Tuesday, 27 October 2009
linux
Linux firewall rules Sample Script
The options are truly limitless, but you need to be careful. Below is a basic script you may find useful for beginning your firewall rule settings. When copying this script remember the longer commands are broken into several lines:
#!/bin/bash
#
# iptables firewall settings for linux server
#
### DEFAULT POLICY
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
### ESSENTIAL RULES
# Allow internal host packets on local interface
iptables -A INPUT -i lo -j ACCEPT
### PROTOCOL LEVEL RULES
# Allow PORT 80 TCP packets on ethernet interface
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
# LOG ALL OTHER PACKETS
# Logging for any failed packets for troubleshooting use
iptables -A INPUT -j LOG --log-prefix "INPUT: "
Sunday, 27 September 2009
Administrator
Usage: route [-nNvee] [-FC] [] List kernel routing tables
route [-v] [-FC] {add|del|flush} ... Modify routing table for AF.
Here's how to delete the routes added in the previous section.
[root@localhost]# route del -net 10.10.10.0 netmask 255.255.255.0 gw 192.168.1.1 wlan0
The file /etc/sysconfig/network-scripts/route-wlan0 will also have to be updated so that when you reboot the server will not reinsert the route. Delete the line that reads:
10.0.0.0/24 via 192.168.1.1
Friday, 23 October 2009
linux
Linux Command: crontab
usage: crontab [-u user] file
crontab [-u user] [ -e | -l | -r ]
(default operation is replace, per 1003.2)
-e (edit user's crontab)
-l (list user's crontab)
-r (delete user's crontab)
-i (prompt before deleting user's crontab)
Lines that can be in the crontab file.
minute (0-59),
hour (0-23),
day of the month (1-31),
month of the year (1-12),
day of the week (0-6 with 0=Sunday).
Examples
crontab -e = edits the crontab file to be used.
0 12 14 2 * mailx john%Happy Birthday!%Time for lunch.
#crontab -e
*/1 * * * * php /var/www/html/poller.php > /dev/null 2>&1
0 1 * * * nice -n 15 /var/www/backup.sh
Friday, 23 October 2009
Administrator
Linux /Unix : Cat
Usage: cat [OPTION] [FILE]...
Concatenate FILE(s), or standard input, to standard output.
-A, --show-all equivalent to -vET
-b, --number-nonblank number nonblank output lines
-e equivalent to -vE
-E, --show-ends display $ at end of each line
-n, --number number all output lines
-s, --squeeze-blank never more than one single blank line
-t equivalent to -vT
-T, --show-tabs display TAB characters as ^I
-u (ignored)
-v, --show-nonprinting use ^ and M- notation, except for LFD and TAB
--help display this help and exit
--version output version information and exit
With no FILE, or when FILE is -, read standard input.
Examples:
cat f - g Output f's contents, then standard input, then g's contents.
cat Copy standard input to standard output.
Sunday, 27 September 2009
Administrator
Linux / Unix Command: halt
usage: halt [-n] [-w] [-d] [-f] [-i] [-p]
-n: don't sync before halting the system
-w: only write a wtmp reboot record and exit.
-d: don't write a wtmp record.
-f: force halt/reboot, don't call shutdown.
-p: power down the system (if possible, otherwise halt)
halt, reboot, poweroff - stop the system.
SYNOPSIS
/sbin/halt [-n] [-w] [-d] [-f] [-i] [-p] [-h]
/sbin/reboot [-n] [-w] [-d] [-f] [-i]
/sbin/poweroff [-n] [-w] [-d] [-f] [-i] [-h]
DESCRIPTION
Halt notes that the system is being brought down in the file /var/log/wtmp, and then either tells the kernel to halt, reboot or poweroff the system.
If halt or reboot is called when the system is not in runlevel 0 or 6, in other words when it's running normally, shutdown will be invoked instead (with the -h or -r flag). For more info see the shutdown(8) manpage.
The rest of this manpage describes the behaviour in runlevels 0 and 6, that is when the systems shutdown scripts are being run.
When halting the system, do a poweroff. This is the default when halt is called as poweroff.
Examples
halt
Set the computer to a mode that enables a user to turn off the computer.
poweroff
Stop the processor (if you have proper permission).
Sunday, 27 September 2009
Administrator
Linux / Unix Command: poweroff
usage: poweroff [-n] [-w] [-d] [-f] [-i] [-p]
-n: don't sync before poweroffing the system
-w: only write a wtmp reboot record and exit.
-d: don't write a wtmp record.
-f: force halt/reboot, don't call shutdown.
-p: power down the system (if possible, otherwise poweroff)
halt, reboot, poweroff - stop the system.
SYNOPSIS
/sbin/halt [-n] [-w] [-d] [-f] [-i] [-p] [-h]
/sbin/reboot [-n] [-w] [-d] [-f] [-i]
/sbin/poweroff [-n] [-w] [-d] [-f] [-i] [-h]
DESCRIPTION
Halt notes that the system is being brought down in the file /var/log/wtmp, and then either tells the kernel to halt, reboot or poweroff the system.
If halt or reboot is called when the system is not in runlevel 0 or 6, in other words when it's running normally, shutdown will be invoked instead (with the -h or -r flag). For more info see the shutdown(8) manpage.
The rest of this manpage describes the behaviour in runlevels 0 and 6, that is when the systems shutdown scripts are being run.
When halting the system, do a poweroff. This is the default when halt is called as poweroff.
Saturday, 26 September 2009
Administrator
Linux / Unix Command: mount
Usage: mount -V : print version
mount -h : print this help
mount : list mounted filesystems
mount -l : idem, including volume labels
So far the informational part. Next the mounting.
The command is `mount [-t fstype] something somewhere'.
Details found in /etc/fstab may be omitted.
mount -a [-t|-O] ... : mount all stuff from /etc/fstab
mount device : mount device at the known place
mount directory : mount known device here
mount -t type dev dir : ordinary mount command
Note that one does not really mount a device, one mounts
a filesystem (of the given type) found on the device.
One can also mount an already visible directory tree elsewhere:
mount --bind olddir newdir
or move a subtree:
mount --move olddir newdir
A device can be given by name, say /dev/hda1 or /dev/cdrom,
or by label, using -L label or by uuid, using -U uuid .
Other options: [-nfFrsvw] [-o options] [-p passwdfd].
For many more details, say man 8 mount .
Example uses of the Linux Command mount
#mount /dev/cdrom /mnt/cdrom This command will connect the device "/dev/cdrom" (usually the CD ROM drive) to the directory "/mnt/cdrom" so that you can access the files and directories on the CD ROM disk in the CD ROM drive under the "/mnt/cdrom" directory, which must already exist when this command is executed.
Saturday, 26 September 2009
Administrator
Linux / Unix Command: vi
usage: vim [arguments] [file ..] edit specified file(s)
or: vim [arguments] - read text from stdin
or: vim [arguments] -t tag edit file where tag is defined
Arguments:
-- Only file names after this
-v Vi mode (like "vi")
-e Ex mode (like "ex")
-s Silent (batch) mode (only for "ex")
-y Easy mode (like "evim", modeless)
-R Readonly mode (like "view")
-Z Restricted mode (like "rvim")
-m Modifications (writing files) not allowed
-M Modifications in text not allowed
-b Binary mode
-C Compatible with Vi: 'compatible'
-N Not fully Vi compatible: 'nocompatible'
-V[N] Verbose level
-D Debugging mode
-n No swap file, use memory only
-r List swap files and exit
-r (with file name) Recover crashed session
-L Same as -r
-T Set terminal type to
-u Use instead of any .vimrc
--noplugin Don't load plugin scripts
-o[N] Open N windows (default: one for each file)
-O[N] Like -o but split vertically
+ Start at end of file
+ Start at line
--cmd Execute before loading any vimrc file
-c Execute after loading the first file
-S Source file after loading the first file
-s Read Normal mode commands from file
-w Append all typed commands to file
-W Write all typed commands to file
-h or --help Print Help (this message) and exit
--version Print version information and exit
Examples
#vi config.conf
Edits the file config.conf
Saturday, 26 September 2009
Administrator
Linux / Unix Command: tar
GNU `tar' saves many files together into a single tape or disk archive, and
can restore individual files from the archive.
Usage: tar [OPTION]... [FILE]...
Examples:
tar -cf archive.tar foo bar # Create archive.tar from files foo and bar.
tar -tvf archive.tar # List all files in archive.tar verbosely.
tar -xf archive.tar # Extract all files from archive.tar.
If a long option shows an argument as mandatory, then it is mandatory
for the equivalent short option also. Similarly for optional arguments.
Main operation mode:
-t, --list list the contents of an archive
-x, --extract, --get extract files from an archive
-c, --create create a new archive
-d, --diff, --compare find differences between archive and file system
-r, --append append files to the end of an archive
-u, --update only append files newer than copy in archive
-A, --catenate append tar files to an archive
--concatenate same as -A
--delete delete from the archive (not on mag tapes!)
Operation modifiers:
-W, --verify attempt to verify the archive after writing it
--remove-files remove files after adding them to the archive
-k, --keep-old-files don't replace existing files when extracting
--keep-newer-files don't replace existing files that are newer
than their archive copies
--overwrite overwrite existing files when extracting
--no-overwrite-dir preserve metadata of existing directories
-U, --unlink-first remove each file prior to extracting over it
--recursive-unlink empty hierarchies prior to extracting directory
-S, --sparse handle sparse files efficiently
-O, --to-stdout extract files to standard output
-G, --incremental handle old GNU-format incremental backup
-g, --listed-incremental=FILE
handle new GNU-format incremental backup
--ignore-failed-read do not exit with nonzero on unreadable files
--occurrence[=NUM] process only the NUMth occurrence of each file in
the archive. This option is valid only in
conjunction with one of the subcommands --delete,
--diff, --extract or --list and when a list of
files is given either on the command line or
via -T option.
NUM defaults to 1.
Handling of file attributes:
--owner=NAME force NAME as owner for added files
--group=NAME force NAME as group for added files
--mode=CHANGES force (symbolic) mode CHANGES for added files
--atime-preserve don't change access times on dumped files
-m, --modification-time don't extract file modified time
--same-owner try extracting files with the same ownership
--no-same-owner extract files as yourself
--numeric-owner always use numbers for user/group names
-p, --same-permissions extract permissions information
--no-same-permissions do not extract permissions information
--preserve-permissions same as -p
-s, --same-order sort names to extract to match archive
--preserve-order same as -s
--preserve same as both -p and -s
Device selection and switching:
-f, --file=ARCHIVE use archive file or device ARCHIVE
--force-local archive file is local even if has a colon
--rmt-command=COMMAND use given rmt COMMAND instead of /etc/rmt
--rsh-command=COMMAND use remote COMMAND instead of rsh
-[0-7][lmh] specify drive and density
-M, --multi-volume create/list/extract multi-volume archive
-L, --tape-length=NUM change tape after writing NUM x 1024 bytes
-F, --info-script=FILE run script at end of each tape (implies -M)
--new-volume-script=FILE same as -F FILE
--volno-file=FILE use/update the volume number in FILE
Saturday, 26 September 2009
Administrator
Linux / Unix Command: free
free - display information about free and used memory on the system
usage: free [-b|-k|-m|-g] [-l] [-o] [-t] [-s delay] [-c count] [-V]
-b,-k,-m,-g show output in bytes, KB, MB, or GB
-l show detailed low and high memory statistics
-o use old format (no -/+buffers/cache line)
-t display total for RAM + swap
-s update every [delay] seconds
-c update [count] times
-V display version information and exit
DESCRIPTION
free displays the total amount of free and used physical memory and swap space in the system, as well as the buffers and cache consumed by the kernel.
[root@localhost man]# free -b
total used free shared buffers cached
Mem: 393904128 202096640 191807488 0 35287040 101294080
-/+ buffers/cache: 65515520 328388608
Swap: 797843456 0 797843456
|
