Daca vrei sa blochezi facebook cu iptables ruleaza comanda de mai jos
iptables -A FORWARD -p tcp --match multiport --dports 80,443 -m string --string 'facebook' --algo bm -j DROP
Showing posts with label Linux. Show all posts
Showing posts with label Linux. Show all posts
Monday, October 14, 2013
Cum blochezi teamviewer in linux cu iptables
Pentru a bloca teamviewer cu iptables in linux se poate folosi comanda:
iptables -A FORWARD -m string --string 'teamviewer' --algo bm -j DROP
Dar daca teamviewer foloseste https, se poate combina simplu comnada de mai sus cu un dns view pentru teamviewer care poate fi facuta cel mai eficient cuun application proxy
Sunday, May 5, 2013
Cum cauti in linuc fisiere si copiezi rezultatul intr-un folder
Comanda de mai jos cauta toate fisierele cu extensia .html si le copiaza in folderul /admin
find / -name "*.html" -exec cp {} /admin \;
Sunday, April 28, 2013
Cum convertesti data in squid
Stiti cu totii ca daca din fisierul access.log din squid nu e in format “human readable” si e salvata in formatul <unix timestamp>.<centisecond> si pentru a procesa folositi comanda de mai jos
cat access.log | perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e'
Thursday, October 25, 2012
Routing for multiple uplinks/providers
A common configuration is the following, in which there are two providers that connect a local network (or even a single machine) to the big Internet.
________
+------------+ /
| | |
+-------------+ Provider 1 +-------
__ | | | /
___/ \_ +------+-------+ +------------+ |
_/ \__ | if1 | /
/ \ | | |
| Local network -----+ Linux router | | Internet
\_ __/ | | |
\__ __/ | if2 | \
\___/ +------+-------+ +------------+ |
| | | \
+-------------+ Provider 2 +-------
| | |
+------------+ \________
There are usually two questions given this setup.
4.2.1. Split access
The first is how to route answers to packets coming in over a particular provider, say Provider 1, back out again over that same provider.
Let us first set some symbolical names. Let $IF1 be the name of the first interface (if1 in the picture above) and $IF2 the name of the second interface. Then let $IP1 be the IP address associated with $IF1 and $IP2 the IP address associated with $IF2. Next, let $P1 be the IP address of the gateway at Provider 1, and $P2 the IP address of the gateway at provider 2. Finally, let $P1_NET be the IP network $P1 is in, and $P2_NET the IP network $P2 is in.
One creates two additional routing tables, say T1 and T2. These are added in /etc/iproute2/rt_tables. Then you set up routing in these tables as follows:
ip route add $P1_NET dev $IF1 src $IP1 table T1
ip route add default via $P1 table T1
ip route add $P2_NET dev $IF2 src $IP2 table T2
ip route add default via $P2 table T2
Nothing spectacular, just build a route to the gateway and build a default route via that gateway, as you would do in the case of a single upstream provider, but put the routes in a separate table per provider. Note that the network route suffices, as it tells you how to find any host in that network, which includes the gateway, as specified above.
Next you set up the main routing table. It is a good idea to route things to the direct neighbour through the interface connected to that neighbour. Note the `src' arguments, they make sure the right outgoing IP address is chosen.
ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2
Then, your preference for default route:
ip route add default via $P1
Next, you set up the routing rules. These actually choose what routing table to route with. You want to make sure that you route out a given interface if you already have the corresponding source address:
ip rule add from $IP1 table T1
ip rule add from $IP2 table T2
This set of commands makes sure all answers to traffic coming in on a particular interface get answered from that interface.
Reader Rod Roark notes: 'If $P0_NET is the local network and $IF0 is its interface, the following additional entries are desirable:
ip route add $P0_NET dev $IF0 table T1
ip route add $P2_NET dev $IF2 table T1
ip route add 127.0.0.0/8 dev lo table T1
ip route add $P0_NET dev $IF0 table T2
ip route add $P1_NET dev $IF1 table T2
ip route add 127.0.0.0/8 dev lo table T2
'
Now, this is just the very basic setup. It will work for all processes running on the router itself, and for the local network, if it is masqueraded. If it is not, then you either have IP space from both providers or you are going to want to masquerade to one of the two providers. In both cases you will want to add rules selecting which provider to route out from based on the IP address of the machine in the local network.
4.2.2. Load balancing
The second question is how to balance traffic going out over the two providers. This is actually not hard if you already have set up split access as above.
