awsvpc

List of Linux networking tools

netstat (ss)

Displays contents of /proc/net files. It works with the Linux Network Subsystem, it will tell you what the status of ports are ie. open, closed, waiting, masquerade connections. It will also display various other things. It has many different options. Netstat (Network Statistic) command display connection info, routing table information etc. To displays routing table information use option as -r.

Sample output:

Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)    
tcp4 0 0 127.0.0.1.62132 127.0.0.1.http ESTABLISHED

awsvpc

#!/bin/bash
# Check for IPv6 Connectivity by looking for a IPv6 address


function check_ipv6() {
        # Lets see if we got an IPv6, which in return means that we're live
        IPv6=`curl -6 -s https://wtfismyip.com/text`
        if [ $IPv6 ]
        then
                # OK IPv6 was found, return code 0 - OK

awsvpc

#!/bin/bash
old_ip=$(cat last_ip)
ip=$(dig +short googlerocks.dyndns.org)
echo $ip > last_ip

if [ "$ip" = "$old_ip" ]; then
    echo "nothing to do"
else
    echo "updating tunnel"
    ip tunnel del v6-tunnel

awsvpc

sudo ip addr show dev enp1s0f2 | sed -e's/^.*inet6 \([^ ]*\)\/.*$/\1/;t;d'

awsvpc

ip6tables --policy INPUT   DROP;
ip6tables --policy OUTPUT  ACCEPT;
ip6tables --policy FORWARD DROP;

ip6tables -Z;
ip6tables -F;
ip6tables -X;

ip6tables -t nat -F
ip6tables -t mangle -F

awsvpc

Rsyslog and selinux on Centos6

I was configuring a Centos6 box to receive syslog from remote hosts. I wanted that log to be written to a non-standard path: /data/syslog

On my first attempt, this failed with the following log in /var/log/messages:

Nov 26 11:26:24 localhost rsyslogd-3000: Could not open dynamic file '/data/syslog/10.10.1.252/2014-11/26/syslog.log' [state -3000] - discarding message [try http://www.rsyslog.com/e/3000 ]

I then set the context of /data/syslog to match /var/log with:

awsvpc

Docker IPv6

The scenario is where the ISP assigns a /104 IPv6 network 'on link' (i.e. not routed): xxxx:yyyy:1::9c3:0:0/104

Configure Linux host

Add the following to /etc/sysctl.conf:

# Accept Router Advertisements even if forwarding is enabled.
net.ipv6.conf.eth0.accept_ra = 2

awsvpc

Apache Logs

Output entries between 2 times, showing IP and query

$ cat access_log.json | \
  jq -r 'select (.time > "2017-10-21T02:00:00.000Z" and .time < "2017-10-22T02:00:00.000Z") | [.remote_addr,.query] | @csv'

Output entries where client IP matches prefix

$ cat access_log.json | \

awsvpc

#!/bin/bash
# Given a list of IP addresses (in file 'ips') find what the SSL CN (subject) is for each one.

echo -en "IP\tSSL CN\n"

for i in `cat ips`; do
       echo -en "$i\t"
       out=`timeout 2 bash -c "openssl s_client -showcerts -connect $i:443 < /dev/null 2> /dev/null | openssl x509 -noout -subject 2> /dev/null | grep 'subject=' | sed -rn 's/.*CN=([^ /]+).*/\1/p'"`
       if [ $? -eq 124 ]; then
	       echo "(timeout)"

awsvpc

# /etc/systemd/network/wired.network

[Match]
Name=en*

[Link]
MACAddress=02:00:00:21:01:01

[Network]
DHCP=ipv4