Skip to content

Instantly share code, notes, and snippets.

View sdesalas's full-sized avatar
💻

Steven de Salas sdesalas

💻
145 followers · 253 following
View GitHub Profile
@sdesalas
sdesalas / movistar-packet-inspection.md
Last active May 25, 2026 14:28
Deep Packet Inspection on TLS traffic causing ERROR_CONNECTION_RESET in Chrome browser (OSX)

TLS Connection Reset Fix — macOS

Root Cause

Modern browsers (Chrome 124+, Firefox 128+) now include a post-quantum key exchange (ML-KEM) in every HTTPS handshake. This inflates the TLS ClientHello to ~1700–1800 bytes, which no longer fits in a single TCP segment. Some home routers have a DPI (Deep Packet Inspection) engine that only handles single-segment ClientHellos — when the handshake spills into a second segment, the router injects a TCP RST and kills the connection before the server ever responds.

Safari is unaffected because Apple has not yet added ML-KEM to WebKit.

Fix — Reduce MTU on WiFi interface

@sdesalas
sdesalas / BlueberryFriands.md
Last active January 3, 2026 11:40
Recipes
image

Serves 6 muffins

Total time: 40min

These blueberry friands are great, a bit like muffins but more solid and stocky.

Ingredients

@sdesalas
sdesalas / APICalls.raw
Last active September 17, 2025 13:30
Ways to get security rules from Kibana
# Get all indices sorted by size
GET /_cat/indices?v=true&s=dataset.size
# Get all kibana indices sorted by size
GET /_cat/indices/.kibana*?v=true&s=dataset.size
# Get system table data for security solution
GET .kibana_security_solution_9.2.0_001/_search
# This one contains rules
@sdesalas
sdesalas / docker-compose.loki.yaml
Created September 12, 2024 21:48
Docker compose grafana loki
version: "3"
networks:
loki:
services:
loki:
image: grafana/loki:2.9.2
ports:
- "3100:3100"
@sdesalas
sdesalas / udp.status.cjs
Created September 11, 2024 13:26
Get bedrock server status
/* eslint-disable require-jsdoc */
// @see https://github.com/py-mine/mcstatus/blob/master/mcstatus/bedrock_status.py
const udp = require('dgram');
const port = 48548; // 19000;
const host = 'localhost';
const MAX_WAIT_MS = 2000;
const OFFLINE_MESSAGE_DATA_ID = '00ffff00fefefefefdfdfdfd12345678';
const UNCONNECTED_PING = // see https://wiki.vg/Raknet_Protocol#Unconnected_Ping
'01' + '0000000000000000' + OFFLINE_MESSAGE_DATA_ID + '0000000000000000'; // fmt: skip;
@sdesalas
sdesalas / Caddyfile
Last active September 10, 2024 17:57
Launch script, upgrade, add docker and caddy
my.domain.com {
reverse_proxy localhost:40001
header -Server
header -X-Powered-By
log {
output file /var/log/caddy/my.domain.com-access.log
}
@ws {
header Connection *Upgrade*
header Upgrade websocket
@sdesalas
sdesalas / docker-compose.yaml
Last active August 3, 2024 08:23
Coturn
version: '3.7'
services:
app:
image: coturn/coturn
#ports:
# - 3478:3478/tcp
# - 3478:3478/udp
# - 5349:5349/tcp # TLS
# - 5349:5349/udp # TLS
@sdesalas
sdesalas / lightsail.setup.docker.caddy.sh
Last active July 23, 2024 18:14
Run as root
#! /bin/sh
# 1. Install Docker CE
curl -fsSL https://raw.githubusercontent.com/sdesalas/docker-install/master/install.sh -o ~/install-docker.sh
chmod + x ~/install-docker.sh
./install-docker.sh
# 2. Install Caddy
apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/testing/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-testing-archive-keyring.gpg
@sdesalas
sdesalas / timeago.js
Last active July 10, 2024 23:10
Minimal KISS implementation of TimeAgo.
const SECOND = 1000;
const MINUTE = 60*SECOND;
const HOUR = 60*MINUTE;
const DAY = 24*HOUR;
const WEEK = 7*DAY;
const MONTH = 30*DAY;
const YEAR = 52*WEEK;
function timeAgo(date) {
const diff = Date.now() - new Date(date).getTime();
@sdesalas
sdesalas / docker-compose-influxdb-chronograf-grafana.yaml
Last active April 6, 2024 22:11
Influxdb
version: '3'
services:
influxdb:
image: influxdb:latest
ports:
- '8086:8086'
volumes:
- ./data/influxdb:/var/lib/influxdb2
environment: