Commands for administration

system log analysis

$ logwatch --detail level{10,5,0} --service service-name --print


iptable rules list

$ iptables -L -v -t nat


MAC address request

$ ping ip-address
$ arp -n


show/manipulate routing, devices, policy routing and tunnels

please man ip

set an entry to ARP cache

$ /sbin/arp -s host_or_ip_address local_mac_address


set ARP proxy for a host

$ arp -Ds host_ip_address ethX pub


remove a host from proxy ARP

$ /sbin/arp -i ethX -d host_or_ip_address pub


ARP conversation captured with tcpdump

$ tcpdump -ennqti eth0 \( arp or icmp \)


add/remove a rule to routing table via iproute2

$ ip route add/remove x.x.x.x/n dev ethX


logging via program name (with syslog-ng)

# comment for log
filter name_for_filter { program("program_name"); };
destination name_for_destl { file("/var/log/dir_to_log/file_to_log"); };
log { source(src); filter(name_for_filter); destination(name_for_dest); };


logging via matching content (with syslog-ng)

# comment for log
filter name_for_filter { match("reexp_to_match_content"); };
destination name_for_destl { file("/var/log/dir_to_log/file_to_log"); };
log { source(src); filter(name_for_filter); destination(name_for_dest); };


nfs usage

show NFS server export list
$ showmount -e nfshost

show all clients and mounted directories
$ showmount -a nfshos

iptables and NFS - a solution for NFS server under firewall
$ NFSTCP=`rpcinfo -p | grep -v program| awk '{ print $3 " " $4 }' | sort | uniq |\
grep tcp | awk '{print $2}' | xargs| sed 's/ /,/g'`
$ NFSUDP=`rpcinfo -p | grep -v program| awk '{ print $3 " " $4 }' | sort | uniq |\
grep udp | awk '{print $2}' | xargs| sed 's/ /,/g'`
$ iptables -N NFS
$ iptables -N PESC
$ iptables -A INPUT -p tcp -m multiport --dport $NFSTCP -j NFS
$ iptables -A INPUT -p udp -m multiport --dport $NFSUDP -j NFS
$ iptables -A NFS -j PESC
$ iptables -A NFS -j DROP
$ iptables -A PESC -s 10.0.0.0/24 -j ACCEPT
$ iptables -A PESC -s 10.2.0.0/24 -j ACCEPT

rsync usage

sync via rsync daemon (need to start rsynd service)
$ rsync -av host:/src /dest
$ rsync -av host::module/src /dest
$ rsync -av authuser@host::module_for_authuser/src /dest

sync through ssh tunnel
$ rsync -av -e "ssh -l sshuser" host:/src /dest
$ rsync -av -e "ssh -l sshuser" authuser@host::module_for_authuser/src /dest

mrtg usage

create the index page
$ indexmaker --output=path_to_your_index path_to_config