Basic iptables configuration for Linux

Posted on

What is a good basic iptables config? Basic rules needed: Allow incoming TCP to 22 for SSH but blocks all others. Allow outgoing TCP/UDP connections. You may consider using the following rules as a start: for tables in iptables ip6tables ; do # Flush existing rules $tables -F # Default policy $tables -P INPUT DROP
Read more

How to log connections hitting certain rules in iptables on Linux?

Posted on

How to log connections hitting certain rules in iptables on Linux? Like the one that are dropped because of too frequently creating SSH connections. You can create a new chain named LOGNDROP that log the connections and drop them, then pass the connection to be redirected to the LOGNDROP chain. $tables -N LOGNDROP # Connections
Read more

How to use iptables to limit rates new SSH incoming connections from each IP on Linux?

Posted on

How to use iptables to limit rates new SSH incoming connections from each IP on Linux? For example, at most 6 SSH connection attempts every 60 seconds. You may use these rules (skip the first one, if you have set the basic rules): for tables in iptables ip6tables ; do # Allow established inbound connections
Read more

How to configure iptables on Linux Mint 17.1?

Posted on

How to configure iptables and make the configuration persistent across system restarting on Linux Mint 17.1? You can use the ‘iptables-persistent’ tool. To install iptables-persistency pachage: sudo aptitude install iptables-persistent The you can manipulate the iptables by the ‘iptables’ command. To save the current iptables rules: sudo /etc/init.d/iptables-persistent store It will store the rules for
Read more

How to config network in host (wireless network) for QEMU guest os

Posted on

The host os is connected into network by wireless one so how to let its guest os connect network. Take [1] as a reference. I run it successfully with following steps. 1, create /etc/qemu-ifup script and chmod it. 2, start a qemu guest os with command sudo ./qemu/qemu-system-x86_64 -enable-kvm -m 1024 -drive file=marss_dram.qcow2 -vnc 127.0.0.1:0
Read more

What’s the difference between Reliability, Durability, and Availability for data storage system?

Posted on

Some important concepts in distributed system like Hadoop distributed file system, Google file system and so on. Answer from http://www.quora.com/Whats-the-difference-between-Reliability-Durability-and-Availability-for-data-storage-system The difference between durability and availability is fairly simple. Durability is about what happens when all power goes out everywhere. Has all data been written to stable storage that doesn’t require power (e.g. disk/flash), in
Read more

Wireless driver in Linux Mint for HP Mini 110 Netbook

Posted on

How to install the wireless driver in Linux Mint for HP Mini 110 Netbook? The bcmwl-kernel-source for Broadcom Linux STA driver works. You may need to connect the network first by the LAN cable or another wireless adapter. Open Control center -> System, Driver Management. After a while, it will ask you to select the
Read more

How to enlarge Linux UDP buffer size?

Posted on

One of the most common causes of UDP datagram lost on Linux is an undersized receive buffer on the Linux socket. How to enlarge Linux UDP buffer size? On Linux, you can change the UDP buffer size (e.g. to 26214400) by (as root): sysctl -w net.core.rmem_max=26214400 The default buffer size on Linux is 131071. You
Read more

Direct multi-hop ssh connection

Posted on

How to use multi-hop ssh connection without needs to ssh multiple times? As a example, you are connecting to server.example.com through proxy.example.com from laptop.example.com as follows: laptop —-> proxy —-> server 2 possible methods: Method 1: Use the similar method as in Directly SSH to hosts using internal IPs through the gateway. Add this to
Read more

How to quickly find out which rpm package provides a command on Fedora Linux?

Posted on

How to quickly find out which rpm package provides a command on Fedora Linux? As an example, we want to find out which package provides the ping command. You can quickly find it out by rpm: $ rpm -qf `which ping` It will give iputils-20121221-2.fc19.x86_64 Alternatively, you can use yum: $ yum provides `which ping`
Read more

How to debug/check network-related driver information on Linux?

Posted on

How to debug/check network-related driver information on Linux? Several commands/tools that you may find usefull: Messages: dmesg grep NetworkManager /var/log/messages lshw: list hardware lshw -c network lsusb: list USB devices lsusb rfkill: enabling and disabling wireless devices rfkill unblock all rfkill event iwconfig: configure a wireless network interface iwconfig ifconfig: configure a network interface ifconfig

How to upgrade Fedora 19 to Fedora 20 through the network?

Posted on

How to upgrade Fedora 19 to Fedora 20 through the network? The tool for Fedora to upgrade the distribution is FedUp. Check this page for how to upgrade Fedora 19 to Fedora 20: http://fedoraproject.org/wiki/FedUp#How_Can_I_Upgrade_My_System_with_FedUp.3F Be sure to check the bugs in Fedora 20 before the upgrading: http://fedoraproject.org/wiki/Common_F20_bugs#Upgrade_issues Generally, it contains 3 steps: Preparation # yum
Read more

How to enable iptables on CentOS 7 / Fedora 20?

Posted on

iptables is plain old good. How to enable it after I disable firewalld? First, install the iptables-services package as root: # yum install iptables-services Then, start iptables service as root: # touch /etc/sysconfig/iptables # touch /etc/sysconfig/ip6tables # systemctl start iptables # systemctl start ip6tables # systemctl enable iptables # systemctl enable ip6tables

How to prevent roommates from hogging bandwidth

Posted on

I share a ADSL modem via a Wifi router with several roommates. Sometimes, I find the network bandwidth left is too little. Suspiciously, some one is using BT, Thunder, eMule or other P2P tools. These tools can easily use up all the bandwidth and left little for others. How to prevent some roommates from hogging
Read more