I use Ubuntu’s Uncomplicated firewall because it is available on Ubuntu and it's very simple.
if ufw is not installed by default be sure to install it first.
icy
/ install-custom-rootca-on-qnap.sh
Created
February 2, 2024 14:09
— forked from inscite/install-custom-rootca-on-qnap.sh
Installation of custom Root CA Certificate on QNAP (Debian)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Tested on QNAP TVS-1282T3 | |
| # connect to NAS thru SSH (ssh -p <port> admin@<NAS IP>) | |
| ROOTCA=<custom-rootca>.crt | |
| cp /share/NFSv\=4/<somewhere>/<custom-rootca>.crt /usr/certs | |
| ln -s /usr/certs/$ROOTCA /usr/certs/`openssl x509 -hash -noout -in /usr/certs/$ROOTCA`.0 |
icy
/ ufw.md
Created
January 26, 2024 17:46
— forked from kimus/ufw.md
NAT and FORWARD with Ubuntu’s ufw firewall
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # | |
| # Homepage: https://github.com/icy/k8s-select | |
| # | |
| # Purpose : Select the objects you want from maninfests, | |
| # as you may not want to deploy everything. | |
| # Author : Ky-Anh Huynh | |
| # Date : 2019-12 | |
| # License : MIT | |
| # Example : |
icy
/ snat_dnat_advantech.md
Created
April 12, 2023 06:18
— forked from tomasinouk/snat_dnat_advantech.md
examples of SNAT, DNAT with iptables for Advantech, Conel routers, with comments (probably will work on other routers where iptables can be manipulated, care needs to be taken on applying these commands after reboot).
mainly used in start-up script
When we play with iptables aka firewall we might end up in situation, where we execute rule, which has unforseen impact - lock yourself out. Recovering from this situation is necessity.
How to:
- Enable reboot via SMS.
- Test all commands in shell first before putting them into Start-up script. This way the command will be wiped out, when unit is rebooted.
icy
/ create_chrootjail.sh
Created
June 10, 2022 07:16
— forked from schnell18/create_chrootjail.sh
Script to automate the creation of chroot jail w/ minimal executables to run git.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # script to automate the creation of chroot jail | |
| # w/ minimal executables to run git | |
| export CHROOT=/var/chroot | |
| function copy_binary() { | |
| for i in $(ldd $*|grep -v dynamic|cut -d " " -f 3|sed 's/://'|sort|uniq) | |
| do | |
| cp --parents $i $CHROOT |
icy
/ main.tf
Created
February 1, 2022 14:56
— forked from brikis98/main.tf
A hacky way to create a dynamic list of maps in Terraform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The goal: create a list of maps of subnet mappings so we don't have to statically hard-code them in aws_lb | |
| # https://www.terraform.io/docs/providers/aws/r/lb.html#subnet_mapping | |
| locals { | |
| # These represent dynamic data we fetch from somewhere, such as subnet IDs and EIPs from a VPC module | |
| subnet_ids = ["subnet-1", "subnet-2", "subnet-3"] | |
| eips = ["eip-1", "eip-2", "eip-3"] | |
| } | |
| # Here's the hack! The null_resource has a map called triggers that we can set to arbitrary values. | |
| # We can also use count to create a list of null_resources. By accessing the triggers map inside of |
icy
/ YahooFinance.js
Created
January 27, 2022 14:09
— forked from mikaelz/YahooFinance.js
Google script to fetch stock quote data from Yahoo Finance
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| * | |
| Author: Ky-Anh Huynh | |
| Original script: https://gist.github.com/mikaelz/11b956c3d2e078105a19dd9df70dbf27 | |
| Usage: | |
| ticker : Your ticker name, eg. ETH-EUR | |
| token : A random string otherwise yahoo output may be a bit messy | |
| You should have random token on each call! | |
| */ | |
| function MyYahooTicker(ticker,token) { | |
| var ticker = ticker || "SXR8.DE"; |
icy
/ slow_http_attacks.md
Last active
December 10, 2021 11:02
— forked from serogers/slow_http_attacks.md
This is an investigation into our susceptibility to Slow HTTP Attacks. These attacks take advantage of how typical web servers process requests and employ several strategies to achieve the same result. By keeping connections open longer than normal, they thereby prevent new connections from being opened and the server will either hang or return 503.
The question is less about whether we are vulnerable, but rather to what extent. Any server can be DoS’d, it’s just a matter of how easy it is to execute.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Only in AdguardForiOS/: AdguardExtension | |
| Only in AdguardForiOS/: AdguardSafariExtension-iOS.xcworkspace | |
| Only in AdguardForiOS/: Builder | |
| Only in AdguardForiOS/: classStyleTemplate.txt | |
| Only in AdguardForiOS/: fastlane | |
| Only in AdguardForiOS/: Gemfile | |
| Only in AdguardForiOS/: Gemfile.lock | |
| diff -r AdguardForiOS/.git/config VisafeIOS/.git/config | |
| 7c7 | |
| < url = https://github.com/AdguardTeam/AdguardForiOS.git |
NewerOlder