IPv6 Linux firewall script

Q. IPv4 by default protect internal host using RFC 1918 private IP address. But IPv6 offers direct global address which result into exposing all internal hosts as well. How do I create default IPv6 firewall to drop all incoming (except ping6 request) connection and only allow outgoing requests from Linux workstation?

A. You need to use Ip6tables command to create IPv6 firewall scripts. Ip6tables is used to set up, maintain, and inspect the tables of IPv6 packet filter rules in the Linux kernel.

A note about IPv6 private ips

IPv6 does not include private network features such as NAT. Because of the very large number of IPv6 addresses. However, FC00::/7 prefix used to identify Local IPv6 unicast addresses. All IPv6 users should be able to obtain IPv6 address space for use at their discretion and without artificial barriers between their network and the Internet.

Sample Restricted IPv6 Linux Firewall Script

#!/bin/bash

IPT6="/sbin/ip6tables"

PUBIF="eth1"

echo "Starting IPv6 firewall..."

$IPT6 -F

$IPT6 -X

$IPT6 -t mangle -F

$IPT6 -t mangle -X

#unlimited

$IPT6 -A INPUT -i lo -j ACCEPT

$IPT6 -A OUTPUT -o lo -j ACCEPT

# DROP all incomming traffic

$IPT6 -P INPUT DROP

$IPT6 -P OUTPUT DROP

$IPT6 -P FORWARD DROP

# Allow full outgoing connection but no incomming stuff

$IPT6 -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

$IPT6 -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

# allow incoming ICMP ping pong stuff

$IPT6 -A INPUT -p ipv6-icmp -j ACCEPT

$IPT6 -A OUTPUT -p ipv6-icmp -j ACCEPT

############# add your custom rules below ############

#$IPT6 -A INPUT -p tcp --destination-port 80 -j ACCEPT

#### no need to edit below ###

# log everything else

$IPT6 -A INPUT -j LOG

$IPT6 -A INPUT -j DROP

PXE boot communication flow

Cool live patch available for Ubuntu 16.04 LTS

The cool live kernel patching is available in Ubuntu 16.04 LTS. No consecutive reboot required after patching the kernel.

Refer the link up: http://www.cyberciti.biz/faq/howto-live-patch-ubuntu-linux-server-kernel-without-rebooting/

Linux Mint launches Mintbox Mini Pro PC with powerful specs - Linux mint 18 cinnamon

Open source distribution maker Linux Mint has launched Mintbox Mini Pro as an upgrade of its original Mintbox Mini. This new device packs powerful specifications and runs on Linux Mint 18 Cinnamon out of the box.

Compared to the first-generation Mintbox Mini, the newly launched Mintbox Mini Pro has an AMD A10 Micro-6700T chipset along with Radeon R6 graphics. The old system had 64GB of storage and 4GB of RAM, while the new PC comes with 120GB of SSD mSATA and 8GB of RAM. There are also some advanced connectivity options, such as dual-band Wi-Fi 802.11ac mini-PCIe, Bluetooth 4.0, dual Gbe Ethernet port and a serial port, and an all-metal black housing with better passive cooling.

The latest Linux Mint device has a total of two USB 3.0 and four USB 2.0 ports. There are also two HDMI ports and a microSD card slot as well as a 6-pin microSIM card slot.

Mintbox Mini Pro is available for $395 in the US market. This brings a $100 difference from the previous Mintbox Mini that went on sale for $295. By paying more bucks, you are getting a speedier and much-improved hardware to experience the world of Linux.

http://opensourceforu.com/2016/09/linux-mint-mintbox-pro-pc-with-powerful-specs/

Airtel 4G in Ubuntu 16.04 LTS

Airtel 4G dongle in Ubuntu works good without installing its drivers.

It works via Mobile Broadband.
Choose country -> India
Choose service -> Airtel
Finish up the wizard.

Now Airtel 4G dongle works good in Ubuntu 16.04 LTS.

