These are some of my experiences with Linux. I learnt most of these from the LUGies and the Internet. These things may or may not work for you. You need to try at your own risk. I am just keeping these files so that I can refer to them often and somebody else could use them. I spent lot of time to find these answers I am putting them here for those who dont have the patience to google.

Local Ips

These are some of the ips that will always be local.

10.0.0.0 - 10.255.255.255
172.16.0.0 -172.31.255.255
192.168.0.0 - 192.168.255.255

Note

One may wonder why there is no sequence in the whole stuff. I cant help you anymore in this. With only a Textpad and limited time, I can only do this. I never forget to take small notes whenever I do things. But the problem is I will put the notes somewhere and eventually lose them. That is why this site is here Mainly this site is going to help me whenever I need to refer things later. Also somebody else can make use of it.

Different Linux Distributions
SubjectSlackware Debian RedHat
Package Managerpkgtoolapt-getrpm
sourcefoo.tgz

Slackware Package Management

Slackware uses only tarballs. i.e ordinary compressed tar files You can use either pkgtool or command line options The command line options are

installpkg --> To install packages
removepkg --> To remove packages
upgradepkg --> To upgrade packages
makepkg --> To make a Slackware compatible package
rpm2targz --> To make a Slackware package from Rpm -->Usage $:rpm2targz mypackage.rpm
rpm2tgz --> Same as the above

Requirements to build from source

  • C/C++ Compilers
  • C/C++ libraries
  • make
  • sh or bash
  • csh or tcsh
  • Perl
  • Tcl/Tk

    Place for downloaded programs

    /tmp or /packages

    Place for installing programs

    Third Party --> /usr/local
    Software for Root User --> /usr/local/sbin
    Programs that take varying space like mysql --> /opt

    How to Install( 5 steps )

  • #tar zxvf foo.tar.gz (unzip the tarballs . tar.gz and .tgz are same. .tgz is slackware type of building tar)
  • #cd foo (move to this directory)
  • #./configure --prefix=/opt (will put in opt. If not it will put in the default /usr/local)
  • #make (builds the exe from the source)
  • #make install (installs the exe. should be root to do this)

    Setting the PATH or environment variables

    Note. Keep the Makefile for future use

    Edit /etc/profile (slackware) or /etc/bashrc (redhat)

    PATH=$PATH:/usr/local/foo/bin
    export PATH

    Update /etc/profile

    source /etc/profile

    Update Database

    #makewhatis --------> updates whatis
    #updatedb ----------> updates database. You can then use locate to locate them

    Remove unwanted object files

    #make clean

    Uninstalling Software

  • #make uninstall ---> If you have the *Makefile* safely with you
  • deleting the directory itself i.e. /usr/local/foo (removing foo will uninstall)
  • if you have used the option --prefix=path then, you dont remember where it is installed. Just run ./configure again from the /tmp/foo directory or /packages/foo directory. This creates the Makefile for you. Now you can run #make uninstall

    Installing self-extracting binary

    Move the file to the desired location. say /usr/local. Just change the file permissions to execute. Then run the binary like ./binary_name.bin (eg. j2sdk-version-linux-i586.bin)

    Something about m@Linux experience.

    I run Slackware9.0 on a PII box with 4GB HDD and 385MB RAM Drive. (from 16 July 2003) I was running Slackware8.1 on my personal notebook. I upgraded to Slackware9.0 on 16 July 2003(clean Install). I dont know if there is any upgradation option in Slackware. There is a link here http://www.formsys.net/upgrade-slackware.htm But I never tried that.

    Rules I usually follow

    I always install software and packages at /usr/local
    I was not successful with setting the PATH variables with /etc/profile
    I like to set all my path in separate .sh files inside /etc/profile.d/. I find this very useful and easy to handly things.
    eg. /etc/profile.d/java.sh will contain the path and class path settings for java

    Things to remember

  • init is the parent of all the process. It reads the /etc/initab script and starts processes.
  • init calls agetty(alternative linux getty). This opens up a tty port and invokes the /bin/login command

    These commands may be very handy to anyone who wants to play around with linux

    dmesg This will show you all the installed hardware including, hard disk drives, cd rom drives and installed memory.

    /sbin/ifconfig This is useful to find your ip number. Usually it will be against eth0

    /sbin/lsmod This will list all the loaded modules on your computer.

    /sbin/lspci This will list all the PCI buses and the devices connected to them

    /sbin/lspnp This will list all the Plug and Play devices with your system, their node numbers, product identification and description. It reads from /proc/bus/pnp tree.

    nmap -v ipnumber nmap is Network exploration tool and security scanner It shows the list of ports, state and services

    cat file1 file2 > file3 --> cat(Concatenate) takes file1 and file2 as inputs and outputs to file3
    cat file1 --> displays the contents of file1
    i.e. It takes input from keyboard and output to screen

    find / -name "filename" --> Start search from the / directory. Time consuming process

    grep (Global Regular Expression Parser) command. Used for pattern matching and filtering
    Usage : ps -a | grep httpd --> Probes the active process status that matches httpd
    grep ' s ' filename --> looks for pattern with a space before, s and a space after pattern
    i.e. grep

    ps -ua --> process status command with user and all options. Will display the Parent Process ID with lot more details.

    kill Used to kill processes by PID number. Also kill -9

    chown --> used to change ownership of files and directories

    chmod ugo+x --> gives execution permission to everyone on filename
    If you are using numbers then read permission = 4, write permission = 2, execute permission = 1 ##########################################################################################################

    more --> A formatting command. While more is in action (--more- at the bottom of the screen), use b to go back, q to quit without going further down
    Usage : #ls -latr /bin | more --------------> the output of ls is piped as input to more .
    less --> similar to more but you need to type 'q' to quit explicitly.
    You can also use like #more filename or #less filename to view the contents of the file

    redirection > & >>
    These can be used to direct the output of a command to a specific file. But beware that > is extremely dangerous since it may erase your existing files.
    Usage :#cat /proc/devices > filename --> Sends the output of the cat command to filename. If already filename exists, it will be replaced with a new file. So make sure before you issue this command.
    Usage : #cat /proc/devices >>filename --> Sends the output of the cat to filename and will be added to the end. It is safer compared to the above command.
    To read the file you can use #tail filename --> Displays only the last part of the file

    Six Basic Rules to Understand Linux & Unix commands

  • Any text not enclosed by [ ] , < >, { } should be typed as it is. i.e. it means a command name
  • Text within [ ] is optional
  • Text within < > should be substituted by appropriate name or file name
  • Text within { } let you select one among the many values. eg. { a | b } means, type a or b
  • ( . . .) ellipsis means so on. i.e. you can keep on using as many parameters as you can
  • [ < name > ] means that this is optional. In case you use it, replace name by appropriate value or name

    MYSECURITY - Thanks to Gerhard Mourani gmourani@openna.com

  • 1.Set a Bios Password
  • 2.Use nmap -v ipaddress to find the opened ports
  • 3. I edited /etc/login.defs to change the PASS_MIN_LEN = 8 (Default 5) Also you can set expiry date, no. of attempts etc.
  • 4. Never sign in as Root or leave the system, logged in as root
  • 5. I edited /etc/profile and added TMOUT=3600 i.e. 60*60 = 3600 seconds
  • 6. /etc/exports contains the file definitions that are exporting the file systems using NFS If that is edited, we have to execute /usr/sbin/exportfs -a I am not using this and I just left this one.
  • 7. To disable all console applications we need the configuration files in /etc/security and need to edit /etc/pam.d/pam_console.so. But in Slackware no such things is there
  • 8. What is /etc/login.access
  • 9. edit /etc/inetd.conf This is the super server or internet daemon Permissions are changed to chmod 600 /etc/inetd.conf I turned off ftp, comsat,time,ntalk, Make sure to turn off netstat and systat. Forget not to run # killall -HUP inetd (i.e SIGHUP Command) This activates the changes. Or logout and login as root again
  • 10. #chattr +i /etc/inetd.conf --> makes this file immutable and adds security #chattr -i /etc/inetd.conf --> makes this file to be mutable again. now you can modify, rename or delete this. Note : chattr is Change file attributes on a Linux file system
  • 11. TCP_WRAPPERS I edited the /etc/hosts.allow and added the following ALL: 192.168.1. #Allows only the local hosts to connect and use inetd services I edited the /etc/hosts.deny and added the following ALL: ALL I checked using tcpdchk -->(tcp daemon check which scans the tcpd access control files, /etc/hosts.deny and /etc/hosts.allow)
  • 12. Configuring the Resolver Library /etc/host.conf My file looks like this #First look DNS and then /etc/hosts order bind, hosts #Allow machines with multiple IPs. Example, the Gateway machine I am going to configure is having 3 IPs(i.e. 3 ethernet cards) multi on #Check IP address spoofing nospoof on
  • 13. This /etc/services file contains the list of ports along with services. No need to edit this and so make it immutable. chattr +i /etc/services
  • 14. Next comes the /etc/securetty which describes the terminals the root can login. except tty1 everything was commented. So the root has now only one terminal. But su - can be issued on the others.
  • 15.

