Is your firewall blocking connection from a host and still you want to unblock the IP address of the remote host? Here is one way of doing it:

1. Do a listing of firewall rules and grep the IP (eg. 1.2.3.4)
$ /sbin/iptables -L INPUT -n –line-numbers | grep 1.2.3.4

-write down the line number.
-If the chain name is different or user defined, replace “INPUT” by the relevant chain name such as OUTPUT.

2. Delete the line number (eg. for line number 99 and chain INPUT)

$/sbin/iptables -D INPUT 99

@credit to: http://www.cyberciti.biz/faq/iptables-delete-ip-address-subnet-from-linux-firewall/

Normally if you want to block all requests to and from an IP address, iptables is an ideal solution. A rule similar to this one would be handy

/sbin/iptables -A INPUT -s 1.2.3.4 -j DROP

What if you want to block that IP without using iptables, route command would do the job

 /sbin/route add -host 1.2.3.4 reject

-List files opened by a program listening on a certain port (lsof -i:port)
# lsof -i:3306

-Benchmark the performance of a webserver
#ab -n 100 -c 5 http://www.sample-mysite.com/test.php
Send 100 request with 5 concurrent connections.

-Search for a string/pattern in all subdirectories of the given path
# find /my/path -exec grep “hairy” {} /dev/null \;

Tips on changing file permissions in bulk.

First command – changes all files under the current directory to 700 file mode.

find . -type d -exec chmod 0700 {} \;

Second command – changes all directories under the current directory to 600 mode.

find . -type f -exec chmod 0600 {} \;

The ‘history’ commands does not display the exact date and time of the commands executed. It just shows a numeric id followed by  the command executed by the current user. Here is one way of putting a time stamp –

# export HISTTIMEFORMAT=’%F %T >> ‘

To make sure that it works every time you login or restart your machine, put it in $HOME/.bash_profile

Some times you might be able to execute very complex commands and write pages of shell scripts and yet find your-self in a clueless situation, like the seemingly mundane task of setting the data/time in your Linux box from the command line. Here are a couple of ways that might help –

1. Using /etc/localtime and /usr/share/zoneinfo

Create a link to the file in /usr/share/zoneinfo which contains the time zone you want to set your clock to.

#ln -s /usr/share/zoneinfo/America/New_York /etc/localtime

2. Edit /etc/sysconfig/clock

#vi /etc/sysconfig/clock

-set the “ZONE” variable to your region – like “US/Central”

3.  Export command

#Export TZ=America/New_York

4. Simply the date command

format-> #date MMDDhhmmYYYY

#date 070913312010

5. Hardware clock

#hwclock –set –date=”07/09/2010 13:19:55″

One of the things which makes Linux more appealing is the capability to send email from command line, without logging to a webmail account or configuring your mail client like Outlook express. While working on the command line, you can send an attachment too, but the problem with this is file attachments like pdf or jpg appear as garbled text to the receiver. The solution? Another cool opensource software: uuencode. Download uuencode from this site for ubuntu: http://packages.ubuntu.com/dapper/i386/sharutils/download.

Usage: Suppose you want to send a pdf file(‘climatechange.pdf’) to a recipient address mrxyz@hisdomain.com. Then type the following command:

$uuencode climatechange.pdf climatechange.pdf | mails -s “climate change document” mrxyz@hisdomain.com

The pdf document wil appear as an attachment on the recipients side. Read More

If your ftp server is behind a NAT router, the regular ftps configuration steps you find in most tutorials in the Internet may not work for you. Hope these steps help.
1. Chroot (chain or jail) users to their home directory by adding the line below to proftpd.conf
DefaultRoot ~
2. Generate certificate keys, in this case, in the directory /etc/proftpd/ssl/
$openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/server.cert.pem -keyout /etc/proftpd/ssl/server.key.pem
3. Add this lines to proftpd.conf
TLSEngine                  on
TLSLog                     /var/log/proftpd/tls.log
TLSProtocol                SSLv23
TLSOptions                 NoCertRequest
TLSRSACertificateFile      /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile   /etc/proftpd/ssl/proftpd.key.pem
TLSVerifyClient            off
TLSRequired                on
4. Allow a range of passive ports to be forwarded to your ftp server by the firewall and set those ports in your ftp config fil – proftpd.conf in this case.
PassivePorts 60000 60100
5. Masquerade the ftp server’s address to the external IP of the NAT server/router.
MasqueradeAddress x.x.x.x