Monday, June 5, 2017

basic commands for firewalld RHEL 7.2

1. Check firewall is installed or not

rpm -aq | grep firewalld

2. Check config file of firewall

rpm -qc firewalld

3. check status of firewall service

systemctl status firewalld

4. Check the health state of firewall
firewall-cmd --state


5. Get the list of zones avaliable in firewall

firewall-cmd --get-zones

6. Get default zone of firewall
firewall-cmd --get-default-zone


7. Set default zone
firewall-cmd --set-default-zone=internal

NOTE: Internal is zone name, you can replace with your zone


8. Add port to firewall(ex : 3306 mysql port) permanently, too see the changes reaload the firewall and list it agian.
 firewall-cmd --add-port=3306/tcp --permanent
NOTE: 3306 is mysql port & tcp is protocal, if we do reload with out permanently attribute, port will be opened tempararly

9. List the firewall ports and see the opened port is in list or not.
firewall-cmd --list-all

O/P:
[root@10 ~]# firewall-cmd --list-all
public (default, active)
  interfaces: enp0s3 enp0s8
  sources:
  services: dhcpv6-client ssh
  ports: 80/tcp 6250/tcp 61002/tcp 8123/tcp 62503/tcp 53/tcp 62053/tcp 8181/tcp 1050/tcp 2181/tcp 8080/tcp 61003/tcp 61420/tcp 64000/tcp 62501/tcp 62080/tcp 9990/tcp 5050/tcp 61421/tcp 15055/tcp 61001/tcp 443/tcp 7070/tcp 15101/tcp 15201/tcp 62502/tcp 61053/tcp 5051/tcp 1801/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:


10. Removeing port from the list

firewall-cmd --remove-port=3306/tcp

11. Open the ports range from 3000 to 3100 and reload the firewall to see the changes

firewall-cmd --add-port=3000-3100/tcp

12. Open multipule ports and reaload to see the changes.
firewall-cmd --add-port={3000/tcp, 3000/tcp,9000/http,9005/tcp} --permanent

13. Reaload the firewall
 firewall-cmd --reload

14. Add service to the firewall and to see the changes realod the list all services
firewall-cmd --add-service=mysql --perminent
firewall-cmd --reload
firewall-cmd --list-all

15. Add multiple services to firewall
firewall-cmd --add-service={mysql,http,https} --perminent
NOTE: will give warning if its already in enabled list and we have remove from the list of service then execute.

16. Remove services from firewall and multiple services as well.
firewall-cmd --add-service=mysql
firewall-cmd --add-service={mysql,http,https}


17. Add Port forward from 8080 to 80 (80 is not enabled in firewall)
Assuming 8080 enabled, if not please enable it first.

firewall-cmd --add-forward-port=port=8080:proto=tcp:toport=80 --perminent

forward to another machine and port
firewall-cmd --add-forward-port=port=8080:proto=tcp:toport=80:toaddr=IP of another machine


18. Remove the port forwarding
firewall-cmd --remove-forward-port=port=8080:proto=tcp:toport=80


19. Adding Rich rules:

Use case: We have 3 machines
m1, IP: 192.168.1.10
m2, IP: 192.168.1.11
m3, IP: 192.168.1.12

Accept all trafic/requests from m2, and block traffic/requests from m3 to m1.

firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.11" accept'

firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.12" drop'

And check by ping from m2 & m3 to m1. Can't able to ping from m3 to m1.



20. Creating new Services and add it to firewalld

 Create a simple service file under /usr/lib/firewalld/services/my-app.xml with the following content.

<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>My application</short>
  <description>My application has to run on 9000 port</description>
  <port protocol="tcp" port="9000"/>
</service>

restart the firewall
firewall-cmd --reload
Add & list the firewall services
firewall-cmd --add-service=my-app
firewall-cmd --get-services
you should see the newly created services



Advanced firewall-cmd commands:


1. Panic on : If the system get hacked we can enable panic mode, meaning all existing, new traffic(incoming and outgoing) will be dropped. and expire the established connected,  we can use this in emergency like system get hacked.
We can disable panic and query as well following below commands.

firewall-cmd --query-panic
firewall-cmd --panic-on
firewall-cmd --panic-off




 
check Panic on for firewall
firewall-cmd --query-panic


2. Get the zone of particular interface, we can have multiple interfaces, to zones.
NOTE: Check your interface name(eth0)


firewall-cmd --get-zone-of-interface eth0

3. Get the list of interfaces under particular zone.

firewall-cmd --zone=public --list-interfaces


4.Change the zone of interface
firewall-cmd --zone=internal --change-interface=eth0 

Monday, September 30, 2013

Install Compact wireless driver in Ubuntu



 Install Compact wireless driver in Ubuntu

 

Hi Friends, 

Recently our friends got the some problem with wired & wireless
connection after the execute the following commands when new installation of
Ubuntu OS in our machine. Those are 

sudo apt-get update && sudo apt-get upgrade 

No Internet Connection in the rectangle area















The reason behind the problem is the version of the "Network Manager" will be changed after update. 
We can't stop updating the Network Manager version when we update.
after update it will not show the Wired connection icon in the task bar.

