Links

Networking

Log Connections

tcpdump/tshark

Register ICMP replies from 10.10.13.38:
$ sudo tcpdump -n -i tun0 -XSs 0 'src 10.10.13.38 and icmp[icmptype]==8'

iptables

Add rule to register new (does not watch for related, established) connections to your machine:
$ sudo iptables -A INPUT -p tcp -m state --state NEW -j LOG --log-prefix "IPTables New-Connection: " -i tun0
Check the logs:
$ sudo grep IPTables /var/log/messages
Delete rule:
$ sudo iptables -D INPUT -p tcp -m state --state NEW -j LOG --log-prefix "IPTables New-Connection: " -i tun0

Tools

dhclient

Release the current lease on eth0 and obtain a fresh IP via DHCP in Linux:
$ sudo dhclient -v -r eth0
$ sudo dhclient -v eth0

iptables

List rules in all chains (default table is filter, there are mangle, nat and raw tables beside it):
$ sudo iptables -L -n --line-numbers [-t filter]
Print rules for all chains (for a specific chains):
$ sudo iptables -S [INPUT [1]]

fail2ban

  • /etc/fail2ban/filter.d - filters which turn into user-defined fail2ban iptables rules (automatically).
Status:
$ sudo service fail2ban status
$ sudo fail2ban-client status
$ sudo fail2ban-client status sshd
Unban:
$ sudo fail2ban-client unban --all
$ sudo fail2ban-client set sshd unbanip <IP>

OpenVPN