# Networking * * * [https://kbespalov.medium.com/виртуальные-сетевые-устройства-в-linux-linux-bridge-7e0e887edd01](https://kbespalov.medium.com/%D0%B2%D0%B8%D1%80%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5-%D1%81%D0%B5%D1%82%D0%B5%D0%B2%D1%8B%D0%B5-%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0-%D0%B2-linux-linux-bridge-7e0e887edd01) ## Log Connections ### tcpdump / tshark Register ICMP replies from 10.10.13.38: ``` $ sudo tcpdump -n -i eth0 -XSs 0 'src 10.10.13.38 and icmp[icmptype]==8' ``` Redirect to text file adding timestamps: ``` $ sudo tcpdump -i eth0 -tttt -l icmp | tee icmp.txt ``` ### iptables Add rule to register **new** (does not watch for related, established) connections to your machine: ``` $ sudo iptables -A INPUT -p tcp -m state --state NEW -j LOG --log-prefix "IPTables New-Connection: " -i tun0 ``` Check the logs: ``` $ sudo grep IPTables /var/log/messages ``` Delete rule: ``` $ sudo iptables -D INPUT -p tcp -m state --state NEW -j LOG --log-prefix "IPTables New-Connection: " -i tun0 ``` ## Tools ### dhclient Release the current lease on `eth0` and obtain a fresh IP via DHCP in Linux: ``` $ sudo dhclient -v -r eth0 $ sudo dhclient -v eth0 ``` ### iptables * * List rules in all chains (default table is *filter*, there are *mangle*, *nat* and *raw* tables beside it): ``` $ sudo iptables -L -n --line-numbers [-t filter] ``` Print rules for all chains (for a specific chains): ``` $ sudo iptables -S [INPUT [1]] ``` ### fail2ban * `/etc/fail2ban/filter.d` - filters which turn into *user-defined* fail2ban iptables rules (automatically). Status: ``` $ sudo service fail2ban status $ sudo fail2ban-client status $ sudo fail2ban-client status sshd ``` Unban: ``` $ sudo fail2ban-client unban --all $ sudo fail2ban-client set sshd unbanip ``` ### OpenVPN *