Scripts

Script: https traffic block

Posted on Updated on

This script is for blocking https traffic in the software router it self, I am using squid and it is not capable for  handling HTTPS traffics, because 1 , the url is encrypted. 2, The routing table is only for handing traffic over port 80.

This script have two input file, it will create automatically when the first run. It having capability for private-IP based restriction

Editable area in the script :

DIST=192.168.1.6            #IP where the request has to forward
DPORT=81                    #Port where the request has to forward
BLOCKPORTS=443              #Outgoing + incomming Port 
RULE=forward                #Possible options reject,drop,forward

If you have any web-page for giving a message to the user regarding the block, set it here

Enter the domain and local IP separately in the file, examples are shown below Download here

[anand@planetcure ~]$ sh https_block.sh --help
This script is for block https outbound traffic using source based requests
 -s or --silent Silent execution
 ssl_domains  File for enter SSL domain names
 ip_users     File for enter localip list

You must have to enable forwarding and execute it from root.

First run :

[root@planetcure]# sh https_block.sh 
Parent dir not found, Creating entire structure 
/opt/installer/scripts
|-- ip_users
`-- ssl_domains

0 directories, 2 files
[INFO]:We found empty input file. exiting..

Input Files :

[root@planetcure]# ls /opt/installer/scripts/
ip_users  ssl_domains

File input one by one :

[root@planetcure scripts]# cat ip_users
192.168.1.100
192.168.1.245
[root@planetcure scripts]# cat ssl_domains
www.enlook.wordpress.com
facebook.com
www.facebook.com

Output:

[root@planetcure]# sh https_block.sh 
Validating file structure
checking ssl_domains Ok.
checking ip_users Ok.
/opt/installer/scripts
|-- ip_users
`-- ssl_domains

0 directories, 2 files

 Executing source Ip 192.168.1.100 

76.74.254.123 blocked for the domain www.enlook.wordpress.com
192.0.80.250 blocked for the domain www.enlook.wordpress.com
192.0.81.250 blocked for the domain www.enlook.wordpress.com
66.155.9.238 blocked for the domain www.enlook.wordpress.com
66.155.11.238 blocked for the domain www.enlook.wordpress.com
76.74.254.120 blocked for the domain www.enlook.wordpress.com
173.252.110.27 blocked for the domain facebook.com
31.13.79.128 blocked for the domain www.facebook.com

 Executing source Ip 192.168.1.245 

76.74.254.120 blocked for the domain www.enlook.wordpress.com
76.74.254.123 blocked for the domain www.enlook.wordpress.com
192.0.80.250 blocked for the domain www.enlook.wordpress.com
192.0.81.250 blocked for the domain www.enlook.wordpress.com
66.155.9.238 blocked for the domain www.enlook.wordpress.com
66.155.11.238 blocked for the domain www.enlook.wordpress.com
173.252.110.27 blocked for the domain facebook.com
31.13.79.128 blocked for the domain www.facebook.com

Now set this as crone like below

*/05 * * * * /bin/sh /root/https_block.sh -s

If you run again the script it will show the current status of the blocked domain

[root@localhost bash]# sh https_block.sh 
Validating file structure
checking ssl_domains Ok.
checking ip_users Ok.
/opt/installer/scripts
|-- ip_users
`-- ssl_domains

0 directories, 2 files

 Executing source Ip 192.168.1.100 

Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.100        76.74.254.123       tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.100        192.0.80.250        tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.100        192.0.81.250        tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.100        66.155.9.238        tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.100        66.155.11.238       tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.100        76.74.254.120       tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:facebook.com      DNAT       tcp  --  192.168.1.100        173.252.110.27      tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
31.13.79.144 blocked for the domain www.facebook.com

 Executing source Ip 192.168.1.245 

Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.245        76.74.254.120       tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.245        76.74.254.123       tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.245        192.0.80.250        tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.245        192.0.81.250        tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.245        66.155.9.238        tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:www.enlook.wordpress.com      DNAT       tcp  --  192.168.1.245        66.155.11.238       tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
Domain:facebook.com      DNAT       tcp  --  192.168.1.245        173.252.110.27      tcp dpt:443 tcp dpt:443 to:192.168.1.6:81 
31.13.79.144 blocked for the domain www.facebook.com

Now you have control in the network traffic usage.

This entry was posted in Linux, Scripts, squid and tagged , , , , .

