Home > linux > Linux Command – Primer / Aide-Memoir

Linux Command – Primer / Aide-Memoir

November 17th, 2012

System Shut Down
shutdown -h now (Displays the file hello.txt)
shutdown -h +15 (Displays the file hello.txt)
shutdown -r now (Shut Down > Restart now)
shutdown -r +15 (Shut Down > Restart in 15 minutes)

IP Configuration (Edit the ifcfg-eth0 file):
cat /etc/sysconfig/network-scripts/ifcfg-eth0     View the configuration file for eth0
vi /etc/sysconfig/network-scripts/ifcfg-eth0     Edit and Save the configuration file for eth0

DEVICE=eth0
BOOTPROTO=static
BROADCAST=10.10.255.255
HWADDR=00:13:72:3E:55:72
IPADDR=10.10.0.1
NETMASK=255.255.0.0
NETWORK=10.10.0.0
DNS1=4.2.2.2
DNS2=8.8.8.8
ONBOOT=yes
TYPE=Ethernet

Enter new IP information. and save the file.
ifdown eth0
ifup eth0     Restart the eth0 – the new configuration will take effect.

IP Configuration (Temporarily uses the new IP until the next reboot.)

ifconfig lo0 localhost up
ifconfig eth0 inet 192.168.1.1 netmask 255.255.255.0
broadcast 192.168.1.255

Default Gateway (Temporarily uses the new gateway IP)
route add default gw 192.168.1.1 eth0

Edit the network file:
cat /etc/sysconfig/network     View the Network File
vi /etc/sysconfig/network     Edit and Save the Network File

NETWORKING=yes
HOSTNAME=server20.comentum.com
GATEWAY=192.168.1.1     (Type in the new gateway and host information. and save the file)

service network restart  (Restart the network services)

Domain Name Servers

Edit the /etc/resolv.conf file:
cat /etc/resolv.conf     View the resolv.conf File
vi /etc/resolv.conf     Edit and Save the resolv.conf File

search darenmatthews.com
nameserver 66.28.0.45
nameserver 206.13.28.11
nameserver 67.17.215.132

Firewall with Editing iptables:
iptables -L  (View the current firewall configuration)
cat /etc/sysconfig/iptables (View/read the real firewall file)

Edit the iptables file:
vi /etc/sysconfig/iptables     (Edit and Save the firewall iptables file)

.# This firewall is an example of a Linux web, ftp, pop3 & smtp server
.# It also limits ssh access to a block of IP – you need to customize the IPs to match your allowed IPs for ssh access
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [131962:7397220]
:inputf – [0:0]
-A INPUT -j inputf
-A FORWARD -j inputf
-A inputf -i lo -j ACCEPT
-A inputf -m state –state RELATED,ESTABLISHED -j ACCEPT
-A inputf -p tcp -m state –state NEW -m tcp –dport 80 -j ACCEPT
-A inputf -p tcp -m state –state NEW -m tcp –dport 443 -j ACCEPT
-A inputf -p tcp -m state –state NEW -m tcp –dport 21 -j ACCEPT
-A inputf -p tcp -m state –state NEW -m tcp –dport 25 -j ACCEPT
-A inputf -p tcp -m state –state NEW -m tcp –dport 110 -j ACCEPT
-A inputf -s 192.168.1.0/24 -p tcp -m tcp –dport 22 -j ACCEPT
-A inputf -p ipv6-crypt -j ACCEPT
-A inputf -p ipv6-auth -j ACCEPT
-A inputf -j REJECT –reject-with icmp-host-prohibited
COMMIT
shutdown -r now     Restart the server

Modifying the Current Firewall Setting
iptables -I inputf 6 -p tcp -m state –state NEW -m tcp –dport 143 -j ACCEPT
(Will insert this rule to the line 6 of inputf chain)

/sbin/service iptables save
(Will SAVE the iptables with the new rule.)

Firewall with iptables command Another Version
iptables -L (View the current firewall configuration)
cat /etc/sysconfig/iptables (View/read the real firewall file)

Copy IP Table for Backup:
##################
cp /etc/sysconfig/iptables iptablesbackup

# Clear all Tables
##################
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD

#Set Default Policy
# Be Carefull : This will drop your ssh connection.
# This setting needs to be implemented from the machine’s command line.
###################
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

# Loopback setup
################
iptables -A INPUT -i lo -j ACCEPT

# Inbound connections
# Customize the below based on your needs for example to add POP3/Port 110 services add:
# iptables -A INPUT -p tcp -m state –state NEW -m tcp –dport 110 -j ACCEPT
# add the above statement after Port 80 statement.
#####################
iptables -A INPUT -m state –state ESTABLICHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -m state –state NEW -m tcp –dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m state –state NEW -m tcp –dport 443 -j ACCEPT
iptables -A INPUT -p tcp -m state –state NEW -m tcp –dport 21 -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp –dport 22 -j ACCEPT
iptables -A INPUT -j DROP

# Save the new setting
/sbin/service iptables save

Categories: linux Tags:
Comments are closed.