Fix broken repository in Ubuntu

The below command is used to fix the broken repository in Ubuntu
$ sudo apt-get install -f

Ubuntu 16.04 LTS works excellent - HP 15-ac122tu notebook

Ubuntu 16.04 LTS desktop works excellent in HP 15-ac122tu notebook

It shows errors while installing Google chrome stable version. However, it works good. :) Use the below command to launch that.
 google-chrome-stable

pna@pna-HP-Notebook:~/Downloads$ sudo dpkg -i google-chrome-stable_current_amd64.deb
Selecting previously unselected package google-chrome-stable.
(Reading database ... 204527 files and directories currently installed.)
Preparing to unpack google-chrome-stable_current_amd64.deb ...
Unpacking google-chrome-stable (50.0.2661.94-1) ...
dpkg: dependency problems prevent configuration of google-chrome-stable:
 google-chrome-stable depends on libappindicator1; however:
  Package libappindicator1 is not installed.

dpkg: error processing package google-chrome-stable (--install):
 dependency problems - leaving unconfigured
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for gnome-menus (3.13.3-6ubuntu3) ...
Processing triggers for desktop-file-utils (0.22-1ubuntu5) ...
Processing triggers for bamfdaemon (0.5.3~bzr0+16.04.20160415-0ubuntu1) ...
Rebuilding /usr/share/applications/bamf-2.index...
Processing triggers for mime-support (3.59ubuntu1) ...
Errors were encountered while processing:
 google-chrome-stable

History with dates and time

Normally, we type the command for getting the command history in the terminal.

#history

You have to add the following line into the file  ~/.bashrc  to view the history with dates permanently.

export HISTTIMEFORMAT=”%d/ %m/ %y %T “
and then, from terminal run,

#source ~/.bashrc

Explanation of commands and switches.

history – GNU History Library
HISTIMEFORMAT – Environmental Variable
%d – Day
%m – Month
%y – Year
%T – Time Stamp
source – in short send the contents of file to shell
.bashrc – is a shell script that BASH runs whenever it is started interactively.

Simple Screen Recorder installation in Pinguy 14.04.3

One simple step to install this.
#sudo apt-get install simplescreenrecorder

Courtesy: http://linuxg.net/how-to-install-simple-screen-recorder-0-3-0-on-ubuntu-14-04-ubuntu-13-10-ubuntu-12-04-and-derivative-systems/

Installing new fonts in Pinguy 14.04.3

Step1: sudo apt-get install font-manager
Step2: Open font manager -> drag and drop new fonts into that and reload the font manager.

Avidemux installation - Video editor for Pinguy 14.04.3

Type out the following commands to install down Avidemux

sudo add-apt-repository ppa:rebuntu16/avidemux+unofficial

sudo apt-get update

sudo apt-get install avidemux2.6-gtk avidemux2.6-qt4

Audacity & Flareget installation in Pinguy 14.04.3

Installing Audacity (audio editor)
#apt-get install audacity

Installing Flareget (download manager)
https://flareget.com/download

Add Android Lolipop 5.1 in Pinguy 14.04.3 Boot entry @ HP 15-ac122tu notebook

Step 1: root@pna-HP-Notebook:~# gedit /etc/grub.d/40_custom 

Step 2: Add these lines in the bottom of the file.

menuentry "Andriod Lolipop"{

set root='(hd0,3)'

linux /android-5.1-rc1/kernel quiet root=/dev/ram0 androidboot.hardware=android_x86 acpi_sleep=s3_bios,s3_mode SRC=/android-5.1-rc1

initrd /android-5.1-rc1/initrd.img}

Step 3: root@pna-HP-Notebook:~#chmod +x /etc/grub.d/40_custom

Step 4: root@pna-HP-Notebook:~#update-grub

Step 5: root@pna-HP-Notebook:~#reboot

Installation step of Chrome 48 in HP 15-ac122tu notebook

Do the following steps to install Google Chrome:

$ sudo sh -c 'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'

$ wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -

$ sudo apt-get update

$ sudo apt-get install google-chrome-stable

Airtel 4G dongle configuration in HP 15-ac122tu notebook

Step 1: Copy the Airtel 4G data card / dongle content to one location (say /linux)
Step 2: Change permission inside /linux using chmod +x *.* and chmod +x *
Step 3: ./install_linux
Step 4: logout from GUI and login again
Step 5: Press Windows key and type airtel - find the below window for connecting with Airtel 4G.