Bash: History appending for multiple sessions

Posted on

I got a requirement for listing all the command history if  multiple terminal sessions using in different region for the single user. I followed the below steps.

step1 : Create a new file with the below entries

root@appserver:# cat /etc/profile.d/bash_history.sh
function share_history {
 history -a
 history -c
 history -r
}
HISTSIZE=99999
HISTCONTROL=ignoredups
HISTTIMEFORMAT=`echo -e "33[1;34m%d/%h/%Y 33[1;31m%H:%M:%S 33[0m"`
PROMPT_COMMAND='share_history'
shopt -u histappend

Step2: activate it in run-time

root@appserver:# source /etc/profile.d/bash_history.sh

Now you can see the list of aged histories

Sample Output :

1005 26/Dec/2013 14:23:08 vi /etc/profile.d/bash_history.sh
1006 26/Dec/2013 14:23:27 source /etc/profile.d/bash_history.sh
1007 26/Dec/2013 14:23:31 history

This entry was posted in Linux, Scripts, SSH, Ubuntu and tagged , , , , , .

script : Start the tomcat as service.

Posted on

This script is used to start the sevrlet container as service, which is using common-daemon for starting java process.

#!/bin/sh
#
# tomcat Start/Stop the Tomcat servlet container.
#
# chkconfig: 345 55 55
# description: Tomcat servlet container.
# processname: tomcat
##############################################################################
#
# Small shell script to show how to start/stop Tomcat using jsvc
# If you want to have Tomcat running on port 80 please modify the server.xml
# file:
#
# <!-- Define a non-SSL HTTP/1.1 Connector on port 80 -->
# <Connector className="org.apache.catalina.connector.http.HttpConnector"
# port="80" minProcessors="5" maxProcessors="75"
# enableLookups="true" redirectPort="8443"
# acceptCount="10" debug="0" connectionTimeout="60000"/>
# Download and install dependency package 
# http://mirror.symnds.com/software/Apache//commons/daemon/binaries/commons-daemon-1.0.15-bin.tar.gz
# 
# Source function library.
. /etc/rc.d/init.d/functions

set +x
JAVA_HOME=/usr/local/jdk1.7.0_45
CATALINA_HOME=/usr/local/apache-tomcat-6.0.37
DAEMON_HOME=/usr/local/apache-tomcat-6.0.37
TOMCAT_USER=tomcat
TMP_DIR=/var/tmp
CATALINA_OPTS='-Xms512M -Xmx1024M'
CLASSPATH=\
$JAVA_HOME/lib/tools.jar:\
$DAEMON_HOME/bin/commons-daemon.jar:\
$CATALINA_HOME/bin/bootstrap.jar
prog=tomcat

start() {
echo $"Starting $prog: "
 #
 # Start Tomcat
 #
 $DAEMON_HOME/bin/jsvc \
 -user $TOMCAT_USER \
 -home $JAVA_HOME \
 -Dcatalina.home=$CATALINA_HOME \
 -Djava.io.tmpdir=$TMP_DIR \
 -outfile $CATALINA_HOME/logs/catalina.out \
 -errfile '&1' \
 $CATALINA_OPTS \
 -cp $CLASSPATH \
 org.apache.catalina.startup.Bootstrap
 #
 # To get a verbose JVM
 #-verbose \
 # To get a debug of jsvc.
 #-debug \
}
stop() {
 echo $"Stopping $prog: "
 #
 # Stop Tomcat
 #
 PID=`cat /var/run/jsvc.pid`
 kill $PID
}
status() {
 if ! $JAVA_HOME/bin/jps -mlvV | grep -v "Jps" > /dev/null
 then
 echo "Stopped : $prog is no not running"
 else
 echo "Running process for tomcat"
 echo "=========================="
 $JAVA_HOME/bin/jps -mlvV | grep -v "Jps"
 fi
}

case "$1" in
 start)
 start
 ;;
 stop)
 stop
 ;;
 restart)
 stop
 sleep 2
 start
 ;;
 status)
 status
 ;;
 *)
 echo "Usage $0 {start|stop|restart|status}"
 exit 1;;
esac

This entry was posted in apache, Apache, Linux, Scripts, tomcat.

script: Bash script to backup MySQL databases.

Posted on Updated on

 

#!/bin/bash 
# Simple script to backup MySQL databases 
# 
# You have to enter the credintials, the scritp will make backup of all the databases 
# including information schema and perfomance schema as well, and store it as a gunzip format 
# in the backup directory. Each databases are dump as seperate files. 
# 
# This will maintain 30 days backup. If you need to extend, edit the WEIGHT as your own. 
# Website : https://enlook.wordpress.com , http://planetcure.info , http://xtermpro.com 
# Created by : Anandbabu 
# 
#################################################################################################
# Parent backup directory
backup_parent_dir="/backup/"
#Enter multiple email ID using space
Email="email@domain.com email@domain.com"
Email_Content="/tmp/Mail_db"
WEIGHT=30 # 30 days
# MySQL settings
mysql_user="my_database_user"
mysql_password='database_password'
mysql_databases="Default_database"
#Creating file for email
[ ! -f ${Email_Content} ] && touch ${Email_Content} || :> ${Email_Content}
E_mail(){
 for email in ${Email}
 do
 cat ${Email_Content} | mail -s "Notification: Mysql Database Backup $@ from MyServer " ${email} -aFrom:Backup\<backup@domain.com\>
 done
 }
# Read MySQL password from stdin if empty
if [ -z "${mysql_password}" ]; then
 echo -n "Enter MySQL ${mysql_user} password: " >> ${Email_Content}
 read -s mysql_password
 echo
fi
# Check MySQL password
echo exit | mysql --user=${mysql_user} --password=${mysql_password} -B 2>/dev/null
if [ "$?" -gt 0 ]; then
 echo "MySQL ${mysql_user} password incorrect" >> ${Email_Content}
 E_mail Failed
 exit 1
else
 echo "MySQL ${mysql_user} password correct." >> ${Email_Content}
fi
# Create backup directory and set permissions
backup_date=`date +%Y_%m_%d_%H_%M`
backup_dir="${backup_parent_dir}/${backup_date}"
echo "Backup directory: ${backup_dir}" >> ${Email_Content}
mkdir -p "${backup_dir}"
chmod 700 "${backup_dir}"
# Get MySQL databases
mysql_databases=`echo 'show databases' | mysql --user=${mysql_user} --password=${mysql_password} -B | sed /^Database$/d`
# Backup and compress each database
for database in $mysql_databases
do
if [[ "$database" =~ "information_schema" || "$database" =~ "performance_schema" ]] ; then
 additional_mysqldump_params="--skip-lock-tables"
else
 additional_mysqldump_params=""
fi
 echo "Creating backup of \"${database}\" database" >> ${Email_Content}
 mysqldump ${additional_mysqldump_params} --user=${mysql_user} --password=${mysql_password} ${database} | gzip > "${backup_dir}/${database}.sql.gz"
 chmod 600 "${backup_dir}/${database}.sql.gz"
done

##Removing folder older than 30 days
ECOUT=""
echo "" >> ${Email_Content}
ECOUT=`find ${backup_parent_dir} -type d -ctime +$WEIGHT`
if [ -z $ECOUT ]; then
 echo "No more older backups to remove" >> ${Email_Content}
 E_mail Success
 exit
else
 echo "Following older backups are removed" >> ${Email_Content}
 for i in $ECOUT
 do
 rm -rvf $i 1>>${Email_Content} 2>>${Email_Content}
 done
 E_mail Success
 exit
fi

This entry was posted in Linux, Scripts and tagged , , , , , , , .

Script: SSH auto multi login.

Posted on

I have using to login my server through my gateway server.

#Script to login to gateway server and initiate login to internal server
#!/bin/bash
_Terminal="/usr/bin/gnome-terminal --maximize"
QT="42"

Exec(){
echo -e "#!/usr/bin/expect -f
spawn ssh -l root Mydomain.gateserver.com
send -- "$QT"ssh root@$1\r"$QT"
interact" > /tmp/$_ServerName
chmod +x /tmp/$_ServerName
}

while read char
do
_ServerName=`echo $char |awk '{print $2}'`
_ServerIP=`echo $char |awk '{print $3}'`
Exec $_ServerIP
_Tabs=""$_Tabs" --tab-with-profile="Default" --title=$_ServerName -x "/tmp/$_ServerName""
done < $1

eval $_Terminal $_Tabs
exit

#Input file syntax

My.server1.domain.com 111.222.333.444
My.server2.domain.com 122.332.353.411
My.server3.domain.com 131.282.393.42

#usage

./Script intpufile

This entry was posted in Linux, Scripts, SSH and tagged , , , .

Script: Reset default iptable rules on Cpanel server

Posted on Updated on 

#!/bin/sh
/sbin/modprobe nf_conntrack_ftp 2>&1 >/dev/null
IPTABLES='/sbin/iptables'
# policy
$IPTABLES -P INPUT DROP
 $IPTABLES -P OUTPUT DROP
 $IPTABLES -P FORWARD ACCEPT
$IPTABLES -F
 $IPTABLES -X
 $IPTABLES -Z
#
 # INPUT Policy
 #
# default
 $IPTABLES -A INPUT -p icmp -j ACCEPT
 $IPTABLES -A INPUT -i lo -j ACCEPT
if [ -s /etc/ip.allow ]; then
 for ip in `cat /etc/ip.allow`; do
 $IPTABLES -A INPUT -s $ip -j ACCEPT
 done
 fi
# ident
 $IPTABLES -A INPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset
#
 $IPTABLES -N IPDENY
 $IPTABLES -A IPDENY -j LOG --log-tcp-options --log-ip-options --log-prefix '[IPTABLES IPDENY]: '
 $IPTABLES -A IPDENY -j DROP
 if [ -s /etc/ip.deny ]; then
 for ip in `cat /etc/ip.deny`; do
 $IPTABLES -A INPUT -s $ip -j IPDENY
 done
 fi
# syn-flood
 $IPTABLES -N CHK-SYNFLOOD
 $IPTABLES -N LOG-SYNFLOOD
 $IPTABLES -A CHK-SYNFLOOD -p tcp --syn -m limit --limit 10/s --limit-burst 10 -j ACCEPT
 $IPTABLES -A CHK-SYNFLOOD -p tcp --syn -j LOG-SYNFLOOD
 $IPTABLES -A CHK-SYNFLOOD -p tcp ! --syn -j ACCEPT
 $IPTABLES -A LOG-SYNFLOOD -m limit --limit 1/s --limit-burst 2 -j LOG --log-prefix "iptables SYNFLOOD DROP "
 $IPTABLES -A LOG-SYNFLOOD -j DROP
# drop new connection except syn
 $IPTABLES -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
# related
 $IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# whm/cpanel
 $IPTABLES -A INPUT -p tcp --dport 2086 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 2087 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 2082 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 2083 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 2095 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 2096 -j ACCEPT
# ssh
 $IPTABLES -N SSH_OnBruteForceAttacked
 $IPTABLES -A SSH_OnBruteForceAttacked -m recent --name SSHSyn --remove
 $IPTABLES -A SSH_OnBruteForceAttacked -m recent --name SSHBlackList --set -j LOG --log-level warning --log-prefix "SSH BruteForceAttack: "
 $IPTABLES -A SSH_OnBruteForceAttacked -j DROP
$IPTABLES -N SSH
 $IPTABLES -A SSH -p tcp ! --syn -m state --state ESTABLISHED,RELATED -j ACCEPT
 $IPTABLES -A SSH -p tcp --syn -m state --state NEW -m recent --name SSHBlackList --update --seconds 600 --rttl -j DROP
 $IPTABLES -A SSH -p tcp --syn -m state --state NEW -m recent --name SSHSyn --update --seconds 60 --hitcount 5 --rttl -j SSH_OnBruteForceAttacked
 $IPTABLES -A SSH -p tcp --syn -m state --state NEW -m recent --name SSHSyn --set
 $IPTABLES -A SSH -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 22 -j SSH
# ftp
 $IPTABLES -N FTP_OnBruteForceAttacked
 $IPTABLES -A FTP_OnBruteForceAttacked -m recent --name ftp_block --set -j LOG --log-level warning --log-prefix "FTP BruteForceAttack: "
 $IPTABLES -A FTP_OnBruteForceAttacked -j DROP
$IPTABLES -N FTP
 $IPTABLES -A FTP -p tcp ! --syn -m state --state ESTABLISHED,RELATED -j ACCEPT
 $IPTABLES -A FTP -p tcp --syn -m recent --name ftp_block --update --seconds 600 -j REJECT --reject-with icmp-port-unreachable
 $IPTABLES -A FTP -p tcp --syn -m recent --name ftp_conn --rcheck --seconds 20 --hitcount 10 -j FTP_OnBruteForceAttacked
 $IPTABLES -A FTP -p tcp --syn -m recent --name ftp_conn --set
 $IPTABLES -A FTP -p tcp --syn -j ACCEPT
$IPTABLES -A INPUT -p tcp -m state --state NEW --dport 21 -j FTP
 $IPTABLES -A INPUT -p tcp --dport 1200:5000 -m state --state NEW -j ACCEPT
# tftp
 $IPTABLES -A INPUT -p udp --dport 69 -j ACCEPT
# dhcp
 $IPTABLES -A INPUT -p udp --dport 67 -j ACCEPT
 $IPTABLES -A INPUT -p udp --dport 4077 -j ACCEPT
 # dns
 $IPTABLES -A INPUT -p tcp --dport 53 -j ACCEPT
 $IPTABLES -A INPUT -p udp --dport 53 -j ACCEPT
 $IPTABLES -A INPUT -p udp --sport 53 -j ACCEPT
# smtp
 $IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 465 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 587 -j ACCEPT
# pop/imap
 $IPTABLES -A INPUT -p tcp --dport 110 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 143 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 993 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 995 -j ACCEPT
# munin
 $IPTABLES -A INPUT -p tcp --dport 4949 -j ACCEPT
# http/https
 $IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT
 $IPTABLES -A INPUT -p tcp --dport 443 -j ACCEPT
# mysql
 $IPTABLES -A INPUT -p tcp --dport 3306 -j ACCEPT
# GRE
 $IPTABLES -A INPUT -p 47 -j ACCEPT
# all
 $IPTABLES -A INPUT -j LOG --log-prefix "[INPUT Block] : "
#
 # Output Policy
 #
# trust
$IPTABLES -A OUTPUT -p icmp -j ACCEPT
 $IPTABLES -A OUTPUT -o lo -j ACCEPT
 $IPTABLES -A OUTPUT -d $trustnet -j ACCEPT
 $IPTABLES -A OUTPUT -d $admin02 -j ACCEPT
 $IPTABLES -A OUTPUT -d $admin03 -j ACCEPT
# related
 $IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# ident
 $IPTABLES -A OUTPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset
# whm/cpanel
 $IPTABLES -A OUTPUT -p tcp --dport 2086 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 2087 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 2082 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 2083 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 2095 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 2096 -j ACCEPT
$IPTABLES -A OUTPUT -p tcp --dport 2089 -j ACCEPT
# http/https
 $IPTABLES -A OUTPUT -p tcp --dport 80 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 443 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --sport 80 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --sport 443 -j ACCEPT
# ssh
 $IPTABLES -A OUTPUT -p tcp --dport 22 -j ACCEPT
# ftp
 $IPTABLES -A OUTPUT -p tcp --dport 21 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp -m state --state NEW --sport 20 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --sport 1200:5000 -j ACCEPT
# dns
 $IPTABLES -A OUTPUT -p tcp --dport 53 -j ACCEPT
 $IPTABLES -A OUTPUT -p udp --dport 53 -j ACCEPT
 $IPTABLES -A OUTPUT -p udp --sport 53 -j ACCEPT
# smtp
 $IPTABLES -A OUTPUT -p tcp --dport 25 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 465 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 587 -j ACCEPT
# pop/imap
 $IPTABLES -A OUTPUT -p tcp --dport 110 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 143 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 993 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 995 -j ACCEPT
# ntp
 $IPTABLES -A OUTPUT -p tcp --dport 123 -j ACCEPT
 $IPTABLES -A OUTPUT -p udp --dport 123 -j ACCEPT
# mysql
 $IPTABLES -A OUTPUT -p tcp --dport 3306 -j ACCEPT
# svn/git
 $IPTABLES -A OUTPUT -p tcp --dport 3690 -j ACCEPT
 $IPTABLES -A OUTPUT -p tcp --dport 9418 -j ACCEPT
# whois
 $IPTABLES -A OUTPUT -p tcp --dport 43 -j ACCEPT
# backup/rsync
 $IPTABLES -A OUTPUT -p tcp --dport 5801 -j ACCEPT
# traceroute
 $IPTABLES -A OUTPUT -p udp --dport 33434:33523 -m state --state NEW -j ACCEPT
$IPTABLES -A OUTPUT -p 47 -j ACCEPT
 # logging
 $IPTABLES -A OUTPUT -j LOG --log-prefix "[OUTPUT Block] : "
 $IPTABLES -A OUTPUT -j DROP

This entry was posted in Cpanel, Linux, Scripts, SSH and tagged , .

Howto: Run crone job in seconds

Posted on Updated on

Here I have wrote a simple scripts to execute crone jobs in seconds of time. Using this we can schedule a job less than a minute,

#This script  to sync files fro EBS storage to S3  mounted under /ebs /s3cloud
_Seconds=2
a=0

_Delay=$(echo "60/$_Seconds" | bc)

while true
do a=$((a+1))
if [ "$a" == "$_Delay" ]; then
 exit 0
else
 sleep $_Seconds
 /usr/bin/rsync -abvz --size-only /ebs/ /s3cloud/
fi
done

This entry was posted in Crone, Linux, Scripts and tagged , .