Sata sata

## nordvpn-swap.sh
#!/usr/bin/env bash
# Quick hack to replace iptables rules NordVPN inserts (prepends) for
# INPUT chain. Instead of accepting connection in any states, only allow RELATED and ESTABLISHED.
# i.e -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
# For what ever reason, NordVPN thinks it's good that they can reach your machine and you would be ok with that.
# It doesn't clean up iptables rules if you reconnect several times to NordVPN

set -euo pipefail

function ifs {

## gist:2576bd0518bb59797aaffb771fcabb1b
➜  ~ echo | openssl s_client -showcerts -servername aftonbladet.se -connect aftonbladet.se:443 2>/dev/null | openssl x509 -inform pem -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:cf:a7:c1:b8:a5:41:59:ad:5b:f3:4b:74:44:c7:bb
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = GeoTrust TLS RSA CA G1
        Validity
            Not Before: May 22 00:00:00 2018 GMT

## gist:242c9e2b49defdcbe373f8813ae358b1
    ActiveSupport::Notifications.subscribe('request.active_resource')  do |name, start, finish, id, payload|
      p "#{payload[:method]} #{payload[:request_uri]} => #{payload[:result].class.name}"
    end

## gist:0c54ffb09c0fa97f8c9db0a05776bc96
func selfConnect(fd *netFD, err error) bool {
	// If the connect failed, we clearly didn't connect to ourselves.
	if err != nil {
		return false
	}

	// The socket constructor can return an fd with raddr nil under certain
	// unknown conditions. The errors in the calls there to Getpeername
	// are discarded, but we can't catch the problem there because those
	// calls are sometimes legally erroneous with a "socket not connected".

## code review.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              2 stars
            
          
                sata
                / code review.md
            
            
              Last active
              October 31, 2018 10:06
            
          
    Code review practices

The following is meant to be a set of guidelines, not dogma. Use your best judgement. The goal is threefold, to have a practice for engineers to learn about what we collectively care about. To maintain quality of the code base as well as knowledge sharing about our systems.
Role of the author


Create PR, make sure to include JIRA ticket if such exists in the description or title of PR
Assign 2 developers as minimum but can include the whole team if the author feels it's needed.
Answer any questions the reviewer has.
Push changes after review is done as a new commit and make sure reviewer and yourself are satisfied with the change.


## gist:bacd0e76e728091c8343729d4b00c46d
traceroute to 54.227.209.130 (54.227.209.130), 30 hops max, 60 byte packets
1 vl-3072.vbdc-pe2.glesys.net (5.178.78.65) 0.241 ms 0.879 ms 1.134 ms
2 193.108.196.60 (193.108.196.60) 0.705 ms 1.012 ms 1.261 ms
3 po-1.vbdc-cr1.glesys.net (193.108.196.54) 0.368 ms 0.877 ms 1.148 ms
4 be-1.vbdc-cr4.glesys.net (193.108.196.55) 1.355 ms * *
5 po-1.vbdc-cr1.glesys.net (193.108.196.54) 1.392 ms 1.621 ms 1.861 ms
6 * * *
7 po-1.vbdc-cr1.glesys.net (193.108.196.54) 0.417 ms 0.851 ms 1.199 ms
8 * * *
9 po-1.vbdc-cr1.glesys.net (193.108.196.54) 0.346 ms 0.655 ms 0.911 ms

## foo.erl
2> timer:tc(fun(A) -> A end, [1]).
{12,1}
3> timer:tc(fun(A) -> A end, 1).
** exception error: undefined function timer:tc/2


## gist:c1be3ccd92570459744b
(emacs@mini)1> ets:new(foo, [protected, named_table, ordered_set, {keypos, 1}]).
foo
(emacs@mini)2> ets:insert_new(foo, [{1, a}, {1, b}, {2, c}, {3, d}]).
true
(emacs@mini)3> ets:tab2list(foo).
[{1,b},{2,c},{3,d}]

## erlang.mk
# Copyright (c) 2013-2015, Loïc Hoguin <essen@ninenines.eu>
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

