Cheatography
https://cheatography.com
Persistent Network Config in CentOS
nmcli |
Network Manager command line |
nmtui |
network Manger graphical |
nmcli connection up ens33 |
Switch on ens33 interface |
/etc/sysconfig/network-scripts |
Config file |
Common Network Tools
dig |
Verify DNS relay |
nmap |
Scanning ports |
iptables Syntax
iptables {-A|I} chain [-i/o iface] [-s/d ipaddr] [-p udp/tcp/icmp[--dport/sport nn...]] -j [LOG|ACCEPT|DROP|REJECT]
-A|I: Append or Insert
-i/o: INPUT or OUTPUT chain
-s/d: source IP or destination IP
-p udp/tcp/icmp: protocol to use
--dport/sport nn: destination port or source port
-j LOG|ACCEPT|DROP|REJECT: Write line to syslog or Accept or Drop silently (external traffic) or reject non-silently (internal traffic)
|
Configuring Local time
hwclock |
Display kernel hardware clock |
hwclock --systohc |
Synchronise system tim to hardware time |
hwclock --hctosys |
Synchronise hardware clock to system |
timedatectl |
Utilitiy to config time |
NTPD and Chronyd
vim /etc/ntp.conf |
Config file; Server server name iburst |
systemctl restart ntpd |
Restart NTP service |
ntpq -p |
Show current time info |
systemctl status chrony |
Show current status of chrony |
vim /etc/chrony.conf |
Chrony config file |
chronyc sources |
Current time server status |
chrony tracking |
Current chrony tracking status |
iptables -A INPUT -p udp --dport 123 -j ACCEPT |
Allow traffic to time server |
iptables -A OUTPUT -p udp --dport 123 -j ACCEPT |
// |
IP Traffic Route
route -n |
IP routing table |
ip route list |
List of ip route |
ip route add 8.8.0.0/16 proto static metric 10 via inet 10.9.185.143 dev eth0 |
Add new IP route |
ip route del 8.8.0.0/16 proto static metric 10 via inet 10.9.185.143 dev eth0 |
Delete IP route |
|
|
Firewalld
firewall-cmd --list-all |
Show current firewall configuration |
firewall-cmd --get-services |
Show current services on Firewall |
/usr/lib/firewalld/services |
List of services config file |
firewall-cmd --add-service samba --permanent |
Add Samba service to Firewall persistently |
firewall-cmd --add-port 4000-4005/tcp --permanent |
Add port 4000-4005 on TCP persistently |
SSH
vim /etc/ssh/sshd_config |
Config file for SSH Daemon (SSH server) |
vim /etc/ssh/ssh_config |
Config file for SSH Client |
systemctl status sshd |
Current status of process |
systemctl enable sshd |
Start SSH at boot |
ssh -X user@ip |
SSH with graphical application |
ssh-keygen |
Generating public and private key |
scp /etc/hosts 192.168.4.240:/tmp (vice versa) |
Copy /etc/hosts over SSH to /tmp |
|
Rsync from host to remote |
Config static network
vim /etc/network-scripts/ifcfg-eht0
BOOTPROTO=none
IPADDR=192.168.0.222
PREFIX=24
GATEWAY=192.168.0.1
DNS1=8.8.8.8
systemctl restart network
|
|
|
Hostname
vim /etc/hostname |
Hostname config file |
hostnamectl |
Tool for setting hostname |
vim /etc/hosts |
Local resolving of hostname |
vim /etc/resolv.conf |
DNS config file |
vim /etc/nsswitch.conf |
Specify which config file to be processed |
Firewall using iptables
systemctl stop firewalld |
Stop Firewalld |
iptables -L -v |
List iptables policy verbosely |
iptables -P INPUT(OUTPUT) DROP |
Set INPUT(OUTPUT) to DROP |
iptables -A INPUT -i lo -j ACCEPT |
Allow incoming traffic to loopback interface |
iptables -A OUTPUT -o lo -j ACCEPT |
Allow outgoing traffic to loopback interface |
iptables -A INPUT -p tcp --dport 22 -j ACCEPT |
Allow packet through port on TCP going to system |
iptables -A OUTPUT -m state --state ESTABLISHED, RELATED -j ACCEPT |
Allow all old to get out of system; doesn't all new traffic |
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT |
// |
iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT |
// |
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT |
Allow TCP traffic going out through port 80 |
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT |
Allow traffic going out through DNS (port 53) |
iptables-save > /etc/sysconfig/iptables |
Save iptables to start automatically at boot |
|
Created By
Metadata
Favourited By
Comments
No comments yet. Add yours below!
Add a Comment
Related Cheat Sheets
More Cheat Sheets by nhatlong0605