IT General Knowledge
===
[ToC]
# Newline Character
- Classic Mac OS: `\r`
- Unix-like: `\n`
- Windows: `\r\n`
# IP
## Public Network vs Private Network
# Load Balance
## Load Balancer (L4 Load Balancer)
- L4 meaning transport layer in OSI model.
- It make route decision based on IP & port.
## Reverse Proxy (L7 Load Balancer)
- L7 meaning application layer in OSI model.
- It's a public virtual host for internal web servers.
### HTTP Request Headers
#### Non-Standard Headers
- `X-Forwarded-For`
- `X-Real-IP`
- `X-Forwarded-Host`
- `X-Forwarded-Proto`
#### RC7239
- `Forwarded`
# tmux
## Prefix
- All tmux shortcut started with prefix
- Default: `^B`
- I prefer: ` or `Escape`
- My tmux configuration: [.tmux.conf](https://gist.github.com/HuaiShaoChang/765cc564325488ac928817944c56a6ea)
## User Configuration
- Location: `~/.tmux.conf`
```bash=
# VI-style control in copy-mode
set-window-option -g mode-keys vi
# emacs-style control in status-line
set-option -g status-keys emacs
# Move around panes with hjkl like VIM
bind -r h select-pane -L
bind -r j select-pane -D
bind -r k select-pane -U
bind -r l select-pane -R
# Resize panes
bind -r M-h resize-pane -L 1
bind -r M-j resize-pane -D 1
bind -r M-k resize-pane -U 1
bind -r M-l resize-pane -R 1
# Change tmux prefix to Esc
unbind C-b
set-option -s escape-time 0
set-option -g prefix Escape
bind Escape send-prefix
# Toggle status bar
bind t set-option status
# Binding some shortcuts
bind-key C-r source-file ~/.tmux.conf\; display "~/.tmux.conf reloaded."
bind-key C-l clear-history\; display "clear history"
bind-key C-c list-commands\; display "list commands"
```
## Session & Client Operations
- List sessions: `tmux ls`
- ~~List clients: `tmux lsc`~~, I never used.
- Attach to last used session: `tmux attach` or `tmux a`
- Attach to specific session: `tmux a -t <target session>`
- Detach client: `tmux detach` or prefix, `d`
- Switch to previous client: prefix, `(`
- Switch to next client: prefix, `)`
## Window & Pane Operations
- Split window (to panes): prefix, `%`/`"`
- Move around panes: prefix, arrow keys(↓/←/→/↑)
- Kill pane: prefix, `x`
- New window: prefix, `c`
- Select the previous window: prefix, `p`
- Select the next window: prefix, `n`
## History Operations
- Enter copy mode: prefix, `[`
- Leave copy mode: `q`
## Other Shortcuts
- List key bindings: prefix, `?`
# PowerShell
## Create TLS Certificate
```powershell
New-SelfSignedCertificate -DnsName mydomain.com -FriendlyName mydomainAlias -NotAfter (G
et-Date).AddYears(1)
```
## Disable Weak Cipher
```powershell
Disable-TlsCipherSuite -Name "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
```
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ecdh_x25519) - A
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
# Nmap
## SSL/TLS
- `nmap -sV --script ssl-enum-ciphers -p 443 <host>`
# SELinux
## SSH Port
- `sudo semanage port --list | grep ssh`
- `semanage port -l`
- `sudo semanage port --add --type ssh_port_t --proto tcp 1234`
- `semanage port -at ssh_port_t -p tcp 1234`
# Database
## MySQL
### Reset root password
- [MySqL 8.0.11](https://stackoverflow.com/questions/50691977/how-to-reset-the-root-password-in-mysql-8-0-11)
### Create & Grant user
```mysql=
CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'user_password';
CREATE USER 'newuser'@'10.8.0.5' IDENTIFIED BY 'user_password';
CREATE USER 'newuser'@'%' IDENTIFIED BY 'user_password';
