分類: Linux

Linux 指令教學:如何使用 ss -K 強制中斷指定 IP 的 TCP 連線

在 Linux 伺服器管理中,有時需要立即中斷某個 IP 的現有連線,例如:

  • fail2ban 已經 Ban IP
  • iptables 規則已生效
  • 但既存 TCP 連線仍在持續

這時不必重啟服務,可以使用:

ss -K

來精準關閉指定連線。

什麼是 ss

ss(Socket Statistics)是用來查看 socket 連線狀態的工具,
功能比舊版 netstat 更完整、更快速。

ss -K 是什麼?

-K  = Kill

意思是:

強制關閉符合條件的 TCP 連線

它會透過 kernel 直接發送 TCP RST,立即中斷連線。

基本用法

中斷某個來源 IP 的所有連線

ss -K src 20.91.210.252

意思是:

關閉所有「來源為 20.91.210.252」的 TCP 連線

⚠ 在伺服器上,攻擊者是來源(source),
所以必須使用 src

查看是否有連線存在

執行前可先確認:

ss -ant | grep 20.91.210.252

如果看到:

ESTAB

代表仍有已建立連線,可以使用 ss -K 中斷。

常見錯誤

❌ 錯誤寫法:

ss -K dst 20.91.210.252

在伺服器端通常應該使用 src
否則可能找不到對應連線。

與重啟服務的差別

方法影響範圍
restart Apache所有使用者
ss -K src IP只有指定 IP

使用 ss -K 可以精準操作,而不影響正常流量。

權限需求

必須使用 root 執行:

Operation not permitted

代表權限不足。

小結

ss -K 是一個非常實用的進階網路管理指令:

  • 可立即中斷指定 IP 連線
  • 不必重啟服務
  • 不影響其他使用者
  • 適用於安全事件處理

在需要精準控制 TCP 連線時,是比重啟服務更優雅的做法。

備份/恢複 CentOS 7 系統到網絡磁碟

備份 CentOS 7 系統到網絡磁碟

  • 掛載你的網絡磁碟機
mkdir -p /mnt/backup
mount -t cifs //<SMB_SERVER_IP>/backup /mnt/backup -o username=<USERNAME>,password=<PASSWORD>
  • 使用 tar 備份系統
tar --xattrs --xattrs-include='*' --acls --selinux -cvpzf /mnt/backup/centos7_backup.tar.gz --exclude=/mnt --exclude=/proc --exclude=/sys --exclude=/dev --exclude=/run --exclude=/tmp --exclude=/root_backup.tar.gz /

從網絡磁碟 恢複到 CentOS 7 系統

掛載你的網絡磁碟機

mkdir -p /mnt/backup
mount -t cifs //<SMB_SERVER_IP>/backup /mnt/backup -o username=<USERNAME>,password=<PASSWORD>

確認 centos7_backup.tar.gz 在 /mnt/backup

ls -lh /mnt/backup/centos7_backup.tar.gz

還原 tar.gz 備份

解壓 tar.gz 到 /

tar --xattrs --xattrs-include='*' --acls --selinux -xvpzf /mnt/backup/centos7_backup.tar.gz -C /

確保 /dev、/proc、/sys、/run 目錄存在

mkdir -p /dev /proc /sys /run

修復 fstab

獲取磁碟的 UUID

blkid

確保 /etc/fstab 使用正確的 UUID

nano /etc/fstab

修復 Bootloader(GRUB)

掛載必要的系統目錄

mount --bind /dev /dev
mount --bind /proc /proc
mount --bind /sys /sys
mount --bind /run /run

切換到 chroot 環境

chroot /

重新安裝 GRUB

grub2-install --target=i386-pc /dev/sda
grub2-mkconfig -o /boot/grub2/grub.cfg

更新 initramfs

dracut --force --regenerate-all

退出 chroot

exit

SELinux 修復

創建 .autorelabel

touch /.autorelabel

重新啟動並測試

重啟系統

reboot

確認系統是否正常運行

df -h
lsblk

Linux Find Command

ExamplesCreated by @dan_nanni on Instagram

find . -name “my.txt” find all files named “my.txt”

find .-type d-name “mydir” find all directories named “mydir”

find . -type f-name “*.jpg” find all “.jpg” files

find . -type f-size +100M find all files larger than 100MB

find . -type f-size +100M-size -500M find files with a specific size range

find . -type f-mtime-1 find all files modified in last 24 hours

find .-mtime-7-mtime +1 find files modified betn yesterday & a week ago

find . -type f-name “*.tmp” -delete find and remove all “.tmp” files

find . -type f-perm 0777 find all files with “777” permission

find . -type f-perm-u+x find all files executed by the user

find . -type f-name “*.txt” -exec cat {} \; find and cat all “*.txt” files

find . -type f-amin-60 find all files accessed within the last hour

find . -type f-user dan find all files owned by the user “dan”

