Skip to content

Instantly share code, notes, and snippets.

View hplc's full-sized avatar

Sunry hplc

3 followers · 4 following
View GitHub Profile
@hplc
hplc / check_post.sh
Created November 25, 2011 04:02
tcpdump Web POST content and parse the content
#!/bin/sh
# Check yesterday's post.pcap file and
# report by Email if there's strange file post actions.
# Put this script in cron to run everyday.
pcapfile=`date -d"yesterday" +%m.%d`
grep -a Dispo post.pcap-$pcapfile | grep -aiE "php|asp" > t
if [ -s t ] ; then
mail -s "Strange file post action found!" hplc@hplc.org < t
@hplc
hplc / record.sh
Created November 28, 2011 23:15
Record TCP port initialization connect and final connect events by iptables
#!/bin/sh
/sbin/iptables -A INPUT -p tcp --syn --dport 5118 -j LOG
/sbin/iptables -A INPUT -p tcp --tcp-flags FIN FIN --dport 5118 -j LOG
@hplc
hplc / apache.sh
Created November 28, 2011 23:20
iptables setting for apache httpd web sites
#!/bin/sh
# Limit Apache user connect to updates.drupal.org,itself and LAN IPs only.
/sbin/iptables -A OUTPUT -p tcp -d 140.211.166.6 --dport 80 -m owner --uid-owner apache -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -d 140.211.166.21 --dport 80 -m owner --uid-owner apache -j ACCEPT
/sbin/iptables -A OUTPUT -p all -d 202.68.199.208 -m owner --uid-owner apache -j ACCEPT
/sbin/iptables -A OUTPUT -p all -d 192.168.168.0/24 -m owner --uid-owner apache -j ACCEPT
/sbin/iptables -A OUTPUT -p all -d 10.0.0.0/8 -m owner --uid-owner apache -j ACCEPT
/sbin/iptables -A OUTPUT -p all -d 127.0.0.1 -m owner --uid-owner apache -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp --sport 8250 -m owner --uid-owner apache -j ACCEPT
@hplc
hplc / firewall_config.cfg
Created November 29, 2011 01:09
H3C SecPath FW100-C firewall
#
sysname H3C
#
firewall packet-filter enable
firewall packet-filter default permit
#
undo connection-limit enable
connection-limit default deny
connection-limit default amount upper-limit 50 lower-limit 20
#
@hplc
hplc / output_bytes.sh
Created December 2, 2011 03:11
Find apache httpd access_log in current directory and count today's ouput bytes
#!/bin/sh
echo Today is: `date +%d/%b/%Y`
for file in `ls *access_log`
do
grep `date +%d/%b/%Y` $file | \
awk '
{
gsub(/:/, " ")
# print $14
@hplc
hplc / config.text
Created December 2, 2011 04:57
Ruijie RJ-RSR20 ADSL and NAT
Building configuration...
Current configuration : 1183 bytes
!
version RGOS 10.3(4b1), Release(53844)(Mon Apr 13 14:50:04 CST 2009 -ngcf31)
!
!
!
!
!
@hplc
hplc / config.cfg
Created December 9, 2011 01:39
H3C SecPath FW100-C NAT and ADSL
#
sysname H3C
#
firewall packet-filter enable
firewall packet-filter default permit
#
undo connection-limit enable
connection-limit default deny
connection-limit default amount upper-limit 50 lower-limit 20
#
@hplc
hplc / judge_md5.sh
Created December 17, 2011 23:53
Chech all files MD5 in one subdirectory, find out the same one.
#!/bin/sh
# Sum student's upload files MD5.
# Check whether they copy file each other.
# Tested in CentOS Linux.
dir=`date +%Y.%m.%d`
output="result.html"
echo -e "<pre>\n$dir" >> $output
md5sum $dir/* | sort | uniq -Dw32 | sed -e "s/$dir\///" >> $output
echo "</pre>" >> $output
@hplc
hplc / identify_cmyk.sh
Created December 20, 2011 01:46
Identify CMYK colorspace JPG files.
#!/bin/sh
# Find out all .jpg files except in *CorelDRAW* subdirectories and identify them.
# Filter out CMYK colorspace files.
find ./ -path "*CorelDRAW*" -prune -o -name *.jpg -print0 | \
xargs -0 identify -verbose | \
grep -E '(^Image|^ Colorspace: CMYK)' | \
grep -B1 CMYK
@hplc
hplc / record.sh
Created March 6, 2012 01:51
Gather machine hardware informations from snmp.
#!/bin/sh
# Put it in /etc/rc.local, let it run every time machine boot.
filename=`date +%Y%m%d-%H%M%S`
cd /etc/records
hostname >> $filename
ifconfig eth0|grep inet|grep -v inet6|awk '{print $2}' >> $filename