I use Ubuntu’s Uncomplicated firewall because it is available on Ubuntu and it's very simple.
if ufw is not installed by default be sure to install it first.
FORTIDATE %{YEAR:year}\-%{MONTHNUM:month}\-%{MONTHDAY:day} | |
FORTIGATE_52BASE <%{NUMBER:syslog_index}>date=%{FORTIDATE:date} time=%{TIME:time} devname=%{HOST:hostname} devid=%{HOST:devid} logid=%{NUMBER:logid} type=%{WORD:type} subtype=%{WORD:subtype} eventtype=%{WORD:eventtype} level=%{WORD:level} vd=\"%{WORD:vdom}\" | |
FORTIGATE_52BASEV2 <%{NUMBER:syslog_index}>date=%{FORTIDATE:date} time=%{TIME:time} devname=%{HOST:hostname} devid=%{HOST:devid} logid=%{NUMBER:logid} type=%{WORD:type} subtype=%{WORD:subtype} level=%{WORD:level} vd=\"%{WORD:vdom}\" | |
FORTIGATE_52IPS severity=%{WORD:severity} srcip=%{IP:srcip} dstip=%{IP:dstip} sessionid=%{NUMBER:sessionid} action=%{DATA:action} proto=%{NUMBER:proto} service=%{DATA:service} attack="%{DATA:attack}" srcport=%{NUMBER:srcport} dstport=%{NUMBER:dstport} direction=%{NUMBER:direction} attackid=%{NUMBER:attackid} profile=\"%{DATA:profile}\" ref=\"%{DATA:ref}\";? incidentserialno=%{NUMBER:incidentserialno} msg=\"%{GREEDYDATA:msg}\" | |
FORTIGATE_52DOS severity=%{WORD:severity} s |
if __name__ == "__main__": | |
reactor_args = {} | |
def run_twisted_wsgi(): | |
from twisted.internet import reactor | |
from twisted.web.server import Site | |
from twisted.web.wsgi import WSGIResource | |
resource = WSGIResource(reactor, reactor.getThreadPool(), app) | |
site = Site(resource) |
Jon Warbrick, July 2014, V3.2 (for Ansible 1.7)
First one found from of
This is a draft that will ultimately be blogged later. If you're seeing this after April 2017 it's probably out of date.
<# | |
.SYNOPSIS | |
Configures a secure WinRM listener over HTTPS to enable | |
SSL-based WinRM communications. This script has not been | |
tested on Windows Server 2003R2 or earier, and may not | |
work on these OSes for a variety of reasons. | |
If Windows Remote Management is disabled (e.g. service | |
stopped, GPO Policy, etc.), this script will likely fail. | |
.DESCRIPTION |
- name: "Ensure Tomcat AJP Connector on Port 8009 is Disabled" | |
win_lineinfile: | |
path: "c:/temp/server.xml" | |
regex: '^(\s*)(<Connector port="8009" protocol="AJP\/1\.3" redirectPort="8443" \/>)' | |
backrefs: true | |
line: '$1<!-- $2 -->' |