Linux, Open Source and more @knoffhoff - Tumblr Blog

How to check TCP connections in Linux with ruby code

Little snippet of ruby code to get the number of TCP connections of a process in Linux. Just as a reminder for me.

Can be tested with:

# start netcat as TCP server nc -l 4444 # start telnet as TCP client telnet 127.0.0.1 4444 # start the ruby code ruby checkProcessConnections.rb

#!/usr/bin/env ruby # check established connections of # a process in linux in ruby def checkProcessConnections(processName) # get process ids and remove the last new line from the list pidOfProcess=`pgrep -f '#{processName}' | head -c -1` puts "pidOfProcess: #{pidOfProcess}" if pidOfProcess.lines.count == 1 # note that the word ESTABLISHED might # be different for other netstat versions tcpConnections=`netstat -plant 2>/dev/null |\ grep '#{pidOfProcess}/' | grep ESTABLISHED` puts "result of netstat: #{tcpConnections}" puts "found #{tcpConnections.lines.count} connection(s)" return tcpConnections.lines.count else print "process \"#{processName}\" " if pidOfProcess.lines.count > 1 puts "was found more than once" else puts "was not found" end return 0 end end # the $ at the end of the process name is important # because pgrep with the parameter -f is used for # pattern matching, $ is the end of the process name exit checkProcessConnections "nc -l 4444$"

#ruby #netstat #netcat #system

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

How to automount a Samsung Galaxy S3 smartphone in Linux

Last year I bought a Samsung Galaxy S3 second hand. I installed Cyanogenmod on it. When I plug the smartphone into my Linux Laptop via USB cable I want it to automatically mount.

First you need to setup the rules for the userspace device daemon (udevd). To find the USB vendor and product identifier type "lsusb".

# list available USB devices lsusb # Samsung Galaxy S3 is: vendor 0x04e8 (Samsung) and product 0x6860 # you can also use udevadm to monitor USB devices udevadm monitor --environment --udev # execute the following steps as user root sudo bash cat > /etc/udev/rules.d/99-galaxy.rules <<EOF SUBSYSTEM=="usb", ACTION=="add", ENV{ID_VENDOR_ID}=="04e8", ENV{ID_MODEL_ID}=="6860", RUN+="/usr/bin/galaxy.sh" SUBSYSTEM=="usb", ACTION=="remove", ENV{ID_VENDOR_ID}=="04e8", ENV{ID_MODEL_ID}=="6860", RUN+="/usr/bin/galaxy_remove.sh" EOF # do not use ATTR as stated on other websites

Now create the shell scripts that shall mount the smartphone.

# as user root sudo bash cat > /usr/bin/galaxy.sh <<EOF #!/bin/bash # this script is run as user root export DISPLAY=:0 su user -c "/usr/bin/mount_galaxy.sh &" EOF # make the script executable chmod 755 /usr/bin/galaxy.sh cat > /usr/bin/mount_galaxy.sh <<EOF #!/bin/bash notify-send 'Samsung Galaxy S3 found' # enable tcp forwarding to the smartphone adb forward tcp:5022 tcp:22 # mount the file system of the smartphone via sshfs sshfs -p 5022 [email protected]:/ /home/user/mnt/ # synchronize your music or whatever rsync -urv /media/music/sync/ /home/user/mnt/storage/sdcard1/music/ result=\$? if [ \$result -eq 0 ]; then notify-send 'finished with syncing' else notify-send 'problem with syncing' fi EOF # make the script executable chmod 755 /usr/bin/mount_galaxy.sh

And the shell scripts that shall unmount the smartphone.

# as user root sudo bash cat > /usr/bin/galaxy_remove.sh <<EOF #!/bin/bash # this script is run as user root export DISPLAY=:0 su user -c "/usr/bin/unmount_galaxy.sh &" EOF # make the script executable chmod 755 /usr/bin/galaxy_remove.sh cat > /usr/bin/unmount_galaxy.sh <<EOF #!/bin/bash notify-send 'Samsung Galaxy S3 removed' # unmount the remote smartphone file system fusermount -u /home/user/mnt/ killall adb EOF # make the script executable chmod 755 /usr/bin/unmount_galaxy.sh

Finally restart the device daemon.

