This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Globals | |
var _message_source = null; | |
var _message_origin = null; | |
// Methods | |
var __receive_message = function(event) { | |
var _data = JSON.parse(event.data); | |
if (_data.type && _data.payload) { | |
// Store message parameters |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# 1. Setup base dependencies | |
apk update | |
apk del ufw | |
apk add htop busybox-extras | |
# 2. Disable Swap |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
port 1194 | |
proto tcp6-server | |
dev tun | |
local :: | |
ca ca.crt | |
cert server.crt | |
key server.key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
BACKUP_DATE=$(date +"%Y-%m-%d_%H-%M-%S") | |
AWS_CONTAINER="s3://xxx-backup/xxx_backup" | |
AWS_DESTINATION="$AWS_CONTAINER/$BACKUP_DATE" | |
GPG_RECIPIENT=xxx@xxx.xxx | |
ADMIN_EMAIL=xxx@xxx.xxx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# jan/13/2020 08:34:56 by RouterOS 6.46.1 | |
# | |
# notes: \ | |
# - wan to orange ont on ether1; \ | |
# - lan to ap/switch on ether2; \ | |
# - ipv4 + ipv6 w/ fw rules; \ | |
# - using routeros dns cache for lan, proxying to the dns servers advertised by orange's dhcpv4 server; \ | |
# - direct plug your computer w/ wireshark to your livebox 4 fiber ethernet port and reboot it, inspect the dhcpv4 packat in wireshark and extract the value of 'authsend'; \ | |
# - the cos tag needs to be set to 6 to be accepted by the ont dhcpv4/v6 server (from default 0), this may not be required depending on your ont, check for the cos flag sent by your livebox 4 when sniffing its traffic | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
** File Read Latency Histogram By Level [default] ** | |
2019/03/31-08:53:54.017088 7fc4977f6700 [WARN] [db/db_impl.cc:669] ------- DUMPING STATS ------- | |
2019/03/31-08:53:54.017165 7fc4977f6700 [WARN] [db/db_impl.cc:670] | |
** DB Stats ** | |
Uptime(secs): 41400.5 total, 600.0 interval | |
Cumulative writes: 17M writes, 17M keys, 17M commit groups, 1.0 writes per commit group, ingest: 13.88 GB, 0.34 MB/s | |
Cumulative WAL: 17M writes, 0 syncs, 17597384.00 writes per sync, written: 13.88 GB, 0.34 MB/s | |
Cumulative stall: 00:00:0.000 H:M:S, 0.0 percent | |
Interval writes: 0 writes, 0 keys, 0 commit groups, 0.0 writes per commit group, ingest: 0.00 MB, 0.00 MB/s | |
Interval WAL: 0 writes, 0 syncs, 0.00 writes per sync, written: 0.00 MB, 0.00 MB/s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var mongoose = require("mongoose"); | |
var SonicChannelSearch = require("sonic-channel").Search; | |
var MessageModel = mongoose.model("message", new mongoose.Schema({ | |
website_id : String, | |
type : String, | |
content : Object | |
})); | |
var query_count = 0; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var mongoose = require("mongoose"); | |
var SonicChannelIngest = require("sonic-channel").Ingest; | |
var MessageModel = mongoose.model("message", new mongoose.Schema({ | |
session_id : String, | |
website_id : String, | |
type : String, | |
content : Object | |
})); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"dependencies": { | |
"request-promise": "4.2.2", | |
"request": "2.83.0", | |
"promise-seq": "2.0.1" | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Those rules protect HTTP/HTTPS services for both IPv4 and IPv6 sources as such: | |
# 1. Prevent a /32 IPv4 or /64 IPv6 to open more than 10 HTTPS?/TCP connections per second (the limit is high, but this still shield against some attacks) — DROP TCP packets in this case, to avoid generating egress traffic sending a RST | |
# 2. Limit ingress bandwidth to HTTPS? services to 32KB/sec (adjust to your needs, in my case it is used to shield a WebSocket backend against incoming WebSocket message floods) | |
# 3. Limit the number of simultaneous ongoing connections to HTTPS? to 40 (also, high limit, adjust to your needs) | |
# The protections those rules offer: | |
# 1. Prevent crypto-DOS (ie. a client that proceed too many key exchanges and thus exhaust server CPU) | |
# 2. Prevent WebSocket floodings (eg. I use this for Socket.IO, which has no efficient way to rate-limit received messages before they get parsed) | |
# 3. Prevent ephemeral TCP port exhaustion due to a client holding too many TCP connections | |
# 4. Prevent IPv6 rotation attac |
NewerOlder