You must be the change you wish to see in the world. - Mahatma Gandhi
1 OS family Unix-like 2 Source model Free and open source software 3 Initial release 1991 4 Supported platforms Alpha, ARM, AVR32, Blackfin, C6x, ETRAX CRIS, FR-V, H8/300, 5 Hexagon, Itanium, M32R, m68k, Microblaze, MIPS, MN103, 6 OpenRISC, PA-RISC, PowerPC, s390, S+core, SuperH, 7 SPARC, TILE64, Unicore32, x86, Xtensa 8 Kernel type Monolithic 9 License "Linux" trademark owned by Linus Torvalds and administered by the Linux Mark Institute) 10 HTTP https://www.kernel.org/pub/ 11 FTP ftp://ftp.kernel.org/pub/ 12 RSYNC rsync://rsync.kernel.org/pub/ 13 URL http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.6.9.tar.bz2
Red Hat as well as most of its derivatives (such as CentOS) uses runlevels like this:
ID Description ------------------- 0 Halt 1 Single user 2 Full multi-user with no networking 3 Full multi-user, console logins only 4 Not used/User definable 5 Full multi-user, with display manager as well as console logins 6 Reboot
List of available services already configured
chkconfig --list
Make a service start for normal usage
chkconfig httpd on
If you have this init file listed in /etc/init.d/ you only need to run two commands to get it running at boot
chkconfig --config myscript chkconfig myscript on
Use chkconfig to configure the programs that will be started at boot in a runlevel.
# chkconfig --list # List all init scripts # chkconfig --list sshd # Report the status of sshd # chkconfig sshd --level 35 on # Configure sshd for levels 3 and 5 # chkconfig sshd off # Disable sshd for all runlevels
Open the /etc/sysconfig/network file with your favorite text editor.
Modify the HOSTNAME= value to match your FQDN host name.
sudo nano /etc/sysconfig/network HOSTNAME=myserver.domain.com
Change the host that is associated to your main IPaddress for your server. this is for internal networking (found at /etc/hosts):
Restart Networking
/etc/init.d/network restart
Install package: aptitude install PACKAGENAME Reinstall package: aptitude reinstall PACKAGENAME Remove package (keep config files): aptitude remove PACKAGENAME Remove package and purge config files: aptitude remove --purge PACKAGENAME Update package list: aptitude update Upgrade system (security/bug fixes): aptitude upgrade Upgrade system to newest release (dangerous!): aptitude dist-upgrade Show info on an installed package: aptitude show PACKAGENAME Search package repositories: aptitude search SEARCHSTRING
Install package: yum install PACKAGENAME Remove package: yum remove PACKAGENAME Update package: yum update PACKAGENAME List available updates: yum list updates Update system: yum update Upgrade system to newest release (dangerous!): yum upgrade Show package: yum list PACKAGENAME Search package repositories: yum search SEARCHSTRING List package groups: yum grouplist Install package group: yum groupinstall 'GROUP NAME' Update package group: yum groupupdate 'GROUP NAME' Remove package group: yum groupremove 'GROUP NAME'
Check whether the selected NTP server is accessible:
[root@fedora ~]# ntpdate -q 0.rhel.pool.ntp.org
server 204.9.136.253, stratum 2, offset -0.008663, delay 0.34778 server 169.229.70.201, stratum 2, offset -0.033543, delay 0.34413 server 184.22.183.130, stratum 2, offset -0.011112, delay 0.36876 server 108.61.73.244, stratum 2, offset -0.021635, delay 0.33836 9 Dec 16:25:18 ntpdate[22704]: adjust time server 108.61.73.244 offset -0.021635 sec
Run the ntpdate command followed by one or more server addresses:
[root@fedora ~]# ntpdate 0.rhel.pool.ntp.org 1.rhel.pool.ntp.org 9 Dec 16:26:41 ntpdate[22710]: adjust time server 108.61.73.244 offset -0.024647 sec
Checking satus via systemctl command
[root@fedora ~]# systemctl status ntpdate.service
ntpdate.service - Set time via NTP Loaded: loaded (/usr/lib/systemd/system/ntpdate.service; disabled) Active: inactive (dead) CGroup: name=systemd:/system/ntpdate.service
Starting service using systemctl.
[root@fedora ~]# systemctl restart ntpdate.service
Check Status after start
[root@fedora ~]# systemctl status ntpdate.service ntpdate.service - Set time via NTP Loaded: loaded (/usr/lib/systemd/system/ntpdate.service; disabled) Active: active (exited) since Sun, 09 Dec 2012 16:34:41 +0530; 5s ago Process: 22774 ExecStart=/usr/libexec/ntpdate-wrapper (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/ntpdate.service Dec 09 16:34:41 fedora.example.com ntpdate[22780]: step time server 66.207.226.14 offset
Enable
[root@fedora ~]# systemctl enable ntpdate.service ln -s '/usr/lib/systemd/system/ntpdate.service' '/etc/systemd/system/multi-user.target.wants/ntpdate.service'
systemctl [OPTIONS...] {COMMAND} ...
[root@fedora ~]# systemctl show-environment
SYSFONT=True PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin PWD=/ LANG=en_US.UTF-8 KEYTABLE=us SHLVL=0 BOOT_IMAGE=/vmlinuz-3.3.4-5.fc17.i686
[root@fedora ~]# man systemctl
[root@fedora ~]# man systemd
[root@fedora ~]# systemctl show
Version=systemd 44 Distribution=fedora Features=+PAM +LIBWRAP +AUDIT +SELINUX +SYSVINIT +LIBCRYPTSETUP RunningAs=system InitRDTimestamp=Fri, 07 Dec 2012 13:25:01 +0530 InitRDTimestampMonotonic=2229913 StartupTimestamp=Fri, 07 Dec 2012 13:25:10 +0530 StartupTimestampMonotonic=10473483 FinishTimestamp=Fri, 07 Dec 2012 13:25:43 +0530 FinishTimestampMonotonic=44368055 LogLevel=info LogTarget=journal-or-kmsg NNames=260 NJobs=0 NInstalledJobs=123 NFailedJobs=0 Progress=1 Environment=SYSFONT=True PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin PWD=/ LANG=en_US.UTF-8 KEYTABLE=us SHLVL=0 BOOT_IMAGE=/vmlinuz- ConfirmSpawn=no ShowStatus=no UnitPath=/etc/systemd/system /usr/lib/systemd/system NotifySocket=/run/systemd/notify ControlGroupHierarchy=/system MountAuto=yes SwapAuto=yes DefaultControllers=cpu DefaultStandardOutput=journal DefaultStandardError=inherit SysVConsole=no SysVInitPath=/etc/rc.d/init.d SysVRcndPath=/etc/rc.d
Unit Commands:
list-units List loaded units start [NAME...] Start (activate) one or more units stop [NAME...] Stop (deactivate) one or more units reload [NAME...] Reload one or more units restart [NAME...] Start or restart one or more units try-restart [NAME...] Restart one or more units if active reload-or-restart [NAME...] Reload one or more units is possible, otherwise start or restart reload-or-try-restart [NAME...] Reload one or more units is possible, otherwise restart if active isolate [NAME] Start one unit and stop all others kill [NAME...] Send signal to processes of a unit is-active [NAME...] Check whether units are active status [NAME...|PID...] Show runtime status of one or more units show [NAME...|JOB...] Show properties of one or more units/jobs or the manager reset-failed [NAME...] Reset failed state for all, one, or more units load [NAME...] Load one or more units
Unit File Commands:
