Linux Hosting Talk - On the Server http://www.linuxhostingtalk.com/ Discuss things on the server; CLI, Apache, Bind, SSH, etc.. en Sun, 19 May 2013 13:43:54 GMT vBulletin 60 http://www.linuxhostingtalk.com/images/styles/TotallyPro/misc/rss.png Linux Hosting Talk - On the Server http://www.linuxhostingtalk.com/ Learn the csf command line flags http://www.linuxhostingtalk.com/showthread.php/2142-Learn-the-csf-command-line-flags?goto=newpost Thu, 25 Apr 2013 16:52:28 GMT Knowing the csf flags will help you to quickly get things done - instead of loading up the GUI every single time. Here are some of the ones I use... Knowing the csf flags will help you to quickly get things done - instead of loading up the GUI every single time.

Here are some of the ones I use all the time.

csf -r (Restart CSF)
csf -d (quick deny an ip: csf -d xxx.xxx.xxx.xxx)
csf -a (quick allow / whitelist an ip: csf -a xxx.xxx.xxx.xxx)
csf -dr (unblock an ip and remove from the deny list: csf -dr xxx.xxx.xxx.xxx)

Here are all of them:
Code:
Usage: /usr/sbin/csf [option] [value]


Option              Meaning
-h, --help          Show this message
-l, --status        List/Show iptables configuration
-l6, --status6      List/Show ip6tables configuration
-s, --start        Start firewall rules
-f, --stop          Flush/Stop firewall rules (Note: lfd may restart csf)
-r, --restart      Restart firewall rules
-q, --startq        Quick restart (csf restarted by lfd)
-sf, --startf      Force CLI restart regardless of LFDSTART setting
-a, --add ip        Allow an IP and add to /etc/csf.allow
-ar, --addrm ip    Remove an IP from /etc/csf.allow and delete rule
-d, --deny ip      Deny an IP and add to /etc/csf.deny
-dr, --denyrm ip    Unblock an IP and remove from /etc/csf.deny
-df, --denyf        Remove and unblock all entries in /etc/csf.deny
-g, --grep ip      Search the iptables rules for an IP match (incl. CIDR)
-t, --temp          Displays the current list of temp IP entries and their TTL
-tr, --temprm ip    Remove an IPs from the temp IP ban and allow list
-td, --tempdeny ip ttl [-p port] [-d direction]
                    Add an IP to the temp IP ban list. ttl is how long to
                    blocks for (default:seconds, can use one suffix of h/m/d).
                    Optional port. Optional direction of block can be one of:
                    in, out or inout (default:in)
-ta, --tempallow ip ttl [-p port] [-d direction]
                    Add an IP to the temp IP allow list (default:inout)
-tf, --tempf        Flush all IPs from the temp IP entries
-cp, --cping        PING all members in an lfd Cluster
-cd, --cdeny ip    Deny an IP in a Cluster and add to /etc/csf.deny
-ca, --callow ip    Allow an IP in a Cluster and add to /etc/csf.allow
-cr, --crm ip      Unblock an IP in a Cluster and remove from /etc/csf.deny
-cc, --cconfig [name] [value]
                    Change configuration option [name] to [value] in a Cluster
-cf, --cfile [file] Send [file] in a Cluster to /etc/csf/
-crs, --crestart    Cluster restart csf and lfd
-w, --watch ip      Log SYN packets for an IP across iptables chains
-m, --mail [addr]  Display Server Check in HTML or email to [addr] if present
-lr, --logrun      Initiate Log Scanner report via lfd
-c, --check        Check for updates to csf but do not upgrade
-u, --update        Check for updates to csf and upgrade if available
-uf                Force an update of csf
-x, --disable      Disable csf and lfd
-e, --enable        Enable csf and lfd if previously disabled
-v, --version      Show csf version
]]> On the Server Rob http://www.linuxhostingtalk.com/showthread.php/2142-Learn-the-csf-command-line-flags Script to bulk check domain name servers (or IP, or txt records, etc..) http://www.linuxhostingtalk.com/showthread.php/2136-Script-to-bulk-check-domain-name-servers-(or-IP-or-txt-records-etc-)?goto=newpost Wed, 24 Apr 2013 13:57:36 GMT Let's say you have 20 domains and you want to quickly find out what name servers they're all using. Do this.

Create a file calling it whatever you want. We'll name it domain_list.

Enter in all of the domains you want to check, each on a new line.

Example:
Code:
domain1.com
domain2.com
domain3.com
domain4.com
Now, run this command to check each one:
Code:
for M in $(cat ./domain_list);do dig @8.8.8.8 $M ns +noadditional +nocomments +nostats +noquestion;done
You'll get something like this:
Code:
[rob@station-222 ~]$ for M in $(cat ./domain_list);do dig @8.8.8.8 $M ns +noadditional +nocomments +nostats +noquestion;done


; <<>> DiG 9.9.2-P1-RedHat-9.9.2-3.P1.fc17 <<>> @8.8.8.8 domain1.com ns +noadditional +nocomments +nostats +noquestion
; (1 server found)
;; global options: +cmd


; <<>> DiG 9.9.2-P1-RedHat-9.9.2-3.P1.fc17 <<>> @8.8.8.8 domain2.com ns +noadditional +nocomments +nostats +noquestion
; (1 server found)
;; global options: +cmd


; <<>> DiG 9.9.2-P1-RedHat-9.9.2-3.P1.fc17 <<>> @8.8.8.8 domain3.com ns +noadditional +nocomments +nostats +noquestion
; (1 server found)
;; global options: +cmd
domain3.com.                4764        IN        NS        ns1.dsredirection.com.
domain3.com.                4764        IN        NS        ns2.dsredirection.com.


; <<>> DiG 9.9.2-P1-RedHat-9.9.2-3.P1.fc17 <<>> @8.8.8.8 domain4.com ns +noadditional +nocomments +nostats +noquestion
; (1 server found)
;; global options: +cmd
domain4.com.                21599        IN        NS        ns1.sedoparking.com.
domain4.com.                21599        IN        NS        ns2.sedoparking.com.
[rob@station-222 ~]$
As you can see, domain1.com and domain2.com don't have ns records set up. If you were to do a whois on them, you'll see that they do have nameservers assigned to them, but since there's nothing set up, we don't care...

You can do the same with mx records, A records, txt, spf records, etc.. Just change the 'ns' part in the command to the type of record you want to query. ]]> On the Server Rob http://www.linuxhostingtalk.com/showthread.php/2136-Script-to-bulk-check-domain-name-servers-(or-IP-or-txt-records-etc-)