Skip to content

Instantly share code, notes, and snippets.

View amnkh's full-sized avatar

Amin Khoshnood amnkh

View GitHub Profile
#!/bin/bash
for i in `ls /sys/class/scsi_device/`
do
echo 1 > /sys/class/scsi_device/`echo $i | sed 's|:|\:|g'`/device/rescan
done
for i in `ls /sys/class/scsi_host/`
do
echo "- - -" > /sys/class/scsi_host/$i/scan
@danitfk
danitfk / nginx-cloudflare.conf
Created March 6, 2018 15:59
Nginx Cloudflare IP to show real user's IP
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
@nitefood
nitefood / README.md
Last active May 8, 2023 00:45
ASN/IP/Route/hostname command line lookup tool to map any network to the corresponding ASN and prefix

This gist has moved to its own repository HERE

See you there!

@yumminhuang
yumminhuang / remove-expired-index.sh
Created October 27, 2017 02:48
Remove Elasticsearch indices that older than a given date.
#!/usr/bin/env bash
#set -x
usage()
{
cat << EOF
remove-expired-index.sh
@WangYihang
WangYihang / port-forwarding.py
Last active April 3, 2024 06:13
port forwarding via python socket
#!/usr/bin/env python3
# Tcp Port Forwarding (Reverse Proxy)
# Author : WangYihang <wangyihanger@gmail.com>
'''
+-----------------------------+ +---------------------------------------------+ +--------------------------------+
| My Laptop (Alice) | | Intermediary Server (Bob) | | Internal Server (Carol) |
+-----------------------------+ +----------------------+----------------------+ +--------------------------------+
| $ ssh -p 1022 carol@1.2.3.4 |<------->| IF 1: 1.2.3.4 | IF 2: 192.168.1.1 |<------->| IF 1: 192.168.1.2 |
| carol@1.2.3.4's password: | +----------------------+----------------------+ +--------------------------------+
@shaardie
shaardie / gsad.service
Last active February 10, 2020 05:59
OpenVAS Systemd Service files
[Unit]
Description=OpenVAS - Greenbone Security Assistant
After=network.target
[Service]
ExecStart=/usr/local/sbin/gsad --foreground
[Install]
WantedBy=multi-user.target
@tsaarni
tsaarni / openssl-notes.txt
Created October 22, 2016 08:50
Generate self-signed certs with different key types
*** RSA
# Generate self-signed certificate with RSA 4096 key-pair
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout rsakey.pem -out rsacert.pem
# print private and public key
openssl rsa -in rsakey.pem -text -noout
# print certificate
openssl x509 -in rsacert.pem -text -noout
@fntlnz
fntlnz / self-signed-certificate-with-custom-ca.md
Last active July 15, 2024 09:31
Self Signed Certificate with Custom Root CA

Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl genrsa -des3 -out rootCA.key 4096
@dunkelstern
dunkelstern / rc.local
Created August 7, 2016 19:14
iptables rules for vpn config
# for ISAKMP (handling of security associations)
iptables -A INPUT -p udp --dport 500 --j ACCEPT
# for NAT-T (handling of IPsec between natted devices)
iptables -A INPUT -p udp --dport 4500 --j ACCEPT
# for ESP payload (the encrypted data packets)
iptables -A INPUT -p esp -j ACCEPT
# for the routing of packets on the server
iptables -t nat -A POSTROUTING -j SNAT --to-source %IP% -o eth0
# internet access
iptables -t nat -A POSTROUTING -s 10.0.42.0/24 -o eth0 -m policy --dir out --pol ipsec -j ACCEPT
@dunkelstern
dunkelstern / ipsec.conf
Created August 7, 2016 19:00
StrongSWAN ipsec config for IKEv2 VPN
# ipsec.conf - strongSwan IPsec configuration file
config setup
charondebug="ike 4, knl 4, cfg 4, net 4, esp 4, dmn 4, mgr 4"
conn %default
keyexchange=ike
ike=aes128-sha1-modp1024,aes128-sha1-modp1536,aes128-sha1-modp2048,aes128-sha256-ecp256,aes128-sha256-modp1024,aes128-sha256-modp1536,aes128-sha256-modp2048,aes256-aes128-sha256-sha1-modp2048-modp4096-modp1024,aes256-sha1-modp1024,aes256-sha256-modp1024,aes256-sha256-modp1536,aes256-sha256-modp2048,aes256-sha256-modp4096,aes256-sha384-ecp384,aes256-sha384-modp1024,aes256-sha384-modp1536,aes256-sha384-modp2048,aes256-sha384-modp4096,aes256gcm16-aes256gcm12-aes128gcm16-aes128gcm12-sha256-sha1-modp2048-modp4096-modp1024,3des-sha1-modp1024!
esp=aes128-aes256-sha1-sha256-modp2048-modp4096-modp1024,aes128-sha1,aes128-sha1-modp1024,aes128-sha1-modp1536,aes128-sha1-modp2048,aes128-sha256,aes128-sha256-ecp256,aes128-sha256-modp1024,aes128-sha256-modp1536,aes128-sha256-modp2048,aes128gcm12-aes128gcm16-aes256gcm12-aes256gcm16-modp2048-modp4096-modp