1
1
Fork 0

repo cleanup, moved alot of stuff to wiki

This commit is contained in:
david 2013-04-11 23:38:05 +02:00
parent c1b4c585c7
commit 4d1c9b349f
28 changed files with 44 additions and 312 deletions

42
arch/install_yaourt.sh Executable file
View File

@ -0,0 +1,42 @@
#!/bin/bash
# archlinux yaourt installer
baselink="https://aur.archlinux.org/packages"
packages="package-query yaourt"
#uncomment following for passing the packages as option
#if [ -z $1 ]; then
# echo "usage: ./install_yaourt.sh <list of packages>"
# exit 1
#fi
#packages="$*"
tmpfolder="getyaourt"
sudo pacman -Syu
for package in $packages; do
if [ -d /tmp/$tmpfolder ]; then
rm -rf /tmp/$tmpfolder #use sudo on a multiuser system
fi
mkdir /tmp/$tmpfolder
link=$(curl -s "$baselink/$package" | grep "Download tarball" | sed 's/"/\ /g' | awk '{print $3}')
cd /tmp/$tmpfolder
wget "https://aur.archlinux.org$link" && tar xzf *
cd $package; makepkg -s
if [ $? -eq 0 ]; then
sudo pacman -U *.xz
else
echo "error: could not source PKGBUILD"
fi
cd - > /dev/null
rm -rf /tmp/$tmpfolder
done
echo "info: everything done"

0
archive/df.sh Executable file → Normal file
View File

0
archive/df_bot.sh Executable file → Normal file
View File

0
archive/hb.sh Executable file → Normal file
View File

0
archive/heartbeat.sh Executable file → Normal file
View File

0
archive/journal.sh Executable file → Normal file
View File

0
archive/mediacontrol.sh Executable file → Normal file
View File

0
archive/mem.sh Executable file → Normal file
View File

0
archive/ping.sh Executable file → Normal file
View File

0
archive/vpnc_config.sh Executable file → Normal file
View File

0
archive/youtube_converter.sh Executable file → Normal file
View File

View File

@ -1,54 +0,0 @@
#!/bin/bash
#config section
filename="deleteme.dd"
logfile="connection_test.log"
size="10" #MB
#size=$2
#connection_string="david@dooku.aec.at"
connection_string=$1
#functions
timestamp()
{
date "+%c"
}
#script start
echo "[$(timestamp)] - generationg local temp file ($filename)"
#appending a "k" to $size
size=$(echo $size"k")
dd if=/dev/zero of=/tmp/$filename bs=1024 count=$size &> $logfile
echo "[$(timestamp)] - starting upload test"
scp -v /tmp/$filename $connection_string:/tmp/$filename &> $logfile
Bps=$(cat deleteme.log | grep "Bytes per second" | awk '{print $5}')
count=${#Bps}; count=$((count-1)); Bps=${Bps:0:$count}
echo "[$(timestamp)] - upload speed: $Bps Bytes/s"
#clean up
echo "[$(timestamp)] - removing temp files"
rm /tmp/$filename
rm $logfile
exit 0
#end of script

View File

@ -1,76 +0,0 @@
#!/usr/bin/python2 -B
#resources
#http://www.netvision.com/ad_useraccountcontrol.php
#http://fsuid.fsu.edu/admin/lib/WinADLDAPAttributes.html#RANGE!B28
#author: david@socialnerds.org
class getmailad(object):
""" get all email addresses from enabled
users/groups from active directory """
""" tested with windows 2003 domain """
def __init__(self, ldap_server, bind_dn, bind_pass, base_dn):
self.addresslist = []
self.count = 0
self._ldap_server = ldap_server
self._bind_dn = bind_dn
self._bind_pass = bind_pass
self._base_dn = base_dn
def get(self):
""" connect to active directory and get
a list of email addresses """
import ldap
try:
instance = ldap.initialize(self._ldap_server)
instance.simple_bind_s(self._bind_dn, self._bind_pass)
#ldap querry
result = instance.search_s(self._base_dn, ldap.SCOPE_SUBTREE, ("cn=*"), ["mail", "proxyAddresses", "userAccountControl"])
counter = 0
for item in result:
if item[1].has_key("userAccountControl"):
if item[1]["userAccountControl"] == ["512"] or item[1]["userAccountControl"] == ["66048"] or item[1]["userAccountControl"] == ["66080"] or item[1]["userAccountControl"] == ["544"] or item[1]["userAccountControl"] == ["262656"] or item[1]["userAccountControl"] == ["262688"] or item[1]["userAccountControl"] == ["328192"] or item[1]["userAccountControl"] == ["328224"]:
if item[1].has_key("proxyAddresses"):
addresslist = item[1]["proxyAddresses"]
for address in addresslist:
if "SMTP:" in address or "smtp:" in address:
self.addresslist.append(address[5:].lower())
counter += 1
self.count = counter
except ldap.LDAPError, error_message:
pass
try:
instance.unbind()
except ldap.LDAPError, error_message:
pass
if __name__ == "__main__":
getmailadobj = getmailad("ldap://dc2.aec.at", "davidsa@aec.at", "secret", "ou=users,ou=adm,dc=aec,dc=at")
getmailadobj.get()
for item in getmailadobj.addresslist:
print item
print "\nMail addresses found: %i" %(getmailadobj.count)
#end of file

0
htpasswd.py Normal file → Executable file
View File

View File

@ -1,14 +0,0 @@
#!/bin/bash
## import cacert root certificate (imports to system, works for chromium)
sudo apt-get install libnss3-tools wget
wget -O cacert-root.crt "http://www.cacert.org/certs/root.crt"
wget -O cacert-class3.crt "http://www.cacert.org/certs/class3.crt"
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org" -i cacert-root.crt
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org Class 3" -i cacert-class3.crt
rm cacert-root.crt
rm cacert-class3.crt
# source: http://wiki.cacert.org/BrowserClients

View File

@ -23,7 +23,7 @@ for package in $packages; do
link=$(curl -s "$baselink/$package" | grep "Download tarball" | sed 's/"/\ /g' | awk '{print $3}')
cd /tmp/$tmpfolder
wget "https://aur.archlinux.org$link" && tar xzf *
wget "https://aur.archlinux.org$link" && tar xzf *
cd $package; makepkg -s
if [ $? -eq 0 ]; then
@ -36,5 +36,4 @@ for package in $packages; do
done
echo; echo "everything done"; echo
echo "info: everything done"

View File

@ -1,85 +0,0 @@
#!/bin/bash
#enable IPv4 Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
#Drop IMCP from broadcast multicast
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
#Enable TCP SYN Cookie Protection from SYN Floods
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
#Don't accept ICMP redirect messages
echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects
#Don't send ICMP redirect messages
echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects
#Enable source address ARP spoofing
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
#Flush chains
iptables --flush
#Set default policies
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
#Allow unlimited Loopback Traffic
iptables -A INPUT -i lo -m state --state NEW -j ACCEPT
iptables -A OUTPUT -o lo -m state --state NEW -j ACCEPT
#Allow ICMP
iptables -A INPUT -p ICMP -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p ICMP -m state --state NEW -j ACCEPT
iptables -A FORWARD -p ICMP -m state --state NEW -j ACCEPT
#enable Masquerading (NAT)
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#allow Internet Access for internal
iptables -A FORWARD -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
#allow ACCESS to VPN from internal
iptables -A FORWARD -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
#allow everything from VPN
iptables -A INPUT -i tun0 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -o tun0 -m state --state NEW -j ACCEPT
iptables -A FORWARD -i tun0 -m state --state NEW -j ACCEPT
iptables -A FORWARD -o tun0 -m state --state NEW -j ACCEPT
#allow VPN
iptables -A INPUT -p udp --dport 1194 -m state --state NEW -j ACCEPT
#iptables -A OUTPUT -p udp --dport 1194 -m state --state NEW -j ACCEPT
#allow Updates,DNS, NTP, DHCP and SSH outgoing
iptables -A OUTPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p tcp --dport 123 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p udp --dport 123 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p udp --dport 68 -m state --state NEW -j ACCEPT
#allow DNS, SSH and DHCP incoming
#iptables -A INPUT -p udp --dport 67 -m state --state NEW -j ACCEPT
#iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
#iptables -A INPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT
#iptables -A INPUT -p udp --dport 53 -m state --state NEW -j ACCEPT
#allow incoming everything from internal
iptables -A OUTPUT -d 10.30.1.0/25 -m state --state NEW -j ACCEPT
iptables -A INPUT -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
#allow vpn server
iptables -A INPUT -s 10.30.0.1 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -d 10.30.0.1 -m state --state NEW -j ACCEPT
iptables -A FORWARD -s 10.30.0.1 -m state --state NEW -j ACCEPT
iptables -A FORWARD -d 10.30.0.1 -m state --state NEW -j ACCEPT
#allow established connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

View File

@ -1,3 +0,0 @@
net use S: \\wh13.aec.at\AE-Solutions /PERSISTENT:yes
#net use S: \\wh13.aec.at\systembetrieb /PERSISTENT:yes

View File

@ -1,27 +0,0 @@
#!/bin/bash
i=1
j=1
threshold=850
while [ 2 -gt 1 ]; do
echo "run count: $i"
sleep 30
mem=$(free -m | grep + | awk '{print $3}')
echo " used memory: $mem"
echo " threshold: $threshold"
if [ $mem -gt $threshold ]; then
echo " memory usage too high"
echo " too high mem count: $j (apache will be restarted if count reaches 10)"
let j++
if [ $j -gt 10 ]; then
echo " resetting apache to clear memory"
/etc/init.d/apache2 restart
j=1
fi
else
echo " memory below threshold"
fi
let i++
done
exit 0

View File

@ -1,11 +0,0 @@
#!/bin/bash
if [ -z $1 ]; then
vncserver -kill :1
vncserver -geometry 1280x720 -alwaysshared -dpi 96 -localhost :1
echo "vncserver at :1 was restarted"
else
vncserver -kill $1
vncserver -geometry 1280x720 -alwaysshared -dpi 96 -localhost $1
echo "vncserver at $1 was restarted"
fi

View File

@ -1,14 +0,0 @@
#!/bin/sh
list=$(ls -lR /srv/storage/prix_2012 | grep -e ^l | awk '{print $10}')
count=0
for line in $list; do
echo $line
#rm -r $line
count=$((count+1))
done
echo "count: $count"

View File

@ -1,3 +0,0 @@
#!/bin/bash
sudo -u piratebox nohup python2 /srv/piratebox/droopy.py -m "anonymous filesharing" --dl -d /srv/piratebox/files/ -p /srv/piratebox/piratebox.jpg 8000 &

View File

@ -1,15 +0,0 @@
#!/bin/bash
if [ -z $1 ]; then
echo "usage: vncconnect.sh <remote-ip>"
exit 1
else
hostname=$1
echo "digging ssh tunnel to $hostname"; sleep 1
ssh $hostname -L 8900/localhost/5901 "sleep 05 && exit" &
sleep 02
vncviewer localhost:8900
echo "killed ssh tunnel to $hostname and ended vnc session"
fi
#end of file

View File

@ -1,7 +0,0 @@
#!/bin/bash
wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant_socialnerds.conf
sleep 5
dhcpcd wlan0