list-unit-files List installed unit files enable [NAME...] Enable one or more unit files disable [NAME...] Disable one or more unit files reenable [NAME...] Reenable one or more unit files preset [NAME...] Enable/disable one or more unit files based on preset configuration mask [NAME...] Mask one or more units unmask [NAME...] Unmask one or more units link [PATH...] Link one or more units files into the search path is-enabled [NAME...] Check whether unit files are enabled
Job Commands:
list-jobs List jobs cancel [JOB...] Cancel all, one, or more jobs
Status Commands:
dump Dump server status dot Dump dependency graph for dot(1)
Snapshot Commands:
snapshot [NAME] Create a snapshot delete [NAME...] Remove one or more snapshots
Environment Commands:
show-environment Dump environment set-environment [NAME=VALUE...] Set one or more environment variables unset-environment [NAME...] Unset one or more environment variables
Manager Lifecycle Commands:
daemon-reload Reload systemd manager configuration daemon-reexec Reexecute systemd manager
System Commands:
default Enter system default mode rescue Enter system rescue mode emergency Enter system emergency mode halt Shut down and halt the system poweroff Shut down and power-off the system reboot Shut down and reboot the system kexec Shut down and reboot the system with kexec exit Ask for user instance termination
Linux fedora.example.com 3.3.4-5.fc17.i686 #1 SMP Mon May 7 17:45:26 UTC 2012 i686 i686 i386 GNU/Linux
LSB Version: :core-4.1-ia32:core-4.1-noarch:cxx-4.1-ia32:cxx-4.1- noarch:desktop-4.1-ia32:desktop-4.1-noarch:languages-4.1-ia32: languages-4.1-noarch:printing-4.1-ia32:printing-4.1-noarch Distributor ID: Fedora Description: Fedora release 17 (Beefy Miracle) Release: 17 Codename: BeefyMiracle
16:30:53 up 1 day, 3:05, 4 users, load average: 0.39, 0.37, 0.32
fedora.example.com
127.0.0.1
example.com
reboot system boot 3.3.4-5.fc17.i68 Fri Dec 7 13:25 - 16:32 (1+03:07) reboot system boot 3.3.4-5.fc17.i68 Wed Dec 5 14:57 - 16:32 (3+01:35) reboot system boot 3.3.4-5.fc17.i68 Sat Dec 1 20:52 - 01:33 (04:41)
[87261.920498] sd 0:0:0:0: [sda] Unhandled sense code [87261.920507] sd 0:0:0:0: [sda] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
BOOT_IMAGE=/vmlinuz-3.3.4-5.fc17.i686 root=/dev/mapper/vg-lv_root ro rd.md=0 rd.dm=0 KEYTABLE=us SYSFONT=True rd.lvm.lv=vg/lv_root rd.luks=0 rd.lvm.lv=vg/lv_swap LANG=en_US.UTF-8 rhgb quiet
root@fedora ~> lsusb -tv /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=uhci_hcd/2p, 12M |__ Port 1: Dev 7, If 0, Class=vend., Driver=option, 12M |__ Port 1: Dev 7, If 1, Class=vend., Driver=option, 12M |__ Port 1: Dev 7, If 2, Class=vend., Driver=option, 12M |__ Port 1: Dev 7, If 3, Class=vend., Driver=option, 12M |__ Port 1: Dev 7, If 4, Class=vend., Driver=option, 12M |__ Port 1: Dev 7, If 5, Class=stor., Driver=usb-storage, 12M
root@fedora ~> dmidecode |grep -i Vendor Vendor: Dell Computer Corporation root@fedora ~>
To temporarily configure an IP address, you can use the ifconfig command in the following manner.
Just modify the IP address and subnet mask to match your network requirements.
sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0
em1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.56.104 netmask 255.255.255.0 broadcast 192.168.56.255 ether 00:08:74:22:5c:61 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 11 base 0x2c00
To configure a default gateway, you can use the route command in the following manner.
Modify the default gateway address to match your network requirements.
sudo route add default gw 10.0.0.1 eth0
If you no longer need this configuration and wish to purge all IP configuration from an interface, you can use the ip command with the flush option as shown below.
ip addr flush eth0
1. Edit /etc/sysconfig/network, add network gateway and hostname
2. Edit /etc/sysconfig/network-scripts/ifcfg-eth0
3. Example interface which is autoconfigured using Graphic Tools
fedora@fedora ~> cat /etc/sysconfig/network-scripts/ifcfg-Auto_Ethernet TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no NAME="Auto Ethernet" UUID=d36649d6-b53a-4cf6-9c1f-20b7e7f72a2e ONBOOT=yes IPADDR0=192.168.56.104 PREFIX0=24 DNS1=8.8.8.8 HWADDR=00:08:74:22:5C:61 IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_PRIVACY=rfc3041 fedora@fedora ~>
4. Manually adding IP address
DEVICE=eth0 BOOTPROTO=static HWADDR=00:08:74:22:5C:61 IPADDR=192.168.56.104 NETMASK=255.255.255.0 ONBOOT=yes
5. Edit /etc/resolv.conf and setup DNS servers
fedora@fedora ~> cat /etc/resolv.conf #Google DNS nameserver 8.8.8.8 nameserver 8.8.4.4 #OpenDNS nameserver 208.67.222.222 nameserver 208.67.220.220 #Reliance DNS nameserver 220.226.6.104 nameserver 220.226.100.40 #
6. Restart network - /etc/init.d/network restart
7. For ubuntu - Edit /etc/network/interfaces
Open - /etc/network/interfaces
auto eth0 iface eth0 inet static address 10.0.0.100 netmask 255.255.255.0 gateway 10.0.0.1
To configure your system to use DNS for name resolution, add the IP addresses of the DNS servers that are appropriate for your network in the file /etc/resolv.conf. You can also add an optional DNS suffix search-lists to match your network domain names.
Below is an example of a typical configuration of /etc/resolv.conf for a server on the domain "example.com" and using two public DNS servers.
search example.com nameserver 8.8.8.8 nameserver 8.8.4.4
The order in which your system selects a method of resolving hostnames to IP addresses is controlled by the Name Service Switch (NSS) configuration file /etc/nsswitch.conf.
As mentioned in the previous section, typically static hostnames defined in the systems /etc/hosts file have precedence over names resolved from DNS. The following is an example of the line responsible for this order of hostname lookups in the file /etc/nsswitch.conf.
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
Before configuring a bridge you will need to install the bridge-utils package.
To install the package, in a terminal enter:
sudo apt-get install bridge-utils
Next, configure the bridge by editing /etc/network/interfaces:
auto lo iface lo inet loopback auto br0 iface br0 inet static address 192.168.0.10 network 192.168.0.0 netmask 255.255.255.0 broadcast 192.168.0.255 gateway 192.168.0.1 bridge_ports eth0 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off
alias bond0 bonding options bond0 miimon=80 mode=5
modes: mode=0 (Balance Round Robin) mode=1 (Active backup) mode=2 (Balance XOR) mode=3 (Broadcast) mode=4 (802.3ad) mode=5 (Balance TLB) mode=6 (Balance ALB)
DEVICE=bond0 IPADDR=<ip address> NETMASK= NETWORK= BROADCAST= GATEWAY= ONBOOT=yes BOOTPROTO=none USERCTL=no
DEVICE=eth0 ONBOOT=yes BOOTPROTO=none USERCTL=no MASTER=bond0 SLAVE=yes
cat /proc/net/bonding/bond0
You can use multiple bond interface but for that you must load the bonding module as many as you need.