# as user root sudo bash # restart udevd service udev restart # if you do not yet have sshfs installed, type: apt-get install sshfs # if you do not yet have adb (android debug bridge), type: # download adb from google wget https://dl-ssl.google.com/android/repository/platform-tools_r19.0.1-linux.zip # verify the download sha1sum platform-tools_r19.0.1-linux.zip 0178481651d60a8d8266dfc08ee14bad38001f61 platform-tools_r19.0.1-linux.zip # extract and copy adb unzip platform-tools_r19.0.1-linux.zip cp platform-tools/adb /usr/bin # install libraries for 32 bit applications, adb is 32 bit apt-get install ia32-libs # install rsync apt-get install rsync # as normal user add the mnt directory in your home folder: mkdir /home/user/mnt

That's it - when you plug in your smartphone via USB the laptop should automatically synchronize your music with the smartphone.

#cyanogenmod #udev #galaxy #usb #automount #adb #android

How to disable built-in media software in Firefox

Disable the built-in media software in Firefox. This might reduce the attack surface of Firefox.

about:config set "media.*.enabled" to false media.audio_data.enabled media.autoplay.enabled media.gstreamer.enabled media.navigator.enabled media.ogg.enabled media.opus.enabled media.peerconnection.enabled media.raw.enabled media.video_stats.enabled media.wave.enabled media.webaudio.enabled media.webm.enabled

Don't forget to disable the "ordinary" plugins like Java, Flash and so on.

Vivanco USB Keyboard with volume keys

The keyboard layout of my Vivanco USB keyboard seems to have problems in Linux Mint. I cannot explicitly select the keyboard layout and sometimes the volume keys don't work any more. Well, the only special keys at the keyboard are the volume keys - the rest works. With the following command line I can use these volume keys.

Probably the dirties hack in my command line history. If I had more time I would dig into the details of xmodmap and the scan codes. The following command line dumps the input of the USB interface in hexadecimal format, parses it with grep and sed and finally checks the keys and sets the volume with the amixer command.

# display keyboard vendor and product type lsusb # output: ID 0dc6:5000 Precision Squared Technology Corp. # start mplayer in slave mode # controlled over a fifo (first in first out) mkfifo /tmp/mplayer mplayer -slave -input file=/tmp/mplayer -novideo * # check volume keys on vivanco keyboard # keys: volume up, down and mute # the mute key is used to pause mplayer unbuffer hexdump -C\ /dev/input/by-id/usb-0dc6_USB_Keyboard_+_2P_Hub-event-if01\ | grep --line-buffered "^........ 01 00 7"\ | sed -u 's|^........ 01 00 7$.$.*|\1|g'\ | while read line; do\ echo "$line";\ if [ "$line" == "2" ];then amixer set Master 3dB-;\ elif [ "$line" == "3" ];then amixer set Master 3dB+;\ elif [ "$line" == "1" ];then echo pause > /tmp/mplayer;\ fi done # use the pause key to skip to the next song in mplayer: unbuffer hexdump -C\ /dev/input/by-id/usb-0dc6_USB_Keyboard_+_2P_Hub-event-kbd\ | grep --line-buffered "^........ 01 00 77"\ | while read line; do\ echo next; echo "pt_step 1" > /tmp/mplayer;\ done

To play with the keys of your own keyboard you can do the following:

# find your keyboard name in the device folder: ls -l /dev/input/by-id/ # as user root dump the content of the keyboard hexdump -C \ /dev/input/by-id/usb-0dc6_USB_Keyboard_+_2P_Hub-event-kbd # press a key on the keyboard # example output 000002f0 42 1a 0d 00 00 00 00 00 01 00 46 00 00 00 00 00 |B.........F.....| # in this case 0x46 is the identifier of the pressed key # play with the keyboard to find # the correct identifier for your keyboard

#keyboard #keyboard layout #linux mint #vivanco

Ubuntu / Linux Mint repository

An example to find a software package manually:

http://de.archive.ubuntu.com/ubuntu/pool/main/n/nmap/nmap_6.00-0.3_amd64.deb

In Linux Mint add the following repository to get nmap:

vi /etc/apt/sources.list.d/official-package-repositories.list deb http://de.archive.ubuntu.com/ubuntu raring main restricted universe multiverse :wq apt-get update apt-get install nmap

Just a reminder for me how to get repositories working in Linux Mint.

#Ubuntu #Repository #Linux Mint

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

How to zoom or shrink an image without making it look blurred

Use image-magick and play with the parameters.

convert -interlace Plane -gaussian-blur 0.05 \ -quality 85% -resize 50% source.jpg result.jpg

#image magick #zoom #blur

How to install Windows 7 as virtual machine in KVM

I created a 10 minute video how to install Windows 7 with service pack 1 in a virtual machine under Ubuntu Linux 12.04. The script to install Windows can be downloaded here: create_virtual_machine_with_windows_7.sh.tgz

tar xzvf create_virtual_machine_with_windows_7.sh.tgz sudo bash # create a virtual machine with # 20 GB virtual disk space and 1024 MB RAM ./create_virtual_machine_with_windows_7.sh 20 1024

#Windows 7 #ubuntu #linux #kvm #tutorial

How to save and load ebtables rules

Iptables provides filters for IP packets and ebtables provides filters for Ethernet packets (for example MAC addresses). Ebtables can be used to control ethernet frames in network bridges. Libvirt uses ebtables to filter network traffic of virtual machines. Since I did not find an easy way to save and load the rules of ebtables, I provide my own commands here:

# download ebtables source code: # http://sourceforge.net/projects/ebtables/files/ebtables/ebtables-2-0-10-4/ebtables-v2.0.10-4.tar.gz/download tar xzvf ebtables-v2.0.10-4.tar.gz cd ebtables-v2.0.10-4/ # save ebtables: sed -i 's|__EXEC_PATH__|/sbin|g' ebtables-save perl ebtables-save > ebtables-save.txt # the restore program did not work: ebtables-restore < ebtables-save.txt Bad table name 'nat' # list the NAT table (network address translation) ebtables -t nat -L # restore ebtables - my own version: # load ebtables (only the NAT part): grep -A1000 "^*nat" ebtables-save.txt > ebtables-save-nat.txt # delete all rules first echo "ebtables -t nat -F;ebtables -t nat -X" > ebtables-commands.sh # translate the saved rules to ebtables commands: sed -e 's|*nat|#|' -e 's|^:$[^ ]*$ $.*$|ebtables -t nat -N \1 -P \2|' -e 's|^-$.*$|ebtables -t nat -\1|' ebtables-save-nat.txt >> ebtables-commands.sh # execute the commands bash ebtables-commands.sh

Libvirt uses ebtables in the network filter for "clean traffic" of virtual machines. "Clean traffic" is a "learning" filter. Unfortunately, the filter learns the wrong IP address from the virtual machine, when zeroconf is enabled (IP-address: 169.254.x.y). As a workaround set a static IP address in the virtual machine / guest. An other alternative would be to manipulate the ebtables rules after the virtual machine is started by libvirt.

#kvm #ebtables #ebtables-restore #ebtables-save #libvirt

UMLGraph examples

UMLGraph is a tool to create UML diagrams from text files. An alternative to UMLGraph is plantuml. PlantUML provides a plugin for the project management software Trac. Here is an example of a class diagram for UMLGraph

# create a java file for UMLGraph cat > Test.java<<EOF /** * @opt shape node * @note Located in the * machine room * @note Sun Blade 6048 * @depend - - - MapLocation * @depend - - - DataMine */ class Server{} /** @opt shape component */ class MapLocation {} /** @opt shape component */ class DataMine {} /** * CPU-munching * components that must * run on this server * @opt shape note * @opt commentname * @assoc - - - MapLocation * @assoc - - - DataMine */ class munchComment {} EOF sudo bash # if you installed Java 7: cd /usr/lib/jvm/java-7-openjdk-amd64/lib/ wget http://www.umlgraph.org/jars/UmlGraph-5.6.6.jar exit java -jar /usr/lib/jvm/java-7-openjdk-amd64/lib/UmlGraph-5.6.6.jar -private Test.java # convert class diagram to an image dot -T png -o classDiagram.png graph.dot eog classDiagram.png

