1. create file slick-greeter.conf on /etc/lightdm/
sudo vim /etc/lightdm/slick-greeter.conf
------------------------------------------------------
[Greeter]
#background=/usr/share/backgrounds/Definitive_Light_Zen_Orange_by_Pierre_Cante.jpg
background=/usr/share/backgrounds/cat-login.jpg
-----------------------------------------------------
save file
2. bring your screen login to the folder /usr/share/backgrounds/
3. reboot
Ref:
Greeter
Friday, October 4, 2019
Tuesday, September 3, 2019
How to check if port is in use on Linux or Unix
How to check if port is in use on Linux or Unix
sudo lsof -i -P -n | grep LISTEN
sudo netstat -tulpn | grep LISTEN
sudo lsof -i:22 ## see a specific port such as 22 ##
sudo nmap -sTU -O IP-address-Here
Option #1: lsof command
$ sudo lsof -i -P -n
$ sudo lsof -i -P -n | grep LISTEN
$ doas lsof -i -P -n | grep LISTEN ### [OpenBSD] ###
Linux netstat syntax
netstat -tulpn | grep LISTEN
watch netstat -tulpn
sudo ss -tulw
sudo ss -tulwn
netstat -tulpn |grep tcp |grep -v 127.0.0.1 |grep -v 192.168.101.36
-v is invert matching (every thing except 127.0.0.1 and 192.168.101.36)
Where ss command options are as follows:
- -t : Show only TCP sockets on Linux
- -u : Display only UDP sockets on Linux
- -l : Show listening sockets. For example, TCP port 22 is opened by SSHD server.
- -p : List process name that opened sockets
- -n : Don’t resolve service names i.e. don’t use DNS
FreeBSD/MacOS X netstat syntax
$ netstat -anp tcp | grep LISTEN
$ netstat -anp udp | grep LISTENOpenBSD netstat syntax
$ netstat -na -f inet | grep LISTEN
$ netstat -nat | grep LISTENOption #3: nmap command
The syntax is:
You can combine TCP/UDP scan in a single command:$ sudo nmap -sT -O localhost
$ sudo nmap -sU -O 192.168.2.13 ##[ list open UDP ports ]##
$ sudo nmap -sT -O 192.168.2.13 ##[ list open TCP ports ]##$ sudo nmap -sTU -O 192.168.2.13A note about Windows users
You can check port usage from Windows operating system using following command:
netstat -bano | more
netstat -bano | grep LISTENING
netstat -bano | findstr /R /C:"[LISTEING]"Ref:
unix-linux-check-if-port-is-in-use-command
Thursday, July 4, 2019
How to install and use powershell on ubuntu
snap install powershell –classic
Run Powershell
#powershell
Connect to O365
Create file connect powershell
-------------------connect-exchangeonline.ps1-----------------------------
Set-ExecutionPolicy remotesigned
$UserCredential = (Get-Credential -Credential email@domain.com)
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
#Remove-PSSession $session
Connect-MsolService -Credential $UserCredential
-------------------End--------------------------------------------------------------
#PS /home/hades/Downloads> ./connect-exchangeonline.ps1
PowerShell credential request
Enter your credentials.
Password for user email@domain.com: *********
Success
Test command
Check version
PS /home/hades/Downloads> $PSVersionTable
Name Value
---- -----
PSVersion 6.2.1
PSEdition Core
GitCommitId 6.2.1
OS Linux 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019
Platform Unix
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
MFA
Connect Exopssession: Connect-EXOPSSession -UserPrincipalName email@yourdomain.com
Close power shell connection:Get-PSSession
Get-PSSession | Remove-PSSession
Create new Distribution group
New-DistributionGroup -Name "Group-test01" -DisplayName "Group test by hades" -Type "Security"
Check distribution group information?
Get-DistributionGroup -Identity "distribution group"
Get-DistributionGroup -Identity "distribution group" | Format-List
Get-DistributionGroup "distribution group" | Format-Table
* Show member on group with name and email address
Get-DistributionGroupMember "distribution group" | Format-Table Name, PrimarySMTPAddress -Auto
Check list member email on Distribution group
Get-DistributionGroupMember -Identity "distribution group" | Format-Table Name, Alias, PrimarySMTPAddress -Auto
* Export email form distribute group
Get-DistributionGroupMember -Identity "distribution group" ` | Select-Object Displayname,Name,PrimarySMTPAddress ` | Export-CSV -Path "/home/User/Downloads/distribution group.csv" -Encoding UTF8
* Import email form distribute group
1. create new file .csv like Distibute group.csv and input data like this see below.
-----------------Distibute group.csv---------------
name,emailaddress
jack,jack@domain.com
mack,mack@domain.com
---------------------------------------------
2. run command
Import-Csv group.csv | foreach {Add-DistributionGroupMember -Identity "Distibute group" -Member $_.name}
Add member to distribution group
Add-DistributionGroupMember -Identity "distribution group" -Member "email@domain.com"
Remove distribution group and Member in group
Remove-DistributionGroupMember -Identity "distribution group"
Remove-DistributionGroupMember -Identity "distribution group" -Member "email@domain.com"
View all O365group list
Get-UnifiedGroup -Identity *
View member on O365 group list
Get-UnifiedGroup -Identity groupname | Get-UnifiedGroupLinks -LinkType Member | Format-Table Name, PrimarySMTPAddress
View member on O365 subscribers list ตรวจสอบกรณีคนในกลุ่ม O365 ไม่ได้รับเมล
Get-UnifiedGroupLinks -Identity groupname@domain.com -LinkType subscribers
ให้แอดเพิ่มเข้าไป ด้วยคำสั่งนี้
Add-UnifiedGroupLinks -Identity groupname@domain.com -LinkType subscribers -Links email1@domain.com
Unsubscribers member O365 group
Remove-UnifiedGroupLinks -Identity "groupname" -LinkType Members -Links abc.d@domain.com,abcde.f@domain.com
Export member on O365 group list
Get-UnifiedGroup -Identity groupname | Get-UnifiedGroupLinks -LinkType Member | select Name, PrimarySMTPAddress |Export-Csv C:\Users\user01\Documents\groupname.csv
Add Owner distribution group
-Check owner on distribution
Get-DistributionGroup -Anr "distribution name" | Format-Table Name, ManagedBY, Alias, Email -Auto
-Replace
Set-DistributionGroup "distribution group" -ManagedBy "email@domain.com" -BypassSecurityGroupManagerCheck
-Add more one email
Set-DistributionGroup "distribution group" -ManagedBy 'admin01','admin02','systemadmin' -BypassSecurityGroupManagerCheck
Get mailbox permission
Get-MailboxPermission "user1"
Add Full access mailbox permission : user2 full access user1
Add-MailboxPermission -Identity "user1" -User "user2" -AccessRights FullAccess -InheritanceType All
Remove Full access mailbox permission
Remove-MailboxPermission -Identity "user1" -User "user2" -AccessRights FullAccess -InheritanceType All
Get Last login:
Get-MailboxStatistics "user1"
Get Mailbox size:
Get-MailboxStatistics "user1" | ft DisplayName, TotalItemSize, ItemCount
Get All Mailbox
Get-Mailbox | Select-Object DisplayName, primarySMTPAddress
Get one mailbox
Get-Mailbox "user1" | Select-Object DisplayName, primarySMTPAddress
Display the list of a SMTP aliases and the primary address
Get-Mailbox "user1" | fl EmailAddresses, PrimarySmtpAddresses
Add Permission Calendar access mailbox
Add-MailboxFolderPermission -Identity "user1:\Calendar" -User "user2" -AccessRights Reviewer
Add permission Calendar access Default to Reviewer
Set-MailboxFolderPermission -Identity "user1:\Calendar" -User Default -AccessRights Reviewer
Set permission Calendar access Default (back)
