Last active
August 29, 2015 13:58
-
-
Save infolock/10412022 to your computer and use it in GitHub Desktop.
bashrc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Source global definitions | |
if [ -f /etc/bashrc ]; then | |
. /etc/bashrc | |
fi | |
# Path to where the scripts being included below live. Update this to reflect your own paths.. | |
# In this example, we will assume there is a tools folder in your $HOME folder... | |
TOOLS_PATH=$HOME/tools | |
# Force vi to be vim | |
alias vi='/usr/bin/vim' | |
# Helper to just do a yum update on the remi repo ( CentOS only - Assumes you have the remi repo added to yum) | |
alias yumremi='/usr/bin/yum --enablerepo=remi update'; | |
shopt -s checkwinsize | |
### FILE SYSTEM | |
source $TOOLS_PATH/filesystem.sh | |
### TERMINALS | |
source $TOOLS_PATH/terms.sh | |
### IPTABLES | |
source $TOOLS_PATH/iptables.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# ================================================ | |
# Tar/unTar helpers | |
# ================================================ | |
alias minitar='tar cvpzf' | |
alias miniuntar='tar -xvpzf' | |
# Recursively find and remove `.DS_STORE` and `.apdisk` within the current working directory. | |
function rmds { | |
find . -name ".apdisk" -print0 | xargs -0 rm -Rf | |
find . -name ".DS_Store" -print0 | xargs -0 rm -Rf | |
find . -name "._*" -print0 | xargs -0 rm -Rf | |
} | |
# ================================================ | |
# Search Methods | |
# ================================================ | |
function find_in_files { | |
clear | |
if [ $# -ne 1 ] | |
then | |
echo " Usage: $0 <string to search for>" | |
echo " ie. $0 password" | |
echo | |
exit | |
fi | |
echo "Looking for \"$1\" in:" `pwd` | |
grep "$1" -rin * | grep -v \.svn | more | |
} | |
## | |
# fib just means that its "tattling" on you. Its just how I think I guess :) | |
## | |
function fib { | |
if [ $# -ne 1 ] | |
then | |
echo " Usage: $0 <string to search for>" | |
echo " ie. $0 ssh\n" | |
exit | |
fi | |
echo "Looking for \"$1\" in: $HOME..." | |
cat $HOME/.bash_history | grep -i "$1" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
IPTABLES=/sbin/iptables | |
# Path to where the iptables backups will live. Update this to reflect your own paths.. | |
# In this example, we will assume there is a backups folder in your $HOME folder... | |
BACKUPS_PATH=$HOME/backups | |
# Change me! | |
MY_REMOTE_STATIC_IP="123.123.123.123" | |
function iptables-backup { | |
mkdir -p $BACKUPS_PATH | |
# Backup the existing rules... | |
CURRENTTIMESTAMP=`date +%s` | |
/sbin/iptables-save > $BACKUPS_PATH/iptables-safe_$CURRENTTIMESTAMP | |
} | |
function iptables-restore-from-backup { | |
if [ $# -ne 1 ] | |
then | |
echo " Usage: $0 <iptables-safe_TIMESTAMPHERE>" | |
echo " ie. $0 ssh\n" | |
exit | |
fi | |
iptables-restore < $BACKUPS_PATH/$1 | |
} | |
function iptables-blockip { | |
$IPTABLES -N spamlist | |
$IPTABLES -A spamlist -s $1 -j LOG --log-prefix "SPAM LIST DROP" | |
$IPTABLES -A spamlist -s $1 -j DROP | |
$IPTABLES -I INPUT -j spamlist | |
$IPTABLES -I OUTPUT -j spamlist | |
$IPTABLES -I FORWARD -j spamlist | |
} | |
function iptables-reset { | |
# Flush | |
$IPTABLES -P INPUT ACCEPT | |
$IPTABLES -P FORWARD ACCEPT | |
$IPTABLES -P OUTPUT ACCEPT | |
$IPTABLES -F | |
$IPTABLES -X | |
# Accept ssh | |
# $IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT | |
iptables-me | |
# Accept port 80 shit | |
$IPTABLES -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT | |
$IPTABLES -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT | |
# Accept port 443 shit | |
$IPTABLES -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT | |
$IPTABLES -A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT | |
# Accept packets belonging to established and related connections | |
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
# Default Policies | |
$IPTABLES -P INPUT DROP | |
$IPTABLES -P FORWARD DROP | |
$IPTABLES -P OUTPUT ACCEPT | |
# Localhost | |
$IPTABLES -A INPUT -i lo -j ACCEPT | |
# Accept established and related connection packets | |
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
# Log Remote SSH Login Attempts that are not mine... | |
$IPTABLES -N LOG_AND_DROP | |
} | |
function iptables-me { | |
$IPTABLES -A INPUT -i eth0 -p tcp -s $MY_REMOTE_STATIC_IP --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT | |
$IPTABLES -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT | |
} | |
# Add CloudFlare's ip ranges to the acceptance list | |
function iptables-cloudpages { | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 204.93.240.0/24 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 204.93.177.0/24 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 199.27.128.0/21 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 173.245.48.0/20 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 103.21.244.0/22 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 103.22.200.0/22 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 103.31.4.0/22 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 141.101.64.0/18 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 108.162.192.0/18 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 190.93.240.0/20 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 188.114.96.0/20 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 197.234.240.0/22 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 198.41.128.0/17 -j ACCEPT | |
$IPTABLES -I INPUT -p tcp -m multiport --dports http,https -s 162.158.0.0/15 -j ACCEPT | |
} | |
function iptables-icmp-rules { | |
$IPTABLES -A INPUT -p icmp -j ACCEPT | |
$IPTABLES -A INPUT -j REJECT --reject-with icmp-host-prohibited | |
$IPTABLES -A FORWARD -j REJECT --reject-with icmp-host-prohibited | |
} | |
function iptables-spamhaus { | |
CURRENT_PWD=`pwd` | |
# WHERE we will download drop.lasso to... | |
DropList="/var/lib/drop.lasso" | |
cd /var/lib/ | |
wget http://www.spamhaus.org/drop/drop.lasso | |
if [ ! -s "$DropList" ]; then | |
echo "Unable to find drop list file $DropList . Perhaps do:" >&2 | |
echo "wget http://www.spamhaus.org/drop/drop.lasso -O $DropList" | |
echo "exiting." >&2 | |
exit 1 | |
fi | |
if [ ! -x /sbin/iptables ]; then | |
echo "Missing iptables command line tool, exiting." >&2 | |
exit 1 | |
fi | |
cat "$DropList" | sed -e 's/;.*//' | grep -v '^ *$' | while read OneNetBlock ; do | |
/sbin/iptables -I INPUT -s "$OneNetBlock" -j DROP | |
/sbin/iptables -I OUTPUT -d "$OneNetBlock" -j DROP | |
/sbin/iptables -I FORWARD -s "$OneNetBlock" -j DROP | |
/sbin/iptables -I FORWARD -d "$OneNetBlock" -j DROP | |
done | |
/bin/rm -f $DropList | |
cd $CURRENT_PWD | |
} | |
function iptables-block-woot { | |
$IPTABLES -A INPUT -p tcp -m recent --name w00tlist --update --seconds 21600 -j DROP | |
$IPTABLES -N w00tchain | |
$IPTABLES -A w00tchain -m recent --set --name w00tlist -p tcp -j REJECT --reject-with tcp-reset | |
$IPTABLES -N w00t | |