Example of a sequence diagram for UMLGraph:

# create the text file for the sequence diagram cat >sequenceExample.pic<<EOF #/usr/bin/pic2plot -Tps .PS copy "sequence.pic"; # Define the objects object(C,":Client"); object(S,":Server"); step(); # Message sequences active(C); message(C,S,"hello()"); active(S); rmessage(S,C,"world"); inactive(S); inactive(C); step(); # Complete remaining complete(C); complete(S); .PE EOF wget http://www.umlgraph.org/UMLGraph-5.6.6.tar.gz tar xzvf UMLGraph-5.6.6.tar.gz cp UMLGraph-5.6.6/src/sequence.pic . pic2plot -T ps sequenceExample.pic > sequenceExample.ps convert -density 300 sequenceExample.ps sequenceExample.png eog sequenceExample.png

#umlgraph #sequence diagram #class diagram

How to let Linux read out your books

If you have an ebook and are too lazy to read, let Linux read it aloud to you. If you have a PDF with selectable text then use the program pdftotext. If the PDF contains images, then use OCR (optical character recognition) with gimagereader or tesseract. To read use espeak and mbrola.

http://sourceforge.net/projects/gimagereader/files/0.9/ apt-get install python-imaging-sane apt-get install tesseract-ocr-deu apt-get install espeak apt-get install mbrola # convert each PDF page to an image: gs -dNOPAUSE -sDEVICE=jpeg -r300 -sOutputFile=p%03d.jpg your.pdf # let tesseract get the text tesseract p177.jpg page177 -l deu # if the PDF contains text use: pdftotext # let linux read out espeak -vmb-de5 -p30 -s 180 -f page177.txt

#ocr #tesseract #gimagereader #espeak #mbrola

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

Ruby Debug without require

gem install ruby-debug gem install pry # Pry Debugging ruby -rubygems -r /var/lib/gems/1.8/gems/pry-0.9.12.2/lib/pry.rb test.rb # ruby-debug ruby -rubygems -r /var/lib/gems/1.8/gems/ruby-debug-0.10.4/cli/ruby-debug/debugger.rb test.rb # the alternative is to use require: require 'pry' binding.pry # or require 'ruby-debug' debugger

#ruby #gem

Download videos from Youtube, Dailymotion and so on in Linux.

Clipgrab seems to be a suitable program for that.

wget http://clipgrab.de/download/clipgrab-3.2.1.0.tar.bz2 tar xjvf clipgrab-3.2.1.0.tar.bz2 cd clipgrab-3.2.1.0 # you might need to install libqtwebkit: apt-get install libqtwebkit-dev # build it qmake clipgrab.pro make # run it ./clipgrab # download your file via URL # get the music from the downloaded Flash video videoFile="downloadedFile.flv" ffmpeg -i "$videoFile" -vn -acodec copy music.aac

#clipgrab #youtube #dailymotion

vimrc example

My .vimrc:

" vimrc example " some general vim settings: " ========================== " dont be compatible with old vi set nocompatible " ignore case when searching set ignorecase " add a bottom line with information set ruler " save marks and global marks for up to 100 files set viminfo='100,f1 " dont show the tab line when several files are open set showtabline=0 " go to next line when right cursor is pressed set whichwrap+=<,>,h,l,[,] " jump to last known cursor position when " buffer is read / file is opened if has("autocmd") autocmd BufReadPost * \ if line("'\"") > 0 && line("'\"") <= line("$") | \ exe "normal g`\"" | \ endif endif " indentation for source code editing: " ==================================== "set autoindent " C-style indentation "set smartindent " use spaces instead of tabs "set expandtab " use 2 spaces as tab "set softtabstop=2 " use 2 spaces when shifting "set shiftwidth=2 " abbreviations in insert mode: " ============================= " outt == System.out.println iab outt System.out.println("%");<Esc>F%s<c-o>:call getchar()<CR> " pp == {} iab pp {<cr>}<c-o>k<c-o>A<cr> <backspace><c-o>:call getchar()<CR> " bb == [] iab bb []<esc>i<c-o>:call getchar()<CR> " keyboard mappings: " ================== " Control+L to save the file map <c-l> :w<cr> " save file in insert mode, leave insert mode with Control+O imap <c-l> <c-o>:w<cr> " in visual mode Control+L yanks the " current selection into the clipboard vmap <c-l> "+yy " Control+S to save the file " disable it in X-Terminal with: " stty -ixon -ixoff map <c-s> :w<cr> imap <c-s> <c-o>:w<cr> " Control+C to quit the current file map <c-c> :q<cr> imap <c-c> <esc><c-c> " Control+K to execute external script map <c-k> :call ExecuteCommand()<cr> " if in insert mode, stay there imap <c-k> <c-o>:call ExecuteCommand()<cr> " Control+B - delete word forward in insert mode imap <c-b> <c-o>dw " switch between several files in " normal mode with Control+H or " Ä (for german keyboards only) " tabn == next tab, tabp == previous tab nmap <c-h> :tabn<cr> " some short cuts for often used features: " ======================================== " cw == toggle wrap lines map cw :set wrap!<cr> " toggle show line numbers map cn :set number!<cr> " set colorscheme map cs :colorscheme " toggle show ruler map cr :set ruler!<cr> " cx == quit without saving map cx :q!<cr> " functions " ========= " calls an external script with the current file " function ExecuteCommand() " write file if unsaved changes " if &modified == 1 " exe "w" " endif " now call the external script in the background " and give the current file name as parameter " call system('/home/user/scripts/compile.sh "'.expand("%:p").'" &') "endfunction

#vimrc #vi #vim

Why screen recording with recordmydesktop is blurred

Screen recordings from recordmydesktop are blurred and have mismatched colors because of sub sampling. Use 4:4:4 for sharp videos instead.

# blurred with bad colors ffmpeg -y -f x11grab -r 25 -s 1600x900 -i :0.0 -vcodec libx264 -vpre lossless_ultrafast /dev/shm/screencast.mkv # install codecs for ffmpeg apt-get install libavcodec-extra-53 # full screen recording works with: ffmpeg -y -f x11grab -r 25 -s 1600x900 -i :0.0 -pix_fmt yuv444p -vcodec libx264 -vpre lossless_ultrafast /dev/shm/screencast.mkv # full screen playback works with: mplayer -fs -vo gl -vf scale,format=444p /dev/shm/screencast.mkv # glc screen capture for Ubuntu add-apt-repository ppa:arand/ppa apt-get update apt-get install glc # restarts your compiz glc-capture -f 25 -o /home/user/capture.glc --colorspace=bgr -s -g --pbo compiz --replace # stop glc-capture by logging out of the desktop # glc does not always capture the mouse pointer # there might be problems with the display variable after stopping glc: export DISPLAY=:1.0 # convert glc to png images mkdir glcImages cd glcImages glc-play /home/user/capture.glc -p 1 -o pic-%010d.png # convert glc captured video to an mp4 video glc-play capture.glc -o - -y 1 | ffmpeg -i - -vcodec libx264 -vpre ultrafast -crf 22 -threads 0 "captured.mp4" # captured.mp4 is about a tenth of the size of captured.glc # workaround for KDENLive crash mv /usr/lib/frei0r-1/facebl0r.so /usr/lib/frei0r-1/facebl0r.so.old mv /usr/lib/frei0r-1/facedetect.so /usr/lib/frei0r-1/facedetect.so.old # reset mplayer settings: xvattr -a XV_BRIGHTNESS -v 0 xvattr -a XV_CONTRAST -v 0 xvattr -a XV_SATURATION -v 0 xvattr -a XV_HUE -v 0

#recordmydesktop #ffmpeg #kdenlive #glc

How to disable Firefox DNS leak when using a proxy

about:config network.dns.disablePrefetch = true network.proxy.socks_remote_dns = true

Proxy Selector is a good Firefox plugin to switch automatic proxy URL.

