repo cleanup, moved alot of stuff to wiki
This commit is contained in:
parent
c1b4c585c7
commit
4d1c9b349f
|
@ -0,0 +1,42 @@
|
|||
#!/bin/bash
|
||||
|
||||
# archlinux yaourt installer
|
||||
|
||||
baselink="https://aur.archlinux.org/packages"
|
||||
packages="package-query yaourt"
|
||||
#uncomment following for passing the packages as option
|
||||
#if [ -z $1 ]; then
|
||||
# echo "usage: ./install_yaourt.sh <list of packages>"
|
||||
# exit 1
|
||||
#fi
|
||||
#packages="$*"
|
||||
tmpfolder="getyaourt"
|
||||
|
||||
sudo pacman -Syu
|
||||
|
||||
for package in $packages; do
|
||||
|
||||
if [ -d /tmp/$tmpfolder ]; then
|
||||
rm -rf /tmp/$tmpfolder #use sudo on a multiuser system
|
||||
fi
|
||||
|
||||
mkdir /tmp/$tmpfolder
|
||||
|
||||
|
||||
link=$(curl -s "$baselink/$package" | grep "Download tarball" | sed 's/"/\ /g' | awk '{print $3}')
|
||||
cd /tmp/$tmpfolder
|
||||
wget "https://aur.archlinux.org$link" && tar xzf *
|
||||
|
||||
cd $package; makepkg -s
|
||||
if [ $? -eq 0 ]; then
|
||||
sudo pacman -U *.xz
|
||||
else
|
||||
echo "error: could not source PKGBUILD"
|
||||
fi
|
||||
cd - > /dev/null
|
||||
rm -rf /tmp/$tmpfolder
|
||||
|
||||
done
|
||||
|
||||
echo "info: everything done"
|
||||
|
|
@ -1,54 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
|
||||
|
||||
|
||||
#config section
|
||||
|
||||
filename="deleteme.dd"
|
||||
logfile="connection_test.log"
|
||||
|
||||
size="10" #MB
|
||||
#size=$2
|
||||
|
||||
#connection_string="david@dooku.aec.at"
|
||||
connection_string=$1
|
||||
|
||||
|
||||
|
||||
|
||||
#functions
|
||||
timestamp()
|
||||
{
|
||||
|
||||
date "+%c"
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
#script start
|
||||
|
||||
|
||||
echo "[$(timestamp)] - generationg local temp file ($filename)"
|
||||
#appending a "k" to $size
|
||||
size=$(echo $size"k")
|
||||
dd if=/dev/zero of=/tmp/$filename bs=1024 count=$size &> $logfile
|
||||
|
||||
echo "[$(timestamp)] - starting upload test"
|
||||
scp -v /tmp/$filename $connection_string:/tmp/$filename &> $logfile
|
||||
Bps=$(cat deleteme.log | grep "Bytes per second" | awk '{print $5}')
|
||||
count=${#Bps}; count=$((count-1)); Bps=${Bps:0:$count}
|
||||
echo "[$(timestamp)] - upload speed: $Bps Bytes/s"
|
||||
|
||||
|
||||
|
||||
|
||||
#clean up
|
||||
echo "[$(timestamp)] - removing temp files"
|
||||
rm /tmp/$filename
|
||||
rm $logfile
|
||||
|
||||
|
||||
exit 0
|
||||
#end of script
|
76
getmailad.py
76
getmailad.py
|
@ -1,76 +0,0 @@
|
|||
#!/usr/bin/python2 -B
|
||||
|
||||
|
||||
#resources
|
||||
#http://www.netvision.com/ad_useraccountcontrol.php
|
||||
#http://fsuid.fsu.edu/admin/lib/WinADLDAPAttributes.html#RANGE!B28
|
||||
|
||||
#author: david@socialnerds.org
|
||||
|
||||
|
||||
class getmailad(object):
|
||||
|
||||
""" get all email addresses from enabled
|
||||
users/groups from active directory """
|
||||
|
||||
""" tested with windows 2003 domain """
|
||||
|
||||
def __init__(self, ldap_server, bind_dn, bind_pass, base_dn):
|
||||
|
||||
self.addresslist = []
|
||||
self.count = 0
|
||||
|
||||
self._ldap_server = ldap_server
|
||||
self._bind_dn = bind_dn
|
||||
self._bind_pass = bind_pass
|
||||
self._base_dn = base_dn
|
||||
|
||||
|
||||
def get(self):
|
||||
|
||||
""" connect to active directory and get
|
||||
a list of email addresses """
|
||||
|
||||
import ldap
|
||||
|
||||
try:
|
||||
instance = ldap.initialize(self._ldap_server)
|
||||
instance.simple_bind_s(self._bind_dn, self._bind_pass)
|
||||
|
||||
|
||||
#ldap querry
|
||||
result = instance.search_s(self._base_dn, ldap.SCOPE_SUBTREE, ("cn=*"), ["mail", "proxyAddresses", "userAccountControl"])
|
||||
|
||||
|
||||
counter = 0
|
||||
for item in result:
|
||||
if item[1].has_key("userAccountControl"):
|
||||
if item[1]["userAccountControl"] == ["512"] or item[1]["userAccountControl"] == ["66048"] or item[1]["userAccountControl"] == ["66080"] or item[1]["userAccountControl"] == ["544"] or item[1]["userAccountControl"] == ["262656"] or item[1]["userAccountControl"] == ["262688"] or item[1]["userAccountControl"] == ["328192"] or item[1]["userAccountControl"] == ["328224"]:
|
||||
if item[1].has_key("proxyAddresses"):
|
||||
addresslist = item[1]["proxyAddresses"]
|
||||
for address in addresslist:
|
||||
if "SMTP:" in address or "smtp:" in address:
|
||||
self.addresslist.append(address[5:].lower())
|
||||
counter += 1
|
||||
self.count = counter
|
||||
|
||||
except ldap.LDAPError, error_message:
|
||||
pass
|
||||
|
||||
try:
|
||||
instance.unbind()
|
||||
except ldap.LDAPError, error_message:
|
||||
pass
|
||||
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
getmailadobj = getmailad("ldap://dc2.aec.at", "davidsa@aec.at", "secret", "ou=users,ou=adm,dc=aec,dc=at")
|
||||
getmailadobj.get()
|
||||
for item in getmailadobj.addresslist:
|
||||
print item
|
||||
print "\nMail addresses found: %i" %(getmailadobj.count)
|
||||
|
||||
|
||||
|
||||
#end of file
|
|
@ -1,14 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
## import cacert root certificate (imports to system, works for chromium)
|
||||
|
||||
sudo apt-get install libnss3-tools wget
|
||||
|
||||
wget -O cacert-root.crt "http://www.cacert.org/certs/root.crt"
|
||||
wget -O cacert-class3.crt "http://www.cacert.org/certs/class3.crt"
|
||||
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org" -i cacert-root.crt
|
||||
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org Class 3" -i cacert-class3.crt
|
||||
rm cacert-root.crt
|
||||
rm cacert-class3.crt
|
||||
|
||||
# source: http://wiki.cacert.org/BrowserClients
|
|
@ -23,7 +23,7 @@ for package in $packages; do
|
|||
|
||||
link=$(curl -s "$baselink/$package" | grep "Download tarball" | sed 's/"/\ /g' | awk '{print $3}')
|
||||
cd /tmp/$tmpfolder
|
||||
wget "https://aur.archlinux.org$link" && tar xzf *
|
||||
wget "https://aur.archlinux.org$link" && tar xzf *
|
||||
|
||||
cd $package; makepkg -s
|
||||
if [ $? -eq 0 ]; then
|
||||
|
@ -36,5 +36,4 @@ for package in $packages; do
|
|||
|
||||
done
|
||||
|
||||
echo; echo "everything done"; echo
|
||||
|
||||
echo "info: everything done"
|
||||
|
|
85
iptables.sh
85
iptables.sh
|
@ -1,85 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
#enable IPv4 Forwarding
|
||||
echo 1 > /proc/sys/net/ipv4/ip_forward
|
||||
|
||||
#Drop IMCP from broadcast multicast
|
||||
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
|
||||
|
||||
#Enable TCP SYN Cookie Protection from SYN Floods
|
||||
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
|
||||
|
||||
#Don't accept ICMP redirect messages
|
||||
echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects
|
||||
|
||||
#Don't send ICMP redirect messages
|
||||
echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects
|
||||
|
||||
#Enable source address ARP spoofing
|
||||
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
|
||||
|
||||
#Flush chains
|
||||
iptables --flush
|
||||
|
||||
#Set default policies
|
||||
iptables --policy INPUT DROP
|
||||
iptables --policy OUTPUT DROP
|
||||
iptables --policy FORWARD DROP
|
||||
|
||||
#Allow unlimited Loopback Traffic
|
||||
iptables -A INPUT -i lo -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -o lo -m state --state NEW -j ACCEPT
|
||||
|
||||
#Allow ICMP
|
||||
iptables -A INPUT -p ICMP -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -p ICMP -m state --state NEW -j ACCEPT
|
||||
iptables -A FORWARD -p ICMP -m state --state NEW -j ACCEPT
|
||||
|
||||
#enable Masquerading (NAT)
|
||||
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
|
||||
#allow Internet Access for internal
|
||||
iptables -A FORWARD -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow ACCESS to VPN from internal
|
||||
iptables -A FORWARD -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow everything from VPN
|
||||
iptables -A INPUT -i tun0 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -o tun0 -m state --state NEW -j ACCEPT
