Novell and OpenNet - Corporate seminar
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear kbukhari,
Salam,
Best Regards.
Salam,
Give respect and in return you will get respectkbukhari wrote:and i am not going to teach you
you can check ot by your self or keep silence
Best Regards.
Farrukh Ahmed
i've said this before, and i'll say it again: your claims are useless unless you have facts to back them up. if you say something, be prepared to present proof. if you refuse to present facts, even a simple google link or two that proves your point (and how hard can that be, if suse's scripting support is as broken as you claim it is?), i'm simply forced to assume that you don't know what you're talking about. this feeling is reinforced by the fact that i've proven several of your your claims incorrect in the past year when it comes to basic solutions to simple tasks.kbukhari wrote:and i am not going to teach you
you can check ot by your self or keep silence
are you honestly trying to tell me that everyone else on the entire planet has problems with scripting on suse? i see no evidence of that on google! how hard can it be to find one link, just one link on google that supports your claim?
unless, of course, it's not true.
oh, one more thing: linuxfreak can tell you that i ask for proof every time someone makes ludicrous comments, not just you. he's seen me do this for years. so if you think i'm picking on you, it's just because lately you've been the only person making such illogical and outlandish claims.
stop and learn from your mistakes.
stop and learn from your mistakes.
Dear Zaheer,Zaheer wrote:AA,
Redhat peoples dont want Suse to be popular.Here in Karachi peoples even dont know and there are many distros but they only know redhat.
I used
Suse 8.0 , 9.0
SLES 10
SLED 10
Their focus is only GUI, thinks are not properly working like other linux, for example some scripts are properly not working, and some times password changing giving problem, but on the other hand there are other linux like debian,slackware,mandriva,yoper,turbolinux,yellowdog, all have no issue like that, it will take time to clear out these things, persons are only running it for small time, but if you will run servers 24/7 and do deep R&D on that, then you can understand those things, i
am not saying SUSE is bad operating system, sue is really a nice operating system but some it will take time that suse will work like other linux flavours.
I am also using suse and doing deep R&D now a days.
i'll share my ideas with you and whole linux pakistan forum.
Regards
Noman Liaquat Khanzada Rajput
Linux means productivity and fun.
We all love Linux, but it's also a fact that some people might not be able to migrate.
i have poswer failur at my home ATM
u can check this
/etc/ipt/pm.conf
/etc/ipt/port-allow.conf
/etc/ipt/port-deny.conf
u can check this
Code: Select all
#!/bin/sh
#This fire wall is Writen By Kashif Ali Bukhari Please Contact him if you have
#any query Cell 0300-4295604 kbukhari@gmail.com
# Flushing the firewall.
iptables -F
iptables -F -t mangle
iptables -X
iptables -F -t nat
echo 1 > /proc/sys/net/ipv4/ip_forward
# Rediract web traffic on squid cache.
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
# Accepting RELATED & ESTABLISHED connections.
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
# getting high preority
iptables -t nat -A PREROUTING -s 192.168.2.0/24 -d 192.168.2.0/24 -j RETURN
iptables -t mangle -A FORWARD -p udp -d 0/0 --dport 53 -j TOS --set-tos Minimize-Delay
iptables -t mangle -A FORWARD -p tcp -d 0/0 --dport 443 -j TOS --set-tos Minimize-Delay
# Script for allowing the safe ports.
pa=$(cat /etc/ipt/port-allow.conf)
for pas in $pa
do
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -p tcp --dport $pas -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -p udp --dport $pas -j MASQUERADE
echo "Port Allowed" $pas
done
echo "Allowing Ports done.........................."
echo ""
echo ""
#own
iptables -N port-scan
iptables -N syn-flood
iptables -A INPUT -i eth1 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j syn-flood
iptables -A INPUT -i eth1 -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -m state --state NEW -j DROP
iptables -A INPUT -i eth1 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -j port-scan
iptables -A port-scan -m limit --limit 1/sec --limit-burst 4 -j RETURN
iptables -A port-scan -j DROP
iptables -A syn-flood -m limit --limit 1/sec --limit-burst 4 -j RETURN
iptables -A syn-flood -j DROP
iptables -A FORWARD -d 69.56.166.50 -j DROP
iptables -A FORWARD -d 200.183.0.43 -j DROP
iptables -A FORWARD -d 200.183.0.44 -j DROP
iptables -A FORWARD -p icmp -j DROP
# Script for allowing the safe ports.
pd=$(cat /etc/ipt/port-deny.conf)
for pds in $pd
do
iptables -t nat -A PREROUTING -p tcp -m tcp -j DROP --dport $pds
iptables -t nat -A PREROUTING -p udp -m udp -j DROP --dport $pds
echo "Port Blocked" $pds
done
echo "Blocking ports done........................."
echo ""
echo ""
# Script for adding Users in voice chat
vc=$(cat /etc/ipt/pm.conf)
for vcs in $vc
do
iptables -t nat -A POSTROUTING -j MASQUERADE -s $vcs
echo "IP address" $vcs "is allowed in voice chat"
done
echo "Users Allowing is Done........................."
echo ""
echo ""
exit
Code: Select all
92.168.2.1
Code: Select all
20
21
23
25
110
143
443
456
777
7777
1863
2628
5050
5060
5061
5190
5191
5192
5193
5222
5269
6665
6666
6667
6668
6669
6891
6892
6893
6894
6895
6896
6897
6898
6899
6900
5005
5222
8602
Code: Select all
3135
1214
445
135:140
8888
5554
3128
9996
9604
5300
3306
2745
1025
6556
6129
1433
1025
1090
2745
3127
6129
8200
1433:1434
2000:2094
5200:5221
5223:6000
7780:8000
6345:6349
6881:6999
oklambda wrote:all right. i found a suse box. give me the contents of this "/usr/local/kashif/arp" file, and i'll run it.kbukhari wrote:i send you the script check by your self
/usr/local/kashif/arp
Code: Select all
00:A0:C9:85:BE:84:102:adnan-112-nca-ip-102-Boy
11:10:5A:1F:0C:E9:103:ab-nca-214-ip-103-Boy-06-10-06
11:3A:45:A6:9A:72:104:Akber-NCA-ip-104-Boy-116-1-DDD-25-11
00:A0:C9:85:C0:CF:105:mariyamgul-ip-105-nca-Girl-20-11-06
00:00:94:7B:06:D7:106:sahar-ashraf-ip-106-nca-Girl-24-08-06-DD-19-09
00:11:10:55:04:6E:107:masum-nca-218-Boy-DDD
11:0D:87:D0:09:11:108:rahemkhan-nca-305-Boy-DDD
00:50:8B:49:CE:03:109:warden-nca-FFFF-ip-109
if you want a script for adding contants in
/usr/local/kashif/arp
then see
/usr/local/kashif/arp
then see
Code: Select all
#!/bin/bash
ROOT_UID=0
E_NOTROOT=67
KASHIFARP=/usr/local/kashif/arp
VCALLOW=/etc/ipt/user-vc.conf
if [ "$UID" -ne "$ROOT_UID" ]
then
echo "Must be root to run this command."
exit $E_NOTROOT
fi
echo "Enter client name ";read CLNAME
echo "Enter Last number of ip 204.15.15.";read CLIP
echo "Enter MAC/Physical Address E.G:- 00:AA:DD:EE:CC:FF";read MAC
if [[ $MAC =~ "[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]" ]]
then
echo "$MAC:$CLIP:$CLNAME" >> $KASHIFARP
else
echo "BAD MAC ADDRESS"
exit
fi
echo "Allow User In Voice Chat ? (y/n)"
read CHVC
if [ $CHVC = y ]
then
echo "204.15.5.$CLIP" >> $VCALLOW
elif [ $CHVC = n ]
then
/usr/local/bin/kbs
exit
else
echo "bad option selected "
grep -v $MAC:$CLIP:$CLNAME $KASHIFARP > /tmp/arp
mv /tmp/arp $KASHIFARP
fi
/usr/local/bin/kbs
exit
i don't know why i waste time on you, kbukhari. the following is the output of your script run on SLES9SP3-3 Revision 2 ia32e (x86_64). i changed some of the paths (like /etc/dhcpd.conf) to files in /tmp because i don't have root access, but you can confirm that it is otherwise the same script you posted up above.
what do you say now, kbukhari?
Code: Select all
Script started on Wed 29 Nov 2006 12:25:45 AM PST
~ 202> uname -r
2.6.5-7.276.PTF.196309.1-smp
~ 203> cat /tmp/suse.sh
#!/bin/bash
DHCP=/tmp/dhcpd.conf
NAMED=/tmp/named.broadcast
NAMED1=/tmp/named.broadcast1
COUNT=$(cat /tmp/arp)
KASHIFARP=/tmp/arp.txt
MAC="awk -F: '{ print $1":" $2":"$3":"$4":"$5":"$6 }' /tmp/grb"
IPADDR="awk -F: '{ print "204.15.5"$7 }' /tmp/grb"
CLNAME="awk -F: '{ print $8 }' /tmp/grb"
echo "" > $DHCP
echo "" > $NAMED
echo "" > $NAMED1
echo "#ARP List For Cache" > $KASHIFARP
echo "deny unknown-clients;" > $DHCP
echo "default-lease-time 3600;" >> $DHCP
echo "ddns-update-style none;" >> $DHCP
echo "max-lease-time 7200;" >> $DHCP
echo "subnet 204.15.5.0 netmask 255.255.255.0 {" >> $DHCP
echo " option domain-name-servers 204.15.5.1, 204.15.6.1;" >> $DHCP
echo " option routers 204.15.5.1;" >> $DHCP
echo " range 204.15.5.201 204.15.5.201;" >> $DHCP
echo " }" >> $DHCP
echo "#################################################################" >> $DHCP
echo "" >> $DHCP
echo "" >> $DHCP
echo """$""TTL 86400" > $NAMED
echo "@ IN SOA ns.namjee.net.pk root.najmee.net.pk (" >> $NAMED
echo " 60" >> $NAMED
echo " 3H" >> $NAMED
echo " 15M" >> $NAMED
echo " 1W" >> $NAMED
echo " 1D )" >> $NAMED
echo "" >> $NAMED
echo " IN NS ns.najmee.net.pk." >> $NAMED
echo """$""TTL 86400" > $NAMED1
echo "@ IN SOA ns.namjee.net.pk root.najmee.net.pk (" >> $NAMED1
echo " 60" >> $NAMED1
echo " 3H" >> $NAMED1
echo " 15M" >> $NAMED1
echo " 1W" >> $NAMED1
echo " 1D )" >> $NAMED1
echo "" >> $NAMED1
echo " IN NS ns.najmee.net.pk." >> $NAMED1
for I in $COUNT
do
echo $I > /tmp/grb
echo "host $(awk -F: '{ print $8 }' /tmp/grb) {" >> $DHCP
echo " hardware ethernet $(awk -F: '{ print $1":" $2":"$3":"$4":"$5":"$6 }' /tmp/grb);" >> $DHCP
echo "$(awk -F: '{ print $1":" $2":"$3":"$4":"$5":"$6 " #"$8 }' /tmp/grb);" >> $KASHIFARP
echo " fixed-address $(awk -F: '{ print "204.15.5."$7 }' /tmp/grb);" >> $DHCP
echo " }" >> $DHCP
echo "$(awk -F: '{ print $7 }' /tmp/grb ) IN PTR $(awk -F: '{ print $8 }' /tmp/grb)." >> $NAMED
echo "$(awk -F: '{ print $7 }' /tmp/grb ) IN PTR $(awk -F: '{ print $8 }' /tmp/grb)." >> $NAMED1
done
# service server restart
exit 0
~ 204> cat /tmp/arp
00:A0:C9:85:BE:84:102:adnan-112-nca-ip-102-Boy
11:10:5A:1F:0C:E9:103:ab-nca-214-ip-103-Boy-06-10-06
11:3A:45:A6:9A:72:104:Akber-NCA-ip-104-Boy-116-1-DDD-25-11
00:A0:C9:85:C0:CF:105:mariyamgul-ip-105-nca-Girl-20-11-06
00:00:94:7B:06:D7:106:sahar-ashraf-ip-106-nca-Girl-24-08-06-DD-19-09
00:11:10:55:04:6E:107:masum-nca-218-Boy-DDD
11:0D:87:D0:09:11:108:rahemkhan-nca-305-Boy-DDD
00:50:8B:49:CE:03:109:warden-nca-FFFF-ip-109
~ 205> chmod +x /tmp/suse.sh
~ 206> /tmp/suse.sh
~ 207> cat /tmp/dhcpd.conf
deny unknown-clients;
default-lease-time 3600;
ddns-update-style none;
max-lease-time 7200;
subnet 204.15.5.0 netmask 255.255.255.0 {
option domain-name-servers 204.15.5.1, 204.15.6.1;
option routers 204.15.5.1;
range 204.15.5.201 204.15.5.201;
}
#################################################################
host adnan-112-nca-ip-102-Boy {
hardware ethernet 00:A0:C9:85:BE:84;
fixed-address 204.15.5.102;
}
host ab-nca-214-ip-103-Boy-06-10-06 {
hardware ethernet 11:10:5A:1F:0C:E9;
fixed-address 204.15.5.103;
}
host Akber-NCA-ip-104-Boy-116-1-DDD-25-11 {
hardware ethernet 11:3A:45:A6:9A:72;
fixed-address 204.15.5.104;
}
host mariyamgul-ip-105-nca-Girl-20-11-06 {
hardware ethernet 00:A0:C9:85:C0:CF;
fixed-address 204.15.5.105;
}
host sahar-ashraf-ip-106-nca-Girl-24-08-06-DD-19-09 {
hardware ethernet 00:00:94:7B:06:D7;
fixed-address 204.15.5.106;
}
host masum-nca-218-Boy-DDD {
hardware ethernet 00:11:10:55:04:6E;
fixed-address 204.15.5.107;
}
host rahemkhan-nca-305-Boy-DDD {
hardware ethernet 11:0D:87:D0:09:11;
fixed-address 204.15.5.108;
}
host warden-nca-FFFF-ip-109 {
hardware ethernet 00:50:8B:49:CE:03;
fixed-address 204.15.5.109;
}
~ 208> cat /tmp/named.broadcast
$TTL 86400
@ IN SOA ns.namjee.net.pk root.najmee.net.pk (
60
3H
15M
1W
1D )
IN NS ns.najmee.net.pk.
102 IN PTR adnan-112-nca-ip-102-Boy.
103 IN PTR ab-nca-214-ip-103-Boy-06-10-06.
104 IN PTR Akber-NCA-ip-104-Boy-116-1-DDD-25-11.
105 IN PTR mariyamgul-ip-105-nca-Girl-20-11-06.
106 IN PTR sahar-ashraf-ip-106-nca-Girl-24-08-06-DD-19-09.
107 IN PTR masum-nca-218-Boy-DDD.
108 IN PTR rahemkhan-nca-305-Boy-DDD.
109 IN PTR warden-nca-FFFF-ip-109.
~ 209> cat /tmp/named.broadcast1
$TTL 86400
@ IN SOA ns.namjee.net.pk root.najmee.net.pk (
60
3H
15M
1W
1D )
IN NS ns.najmee.net.pk.
102 IN PTR adnan-112-nca-ip-102-Boy.
103 IN PTR ab-nca-214-ip-103-Boy-06-10-06.
104 IN PTR Akber-NCA-ip-104-Boy-116-1-DDD-25-11.
105 IN PTR mariyamgul-ip-105-nca-Girl-20-11-06.
106 IN PTR sahar-ashraf-ip-106-nca-Girl-24-08-06-DD-19-09.
107 IN PTR masum-nca-218-Boy-DDD.
108 IN PTR rahemkhan-nca-305-Boy-DDD.
109 IN PTR warden-nca-FFFF-ip-109.
~ 210> rm /tmp/arp /tmp/dhcpd.conf /tmp/named.broadcast /tmp/named.broadcast1
rm: remove regular file `/tmp/arp'? y
rm: remove regular file `/tmp/dhcpd.conf'? y
rm: remove regular file `/tmp/named.broadcast'? y
rm: remove regular file `/tmp/named.broadcast1'? y
~ 211> exit
exit
Script done on Wed 29 Nov 2006 12:27:50 AM PST