curl https://ip-ranges.amazonaws.com/ip-ranges.json | jq '.prefixes | .[] | select(.service == "CLOUDFRONT") | .ip_prefix'
BC
curl https://ip-ranges.amazonaws.com/ip-ranges.json | jq '.prefixes | .[] | select(.service == "CLOUDFRONT") | .ip_prefix'
for f in *.pfx; do pemout="${f}.pem"; keyout="${pemout}.key"; crtout="${pemout}.crt"; openssl pkcs12 -in $f -out $pemout -nodes -password pass:somepass; openssl rsa -in $pemout -out $keyout; openssl x509 -in $pemout -out $crtout; done
set_real_ip_from 0.0.0.0/0 ; real_ip_recursive on ; real_ip_header x-forwarded-for ;
src IP = 10.0.0.2 dst IP = 10.0.0.3
GET /someurl.html HTTP/1.1 host: brookscunningham.com X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
src IP = 10.0.0.2 dst IP = 10.0.0.3
GET /someurl.html HTTP/1.1 host: brookscunnningham.com
set_real_ip_from 10.0.0.0/8 ; real_ip_recursive on ; real_ip_header x-forwarded-for ;
src IP = 10.0.0.2 dst IP = 10.0.0.3
GET /someurl.html HTTP/1.1 host: brookscunningham.com X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
set_real_ip_from 10.0.0.0/8 ; set_real_ip_from 4.4.4.4 ; real_ip_recursive on ; real_ip_header x-forwarded-for ;
src IP = 10.0.0.2 dst IP = 10.0.0.3
GET /someurl.html HTTP/1.1 host: brookscunningham.com X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
set_real_ip_from 10.0.0.0/8 ; set_real_ip_from 4.4.4.4 ; real_ip_recursive off ; real_ip_header x-forwarded-for ;Source and Destination IP
src IP = 10.0.0.2 dst IP = 10.0.0.3
GET /someurl.html HTTP/1.1 host: brookscunningham.com X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
set_real_ip_from 10.0.0.0/8 ; set_real_ip_from 4.4.4.4 ; real_ip_recursive off ; real_ip_header x-forwarded-for ;
src IP = 55.55.55.55 dst IP = 10.0.0.3
GET /someurl.html HTTP/1.1 host: brookscunningham.com X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
set_real_ip_from 10.0.0.0/8 ; set_real_ip_from 4.4.4.4 ; set_real_ip_from 55.55.55.55 ; real_ip_recursive on ; real_ip_header x-forwarded-for ;
src IP = 55.55.55.55 dst IP = 10.0.0.3
GET /someurl.html HTTP/1.1 host: brookscunningham.com X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
sudo tcpdump -i any -A -s 10240 '(port 80) and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and not host 127.0.0.1 | egrep --line-buffered "^........(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " | sed -r 's/^........(GET |HTTP\/|POST |HEAD )/\n\1/g'
ssh ubuntu@You can make it into a bash function like I have below as well.-p 22 -i ~/sshpemkeyauth.key "sudo tcpdump -s 0 -U -n -w - -i any not port 22" | wireshark -k -i - &
function wiresh { ssh ubuntu@$1 -p 22 -i ~/sshpemkeyauth.key "sudo tcpdump -s 0 -U -n -w - -i any not port 22" | wireshark -k -i - & }This way you only have to do the following at the command line to take a remote wireshark capture:
wireshI hope this helps anyone else out there. I have to give a shout out to StackOverflow for inspiring this post. BC