Connect with us


IPTABLES BASIC IN RedHat Enterprise Linux



Types Of Firewall:
1. Hardware Firewall
2. Software Firewall Hardware Firewall:
A Dedicated Device used to Allow/Deny specific Port/network. Eg:- SonicWall, SmartWall …, List of Alphabetical Hardware FireWall’s Software Firewall:
Used In OS Level which can be implemented in a small Organization. Same used for block/allow port/Network. Eg :- Windows Firewall (ipsec) Default in windows, Linux (IPTABLES), Ipchains (Redhat 8). 

BASIC SYNTAX FOR IPTABLES:# iptables  –t  <tablename>  <action> <chain> <options>  -j  <target>
Mangle ACTION:
-A  – Append a rule
-P  – To set default policy
-D  – To delete a rule
-R  – To replace a rule
-F  – To flush all the rule
-L  – To list all the rule
-I   – To insert rule
-N – To print the line number CHAINS:

-s  ?  source ip/netmask
-d  ? destination ip/netmask
–sport          ? source port
–dport ? destination port
-p  ? protocol (tcp, udp, icmp, etc..)
-I  ? input interface (eth0,—-)
-o  ? output interface (eth0,—)TARGET:
Masquerade Configuration file for IPTABLES: 

The Configuration file for IPTABLES is located under /etc.
1. /etc/sysconfig/iptables-config
The IPTABLES Rules are stored in :
1. /etc/sysconfig/iptables
Services used in IPTABLES:
1.service iptables restart
2.service iptables save
3.service iptables start
4.service iptables status

How To Enable IP-Forwarding in Rhel:

1. Open /etc/sysctl.conf
2. Go to Line No = 7
3. Change net.ipv4.ip_forward = 0 to net.ipv4.ip_forward = 1
4. Save and Exit
5. Type sysctl -p  to check the ip forwarding.

To List Iptables:
1. iptables -L (Capital “L”)
To Flush Iptables :
1.iptables -F (Capital “F”)
In the above Diagram you can see that iptable rule is flushed. as previous some rule is added.
once u flushed the rule there is no rule in the iptables as u can see in the above Example.
Example 1:
How to disable Ping Request using IPTABLES.
# iptables -t filter -A INPUT -p icmp -j REJECT
As you can see after applying the iptable rule we cannot able to ping that specific server from command prompt.
Like the above example we can allow/Deny specific port like ssh,FTP,Telnet etc….,
Example 2:
1.How to block a specific ipaddress to communicate
# iptables -t filter -A INPUT -s -j REJECT
Using the above command we can able to reject the whole 192 subnet .
using the same example we can Allow/Deny a specific network or whole network.
Example 3:
1. How to block the Specific Port number.
# iptables -t filter -A INPUT -p tcp –sport 20 -j REJECT   (Rejecting FTP Port)
In the above example the FTP port is Rejected, Thats why we are not able to connect telnet Via 20 port number.
Using the Same above Example we can able to Allow/Deny other Ports Like ssh(22),DNS(53)…,
To Save the IPTABLE Rule to a File:
#iptables-save > /filename.iptables
To Restore the IPTABLE Rule From file:
#iptables-restore < /filename.iptables
I Just mentioned a Drop of IPTABLES, Still there is OCEAN to explore. please explore many and post ur commends here.
Continue Reading


How To Recover The Lost Or Deleted Partitions In Linux




This article explain you how to recover the lost or deleted partition in linux. Losing of disk partition is occur due to sudden power off or some other problem like accidently deleting the hard disk partition by the users. In this cases, if you want to recover the losted disk partition their is so many recovering tools are availble on linux. In this article we will use the gpart to recover the disk partition.

The gpart is guess PC-type hard disk partitions, that tries to recover the hard disk partitions. This gpart have limitation, It can only detect the following type of partitions.


* beos

* bsddl

* ext2

* fat

* hpfs

* hmlvm

* lswap

* minix

* ntfs

* qnx4

* rfs

* s86dl

* xfs

To add more filesystem for guessing, modules can be added at runtime


 Step 1

To recover the lost or deleted partition of your hard disk, first boot the system with a linux OS CD that what flavour you used in that crashed disk finally.


Step 2

Then go to rescue mode with that Linux OS CD, that bring you to a rescue mode .


Step 3

Now you put the following command for available disk partition checking


# fdisk -l

Disk /dev/sda: 160.0 GB, 160041885696 bytes

18 heads, 4 sectors/track, 4341414 cylinders

Units = cylinders of 72 * 512 = 36864 bytes


Device Boot Start End Blocks Id System

This show no partition on your disk, it means all the partiotions are losted.


Step 4

Now run the below command


# gpart /dev/sda

The output of the above command will be like this

This command will show’s the all guessed partitions available on the hard disk. Now verify the result that showing the lost partition of your disk correctly or not.


