Shaun's Wiki

User Tools

Site Tools

Trace: solaris sidebar linux oracle_goldengate oracle
linux

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
linux [2018/09/11 11:39]
ss_wiki_admin 		linux [2020/03/06 13:53] (current)
ss_wiki_admin
Line 1: Line 1:
 +==== Memory ====
 +== Identify memory usage of TIME_WAIT sockets ==
 +<code bash>
 +slabtop -o | grep -E '(^  OBJS|tw_sock_TCP|tcp_bind_bucket)'
 +  OBJS ACTIVE  USE OBJ SIZE  SLABS OBJ/SLAB CACHE SIZE NAME
 + 13104   5813  44%    0.03K    117      112       468K tcp_bind_bucket
 +  6900   6408  92%    0.19K    345       20      1380K tw_sock_TCP
 +</code>
 +
 ==== OpenSSH ==== ==== OpenSSH ====
 Because SSH is incredible.\\ Because SSH is incredible.\\
Line 26: Line 35:
    ProxyJump shaun@intermediary1.server:22,shaun@intermediary2.server:22    ProxyJump shaun@intermediary1.server:22,shaun@intermediary2.server:22
    User shaun    User shaun
 +</code>
 +
 +== SSH as a VPN ==
 +<code bash>
 +ssh -NTCf -w 0:0 <destination>
 +
 +# Machine A
 +ip link set tun0 up
 +ip addr add 10.0.0.100/32 peer 10.0.0.200 dev tun0
 +
 +# Machine B
 +ip link set tun0 up
 +ip addr add 10.0.0.200/32 peer 10.0.0.100 dev tun0
 +
 +# Add a route for target network on Machine B
 +ip route add 10.0.0.0/24 via 10.0.0.200
 +
 +#This allows us to send packets from Machine B to any IP address on Network A, via Machine A. 
 +#To ensure that packets have a route back to Machine B add an arp entry on Machine A:
 +
 +arp -sD 10.0.0.200 eth0 pub
 +
 +#This sets a published arp destination for 10.0.0.200 to Machine A (proxy-ARP). 
 +
 +# Kernel packet forwarding must be enabled for the routing bits
 +echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
 +
 </code> </code>
  
Line 35: Line 71:
 ==== Filesystems ==== ==== Filesystems ====
 [[xfs]]\\ [[xfs]]\\
-[[ext4]] +[[ext4]]\\ 
-[[recovery]]+[[recovery]]\\
  
 == Get detailed memory chip information == == Get detailed memory chip information ==
Line 68: Line 104:
         Configured Clock Speed: 1066 MHz         Configured Clock Speed: 1066 MHz
 </code> </code>
 +
 +==== OpenSSL ====
 +==Convert .crt to .pem==
 +<code>
 +openssl x509 -in certificate.crt -out certificate.pem -outform PEM
 +</code>
 +
 +== View certificate and key ==
 +<code bash>
 +openssl x509 -noout -text -in server.crt
 +openssl rsa -noout -text -in server.key
 +</code>
 +
 +== Verify certificate matches key ==
 +The `modulus' and the `public exponent' portions in the key and the Certificate must match. But since the public exponent is usually 65537 and it's bothering comparing long modulus you can use the following approach:
 +<code bash>
 +openssl x509 -noout -modulus -in server.crt | openssl md5
 +openssl rsa -noout -modulus -in server.key | openssl md5
 +</code>
 +
 +== Check which key or cert belongs to a CSR ==
 +<code bash>
 +openssl req -noout -modulus -in server.csr | openssl md5
 +</code>
 +
 +== Show local certificate details ==
 +<code bash>
 +openssl s_client -showcerts -servername www.virtualhost.co.za -connect localhost:443 </dev/null | openssl x509 -text
 +</code>
 +
 +==== Tcpdump ====
 +Dump TCP Rsets
 +<code bash>
 +tcpdump -fnni bond0:-nnvvS 'tcp[tcpflags] & (tcp-rst) != 0'
 +</code>
 +
 +==== Other ====
 +== Conceal process in 'ps'==
 +<code bash>
 +echo FakeProcName > /tmp/cmdline
 +mount -n --bind -o ro /tmp/cmdline /proc/<pid>/cmdline
 +
 +ps -ef | grep FakeProcName
 +</code>
 +
 +== speedtest == 
 +<code bash>
 +curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
 +</code>
 +
 +== get kernel debuginfo packages for systemtap and crash ==
 +
 +For Unbreakable Enterprise Kernel:
 +<code bash>
 +export DLP="https://oss.oracle.com/ol7/debuginfo"
 +wget ${DLP}/kernel-uek-debuginfo-`uname -r`.rpm
 +wget ${DLP}/kernel-uek-debuginfo-common-`uname -r`.rpm
 +</code>
 +
 +For Red Hat Compatible Kernel:
 +<code bash>
 +export DLP="https://oss.oracle.com/ol7/debuginfo"
 +wget ${DLP}/kernel-debuginfo-`uname -r`.rpm
 +    # wget ${DLP}/kernel-debuginfo-common-`uname -r`.rpm
 +</code>
 +
 +Install
 +<code bash>
 +rpm -Uhv kernel-uek-debuginfo-4.1.12-112.14.15.el7uek.x86_64.rpm \
 + kernel-uek-debuginfo-common-4.1.12-112.14.15.el7uek.x86_64.rpm
 +</code>
 +
 +== Get interrupts causing high system time ==
 +<code>
 +sar -I XALL 1 | grep -v 0.00 
 +</code> 
 +
 +==== Iptables ====
 +== icmp rate limiting ==
 +<code bash>
 +  iptables -A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/second --limit-burst 1 -j ACCEPT
 +  iptables -A OUTPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/second --limit-burst 1 -j ACCEPT
 +</code>
 +
 +
 +
 +[[Oracle Enterprise Linux]]
linux.1536665986.txt.gz · Last modified: 2019/09/16 16:10 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki