Listar reglas de nat en iptables

Linux: Iptables List and Show All NAT Tables Rules Command

by NIXCRAFT on FEBRUARY 27, 2013 · 0 COMMENTS· last updated at FEBRUARY 27, 2013

Iam using /sbin/iptables -L -v -n | more command. However, I am unable to list NAT rules. How do I use iptables to view or list NAT rules stored in NAT tables? How do I see all the rules in NAT tables under CentOS / RHEL based server?

/sbin/iptables command for IPv4 packet filtering and NAT. Network address translation (NAT) imodifyies IP address information in IP packet headers while in transit across a routing device.

Tutorial details
Difficulty	Easy (rss)
Root privileges	Yes
Requirements	None

To see NAT rules type:

iptables -t nat -L
iptables -t nat -L -n -v | grep 'something'
iptables -t nat -L -n -v

Sample outputs:

Chain PREROUTING (policy ACCEPT 867 packets, 146K bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  vlan2  *       0.0.0.0/0            192.168.1.0/24
Chain POSTROUTING (policy ACCEPT 99 packets, 6875 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all  --  *      vlan2   0.0.0.0/0            0.0.0.0/0
Chain OUTPUT (policy ACCEPT 99 packets, 6875 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain WANPREROUTING (0 references)
 pkts bytes target     prot opt in     out     source               destination
root@tswitch:/tmp/home/root#

Say hello netstat-nat

The netstat-nat command display the natted connections on a Linux iptable firewall:
# netstat-nat -n
To display SNAT connections, run:
# netstat-nat -S
To display DNAT connections, type:
# netstat-nat -D

Activar ssh sin password en ubiquiti

Howto enable SSH public key authentication on Ubiquiti AirOS (e.g. NanoStation2)
March 31, 2012
First you need to check if the ssh service is enabled and than you need to login and use following commands. First you need to make sure your home directory is the same as mine:

echo ~
should return /etc/persistent, which is used in this Howto. So lets start the actual work:

chmod 750 /etc/persistent/
cd /etc/persistent/
mkdir .ssh
chmod 700 .ssh
Type on the machine you want to be able to use for public key login:

cat ~/.ssh/id_dsa.pub | ssh username@x.x.x.x 'cat >> /etc/persistent/.ssh/authorized_keys'
Now you should be able to login like this

ssh username@x.x.x.x
without a password. If so you need to make sure that it stays so even after a reboot:

cfgmtd -w -p /etc/
Type reboot to test it!

Fuente: http://robert.penz.name/405/howto-enable-ssh-public-key-authentication-on-ubiquiti-airos-e-g-nanostation2/

Create a script in the same directory 

prepare_key_directory.sh


#/bin/bash
chmod 750 /etc/persistent/
cd /etc/persistent/
mkdir .ssh
chmod 700 .ssh


activar_keys.sh


#/bin/bash
for i in 172.18.1.207 172.18.1.208 172.18.1.209 172.18.1.210 172.18.1.211 172.18.1.212 172.18.1.213 172.18.1.214 172.18.1.215 172.18.1.216
do
   scp prepare_key_directory.sh $i:~
   ssh $i ./prepare_key_directory.sh
   cat ~/.ssh/id_rsa.pub | ssh ubnt@$i 'cat >> /etc/persistent/.ssh/authorized_keys'
   ssh $i "cfgmtd -w -p /etc/"done

chmod 777 prepare_key_directory.sh
bash -x activar_keys.sh

Quitar # comentarios y líneas en blanco de un fichero de configuración

grep -vE '^$|^#' /etc/collectd/collectd.conf 

sed para añadir texto a mitad de un fichero

http://es.kioskea.net/faq/3026-sed-anadir-texto

sustituir linea con sed

sed -i '/users.1.password/ cusers.1.password=1234' /tmp/system.cfg

c es para sustituir la línea
-i para hacerlo sobre el mismo fichero

Ping con timestamp

ping google.com | xargs -n1 -i bash -c 'echo `date +"%Y-%m-%d %H:%M:%S"`" {}"' > /var/log/google-com.log

Comandos útiles de kamailio

kamctl fifo get_statistics :dialog::all

kamctl ul show --brief


sipwise
ngcp-kamctl proxy fifo get_statistics :dialog::all

ngcp-kamctl proxy fifo dlg_list