Skip to content

Instantly share code, notes, and snippets.

View changeme's full-sized avatar

Diego changeme

21 followers · 5 following
View GitHub Profile
@changeme
changeme / ttfb.sh
Created August 21, 2017 13:32 — forked from sandeepraju/ttfb.sh
curl command to check the time to first byte
#!/bin/bash
# file: ttfb.sh
# curl command to check the time to first byte
# ** usage **
# 1. ./ttfb.sh "https://google.com"
# 2. seq 10 | xargs -Iz ./ttfb.sh "https://google.com"
curl -o /dev/null \
-H 'Cache-Control: no-cache' \
-s \
@changeme
changeme / haproxy.conf
Created April 29, 2017 12:21 — forked from kishba/haproxy.conf
Sample HAProxy HTTPS configuration for Moodle and Ellucian Colleague web apps -- anonymized from Mid Michigan Community College
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
@changeme
changeme / Fill_mikrotik_config.bash
Created March 9, 2017 19:29 — forked from elmariofredo/Fill_mikrotik_config.bash
L2TP IPSEC VPN Auto config for mikrotik based on following tutorial http://www.nasa-security.net/mikrotik/mikrotik-l2tp-with-ipsec/ !!! Edit user name/user pass and ipsec secret
# Fetch and fill config
mikrotik_vpn_config=$(curl https://gist.github.com/elmariofredo/7232556/raw/VPN-L2TP-IPSEC.mikrotik \
| sed -e '
s/IPSEC_PEER_SECRET/somesecret/g;
s/USER1_NAME/mario/g;
s/USER1_PASS/somepass/g;
s/IP_RANGE/172.16.24.100-172.16.24.200/g;
s/DNS_SERVER/172.16.22.1/g;
s/LOCAL_ADDRESS/172.16.22.1/g;
s/WINS_SERVER/172.16.22.1/g')
@changeme
changeme / heupdater.txt
Created March 9, 2017 19:28 — forked from horzadome/heupdater.txt
Hurricane Electric IPv6 tunnel updater script for Mikrotik RouterOS
# Update Hurricane Electric IPv6 Tunnel Client IPv4 address
# This is an upgrade to an existing script from
# http://wiki.mikrotik.com/wiki/Hurricane_Electric_IPv6_Tunnel_-_IPv4_Endpoint_updater
# API call format:
# https://#USERNAME:$API_KEY@ipv4.tunnelbroker.net/nic/update?username=$USERNAME&password=$API_KEY&hostname=$TUNNEL_ID
# ----------------------------------
# Modify the following to match your parameters
# ----------------------------------
# Router's WAN interface name
@changeme
changeme / mikro.md
Created March 9, 2017 19:27 — forked from Mikulas/mikro.md
http://forum.mikrotik.com/viewtopic.php?t=82890#p517324

This is for Posterity: Googling issues with Apple iOS 9 Mikrotik and L2TP VPN lead me to this Post. I had many troubles and finally got it to work. I will post my commands below to hopefully save others some headache. :D

this assumes some default configuration on the router: local subnet 192.168.1.0/24 router address 192.168.1.1 dhcp pool 192.168.1.100 - 192.168.1.200

@changeme
changeme / mtrancid
Created March 9, 2017 19:21 — forked from udienz/mtrancid
Rancid script for mikrotik and vyatta
#! /usr/bin/perl
##
## $Id$
##
## rancid 2.3.9
## Copyright (C) 1997-2011 by Terrapin Communications, Inc.
## All rights reserved.
##
## This software may be freely copied, modified and redistributed
## without fee for non-commerical purposes provided that this license
@changeme
changeme / gist:49662b638632e6235831d83fda2bb85b
Created March 9, 2017 19:15 — forked from timkeller/gist:559d8289929cb22ff043
Mikrotik Progressive Brute Force Blocking
add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop comment="drop ssh brute forcers" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=10d comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no
add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m comment="" disabled=no
@changeme
changeme / volts.sh
Created March 9, 2017 19:14 — forked from TheSkorm/volts.sh
SNMP grabs mikrotik volts reading.
#!/bin/bash
#Makes a CSV of UNIX Time, wget speed, and link speed from an SNMP router
VOLTS=`snmpwalk -OvQ -v2c -cpublic IP .1.3.6.1.4.1.14988.1.1.3.8.0`
TIME=`date +%s`
VOLTS=`echo "scale=3;$VOLTS/10"|/usr/bin/bc`
echo $TIME,$VOLTS V >> /home/mwheeler/scripts/volts.csv
@changeme
changeme / guacamole.conf
Last active August 24, 2017 21:25
nginx guacamole reverse proxy let'sencrypt. Original: https://www.reddit.com/r/homelab/comments/5m1fng/finally_got_nginx_reverse_proxy_working_with_lets/
server {
listen 443 ssl;
server_name sub.domain.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/sub.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/sub.domain.com/privkey.pem;
location / {
proxy_buffering off;
proxy_pass http://[IPADDRESS]:[PORT]/guacamole/;
proxy_http_version 1.1;
@changeme
changeme / ActiveDirectory-iptables-firewall
Created April 29, 2016 14:15
Active Directory - Reglas para iptables
# Basado en http://geekswithblogs.net/TSCustomiser/archive/2007/05/09/112357.aspx
#
# Adaptarlo para saliente
#
-A INPUT -s $SERVERIP/32 -p tcp -m tcp --dport 53 -m comment --comment "Name Resolution Service" -j ACCEPT
-A INPUT -s $SERVERIP/32 -p udp -m udp --dport 53 -m comment --comment "Name Resolution Service" -j ACCEPT
-A INPUT -s $SERVERIP/32 -p udp -m udp --dport 42 -m comment --comment WINS -j ACCEPT
-A INPUT -s $SERVERIP/32 -p tcp -m tcp --dport 42 -m comment --comment WINS -j ACCEPT
-A INPUT -s $SERVERIP/32 -p tcp -m tcp --dport 137 -m comment --comment "Name Resolution Service" -j ACCEPT
-A INPUT -s $SERVERIP/32 -p udp -m udp --dport 137 -m comment --comment "Name Resolution Service" -j ACCEPT