Skip to content

Instantly share code, notes, and snippets.

View riobard's full-sized avatar

Rio riobard

1k followers · 64 following
View GitHub Profile
@klzgrad
klzgrad / TLS指纹调查.md
Last active May 22, 2025 08:19
@Jimmy-Z
Jimmy-Z / services-start.sh
Created February 28, 2019 08:42
multi SSID with VLAN script, for ASUS AC86U with merlin
#!/bin/sh
# multi SSID with VLAN script, for ASUS AC86U with merlin
#
# setup before hand:
# set "router" to "AP Mode"
# this will put all ports and wireless in br0
# create 2 guest network
# enable Administration => System => Enable JFFS custom scripts and configs
# put this script in /jffs/scripts/, name should be "services-start"
@MawKKe
MawKKe / cryptsetup-with-luks2-and-integrity-demo.sh
Last active October 25, 2025 07:05
dm-crypt + dm-integrity + dm-raid = awesome!
#!/usr/bin/env bash
#
# Author: Markus (MawKKe) [email protected]
# Date: 2018-03-19
#
#
# What?
#
# Linux dm-crypt + dm-integrity + dm-raid (RAID1)
#
@Blankwonder
Blankwonder / Mac Pro (Late 2013, 3.5 GHz 6-Core Intel Xeon E5)
Created October 5, 2017 08:42
SS Benchmark
Generating random data (100.00MB)
Start benchmark rc4-md5
Encrypt data in 0.224s
Decrypt data in 0.222s
Start benchmark aes-128-cfb
Encrypt data in 0.599s
Decrypt data in 0.597s
Start benchmark aes-256-cfb
@daurnimator
daurnimator / main.c
Created September 30, 2015 01:01
OSX connectx sample from https://github.com/shadowsocks/shadowsocks/issues/399#issuecomment-126280454
#include <errno.h>
#include <stdio.h>
#include <unistd.h>
#include <netinet/tcp.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/socket.h>
int main(int argc, char **argv) {
int s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
@klzgrad
klzgrad / Naive-VPN.md
Created November 17, 2014 00:43
朴素VPN:一个纯内核级静态隧道

朴素VPN:一个纯内核级静态隧道

由于路由管控系统的建立,实时动态黑洞路由已成为最有效的封锁手段,TCP连接重置和DNS污染成为次要手段,利用漏洞的穿墙方法已不再具有普遍意义。对此应对方法是多样化协议的VPN来抵抗识别。这里介绍一种太简单、有时很朴素的“穷人VPN”。

朴素VPN只需要一次内核配置(Linux内核),即可永久稳定运行,不需要任何用户态守护进程。所有流量转换和加密全部由内核完成,原生性能,开销几乎没有。静态配置,避免动态握手和参数协商产生指纹特征导致被识别。并且支持NAT,移动的内网用户可以使用此方法。支持广泛,基于L2TPv3标准,Linux内核3.2+都有支持,其他操作系统原则上也能支持。但有两个局限:需要root权限;一个隧道只支持一个用户。

朴素VPN利用UDP封装的静态L2TP隧道实现VPN,内核XFRM实现静态IPsec。实际上IP-in-IP隧道即可实现VPN,但是这种协议无法穿越NAT,因此必须利用UDP封装。内核3.18将支持Foo-over-UDP,在UDP里面直接封装IP,与静态的L2TP-over-UDP很类似。

创建一个朴素VPN

@vavrecan
vavrecan / proxify.sh
Created September 30, 2014 16:46
Redsocks Router
#!/bin/bash
# This script will forward internet connection over redsocks proxy
# - Install redsocks and make it listen to any IP
# - Setup Wifi AP or ETH connection and DHCP server
# - Connect to ssh with -D 1080 parameter or start tor on port 1080
# - Run the script
INTERNET_INTERFACE=wlan0
SUBNET_INTERFACE=wlan1
@jjgod
jjgod / osx-video-decoding-efficiency.markdown
Last active August 29, 2015 13:57
CPU consumption numbers for current video players on OS X
@sos4nt
sos4nt / xterm-256color-italic.terminfo
Created July 27, 2012 12:13
A xterm-256color based TERMINFO that adds the escape sequences for italic
# A xterm-256color based TERMINFO that adds the escape sequences for italic.
#
# Install:
#
# tic xterm-256color-italic.terminfo
#
# Usage:
#
# export TERM=xterm-256color-italic
#