LFCS_Module3_Networking Cheat Sheet

Persistent Network Config in CentOS

nmcli	Network Manager command line
nmtui	network Manger graphical
nmcli connection up ens33	Switch on ens33 interface
/etc/sysconfig/network-scripts	Config file

Common Network Tools

dig	Verify DNS relay
nmap	Scanning ports

iptables Syntax

iptables {-A|I} chain [-i/o iface] [-s/d ipaddr] [-p udp/tcp/icmp[--dport/sport nn...]] -j [LOG|ACCEPT|DROP|REJECT]



-A|I: Append or Insert

-i/o: INPUT or OUTPUT chain

-s/d: source IP or destination IP

-p udp/tcp/icmp: protocol to use

--dport/sport nn: destination port or source port

-j LOG|ACCEPT|DROP|REJECT: Write line to syslog or Accept or Drop silently (external traffic) or reject non-silently (internal traffic)

Configuring Local time

hwclock	Display kernel hardware clock
hwclock --systohc	Synchronise system tim to hardware time
hwclock --hctosys	Synchronise hardware clock to system
timedatectl	Utilitiy to config time

NTPD and Chronyd

vim /etc/ntp.conf	Config file; Server server name iburst
systemctl restart ntpd	Restart NTP service
ntpq -p	Show current time info
systemctl status chrony	Show current status of chrony
vim /etc/chrony.conf	Chrony config file
chronyc sources	Current time server status
chrony tracking	Current chrony tracking status
iptables -A INPUT -p udp --dport 123 -j ACCEPT	Allow traffic to time server
iptables -A OUTPUT -p udp --dport 123 -j ACCEPT	//

IP Traffic Route

route -n	IP routing table
ip route list	List of ip route
ip route add 8.8.0.0/16 proto static metric 10 via inet 10.9.185.143 dev eth0	Add new IP route
ip route del 8.8.0.0/16 proto static metric 10 via inet 10.9.185.143 dev eth0	Delete IP route

Firewalld

firewall-cmd --list-all	Show current firewall configuration
firewall-cmd --get-services	Show current services on Firewall
/usr/lib/firewalld/services	List of services config file
firewall-cmd --add-service samba --permanent	Add Samba service to Firewall persistently
firewall-cmd --add-port 4000-4005/tcp --permanent	Add port 4000-4005 on TCP persistently

SSH

vim /etc/ssh/sshd_config	Config file for SSH Daemon (SSH server)
vim /etc/ssh/ssh_config	Config file for SSH Client
systemctl status sshd	Current status of process
systemctl enable sshd	Start SSH at boot
ssh -X user@ip	SSH with graphical application
ssh-keygen	Generating public and private key
scp /etc/hosts 192.168.4.240:/tmp (vice versa)	Copy /etc/hosts over SSH to /tmp
rsync -avz /tmp student@192.168.4.240:/tmp	Rsync from host to remote

Config static network

vim /etc/network-scripts/ifcfg-eht0

BOOTPROTO=none

IPADDR=192.168.0.222

PREFIX=24

GATEWAY=192.168.0.1

DNS1=8.8.8.8



systemctl restart network

Hostname

vim /etc/hostname	Hostname config file
hostnamectl	Tool for setting hostname
vim /etc/hosts	Local resolving of hostname
vim /etc/resolv.conf	DNS config file
vim /etc/nsswitch.conf	Specify which config file to be processed

Firewall using iptables

systemctl stop firewalld	Stop Firewalld
iptables -L -v	List iptables policy verbosely
iptables -P INPUT(OUTPUT) DROP	Set INPUT(OUTPUT) to DROP
iptables -A INPUT -i lo -j ACCEPT	Allow incoming traffic to loopback interface
iptables -A OUTPUT -o lo -j ACCEPT	Allow outgoing traffic to loopback interface
iptables -A INPUT -p tcp --dport 22 -j ACCEPT	Allow packet through port on TCP going to system
iptables -A OUTPUT -m state --state ESTABLISHED, RELATED -j ACCEPT	Allow all old to get out of system; doesn't all new traffic
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT	//
iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT	//
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT	Allow TCP traffic going out through port 80
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT	Allow traffic going out through DNS (port 53)
iptables-save > /etc/sysconfig/iptables	Save iptables to start automatically at boot

Related Cheat Sheets

Linux Command Line Cheat Sheet

mod_rewrite Cheat Sheet

Created By

nhatlong0605

Metadata

Languages: English

Published: 24th September, 2018
Last Updated: 13th November, 2018
Rated: 5 stars based on 1 ratings

Favourited By

Comments

No comments yet. Add yours below!

Add a Comment

Vim NERDTree Cheat Sheet

More Cheat Sheets by nhatlong0605

LFCS_Module2_UserandGroupManagement Cheat Sheet

LFCS_Module4_OperatingRunningSystems Cheat Sheet

LFCS_Module5_StorageManagement Cheat Sheet

LFCS_Module3_Networking Cheat Sheet by nhatlong0605

Persistent Network Config in CentOS

Common Network Tools

iptables Syntax

Configuring Local time

NTPD and Chronyd

IP Traffic Route

Firewalld

SSH

Config static network

Hostname

Firewall using iptables

Help Us Go Positive!

Created By

Metadata

Favourited By

Comments

Add a Comment

Related Cheat Sheets

More Cheat Sheets by nhatlong0605

Latest Cheat Sheet

Random Cheat Sheet

About Cheatography

Behind the Scenes

Recent Activity

LFCS_Module3_Networking Cheat Sheet by nhatlong0605

Persistent Network Config in CentOS

Common Network Tools

iptables Syntax

Config­uring Local time

NTPD and Chronyd

IP Traffic Route

Firewalld

SSH

Config static network

Hostname

Firewall using iptables

How's Your Readability?

Help Us Go Positive!

Created By

Metadata

Favourited By

Comments

Add a Comment

Related Cheat Sheets

More Cheat Sheets by nhatlong0605

Latest Cheat Sheet

Random Cheat Sheet

About Cheatography

Behind the Scenes

Recent Activity

Configuring Local time