Instead of choosing one of the two providers as your default route, you now set up the default route to be a multipath route. In the default kernel this will balance routes over the two providers. It is done as follows (once more building on the example in the section on split-access):
ip route add default scope global nexthop via $P1 dev $IF1 weight 1 \
nexthop via $P2 dev $IF2 weight 1
This will balance the routes over both providers. The weight parameters can be tweaked to favor one provider over the other.
Note that balancing will not be perfect, as it is route based, and routes are cached. This means that routes to often-used sites will always be over the same provider.
Furthermore, if you really want to do this, you probably also want to look at Julian Anastasov's patches at http://www.ssi.bg/~ja/#routes , Julian's route patch page. They will make things nicer to work with.
Wednesday, October 24, 2012
Running Additional Programs at Boot Time in CentOS
The /etc/rc.d/rc.local script is executed by the init command at boot time or when changing runlevels. Adding commands to the bottom of this script is an easy way to perform necessary tasks like starting special services or initialize devices without writing complex initialization scripts in the/etc/rc.d/init.d/ directory and creating symbolic links.
The /etc/rc.serial script is used if serial ports must be setup at boot time. This script runs setserialcommands to configure the system's serial ports. Refer to the setserial man page for more information.
How To Add Static Routes In CentOS
There are numerous ways to add static routes in Linux (CentOS). The easiest way is via the terminal by using one of the following examples.
How to add a static route for a specific host in Linux.
route add -host 192.168.1.47 gw 192.168.10.1
route del -host 192.168.1.47 gw 192.168.10.1
How to add a static route for a specific network in Linux.
route add -net 192.168.1.0/24 gw 192.168.10.1
route del -net 192.168.1.0/24 gw 192.168.10.1
How to add a default gateway.
route add default gw 192.168.10.1
route del default gw 192.168.10.1
The best place to add the default gateway is in the file /etc/sysconfig/network which would then look something like the below.
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=server.example.com
GATEWAY=192.168.0.10
Also note that default gateways are added on a per interface level in their startup files located in /etc/sysconfig/network-scripts. Example: /etc/sysconfig/network-scripts/ifcfg-eth0
One of the places to add a static route so it is added each time you reboot the server is to add it to /etc/sysconfig/rc.local. Your rc.local file would then look something like the below.
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
# Static Routes
/sbin/route add -net 192.168.1.0/24 gw 192.168.10.1
/sbin/route add -host 192.168.1.47 gw 192.168.10.1
Friday, April 6, 2012
[MySQL]Reset the root password
For users of the powerful database MySQL, access, as well as right to modify the admin (root) password is important, because both are required when installing and in situations when the master password is lost. The user must be connected to the root password to modify it but for reinitialising the password, this process can be skipped. Resetting the password is possible after connection to theMySQL database with the help of specific commands. In case the password is lost, then it is also possible to get access to the MySQL server through a bypass of the authentication process. To reset the password under the latter condition, the server must be restarted to continue the process.
It's important that you are able to access and modify the admin (root) password of MYSQL, either when installing MySQL for the first time or in situations where the master password is lost.
The root password is lost
To modify the existing root password, you must firstly be connected to it. If you know the root password and just want to reinitialize it, you can skip this part. If you don't have the root password then follow the steps below:- Stop the MySQL server
-
#/etc/init.d/mysql stop
-
- Restart MySQL, disabling network communication and skipping the authentication procedure
#mysqld --skip-grant-tables --skip-networking &
Resetting the password
- Get connected to the MySQL system database:
# mysql mysql -u root
- Type in the following command and reset your password:
UPDATE user SET password=PASSWORD('newpassword') WHERE user="root";
- If you didn't go through the first step, to validate the changes simply type:
FLUSH PRIVILEGES;
- If you started MySQL manually (bypassing the authentication process), the server must be restarted:
#/etc/init.d/mysql restart
Warning: Changing your password can cause connection problems between phpmyadmin and mysql.
