Static IPs are typically only used on servers. Remembering how to set it up has always been so-so as it's done only once when setting up the server the first time.
I've not use Centos much before I started working for my current employer. There we use it constantly though, alongside windows server, and I got into checking it out for my own setup as well.
The file that needs to be changed is /etc/sysconfig/network-scripts/ifcfg-enp7s0
TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=enp7s0 UUID=2c045fc4-538e-3eea-b9ee-bd1dff8ced6b DEVICE=enp7s0 ONBOOT=yes IPADDR=192.168.1.14 PREFIX=24 GATEWAY=192.168.1.1 DNS1=220.127.116.11 DOMAIN=localdomain
The name of the file contains the name of the network interface. Change settings according to your own setup.
Finding the interface name can be done using the command nmcli connection show. Example below:
$ nmcli connection show NAME UUID TYPE DEVICE Wired connection 1 2c045fc4-538e-3eea-b9ee-bd1dff8ced6b ethernet enp7s0Both the name and the UUID are used inside the file.
Now restart the interface with systemctl restart network
As I have grown weary of updating wordpress all the time I have decided to move my blog to static html instead.
I am using jekyll to archive this and am using a home made theme. If you haven’t tried Jekyll yet, I suggest you do. It’s pretty easy to setup but of course takes a more manual approach and it requires you to re-upload files when they are changed.
This is rather handy if you're not sure of the case of the starting letter of a program you wish to expand to using tab completion.
All that is needed is that the following line is present in either ~/.inputrc or /etc/inputrc
set completion-ignore-case on
Here are a few ways to list open ports in the linux terminal.
First we'll try lsof.
$ lsof -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME kdeconnec 1671 john 10u IPv6 27671 0t0 UDP *:1716 kdeconnec 1671 john 11u IPv6 27672 0t0 TCP *:1716 (LISTEN) thunderbi 1712 john 36u IPv4 28601 0t0 TCP Arach:46604->mail.com:imap2 (ESTABLISHED) thunderbi 1712 john 50u IPv4 25417 0t0 TCP Arach:46694->mail.com:imap2 (ESTABLISHED) thunderbi 1712 john 51u IPv4 25418 0t0 TCP Arach:46696->mail.com:imap2 (ESTABLISHED) thunderbi 1712 john 65u IPv4 871420 0t0 TCP Arach:48490->mail.com:imap2 (ESTABLISHED) thunderbi 1712 john 80u IPv4 1690593 0t0 TCP Arach:49032->mail.com:imap2 (ESTABLISHED) java 2342 john 99u IPv6 38225 0t0 TCP localhost:40834->localhost:4243 (ESTABLISHED) firefox 3757 john 49u IPv4 1809675 0t0 TCP Arach:58736->fra16s08-in-f206.1e100.net:https (ESTABLISHED) firefox 3757 john 61u IPv4 1809667 0t0 TCP Arach:35190->fra07s28-in-f238.1e100.net:https (ESTABLISHED) firefox 3757 john 62u IPv4 1816763 0t0 TCP Arach:43806->cache.google.com:https (ESTABLISHED) firefox 3757 john 63u IPv4 1809767 0t0 TCP Arach:59834->webcluster-ssl2.webpod5-cph3.one.com:https (ESTABLISHED) firefox 3757 john 66u IPv4 1816252 0t0 TCP Arach:35992->fra16s07-in-f10.1e100.net:https (ESTABLISHED) firefox 3757 john 69u IPv4 1779531 0t0 TCP Arach:55194->18.104.22.168:https (ESTABLISHED)
As I always forget which switches to use on tar I made this little note.
$ tar -zcvpf <destination> <source> z = gzip c = create v = verbose p = preserve permissions f = file
A quick reminder to myself on rsync usage
$ rsync -Cvrtp <source> <destination> C = cvs-exclude V = verbose r = recursive t = times p = permissions K = keep dir links
For a long time I have been using bind as a LAN DNS server. Just for my local server setup, so that I can use hostnames instead of IP addresses. I found the hosts file to be a bit low-tech, and it was a good chance to learn a little about DNS along the way. :-)
A short while ago I was watching the Linux Action Show, where the Pi-hole system was introduced. Now being able to block ads before they are even entering the network (or more correctly before they are requested) seems like a super idea to me. So I started reading up on the requirements.
Ever notice how many braindead people try to break into your email server? It's a daily battle to stay ahead of them. Especially when, like in my case, fail2ban just... well... fails... :-)
For some time I have just manually added IP addresses to my iptables array. The list gets kind of long after a while though. See the following for what I did. And then imagine a lot of these lines.
iptables -A INPUT -s <ip>/<cidr> -p tcp -m tcp --dport 25 -j DROP
If you have the possibility, please support them. They are fighting for you!