|
Softwares          |
Main /
LINUX
You must be the change you wish to see in the world. - Mahatma Gandhi
1 OS family Unix-like
2 Source model Free and open source software
3 Initial release 1991
4 Supported platforms Alpha, ARM, AVR32, Blackfin, C6x, ETRAX CRIS, FR-V, H8/300,
5 Hexagon, Itanium, M32R, m68k, Microblaze, MIPS, MN103,
6 OpenRISC, PA-RISC, PowerPC, s390, S+core, SuperH,
7 SPARC, TILE64, Unicore32, x86, Xtensa
8 Kernel type Monolithic
9 License "Linux" trademark owned by Linus Torvalds
and administered by the Linux Mark Institute)
10 HTTP https://www.kernel.org/pub/
11 FTP ftp://ftp.kernel.org/pub/
12 RSYNC rsync://rsync.kernel.org/pub/
13 URL http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.6.9.tar.bz2
Run LevelsRed Hat as well as most of its derivatives (such as CentOS) uses runlevels like this: ID Description ------------------- 0 Halt 1 Single user 2 Full multi-user with no networking 3 Full multi-user, console logins only 4 Not used/User definable 5 Full multi-user, with display manager as well as console logins 6 Reboot ServicesList of available services already configured chkconfig --list Make a service start for normal usage chkconfig httpd on If you have this init file listed in /etc/init.d/ you only need to run two commands to get it running at boot chkconfig --config myscript chkconfig myscript on Use chkconfig to configure the programs that will be started at boot in a runlevel. # chkconfig --list # List all init scripts # chkconfig --list sshd # Report the status of sshd # chkconfig sshd --level 35 on # Configure sshd for levels 3 and 5 # chkconfig sshd off # Disable sshd for all runlevels Hostname Change RHEL, CentOS, FedoraOpen the /etc/sysconfig/network file with your favorite text editor. Modify the HOSTNAME= value to match your FQDN host name. sudo nano /etc/sysconfig/network HOSTNAME=myserver.domain.com Change the host that is associated to your main IPaddress for your server. this is for internal networking (found at /etc/hosts): Restart Networking /etc/init.d/network restart General Package Installation Guidelines APT/Dpkg (Debian, Ubuntu)
Install package:
aptitude install PACKAGENAME
Reinstall package:
aptitude reinstall PACKAGENAME
Remove package (keep config files):
aptitude remove PACKAGENAME
Remove package and purge config files:
aptitude remove --purge PACKAGENAME
Update package list:
aptitude update
Upgrade system (security/bug fixes):
aptitude upgrade
Upgrade system to newest release (dangerous!):
aptitude dist-upgrade
Show info on an installed package:
aptitude show PACKAGENAME
Search package repositories:
aptitude search SEARCHSTRING
Yum/RPM (CentOS, Fedora, Red Hat)
Install package:
yum install PACKAGENAME
Remove package:
yum remove PACKAGENAME
Update package:
yum update PACKAGENAME
List available updates:
yum list updates
Update system:
yum update
Upgrade system to newest release (dangerous!):
yum upgrade
Show package:
yum list PACKAGENAME
Search package repositories:
yum search SEARCHSTRING
List package groups:
yum grouplist
Install package group:
yum groupinstall 'GROUP NAME'
Update package group:
yum groupupdate 'GROUP NAME'
Remove package group:
yum groupremove 'GROUP NAME'
Network Time Protocol SetupCheck whether the selected NTP server is accessible: [root@fedora ~]# ntpdate -q 0.rhel.pool.ntp.org server 204.9.136.253, stratum 2, offset -0.008663, delay 0.34778 server 169.229.70.201, stratum 2, offset -0.033543, delay 0.34413 server 184.22.183.130, stratum 2, offset -0.011112, delay 0.36876 server 108.61.73.244, stratum 2, offset -0.021635, delay 0.33836 9 Dec 16:25:18 ntpdate[22704]: adjust time server 108.61.73.244 offset -0.021635 sec Run the ntpdate command followed by one or more server addresses: [root@fedora ~]# ntpdate 0.rhel.pool.ntp.org 1.rhel.pool.ntp.org 9 Dec 16:26:41 ntpdate[22710]: adjust time server 108.61.73.244 offset -0.024647 sec Checking satus via systemctl command [root@fedora ~]# systemctl status ntpdate.service ntpdate.service - Set time via NTP Loaded: loaded (/usr/lib/systemd/system/ntpdate.service; disabled) Active: inactive (dead) CGroup: name=systemd:/system/ntpdate.service Starting service using systemctl. [root@fedora ~]# systemctl restart ntpdate.service Check Status after start [root@fedora ~]# systemctl status ntpdate.service ntpdate.service - Set time via NTP Loaded: loaded (/usr/lib/systemd/system/ntpdate.service; disabled) Active: active (exited) since Sun, 09 Dec 2012 16:34:41 +0530; 5s ago Process: 22774 ExecStart=/usr/libexec/ntpdate-wrapper (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/ntpdate.service Dec 09 16:34:41 fedora.example.com ntpdate[22780]: step time server 66.207.226.14 offset Enable [root@fedora ~]# systemctl enable ntpdate.service ln -s '/usr/lib/systemd/system/ntpdate.service' '/etc/systemd/system/multi-user.target.wants/ntpdate.service' systemctl - Control the systemd system and service managersystemctl [OPTIONS...] {COMMAND} ... [root@fedora ~]# systemctl show-environment SYSFONT=True PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin PWD=/ LANG=en_US.UTF-8 KEYTABLE=us SHLVL=0 BOOT_IMAGE=/vmlinuz-3.3.4-5.fc17.i686 [root@fedora ~]# man systemctl [root@fedora ~]# man systemd [root@fedora ~]# systemctl show Version=systemd 44 Distribution=fedora Features=+PAM +LIBWRAP +AUDIT +SELINUX +SYSVINIT +LIBCRYPTSETUP RunningAs=system InitRDTimestamp=Fri, 07 Dec 2012 13:25:01 +0530 InitRDTimestampMonotonic=2229913 StartupTimestamp=Fri, 07 Dec 2012 13:25:10 +0530 StartupTimestampMonotonic=10473483 FinishTimestamp=Fri, 07 Dec 2012 13:25:43 +0530 FinishTimestampMonotonic=44368055 LogLevel=info LogTarget=journal-or-kmsg NNames=260 NJobs=0 NInstalledJobs=123 NFailedJobs=0 Progress=1 Environment=SYSFONT=True PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin PWD=/ LANG=en_US.UTF-8 KEYTABLE=us SHLVL=0 BOOT_IMAGE=/vmlinuz- ConfirmSpawn=no ShowStatus=no UnitPath=/etc/systemd/system /usr/lib/systemd/system NotifySocket=/run/systemd/notify ControlGroupHierarchy=/system MountAuto=yes SwapAuto=yes DefaultControllers=cpu DefaultStandardOutput=journal DefaultStandardError=inherit SysVConsole=no SysVInitPath=/etc/rc.d/init.d SysVRcndPath=/etc/rc.d Unit Commands:
list-units List loaded units
start [NAME...] Start (activate) one or more units
stop [NAME...] Stop (deactivate) one or more units
reload [NAME...] Reload one or more units
restart [NAME...] Start or restart one or more units
try-restart [NAME...] Restart one or more units if active
reload-or-restart [NAME...] Reload one or more units is possible,
otherwise start or restart
reload-or-try-restart [NAME...] Reload one or more units is possible,
otherwise restart if active
isolate [NAME] Start one unit and stop all others
kill [NAME...] Send signal to processes of a unit
is-active [NAME...] Check whether units are active
status [NAME...|PID...] Show runtime status of one or more units
show [NAME...|JOB...] Show properties of one or more
units/jobs or the manager
reset-failed [NAME...] Reset failed state for all, one, or more
units
load [NAME...] Load one or more units
Unit File Commands:
list-unit-files List installed unit files
enable [NAME...] Enable one or more unit files
disable [NAME...] Disable one or more unit files
reenable [NAME...] Reenable one or more unit files
preset [NAME...] Enable/disable one or more unit files
based on preset configuration
mask [NAME...] Mask one or more units
unmask [NAME...] Unmask one or more units
link [PATH...] Link one or more units files into
the search path
is-enabled [NAME...] Check whether unit files are enabled
