mirror of
https://github.com/Erreur32/cheat.git
synced 2024-11-16 00:48:36 +01:00
f46698b656
Performed an extensive refactoring on the entire application for the sake of code-cleanliness. - Refactored out of an ad-hoc Imperative paradigm into more of a functional/declarative paradigm. IMO, this makes the application signifcantly easier to understand. - Moved away from `argparse` and into `docopt` for argument parsing - Version bump to 2.0.0 - Performed extensive refactoring on the setup.py script. Script should install to the system more cleanly now. - Made minor formatting changes to the --list flag output - Updated the README Squashed commit of the following: commit e5681bd536aa0220cdeb7884cc248db55be408c9 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 23:30:21 2014 -0400 Fixed many bugs Everything seems to work now, I think. commit 764ec5950cee958eb1b8333ddfcb6bcd45c28429 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 21:51:31 2014 -0400 Restructuring for the sake of setup.py Seem to finally have a working install script commit 5a866c23857b77ec65070dd8023cd734f2b7c242 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 18:01:11 2014 -0400 Nits commit a79954ba5b33d992fa6a32abffb33b161d624e3d Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 17:53:03 2014 -0400 Implemented search commit b570a897e9a12c15affe1a72628deae31836dee2 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 17:11:27 2014 -0400 Nits commit 1a8d85b44457f1b2131b3e8475c5270b5d0899e3 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 17:02:22 2014 -0400 Still refactoring across files Trying to make the program structure clearer commit 34dffd6462e492e81ea558e2009a71051b7663c9 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 16:40:37 2014 -0400 Breaking app into several files This is for the sake of code-cleanliness commit 4825d678ff5f9817ccbf727ef71e5dea15ff2586 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 15:55:19 2014 -0400 Got syntax highlighting working commit c37d7a626d451bfca3d4a072eb9fed604085170f Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 15:29:22 2014 -0400 Reduced verbosity of function names commit 8e626045186b37dce2480f5af1994ddfa8db79b5 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 15:24:41 2014 -0400 Refactored argument passing Fewer arguments now need to be passed throughout the app. commit 807ba814650010b3dd1b59d27400b3fb4fcfede7 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 11:40:05 2014 -0400 Working through the refactor commit e34e6540d4f8cd727e98aac68289d515a02d5fe6 Author: Chris Lane <chris@chris-allen-lane.com> Date: Thu Apr 24 20:00:10 2014 -0400 Got a basic end-to-end refactor working Have re-implemented just the most basic functionality in the "cheat2" file.
40 lines
1.4 KiB
Text
40 lines
1.4 KiB
Text
# Show hit for rules with auto refresh
|
|
watch --interval 0 'iptables -nvL | grep -v "0 0"'
|
|
|
|
# Show hit for rule with auto refresh and highlight any changes since the last refresh
|
|
watch -d -n 2 iptables -nvL
|
|
|
|
# Block the port 902 and we hide this port from nmap.
|
|
iptables -A INPUT -i eth0 -p tcp --dport 902 -j REJECT --reject-with icmp-port-unreachable
|
|
|
|
# Note, --reject-with accept:
|
|
# icmp-net-unreachable
|
|
# icmp-host-unreachable
|
|
# icmp-port-unreachable <- Hide a port to nmap
|
|
# icmp-proto-unreachable
|
|
# icmp-net-prohibited
|
|
# icmp-host-prohibited or
|
|
# icmp-admin-prohibited
|
|
# tcp-reset
|
|
|
|
# Add a comment to a rule:
|
|
iptables ... -m comment --comment "This rule is here for this reason"
|
|
|
|
|
|
# To remove or insert a rule:
|
|
# 1) Show all rules
|
|
iptables -L INPUT --line-numbers
|
|
# OR iptables -nL --line-numbers
|
|
|
|
# Chain INPUT (policy ACCEPT)
|
|
# num target prot opt source destination
|
|
# 1 ACCEPT udp -- anywhere anywhere udp dpt:domain
|
|
# 2 ACCEPT tcp -- anywhere anywhere tcp dpt:domain
|
|
# 3 ACCEPT udp -- anywhere anywhere udp dpt:bootps
|
|
# 4 ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
|
|
|
|
# 2.a) REMOVE (-D) a rule. (here an INPUT rule)
|
|
iptables -D INPUT 2
|
|
|
|
# 2.b) OR INSERT a rule.
|
|
iptables -I INPUT {LINE_NUMBER} -i eth1 -p tcp --dport 21 -s 123.123.123.123 -j ACCEPT -m comment --comment "This rule is here for this reason"
|