Step 5

After verifying the output write the the partition table by using the -W option on gpart command


# gpart  -W  /dev/sda  /dev/sda


it can be written the guessed disk partition to the specified file or device on your hard disk. now you got back your deleted partition successfully .

Continue Reading


Basics Of Network File Sharing Setup on Linux





Network File Sharing (NFS) is a protocol which used to share the local hard disk Between the Linux machines over the network, that act as a local disk to the clent user.




At present there are three versions of NFS


* NFSv2 – It is a older and is widely supported version


* NFSv3 – It supports safe asynchronous writes and a more robust error handling than NFSv2,it also supports 64-bit file sizes and offsets


* NFSv4 – It works through firewalls and on the Internet, no longer requires an rpcbind service, supports ACLs, and utilizes stateful operations



Port Number :


The Default Port Number of NFS is 2049 



Packages Needed:


The Packages needed for NFS are


* nfs-utils


* portmap


* nfs4-acl-tools


Required Services:

To run the NFS the following dameon or services is used

* portmap (rpcbind for RHEL 6)

* nfslock

* nfs


Portmap :

portmap or RPC Program or otherwise called as rpcbind.NFS uses Remote Procedure Calls (RPC) to handle the requests between clients and servers.


nfslock :

It lock the files for remote and local nfs request .


nfs :

service nfs start the NFS server and the appropriate RPC processes to service requests for shared NFS file systems.


Configuring NFS on the Server :

Both the NFS server and NFS client need the NFS package installed and running on the machine. The server needs rpcbind, nfs, and nfslock operational, as well as a correctly configured /etc/exports file.The /etc/exports file is the main NFS configuration file, and it consists of two columns. The first column lists the sharing directories over the network. The second column has two parts. The first part is for mentioning the networks or DNS domains that can get access to the directory, and the second part is for NFS options in brackets.




# vim /etc/exports


/home/example/share (ro,sync)




Then Start the Required services


Configuring NFS on The Client :

NFS configuration on the client requires you to start the NFS application; create a directory on which to mount the NFS server’s directories that you exported via the /etc/exports file, and finally to mount the NFS server’s directory on your local directory, or mount point.


 /etc/fstab file


The /etc/fstab file lists all the partitions that need to be mounted automatically when the system boots. For this, we need to edit the /etc/fstab file if you need the NFS directory to be made permanently available to the users .


A valid /etc/fstab entry to mount an NFS export should contain the following information:


server:/remote-shaing-path/ /local-mounting-directory/ nfs options 0 0




# vim /etc/fstab  /home/example2/remote-files  nfs  soft,nfsvers=2  0  0



Possible NFS Mount Options


bg   ==========>   Retry mounting in the background if mounting initially fails


fg   ==========>   Mount in the foreground


soft   ==========>   Use soft mounting


hard   ==========>   Use hard mounting


rsize=n   ==========>   The amount of data NFS will attempt to access per read operation. The default is dependent on the kernel. For NFS version 2, set it to 8192 to assure maximum throughput.


wsize=n   ==========>   The amount of data NFS will attempt to access per write operation. The default is dependent on the kernel. For NFS version 2, set it to 8192 to assure maximum throughput.


nfsvers=n   ==========>   The version of NFS the mount command should attempt to use


tcp   ==========>   Attempt to mount the filesystem using TCP packets: the default is UDP.


intr   ==========>   If the filesystem is hard mounted and the mount times out, allow for the process to be aborted using the usual methods such as CTRL-C and the kill command.



Temprovary Mount of NFS :


mount -t nfs [SERVER:sharing-path] [mounting-directory]


Example : #  mount -t nfs /mnt/


( -t indicates the file system type )

Continue Reading


Unix/Linux command prompt keyboard shortcut keys




Linux / Unix Command prompt supports huge number of shortcut keys. If you familiar with the shortcut keys you can utilizes the command prompt very faster. The more practice on the shortcut keys will give you more speed in the command prompt. Below are the shortcut keys.


To move cursor one word backword


esc  +b


To move cursor one word forward


esc  +f


To move cursor to the starting of the line


ctrl +a


To move cursor one letter backword


ctrl +b


Terminate foreground job


ctrl +c


To Logout of the terminal


crrl +d


To move cursor to the end of the line


ctrl +e


To move cursor forward


ctrl +f


To delete one letter backward like backspace


ctrl +h


To delete contents from where the pointer to left side end


ctrl +u

To delete contents from where the pointer to Right side end.


ctrl +k


To delete one word from where the pointer to one word on left side

crtl +w


To move cursor one letter forward


ctrl +f


To display the previously executed Command


ctrl +p


To display the next command when ctrl +p is used


ctrl +n


To Clear the screen

ctrl +l


To execute a command like hitting ENTER

ctrl +j


To execute a command like hitting ENTER


ctrl +o


To pastes text previously erased (with Ctl-U or Ctl-W)


ctrl  +Y


Short cut key to reverse search in the command history


ctrl +r

Continue Reading


Copyright © 2022 VX SEO. developed by Imran Javed Awan.