Skip to content

Instantly share code, notes, and snippets.

View conblem's full-sized avatar
🌌

conblem conblem

🌌
17 followers · 4 following
View GitHub Profile
@jasco
jasco / README.md
Last active February 17, 2024 20:47
ARM64 Raspberry Pi 4 Unifi Controller Setup

Background

The instructions for setting up the Unifi Controller on ARM do not cover ARM64. The documentation states that ARM64 is not supported but hints it can be setup manually. The documentation also states that Java 8 is currently required. The following is therefore clearly in unsupported territory but so far seems to work fine. The internet has numerous references and resources but they weren't all easy to find and the ones I read required some modification for my configuration.

Note for the future: double check versions and source documentation if these instructions are dated. Also these instructions are specifically tailored for Ubuntu. See original references for other platforms.

Last update March 25, 2021

Base configuration

@ixs
ixs / intel_x520_patcher.py
Last active April 25, 2024 07:19
Intel x520 EEPROM Patcher allows to unlock the x520 network card to work with non-intel branded SFP modules.
#!/usr/bin/env python3
#
# Simple Intel x520 EEPROM patcher
# Modifies the EEPROM to unlock the card for non-intel branded SFP modules.
#
# Copyright 2020,2021,2022 Andreas Thienemann <andreas@bawue.net>
#
# Licensed under the GPLv3
#
# Based on research described at https://forums.servethehome.com/index.php?threads/patching-intel-x520-eeprom-to-unlock-all-sfp-transceivers.24634/
@unixfox
unixfox / readme.md
Last active April 30, 2024 13:20
How to get IPv4 connectivity on an IPv6 only VPS

Some hosting providers like scaleway allows to remove the IPv4 from the VPS in order to save 1€/month but doing this will result in losing connectivity to the "IPv4 world".
Or you may have ordered a VPS that only has IPv6 connectivity and you want to access to a resource only accessible from the "IPv4 world".
Here is how to gain your access back to the "IPv4 world".

Change your name servers(s) to DNS64 name servers(s)

Note: You may deploy your own DNS64 & NAT64 server on a separate server by following this tutorial (untested): https://packetpushers.net/nat64-setup-using-tayga/.
Note²: You may find a explanation of what is NAT64 and DNS64 on Wikipedia.

  1. Choose a/multiple DNS64 public server(s) that has/have its own NAT64 public service from this list:
@ordian
ordian / README.md
Last active March 21, 2024 14:44
HOWTO: heap profiling with jemallocator
  1. Make sure your rust application uses https://github.com/gnzlbg/jemallocator as the global memory allocator (when in doubt, grep jemallocator in your Cargo.lock).
  2. Install jemalloc (we'll only need jeprof), dot, ps2pdf and libunwind on your system. Enable jemallocator's profiling feature (if jemallocator is an indirect dependency, one trick to do is to add a dependency jemallocator = { version = "*", features = ["profiling"] } to your app and let cargo select the || of features for you).
  3. export _RJEM_MALLOC_CONF=prof:true,lg_prof_interval:32,lg_prof_sample:19. lg_prof_interval sets how often profile dump should be written to disk measured in allocated bytes. The value is passed as a power of two, which is 2^32 in our case, i.e. every 4 GiB of allocations of long-lived objects (see https://github.com/jemalloc/jemalloc/wiki/Use-Case%3A-Heap-Profiling). lg_prof_sample:19 tells jemalloc to take a profiling sample every 2^19 = 512 KiB.
  4. Running your binary should produce a bun
@EddiG
EddiG / wireshark.md
Last active March 31, 2024 10:34
How to decrypt SSL/TLS traffic in Wireshark on MacOS

The main point is to save the SSL/TLS keys those used by the web browser (SSLKEYLOGFILE=/tmp/tmp-google/.ssl-key.log).
In the example below we run brand new instance of Google Chrome (--user-data-dir=/tmp/tmp-google do the trick):
SSLKEYLOGFILE=/tmp/tmp-google/.ssl-key.log /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --user-data-dir=/tmp/tmp-google
Then run the Wireshark and open the Preferences -> Protocols -> SSL, where we put the path to the SSL keys log file into the (Pre)-Master-Secret log filename field.
Now all SSL/TLS traffic from this browser instance will be decrypted.

@jcconnell
jcconnell / USG_OpenVPN_Radius_Auth.md
Last active August 28, 2023 09:04
Unifi Security Gateway (USG) OpenVPN server with RADIUS authentication

Last Updated: 8/30/18

Details

I wanted to run an OpenVPN server on the USG. Since it has a Radius server built in, I figured this would be a much better way to handle OpenVPN authentication. Make sure you have the Radius server enabled on your USG under Settings > Services > Radius > Server in the controller. Add OpenVpn users under Settings > Services > Radius > Server.

Thanks to the following resources in helping to configure this:

@efrecon
efrecon / run.tpl
Last active May 3, 2024 08:39
`docker inspect` template to regenerate the `docker run` command that created a container
docker run \
--name {{printf "%q" .Name}} \
{{- with .HostConfig}}
{{- if .Privileged}}
--privileged \
{{- end}}
{{- if .AutoRemove}}
--rm \
{{- end}}
{{- if .Runtime}}
@dmazzer
dmazzer / port_forward_ipv4_ipv6.sh
Last active May 2, 2024 14:32
Forwarding IPv4 Ports to IPv6 Hosts
#!/bin/bash
# UDP:
socat UDP4-LISTEN:5683,fork,su=nobody UDP6:[aaaa::212:4b00:615:a1f7]:5683
# TCP:
socat TCP4-LISTEN:22,fork,su=nobody TCP6:[2a01:198:79d:1::8]:22
# UDP, IPv6
socat UDP6-LISTEN:5683,fork,su=nobody UDP6:[aaaa::212:4b00:615:a1f7]:5683