Saturday, December 12, 2015

Block IP using blackole route

A null, also known as Blackhole, is a routing table entry that discards a matching packet without sending it further. It is mainly used for preventing/ blocking an unwanted IP to attack your system. It drops the IP using IPtables. for instance, if you want to block an IP address 192.168.0.1, you can write the command:
# ip route add blackhole 192.168.0.1/32

your system will now drop all packets coming from 192.168.0.1

Teaming 2 Network cards

If we have two network interfaces, eth0 and eth1 and we want it to be shown in a single bond as bond0, we need to first create a config file with the name bond0. The network configuration in Linux stores files in etc/sysconfig/network-scripts/ directory.
The work parameters must be set as follows:

#vi /etc/sysconfig/network-scripts/bond0

DEVICE=bond0
IPADDR=192.168.1.20
NETWORK=192.168.1.0
NETMASK=255.255.255.0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
The IP address must be replaced with your actual setup.
Open eth0 and eth1 configuration files
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
# vi /etc/sysconfig/network-scripts/ifcfg-eth1
Modify the parameters as follows:
DEVICE=eth0
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
DEVICE=eth1
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
Save and close the file.
 Now load the bond driver/module when the channel bonding interface is brought up. The kernel configuration files are also modified using # vi /etc/modprobe.conf
Add these lines :
alias bond0 bonding
options bond0 mode=balance-alb miimon=100
 Test configuration using these two steps:
Firstly, load the bonding module:
# modprobe bonding
Restart the network to see bond0 interface:
# service network restart

Both Nic's should now be working as one

Wednesday, September 30, 2015

Add a windows domain user to a computers local administrator group remotely




To Add a windows domain user to a computers local administrator group remotely

first download and install PsExec from

https://technet.microsoft.com/en-us/sysinternals/bb897553.aspx

open command prompt

use psexec to connect to computer

psexec \\computer_name -u \domain\administrator -p password cmd

a command prompt of the remote computer will open on your computer

then type in the command prompt

net localgroup administrators domain\user /add

should return command completed succesfully

Done.


Monday, August 3, 2015

Ethtool Examples


Ethtool is the defacto tool for interacting with your network adapters.

ethtool ethn0   (or whichever eth device you want information on)
gives you detailed information about your network adapter.

ethtool -i eth0  Will display the driver settings, driver version,firmware version and bus details

ethtool -a eth0  will show you the auto negotiation details of your adapter.

ethtool -S eth0 will display network statistics IE how many bytes have been sent and how many bytes have been received by the adapter.

And then my favourite

ethtool -p eth0   will physically identify your network card by causing the LED's on the network card to flash on and off.  this is very useful when you have multiple network interfaces and need to know which interface is bound to which eth device on your system.

ethtool -t eth0 offline     will bring the adapter offline to perform diagnostics and testing
ethtool -t eth0 online     will perform testing whilst the adapter is online and available to your system)

provided your Nic supports this feature ethertool will perform diagnostics  on your network adapter



Thursday, July 30, 2015

Output from rpm -qa, how to extract only the name of the package?

If you need to migrate to a new computer and want to install the same packages that were on your old computer on the new one, the following pipes all the packages into a list that you can then use to install on the new computer.

rpm -qa --qf "%{NAME}\n" > filelist.txt

Then to install the packages

yum -y install  `cat filelist.txt`
or
yum -y install $(cat filelist.txt)

Wednesday, July 29, 2015

How to show only settings and not the comments in a file

In Bash , ZSH or most shells. Comments are added in files using #   or sometinmes ;

Sometimes files are full of comments and finding the settings that are set amongst all the comments can be confusing.

The following will show you the contents of a file excluding lines begining with #

substitute the #   with a ;  if your program uses ;  to comment


grep -v '^#'  filename

Sunday, February 8, 2015

nmcli basics and examples

nmcli  is the  cli for network manager which is the new way to configure network and network adaptors in Redhat/Centos 7 and Fedora 21

Here are some basic nmcli commands to get you going.

