IP – SudoAll.com

AWS link to obtain IP ranges programmatically by service !!!

Posted on January 26, 2016 by admin

If you need to automate firewall settings for AWS by service this is a real time source of info you can pro grammatically use.

https://ip-ranges.amazonaws.com/ip-ranges.json

nJoy 😉

Disable IPv6 in centOS

Posted on September 13, 2012December 29, 2013 by admin

Edit /etc/sysconfig/network and set “NETWORKING_IPV6” to “no”
For 5.4 and later, replace in /etc/modprobe.conf

alias ipv6 off

options ipv6 disable=1

Alternative (which might be easier and works on any release with /etc/modprobe.d):

# touch /etc/modprobe.d/disable-ipv6.conf
# echo "install ipv6 /bin/true" >> /etc/modprobe.d/disable-ipv6.conf

For CentOS 5.3 or older, add the following to /etc/modprobe.conf :

alias ipv6 off
alias net-pf-10 off

Run /sbin/chkconfig ip6tables off to disable the IPv6 firewall
Reboot the system

With the 5.4 update symbol/ipv6 module dependency capabilities have been introduced; therefore, if IPv6 has been previously disabled as above an upgrade to the bonding driver in 5.4 will result in the bonding kernel module failing to load. For the module to load properly use instead:

# touch /etc/modprobe.d/disable-ipv6.conf
# echo "options ipv6 disable=1" >> /etc/modprobe.d/disable-ipv6.conf

Upstream employee Daniel Walsh recommends not disabling the ipv6 module but adding the following to /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6 = 1

In a short way this is what I do:

[root@toro.maranello.local ~]#echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf

While there I would turn off the IPV6Tables service as well

[root@toro.maranello.local ~]# service ip6tables save
[root@toro.maranello.local ~]# service ip6tables stop
[root@toro.maranello.local ~]# chkconfig ip6tables off

NOTE: SSH x11 forwarding may (and probably will) stop working if you disable the IPv6 …just a heads up :)…

nJoy 😉

Monitoring connections

Posted on August 10, 2012October 14, 2012 by admin

To monitor TCP and UDP connections the following command is very useful:

netstat -t -u

to have a continuous update use the watch command:

watch netstat -t -u

There is a much stronger tool for real time analysis called iptraf.

It is quite self explanatory :

at command line run

iptraf

This tool has many functions and is text mode menu ncurses based application really worth learning.

Setup default gateway with route command Linux

Posted on July 30, 2012July 30, 2012 by admin

Display default route

The following three commands display the current routing table:

# route

Output:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U     0      0        0 ra0
default         dsl-router      0.0.0.0         UG    0      0        0 ra0

# /sbin/route

Output:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
191.255.255.0   *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         191.255.255.1   0.0.0.0         UG    0      0        0 eth0

You can use -n option, to display numerical addresses instead of trying to determine symbolic host names (via dns or /etc/hosts file). This is useful if you are trying to determine why the route to your nameserver has vanished.$

#/sbin/route -n

Output:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
191.255.255.0   0.0.0.0         255.255.255.0   U     0      0        0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 venet0
0.0.0.0         191.255.255.1   0.0.0.0         UG    0      0        0 venet0

Please note that a destionation entry 0.0.0.0 (or default) is the default gatway. In above example 191.255.255.1 is a default gatway.

Add / setup a new route

The syntax is as follows:
route add default gw {IP-ADDRESS} {INTERFACE-NAME}

Where,

IP-ADDRESS: Specify router IP address
INTERFACE-NAME: Specify interface name such as eth0

For example if your router IP address is 192.168.1.254 type the following command as the root user:

# route add default gw 192.168.1.254 eth0

OR use hostname such as dsl-router:

# route add default gw dsl-router eth0

Setting route using GUI tools/command under Linux

If you find above command hard to use, consider using GUI tools. If your are using Red Hat/CentOS/Fedora core Linux type following command:

# redhat-config-network

If you are using other Linux distribution use command:

# network-admin

List interfaces and IPs neatly

Posted on July 29, 2012 by admin

The following command gives a neat list of the Devices and their IPs / details without all the gruesome details.

ifconfig | egrep  "Link|inet"

A sample result would be:

[root@testarossa-00-0c-29-47-8f-35 vm]# ifconfig | egrep "Link|inet"
eth0 Link encap:Ethernet HWaddr 00:0C:29:47:8F:2B 
 inet addr:192.168.47.135 Bcast:192.168.47.255 Mask:255.255.255.0
eth1 Link encap:Ethernet HWaddr 00:0C:29:47:8F:35 
 inet addr:192.168.1.71 Bcast:192.168.1.255 Mask:255.255.255.0
lo Link encap:Local Loopback 
 inet addr:127.0.0.1 Mask:255.0.0.0
peth1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF 
vif0.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF 
vif4.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF 
virbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF 
 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
xenbr1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF 
[root@testarossa-00-0c-29-47-8f-35 vm]#