Linux Ρυθμίσεις

System Shut Down Shuting Down shutdown -h now shutdown -h +15 Shut Down -> Halt now or in 15 minutes. shutdown -r now shutdown -r +15 Shut Down ->Restart now or in 15 minutes. IP Configuration IP Configuration ifconfig -a View all of the IP configuration ifconfig eth0 View the Configuration for eth0 Edit the ifcfg-eth0 file: cat /etc/sysconfig/network-scripts/ifcfg-eth0 View the Config File pico /etc/sysconfig/network-scripts/ifcfg-eth0 Edit and Save the Config File DEVICE=eth0 BOOTPROTO=static BROADCAST=192.168.1.255 HWADDR=00:13:72:3E:55:72 IPADDR=192.168.1.10 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes TYPE=Ethernet Type in the new IP information. and save the file. ifdown eth0 Restart the eth0 - the new configuration will take effect ifup eth0 IP Configuration (Temporary) ifconfig lo0 localhost up ifconfig eth0 inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255 Temporarily uses the new IP untill the next reboot. Default Gateway Edit the network file: cat /etc/sysconfig/network View the Network File pico /etc/sysconfig/network Edit and Save the Network File NETWORKING=yes HOSTNAME=server20.comentum.com GATEWAY=192.168.1.1 Type in the new gateway and host information. and save the file. service network restart Restart the network services Default Gateway (Temporary) route add default gw 192.168.1.1 eth0 Temporarily uses the new gateway IP Domain Name Servers Edit the /etc/resolv.conf file: cat /etc/resolv.conf View the resolv.conf File pico /etc/resolv.conf Edit and Save the resolv.conf File search comentum.com nameserver 66.28.0.45 nameserver 206.13.28.11 nameserver 67.17.215.132 Type in the new gateway and host information. and save the file. hostname Print the name of the host machine. Back to top Firewall Firewall with Editing iptables iptables -L View the current firewall configuration cat /etc/sysconfig/iptables View/read the real firewall file Edit the iptables file: pico /etc/sysconfig/iptables Edit and Save the firewall iptables file .# This firewall is an example of a Linux web, ftp, pop3 & smtp server .# It also limits ssh access to a block of IP - you need to customize the IPs to match your allowed IPs for ssh access *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [131962:7397220] :inputf - [0:0] -A INPUT -j inputf -A FORWARD -j inputf -A inputf -i lo -j ACCEPT -A inputf -m state --state RELATED,ESTABLISHED -j ACCEPT -A inputf -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A inputf -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A inputf -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A inputf -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT -A inputf -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT -A inputf -s 192.168.1.0/24 -p tcp -m tcp --dport 22 -j ACCEPT -A inputf -p ipv6-crypt -j ACCEPT -A inputf -p ipv6-auth -j ACCEPT -A inputf -j REJECT --reject-with icmp-host-prohibited COMMIT shutdown -r now Restart the server Modifying the Current Firewall Setting iptables -I inputf 6 -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT Will insert this rule to the line 6 of inputf chain /sbin/service iptables save Will SAVE the iptables with the new rule. Firewall with iptables command Another Version iptables -L View the current firewall configuration cat /etc/sysconfig/iptables View/read the real firewall file Copy IP Table for Backup: ################## cp /etc/sysconfig/iptables iptablesbackup # Clear all Tables ################## iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD #Set Default Policy # Be Carefull : This will drop your ssh connection. # This setting needs to be implemented from the machine's command line. ################### iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP # Loopback setup ################ iptables -A INPUT -i lo -j ACCEPT # Inbound connections # Customize the below based on your needs for example to add POP3/Port 110 services add: # iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT # add the above statement after Port 80 statement. ##################### iptables -A INPUT -m state --state ESTABLICHED,RELATED -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 22 -j ACCEPT iptables -A INPUT -j DROP # Save the new setting /sbin/service iptables save Firewall with iptables command Another Version Copy IP Table for Backup: ################## cp /etc/sysconfig/iptables iptablesbackup # Clear all Tables ################## iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD #Set Default Policy # Be Carefull : This will drop your ssh connection. # This setting needs to be implemented from the machine's command line. ################### iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP # Loopback setup ################ iptables -A INPUT -i lo -j ACCEPT # Inbound connections # Customize the below based on your needs for example to add POP3/Port 110 services add: # iptables -A INPUT -p tcp --dport 110 -j ACCEPT # add the above statement after Port 80 statement. ##################### iptables -A INPUT -m state --state ESTABLICHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A INPUT -p tcp --dport 21 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -s 192.168.1.1/24 -j ACCEPT iptables -A INPUT -j DROP # Save the new setting /sbin/service iptables save