The nice thing with nmcli is that you can tab through all options ie you don't need to remember all the commands, tab completion will bring them up.

nmcli hitting tab here brings up the following options
con  -- NetworkManager connections
dev  -- devices managed by NetworkManager
nm   -- NetworkManager status

nmcli dev  hitting tab here will bring up the following options
disconnect  -- disconnect device and prevent it from automatically activating
list        -- get detailed information about devices
status      -- print status of devices
wifi        -- list available WiFi access points

similarly
nmcli con  hit tab will bring up the following
delete  -- delete a connection
down    -- deactivate a connection
list down   -- list configured connections
status  -- print status of active connections
up      -- activate a connection

nmcli nm
enable  -- get status or enable/disable networking
sleep   -- get sleep status or put to sleep/awake NetworkManager
status  -- show overall status of NetworkManager
wifi    -- inquire or set status of WiFi in NetworkManager
wwan    -- inquire or set status of WWAN in NetworkManager

To show all configured connections
nmcli con 


To connect to a wifi network

first nmcli dev wifi
to see list of available networks then

nmcli dev wifi connect networkname password inputpassword

switch wifi off
nmcli nm wifi off

Bring eth0 adaptor up

nmcli -p con up id "My wired connection" iface eth0

activates the connection with name "My wired connection" on interface eth0. The -p option makes nmcli show progress of the activation.

Get list
nmcli con

Stop interface
nmcli con down id 'Connection'

Start interface
nmcli con up id 'Connection'

Friday, February 6, 2015

Booting into single user mode and changing root password Centos / Redhat 7


since among other things this process is also now different in redhat 7 / CentOS 7
here is how you do it in redhat 7

During boot, press "e" at the grub loader.
Scroll down using the arrow keys to the line starting with "linux". It would look like this.
linux16 /vmlinuz-3.10.0......
Remove the following from that line. "rhgb" and "quiet".
Add the following to the end of the line. "init=/bin/sh".
Press ctrl+x to continue the boot process.
Once the system is booted, you will be at the root user in single user mode. But this is in a read only file system.
You need to mount the / filesystem.
mount -o remount, rw /
Test that you can write to /, following command should work without error.
touch /tmp/test
Now change your password for root
passwd
Touch the following file to make sure things are ok on SELinux, this is a fix file process.
touch /.autorelabel
Finally start the normal boot process.
exec /sbin/init

You're Done.

Saturday, January 10, 2015

Upgrade from Fedora 20 to Fedora 21

make sure your fedora 20 is up to date

yum update

reboot
then

sudo fedup --network 21 --product=nonproduct

Once Fedup completed

Reboot the system
Once the system reboots, there should be a new entry in the GRUB menu titled System Upgrade.
Select the System Upgrade option from the GRUB menu
Remark: If the System Upgrade item is not shown in the grublist at boot, it is most often caused by having a different grub, most often installed by another Linux distribution you may have in multiboot. To correct this quickly: reinstall grub:
grub2-mkconfig -o /boot/grub2/grub.cfg
grub2-install /dev/sda (replace /dev/sda by any other device you prefer to boot from)
The system should boot into the upgrade process and a plymouth boot screen should be displayed
There is a root shell on VT2 so you can tinker with the system if something goes wrong. (To disable this, boot with rd.upgrade.noshell)
Press 'esc' to see a more detailed log. If you switch back to the graphical progress indicator, it may show 0% for the remainder of the upgrade but that does not mean the upgrade has stopped.
Once the upgrade process has completed, the system will reboot and an option to boot Fedora 21 will be on the grub menu.


Cleaning Up Post Upgrade

It is worth rebuilding the RPM DB to prevent RPMDB checksum error when doing a distribution sync:

sudo rpm --rebuilddb

There are a collection of post-upgrade things to do. Some of which are fixed by doing a distro sync:

sudo yum distro-sync --setopt=deltarpm=0

This tool search for .rpmnew, .rpmsave and .rpmorig files and ask you what to do with them: Keep current version, place back old version, watch the diff or merge.

sudo yum install rpmconf

sudo rpmconf -a

If you are using google-chrome from the Google repository, you must re-install google-chrome due to a packaging bug on the Google side of things. Make sure to adjust the command to the build type you would like to install:


sudo yum remove google-chrome-\* && sudo yum install google-chrome-stable

Enjoy Fedora 21