RHEL6
CREATING LINUX PARTITION:
Step 1- list all partition# fdisk –l
Step2- create new partition
# fdisk /dev/had
Step3- format the new partition
# mkfs.ext4 /dev/hdan
Step4- mount the partition
# mount -t ext4 /dev/hdan /mnt/data => temporary
# vim /etc/fstab => permanent
/dev/hdan /mnt/data ext4 defaults 0 0
Step 5- Activate the new partition
# mount –a
DEFINING LABEL TO PARTITION:
Step 1- Giving label# e2label /dev/hdan <label name>
MOUNT USING LABEL:
# mount LABEL=<label name> /mnt/data => temporary
# vim /etc/fstab => permanent
LABEL=<label name> /mnt/data ext4 defaults 0 0
CREATING SWAP PARTITION:
Step 1- Create a partition of type “swap” using “fdisk”# fdisk /dev/had
Step 2- Format the partition as SWAP
# mkswap /dev/hdan
Step 3- Enable the swap space
# swapon /dev/hdan => to enable swap
# swapoff /dev/hdan => to disable swap
Step 4- Permanent availability to the system
# vim /etc/fstab
/dev/hdan swap swap defaults 0 0
Step 5- check and reconfigure again
# swapon –a
# swapon –s
CREATING SWAP FILE:
Step 1- Creating swap file# dd if=/dev/zero of =/swapfile bs=1M count=300
Step 2= Configure the file as swap
# mkswap –v1 /swapfile
Step 3- Enabling the swap file
# swapon /swapfile
Step 4- Entry in /etc/fstab file
# vim /etc/fstab
/swapfile swap swap defaults 0 0
Step 5- Activation and confirm
# swapon –a
# swapon –s
CREATING LVM:
Step 1- Create two partition of 50MB each using “fdisk”, set type as “Linux LVM”Step 2- Create physical volumes
# pvcreate /dev/hda{6,7}
# pvdisplay => to check
Step 3- Create volume group
# vgcreate vg1 /dev/had{6,7}
# vgdisplay => to check
Step 4- Change volume group to ACTIVE
# vgchange -a y vg1
Step 5- Creating logical volume
# lvcreate – -size +50M –n lvm1 vg1
# lvdisplay => to check
Step 6- Format the logical volume
# mkfs.ext4 /dev/vg1/lvm1
Step 7- Mount
# vim /etc/fstab
/dev/vg1/lvm1 /mnt/lvm ext4 defaults 0 0
# mount –a => to activate
Step 8- To confirm
# df –h
RESIZING THE LVM:
Step 1- Unmount the LVM# umount /dev/vg1/lvm1
Step 2- Extending the LVM size
# lvextend –L +50M /dev/vg1/lvm1
# resize2fs /dev/vg1/lvm1 => to update
# vim /etc/fstab => to again mount
OR
Step 2- Reducing the size
# umount /dev/vg1/lvm1 => first unmount
# e2fsck –f /dev/vg1/lvm1 => defragment
Forcefully the drive
# resize2fs /dev/vg1/lvm1 50M
# lvreduce –L -50M /dev/vg1/lvm
Step 3- Again remount the drive
CREATING RAID PARTITION:
Step 1- Create three partition of 100MB eachStep 2- Create RAID-5 using “mdadm”
#mdadm –C /dev/md0 –chunk=64 –l 5 –n 3 /dev/had{7,8,9}
Step 3- Format the RAID partition
# mkfs.ext4 /dev/md0
Step 4- Mount the RAID partition in “/etc/fstab”
/dev/md0 /mnt/raid5 ext4 defaults 0 0
# mount –a => to active the mount
Step 5- Checking the RAID
# mdadm –detail /dev/md0
RECOVERING FROM HDD FAILURE:
Step 1- Making a error
# mdadm /dev/md0 –fail /dev/hda7
Step 2- Removing the faulty drive
# mdadm/dev/md0 –remove /dev/hda7
Step 3- Adding new partition
# mdadm /dev/md0 –add /dev/hda10
USER ADMINISTRATOR:
# useradd
user1
=> to add a new user# passwd user1 => to passwd the user
# usermod –G <group name> user1 => to add a secondry group
=>Options
-s => change shell
-d => change home dir
-g => change primary group
-G => change sec. group
# chown <new username> <file name> => change ownership
# chown <new username> <new grpname> <file name>
# chgrp <group name> <file name>
# stat <filename>
# chage root –m 8
ADDING QUOTA:
Step 1- Create a partition of 1 GBStep 2- Mount the partition in fstab
/dev/hda6 /mnt/ghar ext4 defaults,usrquota,grpquota 0 0
Step 3- Create a file
# touch /mnt/ghar/aquota.user
# touch /mnt/ghar/aquota.group
Step 4-Enable quota over “/mnt/ghar”
# quotacheck –cug /mnt/ghar
# quotacheck /mnt/ghar
Step 5- Adding the quota
# edquoat –u username
# edquota –p user1 user2 => prototype
Step 6- Check
# quota
# repquota /mnt/ghar
YUM LOCAL SYSTEM CONFIGURATION:
Step 1- Mount your linux DVD to “/mnt” and install “createrepo” rpm# mount /dev/cdrom /mnt
# cd /mnt/Server
# rpm –ivh createrepo*
Step 2- Take the backup of media into any directory e.g. “/var/ftp/pub”
# cd /mnt
# cp –rvf * /var/ftp/pub
Step 3- Create a repository for YUM
# craeterepo -v /var/ftp/pub
Step 4- Create and configure file for yum in /etc/yum.repos.d/ directory which have .repo extension
# vim /etc/yum.repos.d/local.repo
[repo]
name=repository
baseurl=file:///var/ftp/pub
enabled=1
gpgcheck=0
Step 4- Clean the old configuration store in tmp and update new configuration
# yum clean all
# yum update
YUM CLIENT CONFIGURATION USING FTP:
Step 1- Create and configure file for yum in /etc/yum.repos.d/ directory which have .repo extension# vim /etc/yum.repos.d/local.repo
[repo]
name=repository
baseurl=ftp://server_ip/pub
enabled=1
gpgcheck=0
Step 2- Clean the old configuration store in tmp and update new configuraton
# yum clean all
#yum update
Step 3- Then install the packages using yum utility
# yum install pkg_name
# yum remove pkg_name
# yum update pkg_name
MANAGEING NETWORK TO LINUX:
Step 1- Check IP Address# ifconfig
Or
# ip addr
Step 2- Check weather NIC is detected
# ethtool <eth0> => eth0= ur Ethernet
Step 3- Assigning IP Address to your machine
# setup
ð Now follow the instruction, and select network device and then give the IP Address and subnet mask, and save it.
Step 4- Making IP Address active
# service network restart
MAKING DIRECT ENTERY TO CONFIGURATION FILE:
Step 1- Open network file i.e. “/etc/sysconfig/network-scripts/ifcfg-eth0”
# vim /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=”static” => make direct entry to this file
IPADDR=”192.168.0.X”
NETMASK=”255.255.255.0″
Gateway=”192.168.0.1
Step 2- Now restart the network service
# service network restart
NFS:
-Uses standard client/server architecture.-Using NFS the server “export” his data to other clients.
-Provide centralize storage solution.
Problems:
-Network congestion.
-Heavy disk activity on server
-For security reason NFS should not be used over the network.
| Installation Packages | Services | Port No. | Config. File |
| -nfs-portmap | -nfs-portmap | -2049 NFS-111 PORTMAP | /etc/exports |
# yum install nfs portmap
Step 2- Edit the config. File
# vim /etc/exports
<what you want to share> <on which network>
/var/ftp/pub 192.168.0.1(rw,sync)
Step 3- Restart the services
# service nfs restart
Step 4- To check the list of shares
# showmount –e 192.168.0.X => “X” is your NFS server IP
Client Side:
-Take any client from the network,
# showmount –e 192.168.0.X
# mount 192.168.0.X:/var/ftp/pub /mnt/share => where you want to mount
The share
-Permanent Mount
# vim /etc/fstab
192.168.0.X:/var/ftp/pub /mnt/share nfs defaults 0 0
-And then share over network using NFS.