    Files I made Immutable

  • /etc/inet.d
  • /etc/services
  • /etc/passwd
  • /etc/shadow
  • /etc/group
  • /etc/gshadow
  • 16. Users I deleted using ##userdel user_name You can get a list of the users from the /etc/group file adm, lp, news, uucp I am using X Window server and so I left games. I have to use FTP service and so I left ftp
  • Groups I deleted

    SAMBA CONFIGURATION

    The samba config file is at /etc/samba/smb.conf. There will be a sample file and copy it to smb.conf
    Samba took me about a 8 man hours to set it right. There were no clear instructions on the Internet how to setup samba with a Windows XP machine. I refered a lot and finally get it done. Now my Linux machine can share files with a Windows2000 server and WinXp machines. Note : After any modification just run "testparm" to check for syntax errors

  • I run #testparm to see the contents of the smb.conf file
  • I edited /etc/samba/smb.conf and included the following # created from Panchal V's smb.conf
    #Thanks to Panchal V
    # Global parameters
    [global]
      encrypt passwords = yes
      socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
      max log size = 0
      volume = Slackware
      map to guest = Bad User
      security = user
      workgroup = DGIC_CHUBU
      server string = Samba Server
      netbios name = MYSAMBA
      log file = /var/log/samba/%m.log
      smb passwd file = /etc/samba/private/smbpasswd
    [homes]
      comment = Home Directories
      valid users = %S
      read only = No
      create mask = 0664
      directory mask = 0775
    [root]
      path = /
      browseable = no
      public = no
      writable = no
      comment = Root Dir of Linux
    [tmp]
      path = /tmp
      writable = yes
      preserve case = yes
      map hidden = yes
      comment = Store your files on Linux
      public = yes
  • Run testparm and check for any syntactical errors
  • In the Windows Xp machine make sure the following is there in the Registry. Else create one Use regedit and confirm the following is there. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "requiresignorseal"=dword:00000000 I just changed the value of "reguiresignoreseal" to 00000000
  • In the Windows 2000 machine I checked the following [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkStation\Parameters] "EnablePlainTextPassword"=dword:00000001 I edited EnablePlainTextPassword to add the value of 1(previously it was 0)
  • Create 2 users for the WinXP and Win2000 machines on the Linux machine using #adduser The WinXP user is chubu01 with no password. (Just Hit enter when prompted for password)
  • The smbpasswd file lies at /etc/samba/private/smbpasswd
    Add users using #smbpasswd -a root
    Choose a different password for root for security reasons
    Add users for WinXP machine (no password) and Win2000 machine(in my case with password)
  • Type testparm and check for syntactical errors
  • Execute #killall smbd nmbd
  • Restart samba daemons using
    #smbd -D
    #nmbd -D

    CUPS - Common Unix Print Systems

    By Default upto Slackware9.0, CUPS has not been included with the default packages So I downloaded cups-1.1.19-source.tar.gz Untar using tar zxvf cups-1.1.19-source.tar.gz to /usr/local Install using #./configure ,# make , #make install
    Note : It will create a new init.d directory under /etc/rc.d/ The cups startup/stop script will be located under /etc/rc.d/init.d/cups use #cups start ==> to start cups #cups stop ==> to stop cups