GRANT permission1, permission2 ON database_name.table_name TO 'database_user'@'localhost';
GRANT CREATE, DROP, DELETE, INSERT, SELECT, UPDATE ON database_name.* TO database_user@'localhost';
GRANT ALL PRIVILEGES ON *.* TO 'adminuser'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
```
### Create Database
```mysql=
CREATE DATABASE mydatabase;
CREATE DATABASE my_unicode_database CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
```
## Oracle 11g
### Export / Import
1. Table Exports/Imports
```bash=
expdp username/password@ORCL1 tables=AAA,BBB dumpfile=AAA_BBB.dmp
impdp username/password@ORCL2 tables=AAA,BBB dumpfile=AAA_BBB.dmp
```
3. Schema Exports/Imports
```bash=
expdp username/password@ORCL1 schemas=username dumpfile=username.dmp
impdp username/password@ORCL2 schemas=username dumpfile=username.dmp
```
4. Database Exports/Imports
```bash=
expdp \"sys/password@ORCL as sysdba \" full=Y dumpfile=ORCL.dmp
impdp \"sys/password@ORCL as sysdba \" full=Y dumpfile=ORCL.dmp
```
## Oracle 19c
### Install on Centos 7
1. RPM
```bash=
sudo yum install bind-utils compat-libcap1 compat-libstdc++-33 glibc-devel ksh libaio-devel libstdc++-devel net-tools nfs-utils psmisc smartmontools sysstat unzip xorg-x11-utils xorg-x11-xauth
curl -O https://yum.oracle.com/repo/OracleLinux/OL7/latest/x86_64/getPackage/oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm
sudo rpm -i oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm
sudo rpm -i oracle-database-ee-19c-1.0-1.x86_64.rpm
```
2. Config /etc/hosts
```bash=
sudoedit /etc/hosts
<server fixed IP> <server hostname>
```
4. Config
```bash=
sudoedit /etc/init.d/oracledb_ORCLCDB-19c
export ORACLE_SID=ORCL
export CREATE_AS_CDB=false
sudo cp /etc/sysconfig/oracledb_ORCLCDB-19c.conf /etc/sysconfig/oracledb_ORCL-19c.conf
sudo /etc/init.d/oracledb_ORCLCDB-19c configure
```
3. Check config log
```bash=
sudo su - oracle
less /opt/oracle/cfgtoollogs/dbca/ORCLCDB/ORCLCDB.log
```
4. Set Environment Variables for Oracle user
```bash=
sudo su - oracle
vim ~/.bash_profile
export ORACLE_HOME=/opt/oracle/product/19c/dbhome_1
export ORACLE_SID=ORCL
export PATH=$PATH:$ORACLE_HOME/bin
```
5. Create a DBA user
```bash=
sudo su - oracle
sqlplus / as sysdba
```
```sql=
CREATE USER mydba IDENTIFIED BY "mypassword";
GRANT DBA TO mydba;
```
6. Firewall
```bash=
sudo firewall-cmd --permanent --add-port=1521/tcp
sudo firewall-cmd --reload
```
### Install on CentOS 8
1. RPM
```bash=
sudo dnf install https://yum.oracle.com/repo/OracleLinux/OL8/baseos/latest/x86_64/getPackage/oracle-database-preinstall-19c-1.0-1.el8.x86_64.rpm
sudo echo <ip> <FQDN> <short hostname> >> /etc/hosts
sudo rpm -i oracle-database-ee-19c-1.0-1.x86_64.rpm
```
2. Config
```bash
sudoedit /etc/init.d/oracledb_ORCLCDB-19c
export ORACLE_SID=ORCL
export CREATE_AS_CDB=false
sudo /etc/init.d/oracledb_ORCLCDB-19c configure
```
3. Check config log
```bash=
sudo su - oracle
less /opt/oracle/cfgtoollogs/dbca/ORCLCDB/ORCLCDB.log
```
4. Set Environment Variables for Oracle user
```bash=
sudo su - oracle
vim ~/.bashrc
export ORACLE_HOME=/opt/oracle/product/19c/dbhome_1
export ORACLE_SID=ORCL
export PATH=$PATH:$ORACLE_HOME/bin
```
5. Create a DBA user
```bash=
sudo su - oracle
sqlplus / as sysdba
```
```sql=
CREATE USER mydba IDENTIFIED BY "mypassword";
GRANT DBA TO mydba;
```
6. Firewall
```bash=
sudo firewall-cmd --permanent --add-port=1521/tcp
sudo firewall-cmd --reload
```
## Oracle
### Tablespace
```sql=
