rsync with delete option and different ssh port

How to rsync e.g PIPELINE dir from Source to Destination?

#rsync -avzr  --delete-before -e "ssh -p $portNumber"  /local/path/. user@remoteip:/path/to/files/

#rsync -avzr --delete-before -e "ssh -p 5555" /root/PIPELINE root@192.168.10.203:~/

How to rsync from Destination to Source?

#rsync -avzr -e "ssh -p $portNumber" user@remoteip:/path/to/files/ /local/path/.

#rsync -avzr -e "ssh -p 5555" root@192.168.10.203:~/PIPELINE 

iptables ratelimit connection limiting

Steps:

1. Create a file iptables.rules with below content.
2. Load rules #iptables-restore < iptables.rules
3. Also Start http service. #service httpd restart
4. cd /var/www/html and create a index.html file.
5. From other system try to ping firewall machine- Observe what happens?
6. From other system try $curl firewall machine> - Observe what happens after 10 requests.

Happy firewalling ;)


# cat iptables.rules

# Generated by iptables-save v1.4.7 on Wed Jun  8 00:51:34 2016
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:ICMPCHK - [0:0]
:tcpchk - [0:0]
:ssh - [0:0]
:http - [0:0]

# Rule will pass to ssh chain
-A INPUT -p tcp -m tcp --dport 5555 -j ssh

#Rule will pass to ICMPCHK chain
-A INPUT -p icmp --icmp-type echo-request -j ICMPCHK

#Rule will pass to http chain
-A INPUT -p tcp -m tcp --dport 80 -j http

# Any traffic to port 80 will be accepted
#-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

# Drop all packets
-A INPUT -j DROP 

# Output chain 
-A OUTPUT -p udp -m udp --dport 5555 -j ACCEPT 
-A OUTPUT -p tcp -m tcp --dport 5555 -j ACCEPT 
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A OUTPUT -j DROP 

-A ssh -p tcp -m tcp --dport 5555 -m state --state NEW -m recent --set --name DEFAULT --rsource 
-A ssh -p tcp -m tcp --dport 5555 -m state --state NEW -m recent --rcheck --seconds 60 --hitcount 2 --name DEFAULT --rsource -m limit --limit 2/min -j LOG --log-prefix "SSH-ATTACK : " --log-level 5 
-A ssh -p tcp -m tcp --dport 5555 -m state --state NEW -m recent --update --seconds 60 --hitcount 2 --name DEFAULT --rsource -j REJECT --reject-with tcp-reset 
-A ssh -p tcp -m tcp --dport 5555 -j ACCEPT
-A ssh -j RETURN

#Rule for counting of incoming connections.
-A http -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --set --name DDOS

#Rule to write log
-A http -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --update --name DDOS --seconds 30 --hitcount 10 -j LOG --log-prefix "DDOS : " --log-level 5

# Rule check number of connection made from an ip to port 80. If count is >10, Client is made to wait for 30 seconds and allowed.
-A http -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --update --name DDOS --seconds 30 --hitcount 10 -j DROP

# Generally accept http
-A http -j ACCEPT
-A http -j RETURN

#Rule to limit pings 
-A ICMPCHK -p icmp --icmp-type echo-request -m limit --limit 3/min --limit-burst 5 -j ACCEPT
-A ICMPCHK -p icmp --icmp-type echo-request -m limit --limit 3/min --limit-burst 5 -j LOG --log-prefix "ICMP-CHK-LIMITED: "
-A ICMPCHK -p icmp  -j DROP
-A ICMPCHK -j RETURN

COMMIT
*nat
:PREROUTING ACCEPT [15030:976242]
:POSTROUTING ACCEPT [5423:372090]
:OUTPUT ACCEPT [4987:357161]
COMMIT

creating tar archive by excluding file

how can i exclude files when creating tar archive?


tar -zcv -f target.tar.gz --exclude-from='exclude.txt' source/

Now, in your exclude.txt file you can place the paths to exclude:

logs/*
errors
data/*.bin

xsos tool for sysadmins and support techs

a tool for sysadmins and support techs

curl -Lo ./xsos bit.ly/xsos-direct; 

chmod +x ./xsos; 

./xsos -ya

Refer: https://access.redhat.com/discussions/469323

linux dns client cache ttl

Checking TTL's DNS

Incidentally to check what the TTL is for a given entry you can use dig with the following switches.

Example

$ dig +nocmd www.google.com +noall +answer | tail -1
www.google.com.     137 IN  A   74.125.225.82

$ dig +nocmd www.google.com +noall +answer | tail -1
www.google.com.     135 IN  A   74.125.225.115

So the TTL for this response is 137 seconds. Waiting ~2 seconds and running it again shows 135 seconds. The TTL means how much time is left until the DNS entry expires, and we need to go query the authoritative server for the domain.

Checking Max TTL's

If we were to query the authoritative server.

$ dig @ns1.google.com +nocmd www.google.com +noall +answer | tail -1
www.google.com.     300 IN  A   74.125.225.210

So the actual TTL for this entry is 300 seconds.

NOTE: The authoritative server is also known as the SOA - Start of Authority.

SOA information

You can query the domain further for SOA information.

$ dig +nocmd dyndns.org any +multiline +noall +answer
dyndns.org.     596 IN SOA ns1.dyndns.org. hostmaster.dyndns.org. (
                863998266  ; serial
                600        ; refresh (10 minutes)
                300        ; retry (5 minutes)
                604800     ; expire (1 week)
                600        ; minimum (10 minutes)
                )
dyndns.org.     85904 IN NS ns5.dyndns.org.
dyndns.org.     85904 IN NS ns1.dyndns.org.
dyndns.org.     85904 IN NS ns2.dyndns.org.
dyndns.org.     85904 IN NS ns3.dyndns.org.
dyndns.org.     85904 IN NS ns4.dyndns.org.
dyndns.org.     12268 IN MX 10 mail.dyndns.com.
dyndns.org.     12268 IN MX 20 mx2.mailhop.org.
dyndns.org.     179 IN A 204.13.248.116

Changing TTLs

The only way to change a DNS entry's TTL (outside of some sort of API that your registrar might provide) is through the server.

Example

Within Bind you could setup your zone file like so:

;Zone file for exampleweb.com
$TTL 14400
@      86400    IN      SOA     ns.exampleweb.com. admin.exampleweb.com. (
2009022402      ; serial, todays date+todays
86400           ; refresh, seconds
7200            ; retry, seconds
3600000         ; expire, seconds
86400 )         ; minimum, seconds
exampleweb.com. 86400 IN NS   ns.exampleweb.com.
exampleweb.com. 86400 IN NS   ns1.exampleweb.com.
exampleweb.com.  IN A   209.59.139.21
localhost  IN A   127.0.0.1
exampleweb.com.  IN MX 0   exampleweb.com.
mail  IN CNAME  exampleweb.com.
www  IN CNAME   exampleweb.com.
ftp  IN A   209.59.139.21
cpanel  IN A   209.59.139.21
webmail  IN A   209.59.139.21
The above macro, $TTL would set the TTL to 14400 seconds for any entries, unless it get's overridden for particular entries.

Linux add swap

  sudo dd if=/dev/zero of=/swap bs=1M count=1024

  sudo mkswap /swap

  sudo swapon /swap

Shrewsoft vpn disconnects frequently

The workaround is to set 

Phase1 key life time to 180 sec while keeping 
Phase2 key life time on default 28800. 

This will force a rekey before the SA is deleted from the SRX. Tunnel connectivity is not disrupted and the tunnels stays up.

Good luck!