    My Printer is Epson LP8800C Laser Printer

  • I downloaded eplaser-cups-driver-3.0.6.tgz to /home/kayamboo/downloads/printerdriver
  • I unzipped using tar zxvf eplaser-cups-driver-3.0.6.tgz
  • I copied Epson-LP-8800C-lp8800c-cups.ppd.gz to /usr/share/cups/model/foomatic/Epson/ directory
  • /usr/share/apsfilter/SETUP
  • My line printers scheduler's spooldir is /var/spool/lpd
  • I used cat /proc/devices to find the loaded devices and *lp* is listed there.
  • Slackware9.0 comes with the following ghostscript7.05 a2ps apsfilt www.rocky.molphys.leidenuniv.nl Some useful commands to get system wide information
  • cat /proc/devices ==> active devices
  • cat /proc/cpuinfo ==> cpu information
  • cat /proc/meminfo ==> installed memory
  • cat /proc/modules ==> loaded modules
  • cat /proc/pci
  • cat /proc/partitions ==> partition information (hda, hd1,hd2 ....)
  • cat /proc/swap ==> swap size information
  • cat /proc/version ==> Linux kernel version with gcc version
  • cat /proc/uptime ==> system uptime 9805 XWindows XWindows consists of a WindowManager(A Virtual Desktop) and a Desktop Environment Eg. SawFish Window Manager + GNOME Desktop Environment KWM WindowManager + KDE Desktop Environment (KDE Startup setup is at /etc/inittab) Switching between XWindows ~/.xinitrc file is run at every startup. If there is no ~/.xinitrc file then the default /etc/x11/xinit/xinitrc runs. This then calles ~/.Xclients. ~/.xinitrc can exist alone but ~./Xclients cannot. #!/bin/sh ######################################################################## # .xinitrc # # 5/22/00 Stefan Jeglinski, jeglin@rapierbit.org # # based on one written by hollis+@andrew.cmu.edu 1/5/99 # # Thanks Hollis! # # # # To use: # # * if you have a ~/.Xclients, remove it. The system copy is in # # /etc/X11/xinit/Xclients if you ever want it back. # # # # * place this file in your home (~) directory. For root, # # home is /root. # # # # * Type 'startx after', 'startx kde', etc. # # # ######################################################################## userresources=$HOME/.Xresources usermodmap=$HOME/.Xmodmap xclients=$HOME/.Xclients sysresources=/usr/X11R6/lib/X11/xinit/.Xresources sysmodmap=/usr/X11R6/lib/X11/xinit/.Xmodmap # merge in defaults and keymaps if [ -f $sysresources ]; then xrdb -merge $sysresources fi if [ -f $sysmodmap ]; then xmodmap $sysmodmap fi if [ -f $userresources ]; then xrdb -merge $userresources fi if [ -f $usermodmap ]; then xmodmap $usermodmap fi ######################################################################## # # # to fix backspace and delete in X if necessary; # # these may need to be removed for XFree86 4.x # # # ######################################################################## xmodmap -e "keycode 59 = BackSpace" xmodmap -e "keycode 125 = Delete" ######################################################################## # # # accelerate the mouse in the window manager; # # Gnome and KDE typically override this # # # ######################################################################## xset m 8 3 ######################################################################## # # # define mouse button usage in the window manager; # # this directive may be "eaten" by the Gnome or KDE startup # # and may therefore need to be run again after the environment # # is started # # # ######################################################################## xmodmap -e "pointer = 2 1 3" ######################################################################## # # # * Set variables for different window managers and environments # # # # * $1 represents the first argument to startx. # # # # * WM is the name of the program to execute. This is normally the # # window manager itself, but in the case of kde or gnome it needs # # to be the gnome-session or startkde script. # # # ######################################################################## ARG=$1 # specify the default argument here: DEFAULTWM="gnome-session" if [ ! $ARG ]; then ARG=$DEFAULTWM fi ######################################################################## # # # The difference between a desktop environment and a window manager # # is that an environment provides a desktop, while a window manager # # just handles the window dressing. An environment needs a WM, but # # not vice versa. The only 2 environments are Gnome and KDE. Common # # window managers for Gnome are Sawfish and Enlightenment. KDE # # has its own window manager (kwm). # # # ######################################################################## # to add another wm/environment here, just copy, paste, # and edit the 'elif' line: if [ $ARG = "gnome" ]; then WM=gnome-session elif [ $ARG = "kde" ]; then WM=startkde elif [ $ARG = "after" ]; then WM=afterstep elif [ $ARG = "wm" ]; then WM=wmaker elif [ $ARG = "en" ]; then WM=enlightenment elif [ $ARG = "bb" ]; then WM=blackbox elif [ $ARG = "ice" ]; then WM=icewm else WM=$DEFAULTWM fi ######################################################################## # # # set a background window color for window managers only; # # if an environment starts up, it will override this # # # ######################################################################## xsetroot -solid MidnightBlue ######################################################################## # # # don't turn on screen-saver for window manager # # # ######################################################################## #xset s on ######################################################################## # # # turn on a REAL screensaver, http://www.jwz.org/xscreensaver/ # # # ######################################################################## xhost +localhost xscreensaver & xscreensaver-command -activate ######################################################################## # # # The next line actually runs the selected window manager and logs # # the output (stdout AND stderr) to the file ~/console. If you run a # # # # tail -f ~/console # # # # in an xterm, it will display the (constantly updated) contents of # # that file. This can be usful for talk requests, wm errors, etc. # # # ######################################################################## exec $WM >& ~/console ------------------------------------------------------------------------------------END of File # add the following example aliases to .bashrc: alias sa='startx after -- -mode 16 -depth 16' alias sk='startx kde -- -mode 16 -depth 16' alias sg='startx -- -mode 16 -depth 16' then just type sa, sk, or sg from the command line. # A desktop environment (for example, startkde) cannot be launched directly from the console, because the X server will not have been launched. The instructions in .xinitrc are only run after the X server starts, and for that startx must be used to begin the process. In Slackware a soft link will be set for your default WindowManager in /etc/X11/xinit/.xinitrc If you want to switch from KDE to Gnome or vice versa, just make sure the corresponding script is set as softlink to .xinitrc Types of File Systems in Linux ( From Slackware Unleashed )
  • User data --> created by user
  • System data --> usually a plain text used by the Linux system to keep track of activities by users
  • Executable files --> programs or instructions for the system to perform

