Tag: Linux

🚀 How to Install Docker on Ubuntu Server (Step-by-Step Guide)
Docker has become an essential tool for developers, system administrators, and DevOps engineers. It allows you to run applications in lightweight containers, making deployments faster, more consistent, and easier to manage.

In this guide, you’ll learn how to install Docker on an Ubuntu server and get started with your first container.

🧠 What is Docker?

Docker is a containerization platform that enables you to package applications along with their dependencies into portable containers. These containers can run consistently across different environments.

🔧 Step 1: Update Your System

Before installing Docker, update your system packages:
sudo apt update && sudo apt upgrade -y
🔧 Step 2: Install Required Dependencies

Install packages required to use HTTPS repositories:
sudo apt install apt-transport-https ca-certificates curl software-properties-common -y
🔐 Step 3: Add Docker’s Official GPG Key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor
📦 Step 4: Add Docker Repository
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
⚙️ Step 5: Install Docker Engine
sudo apt update sudo apt install docker-ce docker-ce-cli containerd.io -y
✅ Step 6: Verify Docker Installation

Run the following command to test Docker:
sudo docker run hello-world
If Docker is installed correctly, you’ll see a confirmation message.

🔓 Step 7: Run Docker Without sudo (Optional)

To run Docker commands without using sudo, add your user to the Docker group:
sudo usermod -aG docker $USER
Then log out and log back in for the changes to take effect.

🧩 Step 8: Install Docker Compose

Docker Compose allows you to define and manage multi-container applications.
sudo apt install docker-compose -y
🌐 Step 9: Run Your First Container

Example: Run Nginx Web Server
docker run -d -p 8080:80 nginx
Now open your browser and visit:
http://<your-server-ip>:8080
You should see the Nginx welcome page.

🧪 Example: Run a Test Container
docker run hello-world
🔐 Basic Security Tips

This verifies that Docker is working correctly.
- Avoid exposing Docker services directly to the internet without proper security controls
- Keep your system updated regularly
- Use official images from trusted sources
- Limit container privileges when possible
💡 Useful Docker Commands

Command Description
docker ps List running containers
docker ps -a List all containers
docker images List images
docker stop <id> Stop container
docker rm <id> Remove container

🎯 Conclusion

Docker simplifies application deployment by packaging everything into containers. With just a few commands, you can install Docker, run applications, and manage services efficiently.

Whether you’re a developer, system administrator, or learner, Docker is a powerful tool worth mastering.
March 22, 2026
How to set a bandwidth restriction per individual user on Sophos Firewall (SFOS v19.5 or v20.x)
✅ Goal:

Limit each user to:
- Download: 2 Mbps
- Upload: 512 Kbps
(You can change numbers as needed.)

🛠 Step-by-step

Step 1: Create Traffic Shaping Policy
Log in to Sophos Firewall web admin (https://<firewall-ip>:4444)

Go to:
Protect > Traffic Shaping

Click Add

Fill like this:
| Field | Example |
|——|———|
| Name | Limit_2Mbps_per_user |
| Policy Association | User |
| Rule type | Individual |
| Priority | 5 (lower is higher priority) |
| Bandwidth usage type | Limit |
| Guaranteed bandwidth | (leave empty) |
| Maximum bandwidth (download) | 2048 Kbps |
| Maximum bandwidth (upload) | 512 Kbps |
✅ Save

Step 2: Apply to individual users
Go to:
Authentication > Users

Click on the user you want to limit

Under Traffic shaping policy, choose:
Limit_2Mbps_per_user

Save
Repeat for each user you want to limit.

Step 3: Confirm the firewall rule matches

Bandwidth limit only applies to traffic that matches a firewall rule.
Go to:
Rules and Policies > Firewall Rules

Confirm you have a rule like:
- Source zone: LAN
- Destination zone: WAN
- User/Network: Any or specific users
If you already have a firewall rule for internet access, you don’t need to change it.

If you want to create a dedicated rule:
- Click Add Firewall Rule > New User/Network Rule
- Source zone: LAN
- Destination zone: WAN
- Source network: users you want to limit
- Apply as needed
Step 4: Test & Monitor

Go to:
Monitor & Analyze > Current Activities > Live Users

Watch the bandwidth column to see usage stays around your limit.
You can also see under:
- Monitor & Analyze > Current Activities > Live Connections
📝 Sample Traffic Shaping Policy Screenshot (for reference)

Name Limit_2Mbps_per_user
Policy association User
Rule type Individual
Priority 5
Guaranteed download (leave empty)
Guaranteed upload (leave empty)
Max download 2048 Kbps
Max upload 512 Kbps

✅ Summary
- Create a User-based, Individual traffic shaping policy
- Apply it to each user under Authentication > Users
- Make sure there’s a firewall rule that matches those users’ traffic
July 12, 2025

Command	Description
`docker ps`	List running containers
`docker ps -a`	List all containers
`docker images`	List images
`docker stop <id>`	Stop container
`docker rm <id>`	Remove container

Name	Limit_2Mbps_per_user
Policy association	User
Rule type	Individual
Priority	5
Guaranteed download	(leave empty)
Guaranteed upload	(leave empty)
Max download	2048 Kbps
Max upload	512 Kbps

Introduction to VTP (VLAN Trunking Protocol) and Configuration

1. What is VTP?

VTP (VLAN Trunking Protocol) is a Cisco-proprietary protocol that helps manage VLAN configurations across multiple switches within a network. It allows switches to automatically propagate VLAN changes from a central switch to others, reducing manual configuration and ensuring consistency.

Key Features of VTP:

✅ Simplifies VLAN management – No need to manually configure VLANs on each switch.
✅ Ensures VLAN consistency – VLANs are updated across the network.
✅ Reduces configuration errors – Prevents mismatches in VLAN settings.

2. VTP Modes

VTP operates in three modes:

Mode	Description
Server	The default mode; can create, modify, and delete VLANs. Sends VLAN updates to other switches.
Client	Cannot create or modify VLANs; only receives updates from the server.
Transparent	Does not participate in VTP; VLANs are managed locally but forwards VTP messages.

3. Configuring VTP (Step-by-Step)

Step 1: Configure the VTP Server

Enter global configuration mode:bashCopyEditconfigure terminal

Set the VTP domain name (must match on all switches in the domain):vtp domain MyNetwork

Set the switch to VTP server mode:tvtp mode server

(Optional) Set a VTP password for security:vtp password Cisco123

Verify VTP configuration:show vtp status

Step 2: Configure VTP Clients

Enter global configuration mode:bashCopyEditconfigure terminal

Set the same VTP domain name as the server:bashCopyEditvtp domain MyNetwork

Set the switch to client mode:bashCopyEditvtp mode client

(Optional) Set the same VTP password as the server:bashCopyEditvtp password Cisco123

Verify the client is receiving VLANs:bashCopyEditshow vlan brief

Step 3: Configure a Transparent Switch (Optional)

Enter global configuration mode:configure terminal

Set the VTP mode to transparent:vtp mode transparent

(Optional) Set the VTP domain (even though it doesn’t participate):vtp domain MyNetwork

Verify transparent mode:show vtp status

4. Verifying VTP Configuration

Command	Description
`show vtp status`	Displays VTP mode, domain, revision number, etc.
`show vtp password`	Displays the configured VTP password.
`show vlan brief`	Displays VLANs received from the VTP server.

5. Important Notes & Best Practices

🚀 Use VTP version 2 or 3 for better performance and security.
🔒 Be cautious with VTP mode changes – Adding a new switch with a higher revision number can overwrite VLANs.
🛑 Prefer using VTP transparent mode in critical networks to prevent unintended VLAN deletions.

February 23, 2025

Introduction to Useful Wireshark Filters

Photo by Valdemaras D. on Pexels.com

Wireshark is a powerful network protocol analyzer that helps users capture and analyze network traffic. To make the most out of Wireshark, using the right filters is essential. Filters help narrow down the traffic to specific protocols, IP addresses, or ports, making it easier to analyze and troubleshoot network issues.

Filter by IP Address: ip.src == x.x.x.x or ip.dst == x.x.x.x to filter by source or destination IP address.

Filter by Port: tcp.port == 80 or udp.port == 53 to filter by specific TCP or UDP ports.

Filter by Protocol: http or dns to filter by specific protocols like HTTP or DNS.

Filter by TCP Flags: tcp.flags == 0x02 to filter by specific TCP flags, such as SYN or ACK.

Filter by Packet Length: frame.len > 100 or frame.len < 100 to filter by packet length.

Filter by Conversation: ip.src == x.x.x.x and ip.dst == y.y.y.y to filter by conversations between two specific IP addresses.

Filter by HTTP Requests: http.request.method == GET or http.request.method == POST to filter by specific HTTP request methods.

Filter by DNS Requests: dns.qry.type == A or dns.qry.type == AAAA to filter by specific DNS query types.

Filter by TCP Resets: tcp.flags.reset == 1 to filter by TCP reset packets.

Filter by Sequence Number: tcp.seq == 12345 to filter by specific TCP sequence numbers.

December 28, 2024
How to check network latency using Wireshark

To test network latency using Wireshark, follow these steps to effectively capture and analyze packet data:Setting Up Wireshark

Install Wireshark: Download and install the latest version of Wireshark from the official website.
Select the Network Interface: Open Wireshark and choose the appropriate network interface to capture packets. This is typically your Ethernet or Wi-Fi connection.

Capturing Packets
Start Packet Capture:Click on the “Capture” menu and select “Start” or simply click the shark fin icon.
Allow Wireshark to run for a sufficient duration to capture relevant traffic.
Stop Packet Capture:Click on the red square button to stop capturing once you have enough data.

Analyzing Latency
Use TCP Stream Graphs:Go to “Statistics” in the menu.
Select “TCP Stream Graph” and then choose “Round Trip Time” (RTT) graph.
This graph will display the round-trip time for packets, allowing you to visualize latency over time1.

Inspect Individual Packets: Click on a specific packet in the capture window.
In the packet details pane, look for timestamps which indicate when packets were sent and received. You can calculate latency by subtracting these timestamps4.

Filter for Specific Protocols: Use display filters (e.g., tcp, icmp) to isolate specific types of traffic that may be contributing to latency issues.

Calculate Latency Using Timestamps: If you have access to both client and server captures, you can compare timestamps from both ends to measure latency more accurately by subtracting the client’s send time from the server’s receive time4.

Additional Analysis
Identify Potential Issues: Look for signs of congestion, such as packet loss or retransmissions, which can contribute to increased latency.
Use other statistics tools within Wireshark, such as “IO Graphs,” to visualize overall network performance.
By following these steps, you can effectively use Wireshark to measure and analyze network latency, helping you identify bottlenecks and optimize your network performance

December 28, 2024
Python script to check if VDB databases are updated in Cisco FMC

To check if VDB databases are updated in Cisco FMC and print the results to an Excel file using Python, you can use the following approach:

1.Access Cisco FMC through API: Use the Cisco FMC API to retrieve the VDB database information. You can find more details about the API in the Cisco FMC API documentation.

import requests
import json

fmc_feeds_url = “https://10.10.10.10/api/fmc_feeds/access”
fmc_headers = {‘content-type’: ‘application/json’}
fmc_auth = (‘admin’, ‘YourPassword’) # replace ‘YourPassword’ with your actual password

response = requests.get(fmc_feeds_url, headers=fmc_headers, auth=fmc_auth, verify=False)
feeds = json.loads(response.text)

2.Parse the API response: Extract the VDB database information from the API response.

vdb_databases = [feed for feed in feeds[‘items’] if feed[‘name’].startswith(‘VDB’)]

3.Create an Excel file and print the results: Use a library like pandas to create an Excel file and print the results.

import pandas as pd

df = pd.DataFrame(vdb_databases)
df.to_excel(‘VDB_databases.xlsx’, index=False)

October 19, 2024

25 Basic Linux Commands For Beginners

Basic Linux Terminal Commands
S.No.	Linux Commands	Functions
1	Is	Displays information about files in the current directory.
2	pwd	Displays the current working directory.
3	mkdir	Creates a directory.
4	cd	To navigate between different folders.
5	rmdir	Removes empty directories from the directory lists.
6	cp	Moves files from one directory to another.
7	mv	Rename and Replace the files
8	rm	Delete files
9	uname	Command to get basic information about the OS
10	locate	Find a file in the database.
11	touch	Create empty files
12	ln	Create shortcuts to other files
13	cat	Display file contents on terminal
14	clear	Clear terminal
15	ps	Display the processes in terminal
16	man	Access manual for all Linux commands
17	grep	Search for a specific string in an output
18	echo	Display active processes on the terminal
19	wget	download files from the internet.
20	whoami	Create or update passwords for existing users
21	sort	sort the file content
22	cal	View Calendar in terminal
23	whereis	View the exact location of any command typed after this command
24	df	Check the details of the file system
25	wc	Check the lines, word count, and characters in a file using different options

February 11, 2024

Tag: Linux

✅ Goal:

🛠 Step-by-step

Step 1: Create Traffic Shaping Policy

Step 2: Apply to individual users

Step 3: Confirm the firewall rule matches

Step 4: Test & Monitor

📝 Sample Traffic Shaping Policy Screenshot (for reference)

✅ Summary