Skip to content

Instantly share code, notes, and snippets.

View wongsyrone's full-sized avatar
😂
Babysitting

Syrone Wong wongsyrone

😂
Babysitting
View GitHub Profile
View refresh_kernel.sh
#!/bin/sh
KERNEL=$1
PATCHVER=$2
[ -z "$1" -o -z "$2" ] && {
echo "usage: refresh_kernel.sh <version> <release>"
echo "example: refresh_kernel.sh 3.18 3.18.30"
exit 1
}
@bnagy
bnagy / gpgmutt.md
Last active November 15, 2023 15:34
Mutt, Gmail and GPG
View gpgmutt.md

GPG / Mutt / Gmail

About

This is a collection of snippets, not a comprehensive guide. I suggest you start with Operational PGP.

Here is an incomplete list of things that are different from other approaches:

  • I don't use keyservers. Ever.
  • Yes, I use Gmail instead of some bespoke hipster freedom service
@wong2
wong2 / cmds.txt
Last active May 2, 2021 12:13
在任意聊天中输入。 [ ]表示后面要跟一个空格(可能还需要别的参数才能生效)
View cmds.txt
//wearversion
//wearlog
//wearvoiceinputenable
//wearvoiceinputdisable
//weargoogleapi
//assert
//pushassert
//uplog
//upcrash
//switchnotificationstatus
@turingbirds
turingbirds / GNUPG Cheatsheet.md
Last active February 7, 2024 09:34
GPG (GNUPG) Cheatsheet
View GNUPG Cheatsheet.md

GNUPG CHEATSHEET

Setting up: key generation

This generates a public/private keypair.

$ gpg --gen-key

$ gpg --list-secret-keys

View dns_pollution_iplist.txt
0.0.0.0
1.1.80.147
1.1.127.45
1.33.190.70
1.33.191.58
1.209.208.200
1.234.1.235
1.234.2.155
1.234.4.97
1.234.17.34
@klzgrad
klzgrad / Naive-VPN.md
Created November 17, 2014 00:43
朴素VPN:一个纯内核级静态隧道
View Naive-VPN.md

朴素VPN:一个纯内核级静态隧道

由于路由管控系统的建立,实时动态黑洞路由已成为最有效的封锁手段,TCP连接重置和DNS污染成为次要手段,利用漏洞的穿墙方法已不再具有普遍意义。对此应对方法是多样化协议的VPN来抵抗识别。这里介绍一种太简单、有时很朴素的“穷人VPN”。

朴素VPN只需要一次内核配置(Linux内核),即可永久稳定运行,不需要任何用户态守护进程。所有流量转换和加密全部由内核完成,原生性能,开销几乎没有。静态配置,避免动态握手和参数协商产生指纹特征导致被识别。并且支持NAT,移动的内网用户可以使用此方法。支持广泛,基于L2TPv3标准,Linux内核3.2+都有支持,其他操作系统原则上也能支持。但有两个局限:需要root权限;一个隧道只支持一个用户。

朴素VPN利用UDP封装的静态L2TP隧道实现VPN,内核XFRM实现静态IPsec。实际上IP-in-IP隧道即可实现VPN,但是这种协议无法穿越NAT,因此必须利用UDP封装。内核3.18将支持Foo-over-UDP,在UDP里面直接封装IP,与静态的L2TP-over-UDP很类似。

创建一个朴素VPN

View linux上用strongswan搭建ikev2协议vpn.md

测试平台:DigitalOcean VPS ubuntu14.04 x64, strongswan5.2.2

运行以下命令请使用root权限

一:安装strongswan

由于ubuntu软件仓库中strongswan版本较低,因此从官网源码编译安装

apt-get install build-essential     #编译环境
aptitude install libgmp10 libgmp3-dev libssl-dev pkg-config libpcsclite-dev libpam0g-dev     #编译所需要的软件
@kevinzhow
kevinzhow / route.sh
Last active October 2, 2022 08:01
AnyConnect 路由表
View route.sh
route = 8.0.0.0/255.0.0.0
route = 58.0.0.0/255.0.0.0
route = 23.0.0.0/255.0.0.0
route = 117.0.0.0/255.0.0.0
route = 199.0.0.0/255.0.0.0
route = 190.0.0.0/255.0.0.0
route = 198.0.0.0/255.0.0.0
route = 173.0.0.0/255.0.0.0
route = 174.0.0.0/255.0.0.0
route = 168.0.0.0/255.0.0.0
@woods
woods / gen-key-script
Last active February 28, 2024 14:55
Creating gpg keys non-interactively
View gen-key-script
Key-Type: 1
Key-Length: 2048
Subkey-Type: 1
Subkey-Length: 2048
Name-Real: Root Superuser
Name-Email: root@handbook.westarete.com
Expire-Date: 0
@vodik
vodik / SOS.md
Last active February 24, 2024 11:11
_Never_ -Sy when installing!
View SOS.md

Once upon a time there was a user that wanted to install firefox.

The user tried to do pacman -S firefox but it didn't work. The all mighty pacman reported that firefox-3.2.4-1.i686.pkg.tar.gz could not be found on his mirror. So the user tried pacman -Sy firefox. It worked and the user rejoiced since he could once again go and troll /h/.

But all was not good. The user had made a grave error!

See, when the user told the almighty pacman to -Sy firefox, pacman did