gkoyuncu
/ pf_nat_reverse.c
Last active
April 13, 2023 08:01
pf DIOCNATLOOK example - taken from spamd/grey.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Stolen from ftp-proxy */ | |
| int | |
| server_lookup(struct sockaddr *client, struct sockaddr *proxy, | |
| struct sockaddr *server) | |
| { | |
| if (client->sa_family == AF_INET) | |
| return (server_lookup4(satosin(client), satosin(proxy), | |
| satosin(server))); | |
| if (client->sa_family == AF_INET6) |
gkoyuncu
/ if_bridge.c.diff
Last active
September 16, 2015 05:40
if_bridge altq patch - exctracted from pfSense FreeBSD source
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- /usr/src/sys/net/if_bridge.c.orig | |
| +++ /usr/src/sys/net/if_bridge.c | |
| @@ -243,6 +243,7 @@ | |
| static void bridge_init(void *); | |
| static void bridge_dummynet(struct mbuf *, struct ifnet *); | |
| static void bridge_stop(struct ifnet *, int); | |
| +static void bridge_start(struct ifnet *); | |
| static int bridge_transmit(struct ifnet *, struct mbuf *); | |
| static void bridge_qflush(struct ifnet *); | |
| static struct mbuf *bridge_input(struct ifnet *, struct mbuf *); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- src/main.c.in | |
| +++ src/main.c.in | |
| @@ -185,7 +185,7 @@ | |
| sgReloadConfig(); | |
| } | |
| if(failsafe_mode) { | |
| - puts(""); | |
| + puts("ERR"); | |
| fflush(stdout); | |
| if(sig_hup){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| # Disable TCP segmentation offloading (TSO). Snort discards packets longer than the MTU. | |
| # See: https://s3.amazonaws.com/snort-org-site/production/document_files/files/000/000/067/original/packet-offloading-issues.pdf | |
| disable_tso() | |
| { | |
| ifs=$(ifconfig -l | tr '[:blank:]' '\n' | grep -E 'em|igb') | |
| for if in $ifs; do | |
| ifconfig $if -tso4 -tso6 | |
| done | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### bump all but exc | |
| ### requires squid-3.5+ | |
| acl exc ssl::server_name .examplebank.com .mail.google.com .accounts.google.com | |
| acl step1 at_step SslBump1 | |
| ssl_bump peek step1 | |
| ssl_bump bump !exc | |
| ssl_bump splice all |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 00100 52 3439 allow ip from any to any via lo0 | |
| 00200 56240 35833050 divert 9080 ip from any to any | |
| 65535 102055 60910771 allow ip from any to any |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| APP='wsgi:test_app' | |
| PARAMS="--workers 1 --timeout 15 --backlog 16 --keep-alive 2 $APP" | |
| gunicorn --worker-class sync $PARAMS | |
| gunicorn --worker-class eventlet --worker-connections 1 $PARAMS | |
| gunicorn --worker-class gthread --threads 1 $PARAMS |