cd %~dp0
cmd /k “shadowsocks-local.exe -s fast.pennyjob.net -p 8080 -k pennyjob -m aes-256-cfb -b 127.0.0.1 -l 1080”
Category Archives: Uncategorized
更新华为路由器GRE对端IP(使用3322的动态DNS) update huawei GRE tunnel remote IP with 3322 DDNS dynamic DNS
ping ns1.3322.net > ping.log
if %errorlevel% neq 0 exit /b -1
ping ns2.3322.net >> ping.log
if %errorlevel% neq 0 exit /b -1
for /f “tokens=2” %%i in (‘nslookup 60go.f3322.org ns1.3322.net 2^>nul ^| findstr /n . ^| findstr “5:”‘) do set newip=%%i
if not “%newip%”==”%oldip%” (
echo %newip%>newip.txt
putty -ssh -l user -pw pass 192.168.4.1 -startup lua
echo %newip%>oldip.txt
exit /b 1
) else (
for /f “tokens=2” %%i in (‘nslookup 60go.f3322.org ns2.3322.net 2^>nul ^| findstr /n . ^| findstr “5:”‘) do set newip=%%i
if not “%newip%”==”%oldip%” (
echo %newip%>newip.txt
putty -ssh -l user -pw pass pass 192.168.4.1 -startup lua
echo %newip%>oldip.txt
exit /b 1
)
exit /b 0
)
squid man-in-the-middle https inspect SQUID 中间人攻击 HTTPS 内容审查
http://wiki.squid-cache.org/Features/SslBump
http://wiki.squid-cache.org/Features/MimicSslServerCert
SQUID SSL 安全代理 (只有CHROME和FIREFOX通过命令行或者PAC配置才支持)
http over SSL
Feature: HTTPS (HTTP Secure or HTTP over SSL/TLS)
http://wiki.squid-cache.org/Features/HTTPS
http://wiki.squid-cache.org/Features/DynamicSslCert
the dymanic ssl cert works with fedora 20 ‘s own squid package
but need squid start on command, not with service.
http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/myCA.pem
always_direct allow all
ssl_bump allow all
# the following two options are unsafe and not always necessary:
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
sslcrtd_children 5
/usr/lib64/squid/ssl_crtd -c -s /var/lib/ssl_db
chown -R squid
/var/lib/ssl_db
chmod -R 600
/var/lib/ssl_db
backup on update ( only those files that will be updated ) 批处理备份和更新文件
@echo off
::save this file as backuponcopy.bat
setlocal enableextensions
setlocal enabledelayedexpansion
@echo usage:
@echo backuponcopy.bat ^ ^ ^
set argcnt=0
for %%i in ( %* ) do set /a argcnt+=1
if %argcnt% lss 3 (
echo 缺少参数,3秒钟后退出……
ping -n 2 -w 3000 localhost > nul
exit /b 1
)
if not exist %1\nul (
echo 来源路径不存在,3秒钟后退出……
ping -n 2 -w 3000 localhost > nul
exit /b 1
)
if not exist %2\nul (
echo 目标路径不存在,3秒钟后退出……
ping -n 2 -w 3000 localhost > nul
exit /b 1
)
if not exist %3\nul (
echo 备份目录不存在,3秒钟后退出……
ping -n 2 -w 3000 localhost > nul
exit /b 1
)
echo 备份目录是: %3
for /f %%i in (‘wmic os get localdatetime /value ^| findstr .’) do set currdate=%%i
set backup=%3\%currdate:~14,8%
echo.本次的备份目录是: %backup%
::创建备份目标目录结构
xcopy /E /I /T /Y “%1” “%backup%”
::将产品文件进行备份
for /R %1 %%i in (*) do (
set sf=%%i
echo 源文件是: !sf!
set tf=!sf:%1=%2!
echo 目标文件是:!tf!
if exist !tf! (
set bf=!sf:%1=%backup%!
echo 备份文件是:!bf!
copy /Y !tf! !bf!
)
)
::删除备份目录下的空目录
for /R “%backup%” %%i in (.) do rd “%%i”
::将更新文件覆盖产品
xcopy /E /I /Y “%1” “%2”
echo 命令执行结束!
setlocal disableextensions
setlocal disabledelayedexpansion
batch script run on huawei USG 2160 ( EGW 2160 )
::rem ############# huaweilib.bat ####################
::@echo off
call %*
goto:eof
:get_adgrp
setlocal
::it require two argument: the policy number and the out address-group variable name
::call:get_adgrp 3 grpno
set spyarg=%1
if not defined spyarg (
echo No policy number specified!
exit /b
)
set “is_num=”
call:is_num %1
if [%is_num%] == [false] (
echo argument is not a number!
