David A. Windham
david
/
til
1
0
Fork 0
Files
Browse Source

🐕woozie

windhamdavid 2 years ago
parent
0c281bb8f1
commit
963d6cdc8f
1 changed files with 63 additions and 37 deletions
Split View Show Diff Stats
  1. 63 37
      docs/computers/woozie.md

+ 63 - 37
docs/computers/woozie.md
View File 

@@ -16,7 +16,7 @@
 
   - combine A records for subdomains.
 
   - [lifeasweknowit.com](http://lifeasweknowit.com) is still pointed to the IP
 
 - custom apache/nginx error pages
 
-- code.daw 
+- code.daw
 
   - ~~email settings for code.daw~~
 
   - gogs submodules issue - <https://github.com/gogs/gogs/issues/6436>
 
     - patch has landed in 0.13.0+dev, and will be back-ported to 0.12.11 (no ETA).
 
@@ -229,34 +229,34 @@ apt-get –-purge remove packagename
 
 
 ```
 
 
-### Cron
 
-
 
-System keeps daily, a 2-7 day old, and 8-14 day old
 
+### rsyslog
 
 
 ```bash
 
-# crontab
 
-sudo crontab -e
 
-# db optimize/backup every Sunday at 01:11
 
-11 1 * * 0 /home/user/scripts/mysql-cron.sh
 
-# log monitor every morning at 01:31
 
-31 0 * * * /home/user/scripts/monitor.sh
 
-
 
-# mysql-cron.sh
 
-#!/bin/sh
 
-#Backup 'gg' to /home/user/backups/
 
-mysqldump gg --user=******* --password='*******' > /home/user/backups/$(date +"%Y%m%d").gg.sql
 
-#Optimize tables in 'gg'
 
-mysqlcheck -o gg --user=******* --password='*******'
 
-
 
-# monitor-cron.sh
 
-#!/bin/sh
 
-
 
-awk '$8=$1$8' /var/log/apache2/other_vhosts_access.log | goaccess -a -o /var/www/dev.davidawindham.com/html/**********/index.html >> /home/*******/logs/cron.log 2>&1
 
-goaccess /var/log/nginx/access.log -o /var/www/dev.davidawindham.com/html/monitor/nginx/index.html --log-format='%h %^[%d:%t %^] "%r" %s %b "%R" "%u" %T' >> /home/*******/logs/cron.log 2>&1
 
-
 
-# lets encrypt renew 
-11 1 * * 1 /usr/bin/certbot renew --quiet --noninteractive
 
+# move log to /var/log/iptables/iptables.log
 
+sudo mkdir /var/log/iptables
 
+sudo touch /var/log/iptables/iptables.log
 
+
 
+# filter iptables.log
 
+sudo vi /etc/rsyslog.d/10-iptables.conf
 
+:msg, regex, "iptables: " -/var/log/iptables.log
 
+& ~
 
+
 
+# rotate iptables.log
 
+sudo vi /etc/logrotate.d/iptables
 
+/var/log/iptables.log
 
+{
 
+  rotate 3
 
+  daily
 
+  missingok
 
+  notifempty
 
+  delaycompress
 
+  compress
 
+  postrotate
 
+  invoke-rc.d rsyslog rotate > /dev/null
 
+  endscript
 
+}
 
 
+sudo systemctl restart rsyslog
 
 ```
 
 
 ## Security
 
@@ -285,6 +285,36 @@ The update is already installed.
 
 ✔ CVE-2023-0286 is resolved.
 
 ```
 
 
+### Cron
 
+
 
+System keeps daily, a 2-7 day old, and 8-14 day old
 
+
 
+```bash
 
+# crontab
 
+sudo crontab -e
 
+# db optimize/backup every Sunday at 01:11
 
+11 1 * * 0 /home/user/scripts/mysql-cron.sh
 
+# log monitor every morning at 01:31
 
+31 0 * * * /home/user/scripts/monitor.sh
 
+
 
+# mysql-cron.sh
 
+#!/bin/sh
 
+#Backup 'gg' to /home/user/backups/
 
+mysqldump gg --user=******* --password='*******' > /home/user/backups/$(date +"%Y%m%d").gg.sql
 
+#Optimize tables in 'gg'
 
+mysqlcheck -o gg --user=******* --password='*******'
 
+
 
+# monitor-cron.sh
 
+#!/bin/sh
 
+
 
+awk '$8=$1$8' /var/log/apache2/other_vhosts_access.log | goaccess -a -o /var/www/dev.davidawindham.com/html/**********/index.html >> /home/*******/logs/cron.log 2>&1
 
+goaccess /var/log/nginx/access.log -o /var/www/dev.davidawindham.com/html/monitor/nginx/index.html --log-format='%h %^[%d:%t %^] "%r" %s %b "%R" "%u" %T' >> /home/*******/logs/cron.log 2>&1
 
+
 
+# lets encrypt renew 
+11 1 * * 1 /usr/bin/certbot renew --quiet --noninteractive
 
+
 
+```
 
+
 
 ### IPtables
 
 
 ```bash
 
@@ -296,6 +326,7 @@ sudo iptables -vL
 
 sudo ip6tables -vL
 
 
 sudo iptables -L --line-numbers
 
+sudo ip6tables -L --line-numbers
 
 sudo iptables -L -nv --line-numbers
 
 
 # delete rule by line# 
@@ -324,13 +355,13 @@ sudo ip6tables -A INPUT -p icmpv6 -j ACCEPT
 
 sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
 sudo ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
 
-# Log what was incoming but denied / Log any traffic that was sent to you for forwarding
 
-sudo iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables_INPUT_denied: " --log-level 7
 
-sudo iptables -A FORWARD -m limit --limit 5/min -j LOG --log-prefix "iptables_FORWARD_denied: " --log-level 7
 
-
 
-sudo ip6tables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "ip6tables_INPUT_denied: " --log-level 7
 
+# Log, prefix to sort, and limit to 5/min
 
+sudo iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables: " --log-level 7
 
+sudo iptables -A FORWARD -m limit --limit 5/min -j LOG --log-prefix "iptables: " --log-level 7
 
+sudo ip6tables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables: " --log-level 7
 
+sudo ip6tables -A FORWARD -m limit --limit 5/min -j LOG --log-prefix "iptables: " --log-level 7
 
 
-# Ports
 
+# Ports (duplicate for ip6tables)
 
 sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT (http)
 
 sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT (https)
 
 sudo iptables -A INPUT -p tcp --dport #### -j ACCEPT (monit)
 
@@ -341,11 +372,6 @@ sudo iptables -A INPUT -p tcp --dport #### -j ACCEPT (stream proxy)
 
 sudo iptables -A INPUT -p tcp --dport #### -j ACCEPT (nginx proxy)
 
 sudo iptables -A INPUT -p tcp --dport #### -j ACCEPT (node proxy)
 
 
-sudo ip6tables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
 
-sudo ip6tables -A INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT
 
-sudo ip6tables -A INPUT -p tcp --dport #### -j ACCEPT
 
-sudo ip6tables -A INPUT -p tcp --dport #### -j ACCEPT
 
-
 
 ## reject all others
 
 sudo iptables -A FORWARD -j REJECT
 
 sudo iptables -A INPUT -j REJECT