Skip to content

Instantly share code, notes, and snippets.

Avatar

Adam Ayala swoopsta

View GitHub Profile
@swoopsta
swoopsta / routing.sh
Created May 4, 2017
Make VPN loopback failsafe
View routing.sh
#! /bin/bash
VPNIF="tun0"
VPNUSER="vpn"
GATEWAYIP=$(ifconfig $VPNIF | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | egrep -v '255|(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})' | tail -n1)
if [[ `ip rule list | grep -c 0x1` == 0 ]]; then
ip rule add from all fwmark 0x1 lookup $VPNUSER
fi
ip route replace default via $GATEWAYIP table $VPNUSER
ip route append default via 127.0.0.1 dev lo table $VPNUSER
@swoopsta
swoopsta / port-forward-splitvpn.sh
Last active May 11, 2017
Port Forwarding for Raspberry Pi 3 Split VPN for PIA and Transmission
View port-forward-splitvpn.sh
#!/usr/bin/env bash
# Author: Adam Ayala
# Adapted from https://github.com/blindpet/piavpn-portforward/
# Author: Mike
# Based on https://github.com/crapos/piavpn-portforward
# Set path for root Cron Job
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
USERNAME=piauser
@swoopsta
swoopsta / pia-port-forwarding.sh
Last active May 12, 2017
PIA Port Forwarding For Transmission
View pia-port-forwarding.sh
#!/usr/bin/env bash
#
# Enable port forwarding when using Private Internet Access
#
echo 'Loading port forward assignment information...'
pia_client_id=`head -n 100 /dev/urandom | sha256sum | tr -d " -"` forwarded_port=$(curl "http://209.222.18.222:2000/\?client_id=$pia_client_id" 2>/dev/null | awk -F ':' '{ print $2 }'| awk -F '}' '{ print $1 }')
json=`curl "http://209.222.18.222:2000/?client_id=$client_id" 2>/dev/null`
if [ "$json" == "" ]; then
echo "Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding"
else
View gist:ebd6fbe79ae23bc7b268568728926ae8
<?php
/*
* Template Name: Example Custom Template
* See the codex entry on custom template for more information: http://codex.wordpress.org/Page_Templates#Custom_Page_Template
*
* Add html above or below the_content inside the comments
* Add php snippets as well with their own opening and closing php
*/
global $avia_config, $post;
@swoopsta
swoopsta / iptables.sh
Last active Apr 10, 2018
IP Tables for VPN LXC Instance
View iptables.sh
#! /bin/bash
# Flush
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
# Flush V6
ip6tables -t nat -F
View Whitelist Cloudflare
# Source:
# https://www.cloudflare.com/ips
# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-
for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
# Avoid racking up billing/attacks
# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable.
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP
View WP Perms
#!/bin/bash
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Author: Michael Conigliaro
#
WP_OWNER=www-data
WP_GROUP=www-data
P_ROOT=/home/changeme
View Gravity Email
<html>
<head>
<title>New submission from Upload Documents</title>
</head>
<body>
<table width="99%" border="0" cellpadding="1" cellspacing="0" bgcolor="#EAEAEA"><tr><td>
<table width="100%" border="0" cellpadding="5" cellspacing="0" bgcolor="#FFFFFF">
<tr bgcolor="#EAF2FA">
<td colspan="2">
<font style="font-family: sans-serif; font-size:12px;"><strong>File</strong></font>
@swoopsta
swoopsta / split_tunnel_VPN.md
Created Jan 13, 2021 — forked from GAS85/split_tunnel_VPN.md
Force Torrent/user Traffic through VPN Split Tunnel on Ubuntu 16.04
View split_tunnel_VPN.md
View Split Tunnel In An LXC Container
Finally Got it. It's not a split tunnel since that would be fairly redundant in a container.
Cloned LXC Container named vpn
Changed Config. Added this to the vpn config:
# Allow Tun Device
lxc.cgroup.devices.allow = c 10:200 rwm
# Run an autodev hook to setup the device
lxc.autodev = 1
lxc.hook.autodev = /lxc/vpn/autodev