Skip to content

Instantly share code, notes, and snippets.

Andrew Fresh afresh1

Block or report user

Report or block afresh1

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@afresh1
afresh1 / 6rd_config.sh
Last active Dec 7, 2019
Calculates a 6rd IP and default gateway and outputs them in an OpenBSD hostname.gif0 format from an IPv4 address, with optional mask, the v4 destination, a 6rd prefix with length. See also this gist: https://gist.github.com/afresh1/791343380b4410687d51fdd94f20bd42
View 6rd_config.sh
#!/bin/ksh
set -e
set -f -u -C
# Copyright (c) 2019 Andrew Hewus Fresh <andrew@afresh1.com>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
@afresh1
afresh1 / plenv-install-latest.sh
Last active Sep 19, 2019
Installs the latest available of each release version of perl plus the latest development version with https://github.com/tokuhirom/plenv
View plenv-install-latest.sh
https://github.com/afresh1/dotfiles/blob/master/plenv/libexec/plenv-install-latest
@afresh1
afresh1 / plenv-install-latest.sh
Last active Sep 19, 2019
Installs or upgrades to the latest perl5 version for each major release, as well as the latest development version.
View plenv-install-latest.sh
https://github.com/afresh1/dotfiles/blob/master/plenv/libexec/plenv-install-latest
@afresh1
afresh1 / post_dmesg_to_nycbug.pl
Last active Aug 14, 2019
This script posts an OpenBSD dmesg to the NYC*BUG archive at http://www.nycbug.org/index.cgi?action=dmesgd
View post_dmesg_to_nycbug.pl
#!/usr/bin/perl
use strict;
use warnings;
use feature 'say';
use feature 'signatures';
no warnings 'experimental::signatures';
use Sys::Hostname;
use HTTP::Tiny;
@afresh1
afresh1 / drop_privileges_fcgi_app.psgi
Last active Jul 25, 2019
This is a proof of concept for an FCGI::ProcManager that will chroot into a directory and drop privileges for each child process.
View drop_privileges_fcgi_app.psgi
#!/usr/bin/env plackup -s FCGIDropPrivs
use strict;
use warnings;
my ($user, $group) = qw( nobody nogroup );
my $uid = getpwnam($user);
my $gid = getgrnam($group);
my $root = '/var/empty';
package Plack::Handler::FCGIDropPrivs;
@afresh1
afresh1 / setup_images.sh
Created Jul 23, 2013
Scripts to setup OpenBSD flashrd images and start qemu instances for each of them.
View setup_images.sh
#!/bin/sh
# Andrew Fresh <andrew AT afresh1.com> - https://gist.github.com/afresh1
# This uses qemu, so pkg_add qemu
# Download and extract flashrd, either from github or here:
# http://www.nmedia.net/flashrd/
# Grab a flashrd image from here:
# http://www.nmedia.net/flashrd/images/
@afresh1
afresh1 / HTTP-Tiny-nc.pm
Last active Jun 6, 2019
An monkey patch to let perl's HTTP::Tiny to use the OpenBSD netcat with TLS support to access https sites without installing IO::Socket::SSL and Net::SSLeay.
View HTTP-Tiny-nc.pm
package HTTP::Tiny::nc;
use strict;
use warnings;
use parent 'HTTP::Tiny';
# Copyright (c) 2019 Andrew Hewus Fresh <afresh1@openbsd.org>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
@afresh1
afresh1 / !README.md
Last active Mar 26, 2019
CenturyLink PPPoE and 6rd on an OpenBSD router
View !README.md

Replacing the CenturyLink provided ethernet router with OpenBSD

Unfortunately CenturyLink provisions their fiber to the home with a PPPoE authentication over vlan 201, this makes replacing the router more difficult than it should be. I also had to call CenturyLink support to get the password for the PPPoE connection.

cnmac0 is the egress interface on my EdgeRouter Lite.

You also need to add match on pppoe0 scrub (max-mss 1440)

@afresh1
afresh1 / start_inet6.sh
Last active Dec 11, 2018
Find the default IPv6 gateway and start forwarding traffic on OpenBSD and Comcast (XFinity)
View start_inet6.sh
#!/bin/sh
egress=$1
internal=$2
# This should set up ipv6 on XFinity or Comcast on OpenBSD 6.1
# Stop everything
/usr/bin/pkill dhcp6c
route -qn delete -inet6 default
ifconfig $egress -inet6
@afresh1
afresh1 / Installing_an_OpenBSD_VM_under_FreeNAS.md
Last active Dec 11, 2018
Installing OpenBSD in a bhyve VM under FreeNAS
View Installing_an_OpenBSD_VM_under_FreeNAS.md
You can’t perform that action at this time.