$IPTABLES -A INPUT -p tcp -j w00t | |
$IPTABLES -A w00t -m recent -p tcp --syn --dport 80 --set | |
$IPTABLES -A w00t -m recent -p tcp --tcp-flags PSH,SYN,ACK SYN,ACK --sport 80 --update | |
$IPTABLES -A w00t -m recent -p tcp --tcp-flags PSH,SYN,ACK ACK --dport 80 --update | |
$IPTABLES -A w00t -m recent -p tcp --tcp-flags PSH,ACK PSH,ACK --dport 80 --remove -m string --to 80 --algo bm --hex-string '|485454502f312e310d0a0d0a|' -j w00tchain | |
} | |
# This is to block people immediately that have been trying to access the server - in annoying ways. | |
function iptables-static-blocked-ip-list { | |
# EXAMPLE | |
iptables-blockip "999.999.999.999/16" | |
} | |
function iptables-save-rules { | |
/sbin/service iptables save | |
} | |
function iptables-cron { | |
iptables-backup | |
iptables-reset | |
iptables-icmp-rules | |
iptables-spamhaus | |
iptables-block-woot | |
iptables-static-blocked-ip-list | |
iptables-cloudpages | |
iptables-save-rules | |
} | |
function iptables-help { | |
echo | |
echo "List of Custom \"iptables-\" Commands" | |
echo "-------------------------------------" | |
echo "iptables-backup Backup the current iptables rules" | |
echo "iptables-blockip Block an IP" | |
echo "iptables-cloudpages Add cloudpages' ip ranges to the ACCEPT rules for iptables" | |
echo "iptables-cron Runs all the custom iptables commands for managing iptables" | |
echo "iptables-help This help message..." | |
echo "iptables-me ...duh." | |
echo "iptables-reset Reset iptables back to the default rules" | |
echo "iptables-restore-from-backup Restore iptables from a previous backup" | |
echo "iptables-save-rules Save the current iptables rules" | |
echo "iptables-spamhaus Add spamhaus DROP ip ranges to the DROP rules for iptables" | |
echo | |
echo | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
function termcolors { | |
T='gYw' # The test text | |
echo -e "\n 40m 41m 42m 43m\ | |
44m 45m 46m 47m"; | |
for FGs in ' m' ' 1m' ' 30m' '1;30m' ' 31m' '1;31m' ' 32m' \ | |
'1;32m' ' 33m' '1;33m' ' 34m' '1;34m' ' 35m' '1;35m' \ | |
' 36m' '1;36m' ' 37m' '1;37m'; | |
do FG=${FGs// /} | |
echo -en " $FGs \033[$FG $T " | |
for BG in 40m 41m 42m 43m 44m 45m 46m 47m; | |
do echo -en "$EINS \033[$FG\033[$BG $T \033[0m"; | |
done | |
echo; | |
done | |
echo | |
} | |
# Ubuntu Terminal | |
function uterm { | |
resetbashrc | |
PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\] ' | |
} | |
# Centos Term | |
function cterm { | |
resetbashrc | |
PS1='\[\033[02;32m\]\u@\H:\[\033[02;34m\]\w\$\[\033[00m\] ' | |
} | |
## | |
# Custom Term | |
## | |
function customterm { | |
# resetbashrc | |
local BLACK="\[\033[0;30m\]" | |
local RED="\[\033[0;31m\]" | |
local LIGHT_RED="\[\033[1;31m\]" | |
local LIGHT_GRAY="\[\033[0;37m\]" | |
local LIGHT_CYAN="\[\033[1;36m\]" | |
local temp=$(tty) | |
local GRAD1=${temp:5} | |
PS1="$LIGHT_CYAN(${LIGHT_RED}${GRAD1}$LIGHT_CYAN)$RED@\h\n\ | |
$BLACK\u$LIGHT_CYAN: $LIGHT_RED\w$LIGHT_CYAN\$ $BLACK" | |
} | |
# Help with Term Switching | |
function termhelp { | |
echo | |
echo '.: Terminal Themes :.' | |
echo 'The Following Terms are available: [ cterm, customterm, uterm ]' | |
echo | |
echo '.: Helpful Reminder(s) :.' | |
echo 'You can run the command "resetbashrc" to restart the bashrc source at any time...' | |
echo | |
} | |
# restart bashrc | |
function resetbashrc { | |
source $HOME/.bashrc | |
} | |
# Startup the default terminal to be the customterm. | |
customterm |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment