repo cleanup, moved alot of stuff to wiki
This commit is contained in:
parent
c1b4c585c7
commit
4d1c9b349f
|
@ -0,0 +1,42 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# archlinux yaourt installer
|
||||||
|
|
||||||
|
baselink="https://aur.archlinux.org/packages"
|
||||||
|
packages="package-query yaourt"
|
||||||
|
#uncomment following for passing the packages as option
|
||||||
|
#if [ -z $1 ]; then
|
||||||
|
# echo "usage: ./install_yaourt.sh <list of packages>"
|
||||||
|
# exit 1
|
||||||
|
#fi
|
||||||
|
#packages="$*"
|
||||||
|
tmpfolder="getyaourt"
|
||||||
|
|
||||||
|
sudo pacman -Syu
|
||||||
|
|
||||||
|
for package in $packages; do
|
||||||
|
|
||||||
|
if [ -d /tmp/$tmpfolder ]; then
|
||||||
|
rm -rf /tmp/$tmpfolder #use sudo on a multiuser system
|
||||||
|
fi
|
||||||
|
|
||||||
|
mkdir /tmp/$tmpfolder
|
||||||
|
|
||||||
|
|
||||||
|
link=$(curl -s "$baselink/$package" | grep "Download tarball" | sed 's/"/\ /g' | awk '{print $3}')
|
||||||
|
cd /tmp/$tmpfolder
|
||||||
|
wget "https://aur.archlinux.org$link" && tar xzf *
|
||||||
|
|
||||||
|
cd $package; makepkg -s
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
sudo pacman -U *.xz
|
||||||
|
else
|
||||||
|
echo "error: could not source PKGBUILD"
|
||||||
|
fi
|
||||||
|
cd - > /dev/null
|
||||||
|
rm -rf /tmp/$tmpfolder
|
||||||
|
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "info: everything done"
|
||||||
|
|
|
@ -1,54 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#config section
|
|
||||||
|
|
||||||
filename="deleteme.dd"
|
|
||||||
logfile="connection_test.log"
|
|
||||||
|
|
||||||
size="10" #MB
|
|
||||||
#size=$2
|
|
||||||
|
|
||||||
#connection_string="david@dooku.aec.at"
|
|
||||||
connection_string=$1
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#functions
|
|
||||||
timestamp()
|
|
||||||
{
|
|
||||||
|
|
||||||
date "+%c"
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#script start
|
|
||||||
|
|
||||||
|
|
||||||
echo "[$(timestamp)] - generationg local temp file ($filename)"
|
|
||||||
#appending a "k" to $size
|
|
||||||
size=$(echo $size"k")
|
|
||||||
dd if=/dev/zero of=/tmp/$filename bs=1024 count=$size &> $logfile
|
|
||||||
|
|
||||||
echo "[$(timestamp)] - starting upload test"
|
|
||||||
scp -v /tmp/$filename $connection_string:/tmp/$filename &> $logfile
|
|
||||||
Bps=$(cat deleteme.log | grep "Bytes per second" | awk '{print $5}')
|
|
||||||
count=${#Bps}; count=$((count-1)); Bps=${Bps:0:$count}
|
|
||||||
echo "[$(timestamp)] - upload speed: $Bps Bytes/s"
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#clean up
|
|
||||||
echo "[$(timestamp)] - removing temp files"
|
|
||||||
rm /tmp/$filename
|
|
||||||
rm $logfile
|
|
||||||
|
|
||||||
|
|
||||||
exit 0
|
|
||||||
#end of script
|
|
76
getmailad.py
76
getmailad.py
|
@ -1,76 +0,0 @@
|
||||||
#!/usr/bin/python2 -B
|
|
||||||
|
|
||||||
|
|
||||||
#resources
|
|
||||||
#http://www.netvision.com/ad_useraccountcontrol.php
|
|
||||||
#http://fsuid.fsu.edu/admin/lib/WinADLDAPAttributes.html#RANGE!B28
|
|
||||||
|
|
||||||
#author: david@socialnerds.org
|
|
||||||
|
|
||||||
|
|
||||||
class getmailad(object):
|
|
||||||
|
|
||||||
""" get all email addresses from enabled
|
|
||||||
users/groups from active directory """
|
|
||||||
|
|
||||||
""" tested with windows 2003 domain """
|
|
||||||
|
|
||||||
def __init__(self, ldap_server, bind_dn, bind_pass, base_dn):
|
|
||||||
|
|
||||||
self.addresslist = []
|
|
||||||
self.count = 0
|
|
||||||
|
|
||||||
self._ldap_server = ldap_server
|
|
||||||
self._bind_dn = bind_dn
|
|
||||||
self._bind_pass = bind_pass
|
|
||||||
self._base_dn = base_dn
|
|
||||||
|
|
||||||
|
|
||||||
def get(self):
|
|
||||||
|
|
||||||
""" connect to active directory and get
|
|
||||||
a list of email addresses """
|
|
||||||
|
|
||||||
import ldap
|
|
||||||
|
|
||||||
try:
|
|
||||||
instance = ldap.initialize(self._ldap_server)
|
|
||||||
instance.simple_bind_s(self._bind_dn, self._bind_pass)
|
|
||||||
|
|
||||||
|
|
||||||
#ldap querry
|
|
||||||
result = instance.search_s(self._base_dn, ldap.SCOPE_SUBTREE, ("cn=*"), ["mail", "proxyAddresses", "userAccountControl"])
|
|
||||||
|
|
||||||
|
|
||||||
counter = 0
|
|
||||||
for item in result:
|
|
||||||
if item[1].has_key("userAccountControl"):
|
|
||||||
if item[1]["userAccountControl"] == ["512"] or item[1]["userAccountControl"] == ["66048"] or item[1]["userAccountControl"] == ["66080"] or item[1]["userAccountControl"] == ["544"] or item[1]["userAccountControl"] == ["262656"] or item[1]["userAccountControl"] == ["262688"] or item[1]["userAccountControl"] == ["328192"] or item[1]["userAccountControl"] == ["328224"]:
|
|
||||||
if item[1].has_key("proxyAddresses"):
|
|
||||||
addresslist = item[1]["proxyAddresses"]
|
|
||||||
for address in addresslist:
|
|
||||||
if "SMTP:" in address or "smtp:" in address:
|
|
||||||
self.addresslist.append(address[5:].lower())
|
|
||||||
counter += 1
|
|
||||||
self.count = counter
|
|
||||||
|
|
||||||
except ldap.LDAPError, error_message:
|
|
||||||
pass
|
|
||||||
|
|
||||||
try:
|
|
||||||
instance.unbind()
|
|
||||||
except ldap.LDAPError, error_message:
|
|
||||||
pass
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
getmailadobj = getmailad("ldap://dc2.aec.at", "davidsa@aec.at", "secret", "ou=users,ou=adm,dc=aec,dc=at")
|
|
||||||
getmailadobj.get()
|
|
||||||
for item in getmailadobj.addresslist:
|
|
||||||
print item
|
|
||||||
print "\nMail addresses found: %i" %(getmailadobj.count)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#end of file
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
## import cacert root certificate (imports to system, works for chromium)
|
|
||||||
|
|
||||||
sudo apt-get install libnss3-tools wget
|
|
||||||
|
|
||||||
wget -O cacert-root.crt "http://www.cacert.org/certs/root.crt"
|
|
||||||
wget -O cacert-class3.crt "http://www.cacert.org/certs/class3.crt"
|
|
||||||
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org" -i cacert-root.crt
|
|
||||||
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org Class 3" -i cacert-class3.crt
|
|
||||||
rm cacert-root.crt
|
|
||||||
rm cacert-class3.crt
|
|
||||||
|
|
||||||
# source: http://wiki.cacert.org/BrowserClients
|
|
|
@ -23,7 +23,7 @@ for package in $packages; do
|
||||||
|
|
||||||
link=$(curl -s "$baselink/$package" | grep "Download tarball" | sed 's/"/\ /g' | awk '{print $3}')
|
link=$(curl -s "$baselink/$package" | grep "Download tarball" | sed 's/"/\ /g' | awk '{print $3}')
|
||||||
cd /tmp/$tmpfolder
|
cd /tmp/$tmpfolder
|
||||||
wget "https://aur.archlinux.org$link" && tar xzf *
|
wget "https://aur.archlinux.org$link" && tar xzf *
|
||||||
|
|
||||||
cd $package; makepkg -s
|
cd $package; makepkg -s
|
||||||
if [ $? -eq 0 ]; then
|
if [ $? -eq 0 ]; then
|
||||||
|
@ -36,5 +36,4 @@ for package in $packages; do
|
||||||
|
|
||||||
done
|
done
|
||||||
|
|
||||||
echo; echo "everything done"; echo
|
echo "info: everything done"
|
||||||
|
|
||||||
|
|
85
iptables.sh
85
iptables.sh
|
@ -1,85 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
#enable IPv4 Forwarding
|
|
||||||
echo 1 > /proc/sys/net/ipv4/ip_forward
|
|
||||||
|
|
||||||
#Drop IMCP from broadcast multicast
|
|
||||||
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
|
|
||||||
|
|
||||||
#Enable TCP SYN Cookie Protection from SYN Floods
|
|
||||||
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
|
|
||||||
|
|
||||||
#Don't accept ICMP redirect messages
|
|
||||||
echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects
|
|
||||||
|
|
||||||
#Don't send ICMP redirect messages
|
|
||||||
echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects
|
|
||||||
|
|
||||||
#Enable source address ARP spoofing
|
|
||||||
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
|
|
||||||
|
|
||||||
#Flush chains
|
|
||||||
iptables --flush
|
|
||||||
|
|
||||||
#Set default policies
|
|
||||||
iptables --policy INPUT DROP
|
|
||||||
iptables --policy OUTPUT DROP
|
|
||||||
iptables --policy FORWARD DROP
|
|
||||||
|
|
||||||
#Allow unlimited Loopback Traffic
|
|
||||||
iptables -A INPUT -i lo -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -o lo -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#Allow ICMP
|
|
||||||
iptables -A INPUT -p ICMP -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p ICMP -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A FORWARD -p ICMP -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#enable Masquerading (NAT)
|
|
||||||
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
||||||
|
|
||||||
#allow Internet Access for internal
|
|
||||||
iptables -A FORWARD -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow ACCESS to VPN from internal
|
|
||||||
iptables -A FORWARD -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow everything from VPN
|
|
||||||
iptables -A INPUT -i tun0 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -o tun0 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A FORWARD -i tun0 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A FORWARD -o tun0 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow VPN
|
|
||||||
iptables -A INPUT -p udp --dport 1194 -m state --state NEW -j ACCEPT
|
|
||||||
#iptables -A OUTPUT -p udp --dport 1194 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow Updates,DNS, NTP, DHCP and SSH outgoing
|
|
||||||
iptables -A OUTPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p tcp --dport 123 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p udp --dport 123 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p udp --dport 68 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow DNS, SSH and DHCP incoming
|
|
||||||
#iptables -A INPUT -p udp --dport 67 -m state --state NEW -j ACCEPT
|
|
||||||
#iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
|
|
||||||
#iptables -A INPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT
|
|
||||||
#iptables -A INPUT -p udp --dport 53 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow incoming everything from internal
|
|
||||||
iptables -A OUTPUT -d 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A INPUT -s 10.30.1.0/25 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow vpn server
|
|
||||||
iptables -A INPUT -s 10.30.0.1 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A OUTPUT -d 10.30.0.1 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A FORWARD -s 10.30.0.1 -m state --state NEW -j ACCEPT
|
|
||||||
iptables -A FORWARD -d 10.30.0.1 -m state --state NEW -j ACCEPT
|
|
||||||
|
|
||||||
#allow established connections
|
|
||||||
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
||||||
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
||||||
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
|
@ -1,3 +0,0 @@
|
||||||
net use S: \\wh13.aec.at\AE-Solutions /PERSISTENT:yes
|
|
||||||
|
|
||||||
#net use S: \\wh13.aec.at\systembetrieb /PERSISTENT:yes
|
|
|
@ -1,27 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
i=1
|
|
||||||
j=1
|
|
||||||
threshold=850
|
|
||||||
while [ 2 -gt 1 ]; do
|
|
||||||
echo "run count: $i"
|
|
||||||
sleep 30
|
|
||||||
mem=$(free -m | grep + | awk '{print $3}')
|
|
||||||
echo " used memory: $mem"
|
|
||||||
echo " threshold: $threshold"
|
|
||||||
if [ $mem -gt $threshold ]; then
|
|
||||||
echo " memory usage too high"
|
|
||||||
echo " too high mem count: $j (apache will be restarted if count reaches 10)"
|
|
||||||
let j++
|
|
||||||
if [ $j -gt 10 ]; then
|
|
||||||
echo " resetting apache to clear memory"
|
|
||||||
/etc/init.d/apache2 restart
|
|
||||||
j=1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
echo " memory below threshold"
|
|
||||||
fi
|
|
||||||
let i++
|
|
||||||
done
|
|
||||||
|
|
||||||
exit 0
|
|
|
@ -1,11 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
if [ -z $1 ]; then
|
|
||||||
vncserver -kill :1
|
|
||||||
vncserver -geometry 1280x720 -alwaysshared -dpi 96 -localhost :1
|
|
||||||
echo "vncserver at :1 was restarted"
|
|
||||||
else
|
|
||||||
vncserver -kill $1
|
|
||||||
vncserver -geometry 1280x720 -alwaysshared -dpi 96 -localhost $1
|
|
||||||
echo "vncserver at $1 was restarted"
|
|
||||||
fi
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
list=$(ls -lR /srv/storage/prix_2012 | grep -e ^l | awk '{print $10}')
|
|
||||||
count=0
|
|
||||||
|
|
||||||
for line in $list; do
|
|
||||||
echo $line
|
|
||||||
#rm -r $line
|
|
||||||
count=$((count+1))
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "count: $count"
|
|
||||||
|
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
sudo -u piratebox nohup python2 /srv/piratebox/droopy.py -m "anonymous filesharing" --dl -d /srv/piratebox/files/ -p /srv/piratebox/piratebox.jpg 8000 &
|
|
|
@ -1,15 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
if [ -z $1 ]; then
|
|
||||||
echo "usage: vncconnect.sh <remote-ip>"
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
hostname=$1
|
|
||||||
echo "digging ssh tunnel to $hostname"; sleep 1
|
|
||||||
ssh $hostname -L 8900/localhost/5901 "sleep 05 && exit" &
|
|
||||||
sleep 02
|
|
||||||
vncviewer localhost:8900
|
|
||||||
echo "killed ssh tunnel to $hostname and ended vnc session"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#end of file
|
|
|
@ -1,7 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant_socialnerds.conf
|
|
||||||
|
|
||||||
sleep 5
|
|
||||||
|
|
||||||
dhcpcd wlan0
|
|
Loading…
Reference in New Issue