RHCSA Exam

Hi, all. I was new user to linux two weeks ago, but now i try to figure out ACL and etc. Before 7.03.2015 i had no prior experience with linux. I want to attend at next RHCSA exam (approx. 20th of april). I have official training books from Red Hat (RH124) and "RHCSA training live sessions" video set by Pearson, inc. Can i pass RHCSA exam? I don't plan to attend in any training, only self-study. What do you think? Or do you offer any special method to prepare for exam faster except paid trainings? Would be better if answers are by exam-takers or who passed.

PS: I have 3 years of experience in programming, especially C, C# and some other PLs.

Thank you beforehand!

Hi guys,

finished my linux+ and want to move on to some red hat training...

so i found on the red hat site:
http://www.redhat.com/en/services/al...ions-and-exams

that:
Red Hat Certified System Administrator (RHCSA) Exam (EX200).

looks like the entry level certification, and an obvious place to start...

i want to self study and have been googling but the information im finding is at least 4 to 6 years old...

has anybody self studied this? i would think so as red hat training is pretty pricey...

can anybody recommend a good study guide or video set or anything that is up to date and may help pass the exam

thanks

Hi,

I just came to know that LPIC_1 102 exam has been altered since last April and it seems that the modifications are mostly on the networking section.

Could anyone introduce resources/books/ebooks that cover the new modifications?

Hi,
I am Kamla, and a new user of LXR = Can anyone share information on how to mark items in an exam bank enemy items - or do not use on the same exam.

Thank you.

Kamla

Hi,

So, I am learning meteor.js and signed up for a (cheap, i.e no support) VPS to host my Meteor app. Everything is running fine but I am trying to understand better how Linux works so here is my question:

I am running CentOS 7 on the VPS but it still uses iptables for its firewall.

I had to enable port 80 to access the web server. However, if I reboot the server, it stops working until I do
Code:

iptables -F

Then everything works. But I am thinking that -F might not be the best thing. I have changed the default SSH port from 22 to something else and that also works but I don't think I ever added it to the iptables rules.

If I do a port scan, the new SSH port is indicated as open as well as port 80 but others are closed as they are supposed to be.

Any idea what is doing on behind the scenes that requires iptables -F for the web access to work properly and if I shouldn't be doing iptables -F (I have it in the rc.local file), what is the right way of doing it?

(BTW, I am computer literate but not that familiar with Linux, which I am trying to learn now.)


Kamal

Hi everyone
I have a question about iptables

This line
Code:

iptables -A INPUT -p tcp  -m tcp --dport 80 -j ACCEPT

why there is a "-m tcp"? what does this mean? I checked some book and man, I did not find what does this mean.

Thank you very much for your help.

Hello! I hope this post get's in the right place, cause I'm a newbie @ Linux

I'm trying to set up a Webserver, apache. And I'm confused which chain to set in IPTables. I hope'd someone could answer me a little more in detail, I've tryed googeling, but the answers were quite confusing for me, anyway here are the statement;

-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

and

-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

A know that that -A INPUT is for incoming packaes, -p specifies protocol TCP. But I'm unsure what -m does? Cause in the first line it is just "-m tcp" and in the second it is "-m state --state". So if someone could explant the diffrence and which one to use, I would be grateful.

And another question while I'm at it; In the start of IPTables I have;
-A INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT

What happens if I get a packet destined for some service, that isn't a chain in IPTables? Take port 80 for example, will IPTables accept the packet, but drop it at the end because there isn't any hit? If you understand what I mean. If -A INPUT would be DENY istead of ACCEPT, would the packet never ever get examined further then the first line?

Almost and the bottom of IPTables ther is a line;
-A INPUT -j REJECT --reject-with icmp-host-prohibited

Is it the chain that will be matched if there is not hit prior to it? What would happen if this line wasn't there?

Thank you very much for your help, I'm just wanna be sure little how IPTables work.

Best Regards; Stefan

I was reading the frozentux appendix for dhcp (https://www.frozentux.net/iptables-t...tml/x6316.html) and I was wondering how could this Code:

$IPTABLES  -I INPUT -i $LAN_IFACE -p udp --dport 67:68 --sport 67:68 -j ACCEPT

be made to be more restrictive? The author himself says that this ca be done, but doesn't give any details in this respect.

I am interested in both cases - if the computer is a dhcp server or if it is only a dhcp client. Can you help me out with this?

I am trying to set up a "Proxy Server" in Linux, without using Squid (Part of my project). However I have beginner's knowledge of iptables. I am using the following script from "http://www.aboutdebian.com/proxy.