PhpMyAdmin - Access denied for user root@localhost
Cum resetezi parola de root din Phpmyadmin
Rulezi /etc/init.d/mysql stop
Restartezi Mysql cu comanda mysqld --skip-grant-tables --skip-networking &
Rulezi mysql mysql -u root
Apoi UPDATE user SET password=PASSWORD('newpassword') WHERE user="root";
Optional FLUSH PRIVILEGES;
Apoi startezi /etc/init.d/mysql restart
Thursday, March 29, 2012
Cele mai utile comenzi Linux (index alfabetic de comenzi Linux)
An A-Z Index of the Bash command line for Linux
a
alias Create an alias
apropos Search Help manual pages (man -k)
apt-get Search for and install software packages (Debian)
aspell Spell Checker
awk Find and Replace text, database sort/validate/index
b
bash GNU Bourne-Again SHell
bc Arbitrary precision calculator language
bg Send to background
break Exit from a loop
builtin Run a shell builtin
bzip2 Compress or decompress named file(s)
c
cal Display a calendar
case Conditionally perform a command
cat Display the contents of a file
cd Change Directory
cfdisk Partition table manipulator for Linux
chgrp Change group ownership
chmod Change access permissions
chown Change file owner and group
chroot Run a command with a different root directory
chkconfig System services (runlevel)
cksum Print CRC checksum and byte counts
clear Clear terminal screen
cmp Compare two files
comm Compare two sorted files line by line
command Run a command - ignoring shell functions
continue Resume the next iteration of a loop
cp Copy one or more files to another location
cron Daemon to execute scheduled commands
crontab Schedule a command to run at a later time
csplit Split a file into context-determined pieces
cut Divide a file into several parts
d
date Display or change the date & time
dc Desk Calculator
dd Convert and copy a file, write disk headers, boot records
ddrescue Data recovery tool
declare Declare variables and give them attributes
df Display free disk space
diff Display the differences between two files
diff3 Show differences among three files
dig DNS lookup
dir Briefly list directory contents
dircolors Colour setup for `ls'
dirname Convert a full pathname to just a path
dirs Display list of remembered directories
dmesg Print kernel & driver messages
du Estimate file space usage
e
echo Display message on screen
egrep Search file(s) for lines that match an extended expression
eject Eject removable media
enable Enable and disable builtin shell commands
env Environment variables
ethtool Ethernet card settings
eval Evaluate several commands/arguments
exec Execute a command
exit Exit the shell
expect Automate arbitrary applications accessed over a terminal
expand Convert tabs to spaces
export Set an environment variable
expr Evaluate expressions
f
false Do nothing, unsuccessfully
fdformat Low-level format a floppy disk
fdisk Partition table manipulator for Linux
fg Send job to foreground
fgrep Search file(s) for lines that match a fixed string
file Determine file type
find Search for files that meet a desired criteria
fmt Reformat paragraph text
fold Wrap text to fit a specified width.
for Expand words, and execute commands
format Format disks or tapes
free Display memory usage
fsck File system consistency check and repair
ftp File Transfer Protocol
function Define Function Macros
fuser Identify/kill the process that is accessing a file
g
gawk Find and Replace text within file(s)
getopts Parse positional parameters
grep Search file(s) for lines that match a given pattern
groups Print group names a user is in
gzip Compress or decompress named file(s)
h
hash Remember the full pathname of a name argument
head Output the first part of file(s)
history Command History
hostname Print or set system name
i
id Print user and group id's
if Conditionally perform a command
ifconfig Configure a network interface
ifdown Stop a network interface
ifup Start a network interface up
import Capture an X server screen and save the image to file
install Copy files and set attributes
j
join Join lines on a common field
k
kill Stop a process from running
killall Kill processes by name
l
less Display output one screen at a time
let Perform arithmetic on shell variables
ln Make links between files
local Create variables
locate Find files
logname Print current login name
logout Exit a login shell
look Display lines beginning with a given string
lpc Line printer control program
lpr Off line print
lprint Print a file
lprintd Abort a print job
lprintq List the print queue
lprm Remove jobs from the print queue
ls List information about file(s)
lsof List open files
m
make Recompile a group of programs
man Help manual
mkdir Create new folder(s)
mkfifo Make FIFOs (named pipes)
mkisofs Create an hybrid ISO9660/JOLIET/HFS filesystem
mknod Make block or character special files
more Display output one screen at a time
mount Mount a file system
mtools Manipulate MS-DOS files
mv Move or rename files or directories
mmv Mass Move and rename (files)
n
netstat Networking information
nice Set the priority of a command or job
nl Number lines and write files
nohup Run a command immune to hangups
nslookup Query Internet name servers interactively
o
open Open a file in its default application
op Operator access
p
passwd Modify a user password
paste Merge lines of files
pathchk Check file name portability
ping Test a network connection
pkill Stop processes from running
popd Restore the previous value of the current directory
pr Prepare files for printing
printcap Printer capability database
printenv Print environment variables
printf Format and print data
ps Process status
pushd Save and then change the current directory
pwd Print Working Directory
q
quota Display disk usage and limits
quotacheck Scan a file system for disk usage
quotactl Set disk quotas
r
ram ram disk device
rcp Copy files between two machines
read read a line from standard input
readonly Mark variables/functions as readonly
reboot Reboot the system
renice Alter priority of running processes
remsync Synchronize remote files via email
return Exit a shell function
rev Reverse lines of a file
rm Remove files
rmdir Remove folder(s)
rsync Remote file copy (Synchronize file trees)
s
screen Multiplex terminal, run remote shells via ssh
scp Secure copy (remote file copy)
sdiff Merge two files interactively
sed Stream Editor
select Accept keyboard input
seq Print numeric sequences
set Manipulate shell variables and functions
sftp Secure File Transfer Program
shift Shift positional parameters
shopt Shell Options
shutdown Shutdown or restart linux
sleep Delay for a specified time
slocate Find files
sort Sort text files
source Run commands from a file `.'
