qnote:debian
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| qnote:debian [2023/09/20 20:16] – [useradd] k | qnote:debian [2025/07/27 11:57] (current) – k | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ===== Быстрые заметки по Debian ===== | ===== Быстрые заметки по Debian ===== | ||
| + | |||
| + | ==== vi, стрелки, | ||
| + | |||
| + | В интерактивном режиме вместо стрелок печатаются символы A B C D. \\ | ||
| + | Надо поправить файл / | ||
| + | |||
| + | < | ||
| + | # sed -i 's/set compatible/ | ||
| + | </ | ||
| + | |||
| + | Для подстраховки можно сначала дать команду без ключа " | ||
| + | |||
| + | |||
| + | ==== scp на Debian12 ==== | ||
| + | |||
| + | https:// | ||
| + | |||
| + | < | ||
| + | subsystem request failed on channel 0 | ||
| + | scp: Connection closed | ||
| + | </ | ||
| + | |||
| + | < | ||
| + | # scp -O -P 8990 -r | ||
| + | </ | ||
| + | |||
| + | ==== Инструменты snmp ==== | ||
| + | |||
| + | На Debian12 snmpwalk входит в состав пакета snmp | ||
| + | |||
| + | < | ||
| + | apt install snmp | ||
| + | </ | ||
| + | |||
| + | В минимальной установке Debian12 нет справочников MIB для убобной работы snmpwalk.\\ | ||
| + | Справочники ставятся через установку пакета [[https:// | ||
| + | |||
| + | Пакет находится в репозиториях non-free. \\ | ||
| + | В файле / | ||
| + | |||
| + | < | ||
| + | apt update | ||
| + | apt install snmp-mibs-downloader | ||
| + | </ | ||
| + | |||
| + | ==== deluser ==== | ||
| + | |||
| + | < | ||
| + | # deluser--remove-home test-user12 | ||
| + | </ | ||
| ==== useradd ==== | ==== useradd ==== | ||
| Line 28: | Line 78: | ||
| [[https:// | [[https:// | ||
| - | Остановливаем nftables. | + | <del>Останавливаем nftables.</ |
| < | < | ||
| apt remove --auto-remove nftables | apt remove --auto-remove nftables | ||
| Line 54: | Line 104: | ||
| -A INPUT -j REJECT --reject-with icmp-host-prohibited | -A INPUT -j REJECT --reject-with icmp-host-prohibited | ||
| -A FORWARD -j REJECT --reject-with icmp-host-prohibited | -A FORWARD -j REJECT --reject-with icmp-host-prohibited | ||
| + | COMMIT | ||
| + | </ | ||
| + | |||
| + | Пишем первые правила в "/ | ||
| + | < | ||
| + | *filter | ||
| + | :INPUT ACCEPT [0:0] | ||
| + | :FORWARD ACCEPT [0:0] | ||
| + | :OUTPUT ACCEPT [0:0] | ||
| + | -A INPUT -m state --state RELATED, | ||
| + | -A INPUT -p ipv6-icmp -j ACCEPT | ||
| + | -A INPUT -i lo -j ACCEPT | ||
| + | #-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT | ||
| + | #-A INPUT -d fe80::/64 -p udp -m udp --dport 546 -m state --state NEW -j ACCEPT | ||
| + | #LAST-RULES | ||
| + | -A INPUT -j REJECT --reject-with icmp6-adm-prohibited | ||
| + | -A FORWARD -j REJECT --reject-with icmp6-adm-prohibited | ||
| COMMIT | COMMIT | ||
| </ | </ | ||
| Line 59: | Line 126: | ||
| Запускаем iptables. | Запускаем iptables. | ||
| < | < | ||
| - | systemctl start iptables | + | systemctl start iptables |
| - | systemctl status iptables | + | systemctl status iptables |
| - | systemctl enable iptables | + | systemctl enable iptables |
| iptables -S | iptables -S | ||
| </ | </ | ||
qnote/debian.1695230173.txt.gz · Last modified: by k