find .-type f-ctime -2 find files created within last 2 days

find .-maxdepth 1 -name “my.txt” search only in current dir

find . -type f-name “*.txt” | xargs chmod 644 chmod all “.txt” to 644

find . -type f-name “*.jpg” | xargs tar -cf img.tgz archive all “.jpg” files

find . -type f-name “*.png” | xargs -I {} mv {} /tmp move all “.png” files

find . -type f-name “*.txt” | xargs grep “Hello” search for Hello in “.txt”

find .-xtypel-delete find and remove all broken symbolic links

find .-type d-empty-delete find and remove all empty directories

find .-newermt “2024-01-01”! -newermt “2024-03-15” use a time range

fixing VPN problem in Ubuntu Windows

Source : http://blog.wensheng.org/2015/05/fixing … buntu.html

fixing VPN problem in Ubuntu
I set up VPN in Ubuntu 14.04, but when I tried to turn it on in NetworkManager, I kept getting errors like “No suitable device found”, “Could not find source connection” in /var/log/syslog.

The problem turned out to be that my ethernet connection was not managed by NetworkManager. “nmcli c” didn’t show my wired connection.

The solution:
Edit /etc/NetworkManager/NetworkManager.conf, in section [ifupdown], change “managed=false” to “managed=true”, then do a:
“sudo service network-manager restart”
Now both vpn and ethernet connections are managed by NetworkManager, turning on VPN just works.

p.s.
About Having DNS Issues when connected to a VPN

source : https://askubuntu.com/questions/320921/having-dns-issues-when-connected-to-a-vpn-in-ubuntu-13-04

Question
I am connecting to a Cisco VPN Server using vpnc. Once connected, my machine was unable to automatically update DNS setting from the new VPN. I tested by temporarily changing /etc/resolv.conf with the proper nameserver and search domain, and everything worked. This is obviously not a long term solution, so I added an additional DNS server and search domain to the VPN settings in Network manager. With those settings in place, resolvconf does add the search domain, but not the DNS IP, and I still cannot do any lookups.

What is my next step in configuring or troubleshooting from here?

Answer

First make sure that there are no lines beginning with nameserver in any files in /etc/resolvconf/resolv.conf.d. If /etc/resolvconf/resolv.conf.d/tail is a symbolic link to target original, make it point to /dev/null.

Second, disconnect from the VPN. Edit /etc/NetworkManager/NetworkManager.conf

$ sudo gedit /etc/NetworkManager/NetworkManager.conf
and comment out

dns=dnsmasq
(i.e., add a # so that it looks like the following)

#dns=dnsmasq
and then

sudo service network-manager restart

PPTP Client Auto Reconnect Note 

# Create vpn Connection
pptpsetup –create vpnhk –server x.x.x.x –username vpn-user-name –password vpn-password –encrypt –start
pptpsetup –create vpnlw –server y.y.y.y –username vpn-user-name –password vpn-password –encrypt –start
pptpsetup –create vpnfw –server z.z.z.z –username vpn-user-name –password vpn-password –encrypt –start

# Manual Connect VPN
pon vpnhk updetach
pon vpnlw updetach
pon vpnfw updetach

# Manual Disconnect All VPN
poff -a

# Manual Route Add
route add -net 192.168.90.0 netmask 255.255.255.0 dev ppp0
route del -net 192.168.90.0 netmask 255.255.255.0

# Setup Boot up ppp Auto Connection
/etc/network/interface
auto vpnhk
iface vpnhk inet ppp
provider vpnhk

auto vpnlw
iface vpnlw inet ppp
provider vpnlw

auto vpnhk
iface vpnhk inet ppp
provider vpnlw

# added by pptpsetup
/etc/ppp/chap-secrets
joehome vpnhk “AABBccdd” 192.168.45.40
joehome vpnfw “AABBccdd” 192.168.45.60
joehome vpnlw “AABBccdd” 192.168.45.70

# Auto pptp Re-connection modify Sample
/etc/ppp/peers/vpnfw
# written by pptpsetup
pty “pptp 19.15.3.2 –nolaunchpppd”
lock
noauth
nobsdcomp
nodeflate
name joehome
remotename vpnfw
ipparam vpnfw
require-mppe-128
maxfail 0
persist

# Install quagga Dynamic Route tools
apt-get install quagga

# Dynamic Route Configuration, Need install quagga
/etc/quagga/daemons
zebra=yes
bgpd=no
ospfd=no
ospf6d=no
ripd=yes
ripngd=no
isisd=no
babeld=no

# Dynamic Route Table setting, Need install quagga
/etc/quagga/zebra.conf
hostname AnyName
password YourPassword
enable password YourPassword
ip route 192.168.1.0/24 192.168.40.1
ip route 192.168.40.0/24 192.168.40.1
ip route 192.168.60.0/24 192.168.60.1
ip route 192.168.70.0/24 192.168.70.1
ip route 192.168.90.0/24 192.168.40.1

# Dynamic Route Restart
/etc/init.d/quagga restart