|
||||
iptables -A FORWARD -i tun0 -m state --state NEW -j ACCEPT
|
||||
iptables -A FORWARD -o tun0 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow VPN
|
||||
iptables -A INPUT -p udp --dport 1194 -m state --state NEW -j ACCEPT
|
||||
#iptables -A OUTPUT -p udp --dport 1194 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow Updates,DNS, NTP, DHCP and SSH outgoing
|
||||
iptables -A OUTPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -p tcp --dport 123 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -p udp --dport 123 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -p udp --dport 68 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow DNS, SSH and DHCP incoming
|
||||
#iptables -A INPUT -p udp --dport 67 -m state --state NEW -j ACCEPT
|
||||
#iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
|
||||
#iptables -A INPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT
|
||||
#iptables -A INPUT -p udp --dport 53 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow incoming everything from internal
|
||||
iptables -A OUTPUT -d 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
||||
iptables -A INPUT -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow vpn server
|
||||
iptables -A INPUT -s 10.30.0.1 -m state --state NEW -j ACCEPT
|
||||
iptables -A OUTPUT -d 10.30.0.1 -m state --state NEW -j ACCEPT
|
||||
iptables -A FORWARD -s 10.30.0.1 -m state --state NEW -j ACCEPT
|
||||
iptables -A FORWARD -d 10.30.0.1 -m state --state NEW -j ACCEPT
|
||||
|
||||
#allow established connections
|
||||
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
@ -1,3 +0,0 @@
|
|||
net use S: \\wh13.aec.at\AE-Solutions /PERSISTENT:yes
|
||||
|
||||
#net use S: \\wh13.aec.at\systembetrieb /PERSISTENT:yes
|
|
@ -1,27 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
i=1
|
||||
j=1
|
||||
threshold=850
|
||||
while [ 2 -gt 1 ]; do
|
||||
echo "run count: $i"
|
||||
sleep 30
|
||||
mem=$(free -m | grep + | awk '{print $3}')
|
||||
echo " used memory: $mem"
|
||||
echo " threshold: $threshold"
|
||||
if [ $mem -gt $threshold ]; then
|
||||
echo " memory usage too high"
|
||||
echo " too high mem count: $j (apache will be restarted if count reaches 10)"
|
||||
let j++
|
||||
if [ $j -gt 10 ]; then
|
||||
echo " resetting apache to clear memory"
|
||||
/etc/init.d/apache2 restart
|
||||
j=1
|
||||
fi
|
||||
else
|
||||
echo " memory below threshold"
|
||||
fi
|
||||
let i++
|
||||
done
|
||||
|
||||
exit 0
|
|
@ -1,11 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ -z $1 ]; then
|
||||
vncserver -kill :1
|
||||
vncserver -geometry 1280x720 -alwaysshared -dpi 96 -localhost :1
|
||||
echo "vncserver at :1 was restarted"
|
||||
else
|
||||
vncserver -kill $1
|
||||
vncserver -geometry 1280x720 -alwaysshared -dpi 96 -localhost $1
|
||||
echo "vncserver at $1 was restarted"
|
||||
fi
|
|
@ -1,14 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
list=$(ls -lR /srv/storage/prix_2012 | grep -e ^l | awk '{print $10}')
|
||||
count=0
|
||||
|
||||
for line in $list; do
|
||||
echo $line
|
||||
#rm -r $line
|
||||
count=$((count+1))
|
||||
done
|
||||
|
||||
echo "count: $count"
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
sudo -u piratebox nohup python2 /srv/piratebox/droopy.py -m "anonymous filesharing" --dl -d /srv/piratebox/files/ -p /srv/piratebox/piratebox.jpg 8000 &
|
|
@ -1,15 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ -z $1 ]; then
|
||||
echo "usage: vncconnect.sh <remote-ip>"
|
||||
exit 1
|
||||
else
|
||||
hostname=$1
|
||||
echo "digging ssh tunnel to $hostname"; sleep 1
|
||||
ssh $hostname -L 8900/localhost/5901 "sleep 05 && exit" &
|
||||
sleep 02
|
||||
vncviewer localhost:8900
|
||||
echo "killed ssh tunnel to $hostname and ended vnc session"
|
||||
fi
|
||||
|
||||
#end of file
|
|
@ -1,7 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant_socialnerds.conf
|
||||
|
||||
sleep 5
|
||||
|
||||
dhcpcd wlan0
|
Loading…
Reference in New Issue