Skip to content

Instantly share code, notes, and snippets.

View sunsong's full-sized avatar

孙松 sunsong

7 followers · 6 following
View GitHub Profile
@sunsong
sunsong / README-fail2ban-keycloak.md
Created August 11, 2023 02:16 — forked from drmalex07/README-fail2ban-keycloak.md
Use fail2ban to block brute-force attacks to keycloak server. #keycloak #fail2ban #brute-force-attack

Add regular-expression filter under /etc/fail2ban/filter.d/keycloak.conf:

[INCLUDES]

before = common.conf

[Definition]

_threadName = [a-z][-_0-9a-z]*(\s[a-z][-_0-9a-z]*)*
_userId = (null|[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})
@sunsong
sunsong / Netfilter-IPTables-Diagrams.md
Created August 10, 2023 06:18 — forked from nerdalert/Netfilter-IPTables-Diagrams.md
Linux NetFilter, IP Tables and Conntrack Diagrams

Linux NetFilter, IP Tables and Conntrack Diagrams

IPTABLES TABLES and CHAINS

IPTables has the following 4 built-in tables.

1) Filter Table

Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.

@sunsong
sunsong / gost.iptables.sh
Created September 13, 2022 06:47 — forked from recall704/gost.iptables.sh
gost 透明代理 iptables 配置
#!/bin/bash
# 你的代理服务器的 IP
PROXY_IP="1.2.3.4"
PROXY_IPSET="proxy_ipset"
INTERNAL_IPSET="internal_ipset"
GFW_IPSET="gfw_ipset"
CHINA_IPSET="china_ipset"
SNI_PORT=443
@sunsong
sunsong / send_email.py
Created August 30, 2022 03:35
Sending emails using Python
#!/usr/bin/python3
# https://realpython.com/python-send-email/
# https://stackoverflow.com/questions/60681932/add-from-header-in-email
import smtplib, ssl
def main():
port = 587 # For starttls
@sunsong
sunsong / get_installed_applicatons.py
Created August 25, 2022 08:41
Get Installed Applications in MacOS
#!/usr/bin/python3
# https://stackoverflow.com/questions/50708348/using-python-to-find-mac-uuid-serial-number
import os
import subprocess
irrelevant_files = [
".localized",
@sunsong
sunsong / gist:697355d084c4fb10a4038189548e2c92
Created October 1, 2017 14:51 — forked from mtigas/gist:952344
Mini tutorial for configuring client-side SSL certificates.

Client-side SSL

For excessively paranoid client authentication.

Using self-signed certificate.

Create a Certificate Authority root (which represents this server)

Organization & Common Name: Some human identifier for this server CA.

openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
@sunsong
sunsong / containers.yml
Last active June 3, 2017 03:44
---
- hosts: all
tasks:
- name: Start Local Docker Registry(v2)
docker_container:
name: registry
image: registry:2
state: started
restart: yes
read_only: yes
@sunsong
sunsong / rm-vagrant-boxes.sh
Created August 31, 2016 09:17
Remove all Vagrant boxes
vagrant box list 2>1 | awk '{print $1}'| xargs -n 1 -I {} vagrant box remove {} --all
@sunsong
sunsong / git-barify.sh
Last active February 24, 2017 05:30
Stash all changes in each git folder, make those folders bare repositories in a root folder
#!/bin/bash
#################
#
# Author: Song Sun
# Github: https://github.com/sunsong
# Date: Aug 31, 2016
# Description: Stash all changes in each git folder, make those folders bare repositories in a root folder
# Feature:
# * Make a git repository to a bare repository
@sunsong
sunsong / init
Created March 12, 2015 07:39
#!/bin/bash
# chkconfig: 2345 20 80
# description: Description comes here....
# Source function library.
. /etc/init.d/functions
start() {
# code to start app comes here
# example: daemon program_name &