LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Blogs
User Name
Password

Notices


Old

Basic NFTables Ruleset

Posted 09-27-2024 at 05:46 AM by kakistocrat
Updated 01-05-2025 at 03:15 AM by kakistocrat

Here is a basic NFTables ruleset, stored here for future reference. It'll probably get updated over time as new knowledge and ideas turn up — if I remember.

Code:
#!/usr/sbin/nft -f

flush ruleset

table ip filter4 {
	set blacklist4 {
		type ipv4_addr
		flags interval
		auto-merge
		elements = { xx.yy.zz/22 }
	}

	chain input {
		type filter hook input priority filter; policy drop;
...
LQ Guru
Posted in Uncategorized
Views 470 Comments 0 kakistocrat is offline
Old
Rating: 2 votes, 5.00 average.

There is more to sed(1) than s///

Posted 10-16-2016 at 04:16 AM by kakistocrat
Updated 10-16-2016 at 08:57 AM by kakistocrat

There is more to sed(1) than s///

There are books written about sed(1), a stream editor which can filter and transform streams of text, because it can do a lot more than many suspect. It actually uses a very simple and compact language which, though limited, is concise. I used sed(1) for ages and ages without exploring more of what it can do. It's most often used only with the s/// substitution, but it also has other capabilities.
  • selecting or deleting lines
  • alternate
...
LQ Guru
Posted in Uncategorized
Views 3812 Comments 5 kakistocrat is offline
Old

Misuse of sudo(8) and sudoers(5)

Posted 10-07-2016 at 06:46 AM by kakistocrat

The utility sudo(8) runs programs as another user. Frequently, that other user is root, but it does not have to be, the utility can also be used to downgrade privileges. Often it is mis-used to provide full root access to a group of users in place of su(1). However, sudo(8) was developed to give selective access to machines, following the principle of least privilege. It can achieve a very fine granularity of access, even allowing just specific programs or specific options for specific programs....
LQ Guru
Posted in Uncategorized
Views 5376 Comments 6 kakistocrat is offline
Old

Sharing Write Access to a Web Directory for Multiple Users

Posted 05-29-2016 at 07:29 AM by kakistocrat

In a multi-user environment, group permissions are the way to allow more than one user write access to the web server's document root. Just pick a name for the new group and apply it. It could go something like this:

Code:
groupadd webmeisters
chown -R root:webmeisters /var/www/html/
find /var/www/html/ -type d -exec chmod u=rwx,g=rwxs,o=rx "{}" \;
find /var/www/html/ -type f -exec chmod u=rw,g=rw,o=r "{}" \;
That...
LQ Guru
Posted in Uncategorized
Views 4371 Comments 2 kakistocrat is offline

  



All times are GMT -5. The time now is 08:22 PM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration