The Troll's fabrications
#!/bin/bash ipt=$(which iptables) #### on commence par cleaner complètement les règles existantes $ipt -F $ipt -X $ipt -P INPUT ACCEPT $ipt -P OUTPUT ACCEPT #### On laisse les connexions établies $ipt -A INPUT -m state --state established,related -j ACCEPT #### On va être cool et mettre 2-3 trucs en whitelist $ipt -N SCAN_WHITELIST $ipt -A SCAN_WHITELIST -m iprange --src-range xx.xx.xx.xx-yy.yy.yy.yy -j ACCEPT $ipt -A SCAN_WHITELIST -s zz.zz.zz.zz -j ACCEPT #### Filtre des packets : on veut du propre uniquement $ipt -N badPacks ## on fait passer dans la whitelist... $ipt -A badPacks -j SCAN_WHITELIST $ipt -A badPacks -p tcp -m state --state NEW -m tcp ! --tcp-flags \ SYN,RST,ACK SYN -j REJECT --reject-with tcp-reset $ipt -A badPacks -m state --state invalid -j REJECT $ipt -A badPacks -j RETURN #### De quoi ralentir les scan #### (radical contre la majorité des scriptkiddies) $ipt -N scanning ## on fait passer dans la whitelist... $ipt -A scanning -j SCAN_WHITELIST $ipt -A scanning -i eth0 -m state --state NEW -m recent --set --name SCAN1 $ipt -A scanning -i eth0 -m state --state NEW -m recent --update \ --seconds 90 --hitcount 10 --rttl --name SCAN1 -j REJECT $ipt -A scanning -i eth0 -m state --state NEW -m recent --set --name SCAN2 $ipt -A scanning -i eth0 -m state --state NEW -m recent --update \ --seconds 180 --hitcount 10 --rttl --name SCAN2 -j REJECT $ipt -A scanning -j RETURN #### Et on applique $ipt -A INPUT -j scanning $ipt -A INPUT -j badPacks #### Tout ce qui vient de localhost : Ok $ipt -A INPUT -i lo -j ACCEPT $ipt -A OUTPUT -o lo -j ACCEPT $ipt -A INPUT -i 127.0.0.1 -j ACCEPT $ipt -A OUTPUT -o 127.0.0.1 -j ACCEPT #### On ouvre quelques ports $ipt -A INPUT -p tcp --dport 22 -j ACCEPT $ipt -A INPUT -p tcp --dport 53 -j ACCEPT $ipt -A INPUT -p tcp --dport 80 -j ACCEPT
$ lspci 00:00.0 Host bridge: Intel Corporation Mobile 945GME Express Memory Controller Hub (rev 03) 00:02.0 VGA compatible controller: Intel Corporation Mobile 945GME Express Integrated Graphics Controller (rev 03) 00:02.1 Display controller: Intel Corporation Mobile 945GM/GMS/GME, 943/940GML Express Integrated Graphics Controller (rev 03) 00:1b.0 Audio device: Intel Corporation 82801G (ICH7 Family) High Definition Audio Controller (rev 02) 00:1c.0 PCI bridge: Intel Corporation 82801G (ICH7 Family) PCI Express Port 1 (rev 02) 00:1c.1 PCI bridge: Intel Corporation 82801G (ICH7 Family) PCI Express Port 2 (rev 02) 00:1c.2 PCI bridge: Intel Corporation 82801G (ICH7 Family) PCI Express Port 3 (rev 02) 00:1c.3 PCI bridge: Intel Corporation 82801G (ICH7 Family) PCI Express Port 4 (rev 02) 00:1d.0 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #1 (rev 02) 00:1d.1 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #2 (rev 02) 00:1d.2 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #3 (rev 02) 00:1d.3 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #4 (rev 02) 00:1d.7 USB Controller: Intel Corporation 82801G (ICH7 Family) USB2 EHCI Controller (rev 02) 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev e2) 00:1f.0 ISA bridge: Intel Corporation 82801GBM (ICH7-M) LPC Interface Bridge (rev 02) 00:1f.2 IDE interface: Intel Corporation 82801GBM/GHM (ICH7 Family) SATA IDE Controller (rev 02) 00:1f.3 SMBus: Intel Corporation 82801G (ICH7 Family) SMBus Controller (rev 02) 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8101E/RTL8102E PCI Express Fast Ethernet controller (rev 02) 03:00.0 Ethernet controller: Atheros Communications Inc. AR242x 802.11abg Wireless PCI Express Adapter (rev 01)
