- Linux
- Basic
- Server
- Apache
- RHEL7
- Script
- PHP
- Proc
- Network
- Cisco
- Juniper
- Windows
- 複製指令 xcpoy
- Power Shell
2018年1月1日 星期一
2016年8月30日 星期二
Linux Iptables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| iptables -P [INPUT、OUTPUT、FORWARD] [ACCEPT、REJECT、DROP] | |
| iptables -A [INPUT、OUTPUT、FORWARD] -i [eth0、eth1、enoxxx] -s [192.168.1.32][192.168.1.0/24] -d [192.168.1.32][192.168.1.0/24] -p [tcp、udp、icmp、all] --dport [0~65535] -j [ACCEPT、REJECT、DROP、LOG] | |
| -P Default Policy | |
| -A chain | |
| -i 網路介面進入 | |
| -o 網路介面離開 | |
| -s 來源 | |
| -d 目的 | |
| -m mac --mac-source aa:bb:cc:dd:ee:ff | |
| -p Protocol [tcp、udp、icmp、all] | |
| --sport 來源 port | |
| --dport 目的 port | |
| -j 動作 [ACCEPT、REJECT、DROP、LOG] | |
| -F Delete all rules in chain or all chains | |
| -X Delete a user-defined chain | |
| -Z Zero the packet and byte counters in all chains |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# iptables -P INPUT DROP | |
| [root@localhost ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT | |
| [root@localhost ~]# iptables -A INPUT -p tcp --dport 80 -j ACCEPT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# iptables-save | |
| # Generated by iptables-save v1.4.21 on Wed Aug 31 01:26:18 2016 | |
| *filter | |
| :INPUT DROP [2:340] | |
| :FORWARD ACCEPT [0:0] | |
| :OUTPUT ACCEPT [3:308] | |
| -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT | |
| -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT | |
| COMMIT | |
| # Completed on Wed Aug 31 01:26:18 2016 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# iptables -L -n | |
| Chain INPUT (policy DROP) | |
| target prot opt source destination | |
| ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 | |
| ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 | |
| Chain FORWARD (policy ACCEPT) | |
| target prot opt source destination | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# iptables -F | |
| [root@localhost ~]# iptables -X | |
| [root@localhost ~]# iptables -Z | |
| [root@localhost ~]# iptables -P INPUT DROP | |
| [root@localhost ~]# iptables -A INPUT -p tcp --dport 22 -m mac --mac-source aa:bb:cc:dd:ee:ff -j ACCEPT | |
| #使用網卡位置進行管制 | |
| [root@localhost ~]# iptables -A INPUT -p tcp --dport 80 -j ACCEPT | |
| [root@localhost ~]# iptables-save |
2016年8月29日 星期一
Linux History
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# history | |
| #前面省略 | |
| 201 LANG=C | |
| 212 ifup eno33554992 | |
| 215 history 10 | |
| 214 vi ~/.bash_history | |
| 215 history | |
| 216 vi ~/.bashrc | |
| 217 hostname | |
| 218 ip a | |
| 219 ip route | |
| 220 nmcli c s | |
| #顯示歷史指令 | |
| #參數介紹 | |
| -c 刪除紀錄 | |
| -a 新增 | |
| -w 寫入 histfiles | |
| #資料庫位置 | |
| ~/.bash_history |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# history 3 | |
| 218 ip a | |
| 219 ip route | |
| 220 nmcli c s | |
| #只列出最近的3筆資料 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# ![number] | |
| #執行[history 序號] | |
| [root@localhost ~]# !! | |
| #執行上一個指令 | |
| [root@localhost ~]# !219 | |
| ip route | |
| default via 192.168.1.1 dev eno33554992 | |
| 169.254.0.0/16 dev eno16777736 scope link metric 1002 | |
| 169.254.0.0/16 dev eno33554992 scope link metric 1003 | |
| 192.168.1.0/24 dev eno33554992 proto kernel scope link src 192.168.1.108 | |
| 192.168.2.0/24 dev eno16777736 proto kernel scope link src 192.168.2.131 | |
| #[219]為 ip route |
LAB 20160830A
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@host ~]# grub2-mkconfig -o /boot/grub2/grub.cfg | |
| Generating grub configuration file ... | |
| Found linux image: /boot/vmlinuz-3.10.0-229.14.1.el7.x86_64 | |
| Found initrd image: /boot/initramfs-3.10.0-229.14.1.el7.x86_64.img | |
| Found linux image: /boot/vmlinuz-3.10.0-229.4.2.el7.x86_64 | |
| Found initrd image: /boot/initramfs-3.10.0-229.4.2.el7.x86_64.img | |
| Found linux image: /boot/vmlinuz-3.10.0-229.el7.x86_64 | |
| Found initrd image: /boot/initramfs-3.10.0-229.el7.x86_64.img | |
| Found linux image: /boot/vmlinuz-0-rescue-605f01abef434fb98dd1309e774b72ba | |
| Found initrd image: /boot/initramfs-0-rescue-605f01abef434fb98dd1309e774b72ba.img | |
| done | |
| #參考資料:https://wiki.centos.org/zh-tw/HowTos/Grub2 | |
| #參考資料:http://blog.xuite.net/towns/hc/302507344-CentOS+7+%E5%AE%89%E8%A3%9D%E3%80%81%E6%9E%B6%E8%A8%AD%E8%88%87%E4%BD%BF%E7%94%A8 | |
| [root@localhost ~]# nmcli d s | |
| DEVICE TYPE STATE CONNECTION | |
| eno16777736 ethernet connected eno16777736 | |
| eno33554992 ethernet disconnected -- | |
| lo loopback unmanaged -- | |
| [root@localhost ~]# nmcli c s -a | |
| NAME UUID TYPE DEVICE | |
| eno16777736 00725176-7c31-45f0-b1ce-068b26f52793 802-3-ethernet eno16777736 | |
| [root@localhost ~]# nmcli con add type ethernet con-name eno33554992 ifname eno33554992 | |
| Connection 'eno33554992' (b771edf9-3a00-40b1-a81e-dd0ed5178941) successfully added. | |
| [root@localhost ~]# ls /etc/sysconfig/network-scripts/ |grep eno33554992 | |
| ifcfg-eno33554992 | |
| [root@localhost ~]# nmcli c u eno33554992 |
Linux Single User Mode
[code language="bash"]
systemd.unit=rescue.target
[/code]
[code language="bash"]
mount -o remount,ro /
[/code]
參考位置:https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Terminal_Menu_Editing_During_Boot.html
參考位置:https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Terminal_Menu_Editing_During_Boot.html
2016年8月18日 星期四
Linux Proc Mac Address
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@rhel7 ~]# cat /proc/net/arp | |
| IP address HW type Flags HW address Mask Device | |
| 10.10.10.201 0x1 0x2 00:0C:29:01:98:01 * eth0 | |
| 10.10.10.202 0x1 0x2 00:0C:29:01:98:02 * eth0 | |
| 10.10.10.203 0x1 0x2 00:0C:29:01:98:03 * eth0 | |
| 10.10.10.204 0x1 0x2 00:0C:29:01:98:04 * eth0 | |
| 10.10.10.205 0x1 0x2 00:0C:29:01:98:05 * eth0 | |
| 10.10.10.206 0x1 0x2 00:0C:29:01:98:06 * eth0 |
訂閱:
文章 (Atom)