Two examples to get your IP public address through command line:
# wget -O- -q https://elkano.org/api/v1/myip "89.140.154.52"
# curl https://elkano.org/api/v1/myip "89.140.154.52"
Category: network
Log traffic by user with iptables
This is a little post explaining how to log the uid and guid of the user who is making a connection in a server:
iptables -N log_traffic iptables -I OUTPUT 1 -p tcp -m multiport --dports 80,443 -m state --state NEW -j log_traffic iptables -A log_traffic -j LOG --log-uid --log-prefix "iptables: "
Explanation:
- Create a new iptables chain log_traffic
- Redirect all traffic from OUTPUT to log_traffic chain if the connection destination port is http or https.
- Log all traffic in log_traffic chain including the user uid/gid.
with rsyslog identify the iptables traffic and put it in a separate log file. Edit /etc/rsyslog.conf and add the following line:
:msg, contains, "iptables: " -/var/log/iptables.log
You will see traces like this with the uid and gid of the user making the connection:
Oct 22 14:44:54 host4sx56 kernel: [6828668.226415] iptables: IN= OUT=eth355 SRC=192.168.1.2 DST=172.17.16.52 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=11754 DF PROTO=TCP SPT=35734 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=3106 GID=3106
Manage interface bondings through sysfs interface
This is a easy way to manage your bondings through the sysfs interface.
Load the bond module:
# modprobe bond
Create a new bonding bond0:
echo "+bond0" > /sys/class/net/bonding_masters
View the existing bondings:
# cat /sys/class/net/bonding_masters bond0 bond1
Add interfaces to bond0 bonding:
echo "+eth0" > /sys/class/net/bond0/bonding/slaves echo "+eth1" > /sys/class/net/bond0/bonding/slaves
Remove an interface from an existing bonding
echo "-eth0" > /sys/class/net/bond0/bonding/slaves
Remove the bond0 inteface
echo "-bond0" > /sys/class/net/bonding_masters
Change the bonding mode (The bond interface must be down before the mode can be changed.):
echo balance-alb > /sys/class/net/bond0/bonding/mode
or
echo 6 > /sys/class/net/bond0/bonding/mode
A full example:
# modprobe bonding # modprobe e100 # echo balance-alb > /sys/class/net/bond0/bonding/mode # ifconfig bond0 192.168.1.1 netmask 255.255.255.0 up # echo 100 > /sys/class/net/bond0/bonding/miimon # echo +eth0 > /sys/class/net/bond0/bonding/slaves # echo +eth1 > /sys/class/net/bond0/bonding/slaves
References: https://www.kernel.org/doc/Documentation/networking/bonding.txt [3.4]
Interface bonding on Ubuntu 14.04
Install the required package ifenslave
$ sudo apt-get install ifenslave ethtool
To prevent issues make sure that the bonding module is listed in the /etc/modules file. In this way the module will be loaded at boot time.
$ cat /etc/modules # /etc/modules: kernel modules to load at boot time. # # This file contains the names of kernel modules that should be loaded # at boot time, one per line. Lines beginning with "#" are ignored. # Parameters can be specified after the module name. lp rtc bonding
Configure the network with the new bond0 interface.
$ cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet manual bond-master bond0 auto eth1 iface eth1 inet manual bond-master bond0 auto bond0 iface bond0 inet manual address 172.17.16.10 netmask 255.255.255.0 gateway 172.17.16.1 bond-miimon 100 bond-mode balance-alb bond-slaves eth0 eth1
I configured here with the balance-alb mode that is able to balance the outgoing and incoming traffic without any special switch support, but the network drivers must support ethtool to retrieve the speed from them.
The common bonding modes that are very used are:
– active-backup
– balance-alb
– 802.3ad
You should check the bonding documentation and the features of each mode here:
https://www.kernel.org/doc/Documentation/networking/bonding.txt
To check that the new bond0 interface is working:
$ sudo cat /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: adaptive load balancing Primary Slave: None Currently Active Slave: eth0 MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 Slave Interface: eth0 MII Status: up Speed: 10000 Mbps Duplex: full Link Failure Count: 1 Permanent HW addr: 0c:c4:7a:34:e8:a2 Slave queue ID: 0 Slave Interface: eth1 MII Status: up Speed: 10000 Mbps Duplex: full Link Failure Count: 1 Permanent HW addr: 0c:c4:7a:34:e8:a3 Slave queue ID: 0
Rename interfaces on Ubuntu 14.04
On my virtual machines I use many network interfaces, each one connected to a different vlan. I usually rename the interfaces on the guest machine with a meaningful name referring to its vlan, like eth40 for the interface that is connected to vlan 40. Until now I used to use ifrename package on my debian guests, but on Ubuntu 14.04 this packakge is not very long distributed.
To achive this I used an udev rule. Simply create the file /etc/udev/rules.d/70-persistent-net.rules with the following content, one line for each interface you want to rename:
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="b2:b3:31:58:96:59", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth40"
Now, change your /etc/network/interfaces file accordingly, reboot the guest and your interfaces should have changed.