Skip to content

Instantly share code, notes, and snippets.

View double-p's full-sized avatar

Philipp Buehler double-p

38 followers · 0 following
View GitHub Profile
@double-p
double-p / openbsd, vagrant, virtualbox, ipv6
Created July 22, 2019 14:03
$inet6em1='echo "inet6 $1" >> /etc/hostname.em1 && sh /etc/netstart em1'
$inet6carp=<<SCRIPT
echo "vhid 6 carpdev em1\ninet6 $1" > /etc/hostname.carp6 && sh /etc/netstart carp6
SCRIPT
$v6fwd="v=net.inet6.ip6.forwarding=1 ; sysctl -w $v ; echo $v >> /etc/sysctl.conf"
Vagrant.configure("2") do |config|
config.vm.define "internet" do |v|
v.vm.box = "openbsd"
v.vm.network :private_network, ip: "10.123.0.3"
@double-p
double-p / awk -> golang?
Created June 2, 2019 10:05
# ifconfig output like
tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr fe:e1:ba:d3:98:45
description: vm1-if0-myvm
index 73 priority 0 llprio 3
groups: tap
status: active
inet 100.64.1.2 netmask 0xfffffffe
tap1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr fe:e1:ba:d4:a7:78
@double-p
double-p / haproxy IP acl
Created April 18, 2019 13:02
acl good_ip src -f /etc/haproxy/ips.lst
http-request allow if good_ip
http-request deny
@double-p
double-p / ES Warning max_buckets
Created February 20, 2019 10:28
[2019-02-20T07:58:42,280][WARN ][o.e.d.s.a.MultiBucketConsumerService]
This aggregation creates too many buckets (10001) and will throw an error
in future versions. You should update the [search.max_buckets] cluster
setting or use the [composite] aggregation to paginate all buckets in multiple requests.
(This is an ES 6.4)
@double-p
double-p / ssfn-dovecot.te
Last active January 4, 2019 15:49
dovecot selinux
policy_module(ssfn-dovecot, 1.2)
require{
type dovecot_auth_t;
type dovecot_t;
type dovecot_var_run_t;
type proc_security_t;
type init_t;
class fifo_file { open write };
class file { getattr };
@double-p
double-p / no http-request
Created December 6, 2018 16:45
reqrep ^([^\ :]*)\ /(.*).htmlx(.*) \1\ /foo/\2.html\3
@double-p
double-p / postfix pipe to sympa msg
Created November 26, 2018 12:44
policy_module(ssfn-sympa, 1.0)
require{
type postfix_pipe_t;
type var_spool_t;
class file { write create rename };
class dir { add_name open read write create remove_name };
}
allow postfix_pipe_t var_spool_t:dir { add_name open read write remove_name };
@double-p
double-p / 2nd disk in Vagrantfile
Created August 24, 2018 05:27
diskfile = File.realpath( "." ).to_s + "/data.vdi"
config.vm.provider :virtualbox do |v|
v.customize ["modifyvm", :id, "--memory", 512]
v.gui = true;
#v.customize ["createhd", "--filename", diskfile, "--format", "VDI", "--size", 5120 ]
v.customize ["storageattach", :id, "--storagectl", "IDE", "--port", 1, "--device", 1, "--type", "hdd", "--medium", diskfile]
end
@double-p
double-p / Yo Dawg
Created June 5, 2018 21:23
$ uname -a ; bundle exec vagrant status ; bundle exec vagrant up ; bundle exec vagrant ssh -c "uname -a"
OpenBSD ssfnhv011.ham3.rootnexus.net 6.2 GENERIC.MP#134 amd64
Current machine states:
vagrobsd not_created (openbsd)
The instance is not created. Run `vagrant up` to create it.
Bringing machine 'vagrobsd' up with 'openbsd' provider...
==> vagrobsd: Verifying VMM present and CPU capable...
==> vagrobsd: Importing an OpenBSD instance
@double-p
double-p / Linux + Stop Blob
Created January 24, 2018 20:31
Linux wakes up? https://lnkd.in/gDwXb3g … Please note that 'Stop Blob' in OpenBSD came in early 2006. https://lnkd.in/gPiXPZu
Maybe, maybe - the other day - people might realize that closed-source and embargoes are utter failure.
Embargo or Treason - basically INFORMATION leaking - is not defined by the "owner", but by the betrayed ones. Just that most are not even realizing that they are even betrayed on. So the smoke+mirroring goes on and on.. the overall ignorance about this makes me sad.