ip -s neighbour flush all
Iptables: block all traffic except SSH
I needed to update some servers and block traffic generated by a lot of services. Since I couldn’t block every single service neither disconnect the network, I used this simple iptables rule:
iptables -A INPUT -p tcp -m state --state NEW -m multiport ! --dports 22 -j REJECT
Adding a secondary IP address (CentOS, Fedora, RHEL)
You will not need a secondary NIC but you’ll create virtual adapters as the secondary IP will be routing through the primary.
Network configurations are stored in /etc/sysconfig/network-scripts
network-scripts$ ls -l | grep ifcfg
-rw-r--r--. 1 root root 304 Nov 11 19:04 ifcfg-eth0
-rw-r--r--. 1 root root 254 May 25 2017 ifcfg-lo
You have to name the virtual adapter in a sequential order, e.g., ifcfg-eth0:1, ifcfg-eth0:2 etc.
Copy the physical adapter configuration file:
cp ifcfg-eth0 ifcfg-eth0:1
and configure it to include these parameters:
DEVICE=<device name>
IPADDR=<IP address>
NETMASK=<netmask>
There is no need to configure a MAC address or a default gateway.
To activate the interface you can restart the entire network server (if you can do it) or use:
ifup eth0:1