Skip to content

Instantly share code, notes, and snippets.

@adler
adler / gist:0707e600ac49a58a74c0e426339d9c12
Last active September 29, 2017 15:16
goreplay only parsing GETs, not POSTs
# I was able to capture all the http traffic on port 9740
$ sudo tcpdump -s0 -w madler-posts.pcap port 9740
# Here we can the health checks that GET /version
$ tcpdump -r madler-posts.pcap -A port 9740 | grep GET | head
reading from file madler-posts.pcap, link-type EN10MB (Ethernet)
...w7Q.{GET /version HTTP/1.1
....7Q..GET /version HTTP/1.1
....7Q..GET /version HTTP/1.1
.5.B7Q..GET /version HTTP/1.1
#!/bin/bash
# runs a command in the same network namespaces as a process pid
set -e
function usage {
test -n "$*" & echo "$*"
echo "usage: $0 PID COMMAND [ARG...]" >&2
exit 1
@adler
adler / gist:55512f7c8ffaccb7bd5d
Last active August 29, 2015 14:07
CloudFormation to disable SSLv3 based on ELBSecurityPolicy-2014-01
"appName" : {
"Type" : "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties" : {
"Subnets" : [{ "Ref" : "SubnetA" }, { "Ref" : "SubnetB" }, { "Ref" : "SubnetC" }],
"SecurityGroups" : [ { "Ref" : "lbSG" } ],
"CrossZone" : true,
"Policies": [ {
"PolicyName" : "TLSOnlyPolicy",
"PolicyType" : "SSLNegotiationPolicyType",
"Attributes" : [
@adler
adler / spaceblanket.vcl
Last active December 22, 2015 21:49
Varnish vcl to support SpaceBlanket, the Huffington Post fail-safe
# null_backend is always unhealthy
backend null_backend {
.host = "localhost";
.port = "39997";
.probe = {
.url = "/";
.timeout = 5ms;
.interval = 60s;
.window = 2;
.threshold = 1;
# get half of number of bytes of total memory
SHMMAX=$(free | perl -ane 'printf "%1.0f\n", ($F[1] * 512 ) if m/Mem:/')
grep -q kernel.shmmax /etc/sysctl.conf || echo "kernel.shmmax = $SHMMAX" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p