Set-MailboxFolderPermission -Identity "user1:\Calendar" -User Default -AccessRights AvailabilityOnly
View permission calendar who access mailbox
Get-MailboxFolderPermission -Identity "user1:\Calendar"
foreach($i in Get-Mailbox -ResultSize 100 -Filter 'DisplayName -like "*ห้องประชุม*"') {Get-MailboxFolderPermission $($i.Alias + ":\Calendar")| Select-Object Identity,User,AccessRights | Sort-Object Identity}
* -ResultSize Unlimited
Delete user access pemission calendar
Remove-MailboxFolderPermission -Identity "user1:\Calendar" -User "user2"
View number of account license
Get-MsolAccountSku
Get all assigned License office O365
Get-MsolUser -All | Where-Object { ($_.licenses).AccountSkuId -match "nanyangtextilegroup:STANDARDPACK" } | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State,WhenCreated | Export-Csv C:\Users\hades\Documents\allmaillicense2-1.csv
Get-MsolUser -MaxResults 10 | Where-Object { ($_.licenses).AccountSkuId -match "nanyangtextilegroup:STANDARDPACK" } | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State,WhenCreated | Format-Table
Get-MsolUser -All | Where-Object { $_.isLicensed -eq "E1" } | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State,WhenCreated | Export-Csv C:\Users\hades\Documents\allmaillicense2-1.csv
Get all Unlicense office O365
Get-MsolUser -UnlicensedUsersOnly | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State | Export-Csv C:\Users\hades\Documents\unlicense.csv
Get all email user on Department "QA"
Get-MsolUser -MaxResults 1000 | where {$_.Department -eq "QA"} | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State | Format-Table
Get all email user by Contry "Vietnam"
Get-MsolUser -MaxResults 1000 | where {$_.Country -eq "Vietnam"} | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State | Format-Table
Get view detail email
Get-MsolUser -All | where {$_.DisplayName -eq "ABC DEFC"} | Select-Object DisplayName,UserPrincipalName,Department,Title,Country,State,WhenCreated | Format-Table
Display a list of users who haven’t changed their passwords for more than 90 days:
Get-MsolUser -MaxResults 20 | Where-Object { $_.LastPasswordChangeTimestamp -lt (Get-Date).AddDays(-90)} | Select-Object DisplayName,UserPrincipalName,LastPasswordChangeTimestamp,Licenses,PasswordNeverExpires | Format-Table
Change new password email with Powershell
Set-MsolUserPassword -UserPrincipalName user1@onmicrosoft.com -NewPassword P@SSw0rd!
Rebuild Index email O365
New-MoveRequest -Identity user1@domain.com
Check status rebuild Index
Get-MoveRequest -Identity user1@domain.com
Get mail Inbox Forwarding
Get-Mailbox -ResultSize 2000 | select UserPrincipalName,ForwardingSmtpAddress,DeliverToMailboxAndForward | Export-csv Office365Forwards.csv -NoTypeInformation
Get email Forwarding
Get-Mailbox email@domain.com | FL DeliverToMailboxAndForward,ForwardingAddress,ForwardingSmtpAddress
Create new external contact
New-MailContact -Name "My-gmail" -ExternalEmailAddress email@gmail.com
Display user not set Archive
Get-Mailbox -Filter {ArchiveStatus -Eq "None" -AND RecipientTypeDetails -eq "UserMailbox"}
Check for Archive status for some user
Search and Delete mail by Subject
2. Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery 'Subject:"subject send mail"' -DeleteContent
Search-Mailbox "sourcmail" -TargetMailbox "targetmail" -TargetFolder "TargetFolder" -LogLevel Full
Check archive In-place size
Ref:
get-msoluser
office-365-powershell-commands
how-to-install-microsoft-powershell-on-ubuntu
forward email
search and delete mail
copy mailbox
MFA Function
Connect-MsolService
Close power shell connection:Get-PSSession
Get-PSSession | Remove-PSSession
New-DistributionGroup -Name "Group-test01" -DisplayName "Group test by hades" -Type "Security"
Check distribution group information?