#!/bin/sh
INTIF="eth1"
EXTIF="eth0"
EXTIP="`/sbin/ifconfig eth0 | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
/sbin/depmod -a
/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc
/sbin/modprobe iptable_nat
/sbin/modprobe ip_nat_ftp
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F
iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

Question is there is no packet forwarding from eth1 to eth0 (verified from wireshark, a windows is using eth1's ip address as its default gateway)

Any help would be highly appreciated!

I recently changed from Debian 7 to 8 which now uses systemd as the default init.
I had a init file that worked fine (see below) and works fine when directly invoked
Code:

$ sudo /etc/init.d/iptables start

however fails when indirectly invoked
Code:

$ sudo service iptables start
Job for iptables.service failed. See 'systemctl status iptables.service' and 'journalctl -xn' for details.

Code:

$ systemctl status iptables.service
 iptables.service - LSB: Iptable setup
   Loaded: loaded (/etc/init.d/iptables)
   Active: failed (Result: exit-code) since Mon 2015-05-25 17:18:37 PDT; 5s ago
  Process: 4825 ExecStart=/etc/init.d/iptables start (code=exited, status=203/EXEC)

Code:

$ journalctl -xn
No journal files were found.

I don't understand the error except that it "failed" and is loaded.
I have disabled and re-enabled the service with these commands:

Code:

sudo systemctl disable iptables
sudo systemctl enable iptables

which completes successfully but did not fix the problem.


INIT file
Code:

### BEGIN INIT INFO
# Provides:          iptables
# Required-Start:    $network $remote_fs $syslog
# Required-Stop:     $network $remote_fs $syslog
# Should-Start:      $portmap
# Should-Stop:       $portmap
# X-Start-Befo     nis
# X-Stop-After:      nis
# Default-Start:     2 
# Default-Stop:      1
# X-Interactive:     false
# Short-Description: Iptable setup
# Description:       Sets iptable rules
#                    
### END INIT INFO

ipt=/sbin/iptables

loadrules() {

if [ -e /etc/iptables_ruleset ]; then iptables-restore < /etc/iptables_ruleset && exit 0; fi

$ipt -F
$ipt -X

# Policies and Chains
$ipt -P INPUT DROP
$ipt -P FORWARD DROP
$ipt -P OUTPUT ACCEPT
$ipt -N SSH
$ipt -N WEBSERVER

$ipt -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
$ipt -A INPUT -i lo -j ACCEPT # Allow loopback

# Services
$ipt -A INPUT -p tcp -m multiport --dport 443,80 -j WEBSERVER # WEBSERVER chain 
$ipt -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j SSH # Jump to SSH chain
$ipt -A INPUT -p tcp -s 192.168.1.1/24 --dport 445 -j ACCEPT # samba

# Reject message for LAN
$ipt -A INPUT -s 192.168.1.1/24 -j REJECT

# WEBSERVER chain
$ipt -A WEBSERVER -p tcp -m multiport --dport 443,80 -m conntrack --ctstate NEW -j LOG
$ipt -A WEBSERVER -p tcp -m multiport --dport 443,80 -j ACCEPT

# SSH chain
$ipt -A SSH -p tcp --dport 22 -m recent --set --name SSH # Set SSH recent
$ipt -A SSH -p tcp --dport 22 -m recent --name SSH --update --seconds 10 --hitcount 2 --rttl -j LOG # Log if over counter
$ipt -A SSH -p tcp --dport 22 -s 192.168.1.1/24 -m recent --name SSH --update --seconds 10 --hitcount 10 --rttl -j REJECT # Reject from lan if over counter
$ipt -A SSH -p tcp --dport 22 ! -s 192.168.1.1/24 -m recent --name SSH --update --seconds 10 --hitcount 2 --rttl -j DROP # Drop if over counter
$ipt -A SSH -p tcp --dport 22 -j ACCEPT

iptables-save > /etc/iptables_ruleset
}

removerules() {
$ipt -P INPUT ACCEPT
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT
$ipt -F
$ipt -X
}

restartrules() {
rm /etc/iptables_ruleset
loadrules
}

case "$1" in
	start)
		loadrules
		;;
	stop)
		removerules
		;;
        restart)
                restartrules
                ;;
    	*)
        	echo "Usage: $0 start|stop|restart" >&2
        	exit 3
        	;;
esac

Edit:
Checking /var/log/daemon.log gives me this info:
Code:

May 25 19:13:29 hostname systemd[6004]: Failed at step EXEC spawning /etc/init.d/iptables: Exec format error
May 25 19:13:29 hostname systemd[1]: iptables.service: control process exited, code=exited status=203
May 25 19:13:29 hostname systemd[1]: Failed to start LSB: Iptable setup.
May 25 19:13:29 hostname systemd[1]: Unit iptables.service entered failed state.