Presuming that you want two bond interface you must configure the /etc/modules.conf as follow:
alias bond0 bonding options bond0 -o bond0 mode=0 miimon=100 alias bond1 bonding options bond1 -o bond1 mode=1 miimon=100
root@fedora /opt> ethtool em1 Settings for em1: Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supported pause frame use: No Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Advertised pause frame use: Symmetric Advertised auto-negotiation: Yes Speed: 10Mb/s Duplex: Half Port: MII PHYAD: 24 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: d Current message level: 0x00000001 (1) drv Link detected: no root@fedora /opt>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: em1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT qlen 1000 link/ether 00:08:74:22:5c:61 brd ff:ff:ff:ff:ff:ff 8: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT qlen 3 link/ppp root@fedora /opt>
masquerade connections, and multicast memberships
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:52769 0.0.0.0:* LISTEN tcp6 0 0 :::45423 :::* LISTEN tcp6 0 0 :::111 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN
netstat -h usage: netstat [-vWeenNcCF] [<Af>] -r netstat {-V|--version|-h|--help} netstat [-vWnNcaeol] [<Socket> ...] netstat { [-vWeenNac] -I[<Iface>] | [-veenNac] -i | [-cnNe] -M | -s [-6tuw] } [delay] -r, --route display routing table -I, --interfaces=<Iface> display interface table for <Iface> -i, --interfaces display interface table -g, --groups display multicast group memberships -s, --statistics display networking statistics (like SNMP) -M, --masquerade display masqueraded connections -v, --verbose be verbose -W, --wide don't truncate IP addresses -n, --numeric don't resolve names --numeric-hosts don't resolve host names --numeric-ports don't resolve port names --numeric-users don't resolve user names -N, --symbolic resolve hardware names -e, --extend display other/more information -p, --programs display PID/Program name for sockets -c, --continuous continuous listing -l, --listening display listening server sockets -a, --all, --listening display all sockets (default: connected) -o, --timers display timers -F, --fib display Forwarding Information Base (default) -C, --cache display routing cache instead of FIB -Z, --context display SELinux security context for sockets
root@fedora ~> netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 169.204.0.0 0.0.0.0 255.255.0.0 U 0 0 0 em1 192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 em1 192.168.141.145 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 root@fedora ~>
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:sunrpc *:* LISTEN 2584/rpcbind tcp 0 0 *:ssh *:* LISTEN 5046/sshd tcp 0 0 *:52769 *:* LISTEN 2594/rpc.statd tcp6 0 0 [::]:45423 [::]:* LISTEN 2594/rpc.statd tcp6 0 0 [::]:sunrpc [::]:* LISTEN 2584/rpcbind tcp6 0 0 [::]:ssh [::]:* LISTEN 5046/sshd udp 0 0 *:sunrpc *:* 2584/rpcbind udp 0 0 *:ntp *:* 1858/chronyd udp 0 0 *:msdp *:* 2584/rpcbind udp 0 0 fedora.example.com:obex *:* 2594/rpc.statd udp 0 0 *:44725 *:* 2594/rpc.statd udp 0 0 *:57569 *:* 1802/avahi-daemon: udp 0 0 *:mdns *:* 1802/avahi-daemon: udp 0 0 *:323 *:* 1858/chronyd udp6 0 0 [::]:sunrpc [::]:* 2584/rpcbind udp6 0 0 [::]:ntp [::]:* 1858/chronyd udp6 0 0 [::]:msdp [::]:* 2584/rpcbind udp6 0 0 [::]:323 [::]:* 1858/chronyd udp6 0 0 [::]:50517 [::]:* 2594/rpc.statd root@fedora ~>
root@fedora ~> route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 em1 192.168.51.0 0.0.0.0 255.255.255.0 U 0 0 0 em1 120.124.141.145 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 root@fedora ~>
Adds the normal loopback entry, using netmask 255.0.0.0 and associated with the "lo" device
(assuming this device was previously set up correctly with ifconfig(8)).
adds a route to the local network 192.56.76.x via "eth0". The word "dev" can be omitted here.
deletes the current default route, which is labeled "default" or
0.0.0.0 in the destination field of the current routing table.
Adds a default route (which will be used if no other route matches).
All packets using this route will be gatewayed through "mango-gw".
The device which will actually be used for that route depends on
how we can reach "mango-gw" - the static route to "mango-gw" will have to be set up before.
Adds the route to the "ipx4" host via the SLIP interface
(assuming that "ipx4" is the SLIP host).
This command adds the net "192.57.66.x" to be gatewayed through the former route to the SLIP interface.
This is an obscure one documented so people know how to do it.
This sets all of the class D (multicast) IP routes to go via "eth0".
This is the correct normal configuration line with a multicasting kernel.
This installs a rejecting route for the private network "10.x.x.x."
# route add -net 192.168.50.0 netmask 255.255.255.0 gw 192.168.56.1 # ip route add 192.168.56.0/24 via 192.168.56.1 # same as above with ip route # route add -net 192.168.56.1 netmask 255.255.255.0 dev eth0 # route add default gw 192.168.56.1
dmidecode.i686 : Tool to analyse BIOS DMI data python-dmidecode.i686 : Python module to access DMI data
Resolving Dependencies --> Running transaction check ---> Package dmidecode.i686 1:2.11-8.fc17 will be installed Installed: dmidecode.i686 Complete!
List of Commands: check Check for problems in the rpmdb check-update Check for available package updates clean Remove cached data deplist List a package's dependencies distribution-synchronization Synchronize installed packages to the latest available versions downgrade downgrade a package erase Remove a package or packages from your system groups Display, or use, the groups information help Display a helpful usage message history Display, or use, the transaction history info Display details about a package or group of packages install Install a package or packages on your system list List a package or groups of packages load-transaction load a saved transaction from filename makecache Generate the metadata cache provides Find what package provides the given value reinstall reinstall a package repolist Display the configured software repositories search Search package details for the given string shell Run an interactive yum shell update Update a package or packages on your system upgrade Update packages taking obsoletes into account version Display a version for the machine and/or available repos.
iptables -L
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -j DROP
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
To save the configuration, you can use iptables-save and iptables-restore.
iptables-save > /etc/iptables.rules
iptables-restore < /etc/iptables.rules
iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT
iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-above 2 -j REJECT
iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-upto 2 -j ACCEPT
(24 bit netmask)
iptables -p tcp --syn --dport 80 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j REJECT
(ipv6) ip6tables -p tcp --syn --dport 80 -s fe80::/64 -m connlimit --connlimit-above 16 --connlimit-mask 64 -j REJECT
ip6tables -p tcp --syn --dport 49152:65535 -d 2001:db8::1 -m connlimit --connlimit-above 100 -j REJECT
Usage: iptables -[ACD] chain rule-specification [options] iptables -I chain [rulenum] rule-specification [options] iptables -R chain rulenum rule-specification [options] iptables -D chain rulenum [options] iptables -[LS] [chain [rulenum]] [options] iptables -[FZ] [chain] [options] iptables -[NX] chain iptables -E old-chain-name new-chain-name iptables -P chain target [options] iptables -h (print this help information) Commands: Either long or short options are allowed. --append -A chain Append to chain --check -C chain Check for the existence of a rule --delete -D chain Delete matching rule from chain --delete -D chain rulenum Delete rule rulenum (1 = first) from chain --insert -I chain [rulenum] Insert in chain as rulenum (default 1=first) --replace -R chain rulenum Replace rule rulenum (1 = first) in chain --list -L [chain [rulenum]] List the rules in a chain or all chains --list-rules -S [chain [rulenum]] Print the rules in a chain or all chains --flush -F [chain] Delete all rules in chain or all chains --zero -Z [chain [rulenum]] Zero counters in chain or all chains --new -N chain Create a new user-defined chain --delete-chain -X [chain] Delete a user-defined chain --policy -P chain target Change policy on chain to target --rename-chain -E old-chain new-chain Change chain name, (moving any references) Options: --ipv4 -4 Nothing (line is ignored by ip6tables-restore) --ipv6 -6 Error (line is ignored by iptables-restore) [!] --proto -p proto protocol: by number or name, eg. `tcp' [!] --source -s address[/mask][...] source specification [!] --destination -d address[/mask][...] destination specification [!] --in-interface -i input name[+] network interface name ([+] for wildcard) --jump -j target target for rule (may load target extension) --goto -g chain jump to chain with no return --match -m match extended match (may load extension) --numeric -n numeric output of addresses and ports [!] --out-interface -o output name[+] network interface name ([+] for wildcard) --table -t table table to manipulate (default: `filter') --verbose -v verbose mode --line-numbers print line numbers when listing --exact -x expand numbers (display exact values) [!] --fragment -f match second or further fragments only --modprobe=<command> try to insert modules using this command --set-counters PKTS BYTES set the counter during insert/append [!] --version -V print package version.