CREATE TABLESPACE TTT DATAFILE 'ttt_data.dbf' SIZE 10m AUTOEXTEND ON NEXT 10m;
DROP TABLESPACE TTT INCLUDING CONTENTS AND DATAFILES CASCADE CONSTRAINTS;
```
### Privileges
```sql=
-- DBA
SELECT * FROM ROLE_TAB_PRIVS;
SELECT * FROM DBA_SYS_PRIVS;
SELECT * FROM DBA_TAB_PRIVS;
SELECT * FROM DBA_ROLE_PRIVS;
-- Normal user
SELECT * FROM USER_ROLE_PRIVS;
```
### Backup Table
```sql=
create table aaa_bak as select * from aaa;
```
# Log Rotation
## logrotate
### logrotate.d
Convention is to put logrotate config file in directory logrotate.d
```logrotate=
/path/to/log/file {
compress
copytruncate
daily
dateext
dateformat .%Y%m%d
rotate 999
}
```
### logrotate manually
```bash
logrotate -s /path/to/logrotate/state/file /path/to/logrotate/config/file
logrotate -fs /dev/null /path/to/logrotate/config/file
logrotate /path/to/config/file &>/dev/null
```
```crontab
/usr/sbin/logrotate /etc/logrotate.d/config &>/dev/null
```
```logrotate
/var/log/tomcat/catalina.out {
compress
copytruncate
rotate 3
postrotate
find /var/log/tomcat/ -mtime +3 -exec rm {} \;
endscript
}
```
# Shell Scripts
## Bash
### Absolute path of script
```bash=
file=$(cd "$0"; pwd)
directory=$(cd $(dirname "$0"); pwd)
```
# Container
## Docker
### Restart Policy
- `docker run --restart always ...`
- `docker update --restart=always <container>`
- `docker inspect <container>`
# Windows
## Excluded Port ranges
- Clear a lot of ports that used by The Windows NAT Driver service.
```batch=
netsh interface ipv4 show excludedportrange protocol=tcp
net stop winnat
net start winnat
netsh interface ipv4 show excludedportrange protocol=tcp
```
# Linux
## RPM Download (RedHat, CentOS)
- Download RPM that already installed.
- `--destdir`: destination directory
- `--resolve`: download dependencies (that are not installed).
```bash=
sudo yum install yum-utils
yumdownloader <package-name>
```
## Create User
```bash=
groupadd --gid 1234 mygroup
useradd --gid mygroup --uid 1234 myuser
passwd mypassword
usermod -aG wheel myuser
```
## Network
### Disable IPv6 on a specific interface
- CentOS 7
- `/etc/sysctl.conf`
- `net.ipv6.conf.eth0.disable_ipv6 = 1`
- CentOS 8
- `nmcli con modify eth0 ipv6.method disable`
## CentOS 8
### PPPoE
1. Install (by DVD)
```shell=
sudo mount /dev/sr0 /mnt
sudo rpm -i /mnt/BaseOS/Packages/ppp-<package version>.x86_64.prm
sudo rpm -i /mnt/BaseOS/Packages/NetworkManager-ppp-<package version>.x86_64.rpm
sudo umount /mnt
```
2. Install (by network)
```shell=
sudo dnf install NetworkManager-ppp
```
3. Configure Network Manager
```shell=
sudo nmcli connection edit type pppoe
nmcli> set pppoe.username <PPPoE username, e.g. xxxxxxxx@hinet.net>
nmcli> set pppoe.password <PPPoE password>
nmcli> set connection.interface-name eth0
nmcli> set connection.zone external
nmcli> set ipv6.method disabled
nmcli> save & quit
```
### DHCP Server
```shell=
sudo nmcli con modify Wired\ connection\ 1 connection.id eth1
sudo nmcli con modify eth1 ipv6.method disabled
sudo nmcli con modify eth1 ipv4.method manual ipv4.addresses 192.168.255.254/16
# sudo nmcli con modify eth1 connection.autoconnect yes
sudo nmcli con up eth1
sudo dnf install dhcp-server
sudo cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
sudoedit /etc/dhcp/dhcpd.conf
```
### NAT
```shell=
sudo nmcli con modify pppoe connection.zone external
sudo nmcli con modify eth1 connection.zone internal
sudo firewall-cmd --set-default-zone=external
```
Sign in with Wallet
Connect another wallet