Get-DistributionGroup -Identity "distribution group"
Get-DistributionGroup -Identity "distribution group" | Format-List
Get-DistributionGroup "distribution group" | Format-Table
* Set receive mail from out side
Get-DistributionGroup -Identity Group name | Set-DistributionGroup -RequireSenderAuthenticationEnabled $False
* Show member on group with name and email address
Get-DistributionGroupMember "distribution group" | Format-Table Name, PrimarySMTPAddress -Auto
Check list member email on Distribution group
Get-DistributionGroupMember -Identity "distribution group" | Format-Table Name, Alias, PrimarySMTPAddress -Auto
* Export email form distribute group
Get-DistributionGroupMember -Identity "distribution group" ` | Select-Object Displayname,Name,PrimarySMTPAddress ` | Export-CSV -Path "/home/User/Downloads/distribution group.csv" -Encoding UTF8
* Import email form distribute group
1. create new file .csv like Distibute group.csv and input data like this see below.
-----------------Distibute group.csv---------------
name,emailaddress
jack,jack@domain.com
mack,mack@domain.com
---------------------------------------------
2. run command
Import-Csv group.csv | foreach {Add-DistributionGroupMember -Identity "Distibute group" -Member $_.name}
Add member to distribution group
Add-DistributionGroupMember -Identity "distribution group" -Member "email@domain.com"
Remove distribution group and Member in group
Remove-DistributionGroupMember -Identity "distribution group"
Remove-DistributionGroupMember -Identity "distribution group" -Member "email@domain.com"
View all O365group list
Get-UnifiedGroup -Identity *
View member on O365 group list
Get-UnifiedGroup -Identity groupname | Get-UnifiedGroupLinks -LinkType Member | Format-Table Name, PrimarySMTPAddress
View member on O365 subscribers list ตรวจสอบกรณีคนในกลุ่ม O365 ไม่ได้รับเมล
Get-UnifiedGroupLinks -Identity groupname@domain.com -LinkType subscribers
ให้แอดเพิ่มเข้าไป ด้วยคำสั่งนี้
Add-UnifiedGroupLinks -Identity groupname@domain.com -LinkType subscribers -Links email1@domain.com
Unsubscribers member O365 group
Remove-UnifiedGroupLinks -Identity "groupname" -LinkType Members -Links abc.d@domain.com,abcde.f@domain.com
Export member on O365 group list
Get-UnifiedGroup -Identity groupname | Get-UnifiedGroupLinks -LinkType Member | select Name, PrimarySMTPAddress |Export-Csv C:\Users\user01\Documents\groupname.csv
Add Owner distribution group
-Check owner on distribution
Get-DistributionGroup -Anr "distribution name" | Format-Table Name, ManagedBY, Alias, Email -Auto
-Replace
Set-DistributionGroup "distribution group" -ManagedBy "email@domain.com" -BypassSecurityGroupManagerCheck
-Add more one email
Set-DistributionGroup "distribution group" -ManagedBy 'admin01','admin02','systemadmin' -BypassSecurityGroupManagerCheck
Get mailbox permission
Get-MailboxPermission "user1"
Add Full access mailbox permission : user2 full access user1
Add-MailboxPermission -Identity "user1" -User "user2" -AccessRights FullAccess -InheritanceType All
Remove Full access mailbox permission
Remove-MailboxPermission -Identity "user1" -User "user2" -AccessRights FullAccess -InheritanceType All
Get Last login:
Get-MailboxStatistics "user1"
Get Mailbox size:
Get-MailboxStatistics "user1" | ft DisplayName, TotalItemSize, ItemCount
Get All Mailbox
Get-Mailbox | Select-Object DisplayName, primarySMTPAddress
Get one mailbox
Get-Mailbox "user1" | Select-Object DisplayName, primarySMTPAddress
Display the list of a SMTP aliases and the primary address
Get-Mailbox "user1" | fl EmailAddresses, PrimarySmtpAddresses
Add Permission Calendar access mailbox
Add-MailboxFolderPermission -Identity "user1:\Calendar" -User "user2" -AccessRights Reviewer
Add permission Calendar access Default to Reviewer
Set-MailboxFolderPermission -Identity "user1:\Calendar" -User Default -AccessRights Reviewer
Set permission Calendar access Default (back)
Set-MailboxFolderPermission -Identity "user1:\Calendar" -User Default -AccessRights AvailabilityOnly
View permission calendar who access mailbox
Get-MailboxFolderPermission -Identity "user1:\Calendar"
foreach($i in Get-Mailbox -ResultSize 100 -Filter 'DisplayName -like "*ห้องประชุม*"') {Get-MailboxFolderPermission $($i.Alias + ":\Calendar")| Select-Object Identity,User,AccessRights | Sort-Object Identity}
* -ResultSize Unlimited
Delete user access pemission calendar
Remove-MailboxFolderPermission -Identity "user1:\Calendar" -User "user2"
View number of account license
Get-MsolAccountSku
Get all assigned License office O365
Get-MsolUser -All | Where-Object { ($_.licenses).AccountSkuId -match "nanyangtextilegroup:STANDARDPACK" } | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State,WhenCreated | Export-Csv C:\Users\hades\Documents\allmaillicense2-1.csv
Get-MsolUser -MaxResults 10 | Where-Object { ($_.licenses).AccountSkuId -match "nanyangtextilegroup:STANDARDPACK" } | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State,WhenCreated | Format-Table
Get-MsolUser -All | Where-Object { $_.isLicensed -eq "E1" } | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State,WhenCreated | Export-Csv C:\Users\hades\Documents\allmaillicense2-1.csv
Get all Unlicense office O365
Get-MsolUser -UnlicensedUsersOnly | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State | Export-Csv C:\Users\hades\Documents\unlicense.csv
Get all email user on Department "QA"
Get-MsolUser -MaxResults 1000 | where {$_.Department -eq "QA"} | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State | Format-Table
Get all email user by Contry "Vietnam"
Get-MsolUser -MaxResults 1000 | where {$_.Country -eq "Vietnam"} | Select-Object DisplayName,UserPrincipalName,Licenses,Department,Title,Country,State | Format-Table
Get view detail email
Get-MsolUser -All | where {$_.DisplayName -eq "ABC DEFC"} | Select-Object DisplayName,UserPrincipalName,Department,Title,Country,State,WhenCreated | Format-Table
Display a list of users who haven’t changed their passwords for more than 90 days:
Get-MsolUser -MaxResults 20 | Where-Object { $_.LastPasswordChangeTimestamp -lt (Get-Date).AddDays(-90)} | Select-Object DisplayName,UserPrincipalName,LastPasswordChangeTimestamp,Licenses,PasswordNeverExpires | Format-Table
Change new password email with Powershell
Set-MsolUserPassword -UserPrincipalName user1@onmicrosoft.com -NewPassword P@SSw0rd!
