Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • RHEL Runlevels

    Загружено:

    gaurav775588
    17 просмотров7 страниц
    The document provides examples of iptables commands to configure Linux firewall rules. Some examples include flushing existing rules, setting default chain policies to DROP, blocking specific IP addresses, and allowing incoming and outgoing traffic for services like SSH, HTTP, HTTPS and ping. Rules are added to the INPUT, OUTPUT and FORWARD chains to filter network traffic based on port, protocol and IP address.

    Исходное описание:

    Оригинальное название

    Boot Process

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    DOCX, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    The document provides examples of iptables commands to configure Linux firewall rules. Some examples include flushing existing rules, setting default chain policies to DROP, blocking specific IP addresses, and allowing incoming and outgoing traffic for services like SSH, HTTP, HTTPS and ping. Rules are added to the INPUT, OUTPUT and FORWARD chains to filter network traffic based on port, protocol and IP address.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате DOCX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    17 просмотров7 страниц

    RHEL Runlevels

    Загружено:

    gaurav775588
    The document provides examples of iptables commands to configure Linux firewall rules. Some examples include flushing existing rules, setting default chain policies to DROP, blocking specific IP addresses, and allowing incoming and outgoing traffic for services like SSH, HTTP, HTTPS and ping. Rules are added to the INPUT, OUTPUT and FORWARD chains to filter network traffic based on port, protocol and IP address.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате DOCX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 7

    BOOT PROCESS

    Posted by Ranjeet at 01:31 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook

    Graphical Interface
    GNOME and KDE System Monitors The GNOME and KDE desktop environments both have graphical tools to assist you in monitoring and modifying the behavior of your system. Posted by Ranjeet at 01:25 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook

    Runlevels in RHEL
    Most versions of Unix use different run levelsto define different operational and security states of the Unix system.The `init` command is used to change the run level. Other commands which change the run level include reboot, halt, and shutdown.

    Run Level 0 1 2 Halt

    Description Single user mode Multiuser, without NFS

    3 4 5 6

    Full multiuser mode Unused X11 Reboot

    Posted by Ranjeet at 01:22 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook

    Managing Services in Linux


    start Starts the service if its currently not running stop Stops the service if it is currently running restart Stops and then restarts the service status Lists the current operational status of the service reload If the service is currently running, it loads the current version of the configuration file(s) with any changes. The service is not stopped, users who have previously connected are not kicked off

    force-reload Restarts a service if its already running; otherwise, makes sure the new service is started with the latest version of a configuration file

    Posted by Ranjeet at 01:13 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook

    Terminals and Login Screens


    The login terminals in Linux are virtual consoles. Most Linux systems, including RHEL 6, are configured with six standard command line virtual consoles. These consoles are numbered from 1 to 6. When configured with a GUI and a login manager, other Linux distributions include a seventh virtual console, with a graphical login screen. Thats one place where RHEL 6 is a bit different, as in most cases, it substitutes the graphical login screen for the first virtual console. That applies just for the graphical login screen. If you start the GUI with the startx command, the GUI is run in the seventh virtual console. Posted by Ranjeet at 01:07 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook

    File System Hierarchy

    Linux File System Hierarchy

    Posted by Ranjeet at 00:45 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook

    IPTABLES

    IPTABLES Examples 1. Delete Existing Rules


    Before you start building new set of rules, you might want to clean-up all the default rules, and existing rules. Use the iptables flush command as shown below to do this. iptables -F

    (or)

    iptables --flush

    2. Set Default Chain Policies


    The default chain policy is ACCEPT. Change this to DROP for all INPUT, FORWARD, and OUTPUT chains as shown below. iptables -P INPUT DROP

    iptables -P FORWARD DROP

    iptables -P OUTPUT DROP

    3. Block a Specific ip-address


    Before we proceed further will other examples, if you want to block a specific ip-address, you should do that first as shown below. Change the x.x.x.x in the following example to the specific ip-address that you like to block. BLOCK_THIS_IP="x.x.x.x"

    iptables -A INPUT -s "$BLOCK_THIS_IP" -j DROP

    You can also use one of the following variations, which blocks only TCP traffic on eth0 connection for this ip-address. iptables -A INPUT -i eth0 -s "$BLOCK_THIS_IP" -j DROP

    iptables -A INPUT -i eth0 -p tcp -s "$BLOCK_THIS_IP" -j DROP

    4. Allow ALL Incoming SSH


    The following rules allow ALL incoming ssh connections on eth0 interface. iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

    iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

    5. Allow Incoming SSH only from a Sepcific Network


    The following rules allow incoming ssh connections only from 192.168.100.X network. iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 22 -m state -state NEW,ESTABLISHED -j ACCEPT

    iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

    6. Allow Outgoing SSH


    The following rules allow outgoing ssh connection. i.e When you ssh from inside to an outside server. iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

    iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED j ACCEPT

    7. Allow Incoming HTTP and HTTPS


    The following rules allow all incoming web traffic. i.e HTTP traffic to port 80. iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT

    iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

    The following rules allow all incoming secure web traffic. i.e HTTPS traffic to port 443.

    iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT

    iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT

    8. Allow Ping from Outside to Inside


    The following rules allow outside users to be able to ping your servers. iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT

    iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT

    9. Allow Ping from Inside to Outside


    The following rules allow you to ping from inside to any of the outside servers. iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT

    iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT

    Вам также может понравиться