iptables allow port for ip

 

To allow only an ip to access a port use following iptables rule

iptables -I INPUT -p tcp -m tcp -s 192.168.2.20 --dport 8080 -j ACCEPT

Above iptables rule will allow only 192.168.2.20 to access port 8080 and reject all other ip addresses.

Similarly we can give any other ip address and port combination.

Crontab every 30 seconds

 

To run a cron every 30 seconds check following example:

* * * * * /path/to/your/script arg1 arg2
* * * * * (sleep 30; /path/to/your/script arg1 arg2)

In above example both commands will start at 0th second of every minute, but the second command will sleep for 30 seconds and then start.

Vim – highlight search keyword

 

By default search keyword won’t be highlighted in vim with Ubuntu OS.

To highlight search keyword we need to set hlsearch flag in vimrc.

Open /etc/vim/vimrc with sudo and append following line in it:

set hlsearch

After that save & exit from vimrc file. This will enable search keyword highlight across all vim sessions.

If you want to enable highlighting only for current session run following command in vim after opening a file:

:set hlsearch

Ansible – exclude host from playbook execution

By using –limit argument with ansible-playbook command we can exclude a host from playbook execution.
If hostname starts with “!” it will excluded from host execution.

Lets say if we want to exclude host1 and host2 from ansible-playbook execution use following command:

$ ansible-playbook --limit '!hoost1:!host2' yourPlaybook.yml

To exclude only host1 from execution use following command:

$ ansible-playbook --limit '!hoost1' yourPlaybook.yml

To execute only in host1 and host2 from execution use following command:

$ ansible-playbook --limit 'hoost1:host2' yourPlaybook.yml

To execute only in host1 use following command:

$ ansible-playbook --limit 'hoost1' yourPlaybook.yml

To exclude host1 and host2 from execution and allow execution only in host3:

$ ansible-playbook --limit '!hoost1:!host2:host3' yourPlaybook.yml

Python – check if ip is public or private

 

netaddr is a Python library for representing and manipulating network addresses.

Installing netaddr library:

Use any of following command to install netaddr library

$ sudo pip install netaddr
or
$ easy_install netaddr

Observe following example for more details:

>>> from netaddr import *
>>> IPAddress('74.125.236.194').is_private()
False
>>> IPAddress('192.168.1.10').is_private()
True
>>> IPAddress('127.0.0.1').is_loopback()
True

IPAddress(‘input ip’).is_private() will return true if the input ip address private, else it will return false.

Reference: Netaddr

Kibana connection failed elasticsearch 1.4

While trying to setup ELK(Elastic Search, Logstash and Kibana) I got an error saying “Connection Failed”

If you are suing elastic search version 1.4 or above this issue will occur.

To resolve it append following lines in elasticsearch.yml file(which is in config directory of elastic search):

http.cors.allow-origin: "/.*/"
http.cors.enabled: true

After adding above lines restart elasticsearch.

This should fix “Connection Failed” issue.

Ganglia – rrd remove negative spikes

 

By using rrdtool tune we can remove negative spikes from any rrd(round robin database).

Syntax:

$ rrdtool tune <RRD_FileName> --minimum ds-name:min

where, ds-name is the name you will use to reference this particular data source from an RRD.

min is minimum value, if we set minimum value of zero, it prevents negative rates.

In this example I am using test.rrd as my input rrd file.

To get ds-name first extract rrd file and with following command:

$ rrdtool dump test.rrd

Now look for following block in extracted data:

<ds>
<name> sum </name>
<type> GAUGE </type>
<minimal_heartbeat>240</minimal_heartbeat>
<min>NaN</min>
<max>NaN</max>

<!– PDP Status –>
<last_ds>0.600769042969</last_ds>
<value>0.0000000000e+00</value>
<unknown_sec> 0 </unknown_sec>
</ds>

In above output value between <name> and </name> is ds-name, so in above example sum is ds-name.

To remove negative run following commands:

#Set minimum value
$ rrdtool tune test.rrd --minimum sum:0
#Save new rrd
$ rrdtool dump test.rrd | rrdtool restore --range-check - test.rrd-fix
#Replace old rrd with new rrd
$ mv test.rrd-fix test.rrd

After running above 3 commands you wont see any negative values test.rrd

If the rrd is ganglia’s rrd you need to change permissions of rrd otherwise due to permissions new data won’t get updated to this rrd.

Use following command to change rrd permission:

$ chown nobody:root test.rrd

Python – find files in directory with extension

The glob module finds all the pathnames matching a specific pattern according to the rules used by the Unix Shell. No tilde expansion is done, but *, ?, and character ranges expressed with [] will be correctly matched.

Examples:

To list all files ending with *.txt in /home/guest directory:

>>> import glob
>>> glob.glob("/home/guest/*.txt")

Output:
[‘/home/guest/syslog.txt’, ‘/home/guest/mysql.txt’, ‘/home/guest/topics.txt’, ‘/home/guest/bus.txt’]

Similarly you can try others.

As mentioned above No tilde expansion will work, so following example will return empty list.

>>> glob.glob("~/guest/*.txt")

Output:
[]

Username and password with wget/curl

 

To download a url with basic authentication we need to pass username & password.

To acheive this functionality with wget or curl observer following examples:

With curl:

$ curl -u 'username:password' 'http://www.example.com'

With wget:

$ wget --user='username' --password='password' 'http://www.example.com'

Wget with cookie:

Login to server & save cookie to a file:
$ wget --save-cookies cookiesFile.txt --post-data 'user=username&password=password' http://www.example.com/login.html

Download a page by using saved cookie file:
$ wget --load-cookies cookiesFile.txt -p http://www.example.com/somecontent.html