Rebuild Index email O365
New-MoveRequest -Identity user1@domain.com
Check status rebuild Index
Get-MoveRequest -Identity user1@domain.com
Get mail Inbox Forwarding
Get-Mailbox -ResultSize 2000 | select UserPrincipalName,ForwardingSmtpAddress,DeliverToMailboxAndForward | Export-csv Office365Forwards.csv -NoTypeInformation
Get email Forwarding
Get-Mailbox email@domain.com | FL DeliverToMailboxAndForward,ForwardingAddress,ForwardingSmtpAddress
Create new external contact
New-MailContact -Name "My-gmail" -ExternalEmailAddress email@gmail.com
Display user not set Archive
Get-Mailbox -Filter {ArchiveStatus -Eq "None" -AND RecipientTypeDetails -eq "UserMailbox"}
Check for Archive status for some user
Get-mailbox usermail|fl ArchiveStatus
Get-Mailbox usermail |fl ArchiveStatus,Archivedatabase,Archiveguid
Enable Archive all
Get-Mailbox -Filter {ArchiveStatus -Eq "None" -AND RecipientTypeDetails -eq "UserMailbox"} | Enable-Mailbox –Archive
Enable one person
Enable-Mailbox -Identity "user mail” -Archive
Example : Enable-Mailbox -Identity "akom.b” -Archive
Search and Delete mail by Subject
| 1. Search-Mailbox -Identity "email@domain.com" -SearchQuery 'Subject:"subject send mail"' -DeleteContent |
Copy all email from one to another mail
example: Search-Mailbox "email.a" -TargetMailbox "email.c" -TargetFolder "Email User" -LogLevel Full
Check archive In-place size
get-msoluser
office-365-powershell-commands
how-to-install-microsoft-powershell-on-ubuntu
forward email
search and delete mail
copy mailbox
Wednesday, May 29, 2019
check disk size sort by bigger
sudo apt install tree
tree -ihafF /home | tr '[]' ' '|sort -k1hr|head -10
tree -ihafF /home | tr '[]' ' '|sort -k1hr|head -10
Tuesday, April 2, 2019
Install monitorix and reset password
sudo htpasswd -d -c /var/lib/monitorix/htpasswd admin
New password: Re-type new password: Adding password for user adminInstall monitorix
Thursday, March 21, 2019
ปรับแต่งสคริป send mail alert โดยให้ส่งผ่าน smtp ที่ต้องการ
ปรับแต่งสคริป เพื่อให้ส่งเมลผ่านไปยัง smtp ที่เราทำไว้สำหรับส่งเมล ไม่ให้ส่งออกจากเครื่อง Server นั้น ๆ
สคริป
echo "Check all health hard disk backup complete" | mail -S smtp=IP:PORT -s "Check smart disk on Data Center was completed" -r noreply@domain.com -q /root/checkhealthdisk.txt -v admin@domain.com
คำอธิบาย
สคริป
echo "Check all health hard disk backup complete" | mail -S smtp=IP:PORT -s "Check smart disk on Data Center was completed" -r noreply@domain.com -q /root/checkhealthdisk.txt -v admin@domain.com
คำอธิบาย
- echo "Check all health hard disk backup complete" ใส่ข้อความเข้าไปในส่วนล่างสุดของเมล
- mail -S smtp=IP:PORT ใส่ค่า smtp server ที่ต้องการเช่น 192.168.0.2 และพอร์ต 25 ตัวอย่าง 192.168.0.2:25
- -s "Check smart disk on Data Center was completed" คือ Subject mail
- -r noreply@domain.com คือ Sender mail
- -q /root/checkhealthdisk.txt คือ กรณีมีไฟล์ที่ต้องการแนบไปในเมล
- -v admin@domain.com คือ Receive mail (ผู้ร้บเมล)
Thursday, March 7, 2019
saslauthd + postfix + debian 9
1. install debian 9
2. install postfix
apt install postfix mailutils dovecot-core dovecot-imapd
ref: install-postfix-mail-server-with-webmail-in-debian
3. install saslauthd
apt install sasl2-bin
4. vim /etc/default/saslauthd
START=yes
NAME="saslauthd"
MECHANISMS="pam"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
5. create file smtpd.conf
vim /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
9. configure iptables
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 13.228.34.209 -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 55001 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 161 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 162 -j ACCEPT
iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP
iptables -A OUTPUT -j DROP
For save rule
CentOS
#/sbin/service iptables save
#service netfilter-persistent restart
For View rule
#iptables -t filter -L INPUT --line-numbers -n
#iptables -L --line-numbers
For Insert rul
#iptables -I INPUT 45 -p tcp -m tcp --dport 8081 -j ACCEPT
-I คือ Insert
45 คือลำดับที่ 45 ใน INPUT
