Show Menu
Cheatography

LFCS_Module3_Networking Cheat Sheet by

Persistent Network Config in CentOS

nmcli
Network Manager command line
nmtui
network Manger graphical
nmcli connection up ens33
Switch on ens33 interface
/etc/s­ysc­onf­ig/­net­wor­k-s­cripts
Config file

Common Network Tools

dig
Verify DNS relay
nmap
Scanning ports

iptables Syntax

iptables {-A|I} chain [-i/o iface] [-s/d ipaddr] [-p udp/tcp/icmp[--dport/sport nn...]] -j [LOG|ACCEPT|DROP|REJECT]

-A|I: Append or Insert
-i/o: INPUT or OUTPUT chain
-s/d: source IP or destination IP
-p udp/tcp/icmp: protocol to use
--dport/sport nn: destination port or source port
-j LOG|ACCEPT|DROP|REJECT: Write line to syslog or Accept or Drop silently (external traffic) or reject non-silently (internal traffic)

Config­uring Local time

hwclock
Display kernel hardware clock
hwclock --systohc
Synchr­onise system tim to hardware time
hwclock --hctosys
Synchr­onise hardware clock to system
timeda­tectl
Utilitiy to config time

NTPD and Chronyd

vim /etc/n­tp.conf
Config file; Server server name iburst
systemctl restart ntpd
Restart NTP service
ntpq -p
Show current time info
systemctl status chrony
Show current status of chrony
vim /etc/c­hro­ny.conf
Chrony config file
chronyc sources
Current time server status
chrony tracking
Current chrony tracking status
iptables -A INPUT -p udp --dport 123 -j ACCEPT
Allow traffic to time server
iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
//

IP Traffic Route

route -n
IP routing table
ip route list
List of ip route
ip route add 8.8.0.0/16 proto static metric 10 via inet 10.9.1­85.143 dev eth0
Add new IP route
ip route del 8.8.0.0/16 proto static metric 10 via inet 10.9.1­85.143 dev eth0
Delete IP route
 

Firewalld

firewa­ll-cmd --list-all
Show current firewall config­uration
firewa­ll-cmd --get-­ser­vices
Show current services on Firewall
/usr/l­ib/­fir­ewa­lld­/se­rvices
List of services config file
firewa­ll-cmd --add-­service samba --perm­anent
Add Samba service to Firewall persis­tently
firewa­ll-cmd --add-port 4000-4­005/tcp --perm­anent
Add port 4000-4005 on TCP persis­tently

SSH

vim /etc/s­sh/­ssh­d_c­onfig
Config file for SSH Daemon (SSH server)
vim /etc/s­sh/­ssh­_config
Config file for SSH Client
systemctl status sshd
Current status of process
systemctl enable sshd
Start SSH at boot
ssh -X user@ip
SSH with graphical applic­ation
ssh-keygen
Generating public and private key
scp /etc/hosts 192.16­8.4.24­0:/tmp (vice versa)
Copy /etc/hosts over SSH to /tmp
rsync -avz /tmp studen­t@1­92.1­68.4.240:/tmp
Rsync from host to remote

Config static network

vim /etc/network-scripts/ifcfg-eht0
BOOTPROTO=none
IPADDR=192.168.0.222
PREFIX=24
GATEWAY=192.168.0.1
DNS1=8.8.8.8

systemctl restart network
 

Hostname

vim /etc/h­ostname
Hostname config file
hostna­mectl
Tool for setting hostname
vim /etc/hosts
Local resolving of hostname
vim /etc/r­eso­lv.conf
DNS config file
vim /etc/n­ssw­itc­h.conf
Specify which config file to be processed

Firewall using iptables

systemctl stop firewalld
Stop Firewalld
iptables -L -v
List iptables policy verbosely
iptables -P INPUT(­OUTPUT) DROP
Set INPUT(­OUTPUT) to DROP
iptables -A INPUT -i lo -j ACCEPT
Allow incoming traffic to loopback interface
iptables -A OUTPUT -o lo -j ACCEPT
Allow outgoing traffic to loopback interface
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
Allow packet through port on TCP going to system
iptables -A OUTPUT -m state --state ESTABL­ISHED, RELATED -j ACCEPT
Allow all old to get out of system; doesn't all new traffic
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
//
iptables -A INPUT -m state --state ESTABL­ISHED, RELATED -j ACCEPT
//
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
Allow TCP traffic going out through port 80
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
Allow traffic going out through DNS (port 53)
iptabl­es-save > /etc/s­ysc­onf­ig/­ipt­ables
Save iptables to start automa­tically at boot

Help Us Go Positive!

We offset our carbon usage with Ecologi. Click the link below to help us!

We offset our carbon footprint via Ecologi
 

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Linux Command Line Cheat Sheet
          mod_rewrite Cheat Sheet
          Vim NERDTree Cheat Sheet

          More Cheat Sheets by nhatlong0605