So, we can get the Internet connection by installing the "Wireless-compact" 
The Installation procedure is 

2.  Extract the wireless-compact by the following command.
        tar -xf (.tar.bz2.filename)
        Example:
        tar -xf compatct-wireless-3.5.4.1-s.tar.bz2
        After execution of above command it will be extracted a folder name as compact-wireless with corresponding version.

3. Enter into the folder by using the following command
        cd  compatct-wireless-3.5.4.1

4.  Run the script
        ./scripts/driver-select alx

5. Start the build process.
        make
6. Installing the driver.
         sudo make install
          sudo make unload

7. Finally restart the machine.


  Thank you please feel free to ask queries and valuable suggestions.
   




Sunday, September 29, 2013

Linux Man Command Example to View Man Pages

In UNIX and Linux distros, command line programs come with their own documentation called manual pages or man pages.
Man pages are generally written by the developer of the corresponding program. Generally the man pages are divided into number of sections.
The following is the list of all available man sections. Every section has a unique number and contains only a specific type of man pages. For example man section number 3 contains only man pages of library calls.

  • 1 – Executable programs or commands
  • 2 – System calls ( functions provided by the kernel )
  • 3 – Library calls ( functions provided by the library )
  • 4 – Special files
  • 5 – File formats and conventions ( configuration files )
  • 6 – Games
  • 7 – Miscellaneous
  • 8 – System administration commands

Syntax:

man <TOPICNAME>

1. View Man Page of an UNIX Command

 To read the man page of an UNIX command, pass the command name as the argument to the man. The following will display the man page for passwd command.

 $ man passwd
PASSWD(1)     User Commands     PASSWD(1)
NAME
       passwd - change user password
 
Some topics may even have man pages in more than one section. In such a case, man command will display the page which has lower section number.
In this example, the passwd command has manual pages in multiple sections. But, by default, it displays the man page from the section 1.

     The “PASSWD(1)” shown in the 1st line of the man command output indicates that it is displaying the man page from section 1. The man page output displays the command name, syntax of the commands, description of what the command does, options provided by the command, etc…

2. View Man Page from a Specific Section

To read the man page from a particular section, provide the section number as follows. The passwd command has man page in both section 1 and section 5. By default, if you don’t specify the section number, it will display man page from section 1.
To display man page from section 5, specify the section number as shown below.

$ man 5 passwd

Now it will display the manual page for /etc/passwd configuration file, since the section number 5 is for File Formats and Conversions.

3. List Available Man Sections for a Command

You can also list all the available sections on a particular topic using -aw option.
$ man -aw printf
/usr/share/man/man1/printf.1.gz
/usr/share/man/man3/printf.3.gz
From the above output, we can know that there are 2 printf manuals, one in “Commands” section and another one in “Library calls”. So, you can do the following man command to view both the man pages.

$ man printf
$ man 3 printf

4. View All Man Pages for a Command – Display All Sections

To view all the man pages for a particular topic, use the “-a” option. You’ll see the lowest-number man page first. When you exit that page, and press “Enter” the next man page will appear.
$ man -a printf

The above command will display the man page of printf(1) command 
first. When you press “q” and press “Enter”, it will display the man 
page of printf(3) library function.
 

5. Search Man Page against NAME Section

To search the man page against NAME section, use “-f” option as shown below.
$ man -f printf
printf (3)           - formatted output conversion
printf (1)           - format and print data
This is equivalent to using "whatis shell command".
The above command, searches the manual page names, and displays the description for the given topic if the manual page names, matches with the given topic. You can also pass multiple topics in the same command line.
 

6. Search Man Page against NAME and DESCRIPTION Section

To search the man page against NAME & DESCRIPTION section, use “-k” option. It is equivalent to using “apropos” shell command.
$ man -k printf
asprintf (3)         - print to allocated string
dprintf (3)          - print to a file descriptor
fprintf (3)          - formatted output conversion
fwprintf (3)         - formatted wide-character output conversion
printf (1)           - format and print data
printf (3)           - formatted output conversion
snprintf (3)         - formatted output conversion
sprintf (3)          - formatted output conversion
...
...
The above command will search for the keyword “printf” as regular expression and display all the man pages that matches the keyword.