Job Commands: list-jobs List jobs cancel [JOB...] Cancel all, one, or more jobs Status Commands: dump Dump server status dot Dump dependency graph for dot(1) Snapshot Commands: snapshot [NAME] Create a snapshot delete [NAME...] Remove one or more snapshots Environment Commands: show-environment Dump environment set-environment [NAME=VALUE...] Set one or more environment variables unset-environment [NAME...] Unset one or more environment variables Manager Lifecycle Commands: daemon-reload Reload systemd manager configuration daemon-reexec Reexecute systemd manager System Commands: default Enter system default mode rescue Enter system rescue mode emergency Enter system emergency mode halt Shut down and halt the system poweroff Shut down and power-off the system reboot Shut down and reboot the system kexec Shut down and reboot the system with kexec exit Ask for user instance termination Running kernel and system information.root@fedora ~> uname -aLinux fedora.example.com 3.3.4-5.fc17.i686 #1 SMP Mon May 7 17:45:26 UTC 2012 i686 i686 i386 GNU/Linux root@fedora ~> lsb_release -aLSB Version: :core-4.1-ia32:core-4.1-noarch:cxx-4.1-ia32:cxx-4.1- noarch:desktop-4.1-ia32:desktop-4.1-noarch:languages-4.1-ia32: languages-4.1-noarch:printing-4.1-ia32:printing-4.1-noarch Distributor ID: Fedora Description: Fedora release 17 (Beefy Miracle) Release: 17 Codename: BeefyMiracle root@fedora ~> uptime16:30:53 up 1 day, 3:05, 4 users, load average: 0.39, 0.37, 0.32 root@fedora ~> hostnamefedora.example.com root@fedora ~> hostname -i127.0.0.1 root@fedora ~> hostname -dexample.com root@fedora ~> last reboot |headreboot system boot 3.3.4-5.fc17.i68 Fri Dec 7 13:25 - 16:32 (1+03:07) reboot system boot 3.3.4-5.fc17.i68 Wed Dec 5 14:57 - 16:32 (3+01:35) reboot system boot 3.3.4-5.fc17.i68 Sat Dec 1 20:52 - 01:33 (04:41) root@fedora ~> dmesg |tail[87261.920498] sd 0:0:0:0: [sda] Unhandled sense code [87261.920507] sd 0:0:0:0: [sda] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE root@fedora ~> cat /proc/meminforoot@fedora ~> cat /proc/cmdlineBOOT_IMAGE=/vmlinuz-3.3.4-5.fc17.i686 root=/dev/mapper/vg-lv_root ro rd.md=0 rd.dm=0 KEYTABLE=us SYSFONT=True rd.lvm.lv=vg/lv_root rd.luks=0 rd.lvm.lv=vg/lv_swap LANG=en_US.UTF-8 rhgb quiet USB Devices - lsusb - list USB devices:
root@fedora ~> lsusb -tv
/: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=uhci_hcd/2p, 12M
|__ Port 1: Dev 7, If 0, Class=vend., Driver=option, 12M
|__ Port 1: Dev 7, If 1, Class=vend., Driver=option, 12M
|__ Port 1: Dev 7, If 2, Class=vend., Driver=option, 12M
|__ Port 1: Dev 7, If 3, Class=vend., Driver=option, 12M
|__ Port 1: Dev 7, If 4, Class=vend., Driver=option, 12M
|__ Port 1: Dev 7, If 5, Class=stor., Driver=usb-storage, 12M
dmidecode is a tool for dumping a computer's DMI (some say SMBIOS)root@fedora ~> dmidecode |grep -i Vendor Vendor: Dell Computer Corporation root@fedora ~> Network ManagementTemporary IP Address AssignmentTo temporarily configure an IP address, you can use the ifconfig command in the following manner. Just modify the IP address and subnet mask to match your network requirements. sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0 [root@fedora ~]# ifconfig -a em1
em1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.56.104 netmask 255.255.255.0 broadcast 192.168.56.255
ether 00:08:74:22:5c:61 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 11 base 0x2c00
To configure a default gateway, you can use the route command in the following manner. Modify the default gateway address to match your network requirements. sudo route add default gw 10.0.0.1 eth0 If you no longer need this configuration and wish to purge all IP configuration from an interface, you can use the ip command with the flush option as shown below. ip addr flush eth0 Static IP Configuration on RHEL, Fedora, CentOS Linux1. Edit /etc/sysconfig/network, add network gateway and hostname 2. Edit /etc/sysconfig/network-scripts/ifcfg-eth0 3. Example interface which is autoconfigured using Graphic Tools fedora@fedora ~> cat /etc/sysconfig/network-scripts/ifcfg-Auto_Ethernet TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no NAME="Auto Ethernet" UUID=d36649d6-b53a-4cf6-9c1f-20b7e7f72a2e ONBOOT=yes IPADDR0=192.168.56.104 PREFIX0=24 DNS1=8.8.8.8 HWADDR=00:08:74:22:5C:61 IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_PRIVACY=rfc3041 fedora@fedora ~> 4. Manually adding IP address DEVICE=eth0 BOOTPROTO=static HWADDR=00:08:74:22:5C:61 IPADDR=192.168.56.104 NETMASK=255.255.255.0 ONBOOT=yes 5. Edit /etc/resolv.conf and setup DNS servers fedora@fedora ~> cat /etc/resolv.conf #Google DNS nameserver 8.8.8.8 nameserver 8.8.4.4 #OpenDNS nameserver 208.67.222.222 nameserver 208.67.220.220 #Reliance DNS nameserver 220.226.6.104 nameserver 220.226.100.40 # 6. Restart network - /etc/init.d/network restart 7. For ubuntu - Edit /etc/network/interfaces Static IP Address Assignment in UbuntuOpen - /etc/network/interfaces auto eth0 iface eth0 inet static address 10.0.0.100 netmask 255.255.255.0 gateway 10.0.0.1 DNS Client ConfigurationTo configure your system to use DNS for name resolution, add the IP addresses of the DNS servers that are appropriate for your network in the file /etc/resolv.conf. You can also add an optional DNS suffix search-lists to match your network domain names. Below is an example of a typical configuration of /etc/resolv.conf for a server on the domain "example.com" and using two public DNS servers. search example.com nameserver 8.8.8.8 nameserver 8.8.4.4 Name Service Switch ConfigurationThe order in which your system selects a method of resolving hostnames to IP addresses is controlled by the Name Service Switch (NSS) configuration file /etc/nsswitch.conf. As mentioned in the previous section, typically static hostnames defined in the systems /etc/hosts file have precedence over names resolved from DNS. The following is an example of the line responsible for this order of hostname lookups in the file /etc/nsswitch.conf. hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 BridgingBefore configuring a bridge you will need to install the bridge-utils package. To install the package, in a terminal enter: sudo apt-get install bridge-utils Next, configure the bridge by editing /etc/network/interfaces:
auto lo
iface lo inet loopback
auto br0
iface br0 inet static
address 192.168.0.10
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
sudo /etc/init.d/networking restartBonding on CentOSIn the modprobe.conf file add the following:alias bond0 bonding options bond0 miimon=80 mode=5 Be sure to add this before any of the network aliasesmodes: mode=0 (Balance Round Robin) mode=1 (Active backup) mode=2 (Balance XOR) mode=3 (Broadcast) mode=4 (802.3ad) mode=5 (Balance TLB) mode=6 (Balance ALB) In the /etc/sysconfig/network-scripts/ directory create ifcfg-bond0DEVICE=bond0 IPADDR=<ip address> NETMASK= NETWORK= BROADCAST= GATEWAY= ONBOOT=yes BOOTPROTO=none USERCTL=no Change the ifcfg-eth0 to:DEVICE=eth0 ONBOOT=yes BOOTPROTO=none USERCTL=no MASTER=bond0 SLAVE=yes Check the status of the bond.cat /proc/net/bonding/bond0 You can use multiple bond interface but for that you must load the bonding module as many as you need. Presuming that you want two bond interface you must configure the /etc/modules.conf as follow: alias bond0 bonding options bond0 -o bond0 mode=0 miimon=100 alias bond1 bonding options bond1 -o bond1 mode=1 miimon=100 Network Settingsethtool - query or control network driver and hardware settingsroot@fedora /opt> ethtool em1 Settings for em1: Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supported pause frame use: No Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Advertised pause frame use: Symmetric Advertised auto-negotiation: Yes Speed: 10Mb/s Duplex: Half Port: MII PHYAD: 24 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: d Current message level: 0x00000001 (1) drv Link detected: no root@fedora /opt> ip - show / manipulate routing, devices, policy routing and tunnelsroot@fedora /opt> ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: em1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state
DOWN mode DEFAULT qlen 1000
link/ether 00:08:74:22:5c:61 brd ff:ff:ff:ff:ff:ff
8: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast state UNKNOWN mode DEFAULT qlen 3 link/ppp
root@fedora /opt>
netstat Print network connections, routing tables, interface statistics,masquerade connections, and multicast memberships root@fedora ~> netstat -an | grep LISTENtcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:52769 0.0.0.0:* LISTEN tcp6 0 0 :::45423 :::* LISTEN tcp6 0 0 :::111 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN Help on netstat
netstat -h
usage: netstat [-vWeenNcCF] [<Af>] -r netstat {-V|--version|-h|--help}
netstat [-vWnNcaeol] [<Socket> ...]