Usage: tcpdump [-aAbdDefhHIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ] [ -i interface ] [ -j tstamptype ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z command ] [ -Z user ] [ expression ]
tcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes 19:20:30.346592 IP (tos 0x0, ttl 64, id 17265, offset 0, flags [DF], proto UDP (17), length 60)
1.ppp0 2.nflog (Linux netfilter log (NFLOG) interface) 3.em1 4.usbmon1 (USB bus number 1) 5.any (Pseudo-device that captures on all interfaces) 6.lo root@fedora ~>
tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes 19:26:25.420823 IP (tos 0x0, ttl 64, id 6860, offset 0, flags [DF], proto TCP (6), length 100)
tcpdump host sundown
tcpdump host helios and \( hot or ace \)
tcpdump ip host ace and not helios
tcpdump net ucb-ether
(note that the expression is quoted to prevent the shell from (mis-)inter‐preting the parentheses):
tcpdump 'gateway snup and (port ftp or ftp-data)'
(if you gateway to one other net, this stuff should never make itonto your local net).
tcpdump ip and not net localnet
conversation that involves a non-local host.
tcpdump 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet'
for example, SYN and FIN packets and ACK-only packets. (IPv6 is left as an exercise for the reader.)
tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
tcpdump 'gateway snup and ip[2:2] > 576'
tcpdump 'ether[0] & 1 = 0 and ip[16] >= 224'
tcpdump 'icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply'
nmap -v -A scanme.nmap.org nmap -v -sn 192.168.0.0/16 10.0.0.0/8 nmap -v -iR 10000 -Pn -p 80
Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 -iL <inputfilename>: Input from list of hosts/networks -iR <num hosts>: Choose random targets --exclude <host1[,host2][,host3],...>: Exclude hosts/networks --excludefile <exclude_file>: Exclude list from file
-sL: List Scan - simply list targets to scan -sn: Ping Scan - disable port scan -Pn: Treat all hosts as online -- skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] --dns-servers <serv1[,serv2],...>: Specify custom DNS servers --system-dns: Use OS's DNS resolver --traceroute: Trace hop path to each host
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans --scanflags <flags>: Customize TCP scan flags -sI <zombie host[:probeport]>: Idle scan -sY/sZ: SCTP INIT/COOKIE-ECHO scans -sO: IP protocol scan -b <FTP relay host>: FTP bounce scan
-p <port ranges>: Only scan specified ports Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9 -F: Fast mode - Scan fewer ports than the default scan -r: Scan ports consecutively - don't randomize --top-ports <number>: Scan <number> most common ports --port-ratio <ratio>: Scan ports more common than <ratio>
-sV: Probe open ports to determine service/version info --version-intensity <level>: Set from 0 (light) to 9 (try all probes) --version-light: Limit to most likely probes (intensity 2) --version-all: Try every single probe (intensity 9) --version-trace: Show detailed version scan activity (for debugging)
-sC: equivalent to --script=default --script=<Lua scripts>: <Lua scripts> is a comma separated list of directories, script-files or script-categories --script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts --script-args-file=filename: provide NSE script args in a file --script-trace: Show all data sent and received --script-updatedb: Update the script database. --script-help=<Lua scripts>: Show help about scripts. <Lua scripts> is a comma separted list of script-files or script-categories.
-O: Enable OS detection --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively
Options which take <time> are in seconds, or append 'ms' (milliseconds), 's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m). -T<0-5>: Set timing template (higher is faster) --min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes --min-parallelism/max-parallelism <numprobes>: Probe parallelization --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies probe round trip time. --max-retries <tries>: Caps number of port scan probe retransmissions. --host-timeout <time>: Give up on target after this long --scan-delay/--max-scan-delay <time>: Adjust delay between probes --min-rate <number>: Send packets no slower than <number> per second --max-rate <number>: Send packets no faster than <number> per second
-f; --mtu <val>: fragment packets (optionally w/given MTU) -D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys -S <IP_Address>: Spoof source address -e <iface>: Use specified interface -g/--source-port <portnum>: Use given port number --data-length <num>: Append random data to sent packets --ip-options <options>: Send packets with specified ip options --ttl <val>: Set IP time-to-live field --spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address --badsum: Send packets with a bogus TCP/UDP/SCTP checksum
-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3, and Grepable format, respectively, to the given filename. -oA <basename>: Output in the three major formats at once -v: Increase verbosity level (use -vv or more for greater effect) -d: Increase debugging level (use -dd or more for greater effect) --reason: Display the reason a port is in a particular state --open: Only show open (or possibly open) ports --packet-trace: Show all packets sent and received --iflist: Print host interfaces and routes (for debugging) --log-errors: Log errors/warnings to the normal-format output file --append-output: Append to rather than clobber specified output files --resume <filename>: Resume an aborted scan --stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML --webxml: Reference stylesheet from Nmap.Org for more portable XML --no-stylesheet: Prevent associating of XSL stylesheet w/XML output
-6: Enable IPv6 scanning -A: Enable OS detection, version detection, script scanning, and traceroute --datadir <dirname>: Specify custom Nmap data file location --send-eth/--send-ip: Send using raw ethernet frames or IP packets --privileged: Assume that the user is fully privileged --unprivileged: Assume the user lacks raw socket privileges -V: Print version number -h: Print this help summary page.
