Linux 명령어

리눅스(CentOS7) 서버에 방화벽(firewall)을 활용하여 특정 IP만 접근하게 하는 방법

https://blog.aacii.net/111

리눅스 방화벽
--특정 IP + port
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.103 port port="3306" protocol="tcp" accept'
sudo firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address=192.168.1.103 port port="5432" protocol="tcp" accept'
--특정 IP
sudo firewall-cmd --permanent --add-source=192.168.1.103
--특정 portz
firewall-cmd --permanent --add-port=3306/tcp
--변경한 설정 적용
firewall-cmd --reload

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="7000" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="7001" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="7002" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="7003" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="7004" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="7005" protocol="tcp" accept'

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="2181" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="2182" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="2183" protocol="tcp" accept'

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="8983" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="8984" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="8985" protocol="tcp" accept'

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="9200" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="9201" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="9202" protocol="tcp" accept'

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="8180" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="8480" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.104 port port="8081" protocol="tcp" accept'

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.103 port port="80" protocol="tcp" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address=192.168.1.103 port port="8280" protocol="tcp" accept'

메모리

리눅스 메모리 사용량순 프로세스 보기

ps -eo user,pid,ppid,rss,size,vsize,pmem,pcpu,time,comm --sort -rss | head -n11

/dev/null 2>/dev/null

https://minddoodle.tistory.com/m/10

리다이렉션 ( <,<<,>,>>)

https://reakwon.tistory.com/m/115

yum 레포지토리

https://dejavuhyo.github.io/posts/centos-yum-repository-add-delete/

디스크 용량

https://zetawiki.com/wiki/리눅스_전체_디스크_사용량_확인

디렉토리별 용량 정렬

du -sh ./* 2>/dev/null | head -20
du -h --max-depth=1 | sort -h
du -sh * | sort -h

메모리 용량

https://blog.naver.com/PostView.naver?blogId=hongganz&logNo=222456616664&from=search&redirect=Log&widgetTypeCall=true&directAccess=false

CPU 확인

nproc
lscpu
cat /proc/cpuinfo

특정PORT를 사용하고 있는 프로세스

lsof -t -i:#port