FILE TRANSFER PROTOCOL:
-File transfer protocol is the one of the oldest member of TCP/IP and still in common use.-It transfer file b/w Unix-Linux-Mac-Windows-Mobile
-Used for uploading/downloading.
| Installation Packages | Services | Port No. | Config. File |
| -vsftpd-ftp | -vsftpd | -20 Data Transfer-21 Control Cnnc. | /etc/vsftpd/vsftpd.conf |
# yum install vsftpd
Step 2- Edit conf. file
# vim /etc/vsftpd/vsftpd.conf
anonymous_enabled = yes => public user can download
Local_enable = yes => local user can connect to FTP
anon_upload_enable = yes => pub user can upload
ftpd_banner =welcome => banner purpose
Step 3- Check syntax error
# vsftpd
Step 4- Restart the service
# service vsftpd restart
Client Side:
# ftp://192.168.0.X => “X” is your FTP server IP
-And then login using anonymous user and download/upload.
SAMBA SERVER:
-To share from Unix/Linux/Mac to windows we use samba server.| Installation Packages | Services | Port No. | Config. File |
| -samba | -smb | -137 Net Bios Name-139 Net Bios Session | /etc/samba/smb.conf |
# yum install samba*
Step 2- Edit conf. file
# vim /etc/samba/smb.conf
workgroup = SMBWORKGROUP
hosts allow = 192.168.0. 127.
[myshare]
comment = share
path = //mnt/share
valid users = ram shyam
public = no
writable = yes
printable = no
browseable = yes
create mask = 0765
Step 3- Adding security context
# chcon –R –t samba_share-t /mnt/share
# ls –lZ /mnt/share => to check security context
# testparm
# smbstatus
Step 4- Create user account that can access samba
# smbpasswd -a <username>
Client Side:
# smbclient //192.168.0.X/shared –U <user name>
Enter user password: => and then proceed
DNS BIND:
–Four different types of DNS- A master DNS Server for your domain(s), which stores authoritative records for your domain.
-A slave DNS Server, which relies on a master DNS Server for data.
-A caching only DNS Server, which stores recent request like a Proxy server.
-A forwarding only DNS Server, which refer all requests to other DNS Server.
| Installation Packages | Services | Port No. | Config. File |
| -bind-system-config-bind | -named | -53 DNS | /etc/named.conf |
# yum install bind* system-config-bind
Step 2- Run system-config-bind to create default “named.conf” configuration file
# system-config-bind => it will give some error
Message, let it give.
Step 3- Copy “named.root” file
# cp /usr/share/doc/bind-<version>/sample/var/named/named.root /var/named/chroot/var/named/
Step 4- Open and write configuration for forward and reverse lookup zone in “named.conf” file
# vim /var/named/chroot/etc/named.conf
Server 192.168.0.X {
};
options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
/*
/ * If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
zone “ example.com.” IN {
type master;
file “server.for”;
};
zone “0.168.192.in-addr.arpa.” IN {
type master;
file “server.rev”;
};
Step 5- Create database file for forward and reverse lookup zone
# cd /var/named/chroot/var/named/
# cp named.local server.for
# cp named.local server.rev
# vim server.for
$TTL 86400
@ IN SOA example.com. root.example.com. (
42 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
@ IN NS server1.example.com.
@ IN A 192.168.0.1
server1.example.com. IN A 192.168.0.1
station1.example.com IN A 192.168.0.2
pc10.example.com. IN A 192.168.0.10
pc11.example.com. IN A 192.168.0.11
pc12.example.com. IN A 192.168.0.12
pc13.example.com. IN A 192.168.0.13
pc14.example.com. IN A 192.168.0.14
pc15.example.com. IN A 192.168.0.15
pc16.example.com. IN A 192.168.0.16
pc17.example.com. IN A 192.168.0.17
pc18.example.com. IN A 192.168.0.18
pc19.example.com. IN A 192.168.0.19
opc20.example.com. IN A 192.168.0.20
station18 IN CNAME pc18.example.com.
save & exit
# vim server.rev
$TTL 86400
@ IN SOA example.com. root.example.com. (
42 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
@ IN NS server1.example.com.