exit /b
)
echo echo yes ^| plink -agent -ssh -1 -l jhrwgly -pw CorpName2014^^! -P 22222 172.16.8.2 display nat-policy interzone trust untrust outbound policy %1 2^>nul ^| findstr address-group ^> getadgrp.txt > getadgrp.bat
echo exit >> getadgrp.bat
start /min /wait getadgrp.bat
for /f “tokens=2” %%i in ( getadgrp.txt ) do set adgrp=%%i
:end_get_adgrp
endlocal & set /a %2=%adgrp%
goto:eof
:get_uniq_random
setlocal enabledelayedexpansion
set /a argcount=0
for %%i in ( %* ) do set /a argcount+=1
if %argcount% equ 0 (
echo No random number variable argument!
exit /b
)
set arg1=%1
shift
set /a argcount-=1
:isunique
set “in1=”
set /a in1=”%random% %% 6 + 3″
for /l %%j in (1,1,%argcount%) do (
set /a index=%%j
call echo %%!index!>indexfile
set /p index2=<indexfile
if [%in1%] equ [!index2!] goto:isunique
)
:end_get_uniq_random
endlocal & set /a “%arg1%=%in1%”
goto:eof
:set_adgrp
setlocal
rem accept two arguments, first the source NAT policy number, second the new address-group number
set /a argcount=0
for %%i in ( %* ) do set /a argcount+=1
if %argcount% neq 2 (
echo Need two arguments! policy number and new address-group number!
goto:end_set_adgrp
)
for %%i in ( %* ) do (
set “is_num=”
call:is_num %%i
if [%is_num%] == [false] (
echo Arguments are not numbers!
goto:end_set_adgrp
)
)
)
echo sys > set_adgrp.txt
echo nat-policy interzone trust untrust outbound >> set_adgrp.txt
echo policy %1 >> set_adgrp.txt
echo address-group %2 >> set_adgrp.txt
echo quit >> set_adgrp.txt
echo quit >> set_adgrp.txt
echo quit >> set_adgrp.txt
echo quit >> set_adgrp.txt
echo yes | plink -agent -ssh -1 -l jhrwgly -pw CorpName2014! -P 22222 172.16.8.2 < set_adgrp.txt
:end_set_adgrp
endlocal
goto:eof
:is_num
setlocal
set spyisnumarg=%1
if not defined spyisnumarg (
echo no argument specified.
exit /b
)
set “notnum=” & for /f “delims=0123456789” %%i in ( “%1” ) do set notnum=%%i
:end_is_num
endlocal & (
if [%notnum%] == [] (set is_num=true) else (set is_num=false)
)
goto:eof
::rem ################### huaweichgadgrp #########################
@echo off
setlocal enabledelayedexpansion
echo original address-group for source NAT policy 3,4,5 is:
for /l %%a in (3,1,5) do (
set “grpno=”
call huaweilib.bat :get_adgrp %%a grpno_%%a
echo.policy %%a’s group number is !grpno_%%a!
)
call huaweilib.bat :get_uniq_random newpol3adgrp %grpno_3% %grpno_4% %grpno_5%
call huaweilib.bat :get_uniq_random newpol4adgrp %newpol3adgrp% %grpno_3% %grpno_4% %grpno_5%
call huaweilib.bat :get_uniq_random newpol5adgrp %newpol4adgrp% %newpol3adgrp% %grpno_3% %grpno_4% %grpno_5%
if exist set_adgrp.bat del /f set_adgrp.bat
echo @echo off > set_adgrp.bat
for /l %%i in (3,1,5) do (echo call huaweilib.bat :set_adgrp %%i !newpol%%iadgrp! >> set_adgrp.bat)
echo exit >> set_adgrp.bat
endlocal
start /WAIT /MIN set_adgrp.bat
setlocal enabledelayedexpansion
echo new address-group for source NAT policy 3,4,5 is:
for /L %%i in (3,1,5) do (
set “grpno=”
call huaweilib.bat :get_adgrp %%i grpno_%%i
echo.policy %%i’s new group number is !grpno_%%i!
)
timeout /t 5
exit
centos add epel source 添加源
http://blog.csdn.net/yasi_xi/article/details/11746255
三,安装epel,centos6选6,5就选5
32位系统选择:
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -ivh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
64位系统选择:
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
导入key:
rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-5
如果用比较新的软件,用epel-test.repo这个文件就行了
别忘了安装yum install yum-priorities
firewall-cmd 新防火墙 CentOS 7
http://docs.diladele.com/tutorials/transparently_filtering_https_centos/firewall.html
[root@localhost firewalld]# pwd
/etc/firewalld
[root@localhost firewalld]# cat direct.xml
-i eno33554992 -p tcp –dport 80 -j REDIRECT –to-ports 3126
-i eno33554992 -p tcp –dport 443 -j REDIRECT –to-ports 3127
[root@localhost firewalld]#