| # /etc/network/interfaces | |
| # | |
| auto lo | |
| iface lo inet loopback | |
| # device: eth0 | |
| iface eth0 inet manual | |
| # IPv4 bridge | |
| # (connect ONLY your firewall/router KVM instance here, this is the WAN device!) |
| #!/bin/bash | |
| # This scripts scans the elasticsearch source code for all the registered REST endpoints | |
| # It will put the formatted output in $DEFINITIONOUTPUTFILE | |
| # [MethodName] [HttpVerb] [Route] | |
| ESFOLDER="../elasticsearch" | |
| DEFINITIONOUTPUTFILE="src/Generated/rest-actions.txt" | |
| # Find all the lines that registerHandlers |
| --- | |
| 148: | |
| - 4 | |
| - :nf_f_conn_id | |
| 8: | |
| - 4 | |
| - :nf_f_src_addr_ipv4 | |
| 7: | |
| - 2 | |
| - :nf_f_src_port |
| # D-I config version 2.0 | |
| default debian/7.4/amd64/boot-screens/vesamenu.c32 | |
| prompt 1 | |
| timeout 300 | |
| menu title - Boop Menu - | |
| label Debian-7.4 | |
| menu label ^0 Debian 7.4 | |
| #include debian/7.4/amd64/boot-screens/menu.cfg | |
| kernel debian/7.4/amd64/linux |
| #parse ASA log | |
| grok { | |
| patterns_dir => "/opt/logstash/logstash-1.4.0/patterns" | |
| break_on_match => false | |
| match => [ "raw_message", "%{CISCOFACSEVMNEM} %{WORD:Action} %{WORD:IPProtocol} src %{WORD:SourceZone}:%{IP:SourceAddress}\/%{POSINT:SourcePort} dst %{WORD:DestinationZone}:%{IP:DestinationAddress}\/%{POSINT:DestinationPort} by access-group \"%{NOTSPACE:rule}\"%{GREEDYDATA}", | |
| "raw_message", "%{CISCOFACSEVMNEM} %{WORD:Action} %{IPPROTOCOL:IPProtocol} src %{WORD:SourceZone}:%{IP:SourceAddress} dst %{WORD:DestinationZone}:%{IP:DestinationAddress} %{DATA:icmp_type_code} by access-group \"%{WORD:Rule}\"%{GREEDYDATA}", | |
| "raw_message", "%{CISCOFACSEVMNEM} %{GREEDYDATA:description}" ] | |
| } | |
| mutate { | |
| remove_field => [ "message", "raw_message" ] |
| #!/bin/bash | |
| # | |
| # vm_nmap | |
| # Created on 2013/07/16 MB | |
| # | |
| # Lists all configured port forwarding rules for all VirtualBox VMs found | |
| # in the caller user's home. | |
| # | |
| # If called from user root, lists all port forwarding rules for all VMs | |
| # in all homes. |
Save the route script to /usr/local/lib/openvpn/route on the client. Make it executable with chmod +x.
Remove the push redirect-gateway option from the OpenVPN server config.
Add these options to the OpenVPN client config:
setenv OPENVPN_ROUTE_TABLE 94
route-noexec
route-up /usr/local/lib/openvpn/route
route 0.0.0.0 128.0.0.0
| # File: /etc/rsyslog.conf | |
| # Rsyslog configuration file for productive systems | |
| # Copyright (C) 2015 Matous J. Fialka, <http://mjf.cz/> | |
| # Released under the terms of "The MIT License" | |
| $IncludeConfig /etc/rsyslog.d/globals.d/S[0-9][0-9]-?*.conf | |
| $IncludeConfig /etc/rsyslog.d/modules.d/S[0-9][0-9]-?*.conf | |
| $IncludeConfig /etc/rsyslog.d/templates.d/S[0-9][0-9]-?*.conf | |
| $IncludeConfig /etc/rsyslog.d/inputs.d/S[0-9][0-9]-?*.conf |
| # | |
| # INPUT - Logstash listens on port 8514 for these logs. | |
| # | |
| input { | |
| udp { | |
| port => "8514" | |
| type => "syslog-cisco" | |
| } | |
Requirements:
Steps to setup the scripts:
mkdir benches
cd benches
curl https://artifacts.elastic.co/downloads/logstash/logstash-7.6.0.tar.gz | tar -zxf -
cd logstash-7.6.0