Fore Delete rule
#iptables -D INPUT numbers
example:
#iptables -D INPUT 10
Ref: easy-debian-9-server-firewall/
2. install postfix
apt install postfix mailutils dovecot-core dovecot-imapd
ref: install-postfix-mail-server-with-webmail-in-debian
3. install saslauthd
apt install sasl2-bin
4. vim /etc/default/saslauthd
START=yes
NAME="saslauthd"
MECHANISMS="pam"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
5. create file smtpd.conf
vim /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
6. edit /etc/postfix/master.conf
## Enable SMTP on port 587 only for authenticated/TLS clients
submission inet n - - - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
## Enable SMTP on port 465 only for authenticated/SSL clients
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
7. create SSL
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
7. create SSL
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
vim /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_use_tls=yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = server.domain.com
mydomain = domain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, server.domain.com, domain.com, localhost.domain.com, , localhost
relayhost =
#mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks = 172.16.0.0/16, 192.168.0.0/16, 127.0.0.0/8, 10.10.12.0/24, 10.10.13.0/24, 10.10.14.0/24, 10.10.15.0/24, 10.10.18.0/24, 10.10.19.0/24
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
# SMTP-Auth settings
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,permit_auth_destination,reject
9. configure iptables
# Install IPTables Persistent Package
apt-get install -y iptables-persistent
# Add netfilter-persistent Startup
invoke-rc.d netfilter-persistent save
# Start netfilter-persistent Service
service netfilter-persistent start
root@mailgw:~# iptables -A INPUT -i lo -j ACCEPT root@mailgw:~# iptables -A OUTPUT -o lo -j ACCEPT root@mailgw:~# iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT root@mailgw:~# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT root@mailgw:~# iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT#Add rule
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 13.228.34.209 -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 55001 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 161 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 162 -j ACCEPT
iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP
iptables -A OUTPUT -j DROP
For save rule
CentOS
#/sbin/service iptables save
#service netfilter-persistent restart
For View rule
#iptables -t filter -L INPUT --line-numbers -n
service netfilter-persistent restart#iptables -L -v
#iptables -L --line-numbers
For Insert rul
#iptables -I INPUT 45 -p tcp -m tcp --dport 8081 -j ACCEPT
-I คือ Insert
45 คือลำดับที่ 45 ใน INPUT
Fore Delete rule
#iptables -D INPUT numbers
example:
#iptables -D INPUT 10
Ref: easy-debian-9-server-firewall/
Thursday, February 21, 2019
check hard disk status Raid 10
Install the new storcli to manage (LSI/AVAGO/Broadcom) MegaRAID controller under CentOS 7
Check Raid on CentOs 7
lspci | grep Megalspci | grep -i raid1. Download Software
2. Install
unzip 007.0709.0000.0000_Unified_StorCLI.zip
unzip Unified_storcli_all_os.zip
yum install ./Unified_storcli_all_os/Linux/storcli-007.0709.0000.0000-1.noarch.rpm
3. command for check disk on Raid
/opt/MegaRAID/storcli/storcli64 /c0 show all - Long detail
/opt/MegaRAID/storcli/storcli64 /c0 /eall /sall show - Short detail
4. check serail number
/opt/MegaRAID/storcli/storcli64 /c0/eAll/sAll show all | egrep 'Device attributes|SN|Manufacturer|Model Number|Raw size|Speed'
* mdadm --query --detail /dev/md126
Tuesday, February 12, 2019
การ Base64 Decode
URL Decode
การแกะรหัสจากการดู Message source code mail
https://codebeautify.org/base64-decode
copy เพราะ code ด่านล่างไปวาง แล้วกด decode จะได้ข้อมูลออกมา
การแกะรหัสจากการดู Message source code mail
https://codebeautify.org/base64-decode
copy เพราะ code ด่านล่างไปวาง แล้วกด decode จะได้ข้อมูลออกมา
Subscribe to:
Posts (Atom)