Monthly Archives: September 2013

How to use IPTABLES

To Drop IP in iptables

Port Specific:

iptables -A INPUT -p tcp -s xx.xx.xx.xx –dport {PORT} -j DROP
iptables -A INPUT -p tcp -s xx.xx.xx.xx –dport 80 -j DROP
/sbin/service iptables save

No Port Specified:

iptables -A INPUT -s xx.xx.xx.xx -j DROP
/sbin/service iptables save

Example:

/sbin/iptables -I INPUT -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -s 1.2.3.4 -j DROP
/sbin/service iptables save

To Allow IP in iptables

iptables -A INPUT -p tcp -s xx.xx.xx.xx –dport {PORT} -j DROP
iptables -A INPUT -s xx.xx.xx.xx -j ACCEPT
/sbin/service iptables save


Unblock / Delete an IP Address Listed in IPtables Tables

– To display line number along with other information, type the command below.

iptables -L INPUT -n –line-numbers
iptables -L OUTPUT -n –line-numbers

Search for the IP Address that you want to delete. Example 192.168.2.4

iptables -L INPUT -n –line-numbers | grep “192.168.2.4”
12056 DROP all — 192.168.2.4 0.0.0.0/0

2. IP address 192.168.2.4 is in line 12056 so we will use the command below to delete line 12056.

iptables -D INPUT 12056
/sbin/service iptables save

Other way to remove the IP is like this one.

iptables -D INPUT -s xx.xxx.xx.xx -j DROP
/sbin/service iptables save

Boot Repair

Boot-Repair is a simple tool to repair frequent boot issues you may encounter in Ubuntu like when you can’t boot Ubuntu after installing Windows or another Linux distribution, or when you can’t boot Windows after installing Ubuntu, or when GRUB is not displayed anymore, some upgrade breaks GRUB, etc.

Boot-Repair lets you fix these issues with a simple click, which (generally reinstalls GRUB and) restores access to the operating systems you had installed before the issue.

Boot-Repair is a free software, licensed under GNU-GPL. Boot-Repair should be soon included in Ubuntu official repositories, until then use it at your own risks.

1. Boot to LiveCD
2. Connect to Internet
3. Open terminal
4. Give command below

sudo add-apt-repository ppa:yannubuntu/boot-repair && sudo apt-get update

5. Then give command below.

sudo apt-get install -y boot-repair && boot-repair

Setting timezone and synchronizing time with NTP

Check available timezones in your server by executing the command below.

ls /usr/share/zoneinfo/

Then simply delete the current timezone:

rm /etc/localtime

Create a symbolic link to /etc/localtime.

ln –s /usr/share/zoneinfo/Asia/Singapore /etc/localtime

If symblolic link not working, then you may use a copy command.

cp /usr/share/zoneinfo/Asia/Singapore /etc/localtime

Install NTP

yum install ntp

See all the timezones at this website http://www.pool.ntp.org/zone/asia. in the example below I will use Singapore timezone.

ntpdate sg.pool.ntp.org

Also keep in mind that ntp only affects the system time. The hardware clock on your server will not reflect that. So you want to set it as well so that the correct time is maintained after reboot

hwclock --systohc

How to enable port 587 (submission) in postfix

To enable port 587, edit the file /etc/postfix/master.cf

vi /etc/postfix/master.cf

and remove the # in front of the line:

#submission inet n – n – – smtpd

so that it looks like this:

submission inet n – n – – smtpd

and restart postfix:

/etc/init.d/postfix restart