eegrok

## mac-keycodes
from: http://www.meandmark.com/keycodes.html
with some additions from people in the comments, thanks :)
Virtual Keycodes for the Mac QWERTY Layout

Keycodes are in hexadecimal. A blank entry means either there is no key assigned to that keycode or I was unable to find the assigned key.

Keycode    Key
0x00        A
0x01        S
0x02        D

## openvpn-server.conf
dev tun
# customize these ips to not conflict
ifconfig 172.23.0.1 172.23.0.2
# make sure this port UDP is open on the firewall -- 1194 is the default OpenVPN port
#port 2794
secret /etc/openvpn/static.key

#you can uncomment the following line to see a lot of debug info, including traffic
#verb 6

## vpn-setup.txt
#partially from:
#http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html
# in this I refer to the server and the client -- really the only difference here is that the 'server'
# needs to have a publicly accessible IP, and be configured to allow UDP port 1194 to connect inbound
iptables -A INPUT -s <put-client-public-ip-address-here> -p udp -m udp --dport 1194 -j ACCEPT
# other than that, they can communicate both ways, assuming the client firewall is configured to allow it
# (to firewall the client to prevent all server connections, see below)
# don't forget to save your iptables configurations after making them -- https://gist.github.com/958060
#on server, make sure openvpn is installed (on ubuntu it's simply: aptitude install openvpn)
# to install on rhel5, follow this: https://gist.github.com/957868

## openvpn-client.conf
#modify the remote myremote.mydomain to be the server address
remote myremote.mydomain
dev tun
ifconfig 172.23.0.2 172.23.0.1
secret /etc/openvpn/static.key
# uncomment this to keep this connection alive if you need to connect from the server to the client sometimes
# keepalive 10 120

## openvpn-rhel5-install.txt
#partially from: http://www.throx.net/2008/04/13/openvpn-and-centos-5-installation-and-configuration-guide/
wget http://swupdate.openvpn.net/community/releases/openvpn-2.1.4.tar.gz
wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
wget http://www.opensc-project.org/files/pkcs11-helper/pkcs11-helper-1.08.tar.bz2
wget ftp://fr2.rpmfind.net/linux/dag/redhat/el5/en/x86_64/dag/RPMS/pkcs11-helper-devel-1.08-1.el5.rf.x86_64.rpm
wget ftp://rpmfind.net/linux/dag/redhat/el5/en/x86_64/dag/RPMS/pkcs11-helper-1.08-1.el5.rf.x86_64.rpm

yum install rpm-build
yum install autoconf.noarch
yum install zlib-devel

## save-iptables.inst
#on redhat based linux's
service iptables save

#on debian based linux's
#put the following 2 lines in your /etc/network/interfaces file
post-up iptables-restore < /etc/iptables.rules
post-down iptables-save > /etc/iptables.rules

# it'll then automatically save -- if you want to guard against a possible hard powerdown (power plug pulled, e.g.)
# you can manually save them then using

## iptables-forward.info
# from http://www.debuntu.org/how-to-redirecting-network-traffic-a-new-ip-using-iptables

# enable ip forwarding until reboot
echo 1 > /proc/sys/net/ipv4/ip_forward
# enable ip forwarding after reboot
# edit /etc/sysctl.conf
# uncomment line: #net.ipv4.ip_forward=1


## debug-packets
#command-line capture packets for viewing in wireshark
tcpdump -i <interface> -s 65535 -w <some-file>


# see how many prerouting packets received / etc...
iptables -t nat --list --verbose
# can compare this with filter packets
iptables -t filter --list --verbose


## postfix-modify-header
# so recently I had an issue where I wanted to send email sent to a local user root (from logwatch, e.g.) to a different email address
# simple enough -- just add a ~root/.forward file, with the contents root-handler-testing@gmail.com
# all the email gets sent there...
# but the email shows up with a to: header of root@my-example-machine.com
# what I really want is the to: header to be root-handler-testing@gmail.com
# so I can filter emails, etc...  below is how to do that.

#uncomment the following line in /etc/postfix/main.cf
#header_checks = regexp:/etc/postfix/header_checks

## setuid_script.cpp
// create a file named setuid_script.cpp with the following contents:

#include <stdio.h>
#include <stdlib.h>
#include <iostream>
#include <unistd.h>


int main(int argc, const char* argv[]) {
    printf(
	from: http://www.meandmark.com/keycodes.html
	with some additions from people in the comments, thanks :)
	Virtual Keycodes for the Mac QWERTY Layout

	Keycodes are in hexadecimal. A blank entry means either there is no key assigned to that keycode or I was unable to find the assigned key.

	Keycode Key
	0x00 A
	0x01 S
	0x02 D
	dev tun
	# customize these ips to not conflict
	ifconfig 172.23.0.1 172.23.0.2
	# make sure this port UDP is open on the firewall -- 1194 is the default OpenVPN port
	#port 2794
	secret /etc/openvpn/static.key

	#you can uncomment the following line to see a lot of debug info, including traffic
	#verb 6
	#partially from:
	#http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html
	# in this I refer to the server and the client -- really the only difference here is that the 'server'
	# needs to have a publicly accessible IP, and be configured to allow UDP port 1194 to connect inbound
	iptables -A INPUT -s <put-client-public-ip-address-here> -p udp -m udp --dport 1194 -j ACCEPT
	# other than that, they can communicate both ways, assuming the client firewall is configured to allow it
	# (to firewall the client to prevent all server connections, see below)
	# don't forget to save your iptables configurations after making them -- https://gist.github.com/958060
	#on server, make sure openvpn is installed (on ubuntu it's simply: aptitude install openvpn)
	# to install on rhel5, follow this: https://gist.github.com/957868
	#modify the remote myremote.mydomain to be the server address
	remote myremote.mydomain
	dev tun
	ifconfig 172.23.0.2 172.23.0.1
	secret /etc/openvpn/static.key
	# uncomment this to keep this connection alive if you need to connect from the server to the client sometimes
	# keepalive 10 120
	#partially from: http://www.throx.net/2008/04/13/openvpn-and-centos-5-installation-and-configuration-guide/
	wget http://swupdate.openvpn.net/community/releases/openvpn-2.1.4.tar.gz
	wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
	wget http://www.opensc-project.org/files/pkcs11-helper/pkcs11-helper-1.08.tar.bz2
	wget ftp://fr2.rpmfind.net/linux/dag/redhat/el5/en/x86_64/dag/RPMS/pkcs11-helper-devel-1.08-1.el5.rf.x86_64.rpm
	wget ftp://rpmfind.net/linux/dag/redhat/el5/en/x86_64/dag/RPMS/pkcs11-helper-1.08-1.el5.rf.x86_64.rpm

	yum install rpm-build
	yum install autoconf.noarch
	yum install zlib-devel
	#on redhat based linux's
	service iptables save

	#on debian based linux's
	#put the following 2 lines in your /etc/network/interfaces file
	post-up iptables-restore < /etc/iptables.rules
	post-down iptables-save > /etc/iptables.rules

	# it'll then automatically save -- if you want to guard against a possible hard powerdown (power plug pulled, e.g.)
	# you can manually save them then using
	# from http://www.debuntu.org/how-to-redirecting-network-traffic-a-new-ip-using-iptables

	# enable ip forwarding until reboot
	echo 1 > /proc/sys/net/ipv4/ip_forward
	# enable ip forwarding after reboot
	# edit /etc/sysctl.conf
	# uncomment line: #net.ipv4.ip_forward=1
	#command-line capture packets for viewing in wireshark
	tcpdump -i <interface> -s 65535 -w <some-file>


	# see how many prerouting packets received / etc...
	iptables -t nat --list --verbose
	# can compare this with filter packets
	iptables -t filter --list --verbose
	// create a file named setuid_script.cpp with the following contents:

	#include <stdio.h>
	#include <stdlib.h>
	#include <iostream>
	#include <unistd.h>


	int main(int argc, const char* argv[]) {
	printf(