cancel
Showing results for 
Search instead for 
Did you mean: 
Chetan_Tiwary_
Community Manager
Community Manager
  • 468 Views

Red Hat Linux Interview Series 22

Q.) How can you see total TCP Connections count on your linux system ?

 

Q.) How can you make your Linux server reboot automatically when the kernel enters panic mode ?

 

Q.)How will you deny IPv4 traffic over TCP from host 172.168.2.0 to port 22 in your linux VM ?

Bonus Q. ) How can you do the same using ansible playbook ?

 

Level - L2 and above.

 

I'll be posting a series of Linux-related questions covering various skill levels. Feel free to share your insights and expertise. Your contributions will benefit learners at all stages, from those in current roles to those preparing for Linux interviews.

4 Replies
Ad_astra
Flight Engineer Flight Engineer
Flight Engineer
  • 416 Views

In response to Question 1; the following command will show all listening and non-listening TCP connections on the current host:

ss -at

To get the count you could pipe the output through wc and subtract one (1) for the newline.

 

Chetan_Tiwary_
Community Manager
Community Manager
  • 401 Views

@Ad_astra thanks for the answer!

0 Kudos
Trevor
Starfighter Starfighter
Starfighter
  • 341 Views

So, you want the Linux system to auto reboot after a kernel panic?  
Okay, here's one way:

 

1)  Add the following line to the /etc/sysctl.conf file:

              kernel.panic = 8       
              #  When a kernel panic occurs, the above line  - "kernel.panic = 8" - configures
              #  the system to reboot, after an 8 second delay

2)  Execute the command  sysctl  -p  to re-read the sysctl.conf  file

 

Two steps, and you're done!!!

There are other approaches, but I'll provide only this one, and let someone else
get in on this juicy query!

 

 

 

 

Trevor "Red Hat Evangelist" Chandler
0 Kudos
Trevor
Starfighter Starfighter
Starfighter
  • 333 Views

The host with IP address 172.168.2.0 ain't welcome to communicate with the
VM, at least not over port 22, so we want to close that door.  Okay, sounds
like we need to recruit the services of the firewall service (firewalld).

Let's start by executing the following command:

firewall-cmd  --zone=public  --permanent  --add-rich-rule='rule family="ipv4"  
         protocol="tcp"  port="22"  source-address="172.168.2.0"  reject'

Notes:
-  The command above is shown on two lines, but it is only one (1) command.
-  Please pay close attention to the single and double quotation marks.

Now, let me offer a little explanation to some of the pieces in the firewall-cmd
command above:

--zone=public  -  Applies the rule to the "public" zone, which is typically used for 
                             external network access

--permanent  -    Makes the rule persistent across system reboots

--add-rich-rule  -  Allows for a more detailed rule definition

--rule family="ipv4"  -  Specifies that the rule applies to IPv4 traffic

--protocol="tcp"  -  Filters only TCP traffic

--port="22"  -  Targets port 22 (SSH)

--source-address="172.168.2.0"  -  Defines the specific IP address to block/deny

--reject  -  Instructs the firewall to send a "reject" packet back to the source when 
                    a connection attempt is made

 

After executing the lengthy command, you'll then have to activate that rule to the
firewall service, by executing the following command:

#  firewall-cmd --reload

 

If you like, you can verify that the rule did in fact get added to the list of firewall
rules, using the following command:

firewall-cmd    --list-rich-rules
-
  This command will display all firewall rules, including the one previously added

 

Okay, that should achieve what we're wanting to do - block/deny SSH connections
to the VM, from host 172.168.2.0.

 

 

Trevor "Red Hat Evangelist" Chandler
0 Kudos
Join the discussion
You must log in to join this conversation.