linux

LLDP on Linux

Link Layer Discovery Protocol (LLDP) is an independant IEEE protocol (IEEE 802.1AB) that helps with gathering/ advertising a device’s identity, capabilities, and neighbors. LLDP is Layer 2 protocol. LLDP is usually used on network devices (switches/ routers) to find ‘neighbor’ (connected) devices, but is equally useful on servers to find details of the switch it’s connected to. This is not enabled by default on Linux, but here’s a quick guide to get it working. Install the package $ sudo yum install lldp Start the daemon $ sudo service lldpd start Find your neighbor device $ sudo lldpcli show neighbors

Command of the Day 2: time

Simple explanation Prints the time it took to execute a command whatis time(1) - time command execution —help None man man 1 time Usage ===== time executable - Time the execution of the program executable time -p executable - Time the execution of the program executable and print in POSIX.2 format

Command of the Day 1: compgen

Simple explanation Show all available commands, aliases and functions whatis compgen [builtins] (1) - bash built-in commands, see bash(1) help compgen: usage: compgen [-abcdefgjksuv] [-o option] [-A action] [-G globpat] [-W wordlist] [-F function] [-C command] [-X filterpat] [-P prefix] [-S suffix] [word]​ man man 1 bash Usage How are we going to create a list of commands for ‘Command of the Day’? Compgen! compgen -a: List of user aliases -b: List of built-in shell commands -c: List of all commands you can run -e: List of shell variables -k: List of built-in shell keywords -A function: List of available bash functions Tip Create an alias for compgen to show all functions: alias compgen=‘compgen -abckA function’. This will print in list format including all aliases, built-ins, commands and functions available References https://www.cyberciti.biz/open-source/command-line-hacks/compgen-linux-command/ http://unix.stackexchange.com/questions/151118/understand-compgen-builtin-command

Command of the Day

There are lots of really interesting commands on Unix/ Linux systems that are either poorly documented or are plainly forgotten about. So in an effort to educate myself and others, I thought I would try and do a command of the day. I’ll aim to do 5 posts a week, sometimes I’ll grep a couple of commands in to one post if they’re related.

Complete guide to iptables implementation

I’ve been wanting to put this article together for some time, a complete guide to implementing iptables on a Linux Server. Firstly, my assumptions: You have a reasonable grasp of Linux and Iptables You want to use Iptables to secure a Linux server The Basics Iptables has by default three chains for the FILTER table: INPUT OUTPUT FORWARD In this case, we’re going to focus on the INPUT chain (Incoming to firewall. For packets coming to the local server) Implementation Automation I implement these rules using the puppet-iptables module. The module is regularly updated and has a very large feature-set. References: https://gist.github.com/jirutka/3742890 http://www.cyberciti.biz/tips/linux-iptables-10-how-to-block-common-attack.html