netstat { [-vWeenNac] -I[<Iface>] | [-veenNac] -i | [-cnNe] -M | -s [-6tuw] } [delay]
-r, --route display routing table
-I, --interfaces=<Iface> display interface table for <Iface>
-i, --interfaces display interface table
-g, --groups display multicast group memberships
-s, --statistics display networking statistics (like SNMP)
-M, --masquerade display masqueraded connections
-v, --verbose be verbose
-W, --wide don't truncate IP addresses
-n, --numeric don't resolve names
--numeric-hosts don't resolve host names
--numeric-ports don't resolve port names
--numeric-users don't resolve user names
-N, --symbolic resolve hardware names
-e, --extend display other/more information
-p, --programs display PID/Program name for sockets
-c, --continuous continuous listing
-l, --listening display listening server sockets
-a, --all, --listening display all sockets (default: connected)
-o, --timers display timers
-F, --fib display Forwarding Information Base (default)
-C, --cache display routing cache instead of FIB
-Z, --context display SELinux security context for sockets
netstat -rnroot@fedora ~> netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 169.204.0.0 0.0.0.0 255.255.0.0 U 0 0 0 em1 192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 em1 192.168.141.145 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 root@fedora ~> root@fedora ~> netstat -tuplActive Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:sunrpc *:* LISTEN 2584/rpcbind tcp 0 0 *:ssh *:* LISTEN 5046/sshd tcp 0 0 *:52769 *:* LISTEN 2594/rpc.statd tcp6 0 0 [::]:45423 [::]:* LISTEN 2594/rpc.statd tcp6 0 0 [::]:sunrpc [::]:* LISTEN 2584/rpcbind tcp6 0 0 [::]:ssh [::]:* LISTEN 5046/sshd udp 0 0 *:sunrpc *:* 2584/rpcbind udp 0 0 *:ntp *:* 1858/chronyd udp 0 0 *:msdp *:* 2584/rpcbind udp 0 0 fedora.example.com:obex *:* 2594/rpc.statd udp 0 0 *:44725 *:* 2594/rpc.statd udp 0 0 *:57569 *:* 1802/avahi-daemon: udp 0 0 *:mdns *:* 1802/avahi-daemon: udp 0 0 *:323 *:* 1858/chronyd udp6 0 0 [::]:sunrpc [::]:* 2584/rpcbind udp6 0 0 [::]:ntp [::]:* 1858/chronyd udp6 0 0 [::]:msdp [::]:* 2584/rpcbind udp6 0 0 [::]:323 [::]:* 1858/chronyd udp6 0 0 [::]:50517 [::]:* 2594/rpc.statd root@fedora ~> route - show / manipulate the IP routing tableroot@fedora ~> route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 em1 192.168.51.0 0.0.0.0 255.255.255.0 U 0 0 0 em1 120.124.141.145 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 root@fedora ~> EXAMPLESroute add -net 127.0.0.0 netmask 255.0.0.0 dev loAdds the normal loopback entry, using netmask 255.0.0.0 and associated with the "lo" device (assuming this device was previously set up correctly with ifconfig(8)). route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0adds a route to the local network 192.56.76.x via "eth0". The word "dev" can be omitted here. route del defaultdeletes the current default route, which is labeled "default" or 0.0.0.0 in the destination field of the current routing table. route add default gw mango-gwAdds a default route (which will be used if no other route matches). All packets using this route will be gatewayed through "mango-gw". The device which will actually be used for that route depends on how we can reach "mango-gw" - the static route to "mango-gw" will have to be set up before. route add ipx4 sl0Adds the route to the "ipx4" host via the SLIP interface (assuming that "ipx4" is the SLIP host). route add -net 192.57.66.0 netmask 255.255.255.0 gw ipx4This command adds the net "192.57.66.x" to be gatewayed through the former route to the SLIP interface. route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0This is an obscure one documented so people know how to do it. This sets all of the class D (multicast) IP routes to go via "eth0". This is the correct normal configuration line with a multicasting kernel. route add -net 10.0.0.0 netmask 255.0.0.0 rejectThis installs a rejecting route for the private network "10.x.x.x." # route add -net 192.168.50.0 netmask 255.255.255.0 gw 192.168.56.1 # ip route add 192.168.56.0/24 via 192.168.56.1 # same as above with ip route # route add -net 192.168.56.1 netmask 255.255.255.0 dev eth0 # route add default gw 192.168.56.1 Search & Install using yumroot@fedora ~> yum search dmidecodedmidecode.i686 : Tool to analyse BIOS DMI data python-dmidecode.i686 : Python module to access DMI data root@fedora ~> yum -y install dmidecodeResolving Dependencies --> Running transaction check ---> Package dmidecode.i686 1:2.11-8.fc17 will be installed Installed: dmidecode.i686 Complete! Usage: yum [options] COMMANDList of Commands: check Check for problems in the rpmdb check-update Check for available package updates clean Remove cached data deplist List a package's dependencies distribution-synchronization Synchronize installed packages to the latest available versions downgrade downgrade a package erase Remove a package or packages from your system groups Display, or use, the groups information help Display a helpful usage message history Display, or use, the transaction history info Display details about a package or group of packages install Install a package or packages on your system list List a package or groups of packages load-transaction load a saved transaction from filename makecache Generate the metadata cache provides Find what package provides the given value reinstall reinstall a package repolist Display the configured software repositories search Search package details for the given string shell Run an interactive yum shell update Update a package or packages on your system upgrade Update packages taking obsoletes into account version Display a version for the machine and/or available repos. Firewall iptables v1.4.12.2Lists your current rules in iptables.iptables -L Allowing Established Sessionsiptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT Allowing Incoming Traffic on Specific Portsiptables -A INPUT -p tcp --dport ssh -j ACCEPT Allow all incoming web traffic.iptables -A INPUT -p tcp --dport 80 -j ACCEPT Blocking Traffic.iptables -A INPUT -j DROP Insert it as the first ruleiptables -I INPUT 1 -i lo -j ACCEPT Loggingiptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 Saving iptablesTo save the configuration, you can use iptables-save and iptables-restore. iptables-save > /etc/iptables.rules iptables-restore < /etc/iptables.rules Disabling the firewalliptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT Examples:allow 2 telnet connections per client hostiptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-above 2 -j REJECT you can also match the other way around:iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-upto 2 -j ACCEPT limit the number of parallel HTTP requests to 16 per class C sized source network(24 bit netmask) iptables -p tcp --syn --dport 80 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j REJECT limit the number of parallel HTTP requests to 16 for the link local network(ipv6) ip6tables -p tcp --syn --dport 80 -s fe80::/64 -m connlimit --connlimit-above 16 --connlimit-mask 64 -j REJECT Limit the number of connections to a particular host:ip6tables -p tcp --syn --dport 49152:65535 -d 2001:db8::1 -m connlimit --connlimit-above 100 -j REJECT
Usage: iptables -[ACD] chain rule-specification [options]
iptables -I chain [rulenum] rule-specification [options]
iptables -R chain rulenum rule-specification [options]
iptables -D chain rulenum [options]
iptables -[LS] [chain [rulenum]] [options]
iptables -[FZ] [chain] [options]
iptables -[NX] chain
iptables -E old-chain-name new-chain-name
iptables -P chain target [options]
iptables -h (print this help information)
Commands:
Either long or short options are allowed.
