docker kill $(docker ps -q) docker_clean_ps docker rmi $(docker images -a -q)
Author Archives: alfred
Block the traffic of a particular IP using iptables
sudo iptables -A FORWARD -s IP-ADDRESS -j DROP
#!/bin/bash
# Check if an IP address is provided
if [ -z "$1" ]; then
echo "Usage: $0 <IP_ADDRESS>"
exit 1
fi
IP_ADDRESS=$1
echo "Blocking IP: $IP_ADDRESS"
# Add iptables rule to block the IP
sudo iptables -A INPUT -s $IP_ADDRESS -j DROP
echo "IP $IP_ADDRESS has been blocked."
Linux QoS traffic shaping
#! /bin/bash
NETCARD=eth0
MAXBANDWIDTH=100000
# reinit
tc qdisc del dev $NETCARD root handle 1
tc qdisc add dev $NETCARD root handle 1: htb default 9999
# create the default class
tc class add dev $NETCARD parent 1:0 classid 1:9999 htb rate $(( $MAXBANDWIDTH ))kbit ceil $(( $MAXBANDWIDTH ))kbit burst 5k prio 9999
# control bandwidth per IP
declare -A ipctrl
# define list of IP and bandwidth (in kilo bits per seconds) below
ipctrl[192.168.1.1]="256"
ipctrl[192.168.1.2]="128"
ipctrl[192.168.1.3]="512"
ipctrl[192.168.1.4]="32"
mark=0
for ip in "${!ipctrl[@]}"
do
mark=$(( mark + 1 ))
bandwidth=${ipctrl[$ip]}
# traffic shaping rule
tc class add dev $NETCARD parent 1:0 classid 1:$mark htb rate $(( $bandwidth ))kbit ceil $(( $bandwidth ))kbit burst 5k prio $mark
# netfilter packet marking rule
iptables -t mangle -A INPUT -i $NETCARD -s $ip -j CONNMARK --set-mark $mark
# filter that bind the two
tc filter add dev $NETCARD parent 1:0 protocol ip prio $mark handle $mark fw flowid 1:$mark
echo "IP $ip is attached to mark $mark and limited to $bandwidth kbps"
done
#propagate netfilter marks on connections
iptables -t mangle -A POSTROUTING -j CONNMARK --restore-mark
Reference link: https://serverfault.com/questions/191560/how-can-i-do-traffic-shaping-in-linux-by-ip
DNSMASQ China List
DHCP Server
dhcp-range=tap_unibits,100.64.0.10,100.64.7.250,255.255.248.0,5m dhcp-option=3,100.64.0.1 dhcp-option=6,8.8.8.8 dhcp-option=6,8.8.4.4
Path of Munin RRD files
/var/lib/munin
If all RRD files are deleted, the graph will be reset.
Update Munin to collect data every 1 min
vi /etc/cron.d/munin Change the */5 to */1
Update Cloudflare DNS using ddclient
-
apt-get install ddclient
-
mkdir /etc/ddclient
-
copy ddclient.conf to /etc/ddclient
-
scp ddclient-3.9.0/ddclient alfred@172.16.13.250:/tmp
-
copy ddclient-3.9.0/ddclient to /usr/sbin/
-
scp /etc/default/ddclient to target server
-
copy /etc/default/ddclient to target server's /etc/default/ddclient
-
apt-get install libdata-validate-ip-perl apt-get install libjson-any-perl
Remark: Need to use "systemctl start ddclient.service" to start the service
PPPoE connection retires infinitely
add this in your dsl-provider conf file located at /etc/ppp/peers/dsl-provider : persist maxfail 0 holdoff 10 lcp-echo-interval 20 lcp-echo-failure 3
Reference: https://ubuntuforums.org/archive/index.php/t-1955345.html