route essential reference

Adding a route:

route add -net [net or host] gw [gw IP] netmask [mask] dev [interface]

Removing a route:

route del -net [net or host] gw [gw IP] netmask [mask] dev [interface]

Adding/removing a default route:

route add/del default gw [IP]

Listing routes using IPs:

route -n

Rejecting a specific host:

route add -host [IP] reject

fail2ban essential reference

Get the active jails:

# fail2ban-client status
Status
|- Number of jail: 1
`- Jail list: sshd

Show the banned IP in a jail:

# fail2ban-client status sshd
Status for the jail: sshd
|- Filter
| |- Currently failed: 3
| |- Total failed:     1907
| `- File list:        /var/log/secure 
`- Actions
  |- Currently banned: 0
  |- Total banned:     381
  `- Banned IP list:

You can also list the banned IPs using iptables -L.

Unban an IP:

fail2ban-client set [JAIL] unbanip [IP]

Ban an IP:

fail2ban-client set [JAIL] banip [IP]

Log file:

/var/log/fail2ban.log

Updating Solaris 11

Check if there are any updates available:

pkg list -u

-u will show only the packages for which updates are available.

Check the latest package version in the repository:

pkg info -r system/zones

(Optional) Perform a dry run:

pkg update -nv

Update:

pkg update

Install or update the Certificate and Key for Solaris Support Repository

If it’s the first time using the Support Repository, you need to configure the solaris publisher with the new certificate and key found on the certificate page:

pkg set-publisher -g https://pkg.oracle.com/solaris/support/ -c pkg.oracle.com.certificate.pem -k pkg.oracle.com.key.pem  solaris

To verify that the configuration has succeeded:

$ pkg publisher solaris        
Publisher: solaris
Alias:
Origin URI: https://pkg.oracle.com/solaris/support/
Origin Status: Online
SSL Key: /var/pkg/ssl/key
SSL Cert: /var/pkg/ssl/cert
Cert. Effective Date: March 19, 2020 at  9:11:27 PM
Cert. Expiration Date: March 27, 2022 at  9:11:27 PM
Client UUID: uuid
Catalog Updated: March 11, 2020 at  5:41:19 PM
Enabled: Yes

To update expired certificate and key, simply run the command above omitting the -g switch, as the repository is already configured on the system.