--append -A chain Append to chain
--check -C chain Check for the existence of a rule
--delete -D chain Delete matching rule from chain
--delete -D chain rulenum Delete rule rulenum (1 = first) from chain
--insert -I chain [rulenum] Insert in chain as rulenum (default 1=first)
--replace -R chain rulenum Replace rule rulenum (1 = first) in chain
--list -L [chain [rulenum]] List the rules in a chain or all chains
--list-rules -S [chain [rulenum]] Print the rules in a chain or all chains
--flush -F [chain] Delete all rules in chain or all chains
--zero -Z [chain [rulenum]] Zero counters in chain or all chains
--new -N chain Create a new user-defined chain
--delete-chain -X [chain] Delete a user-defined chain
--policy -P chain target Change policy on chain to target
--rename-chain -E old-chain new-chain Change chain name, (moving any references)
Options:
--ipv4 -4 Nothing (line is ignored by ip6tables-restore)
--ipv6 -6 Error (line is ignored by iptables-restore)
[!] --proto -p proto protocol: by number or name, eg. `tcp'
[!] --source -s address[/mask][...] source specification
[!] --destination -d address[/mask][...] destination specification
[!] --in-interface -i input name[+] network interface name ([+] for wildcard)
--jump -j target target for rule (may load target extension)
--goto -g chain jump to chain with no return
--match -m match extended match (may load extension)
--numeric -n numeric output of addresses and ports
[!] --out-interface -o output name[+] network interface name ([+] for wildcard)
--table -t table table to manipulate (default: `filter')
--verbose -v verbose mode
--line-numbers print line numbers when listing
--exact -x expand numbers (display exact values)
[!] --fragment -f match second or further fragments only
--modprobe=<command> try to insert modules using this command
--set-counters PKTS BYTES set the counter during insert/append
[!] --version -V print package version.
Analysis of Netowrk using tcpdump version 4.2.1 libpcap version 1.2.1Usage: tcpdump [-aAbdDefhHIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ] [ -i interface ] [ -j tstamptype ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z command ] [ -Z user ] [ expression ] root@fedora ~> tcpdump -vvtcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes 19:20:30.346592 IP (tos 0x0, ttl 64, id 17265, offset 0, flags [DF], proto UDP (17), length 60) root@fedora ~> tcpdump -D1.ppp0 2.nflog (Linux netfilter log (NFLOG) interface) 3.em1 4.usbmon1 (USB bus number 1) 5.any (Pseudo-device that captures on all interfaces) 6.lo root@fedora ~> root@fedora ~> tcpdump -vv -i lo port 22tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes 19:26:25.420823 IP (tos 0x0, ttl 64, id 6860, offset 0, flags [DF], proto TCP (6), length 100) EXAMPLESTo print all packets arriving at or departing from sundown:tcpdump host sundown To print traffic between helios and either hot or ace:tcpdump host helios and \( hot or ace \) To print all IP packets between ace and any host except helios:tcpdump ip host ace and not helios To print all traffic between local hosts and hosts at Berkeley:tcpdump net ucb-ether To print all ftp traffic through internet gateway snup:(note that the expression is quoted to prevent the shell from (mis-)inter‐preting the parentheses): tcpdump 'gateway snup and (port ftp or ftp-data)' To print traffic neither sourced from nor destined for local hosts(if you gateway to one other net, this stuff should never make itonto your local net). tcpdump ip and not net localnet To print the start and end packets (the SYN and FIN packets) of each TCPconversation that involves a non-local host. tcpdump 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet' To print all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not,for example, SYN and FIN packets and ACK-only packets. (IPv6 is left as an exercise for the reader.) tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' To print IP packets longer than 576 bytes sent through gateway snup:tcpdump 'gateway snup and ip[2:2] > 576' To print IP broadcast or multicast packets that were not sent via Ethernet broadcast or multicast:tcpdump 'ether[0] & 1 = 0 and ip[16] >= 224' To print all ICMP packets that are not echo requests/replies (i.e., not ping packets):tcpdump 'icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply' Nmap 6.01 ( http://nmap.org )Usage: nmap [Scan Type(s)] [Options] {target specification}EXAMPLES:nmap -v -A scanme.nmap.org nmap -v -sn 192.168.0.0/16 10.0.0.0/8 nmap -v -iR 10000 -Pn -p 80 TARGET SPECIFICATION:Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 -iL <inputfilename>: Input from list of hosts/networks -iR <num hosts>: Choose random targets --exclude <host1[,host2][,host3],...>: Exclude hosts/networks --excludefile <exclude_file>: Exclude list from file HOST DISCOVERY:-sL: List Scan - simply list targets to scan -sn: Ping Scan - disable port scan -Pn: Treat all hosts as online -- skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] --dns-servers <serv1[,serv2],...>: Specify custom DNS servers --system-dns: Use OS's DNS resolver --traceroute: Trace hop path to each host SCAN TECHNIQUES:-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans --scanflags <flags>: Customize TCP scan flags -sI <zombie host[:probeport]>: Idle scan -sY/sZ: SCTP INIT/COOKIE-ECHO scans -sO: IP protocol scan -b <FTP relay host>: FTP bounce scan PORT SPECIFICATION AND SCAN ORDER:-p <port ranges>: Only scan specified ports Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9 -F: Fast mode - Scan fewer ports than the default scan -r: Scan ports consecutively - don't randomize --top-ports <number>: Scan <number> most common ports --port-ratio <ratio>: Scan ports more common than <ratio> SERVICE/VERSION DETECTION:-sV: Probe open ports to determine service/version info --version-intensity <level>: Set from 0 (light) to 9 (try all probes) --version-light: Limit to most likely probes (intensity 2) --version-all: Try every single probe (intensity 9) --version-trace: Show detailed version scan activity (for debugging) SCRIPT SCAN:
-sC: equivalent to --script=default
--script=<Lua scripts>: <Lua scripts> is a comma separated list of
directories, script-files or script-categories
--script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts
--script-args-file=filename: provide NSE script args in a file
--script-trace: Show all data sent and received
--script-updatedb: Update the script database.
--script-help=<Lua scripts>: Show help about scripts.
<Lua scripts> is a comma separted list of script-files or
script-categories.
OS DETECTION:-O: Enable OS detection --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively TIMING AND PERFORMANCE:
Options which take <time> are in seconds, or append 'ms' (milliseconds),
's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
-T<0-5>: Set timing template (higher is faster)
--min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
--min-parallelism/max-parallelism <numprobes>: Probe parallelization
--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies
probe round trip time.
--max-retries <tries>: Caps number of port scan probe retransmissions.
--host-timeout <time>: Give up on target after this long
--scan-delay/--max-scan-delay <time>: Adjust delay between probes
--min-rate <number>: Send packets no slower than <number> per second
--max-rate <number>: Send packets no faster than <number> per second
FIREWALL/IDS EVASION AND SPOOFING:-f; --mtu <val>: fragment packets (optionally w/given MTU) -D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys -S <IP_Address>: Spoof source address -e <iface>: Use specified interface -g/--source-port <portnum>: Use given port number --data-length <num>: Append random data to sent packets --ip-options <options>: Send packets with specified ip options --ttl <val>: Set IP time-to-live field --spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address --badsum: Send packets with a bogus TCP/UDP/SCTP checksum OUTPUT:
-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
and Grepable format, respectively, to the given filename.
-oA <basename>: Output in the three major formats at once
-v: Increase verbosity level (use -vv or more for greater effect)
-d: Increase debugging level (use -dd or more for greater effect)
--reason: Display the reason a port is in a particular state
--open: Only show open (or possibly open) ports
--packet-trace: Show all packets sent and received
--iflist: Print host interfaces and routes (for debugging)
--log-errors: Log errors/warnings to the normal-format output file
--append-output: Append to rather than clobber specified output files
--resume <filename>: Resume an aborted scan
--stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML
--webxml: Reference stylesheet from Nmap.Org for more portable XML
--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:-6: Enable IPv6 scanning -A: Enable OS detection, version detection, script scanning, and traceroute --datadir <dirname>: Specify custom Nmap data file location --send-eth/--send-ip: Send using raw ethernet frames or IP packets --privileged: Assume that the user is fully privileged --unprivileged: Assume the user lacks raw socket privileges -V: Print version number -h: Print this help summary page. SEE THE MAN PAGE (http://nmap.org/book/man.html) FOR MORE OPTIONS AND EXAMPLES Fixing file system using fsck from util-linux 2.21.1Usage: fsck.ext4 [-panyrcdfvtDFV] [-b superblock] [-B blocksize] [-I inode_buffer_blocks] [-P process_inode_size] [-l|-L bad_blocks_file] [-C fd] [-j external_journal] [-E extended-options] device Emergency help:-p Automatic repair (no questions) -n Make no changes to the filesystem -y Assume "yes" to all questions -c Check for bad blocks and add them to the badblock list -f Force checking even if filesystem is marked clean -v Be verbose -b superblock Use alternative superblock -B blocksize Force blocksize when looking for superblock -j external_journal Set location of the external journal -l bad_blocks_file Add to badblocks list -L bad_blocks_file Set badblocks list -N Don't execute, just show what would be done. root@fedora ~> fsck -Nfsck from util-linux 2.21.1 [/sbin/fsck.ext4 (1) -- /] fsck.ext4 /dev/mapper/vg-lv_root [/sbin/fsck.ext4 (1) -- /boot] fsck.ext4 /dev/sda1 The exit code returned by fsck is the sum of the following conditions:
0 No errors
1 Filesystem errors corrected
2 System should be rebooted
4 Filesystem errors left uncorrected
8 Operational error
16 Usage or syntax error
32 Fsck canceled by user request
128 Shared-library error
root@fedora ~> fsckfsck from util-linux 2.21.1 e2fsck 1.42 (29-Nov-2011) /dev/mapper/vg-lv_root is mounted. WARNING!!! The filesystem is mounted. If you continue you ***WILL*** cause ***SEVERE*** filesystem damage. Do you really want to continue<n>? no check aborted. e2fsck 1.42 (29-Nov-2011) /dev/sda1 is mounted. WARNING!!! The filesystem is mounted. If you continue you ***WILL*** cause ***SEVERE*** filesystem damage. Do you really want to continue<n>? no check aborted. root@fedora ~> fsck -nfsck from util-linux 2.21.1 e2fsck 1.42 (29-Nov-2011) Warning! /dev/mapper/vg-lv_root is mounted. Warning: skipping journal recovery because doing a read-only filesystem check. _Fedora-17-i686-: clean, 148243/2318336 files, 6288023/9248768 blocks e2fsck 1.42 (29-Nov-2011) Warning! /dev/sda1 is mounted. Warning: skipping journal recovery because doing a read-only filesystem check. /dev/sda1: clean, 343/128016 files, 62514/512000 blocks root@fedora ~> Performance monitoring using ps - report a snapshot of the current processes.
KEY LONG DESCRIPTION
c cmd simple name of executable
C pcpu cpu utilization
f flags flags as in long format F field
g pgrp process group ID
G tpgid controlling tty process group ID
j cutime cumulative user time
J cstime cumulative system time
k utime user time
m min_flt number of minor page faults
M maj_flt number of major page faults
n cmin_flt cumulative minor page faults
N cmaj_flt cumulative major page faults
o session session ID
p pid process ID
P ppid parent process ID
r rss resident set size
R resident resident pages
s size memory size in kilobytes
S share amount of shared pages
t tty the device number of the controlling tty
T start_time time process was started
U uid user ID number
u user user name
v vsize total VM size in kB
y priority kernel scheduling priority
CODE NORMAL HEADER
%C pcpu %CPU
%G group GROUP
%P ppid PPID
%U user USER
%a args COMMAND
%c comm COMMAND
%g rgroup RGROUP
%n nice NI
%p pid PID
%r pgid PGID
%t etime ELAPSED
%u ruser RUSER
%x time TIME
%y tty TTY
%z vsz VSZ
Display the top ten running processes - sorted by cpu usage.[root@fedora ~]# ps aucx | sort -nuk +3 | tailUSER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 18085 0.1 0.1 12244 1520 pts/0 S Dec08 2:15 wvdial root 1883 0.4 0.7 8580 5532 ? SNs Dec07 11:15 preload root 9394 1.0 1.6 18292 12440 ? Ss Dec07 23:11 collectl root 1867 1.5 1.4 24704 10912 tty1 Rs+ Dec07 43:16 X fedora 4918 3.5 33.4 771768 256556 pts/1 Sl+ Dec07 98:47 firefox -o format Specify user-defined format. Identical to -o and --format.# ps -eo user,etime,pid,pcpu,pmem,comm,size,vsize,start_time,maj_flt,min_flt,tty,ppid|grep -v '0.0'USER ELAPSED PID %CPU %MEM COMMAND SZ VSZ START MAJFL MINFL TT PPID root 1-22:34:07 1867 1.5 1.4 X 8496 24704 Dec07 57 3656177 tty1 1818 root 1-22:34:07 1883 0.4 0.7 preload 5096 8580 Dec07 2 642119 ? 1 root 1-13:52:58 9394 1.0 1.6 collectl 11516 18292 Dec07 14 1224 ? 1 root 1-05:16:22 18085 0.1 0.1 wvdial 2648 12244 Dec08 16 800 pts/0 18084 fedora 37:06 18334 0.8 2.6 KKvirtualrooms 51672 81748 11:22 152 10771 pts/1 1 root 08:44 18820 0.1 0.3 bash 1108 6120 11:50 0 3636 pts/5 18817 fedora 17:25:59 23824 0.1 2.8 gedit 32256 79232 Dec08 75 5250 ? 2676 [root@fedora ~]# ps v|headPID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 1867 tty1 Rs+ 44:56 57 1892 36111 11044 1.4 /usr/bin/X -background none :0 3729 pts/0 S 0:00 0 27 6160 1420 0.1 su - 3860 pts/0 S+ 0:00 13 855 5380 1584 0.2 -bash 3928 pts/0 S 0:00 0 855 4416 468 0.0 sh reliacne.sh 5462 pts/3 Ss+ 0:00 0 855 5392 2280 0.2 /bin/bash 5512 pts/4 Ss 0:00 1 855 5392 1720 0.2 /bin/bash 7871 pts/4 S 0:00 4 69 8694 1700 0.2 sudo su - fedora 7872 pts/4 S 0:00 2 27 6160 1724 0.2 su - fedora 18084 pts/0 S 0:00 6 69 8694 1728 0.2 sudo wvdial reliance [root@fedora ~]# ps u |headUSER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1867 1.6 1.4 24704 11044 tty1 Rs+ Dec07 44:59 /usr/bin/X -background none : root 3729 0.0 0.1 6188 1420 pts/0 S Dec07 0:00 su - root 3860 0.0 0.2 6236 1584 pts/0 S+ Dec07 0:00 -bash root 3928 0.0 0.0 5272 468 pts/0 S Dec07 0:00 sh reliacne.sh root 5462 0.0 0.2 6248 2280 pts/3 Ss+ Dec07 0:00 /bin/bash root 5512 0.0 0.2 6248 1720 pts/4 Ss Dec07 0:00 /bin/bash root 7871 0.0 0.2 8764 1700 pts/4 S Dec07 0:00 sudo su - fedora root 7872 0.0 0.2 6188 1724 pts/4 S Dec07 0:00 su - fedora root 18084 0.0 0.2 8764 1728 pts/0 S Dec08 0:00 sudo wvdial reliance If RSS (resident set size, in KB) increases over time (so would %MEM),it may indicate a memory leak in the application. [root@fedora ~]# ps aux --sort pmem|grep -v 0.0USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1867 1.6 1.4 24704 11044 tty1 Rs+ Dec07 45:35 /usr/bin/X -background none :0 root 1883 0.4 0.7 8580 5532 ? SNs Dec07 11:22 /usr/sbin/preload --verbose 1 fedora 4918 3.5 29.7 779648 227920 pts/1 Sl+ Dec07 100:33 ./firefox root 9394 1.0 1.6 18292 12440 ? Ss Dec07 23:33 /usr/bin/perl -w /usr/bin/collectl root 18085 0.1 0.1 12244 1520 pts/0 S Dec08 2:19 wvdial reliance fedora 23824 0.1 2.8 79232 22016 ? Sl Dec08 1:19 gedit [root@fedora ~]# ps ev --pid=4918PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 4918 pts/1 Sl+ 100:33 1100 88 779559 227920 29.7 ./firefox XDG_VTNR=1 XDG_SESSION_ID=1 HOSTNAME=fedora.example.com IMSETTINGS_INTEGRA [root@fedora ~]# ps ev --pid=4918 PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 4918 pts/1 Sl+ 100:33 1100 88 779559 227920 29.7 ./firefox XDG_VTNR=1 XDG_SESSION_ID=1 HOSTNAME=fedora.example.com IMSETTINGS_INTEGRA If runnable threads (r column) divided by the number of CPUs is greater than 1,there may be a CPU bottleneck.If us+sy is close to 100%, then there may be a CPU bottleneck[root@fedora ~]# vmstat -a 2 5procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free inact active si so bi bo in cs us sy id wa st 0 0 63380 87552 333004 285372 0 0 10 14 163 173 6 1 91 1 0 0 0 63380 79616 341456 285380 0 0 0 0 214 155 6 6 88 0 0 0 0 63380 79368 341620 285416 0 0 0 0 222 155 6 8 86 0 0 0 0 63380 79368 341620 285428 0 0 0 0 399 249 6 9 85 0 0 1 0 63380 78980 341760 285432 0 0 0 0 668 304 19 14 68 0 0 RAM memory usage information[root@fedora ~]# ps v -A|sort -nrk 8|headPID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 4918 pts/1 Sl+ 102:47 1112 88 798795 237076 30.8 ./firefox 23824 ? Sl 1:31 80 656 78575 22016 2.8 gedit 3521 ? Sl 1:52 109 44 58019 13812 1.7 lxterminal 1867 tty1 Ss+ 47:46 59 1892 67855 11052 1.4 /usr/bin/X -background none :0 9394 ? Ss 23:47 14 3 18288 10052 1.3 /usr/bin/perl -w /usr/bin/collectl 2676 ? Ss 0:41 90 328 21731 8972 1.1 /usr/bin/openbox --startup /usr/ 20629 ? Ssl 1:06 25 231 44896 7676 1.0 /usr/lib/udisks2/udisksd --no-debug 2885 ? Sl 0:00 56 16 50675 6688 0.8 abrt-applet 1883 ? SNs 11:28 2 39 8540 5532 0.7 /usr/sbin/preload --verbose 1 sar - Collect, report, or save system activity information.Usage: sar [ options ] [ <interval> [ <count> ] ] Main options and reports: -b I/O and transfer rate statistics -B Paging statistics -d Block device statistics -H Hugepages utilization statistics -q Queue length and load average statistics -r Memory utilization statistics -R Memory statistics -S Swap space utilization statistics -u [ ALL ] CPU utilization statistics -v Kernel table statistics -w Task creation and system switching statistics -W Swapping statistics -y TTY device statistics [root@fedora ~]# sar -B 5 5Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 12:44:44 PM pgpgin/s pgpgout/s fault/s majflt/s pgfree/s pgscank/s pgscand/s pgsteal/s %vmeff 12:44:49 PM 0.00 10.53 99.60 0.00 304.05 0.00 0.00 0.00 0.00 12:44:54 PM 0.00 51.51 430.38 0.00 858.75 0.00 0.00 0.00 0.00 12:44:59 PM 0.00 8.11 23.12 0.00 490.47 0.00 0.00 0.00 0.00 12:45:04 PM 0.81 123.64 666.06 0.00 340.61 0.00 0.00 0.00 0.00 12:45:09 PM 0.00 15.42 100.00 0.00 101.22 0.00 0.00 0.00 0.00 Average: 0.16 41.91 264.36 0.00 419.62 0.00 0.00 0.00 0.00 This report contains two columns: “fault/s” and “majflt/s”. What is the difference between a “fault”, sometimes known as a “soft fault”, and a “major fault” (aka “hard fault”)? Soft fault happens when the process needs a page that is already in memory, but was freed by the page replacement process. Major or “hard” fault happens when the page needs to be brought into memory from disk. Major faults are, of course, much more expensive and take much longer to complete then the soft ones. Large number of major page faults can slow the system down to the crawl. On an average system, major page faults are responsible for the vast majority of the CPU time spent in the kernel mode. System memory[root@fedora ~]# sar -r 3 5Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 12:48:48 PM kbmemfree kbmemused %memused kbbuffers kbcached kbcommit %commit kbactive kbinact 12:48:51 PM 147940 619416 80.72 49316 230616 1244392 53.93 304776 263268 12:48:54 PM 143352 624004 81.32 49316 235184 1248940 54.13 304780 267808 12:48:57 PM 146452 620904 80.91 49324 232324 1246020 54.00 305016 264828 12:49:00 PM 140624 626732 81.67 49324 238108 1251800 54.25 305044 270616 12:49:03 PM 139756 627600 81.79 49332 238616 1252280 54.27 305048 271128 Average: 143625 623731 81.28 49322 234970 1248686 54.12 304933 267530 atop - AT Computing's System & Process Monitor
Usage: atop [-flags] [interval [samples]]
or
Usage: atop -w file [-S] [-a] [interval [samples]]
atop -r [file] [-b hh:mm] [-e hh:mm] [-flags]
generic flags:
-a show or log all processes (i.s.o. active processes only)
-P generate parseable output for specified label(s)
-L alternate line length (default 80) in case of non-screen output
-f show fixed number of lines with system-statistics
-l show limited number of lines for certain resources
-1 show average-per-second i.s.o. total values
-x no colors in case of high occupation
-g show general process-info (default)
-m show memory-related process-info
-d show disk-related process-info
-n show network-related process-info
-s show scheduling-related process-info
-v show various process-info (ppid, user/group, date/time)
-c show command-line per process
-o show own defined process-info
-u show cumulated process-info per user
-p show cumulated process-info per program (i.e. same name)
-C sort processes in order of cpu-consumption (default)
-M sort processes in order of memory-consumption
-D sort processes in order of disk-activity
-N sort processes in order of network-activity
-A sort processes in order of most active resource (auto mode)
specific flags for raw logfiles:
-w write raw data to file (compressed)
-r read raw data from file (compressed)
special file: y[y...] for yesterday (repeated)
-S finish atop automatically before midnight (i.s.o. #samples)
-b begin showing data from specified time
-e finish showing data after specified time
interval: number of seconds (minimum 0)
samples: number of intervals (minimum 1)
Page size
[root@fedora ~]# /usr/bin/time -v dateSun Dec 9 13:23:45 IST 2012 Command being timed: "date" Major (requiring I/O) page faults: 0 Minor (reclaiming a frame) page faults: 224 Page size (bytes): 4096 Exit status: 0 How to check how many MPF and MnPF occured - here we are opening acroread./usr/bin/time -v acroreadCommand being timed: "acroread" Major (requiring I/O) page faults: 363 Minor (reclaiming a frame) page faults: 28663 Page size (bytes): 4096 Exit status: 0 When you run it the second time MPF will be less/usr/bin/time -v acroreadCommand being timed: "acroread" Average resident set size (kbytes): 0 Major (requiring I/O) page faults: 7 Minor (reclaiming a frame) page faults: 25224 Exit status: 0 Buffer Cache is used to minimize MPF & MnPF[root@fedora ~]# cat /proc/meminfo |egrep 'Ca|Bu|Me'MemTotal: 767356 kB MemFree: 89092 kB Buffers: 29292 kB Cached: 331528 kB SwapCached: 10444 kB [root@fedora ~]# acroread[root@fedora ~]# cat /proc/meminfo |egrep 'Ca|Bu|Me' MemTotal: 767356 kB MemFree: 73220 kB Buffers: 29212 kB Cached: 347292 kB SwapCached: 10436 kB Dirty Pages:
[root@fedora ~]# vmstat 1procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free buff cache si so bi bo in cs us sy id wa st 1 0 85208 59000 27420 340796 0 1 11 14 172 182 7 2 91 1 0 1 1 85208 52716 28128 343892 0 0 3088 0 822 968 37 16 3 44 0 2 6 85224 58044 26252 336596 0 16 5356 24 1278 961 40 21 0 38 0 0 6 85228 58044 24940 335028 0 4 2592 148 1275 1096 39 20 0 41 0 3 2 85228 54300 24988 337692 0 0 2216 160 1110 778 26 11 0 63 0 0 1 85260 60984 25004 331280 0 32 2784 672 900 724 29 20 0 51 0 3 1 85260 58264 25004 333208 0 0 5480 0 775 667 14 12 0 73 0 2 1 85424 60992 24048 331056 0 164 2544 220 1424 757 49 26 0 24 0 2 1 85716 61068 17348 328656 0 292 5808 292 1655 736 48 52 0 0 0 0 2 86628 61036 16476 320944 0 912 9024 912 1570 915 50 43 0 7 0 1 0 86628 54216 16476 324532 0 0 4120 0 1307 1313 85 14 0 1 0 2 1 86628 58068 16476 330960 0 0 5976 0 1173 670 77 15 0 8 0 [root@fedora ~]# sar 1 100Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 02:29:48 PM CPU %user %nice %system %iowait %steal %idle 02:29:49 PM all 7.07 0.00 9.09 0.00 0.00 83.84 02:29:50 PM all 8.00 0.00 4.00 0.00 0.00 88.00 [root@fedora ~]# sar -B 1 3Linux 3.3.4-5.fc17.i686 (fedora.example.com) 12/09/2012 _i686_ (1 CPU) 02:31:34 PM pgpgin/s pgpgout/s fault/s majflt/s pgfree/s pgscank/s pgscand/s pgsteal/s %vmeff 02:31:35 PM 0.00 0.00 661.62 0.00 34.34 0.00 0.00 0.00 0.00 02:31:36 PM 0.00 0.00 274.00 0.00 32.00 0.00 0.00 0.00 0.00 02:31:37 PM 0.00 0.00 233.67 0.00 43.88 0.00 0.00 0.00 0.00 Average: 0.00 0.00 389.90 0.00 36.70 0.00 0.00 0.00 0.00 collectl - Collects data that describes the current system status.SYNOPSIS
Record Mode - read data from live system and write to file or display on terminal
collectl [-f file] [options]
Playback Mode - read data from one or more raw data files and display on terminal
collectl -p file1 [file2 ...] [options
Example how to collect the TOP command information from later days.[root@fedora collectl]# collectl -p fedora-20121209-000000.raw.gz --top --from 02:22 --thru 02:23 ### RECORD 1 >>> fedora <<< (1354999980.002) (Sun Dec 9 02:23:00 2012) ### # TOP PROCESSES sorted by time (counters are /sec) 02:23:00 # PID User PR PPID THRD S VSZ RSS CP SysT UsrT Pct AccuTime RKB WKB MajF MinF Command 4918 fedora 20 4361 29 S 755M 243M 0 0.22 0.97 1 01:30:22 0 0 0 2 ./firefox 9394 root 20 1 0 R 17M 12M 0 0.07 0.55 1 17:28.32 0 0 0 0 /usr/bin/pe 1883 root 35 1 0 S 8M 5M 0 0.10 0.18 0 09:00.50 0 0 0 32 /usr/sbin/p 1867 root 20 1818 0 S 23M 10M 0 0.07 0.03 0 41:05.32 0 0 0 0 /usr/bin/X 18085 root 20 18084 0 S 11M 1M 0 0.04 0.04 0 01:38.62 0 0 0 0 wvdial 6282 root 20 2 0 S 0 0 0 0.02 0.00 0 00:00.05 0 0 0 0 kworker/0:0 1809 root 20 1 0 S 3M 1M 0 0.00 0.01 0 00:13.05 0 0 0 0 /usr/lib/sy 1831 dbus 20 1 0 S 3M 1M 0 0.00 0.01 0 00:20.80 0 0 0 0 /bin/dbus-d 1835 root 20 1 0 S 5M 892K 0 0.00 0.01 0 00:03.43 0 0 0 0 /usr/sbin/c 2607 root 20 1 63 S 20M 1M 0 0.00 0.01 0 00:07.89 0 0 0 0 /usr/sbin/c [root@fedora collectl]# pwd /var/log/collectl Files under /var/log/collectl [root@fedora collectl]# ls fedora-20121207-220643.raw.gz fedora-20121209-000000.raw.gz fedora-collectl-201212.log fedora-20121208-000000.raw.gz fedora-20121210-000000.raw.gz Help [root@fedora collectl]# collectl -x
This is the complete list of switches, more details in man page
--align align on time boundary
--all selects 'all' summary subsystems except slabs,
which means NO detail or process data either
note: the opposite of --all is -s-all
-A, --address addr[:port[:time]] open a socket/port on addr with optional
timeout OR run as a server with no timeout
--comment string add the string to the end of the header
-C, --config file use alternate collectl.conf file
-c, --count count collect this number of samples and exit
-d, --debug debug see source for details or try -d1 to get started
-D, --daemon run as a daemon
--extract file extract a subset of a raw file into another one
-f, --filename file name of directory/file to write to
-F, --flush seconds number of seconds between output buffer flushes
--from time time from which to playback data, -thru optional
[yyyymmdd:]hh:mm[:ss][-[yyyymmdd:]hh:mm[:ss]]
--grep pattern print timestamped entries in raw file for each
occurance of pattern
-G, --group write process/slab data to separate, rawp file
-h, --help print basic help
--home move cursor to top before printing interval data
--hr,--headerrepeat num repeat headers every 'num' lines, once or never
--import file name of file(s) to use for data importation
-i, --interval int[:pi:ei]] collection interval in seconds
[defaults: interactive=1, daemon=10]
pi is process interval [default=60]
ei is environmental interval [default=300]
--iosize include I/O sizes as appropriate in brief format
-l, --limits limits override default exceptions name:val[-name:val]
-m, --messages write messages to log file and/or terminal
-N, --nice give yourself a 'nicer' priority
--nohup do not exit if the process that started collectl exits
--offsettime secs seconds by which to offset times during playback
-o, --options misc formatting options, --showoptions for all
-p, --playback file playback results from 'file'
--passwd file use this instead if /etc/passwd for UID->name
--pname name set process name to 'collectl-pname'
-P, --plot generate output in 'plot' format
--procanalyze analyze process data, generating prcs file
--quiet do note echo warning messages on the terminal
-r, --rolllogs time,d,m roll logs at 'time', retaining for 'd' days,
every 'm' minutes [default: d=7,m=1440]
--rawtoo when run with -P, this tell collectl to also
create a raw log file as well
--runas uid[:gui] collectl will change its uid/gid in daemon mode
see man page for details
-R, --runtime duration time to run in <number><units> format
where unit is w,d,h,m,s
--sep separator specify an alternate plot format separator
--slabanalyze analyze slab data, generating slbs file
--stats same as -oA
-s, --subsys subsys record/playback data from one or more subsystems
--showsubsys for details
--sumstat same as --stats but only summary
--thru time time thru which to playback data (see --from)
--top [type][,num] show top 'num' processes sorted by type
--showtopopts for details
--tworaw synonym for -G and -group, which are now deprecated
--umask mask set output file permissions mask (see man umask)
--utime mask write diagnostic micro timestamps into raw file
--verbose display output in verbose format (automatically
selected when brief doesn't make sense)
-w, --wide print wide field contents (don't use K/M/G)
Synonyms
--utc = -oU
These are Alternate Display Formats
--vmstat show output similar to vmstat
Logging options
--rawtoo used with -P, write raw data to a log as well
--export name[,options] write data to an exported socket/file
Various types of help
-h, --help print this text
-v, --version print version
-V, --showdefs print operational defaults
-x, --helpext extended help
-X, --helpall shows all help concatenated together
--showoptions show all the options
--showsubopts show all substem specific options
--showsubsys show all the subsystems
--showtopopts show --top options
--showheader show file header that 'would be' generated
--showcolheaders show column headers that 'would be' generated
--showslabaliases for SLUB allocator, show non-root aliases
--showrootslabs same as --showslabaliases but use 'root' names
--whatsnew show summary of recent version new features
Copyright 2003-2012 Hewlett-Packard Development Company, L.P.
collectl may be copied only under the terms of either the Artistic License
or the GNU General Public License, which may be found in the source kit
Hardcopy record of an inter‐active sessionscript makes a typescript of everything printed on your terminal. It is useful for students who need a hardcopy record of an inter‐active session as proof of an assignment, as the typescript file can be printed out later.