split Split a file into fixed-size pieces
ssh Secure Shell client (remote login program)
strace Trace system calls and signals
su Substitute user identity
sudo Execute a command as another user
sum Print a checksum for a file
symlink Make a new name for a file
sync Synchronize data on disk with memory
t
tail Output the last part of files
tar Tape ARchiver
tee Redirect output to multiple files
test Evaluate a conditional expression
time Measure Program running time
times User and system times
touch Change file timestamps
top List processes running on the system
traceroute Trace Route to Host
trap Run a command when a signal is set(bourne)
tr Translate, squeeze, and/or delete characters
true Do nothing, successfully
tsort Topological sort
tty Print filename of terminal on stdin
type Describe a command
u
ulimit Limit user resources
umask Users file creation mask
umount Unmount a device
unalias Remove an alias
uname Print system information
unexpand Convert spaces to tabs
uniq Uniquify files
units Convert units from one scale to another
unset Remove variable or function names
unshar Unpack shell archive scripts
until Execute commands (until error)
useradd Create new user account
usermod Modify user account
users List users currently logged in
uuencode Encode a binary file
uudecode Decode a file created by uuencode
v
v Verbosely list directory contents (`ls -l -b')
vdir Verbosely list directory contents (`ls -l -b')
vi Text Editor
vmstat Report virtual memory statistics
w
watch Execute/display a program periodically
wc Print byte, word, and line counts
whereis Report all known instances of a command
which Locate a program file in the user's path.
while Execute commands
who Print all usernames currently logged in
whoami Print the current user id and name (`id -un')
Wget Retrieve web pages or files via HTTP, HTTPS or FTP
write Send a message to another user
x
xargs Execute utility, passing constructed argument list(s)
yes Print a string until interrupted
. Run a command script in the current shell
### Comment / Remark
SS64 Discussion forum
Bash commands for OS X
Links to other Sites, full list of man pages, books etc...
Tuesday, March 20, 2012
Cum spargi sau resetezi parola de root in Centos Linux
Help! I forgot my root password. How do I log in now?
You can log in using single-user mode and create a new root password.
To enter single-user mode, reboot your computer. If you use the default boot loader, GRUB, you can enter single user mode by performing the following:
-
At the boot loader menu, use the arrow keys to highlight the installation you want to edit and type [A] to enter into append mode.
-
You are presented with a prompt that looks similar to the following:
grub append> ro root=LABEL=/
Press the Spacebar once to add a blank space, then add the word single to tell GRUB to boot into single-user Linux mode. The result should look like the following:
ro root=LABEL=/ single
Press [Enter] and GRUB will boot single-user Linux mode. After it finishes loading, you will be presented with a shell prompt similar to the following:
sh-2.05b#
You can now change the root password by typing
passwd root
You will be asked to re-type the password for verification. Once you are finished, the password will be changed. You can then reboot by typing reboot at the prompt; then you can log in to root as you normally would.
Friday, January 13, 2012
Reset RHEL root password
To boot into rescue mode, you must be able to boot the system using one of the following
methods
• By booting the system from an installation boot CD-ROM.
• By booting the system from other installation boot media, such as USB flash devices.
• By booting the system from the Red Hat Enterprise Linux CD-ROM #1.
Once you have booted using one of the described methods, add the keyword rescue as a
kernel parameter. For example, for an x86 system, type the following command at the
installation boot prompt:
linux rescue
