If you want to know all possible commands from the command line of your Fortigate firewall, then log in using SSH and type the following command:

tree

Now you get the complete command tree with all options and all choices.

I use to say “backup is only for wimps”. But to be honest, I do backups. And I even store the backup media in a save place.

To get the data onto a backup device and put that one to a save place, sometimes you have to write the backup over the network.

netcat or nc, the swiss army knife of networking is a big help for that.

On the remote system, where you want to write the backup start netcat:

nc -l -p 12345 > /var/backup/name-of -the-backup-2010-08-18.tgz

• -l means listen
• -p <number> is the port, where nc listens.

On the system you want to backup  you can exclude some directories, like /proc and /sys from being backed up. So run:

echo "./proc
./sys
./tmp" > /tmp/X

Now it is time to start the backup:

cd /
tar -X /tmp/X -czpf - . | nc 11.12.13.14 12345

So you cd into the root directory, exclude the files listed in /tmp/X, write the backup to STDOUT  and backup everything under the current directory. The backup is done relative.

Of course, you could use a backup command like tar -czpf – /,  but then the backup is done absolute. You realize the advantage of doing relative backups, when you want to restore the backup into a directory. With an absolute backup everything is written back to the original location.

Sometimes you do not remember a password anymore. Like me just before. I cannot remember the root password of the one MySQL database. Well, that is not really a problem. You can easily recover it, if you got root access to the machine with the following steps:

1. Log into the system as root
2. Stop MySQL like
   /etc/init.d/mysql stop
3. Create a file, e.g. /tmp/reset, with the following content:
   SET PASSWORD FOR ‘root’@'localhost’ = PASSWORD(‘MyNewPassword’);
4. Execute the next command:
   mysqld_safe –init-file=/tmp/reset
5. Restart MySQL:
   /etc/init.d/mysql restart
6. Remove the temporary file:
   rm /tmp/reset

Adding a DKIM record to your DNS is quite simple. Add two txt records like

_domainkey.domain.com          IN TXT o=!;r=postmaster@domain.com
selector._domainkey.domain.com IN TXT v=DKIM1;k=rsa;p=<public key>

Which means:

• o=~ the server signs some mail
• o=- all mail is signed, but unsigned mail should be accepted
• o=! all mail is signed, do not accept unsigned mail
• t=y I’m still testing
• v=DKIM1 we use DKIM version 1
• k=rsa it is a RSA key
• r=<x@xx> report problems to this email address
• p=<public key> this is my public key

tcpdump and ngrep are both based on libpcap. Therefore both use the same filter expressions.

Here is the manual page of the pcap filter expression.