1 IN PTR server1.example.com.
2 IN PTR station1.example.com.
10 IN PTR pc10.example.com.
11 IN PTR pc11.example.com.
12 IN PTR pc12.example.com.
13 IN PTR pc13.example.com.
14 IN PTR pc14.example.com.
15 IN PTR pc15.example.com.
16 IN PTR pc16.example.com.
17 IN PTR pc17.example.com.
18 IN PTR pc18.example.com.
19 IN PTR pc19.example.com.
20 IN PTR pc20.example.com.
save & exit
Step 6- Input DNS address in “resolve.conf” file
# vim /etc/resolve.conf
search example.com
nameserver 192.168.0.X
Step 7- Input local resolver entry
# vim /etc/hosts
192.168.0.X server1.example.com server1
Step 8- Restart named service
# service named restart
Step 9- Now check it
# dig example.com
status : NOERROR
# dig –x 192.168.0.X
Status : NOERROR
# nslookup
>server1.example.com
Server: 192.168.0.X
Address: 192.168.0.X#53
Name: server1.example.com
Address: 192.168.0.X
# tail –f /var/log/message => to see error message
DNS Client:
Step 1- Input DNS address in resolve.conf file
# vim /etc/resolve.conf
search example.com
nameserver 192.168.0.X
Step 2- Now check it
# dig example.com
status: NOERROR => “X” your IP address
DHCP:
-It provides dynamically IP Address to the hosts.-DHCP also log information about the IP’s assigned to the clients at
/var/lib/dhcp/dhcp.leases
| Installation Packages | Services | Port No. | Config. File |
| -dhcp | -dhcpd | -67 DHCP server-68 DHCP client | /etc/dhcpd.conf |
# yum install dhcp*
Step 2- Edit configuration file
# vim /etc/httpd.conf
subnet 192.168.0.0 netmask 255.255.255.0
option routers 192.168.0.254;
option domain-name “example.com”;
option domain-name-sever 192.168.0.1;
range 192.168.0.10 192.168.0.80;
}
host printserver {
option host-name “printserver.example.com”;
hardware address 00:20:4A:40:1C:2D;
fixed address 192.168.0.50
Step 3- Restart the service
# service dhcpd restart
Client Side Configuration:
Step 1- Edit network file
# vim /etc/sysconfig/network-script/ifcfg-etho
BOOTPROTO=’dhcp’
Step 2- Now check
# service dhcpd start
# service dhcpd start eth1
# ifconfig => to check if you got a IP
Address
APACHE WEB SERVER:
-The most popular web server.-AOL=American Online Free Web Server.
-Sun One=Web server for SUN.
-IIS=web server for windows.
-Apache is a free open source software, the application is available for wide variety of operating system, including unix,linux and windows .
| Installation Packages | Services | Port No. | Config. File |
| -httpd | -httpd | -80 HTTP | /etc/httpd/conf/httpd.conf |
# yum install httpd*
Step 2- Edit the main configuration file
# vim /etc/httpd/conf/httpd.conf => go to the end of file and copy last lines.
ServerAdmin root@server1.example.com
ServerName server1.example.com : 80
DocumentRoot “/var/www/html”
DirectoryIndex index.html
Step 3- Create the sample “html” file
# cd /var/www/html/
# vim index.html
<html>
<body bgcolor = green>
<marquee> <h1> hello this is a test page </h1> </marquee>
<h3> kapil </h3>
</body>
</html>
Step 4- Restart the services
# service httpd restart
Step 5- Open browser & check
# firefox http://server1.example.com &
Hosting Multiple Site i.e. Virtual Hosting:
(1) Name Based- hosting multiple site on same IP.
(2) Port Based- hosting multiple site other than port no. 80.
(3) IP Based- accessing site with IP.
Step 1- Install packages
Step 2- Edit main configuration file
# vim /etc/httpd/conf/httpd.conf
-do not configure any website under main section , otherwise they will conflict.
