The script against DDOS attacks

I will give an example of a simple script against DDOS attacks for NAT servers.
The script is executed when the total number of “conntrack” connections is more than 500000, it saves to the text file the IP address which has the most “conntrack” connections, who has more than 10,000 – adds to the ipset list.

Continue reading “The script against DDOS attacks”

PPS Viewer Script (Packets Per Second)

The script every second displays the number of incoming and outgoing packets per second on the specified network interface.
Place the contents of the script into a file, for example, pps.sh and execute by specifying the name of the network interface (you can stop the execution of the script with CTRL+C):

Continue reading “PPS Viewer Script (Packets Per Second)”

How to pull data from one column of a mysql table

To see data from one column, it is enough to execute the SQL query (where “abcd” is the name of the column in the table):

SELECT abcd FROM table;

To export to a file, just run the command in Linux:

mysql -u root -e "SELECT abcd FROM database;" -s -N > file.txt

Here is an example of exporting email addresses from a mysql table to an http page using PHP.
The thought immediately came to this plan (create a php file and open it through the browser):

<?php
// Connecting to mysql server
mysql_connect("localhost", "USER", "PASSWORD") or die (mysql_error ());
// Choosing a database
mysql_select_db("users") or die(mysql_error());
// SQL query
$rows = "SELECT * FROM account";
// Run this SQL query
$d = mysql_query($rows);
// Each row becomes an array ($row) using the mysql_fetch_array
while($row = mysql_fetch_array($d)) {
// Display the values of the email column
echo $row['email'] . "<br />";
}
// Close the connection to the database
mysql_close();
?>

Back Up Cisco Catalyst 6500 Configuration

For the test, I sketched a Cisco Catalyst 6509-E automatic backup configuration script.

Actually the script itself:

#!/bin/bash
# Backup CISCO config
(
sleep 5
echo "user"
sleep 4
echo "password"
sleep 4
echo "copy running-config tftp:"
sleep 2
echo "192.168.1.4"
sleep 2
echo "cisco.cfg"
sleep 6

echo "exit"
) | telnet 192.168.1.5
mv /srv/tftp/cisco.cfg /backups/devices/cisco/`date +%Y-%m-%d`_cisco.cfg

find /backups/devices/cisco/ -type f -mtime +30 -exec rm {} \;

Add the contents of the script, for example, to the backup_cisco.sh file and add it to cron, adding the following line to the /etc/crontab file:

0 2 * * * root /backups/scripts/backup_cisco.sh > /dev/null 2>&1

The file can be opened for example in the text editor nano (Ctrl+X to exit, y/n to save or cancel changes):

sudo nano /etc/crontab

The script connects via telnet to 192.168.1.5 and copies the configuration to the tftp server 192.168.1.4, then the file is moved to a convenient directory for storage.
The last line in the script deletes files older than 30 days.
How to start the tftp server, see my articles: Installing and Configuring a TFTP Server in Ubuntu or Starting a TFTP server in Windows.
See also: Using and configuring CRON.

Script backup configuration DOCSIS ARRIS Cadant C3 CMTS

Actually, this is my script:

#!/bin/bash
# Backup DOCSIS CADANTS config
(
sleep 5
echo "user"
sleep 5
echo "password"
sleep 5
echo "enable"
sleep 2
echo "password"
sleep 2
echo "copy startup-configuration tftp://192.168.0.1/cadant1.xml"
sleep 5
echo "exit"
) | telnet 192.168.0.50
mv /srv/tftp/cadant1.xml /backups/devices/docsis/`date +%Y-%m-%d`_cadant1.xml

Where 192.168.0.50 – cadant, 192.168.0.1 – tftp server.

You can add the script to /etc/crontab for automatic execution (for example, every day at one in the morning):

0 1 * * * root /path/to/script/backup_cadants.sh > /dev/null 2>&1

How to convert a list of IP addresses to DNS names

In Linux, you can convert a list of IP addresses into DNS names, for example, by a simple script.

To do this, create an empty file with the extension .sh, make it executable and add the content to it:

#!/bin/sh
while read ip traf ; do
    name=`host $ip|awk '{print $NF}'`
    echo -e "$name\t$ip\t$traf"
done >name_ip_traf.lst <ip_traf.lst

Where ip_traf.lst is a file with a list of IP addresses that need to be converted to DNS names.

You can make it executable by the command:

chmod +rwx file.sh

Run the script in the directory where it is located by the command:

./file.sh

Or run by specifying the full path:

/dir/file.sh

After the startup, you must wait for a while or interrupt the execution by pressing CTRL+C.