"Please feel free to ask queries and comment"
Thank you ..... Bye... 

Saturday, September 14, 2013

Install/Uninstall xampp in Ubuntu

To Install/Uninstall xampp on ubuntu.

 

 It is very simple procedure.

 First let us see, how to install…

1.Install

     step 1 : Download xampp from the link below

                 Get the Xampp from this link  

      step 2: Extract the archive to /opt using sudo: (make 

                 you are in the directory that you downloaded the archive to)

                   sudo tar xvfz xampp-linux-1.5.3a.tar.gz -C /opt 
            
              if the version you are trying to install is different then, type 
              the appropriate version in the above mentioned code.

  
     step 3: to start, type the below code in terminal 
 sudo /opt/lampp/lampp start 
                Give the permission if necessary, to the "htdocs" folder in /opt/lampp.
  



2.Uninstall

    There are two ways to uninstall the Xampp.

       

       step 1 : type the below mentioned code in a terminal

                 sudo chmod -R777 /opt 

      step 2 : Delete the xampp folder from the location you have saved.

                Now, u have uninstalled xampp.

                                  or 

           Run the below command in terminal

                 sudo apt-get remove xampp.


Install Apache 2 web server, PHP, MySQL Server,phpmyadmin

Setting up a development Apache 2 web-server on Ubuntu 12.10 or 13.04(Install Apache 2 web server, PHP, MySQL Database server,phpmyadmin)

Here we have 5 steps to complete this installation.

Step 1 Updating the system.

 Open the terminal from the launcher or by pressing Ctrl+Alt+t.

Now before we stat installing anything you need to check for updates by typing:

sudo apt-get update
You should enter your password when prompted. If there are any updates found 
you should agree to update and let them install before continuing on with the installation.

Step 2 Installing the Apache 2 web server and PHP.

Now that the system is up to date we can install the Apache 2 web server by typing


sudo apt-get install apache2
Next we will install PHP by typing


sudo apt-get install php5
If asked asked to confirm the installation press Y  or Enter to proceed with the installation.
As these instructions are for a development web-server we will now install the Xdebug PHP 5 debugging library (this can be skipped if you just want to host PHP websites)


sudo apt-get install php5-xdebug

Step 3 Installing the MySQL Database server

Now we need to install the MySQL Database server that we will be using to provide data for our websites by typing:
 sudo apt-get install mysql-server
You may be asked to confirm the installation so press Y or Enter if needed to proceed with the installation.
You will be asked for a password for the root (administrator) user.
















MySQL Password Prompt

You will then be prompted to repeat the password that you just entered to confirm that it’s correct.















MySQL Password Confirmation

Now to allow PHP to work with MySQL we need to the php5-mysql package by typing:
sudo apt-get install php5-mysql

Step 4 Testing the Installation.

Test the web-server installation in Firefox by typing localhost in the address bar.


















Apache test page.

Step 5 Installing the MySQL administration system (optional).

Th help use create, manage and delete MySQL databases we are going to install the web based phpMyAdmin database administration system.

To install phpMyAdmin type the following in the terminal:
 
sudo apt-get install phpmyadmin

If asked asked to confirm the installation press Y  or Enter to proceed with the installation. Once downloaded you will be presented with a series of dialogs to configure phpMyAdmin with your database server and web server.

The first dialog asks what type of web server you are using. You will see a red box showing the highlighted option. The currently selected option will have beside it.








 


 

  First phpMyAdmin set-up dialog to select the web-server type.

On the screen above make sure that the apache2 has the red highlight (use the arrow keys to select it if required) and press Space to select it (you will see a *) then press Enter.

The dialog will allow you to create the dbconfig-common database used by phpMyAdmin.
















Second phpMyAdmin set-up dialog to configure the database.
Make sure that the Yes option is highlighted and press Enter to configure the database.

The next dialog requests the database administrator password to create and manage databases. You need to type the password for the administrative (root) account for the database server then press Enter. The password will be obscured.
 














 Third phpMyAdmin set-up dialog to enter the root database password.

For the next dialog you can safely select <OK> (by using the Tab key) then press Enter to generate a random database password for the phpmyadmin user.

















Fourth phpMAdmin set-up dialog to configure the database password.

Next we will test the php, mysql and phpmyadmin installations by typing localhost/phpmyadmin in the Firefox address bar.
























Testing PHP, MySQL and phpMyAdmin.

The user name is root and the password is the database server root password. If you can login then PHP, MySQL and phpMyAdmin are correctly installed.

 Final steps

To make the webserver usable we will need to set-up a websites folder, set-up virtual hosts and enable some required apache modules.