#dns #leak #prefetch

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

Squid3 configuration

grep -v "^#" /etc/squid3/squid.conf | grep -v "^$" acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl allowed_networks src 10.220.28.0/24 http_access allow allowed_networks acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all http_port 10.220.28.12:9999 cache deny all cache_mem 200 MB forwarded_for delete via off reply_body_max_size 100 MB access_log /var/log/squid3/access.log squid debug_options ALL,1 33,2 coredump_dir /var/spool/squid3 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern . 0 20% 4320

#squid #squid3

How to configure the Linux firewall iptables

The most important firewall rules are those for the incoming connections. This article puts the focus on the INPUT rules and not the OUTPUT rules.

### ipv4 rules # flush firewall rules iptables -F # allow connections on localhost iptables -A INPUT -i lo -p tcp -j ACCEPT # accept echo replies from ping iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT # allow remote login from certain ip addresses # example for heise.de and port 22 (ssh) iptables -A INPUT -p tcp --destination-port 22 -m iprange --src-range 192.129.8.2-192.129.8.4 -j LOG iptables -A INPUT -p tcp --destination-port 22 -m iprange --src-range 192.129.8.2-192.129.8.4 -j ACCEPT # allow packets from established connections iptables -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT # allow responses from DNS queries - add a server with -s or --source iptables -A INPUT -p udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT # log and deny the rest iptables -A INPUT -j LOG iptables -A INPUT -j DROP # drop IPv6-in-IPv4 packets - not necessary with the previous rule iptables -A INPUT -p ipv6 -j DROP

To disable IPv6 use the following rules.

### ipv6 rules # flush the rules ip6tables -F # allow connections on localhost ip6tables -A INPUT -i lo -p tcp -j ACCEPT # disable the rest ip6tables -A INPUT -j LOG ip6tables -A INPUT -j DROP

To save your firewall settings install iptables-persistent.

# to make the rules persistent install: apt-get install iptables-persistent # see: /etc/iptables/rules.v4 /etc/iptables/rules.v6

Rules for RTMPsuck (Real Time Messaging Protocol, for internet music streams). Use this only if you need rtmpsuck.

# enable forwarding of packets echo 1 > /proc/sys/net/ipv4/ip_forward # create firewall rule to let rtmpsuck receive network traffic iptables -t nat -A OUTPUT -p tcp --dport 1935 -m owner \! --uid-owner root -j REDIRECT

To check your firewall use the port scanner from heise.de: http://www.heise.de/security/dienste/portscan/test/go.shtml?scanart=1

To check your log files for potential attacks:

# check: /var/log/syslog /var/log/kern.log # the files depend on your syslog configuration # example line in the log file: May 1 18:43:19 computer kernel: [ 7717.667033] IN=eth0 OUT= MAC=31:9b:e9:8c:3c:ca:dc:c7:a6:8c:17:23:08:00 SRC=192.168.178.1 DST=192.168.178.20 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=54676 DF PROTO=TCP SPT=37552 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 # let a gxmessage window pop up with information about the attacker tailf /var/log/kern.log | \ grep --line-buffered DPT= | \ sed -u 's|^$...............$.*'\ 'SRC=$[^ ]*$ DST.*DPT=$[^ ]*$ '\ '.*|IPTABLES: \1 fromIP: \2 toPort: \3|g' | \ xargs -i gxmessage -center -print "{}"

To check the ports look into /etc/services:

grep 5353 /etc/services

Persistent iptables rules in Linux Mint or other Linux distributions:

# set your iptables rules: iptables -A ... # save your rules iptables-save > /etc/firewall.conf vi /etc/rc.local iptables-restore < /etc/firewall.conf

With the parameter -A iptables rules are appended. With -I you can insert rules at the beginning of a chain.

# insert iptables rules: iptables -I INPUT ...

If you have problems with the configuration of iptables you can check where the packets go.

# check iptables: iptables -nvL # or just the INPUT chain: iptables -nvL INPUT # example output # 4 packets are accepted for TCP localhost: Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 4 200 ACCEPT tcp -- lo * 0.0.0.0/0 0.0.0.0/0

#iptables #portscan #port scan #firewall #iptables-restore #iptables-save #linux mint

Trending Blogs

Last Seen Blogs

Linux, Open Source and more