iptables -A INPUT -p sctp --dport 80 -j DROP Limit the number of parallel HTTP requests to 16 per class C sized network

(24 bit netmask) iptables -p tcp --syn --dport 80 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j REJECT This allows specification of the ICMP type, which can be a numeric ICMP type, or one of the ICMP type names shown by the command iptables -p icmp -h This is what can be used to route outgoing data connections from an FTP server over two lines based on the available bandwidth at the time the data connection was started. Mark based on available bandwidth: iptables -t mangle -A balance -m conntrack --ctstate NEW -m helper --helper ftp -m rateest --rateest-delta --rateest1 eth0 --rateest-bps1 2.5mbit --rateest-gt --rateest2 ppp0 --rateest-bps2 2mbit -j CONNMARK --set-mark 1 This is what can be used to route outgoing data connections from an FTP server over two lines based on the available bandwidth at the time the data connection was started. Estimate outgoing rates: iptables -t mangle -A POSTROUTING -o eth0 -j RATEEST --rateest-name eth0 --rateest-interval 250ms --rateest-ewma 0.5s Create a badguy list out of people attempting to connect to port 139 on your firewall and then DROP all future packets from them without considering them. iptables -A FORWARD -m recent --name badguy --rcheck --seconds 60 -j DROP Show the default policy for all incoming packages iptables -L INPUT Limit the number of parallel HTTP requests to 16 for the link local network (ipv6) ip6tables -p tcp --syn --dport 80 -s fe80::/64 -m connlimit --connlimit-above 16 --connlimit-mask 64 -j REJECT iptables -A INPUT -p sctp --chunk-types any DATA:Be -j ACCEPT iptables -t nat -n -L Dynamically create a list of IP addresses and then match against that list iptables -A FORWARD -p tcp -i eth0 --dport 139 -m recent --name badguy --set -j DROP

Allow anyone to connect to port 21, for ftp iptables -A INPUT -p tcp --dport 21 -j ACCEPT Allow 2 telnet connections per client host iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimitabove 2 -j REJECT Accept 2 telnet connections per client host iptables -A INPUT -p tcp --syn --dport 23 -m connlimit ! --connlimitabove 2 -j ACCEPT Mark based on available bandwidth iptables -t mangle -A balance -j CONNMARK restore-mark Log every new connection comming into eth0 iptables -t nat -I PREROUTING -i eth0 -j LOG --log-prefix "incoming " --log-level 5 Allow all outgoing connections that are originating from your computer iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT Reject all packets from ip 123.123.123.123 iptables -A INPUT -p tcp -s 123.123.123.123 -j REJECT --reject-with tcp-reset iptables -A PREROUTING -t mangle -i eth1 -m cluster Stop the outside world from establishing a connection with your computer iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Linux: How to change the text size or character size in runlevel 3 (text mode) If you have large size (21") or small size (14") monitor, it is better to use large/small character size. But how do you setup character size in runlevel 3 under Linux? The answer is simple, use the kernel framebuffer. It allows you to set the Linux text scree (console) to higher or lower resolution. The Linux framebuffer (fbdev) is a graphic hardware-independent abstraction layer to show graphics on a console without relying on system-specific libraries such as SVGALib or the heavy overhead of the X Window System.

Open GRUB configuration file grub.conf # vi grub.conf

Append line vga=0x318 (a 24-bit color depth @ 1024x768 display) to kernel line. At the end your modification should look like as follows: title Debian Linux, AMD-VSNL (VMWARE) root (hd1,0) kernel /boot/vmlinuz-2.6.17.11-ROCKY-DEV-AMD root=/dev/hdb1 ro vga=0x318 initrd /boot/initrd.img-2.6.17.11-ROCKY-DEV-AMD savedefault boot Save and close the file. Reboot the system: # reboot 0x318 (hex) is a mode. Here are common modes: Colors 8 bits 16 bits 24 bits 640x480 0x301 0x311 0x312 800x600 0x303 0x314 0x315 1024x768 0x305 0x317 0x318

Q. If you rum rm command accidentally and deleted important a file, recovery becomes critical under Linux and/or UNIX oses. A. First use wall (only the super-user can write on the terminals of users) command write a message to all users, then use init (process control initialization) command to take system to single user mode.

Using grep (traditional UNIX way) to recover files Use following grep syntax: grep -b 'search-text' /dev/partition > file.txt OR grep -a -B[size before] -A[size after] 'text' /dev/[your_partition] > file.txt Where, -i : Ignore case distinctions in both the PATTERN and the input files i.e. match both uppercase and lowercase character. -a : Process a binary file as if it were text -B Print number lines/size of leading context before matching lines. -A: Print number lines/size of trailing context after matching lines. To recover text file starting with "nixCraft" word on /dev/sda1 you can try following command: # grep -i -a -B10 -A100 'nixCraft' /dev/sda1 > file.txt Q. Test If Linux Server SCSI / SATA Hard Disk Going Bad A. smartctl is a command line utility designed to perform SMART tasks such as printing the SMART self-test and error logs, enabling and disabling

SMART automatic testing, and initiating device self-tests. Make sure S.M.A.R.T. support is enabled in the BIOS. Next run following command to see if your hard disks support S.M.A.R.T technology: # smartctl -i /dev/sdb Now enable SMART: # smartctl -s on -d ata /dev/sdb Now run overall-health self-assessment test: # smartctl -d ata -H /dev/sdb The following will provide even more information about failing hard disk: # smartctl --attributes --log=selftest /dev/sda You can read more data from hard disk by typing following command: # smartctl -d ata -a /dev/sdb To look at ATA disks behind 3ware SCSI RAID controllers, use syntax such as: # smartctl -a -d 3ware,2 /dev/sda # smartctl -a -d 3ware,0 /dev/twe0 You need to begin an extended self-test of drive /dev/hdc. You can issue this command on a running system. The results can be seen in the self-test log visible with the '-l selftest' option after it has completed. # smartctl -d ata -t long /dev/sdb

Sample Failing Hard Disk Detailed Report # smartctl -a /dev/sda

More Knowledge About locale -: Your Linux script (or UNIX commands) may be used by all over the world in various languages other than English. Linux offers support different languages. You can setup local by editing your ~/.bashrc or ~/.bash_profile file. You need to set environment variables. How Do I Display Current Settings? $locale Q Find Out All Available Local Settings A. $ locale -a Q. How Do I Change My Settings?