    Basics of Shell

    Shell is a interface between the user and the kernel Each users default shell is created at the time of creating the user. It can be seen from /etc/passwd How I added Japanese Support to my computer By Default Slackware Installation does not come with the Kde-i18n packages. So English is set as default. To add additional Language Support - Japanese 1.Download some Japanese True Type Fonts. I downloaded TrueType-kochi-4.3.1-0v10.noarch.rpm from Linux Rpm project Make it Slackware compatible #rpm2tgz TrueType-kochi-4.3.1-0v10.noarch.rpm Now you get TrueType-kochi-4.3.1-0v10.noarch.tgz Install the fonts using installpkg #installpkg TrueType-kochi-4.3.1-0v10.noarch.tgz This will install the fonts to /usr/X11/lib/X11/fonts/TrueType directory So Now we have added the desired fonts to XFree86. 2. Secondly download kde-i18n-ja-3.1-noarch-1.tgz for japanese support and kde-i18n-ta-3.1-noarch-1.tgz for tamil language support. 3. To Begin with, KDE support for Japanese. Move kde-i18n-ja-3.1-noarch-1.tgz to / (root directory) Install the package #installpkg kde-i18n-ja-3.1-noarch-1.tgz This will install the packages to /opt/kde/share/local/ja directory You can check the installed packages from /var/log/packages 4. To make it available systemwide do the following Edit /etc/X11/XF86Config Add to the Modules Section if not present Load "freetype" Note. You can comment this and use Load "xtt" Add to the Files Section the following FontPath "/usr/X11R6/lib/X11/fonts/TrueType/" 5. Now go and startx Go to StartMenu-->System-->KDE Control Center Choose Regional & Language Options Now you can select your country in the country tab Now you can select the languages in the Add languages tab and pick up japanese or whatever you want Linux Commands ls cd cp mv pwd mkdir rm env history fc - used to edit command history(fix command) alias dir='ls -F' unalias dir wc filename - prints the no. of lines, words, characters and filename(word count) wc < filename -same as above pipeline==> | ==> output of first command becomes input of the second to unzip bz2 files use tar -jxvf filename.tar.bz2 Emacs Tutorial emacs filename.ext M-q --> Reformat contents in a file. C-g --> To restore emacs if you type any wrong commands C-x C-s --> to save the buffer to a file C-x C-c --> to quit emacs If you are stuck, press f1 for help C-v --> Move Forward a screen M-v --> Move Backward a screen C-l --> Clears the screen and display everything C-p --> Previous Line C-n --> Next Line C-f --> Move Forward C-b --> Move Backward Note : Usually Meta key (M - i.e. ALT or ESC) refers to English like text. Control Key(C) refers to characters or lines M-b --> Move Backward one word M-f --> Move Forward one word C-a --> Beginning of a line C-e --> End of a line M-a --> Beginning of a sentence M-e --> End of a sentence M-< --> Beginning of file M-> --> End of file To give arguments to commands use C-u eg. C-u 8 C-p --> moves back 8 lines To kill buffer or help windows C-x 1 --> Makes only the main window to display and kills other windows C-k --> Kills from the cursor to end of line M-k --> Kills from the cursor to end of sentence C-y --> yanks the killed text at the cursor location. Note : C-z To temporarily exit emacs fg --> To return back to emacs %emacs --> Same as above C-x s --> saves some buffers. C-x C-b --> Give the buffer list Note : To search C-s --> forward search C-r --> reverse search To quit search Note : To open 2nd window C-x 2 --> Opens 2nd window with same content displaying contents from the cursor position C-x o --> Switches cursor between windows C-M-v --> Scrolls down the bottom window while cursor is in top window C-x 2 C-f --> Open 2nd window with new filename Note : To display help C-h Linux Firewall setup on Redhat http://tennis.ecs.umass.edu/~czou/index.html IP Tables ip tables is used to setup, maintain and inspect the IP packet filtering rules in the Linux Kernel The three tables are as follows filter --> default table with the built chanis