defaults/periodic.conf ]
then
@TGion
TGion / gist:caf442def7f5bd871c3b971044c759a9
Created June 11, 2023 21:15
Redirect stdout and stderr to /dev/null - Silent restart for nginx
View gist:caf442def7f5bd871c3b971044c759a9
#!/bin/sh
/usr/sbin/service nginx restart>/dev/null 2>&1
@TGion
TGion / etc - profile
Created June 12, 2023 10:14
System-wide shell profile for sh-based shells (e.g. sh, bash, zsh, tcsh)
View etc - profile
# Colorize terminal for micro editor
TERM=xterm-256color
export TERM
# Some generic alias
alias su="su -l"
alias show.top="top -I -z -t -a -o cpu"
alias gh="history|grep"
# even more generic
@TGion
TGion / gist:f3b7b429e1c5f52585c4cd7d723477a7
Last active June 12, 2023 15:08
Check if Wireguard to Fritz!Box is active and set rclone server accordingly
View gist:f3b7b429e1c5f52585c4cd7d723477a7
#!/bin/sh
# Check if Wireguard to Fritz!Box is active
if ping -c 1 fritzbox.local > /dev/null
then export RCLONE_SERVER=fritz.wireguard # Access via Wireguard
else export RCLONE_SERVER=fritz.extern # Access via FTP/S externaly
fi
@TGion
TGion / rc.conf
Last active June 12, 2023 15:10
FreeBSD 13 RC config file for my VPS with SSH, Wireguard and several services
View rc.conf
# Misc
dumpdev="NO"
cloudinit_enable="YES"
swapfile="/usr/swap0"
dbus_enable="YES"
# Network Stuff
hostname=HOSTNAME.DOMAIN.TLD
defaultrouter=X.X.X.X
ifconfig_vtnet0=X.X.X.X
@TGion
TGion / gist:f6d16d070a665bafd9ecc3e75c1d9f8e
Created June 12, 2023 15:12
FreeBSD kernel config for pf's ALTQ
View gist:f6d16d070a665bafd9ecc3e75c1d9f8e
device pf
device pflog
device pfsync
options ALTQ
options ALTQ_CBQ # Class Bases Queuing (CBQ)
options ALTQ_RED # Random Early Detection (RED)
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC)
options ALTQ_PRIQ # Priority Queuing (PRIQ)