luginbash
/ hostIp.func.rsc
Created
December 9, 2015 08:02
Add interface IPv4 address to a global var
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Change to the name of interface that gets the dynamic IP address | |
| :local inetinterface "pppoe-out1"; | |
| # use search & replace all on myEndpoint for multiple hosts | |
| :global myEndpoint; | |
| :if ([/interface get $inetinterface value-name=running]) do={ | |
| # Get the current IP on the interface | |
| :local currentIP [/ip address get [find interface="$inetinterface" disabled=no] address]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Or more like a blog? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| It's crazy that someone's using 8 space tabs indentation! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # libSystem - this script does nothing all by itself. | |
| function addUfw { | |
| aptitude -y install ufw | |
| ufw logging on | |
| ufw default deny | |
| ufw allow ssh | |
| ufw enable | |
| rm /etc/rsyslog.d/20-ufw.conf |
luginbash
/ .surge.conf
Created
March 7, 2016 08:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [General] | |
| # warning, notify, info, verbose | |
| skip-proxy = 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, localhost, *.local | |
| bypass-tun = 0.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12 | |
| loglevel = notify | |
| # 默认 IP 和端口,不修改的话系统网络 HTTP 和 HTTPS 代理设置中就是 127.0.0.1:6152 | |
| interface = 0.0.0.0 | |
| port = 6152 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -O3 | |
| -std=c++14 | |
| -stdlib=libc++ | |
| -lc++abi | |
| -Wall | |
| -Werror | |
| -pthreads |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cfSecret= | |
| cfLogin= |
luginbash
/ gist:ffd9ec4c9f9e80cb57be
Created
July 15, 2014 05:16
Console log for ocserv configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Please edit /etc/default/ufw first | |
| # DEFAULT_FORWARD_POLICY="ACCEPT" | |
| # then at /etc/ufw/sysctl.conf | |
| # net/ipv4/ip_forward=1 | |
| # net/ipv6/conf/default/forwarding=1 | |
| # allow mtu dectection | |
| iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu |
luginbash
/ haproxy.cfg
Created
March 6, 2016 13:31
haproxy tls termination with client authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Please set $SRV_TLS_CERT, $SRV_TLS_CA accordingly. | |
| global | |
| maxconn 2048 | |
| log /dev/log local0 | |
| log /dev/log local1 notice | |
| tune.ssl.default-dh-param 2048 | |
| ssl-default-bind-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 | |
| ssl-default-bind-options no-tls-tickets | |
| chroot /var/lib/haproxy | |
| stats timeout 30s |
luginbash
/ ocsetup.sh
Last active
December 13, 2018 06:05
setting up ocserv (open source AnyConnect alternative) on a new Debian, use passwd auth by default
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "this file isn't supposed to run" | |
| exit 0 | |
| # <------------------------------ Enviroment Variables -------------------------------> | |
| FQDN = <Server DNS Name> # can also get from PTR record | |
| ORG_NAME = <Org name> | |
| RELEASE_NAME = $(lsb_release -sc) | |
| # <------------------------------ Network Stack Setups -------------------------------> | |
| # Please edit /etc/default/ufw first |