Skip to content

Instantly share code, notes, and snippets.

@dcarley
dcarley / README.md
Last active Oct 6, 2021
PROXY protocol spoof test
View README.md

Verifying whether the following can be spoofed (source).

> Network Load Balancers use proxy protocol version 2 to send additional connection information such as the source and destination. Proxy protocol version 2 provides a binary encoding of the proxy protocol header. The load balancer prepends a proxy protocol header to the TCP data. It does not discard or overwrite any existing data, including any proxy protocol headers sent by the client or any other proxies, load balancers, or servers in the network path. Therefore, it is possible to receive more than one proxy protocol header. Also, if there is another network path to your targets outside of your Network Load Balancer, the first proxy protocol header might not be the one from your Network Load Balancer.

@dcarley
dcarley / readme.md
Created Jul 28, 2020
samproxy CacheCapacity tuning notes
View readme.md

I was originally hoping to calculate the appropriate CacheCapacity from metrics at 10% traffic and then scale up from there, however it proved harder than I thought.

We have the following variables that we can tweak:

  • cache per pod: needs to be large enough that we can take spikes in trace volume or duration but not too large that we're wasting memory

  • memory per pod: should be less than 8G so that we can effectively fit

View keybase.md

Keybase proof

I hereby claim:

  • I am dcarley on github.
  • I am dcarley (https://keybase.io/dcarley) on keybase.
  • I have a public key whose fingerprint is 7F55 81C1 1A96 119A 6903 7518 4AAC F5A2 32BB 356A

To claim this, I am signing this object:

View gist:6cee02b19c862ea8cb06fbdc9b0f1346
dcarley@cci-mbp  ~  xxd -c1
CIRCLE-15313
00000000: 43 C
00000001: 49 I
00000002: 52 R
00000003: 43 C
00000004: 4c L
00000005: 45 E
00000006: e2 .
00000007: 80 .
@dcarley
dcarley / apps.go
Last active May 4, 2018
CF apps inspection script
View apps.go
package main
import (
"flag"
"fmt"
"log"
"net/url"
cfclient "github.com/cloudfoundry-community/go-cfclient"
)
@dcarley
dcarley / tf_trace.log
Created Jan 9, 2018
Terraform TF_PLUGIN_CACHE_DIR issue
View tf_trace.log
➜ terraform git:(a42fdb08a) ✗ TF_LOG=trace terraform init
2018/01/09 12:31:46 [INFO] Terraform version: 0.11.1
2018/01/09 12:31:46 [INFO] Go runtime version: go1.9.2
2018/01/09 12:31:46 [INFO] CLI args: []string{"/usr/local/Cellar/terraform/0.11.1/bin/terraform", "init"}
2018/01/09 12:31:46 [DEBUG] Attempting to open CLI config file: /Users/dcarley/.terraformrc
2018/01/09 12:31:46 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2018/01/09 12:31:46 [INFO] CLI command args: []string{"init"}
2018/01/09 12:31:46 [DEBUG] command: loading backend config file: /Users/dcarley/projects/gocode/src/github.com/hashicorp/terraform
2018/01/09 12:31:46 [INFO] command: empty terraform config, returning nil
2018/01/09 12:31:46 [DEBUG] command: no data state file found for backend config
@dcarley
dcarley / vpnc-script-aws
Created Nov 8, 2017 — forked from alext/vpnc-script-aws
vpnc script to route all AWS IP ranges over VPN.
View vpnc-script-aws
#!/bin/bash
# vpnc-script wrapper for use with openconnect that routes all AWS IP ranges over the VPN.
# Pass any additional IP ranges to be routed as args to the script.
#
# Requirements: bash, curl and jq.
#
# Example usage:
# openconnect https://vpn.example.com/profile --script '/path/to/vpnc-script-aws' --no-dtls
#
@dcarley
dcarley / order.csv
Created May 23, 2017
Farnell order for Boldport "just less than perfect" bundle
View order.csv
We can make this file beautiful and searchable if this error is corrected: Unclosed quoted field in line 5.
Order Code,Line Note,Description,Manufacturer,Manufacturer Part Number,Quantity,Unit Price,Line Total
2396052,cuttle,"SWITCH, TACTILE, 50MA, 24VDC, THT; Illumination:Non Illuminated; Contact Voltage DC Nom:24V; Contact Current Max:50mA; Operating Force:160gf; Switch Terminals:Through Hole; Product Range:FSMJRT Series; SVHC:No SVHC (12-J ",TE CONNECTIVITY / ALCOSWITCH,FSM4JRT,1,GBP 0.11,GBP 0.11
1972087,cuttle,"MCU, 8BIT, ATMEGA, 20MHZ, DIP-28; Controller Family/Series:ATmega; CPU Speed:20MHz; Program Memory Size:32KB; RAM Memory Size:2KB; No. of Pins:28Pins; MCU Case Style:DIP; No. of I/O's:23I/O's; Embedded Interface Type:I2C ",MICROCHIP,ATMEGA328-PU,1,GBP 2.36,GBP 2.36
2112751,cuttle,"CAP, MLCC, Y5V, 100NF, 50V, RAD; Capacitance:0.1µF; Voltage Rating:50V; Product Range:MC Series; Capacitance Tolerance:± 20%; Capacitor Terminals:Radial Leaded; Dielectric Characteristic:Y5V; Packaging:Cut Tape; Lead Spa ",MULTICOMP,MC0805Y104M500A2.54MM,4,GBP 0.0875,GBP 0.35
9339060,cuttle + pease,"RESISTOR, CARBON FILM, 10K,
View github_avatar_magnet.sh
#!/usr/bin/env bash
set -eu
user=$1
size=128
url=$(curl https://api.github.com/users/${user} | jq -r '.avatar_url')
wget -O "${user}.jpg" "${url}&s=${size}"
View aggregate_ensure.yml
---
jobs:
- name: test
plan:
- task: hello
config:
platform: linux
image_resource:
type: docker-image
source: {repository: alpine}