Usage:
script [options] [file]
Options:
-a, --append append the output
-c, --command <command> run command rather than interactive shell
-r, --return return exit code of the child process
-f, --flush run flush after each write
--force use output file even when it is a link
-q, --quiet be quiet
-t, --timing[=<file>] output timing data to stderr (or to FILE)
-V, --version output version information and exit
-h, --help display this help and exit
Starting Recordingscript -t 2> record.timing -a record.session Example: fedora@fedora ~> script -t 2> record.timing -a record.session Script started, file is record.session fedora@fedora ~> uptime 18:08:47 up 3 days, 4:43, 5 users, load average: 0.32, 0.25, 0.21 fedora@fedora ~> last |head fedora pts/7 Mon Dec 10 18:08 still logged in fedora pts/6 :0 Mon Dec 10 18:00 still logged in fedora pts/5 :0 Mon Dec 10 17:56 still logged in fedora pts/6 :0 Mon Dec 10 13:41 - 16:04 (02:22) fedora pts/5 :0 Mon Dec 10 08:26 - 16:04 (07:37) fedora pts/2 :0 Mon Dec 10 08:25 still logged in fedora pts/7 :0 Sun Dec 9 14:25 - 17:12 (02:46) fedora pts/6 :0 Sun Dec 9 13:32 - 17:11 (03:39) fedora pts/5 :0 Sun Dec 9 11:50 - 17:11 (05:20) fedora pts/2 :0 Sun Dec 9 11:33 - 17:12 (05:38) fedora@fedora ~> exit exit Script done, file is record.session fedora@fedora ~> Replay Recordingscriptreplay record.timing record.session fedora@fedora ~> scriptreplay record.timing record.session fedora@fedora ~> uptime 18:08:47 up 3 days, 4:43, 5 users, load average: 0.32, 0.25, 0.21 fedora@fedora ~> last |head fedora pts/7 Mon Dec 10 18:08 still logged in fedora pts/6 :0 Mon Dec 10 18:00 still logged in fedora pts/5 :0 Mon Dec 10 17:56 still logged in fedora pts/6 :0 Mon Dec 10 13:41 - 16:04 (02:22) fedora pts/5 :0 Mon Dec 10 08:26 - 16:04 (07:37) fedora pts/2 :0 Mon Dec 10 08:25 still logged in fedora pts/7 :0 Sun Dec 9 14:25 - 17:12 (02:46) fedora pts/6 :0 Sun Dec 9 13:32 - 17:11 (03:39) fedora pts/5 :0 Sun Dec 9 11:50 - 17:11 (05:20) fedora pts/2 :0 Sun Dec 9 11:33 - 17:12 (05:38) fedora@fedora ~> exit fedora@fedora ~> scriptreplay -h Usage: scriptreplay [-t] timingfile [typescript] [divisor] Options: -t, --timing <file> script timing output file -s, --typescript <file> script terminal session output file -d, --divisor <num> speed up or slow down execution with time divisor -V, --version output version information and exit -h, --help display this help and exit Setting up your first LAMP server on Ubuntu.You can use apt-get to install these packages by running the following commands: sudo apt-get install apache2 sudo apt-get install php5 sudo apt-get install php5-cli sudo apt-get install php5-cgi sudo apt-get install php5-mysql sudo apt-get install php5-pgsql sudo apt-get install libapache2-mod-php5 sudo apt-get install build-essential sudo apt-get install mysql-server sudo apt-get install mysql-doc-5.0 Linux Kernel recompilation with GRSECURITYTo recompile the Linux kernel, Upgrade to at *least* these software revisions before thinking you've encountered a bug! If you're unsure what version you're currently running, the suggested command should tell you. Grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL. more details at Linux-Kernel-recompilation-with-GRSECURITY iptables linux firewall for home office networks.The below example has the follwoing settings. # Internet Interface INET_IFACE="ppp0" # Local Interface Information LOCAL_IFACE="eth0" LOCAL_IP="192.168.1.1" LOCAL_NET="192.168.1.0/24" LOCAL_BCAST="192.168.1.255" More - iptables-linux-firewall-for-home-office-networks Requirements for Nagios Notifications.If you want to receive email notifications for Nagios alerts, you need to install the mailx (Postfix) package. sudo apt-get install mailx sudo apt-get install postfix Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you'd like to use for receiving alerts. You'll have to edit the Nagios email notification commands found in /usr/local/nagios/etc/objects/commands.cfg and change any '/bin/mail' references to '/usr/bin/mail'. Once you do that you'll need to restart Nagios to make the configuration changes live. Requirements-for-Nagios-Notifications Planning your Linux partition structure.For a less simple partition structure: /boot 60-100 meg swap 2 x memory /tmp 1 Gig. mount /tmp with noexec,nosuid in /etc/fstab / 6-10 Gig /var 8-20 gig. Emails, logs and databases stored here /usr 5-12 gig. source code /home rest of drive. Roughly 80% for user data. /home Mount with nosuid in /etc/fstab if possible. Feel free to modify these numbers as needed. Note, if you plan on installing dovecot, all email data is stored under /home and not /var, so adjust as needed. Also FreeBSD store mysql databases in /home/mysql/. Please have Basic development/compiling tools such as gcc, g++, and perl. Working with LVM Logical Volume Manager
More - LVM-Logical-Volume-Manager How to verify signature of downloaded source file with GPGHere downloaded file is postfix-2.6.5.tar.gz and the signature is postfix-2.6.5.tar.gz.sig $ gpg --verify postfix-2.6.5.tar.gz.sig postfix-2.6.5.tar.gz gpg: Signature made Sat Aug 29 00:50:08 2009 UTC using RSA key ID C12BCD99 gpg: Good signature from "Wietse Venema <wietse@porcupine.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: FF 96 4A 8C 96 88 7C 6E A4 EF AD BF 48 34 E1 BB More - how-to-verify-signature-of-downloaded-source-file-with-gpg namp scan techniques host discovery version detection and much more
ubuntu@mail:~$ man -k nmap
nmap (1) - Network exploration tool and security / port scanner
Nmap 4.53 ( http://insecure.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
More -namp-scan-techniques-host-discovery-version-detection-and-much-more Scan for any DHCP server on your networkfedora@fedora ~> sudo nmap -sU 192.168.56.0-255 -p 67-68 Starting Nmap 6.01 ( http://nmap.org ) at 2012-12-31 07:47 IST Nmap scan report for 192.168.56.104 Host is up (0.00044s latency). PORT STATE SERVICE 67/udp closed dhcps 68/udp closed dhcpc Nmap done: 256 IP addresses (1 host up) scanned in 11.72 seconds fedora@fedora ~> Using perl to make changes to a list of files.Example below add comment to all the virtual host conf file in apache. perl -pi -e 's/Error/#Error/' virtual_host*.conf perl -pi -e 's/ssl=ON/ssl=OFF/' /usr/local/directadmin/data/users/*/domains/*.conf CentOS 5.4 rpms list download page.http://mirrors.kernel.org/centos/5.4/os/i386/CentOS/ Kernel Recompile Example Steps
[root@delhi ~]# finger @finger.kernel.org The latest stable version of the Linux kernel is: 2.6.22.9 The latest prepatch for the stable Linux kernel tree is: 2.6.23-rc9 The latest snapshot for the stable Linux kernel tree is: 2.6.23-rc9-git2 The latest 2.4 version of the Linux kernel is: 2.4.35.3 The latest prepatch for the 2.4 Linux kernel tree is: 2.4.36-pre1 The latest 2.2 version of the Linux kernel is: 2.2.26 The latest prepatch for the 2.2 Linux kernel tree is: 2.2.27-rc2 The latest -mm patch to the stable Linux kernels is: 2.6.23-rc8-mm2 [root@delhi ~] #!/bin/bash cd /usr/src wget http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.19.2.tar.gz wget http://www.grsecurity.net/grsecurity-2.1.10-2.6.19.2-200701222307.patch.gz tar -xvzf linux-2.6.19.2.tar.gz gunzip < grsecurity-2.1.10-2.6.19.2-200701222307.patch.gz | patch -p0 mv linux-2.6.19.2 linux-2.6.19.2-grsec ln -s linux-2.6.19.2-grsec linux cd linux cp /boot/config-`uname -r` .config ls -al |grep .config sleep 10 make menuconfig sleep 10 make bzImage sleep 10 make modules sleep 10 make modules_install sleep 10 make install vi /boot/grub/grub.conf #!/bin/bash cd /usr/src wget http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.17.11.tar.bz2 wget http://grsecurity.org/grsecurity-2.1.9-2.6.17.11-200608282236.patch.gz tar -xjvf linux-2.6.17.11.tar.bz2 gunzip < grsecurity-2.1.9-2.6.17.11-200608282236.patch.gz | patch -p0 mv linux-2.6.17.11 linux-2.6.17.11-grsec ln -s linux-2.6.17.11-grsec linux cd linux cp /boot/config-`uname -r` .config ls -al |grep .config sleep 10 make menuconfig sleep 10 make bzImage sleep 10 make modules sleep 10 make modules_install sleep 10 make install
|