Monthly Archives: juin 2014

OpenVPN one single client configuration file

You can include certificates in the OpenVPN client configuration file.
Put ca.crt between <ca> and </ca>.
Put client.crt between <cert> and </cert>.
Put client.key between <key> and </key>.

Setting up iptables for Debian

This is a starting script for iptables:

touch /etc/init.d/mon_firewall
chmod +x /etc/init.d/mon_firewall
#!/bin/sh

### BEGIN INIT INFO
# Provides:      iptables
# Required-Start:
# Should-Start:
# Required-Stop:
# Should-Stop:
# Default-Start:   2 3 4 5
# Default-Stop:       0 1 6
# Short-description:   iptables
# Description:       Firewall
### END INIT INFO

# chargement/déchargement d'iptables

case "$1" in
'start')
/sbin/iptables-restore < /etc/config_firewall
RETVAL=$?
;;
'stop')
/sbin/iptables-save > /etc/config_firewall
RETVAL=$?
;;
'clean')

/sbin/iptables -t filter -F
/sbin/iptables -t nat -F
/sbin/iptables -t mangle -F
/sbin/iptables -t raw -F
/sbin/iptables -t filter -P INPUT ACCEPT
/sbin/iptables -t filter -P OUTPUT ACCEPT
/sbin/iptables -t filter -P FORWARD ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT
/sbin/iptables -t mangle -P PREROUTING ACCEPT
/sbin/iptables -t mangle -P OUTPUT ACCEPT
/sbin/iptables -t mangle -P POSTROUTING ACCEPT
/sbin/iptables -t mangle -P FORWARD ACCEPT
/sbin/iptables -t mangle -P INPUT ACCEPT
/sbin/iptables -t raw -P OUTPUT ACCEPT
/sbin/iptables -t raw -P PREROUTING ACCEPT
RETVAL=$?
;;
'restart')
$0 stop && $0 start
RETVAL=$?
;;
*)
echo "Usage: $0 { start | stop | restart | clean}"
RETVAL=1
;;
esac
exit $RETVAL
chmod +x /etc/init.d/mon_firewall
update-rc.d mon_parefeu start XX S . stop YY 0 6 .

with XX number before networking and YY after networking

Linux reboot command does not work anymore

Reboot command does not work anymore ?
However you can do a reboot in anoher way:

Flush I/O buffers for not wasting data

echo s > /proc/sysrq-trigger

Unmount all partitions then remount RO

echo u > /proc/sysrq-trigger

Finaly reboot the system

echo b > /proc/sysrq-trigger