SEE THE MAN PAGE (http://nmap.org/book/man.html) FOR MORE OPTIONS AND EXAMPLES
Usage: fsck.ext4 [-panyrcdfvtDFV] [-b superblock] [-B blocksize] [-I inode_buffer_blocks] [-P process_inode_size] [-l|-L bad_blocks_file] [-C fd] [-j external_journal] [-E extended-options] device
-p Automatic repair (no questions) -n Make no changes to the filesystem -y Assume "yes" to all questions -c Check for bad blocks and add them to the badblock list -f Force checking even if filesystem is marked clean -v Be verbose -b superblock Use alternative superblock -B blocksize Force blocksize when looking for superblock -j external_journal Set location of the external journal -l bad_blocks_file Add to badblocks list -L bad_blocks_file Set badblocks list -N Don't execute, just show what would be done.
fsck from util-linux 2.21.1 [/sbin/fsck.ext4 (1) -- /] fsck.ext4 /dev/mapper/vg-lv_root [/sbin/fsck.ext4 (1) -- /boot] fsck.ext4 /dev/sda1
0 No errors 1 Filesystem errors corrected 2 System should be rebooted 4 Filesystem errors left uncorrected 8 Operational error 16 Usage or syntax error 32 Fsck canceled by user request 128 Shared-library error
fsck from util-linux 2.21.1 e2fsck 1.42 (29-Nov-2011) /dev/mapper/vg-lv_root is mounted. WARNING!!! The filesystem is mounted. If you continue you ***WILL*** cause ***SEVERE*** filesystem damage. Do you really want to continue<n>? no check aborted. e2fsck 1.42 (29-Nov-2011) /dev/sda1 is mounted. WARNING!!! The filesystem is mounted. If you continue you ***WILL*** cause ***SEVERE*** filesystem damage. Do you really want to continue<n>? no check aborted.
fsck from util-linux 2.21.1 e2fsck 1.42 (29-Nov-2011) Warning! /dev/mapper/vg-lv_root is mounted. Warning: skipping journal recovery because doing a read-only filesystem check. _Fedora-17-i686-: clean, 148243/2318336 files, 6288023/9248768 blocks e2fsck 1.42 (29-Nov-2011) Warning! /dev/sda1 is mounted. Warning: skipping journal recovery because doing a read-only filesystem check. /dev/sda1: clean, 343/128016 files, 62514/512000 blocks root@fedora ~>
KEY LONG DESCRIPTION c cmd simple name of executable C pcpu cpu utilization f flags flags as in long format F field g pgrp process group ID G tpgid controlling tty process group ID j cutime cumulative user time J cstime cumulative system time k utime user time m min_flt number of minor page faults M maj_flt number of major page faults n cmin_flt cumulative minor page faults N cmaj_flt cumulative major page faults o session session ID p pid process ID P ppid parent process ID r rss resident set size R resident resident pages s size memory size in kilobytes S share amount of shared pages t tty the device number of the controlling tty T start_time time process was started U uid user ID number u user user name v vsize total VM size in kB y priority kernel scheduling priority CODE NORMAL HEADER %C pcpu %CPU %G group GROUP %P ppid PPID %U user USER %a args COMMAND %c comm COMMAND %g rgroup RGROUP %n nice NI %p pid PID %r pgid PGID %t etime ELAPSED %u ruser RUSER %x time TIME %y tty TTY %z vsz VSZ
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 18085 0.1 0.1 12244 1520 pts/0 S Dec08 2:15 wvdial root 1883 0.4 0.7 8580 5532 ? SNs Dec07 11:15 preload root 9394 1.0 1.6 18292 12440 ? Ss Dec07 23:11 collectl root 1867 1.5 1.4 24704 10912 tty1 Rs+ Dec07 43:16 X fedora 4918 3.5 33.4 771768 256556 pts/1 Sl+ Dec07 98:47 firefox
USER ELAPSED PID %CPU %MEM COMMAND SZ VSZ START MAJFL MINFL TT PPID root 1-22:34:07 1867 1.5 1.4 X 8496 24704 Dec07 57 3656177 tty1 1818 root 1-22:34:07 1883 0.4 0.7 preload 5096 8580 Dec07 2 642119 ? 1 root 1-13:52:58 9394 1.0 1.6 collectl 11516 18292 Dec07 14 1224 ? 1 root 1-05:16:22 18085 0.1 0.1 wvdial 2648 12244 Dec08 16 800 pts/0 18084 fedora 37:06 18334 0.8 2.6 KKvirtualrooms 51672 81748 11:22 152 10771 pts/1 1 root 08:44 18820 0.1 0.3 bash 1108 6120 11:50 0 3636 pts/5 18817 fedora 17:25:59 23824 0.1 2.8 gedit 32256 79232 Dec08 75 5250 ? 2676
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 1867 tty1 Rs+ 44:56 57 1892 36111 11044 1.4 /usr/bin/X -background none :0 3729 pts/0 S 0:00 0 27 6160 1420 0.1 su - 3860 pts/0 S+ 0:00 13 855 5380 1584 0.2 -bash 3928 pts/0 S 0:00 0 855 4416 468 0.0 sh reliacne.sh 5462 pts/3 Ss+ 0:00 0 855 5392 2280 0.2 /bin/bash 5512 pts/4 Ss 0:00 1 855 5392 1720 0.2 /bin/bash 7871 pts/4 S 0:00 4 69 8694 1700 0.2 sudo su - fedora 7872 pts/4 S 0:00 2 27 6160 1724 0.2 su - fedora 18084 pts/0 S 0:00 6 69 8694 1728 0.2 sudo wvdial reliance
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1867 1.6 1.4 24704 11044 tty1 Rs+ Dec07 44:59 /usr/bin/X -background none : root 3729 0.0 0.1 6188 1420 pts/0 S Dec07 0:00 su - root 3860 0.0 0.2 6236 1584 pts/0 S+ Dec07 0:00 -bash root 3928 0.0 0.0 5272 468 pts/0 S Dec07 0:00 sh reliacne.sh root 5462 0.0 0.2 6248 2280 pts/3 Ss+ Dec07 0:00 /bin/bash root 5512 0.0 0.2 6248 1720 pts/4 Ss Dec07 0:00 /bin/bash root 7871 0.0 0.2 8764 1700 pts/4 S Dec07 0:00 sudo su - fedora root 7872 0.0 0.2 6188 1724 pts/4 S Dec07 0:00 su - fedora root 18084 0.0 0.2 8764 1728 pts/0 S Dec08 0:00 sudo wvdial reliance
it may indicate a memory leak in the application.