GPSDPID="/var/run/gpsd.pid" CONTROL_DEVICE="/dev/ttyACM1" GPS_DEVICE="/dev/ttyACM2" PIN="" APN="gprs.swisscom.ch" powerup_F3507g () { echo -n "Powering up F3507g card.." echo 1 > /sys/devices/platform/thinkpad_acpi/wwan_enable while [ ! -c $CONTROL_DEVICE ]; do sleep 0.5; echo -n "."; done echo "done" echo -n "Turning on F3507g card..." sleep 3 if [ -n "$PIN" ]; then /usr/sbin/chat -v "" "AT+CPIN?" "SIM PIN" "AT" "OK" "AT+CPIN=\"$PIN\"" "OK" > $CONTROL_DEVICE < $CONTROL_DEVICE fi /usr/sbin/chat -v "" "AT+CPIN?" "READY" "AT+CFUN=1" "+PACSP0" "AT" "OK" > $CONTROL_DEVICE < $CONTROL_DEVICE echo "done" } powerdown_F3507g () { echo -n "Turning off F3507g card..." /usr/sbin/chat -v "" "AT+CFUN=4" "OK" > $CONTROL_DEVICE < $CONTROL_DEVICE echo "done" echo -n "Powering down F3507g card.." echo 0 > /sys/devices/platform/thinkpad_acpi/wwan_enable while [ -c $CONTROL_DEVICE ]; do sleep 0.5; echo -n "."; done echo "done" } configure_GPS () { /usr/sbin/chat -v "" "AT*E2GPSCTL=$1,$2,$3" "OK" > $CONTROL_DEVICE < $CONTROL_DEVICE } turnon_GPS () { echo -n "Starting NMEA stream on $GPS_DEVICE..." configure_GPS 1 1 1 sleep 1 /usr/sbin/chat -v "" "AT*E2GPSNPD" "GPGGA" > $GPS_DEVICE < $GPS_DEVICE start-stop-daemon --start --exec /usr/sbin/gpsd -- -P $GPSDPID $GPS_DEVICE echo "done" } turnoff_GPS () { echo -n "Stopping NMEA stream on $GPS_DEVICE..." start-stop-daemon --stop --pidfile $GPSDPID configure_GPS 0 1 0 echo "done" turnoff_F3507g } turnon_usbnet () { echo -n "Starting usbnet connection..." /usr/sbin/chat -v "" "AT+CGDCONT=1,\"IP\",\"$APN\"" "OK" "AT*ENAP=1,1" "OK" > $CONTROL_DEVICE < $CONTROL_DEVICE echo "done" } turnoff_usbnet () { echo -n "Stopping usbnet connection..." /usr/sbin/chat -v "" "AT*ENAP=0" "OK" > $CONTROL_DEVICE < $CONTROL_DEVICE echo "done" turnoff_F3507g } turnoff_F3507g () { ifdown_F3507g } ifdown_F3507g () { powerdown_F3507g } usage () { echo "$0 <action>" echo " start-wwan: start your modem" echo " stop-wwan: stop your modem" echo " start-gps: start your GPS and gpsd" echo " stop-gps: stop xour GPS and gpsd" } if [ $# -eq 1 ]; then case $1 in 'start-wwan') powerup_F3507g turnon_usbnet dhclient usb0 &>/dev/null ;; 'start-gps') powerup_F3507g turnon_GPS ;; 'stop-wwan') turnoff_usbnet ;; 'stop-gps') turnoff_GPS ;; *) usage ;; esac else usage fi exit 0
ao=alsa channels=6 vo=vdpau vc=ffh264vdpau cache=8192
#!/bin/bash IAM=$0 FILE=$1 #if no input display usage if [[ -z "$FILE" ]]; then echo usage: $0 /path/to/file exit fi MPLAYER=/usr/bin/mplayer # Options for all videos: fullscreen, SPDIF passthrough DTS/AC3 BASIC_OPTS="-fs -zoom -quiet -ao alsa:device=iec958 -ac hwdts,hwac3," # Options for non-HD videos: force aspect to 16x9 (to ensure video fills TV screen) NOHD_OPTS="-aspect 16:9" # Options for normal and lowres videos: use XV w/deinterlace filter, force 16x9 LOW_OPTS="-aspect 16:9 -vf yadif=3:1 -pp 0x33 -vo xv" VWIDTH=$($MPLAYER -identify -vo vdpau -frames 0 "$FILE" | grep ID_VIDEO_WIDTH | cut -c 16-25) VCODEC=$($MPLAYER -identify -vo vdpau -frames 0 "$FILE" | grep ID_VIDEO_CODEC | cut -c 16-25) # all following echo commands can be uncommented for debug info #echo "VIDEO CODEC: $VCODEC" #echo "VIDEO WIDTH: $VWIDTH" # Test for codec, if it's supported by VDPAU, set options to use it. Then, check if the video is in HD, # and if it's not, set non-HD options. case $VCODEC in ffh264) #echo -e "Playing h.264 file $FILE:\n" MPLAYEROPTS="$BASIC_OPTS -vo vdpau -vc ffh264vdpau" if [ $VWIDTH -lt 1280 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$MPLAYEROPTS $NOHD_OPTS" fi if [ $VWIDTH -lt 700 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$BASIC_OPTS $LOW_OPTS" fi ;; ffmpeg2) #echo -e "Playing MPEG2 file $FILE:\n" MPLAYEROPTS="$BASIC_OPTS -vo vdpau -vc ffmpeg12vdpau" if [ $VWIDTH -lt 1280 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$MPLAYEROPTS $NOHD_OPTS" fi if [ $VWIDTH -lt 700 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$BASIC_OPTS $LOW_OPTS" fi ;; ffwmv3) #echo -e "Playing WMV3 file $FILE:\n" MPLAYEROPTS="$BASIC_OPTS -vo vdpau -vc ffwmv3vdpau" if [ $VWIDTH -lt 1280 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$MPLAYEROPTS $NOHD_OPTS" fi if [ $VWIDTH -lt 700 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$BASIC_OPTS $LOW_OPTS" fi ;; # VC-1 is largely unsupported by nvidia - uncomment this section if you're sure your card supports it. ffvc1) #echo -e "Playing VC-1 file $FILE:\n" MPLAYEROPTS="$BASIC_OPTS -vo vdpau -vc ffvc1vdpau" if [ $VWIDTH -lt 1280 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$MPLAYEROPTS $NOHD_OPTS" fi if [ $VWIDTH -lt 700 ] && [ $VWIDTH != 0 ]; then MPLAYEROPTS="$BASIC_OPTS $LOW_OPTS" fi ;; *) #echo -e "Playing normal file $FILE:\n" # Use XV and yadif filter with 'normal' (DiVX, XViD, old WMV, etc.) files, and force 16:9 # -vf filters only seem to work with XV, or at least they don't work w/VDPAU MPLAYEROPTS="$BASIC_OPTS $LOW_OPTS" ;; esac #echo "mplayer options are: $MPLAYEROPTS" $MPLAYER $MPLAYEROPTS "$FILE"
/dev/md2 / reiserfs defaults 0 0
/dev/mapper/vg0-usr /usr reiserfs defaults 0 0
/dev/mapper/vg0-var /var reiserfs defaults 0 0
/dev/mapper/vg0-www /var/www reiserfs defaults 0 0
/dev/mapper/vg0-portage /usr/portage reiserfs defaults,noexec 0 0
/dev/mapper/vg0-home /home reiserfs defaults,noexec 0 0
/dev/mapper/vg0-tmp /tmp reiserfs defaults 0 0
/dev/mapper/vg0-swap none swap sw 0 0
/dev/mapper/vg0-tiles /var/cache/tiles reiserfs defaults 0 0
/dev/mapper/vg0-backups /var/backups reiserfs defaults 0 0
$ipt -A INPUT -i eth0 -p icmp -m limit --limit 30/minute -j ACCEPT
41 packets transmitted, 24 received, 41% packet loss, time 40153ms rtt min/avg/max/mdev = 33.459/36.091/38.764/1.796 ms
201 packets transmitted, 6 received, 97% packet loss, time 2664ms rtt min/avg/max/mdev = 34.533/35.892/38.487/1.276 ms, pipe 4, ipg/ewma 13.324/35.603 ms
$ipt -A INPUT -i eth0 -p udp -m limit --limit 5/s -j ACCEPT
hping2 -i u10000 -2 nimo.internux.ch HPING nimo.internux.ch (eth0 78.46.64.14): udp mode set, 28 headers + 0 data bytes ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ICMP Port Unreachable from ip=78.46.64.14 name=dns.akemi.internux.ch ^C --- nimo.internux.ch hping statistic --- 704 packets tramitted, 12 packets received, 99% packet loss round-trip min/avg/max = 0.0/0.0/0.0 ms
$ lspci | grep -i multimedia 01:09.0 Multimedia controller: Philips SemiconductorsSAA7131/SAA7133/SAA7135 Video Broadcast Decoder (rev d1)
$ lsmod
Module Size Used by
tda1004x 17220 1
saa7134_dvb 22220 0
videobuf_dvb 7108 1 saa7134_dvb
dvb_core 75932 2 saa7134_dvb,videobuf_dvb
tda827x 11972 2
tda8290 15492 1
tuner 25356 0
saa7134 150044 2 saa7134_dvb
ir_common 38916 1 saa7134
videobuf_dma_sg 13572 2 saa7134_dvb,saa7134
videobuf_core 18436 3 videobuf_dvb,saa7134,videobuf_dma_sg
tveeprom 15300 1 saa7134
#!/usr/bin/perl my %stream; $stream{'tsr1'} = '189.25'; $stream{'tsr2'} = '140.25'; $stream{'tf1'} = '503.25'; $stream{'france2'} = '182.25'; $stream{'france3'} = '196.25'; $stream{'arte'} = '133.25'; $stream{'tv5'} = '231.25'; $stream{'m6'} = '266.25'; $stream{'rtl9'} = '280.25'; $stream{'tmc'} = '119.25'; $stream{'planet'} = '375.25'; $stream{'cartoon'} = '391.25'; $stream{'mcm'} = '478.25'; $stream{'mezzo'} = '217.25'; $stream{'mtv'} = '273.25'; $stream{'bbcwn'} = '112.25'; $stream{'bbcprime'} = '399.25'; $stream{'cnbc'} = '527.25'; $stream{'cnn'} = '126.25'; if ($#ARGV == 0 ) { print $ARGV[0]."\n"; system("mplayer -slave -tv driver=v4l2:device=/dev/video0:\ freq=$stream{$ARGV[0]}:fps=25:input=0:amode=1:\ norm=PAL tv://"); } else { print "Available channels :\n"; for my $chan (sort keys %stream) { print $chan."\n"; } }
hardstatus alwayslastline "%{= kg}[%{+b kM}%d/%m/%Y,%c:%s%{-b kg}]-[%{+b kY}%l%{-b kg}] \ %{-b kG}%-Lw%{+b rY}%50>%n%f* %t%{-b kG}%+Lw%< %=%{-b kg}[%{+b kB}%H %{-b kg}]" encoding UTF-8 log on vbell off screen zsh screen zsh
Fri Dec 7 19:20:44 2007 >>> app-office/openoffice-2.3.1
merge time: 4 hours, 43 minutes and 20 seconds.
Thu Feb 7 22:25:47 2008 >>> app-office/openoffice-2.3.1-r1
merge time: 2 hours, 18 minutes.
[ssh-iptables] enabled = true filter = sshd action = iptables[name=SSH, port=ssh, protocol=tcp] sendmail-whois[name=SSH, dest=titi@toto.com, sender=fail2ban@toto.com] savetopostgres[name=SSH] logpath = /var/log/auth.log maxretry = 5
[Definition] actionstart = actionstop = actioncheck = actionban = <psqlpath> -h localhost -U <psqlusr> -c "insert into fail2ban (date, ip, type) values (now(), '<ip>', '<name>')" -d <psqldbname> actionunban = [Init] psqldbname = fail2ban psqlusr = titi psqlpath = /usr/bin/psql psqlcmd = insert into fail2ban (date, ip, type) values (now(), '<ip>', '<name>')
debootstrap --arch=i386 squeeze /mnt/debootstrat [url]http://mirror.switch.ch/ftp/mirror/debian/[/url]
mount -o bind /dev /mnt/cf/dev
cp -L /etc/resolv.conf /mnt/cf/etc
chroot /mnt/cf/etc /bin/bash
vim.tiny /etc/apt/sources.list
deb [url]http://mirror.switch.ch/ftp/mirror/debian[/url] squeeze main non-free contrib
apt-get install cups screen vim openssh-server linux-image-486 grub
cat /etc/fstab proc /proc proc defaults 0 0 /dev/hda1 / ext3 errors=remount-ro 0 1 tmpfs /var/tmp tmpfs size=96M 0 0 tmpfs /var/log tmpfs size=96M 0 0 cat /etc/init.d/ramfs-logs #! /bin/sh ### BEGIN INIT INFO # Provides: ramfs # Required-Start: mountall # Required-Stop: # Default-Start: S # Default-Stop: # Short-Description: copy /var/log content in ramdisk # Description: copy /var/log content in ramdisk ### END INIT INFO case "$1" in start) echo "Copying /var/log contents to ramdisk" cp -a /var/disk-log/* /var/log/ ;; stop) echo "Copying /var/log contents to disk" cp -a /var/log/* /var/disk-log/ ;; *) echo "Usage: ramfs.sh [start|stop]" >&2 exit 3 ;; esac update-rc.d ramfs-logs start 37 S . stop 99 .
Copyright (c) 2009 akemi.internux.ch. All rights reserved. Design by Free CSS Templates.
