Skip to content

Instantly share code, notes, and snippets.


Komsan Kamsamur maprangzth

View GitHub Profile
maprangzth /
Created May 22, 2020 — forked from rechner/
FreeIPA setup for OpenVPN logins

This article proved to be a decent starting point, but I was particularly interested in allowing password-based logins to OpenVPN using a username/password backed by FreeIPA (opposed to client certificates) as the identity provider.

  • IPA join your VPN machine: ipa-client-install --mkhomedir
  • Get a kerberos ticket: kinit
  • Create a Kerberos service principle and HBAC rule for openvpn access:
ipa service-add openvpn/`hostname`
  • Create new hbacrule in console, mark host as the VPN host, and whatever group you want to restrict access to:
maprangzth /
Created Apr 11, 2020 — forked from hjgraca/
Install Jekyll in WLS2

First let's update everything I am running all commands as sudo but you run with the level you want

sudo apt-get update -y && sudo apt-get upgrade -y

Now let's install Ruby

maprangzth / profile.json
Created Apr 10, 2020 — forked from shanselman/profile.json
Windows Terminal Profile
View profile.json
"defaultProfile": "{7d04ce37-c00f-43ac-ba47-992cb1393215}",
"initialRows": 30,
"initialCols": 120,
"alwaysShowTabs": true,
"showTerminalTitleInTitlebar": true,
"experimental_showTabsInTitlebar": true,
"requestedTheme": "dark",
"profiles": [
maprangzth /
Last active Mar 25, 2020
Sharing SSH-Session with "tmate"

Sharing SSH-Session with "tmate"


  1. ผู้เขียนไม่มีส่วนรับผิดชอบต่อความผิดพลาดใด ๆ ที่อันจะเกิดขึ้นจากแชร์ session แบบ read-write กรุณารับผิดชอบด้วยตัวเอง!
  2. หากไม่รู้จักว่า tmux คืออะไรให้เปิด Google ครับ ท่านผู้นำบอกมา!!

tmate คืออะหยัง?

View syslog-ng.conf
# ===============================================================================================
# Configuration file for syslog-ng, customized for remote logging
# ===============================================================================================
# Options
# Note about $HOST / HOST
# Description: The name of the source host where the message originates from.
# If the message traverses several hosts and the chain_hostnames() option is on, the first host in the chain is used.
# If the keep_hostname() option is disabled (keep_hostname(no)), the value of the $HOST macro will be the DNS hostname of the host that sent the message to syslog-ng OSE (that is, the DNS hostname of the last hop). In this case the $HOST and $HOST_FROM macros will have the same value.
maprangzth / iptables.grok
Created Nov 7, 2019 — forked from Caligatio/iptables.grok
iptables Grok Pattern
View iptables.grok
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for iptables events):
# GROK Patterns for iptables Logging Format
# Created 6 Aug 2016 by Brian Turek <>
# Most of this was taken from another source but now I cannot find it for credit
# Usage: Use the IPTABLES pattern
NETFILTERMAC %{MAC:dest_mac}:%{MAC:src_mac}:%{ETHTYPE:ethtype}
ETHTYPE (?:(?:[A-Fa-f0-9]{2}):(?:[A-Fa-f0-9]{2}))
#Step 1
#Generate server keystore and client keystore
keytool -keystore kafka.server.keystore.jks -alias localhost -validity 365 -genkey
keytool -keystore kafka.client.keystore.jks -alias localhost -validity 365 -genkey
#Step 2
#Create CA
openssl req -new -x509 -keyout ca-key -out ca-cert -days 365
#Add generated CA to the trust store
keytool -keystore kafka.server.truststore.jks -alias CARoot -import -file ca-cert

Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl genrsa -des3 -out rootCA.key 4096
maprangzth /
Created Sep 12, 2019 — forked from nerdalert/
Linux NetFilter, IP Tables and Conntrack Diagrams

Linux NetFilter, IP Tables and Conntrack Diagrams


IPTables has the following 4 built-in tables.

1) Filter Table

Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.

maprangzth /
Created Sep 12, 2019 — forked from Tristor/
Simple IPtables script for an OpenVPN server
# Flushing all rules
iptables -F FORWARD
iptables -F INPUT
iptables -F OUTPUT
iptables -X
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
You can’t perform that action at this time.