-------------------------------------------------------------------- scanning all network devices using arp-scan on 192.168.254.0 network: arp-scan --interface=eth1 192.168.254.0/24 -------------------------------------------------------------------- iptables -t nat -A PREROUTING -p tcp -i eth0 -d 192.168.2.109 --dport 10001 -j DNAT --to 192.168.1.32:10000 iptables -A INPUT -i eth0 -s 192.168.254.2 -j DROP iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables-t nat-A PREROUTING -i eth0 -p TCP --dport4662 -j DNAT --to 192.168.0.10:4662 iptables-t nat-A PREROUTING -i eth0 -p UDP --dport4672 -j DNAT --to 192.168.0.10:4672 ------------- proxy port forwarding linux. ssh -f -L 8080:localhost:8080 leming@ehion.com sleep 9999 ------------- ------------------------- Limit traffic on the interface down to 220kbit/s tc qdisc add dev eth0 root tbf rate 220kbit latency 50ms burst 1540 ------------------------- ------------------------------------ fixing table in mysql after crash: DEBUG MODE SQL Error : 145 Table './c64forum/phpbb_config' is marked as crashed and should be repaired mysqlcheck --auto-repair c64forum phpbb_config c64forum.phpbb_config warning : Table is marked as crashed warning : 2 clients are using or haven't closed the table properly status : OK ------------------------------------- ----------------------------------------------------- Quick backup (dump) of mysql database: mysqldump -u user -p nameofdatabase > ch01032010.sql ----------------------------------------------------- ------------------- piping ls to xargs: ls -la|grep 2010-03-03|awk '{print $8}'|xargs -i -t mv {} /home/leming/perl/tmp/03032010/ ------------------- cat access_log|egrep -o [0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+|uniq| while read q; do echo -n "IP:$q,";host $q|awk -F'pointer ' '{print "hostname="$2}'; done sed -i 's/ugly/beautiful/g' /home/bruno/old-friends/sue.txt ---------------------------- W: GPG error: http://ftp2.de.debian.org etch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9AA38DCD55BE302B apt-get install debian-archive-keyring apt-get update -------------- bacula compression on the fly - check the options in fileset. FileSet { Name = "Full Set" Include { Options { signature = MD5 compression = GZIP } File = /etc File = /home } ----------- compare two folders -------------- /usr/bin/comm -12 <(ls /home/www/) <(ls /home/free/) ---------------------------------------------- You can use different iptables parameters to limit connections to the SSH service for specific time periods. You can use the /second, /minute, /hour, or /day switch in any of the following examples. In the first example, if a user enters the wrong password, access to the SSH service is blocked for one minute, and the user gets only one login try per minute from that moment on: iptables -A INPUT -p tcp -m state --syn --state NEW --dport 22 -m limit --limit 1/minute --limit-burst 1 -j ACCEPT iptables -A INPUT -p tcp -m state --syn --state NEW --dport 22 -j DROP In a second example, iptables are set to allow only host 193.180.177.13 to connect to the SSH service. After three failed login tries, iptables allows the host only one login try per minute: iptables -A INPUT -p tcp -s 193.180.177.13 -m state --syn --state NEW --dport 22 -m limit --limit 1/minute --limit-burst 1 -j ACCEPT iptables -A INPUT -p tcp -s 193.180.177.13 -m state --syn --state NEW --dport 22 -j DROP ------------------------------------------------ reverse SSH 2222 is the port that will appear on remote server. ssh -nNT -R 2222:localhost:22 host.dot.com ---------------------------------------------------- /usr/bin/rsync -avCzu --progress --timeout=999 -e ssh root@remotehost.com:/home/user/ /local/folder/ ------------------------ list unique hosts with $9 cat /var/log/daemon.log|grep Compiled|awk '{print $9}'|sort|uniq ----------------------------------------------------------------- #list directories and chown each own name find . -maxdepth 1 -type d|sed 's/.\///'|while read q;do chown -R $q.users $q/;done ------------------------------------- # list all files within folder and print permissions and ownerships. find /home/leming/ -type f -print0|xargs -0 stat -c "%a %U.%G %n" -------------------------------------- working on: find . -maxdepth 1 -type f|sed 's/.\///'|grep -e .com -e .net -e .uk -e .tv -e .info|grep -v '~$'|wc -l ---------