Category: Operating System

netstat handy commands

johniLeave a comment

These were found in a google cached page:

URL:  http://www.cyberls.com/forum/index.php?t=tree&th=52&

List of connected ips to port 80 : netstat -apn|grep :80|awk ‘{print $5}’ | awk -F\: ‘{print $1} ‘> /tmp/iplist
List of connected ips in a sort way so that you can find no of conn from each : netstat -apn|grep :80|awk ‘{print $5}’ |sort
List of establish connections to port 80 netstat -apn|grep :80 |grep EST |awk ‘{print $5}’ |sort >s.txt
List of TIME_WAIT connections to port 80 and their count:

netstat -pan | sort +4 | grep TIME_WAIT | awk ‘{print $5}’ | sed -e s/’:.*’/”/g | sort | uniq -c | sort -k 1 -nr | head -n 20

netstat -apn | grep TIME_WAIT |awk ‘{print $5}’|awk -F\: ‘{print $1}’|sort| uniq -c | sort -k 1 -nr|head -n 20

List of TIME_WAIT connections to port 80 with more than 15 connections:

netstat -pan | sort +4 | grep TIME_WAIT | awk ‘{print $5}’ | sed -e s/’:.*’/”/g | sort | uniq -c | sort -k 1 -nr | head -n 20 |awk ‘{ if ($1 > 15) print $2 }’

and with a facility to block them

netstat -pan | sort +4 | grep TIME_WAIT | awk ‘{print $5}’ | sed -e s/’:.*’/”/g | sort | uniq -c | sort -k 1 -nr | head -n 20 |awk ‘{ if ($1 > 15) print $2 }’> s.txt; for i in `cat s.txt `;do /sbin/iptables -I INPUT -s $i -p tcp –dport 80:80 -j DROP ; done

Mail being rejected because of CBL HELO check

johniLeave a comment

Mails were being bounced due to CBLs HELO check.

URL: http://cbl.abuseat.org/helocheck.html

It turned out that when Plesk was installed it was installed with the hostname localhost.localdomain (ie. domain not changed at all).  In the Plesk control panel the hostname had been updated, however, the qmail server was still presenting itself as localhost.localdomain.

It turns out that in the file: /var/qmail/control/me

It had localhost.localdomain and wasn’t updated.  Manually updating this and restarting qmail resolved the issue.