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1867 1.6 1.4 24704 11044 tty1 Rs+ Dec07 45:35 /usr/bin/X -background none :0 root 1883 0.4 0.7 8580 5532 ? SNs Dec07 11:22 /usr/sbin/preload --verbose 1 fedora 4918 3.5 29.7 779648 227920 pts/1 Sl+ Dec07 100:33 ./firefox root 9394 1.0 1.6 18292 12440 ? Ss Dec07 23:33 /usr/bin/perl -w /usr/bin/collectl root 18085 0.1 0.1 12244 1520 pts/0 S Dec08 2:19 wvdial reliance fedora 23824 0.1 2.8 79232 22016 ? Sl Dec08 1:19 gedit
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 4918 pts/1 Sl+ 100:33 1100 88 779559 227920 29.7 ./firefox XDG_VTNR=1 XDG_SESSION_ID=1 HOSTNAME=fedora.example.com IMSETTINGS_INTEGRA [root@fedora ~]# ps ev --pid=4918 PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 4918 pts/1 Sl+ 100:33 1100 88 779559 227920 29.7 ./firefox XDG_VTNR=1 XDG_SESSION_ID=1 HOSTNAME=fedora.example.com IMSETTINGS_INTEGRA
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free inact active si so bi bo in cs us sy id wa st 0 0 63380 87552 333004 285372 0 0 10 14 163 173 6 1 91 1 0 0 0 63380 79616 341456 285380 0 0 0 0 214 155 6 6 88 0 0 0 0 63380 79368 341620 285416 0 0 0 0 222 155 6 8 86 0 0 0 0 63380 79368 341620 285428 0 0 0 0 399 249 6 9 85 0 0 1 0 63380 78980 341760 285432 0 0 0 0 668 304 19 14 68 0 0
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 4918 pts/1 Sl+ 102:47 1112 88 798795 237076 30.8 ./firefox 23824 ? Sl 1:31 80 656 78575 22016 2.8 gedit 3521 ? Sl 1:52 109 44 58019 13812 1.7 lxterminal 1867 tty1 Ss+ 47:46 59 1892 67855 11052 1.4 /usr/bin/X -background none :0 9394 ? Ss 23:47 14 3 18288 10052 1.3 /usr/bin/perl -w /usr/bin/collectl 2676 ? Ss 0:41 90 328 21731 8972 1.1 /usr/bin/openbox --startup /usr/ 20629 ? Ssl 1:06 25 231 44896 7676 1.0 /usr/lib/udisks2/udisksd --no-debug 2885 ? Sl 0:00 56 16 50675 6688 0.8 abrt-applet 1883 ? SNs 11:28 2 39 8540 5532 0.7 /usr/sbin/preload --verbose 1
Usage: sar [ options ] [ <interval> [ <count> ] ] Main options and reports: -b I/O and transfer rate statistics -B Paging statistics -d Block device statistics -H Hugepages utilization statistics -q Queue length and load average statistics -r Memory utilization statistics -R Memory statistics -S Swap space utilization statistics -u [ ALL ] CPU utilization statistics -v Kernel table statistics -w Task creation and system switching statistics -W Swapping statistics -y TTY device statistics
Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 12:44:44 PM pgpgin/s pgpgout/s fault/s majflt/s pgfree/s pgscank/s pgscand/s pgsteal/s %vmeff 12:44:49 PM 0.00 10.53 99.60 0.00 304.05 0.00 0.00 0.00 0.00 12:44:54 PM 0.00 51.51 430.38 0.00 858.75 0.00 0.00 0.00 0.00 12:44:59 PM 0.00 8.11 23.12 0.00 490.47 0.00 0.00 0.00 0.00 12:45:04 PM 0.81 123.64 666.06 0.00 340.61 0.00 0.00 0.00 0.00 12:45:09 PM 0.00 15.42 100.00 0.00 101.22 0.00 0.00 0.00 0.00 Average: 0.16 41.91 264.36 0.00 419.62 0.00 0.00 0.00 0.00
This report contains two columns: “fault/s” and “majflt/s”.
What is the difference between a “fault”, sometimes known as a “soft fault”, and a “major fault” (aka “hard fault”)? Soft fault happens when the process needs a page that is already in memory, but was freed by the page replacement process.
Major or “hard” fault happens when the page needs to be brought into memory from disk.
Major faults are, of course, much more expensive and take much longer to complete then the soft ones.
Large number of major page faults can slow the system down to the crawl.
On an average system, major page faults are responsible for the vast majority of the CPU time spent in the kernel mode.
Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 12:48:48 PM kbmemfree kbmemused %memused kbbuffers kbcached kbcommit %commit kbactive kbinact 12:48:51 PM 147940 619416 80.72 49316 230616 1244392 53.93 304776 263268 12:48:54 PM 143352 624004 81.32 49316 235184 1248940 54.13 304780 267808 12:48:57 PM 146452 620904 80.91 49324 232324 1246020 54.00 305016 264828 12:49:00 PM 140624 626732 81.67 49324 238108 1251800 54.25 305044 270616 12:49:03 PM 139756 627600 81.79 49332 238616 1252280 54.27 305048 271128 Average: 143625 623731 81.28 49322 234970 1248686 54.12 304933 267530
Usage: atop [-flags] [interval [samples]] or Usage: atop -w file [-S] [-a] [interval [samples]] atop -r [file] [-b hh:mm] [-e hh:mm] [-flags] generic flags: -a show or log all processes (i.s.o. active processes only) -P generate parseable output for specified label(s) -L alternate line length (default 80) in case of non-screen output -f show fixed number of lines with system-statistics -l show limited number of lines for certain resources -1 show average-per-second i.s.o. total values -x no colors in case of high occupation -g show general process-info (default) -m show memory-related process-info -d show disk-related process-info -n show network-related process-info -s show scheduling-related process-info -v show various process-info (ppid, user/group, date/time) -c show command-line per process -o show own defined process-info -u show cumulated process-info per user -p show cumulated process-info per program (i.e. same name) -C sort processes in order of cpu-consumption (default) -M sort processes in order of memory-consumption -D sort processes in order of disk-activity -N sort processes in order of network-activity -A sort processes in order of most active resource (auto mode) specific flags for raw logfiles: -w write raw data to file (compressed) -r read raw data from file (compressed) special file: y[y...] for yesterday (repeated) -S finish atop automatically before midnight (i.s.o. #samples) -b begin showing data from specified time -e finish showing data after specified time interval: number of seconds (minimum 0) samples: number of intervals (minimum 1)
Sun Dec 9 13:23:45 IST 2012 Command being timed: "date" Major (requiring I/O) page faults: 0 Minor (reclaiming a frame) page faults: 224 Page size (bytes): 4096 Exit status: 0
Command being timed: "acroread" Major (requiring I/O) page faults: 363 Minor (reclaiming a frame) page faults: 28663 Page size (bytes): 4096 Exit status: 0
Command being timed: "acroread" Average resident set size (kbytes): 0 Major (requiring I/O) page faults: 7 Minor (reclaiming a frame) page faults: 25224 Exit status: 0
MemTotal: 767356 kB MemFree: 89092 kB Buffers: 29292 kB Cached: 331528 kB SwapCached: 10444 kB
[root@fedora ~]# cat /proc/meminfo |egrep 'Ca|Bu|Me' MemTotal: 767356 kB MemFree: 73220 kB Buffers: 29212 kB Cached: 347292 kB SwapCached: 10436 kB
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free buff cache si so bi bo in cs us sy id wa st 1 0 85208 59000 27420 340796 0 1 11 14 172 182 7 2 91 1 0 1 1 85208 52716 28128 343892 0 0 3088 0 822 968 37 16 3 44 0 2 6 85224 58044 26252 336596 0 16 5356 24 1278 961 40 21 0 38 0 0 6 85228 58044 24940 335028 0 4 2592 148 1275 1096 39 20 0 41 0 3 2 85228 54300 24988 337692 0 0 2216 160 1110 778 26 11 0 63 0 0 1 85260 60984 25004 331280 0 32 2784 672 900 724 29 20 0 51 0 3 1 85260 58264 25004 333208 0 0 5480 0 775 667 14 12 0 73 0 2 1 85424 60992 24048 331056 0 164 2544 220 1424 757 49 26 0 24 0 2 1 85716 61068 17348 328656 0 292 5808 292 1655 736 48 52 0 0 0 0 2 86628 61036 16476 320944 0 912 9024 912 1570 915 50 43 0 7 0 1 0 86628 54216 16476 324532 0 0 4120 0 1307 1313 85 14 0 1 0 2 1 86628 58068 16476 330960 0 0 5976 0 1173 670 77 15 0 8 0
Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 02:29:48 PM CPU %user %nice %system %iowait %steal %idle 02:29:49 PM all 7.07 0.00 9.09 0.00 0.00 83.84 02:29:50 PM all 8.00 0.00 4.00 0.00 0.00 88.00
Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 02:31:34 PM pgpgin/s pgpgout/s fault/s majflt/s pgfree/s pgscank/s pgscand/s pgsteal/s %vmeff 02:31:35 PM 0.00 0.00 661.62 0.00 34.34 0.00 0.00 0.00 0.00 02:31:36 PM 0.00 0.00 274.00 0.00 32.00 0.00 0.00 0.00 0.00 02:31:37 PM 0.00 0.00 233.67 0.00 43.88 0.00 0.00 0.00 0.00 Average: 0.00 0.00 389.90 0.00 36.70 0.00 0.00 0.00 0.00
SYNOPSIS
Record Mode - read data from live system and write to file or display on terminal collectl [-f file] [options] Playback Mode - read data from one or more raw data files and display on terminal collectl -p file1 [file2 ...] [options
[root@fedora collectl]# collectl -p fedora-20121209-000000.raw.gz --top --from 02:22 --thru 02:23
### RECORD 1 >>> fedora <<< (1354999980.002) (Sun Dec 9 02:23:00 2012) ### # TOP PROCESSES sorted by time (counters are /sec) 02:23:00 # PID User PR PPID THRD S VSZ RSS CP SysT UsrT Pct AccuTime RKB WKB MajF MinF Command 4918 fedora 20 4361 29 S 755M 243M 0 0.22 0.97 1 01:30:22 0 0 0 2 ./firefox 9394 root 20 1 0 R 17M 12M 0 0.07 0.55 1 17:28.32 0 0 0 0 /usr/bin/pe 1883 root 35 1 0 S 8M 5M 0 0.10 0.18 0 09:00.50 0 0 0 32 /usr/sbin/p 1867 root 20 1818 0 S 23M 10M 0 0.07 0.03 0 41:05.32 0 0 0 0 /usr/bin/X 18085 root 20 18084 0 S 11M 1M 0 0.04 0.04 0 01:38.62 0 0 0 0 wvdial 6282 root 20 2 0 S 0 0 0 0.02 0.00 0 00:00.05 0 0 0 0 kworker/0:0 1809 root 20 1 0 S 3M 1M 0 0.00 0.01 0 00:13.05 0 0 0 0 /usr/lib/sy 1831 dbus 20 1 0 S 3M 1M 0 0.00 0.01 0 00:20.80 0 0 0 0 /bin/dbus-d 1835 root 20 1 0 S 5M 892K 0 0.00 0.01 0 00:03.43 0 0 0 0 /usr/sbin/c 2607 root 20 1 63 S 20M 1M 0 0.00 0.01 0 00:07.89 0 0 0 0 /usr/sbin/c
[root@fedora collectl]# pwd
/var/log/collectl
Files under /var/log/collectl
[root@fedora collectl]# ls fedora-20121207-220643.raw.gz fedora-20121209-000000.raw.gz fedora-collectl-201212.log fedora-20121208-000000.raw.gz fedora-20121210-000000.raw.gz
Help
[root@fedora collectl]# collectl -x
This is the complete list of switches, more details in man page --align align on time boundary --all selects 'all' summary subsystems except slabs, which means NO detail or process data either note: the opposite of --all is -s-all -A, --address addr[:port[:time]] open a socket/port on addr with optional timeout OR run as a server with no timeout --comment string add the string to the end of the header -C, --config file use alternate collectl.conf file -c, --count count collect this number of samples and exit -d, --debug debug see source for details or try -d1 to get started -D, --daemon run as a daemon --extract file extract a subset of a raw file into another one -f, --filename file name of directory/file to write to -F, --flush seconds number of seconds between output buffer flushes --from time time from which to playback data, -thru optional [yyyymmdd:]hh:mm[:ss][-[yyyymmdd:]hh:mm[:ss]] --grep pattern print timestamped entries in raw file for each occurance of pattern -G, --group write process/slab data to separate, rawp file -h, --help print basic help --home move cursor to top before printing interval data --hr,--headerrepeat num repeat headers every 'num' lines, once or never --import file name of file(s) to use for data importation -i, --interval int[:pi:ei]] collection interval in seconds [defaults: interactive=1, daemon=10] pi is process interval [default=60] ei is environmental interval [default=300] --iosize include I/O sizes as appropriate in brief format -l, --limits limits override default exceptions name:val[-name:val] -m, --messages write messages to log file and/or terminal -N, --nice give yourself a 'nicer' priority --nohup do not exit if the process that started collectl exits --offsettime secs seconds by which to offset times during playback -o, --options misc formatting options, --showoptions for all -p, --playback file playback results from 'file' --passwd file use this instead if /etc/passwd for UID->name --pname name set process name to 'collectl-pname' -P, --plot generate output in 'plot' format --procanalyze analyze process data, generating prcs file --quiet do note echo warning messages on the terminal -r, --rolllogs time,d,m roll logs at 'time', retaining for 'd' days, every 'm' minutes [default: d=7,m=1440] --rawtoo when run with -P, this tell collectl to also create a raw log file as well --runas uid[:gui] collectl will change its uid/gid in daemon mode see man page for details -R, --runtime duration time to run in <number><units> format where unit is w,d,h,m,s --sep separator specify an alternate plot format separator --slabanalyze analyze slab data, generating slbs file --stats same as -oA -s, --subsys subsys record/playback data from one or more subsystems --showsubsys for details --sumstat same as --stats but only summary --thru time time thru which to playback data (see --from) --top [type][,num] show top 'num' processes sorted by type --showtopopts for details --tworaw synonym for -G and -group, which are now deprecated --umask mask set output file permissions mask (see man umask) --utime mask write diagnostic micro timestamps into raw file --verbose display output in verbose format (automatically selected when brief doesn't make sense) -w, --wide print wide field contents (don't use K/M/G) Synonyms --utc = -oU These are Alternate Display Formats --vmstat show output similar to vmstat Logging options --rawtoo used with -P, write raw data to a log as well --export name[,options] write data to an exported socket/file Various types of help -h, --help print this text -v, --version print version -V, --showdefs print operational defaults -x, --helpext extended help -X, --helpall shows all help concatenated together --showoptions show all the options --showsubopts show all substem specific options --showsubsys show all the subsystems --showtopopts show --top options --showheader show file header that 'would be' generated --showcolheaders show column headers that 'would be' generated --showslabaliases for SLUB allocator, show non-root aliases --showrootslabs same as --showslabaliases but use 'root' names --whatsnew show summary of recent version new features Copyright 2003-2012 Hewlett-Packard Development Company, L.P. collectl may be copied only under the terms of either the Artistic License or the GNU General Public License, which may be found in the source kit
script makes a typescript of everything printed on your terminal. It is useful for students who need a hardcopy record of an inter‐active session as proof of an assignment, as the typescript file can be printed out later.
