Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!
openssl genrsa -des3 -out rootCA.key 4096
# | |
# A CORS (Cross-Origin Resouce Sharing) config for nginx | |
# | |
# == Purpose | |
# | |
# This nginx configuration enables CORS requests in the following way: | |
# - enables CORS just for origins on a whitelist specified by a regular expression | |
# - CORS preflight request (OPTIONS) are responded immediately | |
# - Access-Control-Allow-Credentials=true for GET and POST requests |
### 1: Drop invalid packets ### | |
/sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP | |
### 2: Drop TCP packets that are new and are not SYN ### | |
/sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP | |
### 3: Drop SYN packets with suspicious MSS value ### | |
/sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP | |
### 4: Block packets with bogus TCP flags ### |
## Block SQL injections | |
set $block_sql_injections 0; | |
if ($query_string ~ "union.*select.*\(") { | |
set $block_sql_injections 1; | |
} | |
if ($query_string ~ "union.*all.*select.*") { | |
set $block_sql_injections 1; | |
} |
/dev/zwave
(add to /etc/udev/rules.d/
)See the original instructions here: https://community.home-assistant.io/t/rpi-as-z-wave-zigbee-over-ip-server-for-hass/23006 also see the notes below in each file.
# Login into router using SSH and execute listed commands (AT OWN RISK!). | |
# To apply the settings on boot, paste the same settings in init-start. | |
nvram set asuscfe0:ccode=US | |
nvram set asuscfe1:ccode=US | |
nvram set asuscfe0:regrev=0 | |
nvram set asuscfe1:regrev=0 | |
nvram set asuscfecommit=1 | |
nvram set 0:ccode=US | |
nvram set 1:ccode=US | |
nvram set 0:regrev=0 |
#!/bin/sh | |
# https://github.com/RMerl/asuswrt-merlin.ng/wiki/User-scripts | |
# Tested on EU-model, channels changes work, however increasing TX-power probably not. | |
nvram set 0:ccode=US | |
nvram set 0:regrev=0 | |
nvram set 1:ccode=US | |
nvram set 1:regrev=0 | |
nvram set wl0_country_code=US | |
nvram set wl0_country_rev=0 | |
nvram set wl0_reg_mode=off |