## armitage.firewall.sh
#! /bin/sh

### BEGIN INIT INFO
# Provides:		firewall
# Required-Start:	$remote_fs $syslog
# Required-Stop:	$remote_fs $syslog
# Default-Start:	2 3 4 5
# Default-Stop:		0 1 6
# Short-Description:	firewall for armitage vpn container
### END INIT INFO
	#!/usr/bin/env bash
	# Quick hack to replace iptables rules NordVPN inserts (prepends) for
	# INPUT chain. Instead of accepting connection in any states, only allow RELATED and ESTABLISHED.
	# i.e -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
	# For what ever reason, NordVPN thinks it's good that they can reach your machine and you would be ok with that.
	# It doesn't clean up iptables rules if you reconnect several times to NordVPN

	set -euo pipefail

	function ifs {
	➜ ~ echo \| openssl s_client -showcerts -servername aftonbladet.se -connect aftonbladet.se:443 2>/dev/null \| openssl x509 -inform pem -noout -text
	Certificate:
	Data:
	Version: 3 (0x2)
	Serial Number:
	04:cf:a7:c1:b8:a5:41:59:ad:5b:f3:4b:74:44:c7:bb
	Signature Algorithm: sha256WithRSAEncryption
	Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = GeoTrust TLS RSA CA G1
	Validity
	Not Before: May 22 00:00:00 2018 GMT
	ActiveSupport::Notifications.subscribe('request.active_resource') do \|name, start, finish, id, payload\|
	p "#{payload[:method]} #{payload[:request_uri]} => #{payload[:result].class.name}"
	end
	func selfConnect(fd *netFD, err error) bool {
	// If the connect failed, we clearly didn't connect to ourselves.
	if err != nil {
	return false
	}

	// The socket constructor can return an fd with raddr nil under certain
	// unknown conditions. The errors in the calls there to Getpeername
	// are discarded, but we can't catch the problem there because those
	// calls are sometimes legally erroneous with a "socket not connected".
	traceroute to 54.227.209.130 (54.227.209.130), 30 hops max, 60 byte packets
	1 vl-3072.vbdc-pe2.glesys.net (5.178.78.65) 0.241 ms 0.879 ms 1.134 ms
	2 193.108.196.60 (193.108.196.60) 0.705 ms 1.012 ms 1.261 ms
	3 po-1.vbdc-cr1.glesys.net (193.108.196.54) 0.368 ms 0.877 ms 1.148 ms
	4 be-1.vbdc-cr4.glesys.net (193.108.196.55) 1.355 ms * *
	5 po-1.vbdc-cr1.glesys.net (193.108.196.54) 1.392 ms 1.621 ms 1.861 ms
	6 * * *
	7 po-1.vbdc-cr1.glesys.net (193.108.196.54) 0.417 ms 0.851 ms 1.199 ms
	8 * * *
	9 po-1.vbdc-cr1.glesys.net (193.108.196.54) 0.346 ms 0.655 ms 0.911 ms
	2> timer:tc(fun(A) -> A end, [1]).
	{12,1}
	3> timer:tc(fun(A) -> A end, 1).
	** exception error: undefined function timer:tc/2
	(emacs@mini)1> ets:new(foo, [protected, named_table, ordered_set, {keypos, 1}]).
	foo
	(emacs@mini)2> ets:insert_new(foo, [{1, a}, {1, b}, {2, c}, {3, d}]).
	true
	(emacs@mini)3> ets:tab2list(foo).
	[{1,b},{2,c},{3,d}]
	# Copyright (c) 2013-2015, Loïc Hoguin <essen@ninenines.eu>
	#
	# Permission to use, copy, modify, and/or distribute this software for any
	# purpose with or without fee is hereby granted, provided that the above
	# copyright notice and this permission notice appear in all copies.
	#
	# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	#! /bin/sh

	### BEGIN INIT INFO
	# Provides: firewall
	# Required-Start: $remote_fs $syslog
	# Required-Stop: $remote_fs $syslog
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Short-Description: firewall for armitage vpn container
	### END INIT INFO