Usage: script [options] [file] Options: -a, --append append the output -c, --command <command> run command rather than interactive shell -r, --return return exit code of the child process -f, --flush run flush after each write --force use output file even when it is a link -q, --quiet be quiet -t, --timing[=<file>] output timing data to stderr (or to FILE) -V, --version output version information and exit -h, --help display this help and exit
script -t 2> record.timing -a record.session
Example:
fedora@fedora ~> script -t 2> record.timing -a record.session Script started, file is record.session fedora@fedora ~> uptime 18:08:47 up 3 days, 4:43, 5 users, load average: 0.32, 0.25, 0.21 fedora@fedora ~> last |head fedora pts/7 Mon Dec 10 18:08 still logged in fedora pts/6 :0 Mon Dec 10 18:00 still logged in fedora pts/5 :0 Mon Dec 10 17:56 still logged in fedora pts/6 :0 Mon Dec 10 13:41 - 16:04 (02:22) fedora pts/5 :0 Mon Dec 10 08:26 - 16:04 (07:37) fedora pts/2 :0 Mon Dec 10 08:25 still logged in fedora pts/7 :0 Sun Dec 9 14:25 - 17:12 (02:46) fedora pts/6 :0 Sun Dec 9 13:32 - 17:11 (03:39) fedora pts/5 :0 Sun Dec 9 11:50 - 17:11 (05:20) fedora pts/2 :0 Sun Dec 9 11:33 - 17:12 (05:38) fedora@fedora ~> exit exit Script done, file is record.session fedora@fedora ~>
scriptreplay record.timing record.session
fedora@fedora ~> scriptreplay record.timing record.session fedora@fedora ~> uptime 18:08:47 up 3 days, 4:43, 5 users, load average: 0.32, 0.25, 0.21 fedora@fedora ~> last |head fedora pts/7 Mon Dec 10 18:08 still logged in fedora pts/6 :0 Mon Dec 10 18:00 still logged in fedora pts/5 :0 Mon Dec 10 17:56 still logged in fedora pts/6 :0 Mon Dec 10 13:41 - 16:04 (02:22) fedora pts/5 :0 Mon Dec 10 08:26 - 16:04 (07:37) fedora pts/2 :0 Mon Dec 10 08:25 still logged in fedora pts/7 :0 Sun Dec 9 14:25 - 17:12 (02:46) fedora pts/6 :0 Sun Dec 9 13:32 - 17:11 (03:39) fedora pts/5 :0 Sun Dec 9 11:50 - 17:11 (05:20) fedora pts/2 :0 Sun Dec 9 11:33 - 17:12 (05:38) fedora@fedora ~> exit
fedora@fedora ~> scriptreplay -h
Usage: scriptreplay [-t] timingfile [typescript] [divisor] Options: -t, --timing <file> script timing output file -s, --typescript <file> script terminal session output file -d, --divisor <num> speed up or slow down execution with time divisor -V, --version output version information and exit -h, --help display this help and exit
You can use apt-get to install these packages by running the following commands:
sudo apt-get install apache2 sudo apt-get install php5 sudo apt-get install php5-cli sudo apt-get install php5-cgi sudo apt-get install php5-mysql sudo apt-get install php5-pgsql sudo apt-get install libapache2-mod-php5 sudo apt-get install build-essential sudo apt-get install mysql-server sudo apt-get install mysql-doc-5.0
To recompile the Linux kernel, Upgrade to at *least* these software revisions before thinking you've encountered a bug! If you're unsure what version you're currently running, the suggested command should tell you.
Grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model.
It is licensed under the GPL. more details at Linux-Kernel-recompilation-with-GRSECURITY
The below example has the follwoing settings.
# Internet Interface INET_IFACE="ppp0" # Local Interface Information LOCAL_IFACE="eth0" LOCAL_IP="192.168.1.1" LOCAL_NET="192.168.1.0/24" LOCAL_BCAST="192.168.1.255"
More - iptables-linux-firewall-for-home-office-networks
If you want to receive email notifications for Nagios alerts, you need to install the mailx (Postfix) package.
sudo apt-get install mailx sudo apt-get install postfix
Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you'd like to use for receiving alerts. You'll have to edit the Nagios email notification commands found in /usr/local/nagios/etc/objects/commands.cfg and change any '/bin/mail' references to '/usr/bin/mail'. Once you do that you'll need to restart Nagios to make the configuration changes live.
Requirements-for-Nagios-Notifications
For a less simple partition structure:
/boot 60-100 meg swap 2 x memory /tmp 1 Gig. mount /tmp with noexec,nosuid in /etc/fstab / 6-10 Gig /var 8-20 gig. Emails, logs and databases stored here /usr 5-12 gig. source code /home rest of drive. Roughly 80% for user data. /home Mount with nosuid in /etc/fstab if possible.
Feel free to modify these numbers as needed. Note, if you plan on installing dovecot, all email data is stored under /home and not /var, so adjust as needed. Also FreeBSD store mysql databases in /home/mysql/. Please have Basic development/compiling tools such as gcc, g++, and perl.
More - LVM-Logical-Volume-Manager
Here downloaded file is postfix-2.6.5.tar.gz and the signature is postfix-2.6.5.tar.gz.sig
$ gpg --verify postfix-2.6.5.tar.gz.sig postfix-2.6.5.tar.gz gpg: Signature made Sat Aug 29 00:50:08 2009 UTC using RSA key ID C12BCD99 gpg: Good signature from "Wietse Venema <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: FF 96 4A 8C 96 88 7C 6E A4 EF AD BF 48 34 E1 BB
More - how-to-verify-signature-of-downloaded-source-file-with-gpg
ubuntu@mail:~$ man -k nmap nmap (1) - Network exploration tool and security / port scanner Nmap 4.53 ( http://insecure.org ) Usage: nmap [Scan Type(s)] [Options] {target specification}
More -namp-scan-techniques-host-discovery-version-detection-and-much-more
fedora@fedora ~> sudo nmap -sU 192.168.56.0-255 -p 67-68 Starting Nmap 6.01 ( http://nmap.org ) at 2012-12-31 07:47 IST Nmap scan report for 192.168.56.104 Host is up (0.00044s latency). PORT STATE SERVICE 67/udp closed dhcps 68/udp closed dhcpc Nmap done: 256 IP addresses (1 host up) scanned in 11.72 seconds fedora@fedora ~>
Example below add comment to all the virtual host conf file in apache.
perl -pi -e 's/Error/#Error/' virtual_host*.conf perl -pi -e 's/ssl=ON/ssl=OFF/' /usr/local/directadmin/data/users/*/domains/*.conf
http://mirrors.kernel.org/centos/5.4/os/i386/CentOS/
Kernel Recompile Example Steps
[root@delhi ~]# finger @finger.kernel.org The latest stable version of the Linux kernel is: 2.6.22.9 The latest prepatch for the stable Linux kernel tree is: 2.6.23-rc9 The latest snapshot for the stable Linux kernel tree is: 2.6.23-rc9-git2 The latest 2.4 version of the Linux kernel is: 2.4.35.3 The latest prepatch for the 2.4 Linux kernel tree is: 2.4.36-pre1 The latest 2.2 version of the Linux kernel is: 2.2.26 The latest prepatch for the 2.2 Linux kernel tree is: 2.2.27-rc2 The latest -mm patch to the stable Linux kernels is: 2.6.23-rc8-mm2 [root@delhi ~] #!/bin/bash cd /usr/src wget http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.19.2.tar.gz wget http://www.grsecurity.net/grsecurity-2.1.10-2.6.19.2-200701222307.patch.gz tar -xvzf linux-2.6.19.2.tar.gz gunzip < grsecurity-2.1.10-2.6.19.2-200701222307.patch.gz | patch -p0 mv linux-2.6.19.2 linux-2.6.19.2-grsec ln -s linux-2.6.19.2-grsec linux cd linux cp /boot/config-`uname -r` .config ls -al |grep .config sleep 10 make menuconfig sleep 10 make bzImage sleep 10 make modules sleep 10 make modules_install sleep 10 make install vi /boot/grub/grub.conf #!/bin/bash cd /usr/src wget http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.17.11.tar.bz2 wget http://grsecurity.org/grsecurity-2.1.9-2.6.17.11-200608282236.patch.gz tar -xjvf linux-2.6.17.11.tar.bz2 gunzip < grsecurity-2.1.9-2.6.17.11-200608282236.patch.gz | patch -p0 mv linux-2.6.17.11 linux-2.6.17.11-grsec ln -s linux-2.6.17.11-grsec linux cd linux cp /boot/config-`uname -r` .config ls -al |grep .config sleep 10 make menuconfig sleep 10 make bzImage sleep 10 make modules sleep 10 make modules_install sleep 10 make install