INPUT, FORWARD AND OUTPUT default policy for OUTPUT AND FORWARD is DROP unless necessary nat --> consists of 3 chains PREROUTING, OUTPUT & POSTROUTING. Consulted in case of new packet creation. mangle --> consists of 2 chains PREROUTING & OUTPUT. From kernel 2.4.17, three more built-in chains like INPUT, FORWARD & POSTROUTING. Used for specialized packet alterations. RedHat Firewall Server adduser #adduser -m -g users -p "" suresh After this I need to change the password Selected medium security while installation. This blocks me from connecting to the server from a windows client using ssh I configured ssh from a particular client like this #/usr/sbin/lokkit Once the window appears, select customize --> select trusted eth0 or eth1 --> enable connections from ssh Click OK lokkit chkconfig sshd on modify /etc/hosts.allow file sshd:192.168.1.13 check if ssh is running now netstat -la | grep ssh netstat -lna iptables -A INPUT -p tcp --dport 22 -j ACCEPT Might need to add: iptables -A INPUT -p udp --dport 22 -j ACCEPT First turn on ssh using: chkconfig sshd on Next add the ssh clients adresses to the /etc/hosts.allow file: sshd: xxx.xxx.xxx.xxx Then check to see is ssh is up and listening: netstat -la | grep ssh You should see a line that says sshd is listening on port 22 Might need to do netstat -lna to see the port numbers Now if you specifically told linux to enable incoming ssh connections during the initial installation process, sshd should be working. If you didn't, you will probably have to add a line to iptables to accept incoming ssh connections. Something like: iptables -A INPUT -p tcp --dport 22 -j ACCEPT Might need to add: iptables -A INPUT -p udp --dport 22 -j ACCEPT Also do yourself a favor and disable root logins via ssh in its configuration file. As for explaining how iptables works, it's kind of complex to explain the entire way it functions. But essentially your writing a bunch of rules that tell linux how to handle various incoming packets. The rules are organized logically into "chains" (hence the original name ipchains) where each chain describes a general category of connections (INPUT, OUTPUT, FORWARD, etc). As a packet arrives, iptables will go through each individual rule in the chain from the first rule in the chain on, to try and find a rule that matches the packet. If it finds a rule that matches, it will jump to the target (-j ACCEPT, DENY, REJECT, etc) and perform that action on the packet, ignoring the rest of the rules in the chain. If it doesn't match a rule, it will fall through the entire chain until it hits the default policy. There is also the added complexity that the chains are organized into mutliple tables that do various things such as network address translation (nat), packet filtering, etc. Unfortunately that's a really oversimplified explanation and there is alot more to it than that, so checking out the howto's is definitely advisable: http://www.netfilter.org http://www.tldp.org/HOWTO/ There are alot of different flags and options that can be set and not all of them work with each other. To be honest, I think writing iptables is more like an art than a science and can be one of the harder things to do in linux. setting up a gateway on redhat9 /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 BOOTPROTO=static BROADCAST=192.168.1.255 IPADDR=192.168.1.11 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes to erase history do #HISTSIZE = 0 C Programming To find all the syscall libraries #man syscalls c library functions * time() * ctime() * atexit() * ceil() * rand() * toupper() * srand() * exit() * isalpha() * memcmp() * abs() * clock() * pow() * floor() * sqrt() * kbhit() * modf() * fmod() * rename() * getchar() * atoi() * atof() * isdigit() * fabs() * strcat() * div() * isgraph() * abort() * remove() * strerror() * getenv() * putenv() * isalnum() * isspace() * tolower() * log10() * log() * asin() * acos() * atan() * puts() * putchar() * ispunct() * isupper() * strcmp() * sinh() * cosh()