Skip to content

Instantly share code, notes, and snippets.

View mzpqnxow's full-sized avatar

AG mzpqnxow

105 followers · 49 following
View GitHub Profile
@mzpqnxow
mzpqnxow / log-to-syslog.md
Last active March 27, 2024 21:21
EdgeRouter log DNS queries to syslog (not to file)

Logging EdgeRouter DNS queries from dnsmasq to syslog

This blog is the source of this info, there are a few others way to do it but this seems superior

Why?

Wouldn't you like to know what DNS requests are being made from your network? You ought to. Ideally, pipe it to logstash, do what you want with it (geolocation, etc.) and then send it to a datastore that Kibana can work with (ElasticSearch fits here, the good old "ELK Stack") ... you could also send it to greylog.

One thing that's nice to do is generate a report (daily) of "first time" DNS queries. This is especially useful in a "threat hunting" type scenario, though this guide isn't really aimed at enterprises ..

@mzpqnxow
mzpqnxow / python_custom_openssl.diff
Created March 5, 2024 13:56 — forked from eddy-geek/ python_custom_openssl.diff
Compile python with statically linked openssl
--- a/setup.py 2014-03-17 03:31:31.000000000 +0100
+++ b/setup.py 2014-03-17 19:06:03.000000000 +0100
@@ -750,10 +750,8 @@
exts.append( Extension('_socket', ['socketmodule.c'],
depends = ['socketmodule.h']) )
# Detect SSL support for the socket module (via _ssl)
- search_for_ssl_incs_in = [
- '/usr/local/ssl/include',
- '/usr/contrib/ssl/include/'
- ]
@mzpqnxow
mzpqnxow / DiscordSOCKS5.md
Created August 24, 2020 04:45
Use SOCKS5 proxy with Discord on Linux

Using SOCKS5 Proxy With Discord on Linux

You may only need the environment or the command-line parameter to force Discord to use a proxy. It doesn't hurt to use both

So if you're behind a firewall and need to go through, e.g. an SSH dynamic port forward (a SOCKS5 channel inside an SSH session) you can use the following:

$ nohup ssh -D1080 proxy_server &
$ http_proxy=socks5://127.0.0.1:1080 https_proxy=socks5://127.0.0.1:1080 /opt/Discord/Discord --proxy-server="socks5://127.0.0.1:1080"
@mzpqnxow
mzpqnxow / commands.config
Created August 8, 2020 13:58
Basic reduced attack surface EdgeRouter configuration commands (L2-only configuration)
#
# This doesn't cover all of the hardening required for setting up an EdgeRouter as
# a router/firewall. This is more suitable for an Edge-X configured as a VLAN aware
# switch. There's a lot more to do to harden an L3 configuration, I'm not including it
# here
#
# Bind the management services to a specific IP address on a management VLAN interface
set service gui listen-address x.x.x.x
set service gui older-ciphers disable
@mzpqnxow
mzpqnxow / Makefile
Last active January 12, 2024 18:14
target for a Makefile for an `autombump and publish to PyPi/Artifactory` Makefile (via versioneer and git)
#
#
# ...
# The release target will do the following:
# - Bump your current *3 digit* git tag (you *MUST* be using x.y.z format) by git tagging
# `make release bump=major`
# `make release bump=minor`
# `make release`
# - Build/publish your Python package via setuptools, dynamically inserting the bumped
# version (so no need to update or track a version in setup.py)
@mzpqnxow
mzpqnxow / README.md
Last active October 18, 2023 04:27
Patch to statically link OpenSSL into Python3.8

Statically Linking OpenSSL Into Python3.8

EDIT/NOTE: Please see the comment below from @oferchen, this is supported properly in the build system now

Get the patch file (python3-static-link-openssl.patch) and put it in your working directory

$ wget https://www.python.org/ftp/python/3.8.12/Python-3.8.12.tar.xz
$ tar -xvf Python-3.8.12.tar.xz && cd Python-3.8.12
$ patch -p1 < ../python3-static-link-openssl.patch
@mzpqnxow
mzpqnxow / jsonencoder.py
Created October 23, 2020 23:20
JSON encoder for standard Python json package
import codecs
import json
import datetime
from uuid import UUID
class UniversalEncoder(json.JSONEncoder):
def default(self, obj):
if isinstance(obj, (datetime.datetime, datetime.date, datetime.time)):
return obj.isoformat()
@mzpqnxow
mzpqnxow / disable-mdns-chrome.sh
Last active June 22, 2023 07:58
Disable MDNS in Chrome via Chrome policies on the commandline
#!/bin/bash
#
# This assumes you are using "Chrome" from the official Google site via the .deb or .rpm
# This may or may not work with your distributions "Chromium" or "Chrome" package!
#
# Run this script then restart Chrome, you will see it is no longer bound to UDP:5353
#
mkdir -p /etc/opt/chrome/policies/{managed,recommended} || echo FAIL, ARE YOU ROOT
chmod go-w /etc/opt/chrome/policies/managed || echo FAIL, ARE YOU ROOT
cat > /etc/opt/chrome/policies/managed/managed_policy.json << 'EOF'
@mzpqnxow
mzpqnxow / azure-pmd-failsafe.sh
Created June 25, 2020 15:33
Shell script for setting up DPDK fail-safe PMD on Azure
#!/bin/sh
# Copyright (c) 2017 6WIND S.A.
version=20171003
[ "$0" != "bash" ] && self=$(readlink -f "$0")
[ "$self" ] && _self=${self##*/}
netvsc_id="{f8615163-df3e-46c5-913f-f2d2f965ed0e}"
@mzpqnxow
mzpqnxow / global_address_report.py
Created June 12, 2023 11:37 — forked from p-sherratt/global_address_report.py
Produce a "CIDR report" from Netbox
#!/usr/bin/env python3
# quick hacky script to produce a "CIDR report" of your global address space from Netbox
# this is released to the public domain, free of copyright and licensing.
# by Paul Sherratt
import urllib3
urllib3.disable_warnings()