Linux whatis command and definitions of some commands in /bin and /sbin directories

No comments:
Linux whatis command searches the whatis database for complete words.

See some command descriptions from whatis database:

addpart (8) - simple wrapper around the add partition ioctl

agetty (8) - alternative Linux getty

arch (1) - print machine hardware name (same as uname -m)

arp (7) - Linux ARP kernel module

arp (8) - manipulate the system ARP cache

arping (8) - send ARP REQUEST to a neighbour host

audispd (8) - an event multiplexor

auditctl (8) - a utility to assist controlling the kernel's audit system

auditd (8) - The Linux Audit daemon

Strict IPTables Rules for postgresql server (Configured to make streaming replication)

No comments:
IPTables rules script for a postgresql server which is configured as a master or a standby for streaming replication.
# IP address of this server
SERVER_IP=$(/sbin/ifconfig -a | awk '/(cast)/ { print $2 }' | cut -d':' -f2 | head -1)

DNS_SERVER=<write IP address of the dns server>
SSH_CLIENT=<write the IP address from where you make ssh connections>
PGE_SERVER=<write IP address of the other postgresql server>

# Flush iptables rules
iptables -F
iptables -X

# Set default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

# Allow traffic on loopback adapter
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# Allow incoming ssh only
iptables -A INPUT -p tcp -s $SSH_CLIENT -d $SERVER_IP --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT 
iptables -A OUTPUT -p tcp -s $SERVER_IP -d $SSH_CLIENT --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT

# Allow incoming icmp only
iptables -A INPUT -p icmp --icmp-type 8 -s $SSH_CLIENT -d $SERVER_IP -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT 
iptables -A OUTPUT -p icmp --icmp-type 0 -s $SERVER_IP -d $SSH_CLIENT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow incoming postgresql connections
iptables -A INPUT -p tcp -s 0/0 -d $SERVER_IP --sport 1024:65535 --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT 
iptables -A OUTPUT -p tcp -s $SERVER_IP -d 0/0 --sport 5432 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

# Allow outgoing postgresql connections
iptables -A OUTPUT -p tcp -s $SERVER_IP -d $PGE_SERVER --sport 1024:65535 --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT 
iptables -A INPUT -p tcp -s $PGE_SERVER -d $SERVER_IP --sport 5432 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

# Allow outgoing DNS requests
iptables -A OUTPUT -p udp -s $SERVER_IP --sport 1024:65535 -d $DNS_SERVER --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT 
iptables -A INPUT -p udp -s $DNS_SERVER --sport 53 -d $SERVER_IP --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT 
iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 1024:65535 -d $DNS_SERVER --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT 
iptables -A INPUT -p tcp -s $DNS_SERVER --sport 53 -d $SERVER_IP --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

# drop all other traffic
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP

Preserving Linux Shell History Even If Working with Multiple Terminals

No comments:
If you are continuously running shell commands on more than one linux terminal, probably you want all of the shell (mostly bash) prompts to remember any command from any terminal. With the following environmental variables to save the .bashrc file, you can do it so.

# This is for ignoring duplicate entries
export HISTCONTROL=ignoredups:erasedups

# This is for large history
export HISTSIZE=102400

# This is for a big history file
export HISTFILESIZE=100000

# This is for appending commands to history file
shopt -s histappend

# This is for saving and reloading the history after each command is run
export PROMPT_COMMAND="history -a; history -c; history -r; $PROMPT_COMMAND"

Preserving links in Linux

No comments:
Linux commands like tar and cp have some options that control whether symbolic links are followed or not. When you run tar command which is backing up directories contain multiple links to big files, you would get unnecessary copies of the same data. 

In the case of a cp command if a symbolic link is encountered, the data inside of the file to which the link targets is copied when -L (dereference) option used. But if you use -d (no dereference) option, cp would copy the link itself.

Look at the following example;

Setting Up a Workgroup Directory in Linux

No comments:
The following procedure may be useful to create workgroup folder for a team of people.

The workgroup name is HR and has some members cbing, mgeller, rgreen
The folder is /data/hr
Only the creators of files in /data/hr folder should be able to delete them.
Members shouldn't worry about file ownership, and all members of the group need full access to files.
Non-members should not have access to any of the files.

The followings will match the requirements written above:

Extracting an HTML Page Contents with Python's BeautifulSoup4

No comments:
BeautifulSoup get_text method can be used for stripping html tags and getting page contents. file is like: 
# -*- coding: utf-8 -*-
import sys
import os
from bs4 import BeautifulSoup
import requests
if sys.stdout.encoding is None:
    os.putenv("PYTHONIOENCODING", 'UTF-8')
    os.execv(sys.executable, ['python']+sys.argv)
url = sys.argv[1]
page_content = requests.get(url)
text = BeautifulSoup(page_content.text).get_text()
print text

This python code can be run with command line argument like:
# python

Microsoft Network Policy Server Synchronization Script

No comments:
This powershell script is written for automating to export configuration from master NPS and then import it on a secondary NPS in order to keep a secondary NPS ready with latest configuration. Script must run on secondary node. The account that runs the script must be the member of both of the master and secondary servers local administrators group.