-go to end of file and copy last lines
######## NAME BASED ########
Name virtual Host 192.168.0.10 : 80
<virtual Host 192.168.0.10 : 80>
ServerAdmin root@www.hp.com
DocumentRoot /var/www/html/hp
ServerName www.hp.com
DirectoryIndex hp.html
</Virtual Host>
<virtual Host 192.168.0.10 : 80>
ServerAdmin root@www.fedora.com
DocumentRoot /var/www/html/fedora
ServerName www.fedora.com
</virtual Host>
######## PORT BASED ########
Listen 5000
<Virtual Host 192.168.0.220 : 5000>
ServerAdmin root@hcl.com
DocumentRoot /var/www/html/hcl
DirectoryIndex hcl.html
ServerName www.hcl.com
</Virtual Host>
######## IP BASED ########
<Virtual Host 192.168.0.225 : 80>
ServerAdmin root@mail.watch.com
DocumentRoot /var/www/html/mail
ServerName mail.watch.com
DirectoryIndex mail.html
Step 3- Create Index or main home page to their respective document root folder
Step 4- Restart the service
# service httpd restart
Step 5- Check syntax error
# httpd -s
Step 6- Open the broeser and check the site
SQUID / PROXY SERVER:
-Proxy server are used to share internet connection with many clients.-A proxy server can be configured as:
(1) A simple proxy server to share the internet connection.
(2) A firewall to control access to the internet.
- Squid proxy is the most widely used open source proxy.
-Internet can also be accessed by netting but here there will be no control.
| Installation Packages | Services | Port No. | Config. File |
| -squid | -squid | -3128 SQUID | /etc/squid/squid.conf |
# yum install squid*
Step 2- Edit the configuration file
# vim /etc/squid/squid.conf
http_port 3128
visible_hostname linux_squid
cache_dir /var/spool/squid 100 16 256 => 100= MB, 16= folder, 256=
sub-folder
http_access allow all
Step 3- Restart the service
# service restart squid
Client Side:
-Open browser.
-Client as IE – tools – Internet option – Connection – LAN Setting – Select Proxy – OK
-Client as Firefox – Edit – Preference – General – Connection Setting – Manual Proxy Server – OK
PROXY FIREWALL:
-Squid as proxy firewall.
Step 1- Install the packages
Step 2- Edit the configuration file
# vim /etc/squid/squid.conf
# http_access allow all => comment it
acl labnet src 192.168.0.0/24
acl blocksite url-regex www.facebook.com
acl blocklist url-regex “/opt/sitebock.txt”
acl linuxmorning time SMTWS 08:15-11:00
http_access deny linuxmorning
http_access deny blocksite
http_access deny blocklist
http_access allow labnet
Step 3- Restart the service and check
MAIL SERVER:
-Mail server is technically known as MTP (Mail Transfer Agent).*Unix & Linux Based Mail Server-
-sendmail
-postfix
-qmail-
-smail
-exim
-zimbra
Sendmail:
| Installation Packages | Services | Port No. | Config. File |
| -sendmail-m4 | -sendmail | -25 SMTP-110 POP3-43 IMAP | /etc/mail/sendmail.mc/etc/mail/sendmail.cf |
# vim /var/named/chroot/var/named/server.for
Mail IN A 192.168.0.230
@ IN MX4 mail
# service named restart
Step 2- Install the packages
# yum install sendmail*
# yum install m4*
Step 3- Edit the configuration file
# vim /etc/mail/sendmail.mc
dnl # Deamon_option (` port = smtp, Addr = 127.0.0.1), Name =MTA`) dnl
Local_Domain (`mail.example.com.com`) dnl
MASQUEE RADE_AS (`example.com`) dnl
Step 4- Compile the configuration
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Step 5 –Restart the service
# service sendmail restart
Step 6- Check
# useradd user1
# useradd user2
# passwd user1
# passwd yser2
# su – user1
$ mail user2@example.com
Subject : test mail
<text>
Cc : user1@example.com
# su – user2
SQUIRRE MAIL:
-squirremail* =>frontend for mail server
-dovcot* =>provide POP & IMAP services
-curl*
-php-5*
-perl -5*
-cyrus* =>provide POP & IMAP services
-httpd*
Step 1- Install the packages
# yum install dovecot*
Step 2- vim /etc/dovecot/dovecot.conf
Protocols = imap pop3
Step 3 – Restart the services
# service restart dovecot
POSTFIX:
Step 1- Install the packages
# yum install postfix*
Step 2- vim /etc/postfix/main.cf
myhostname = server10.example.com =>set your hostname
mydomain = example.com =>define your domain name
myorigion = $mydomain =>set myorigion
inet_interfaces = all =>uncomment this line
#inet_interfaced = localhost =>comment hiss line
#mydestination = $myhostname, localhost.$mydomain, localhost =>comment this line
# mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
=>uncomment this line
mynetwork = 192.168.0.0/24, 127.0.0.0/8
Step 3-Restart the services
# service restart postfix
NIS (NETWORK INFORMATION SERVICE) & (LDAP) LIGHTWEIGHT DIRCTORY ACCESS PROTOCOL:
-The two most commonly authentication service are:(1)NIS
(2)LDAP
-Both NIS & LDAP are used to manage the user account centrally.
NIS:
-NIS was originally called as Yellow Pages or YP.
-It was developed by Sun Microsystems.
-An NIS Server maintains a central directory of user and group information, hostname, aliases, e-mail etc in a computer network.
| Installation Packages | Services | Port No. | Config. File |
| -ypserve*-ypbind*-yp-tools* | -ypserve-yppasswdd | NIS uses random ports | /etc/ypserve.conf/etc/yp.conf |
Step 1- Install the packages
# yum install ypserve* portmap*
Step 2- Set hostname
#nisdomainname example.com
# vim /etc/sysconfig/network
NISDOMAIN = example.com
# service portmap restart
# service ypserve restart
Step 3- Configuration file
# vim /var/yp/makefile
NOPUSH = TRUE
all : password group hosts
Step 4- Restart the services
# service ypserve restart
Step 5- Create the database
# /ysr/lib/yp/ypinit –m
Step 6- Restart the “yppasswdd” service
# service yppasswdd restart
Note:
-If any user/group/host are added then it is compulsory to update NIS database.
Step 7- Add users
# useradd ram
#useradd ali
# passwd ram
# passwd ali
# cd /var/yp
# make
# \
# service yppasswdd restart
Configuration of NFS with NIS:
# vim /etc/exports
/home 192.168.0.0/24(rw,sync)
# service nfs restart
Client side:
# nisdomainname example.com
# yum install ypbind yptools
Step 1- To become a member
# authconfig -tui
-Go to NIS database
-Next
-Domain example.com
-Server 192.168.0.230
# ypwhich
# mount 192.168.0.235:/home /home
SSH (SECURE SHELL):
-FIRST PC# ssh-keygen -t dsa
Generate two files:
#~/.ssh/id_dsa.pub
#~/.ssh/id_dsa
#cd /root/.ssh/
Copy the contents of id_dsa.pub to the SECOND computer.
#scp id_dsa.pub root@secondcomputer:
ON SECOND – Move the id_dsa.pub to the ~/.ssh/authorized_keys
Change the permission of ~/.ssh/authorized_keys
#chmod 744 ~/.ssh/authorized_keys
IPTABLES:
-> Integrated firewall-> Uses TCP/IP
-> Front-end tool
-> OSI 3 and 4 layers
rpm -qa iptables
www.netfilter.org
->
cd /boot
# vim config-2.6.9.5.EL
and search for “netfilter”
-> Check with “lsmod”
-> 3 Default Tables:
- Filter
- NAT
- Mangle
Block a HOST
# iptables -A INPUT -s x.x.x.x -j DROP
# iptables -L
Saving IPTables
# service iptables save —- /etc/sysconfig/iptables
Backup and Restore of iptables-
iptables-save > filename
iptables-restore < filename
FLUSH IPTABLES
# iptables -F
CHAIN MANAGEMENT
# iptables –L
# iptables -L -t nat
#iptables -L -v
#iptables -L – -line-numbers
Ex.2
PERMIT SSH
# iptables -A INPUT -p tcp – - dport 22 -j ACCEPT
REJECT TELNET
# iptables -A INPUT -s x.x.x.x -p tcp – - dport telnet -j DROP
DELETING / REPLACING RULES
# iptables -D INPUT 4
# iptables -D INPUT -p tcp – - dport telnet -j DROP
# iptables -R INPUT 4 -p tcp – - dport telnet -j ACCEPT
FLUSH
# iptables -Z INPUT
# iptables -Z —————- ALL
# iptables -L -n ————–> No name resolution
USER DEFINED CHAIN
# iptables -N ALOK
# iptables -A INPUT 10.0.0.0/8 -j ALOK
# iptables -A ALOK -p tcp – - dport telnet -j DROP
# iptables -E ALOK ARYAN
CHANGING DEFAULT POLICY
# iptables -P ACCEPT DROP
Good I like this blog
ReplyDelete