Month: September 2023

Port forwarding with firewalld

linux

The firewalld in Linux is quite flexible and quite number of task can be achieve with just a single line of code. It just a matter of to get the parameter correctly.

Just to overcome the laziness of application team to change port, lets us port forwarding instead.

# firewall-cmd --add-forward-port='port=<port>:proto=tcp:toport=<toPort>:toaddr=<toAddress>'

Explanation

code

  1. Flagging firewall-cmd that this is a port forwarding rule, --add-forward-port=''
  2. Define protocol and port number that hit the host, port=<port>:proto=tcp
  3. Define destination port and address to be forwarded, toport=<toPort>:toaddr=<toAddress>

Note: Above command is to get the port forwarding work immediately after hitting enter. No need to reload service nor server reboot. The catch is, this is non-persistent configuration and as its name implies, the configuration will revert back once the OS being rebooted.

Execute scp via http Proxy

linux

In a tightly configured network policy environment, where every single connection must go through a proxy, a simple task such as file transfer would be a hassle.

A simple scp connection also would be denied if it is not through a proxy.

However it still can be achieve with following additional internal paramater.

scp -o "ProxyCommand=nc --proxy <proxyHost>:<proxyPort> --proxy-type http %h %p" root@<remoteHost>:<remotePort>

Explanation

-o "ProxyCommand=nc --proxy <proxyHost>:<proxyPort> --proxy-type http %h %p"

  1. Supply an option, where will be proxy-ing via nc with ProxyCommand=nc
  2. Define the proxy host and port with --proxy <proxyHost>:<proxyPort>.
  3. Define the type of proxy as http with --proxy-type http %h %p

Mount windows shared folder from linux

linux

To mount a Windows share in Linux, one typically uses the mount command with the cifs filesystem type, specifying the remote Windows share’s path, the local mount point, and authentication credentials

By mounting a Windows share in Linux, users can effortlessly copy, edit, and manipulate files, ensuring smooth collaboration across heterogeneous computing environments.

Command

# mount --verbose -t cifs -o username=<username> '//<windowsIP>/<folder>' </local/path>

Explanation

  1. mount will instruct the OS to attached a filesystem to a specific mount point.
  2. The --verbose is mentioned specifically to output the progress or any error or warning message.
  3. Defining filesytem type with -t, followed by filesystem type.
  4. If authentication is needed, -o username= can be used.