Corporate Office:
Comentum Corp.
6222 Ferris Square
San Diego, CA 92121
Phone: 858-410-1500
Fax: 858-410-0707
Sales:
800-387-1920
Hours: Mon. - Fri.
9 a.m. - 5 p.m. PST
UNIX COMMANDS REFERENCE
UNIX Getting Started Manual
|
System Shut Down
|
|
Shutting Down
|
|
shutdown -h now
shutdown -h +15
|
Displays the file hello.txt
|
|
shutdown -r now
shutdown -r +15
|
Shut Down > Restart now or in 15 minutes.
|
|
|
IP Configuration
|
|
IP Configuration
|
|
ifconfig -a
ifconfig eth0
|
View all of the IP configuration
View the Configuration for eth0
|
Edit the ifcfg-eth0 file:
|
cat /etc/sysconfig/network-scripts/ifcfg-eth0
|
View the Config File
|
|
pico /etc/sysconfig/network-scripts/ifcfg-eth0
|
Edit and Save the Config File
|
|
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:13:72:3E:55:72
IPADDR=192.168.1.10
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
TYPE=Ethernet
|
Type in the new IP information. and save the file.
|
ifdown eth0
ifup eth0
|
Restart the eth0 - the new configuration will take effect.
|
|
|
|
|
IP
Configuration
(Temporary)
|
|
ifconfig lo0 localhost up
ifconfig eth0 inet 192.168.1.1 netmask 255.255.255.0
broadcast 192.168.1.255
|
Temporarily uses the new IP until the next reboot.
|
|
|
Default
Gateway
|
Edit the network file:
|
cat /etc/sysconfig/network
|
View the Network File
|
|
pico /etc/sysconfig/network
|
Edit and Save the Network File
|
|
|
Default
Gateway
(Temporary)
|
|
route add default gw 192.168.1.1 eth0
|
Temporarily uses the new gateway IP
|
NETWORKING=yes
HOSTNAME=server20.comentum.com
GATEWAY=192.168.1.1
|
Type in the new gateway and host
information. and save the file.
|
|
service network restart
|
Restart the network services
|
|
|
Domain Name
Servers
|
Edit the /etc/resolv.conf file:
|
cat /etc/resolv.conf
|
View the resolv.conf File
|
|
pico /etc/resolv.conf
|
Edit and Save the resolv.conf File
|
|
search comentum.com
nameserver 66.28.0.45
nameserver 206.13.28.11
nameserver 67.17.215.132
|
Type in the new gateway and host
information and save the file.
|
|
|
hostname
|
Print the name of the host machine.
|
|
Back to Top
|
|
Firewall
|
|
Firewall with
Editing iptables
|
|
iptables -L
cat /etc/sysconfig/iptables
|
View the current firewall configuration
View/read the real firewall file
|
Edit the iptables file:
|
pico /etc/sysconfig/iptables
|
Edit and Save the firewall iptables file
|
|
.# This firewall is an example of a Linux web, ftp, pop3 & smtp server
.# It also limits ssh access to a block of IP - you need to customize the IPs to match your allowed IPs for ssh access
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [131962:7397220]
:inputf - [0:0]
-A INPUT -j inputf
-A FORWARD -j inputf
-A inputf -i lo -j ACCEPT
-A inputf -m state --state RELATED,ESTABLISHED -j ACCEPT
-A inputf -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A inputf -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A inputf -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A inputf -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A inputf -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A inputf -s 192.168.1.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
-A inputf -p ipv6-crypt -j ACCEPT
-A inputf -p ipv6-auth -j ACCEPT
-A inputf -j REJECT --reject-with icmp-host-prohibited
COMMIT
|
|
shutdown -r now
|
Restart the server
|
|
|
Modifying the Current
Firewall Setting
|
|
iptables -I inputf 6 -p tcp -m state --state NEW -m tcp --dport
143 -j ACCEPT
/sbin/service iptables save
|
Will insert this rule to the line 6 of inputf chain
Will SAVE the iptables with the new rule.
|
|
|
Firewall with
iptables command
Another Version
|
|
iptables -L
cat /etc/sysconfig/iptables
|
View the current firewall configuration
View/read the real firewall file
|
|
Copy IP Table for Backup:
##################
cp /etc/sysconfig/iptables iptablesbackup
# Clear all Tables
##################
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
#Set Default Policy
# Be Carefull : This will drop your ssh connection.
# This setting needs to be implemented from the machine's command line.
###################
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# Loopback setup
################
iptables -A INPUT -i lo -j ACCEPT
# Inbound connections
# Customize the below based on your needs for example to add POP3/Port 110 services add:
# iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
# add the above statement after Port 80 statement.
#####################
iptables -A INPUT -m state --state ESTABLICHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -j DROP
# Save the new setting
/sbin/service iptables save
|
|
Back to Top
|
|
