Post Installation Script for Ubuntu


#!/bin/bash

Add Repos
sudo apt-add-repository -y “deb http://repository.spotify.com stable non-free”
sudo add-apt-repository -y “deb http://linux.dropbox.com/ubuntu $(lsb_release -sc) main”
sudo add-apt-repository -y “deb http://archive.canonical.com/ $(lsb_release -sc) partner”
sudo add-apt-repository -y “deb http://dl.google.com/linux/chrome/deb/ stable main”
sudo add-apt-repository -y “deb http://dl.google.com/linux/talkplugin/deb/ stable main”
sudo add-apt-repository -y ppa:webupd8team/sublime-text-3
sudo add-apt-repository -y ppa:tuxpoldo/btsync
sudo add-apt-repository -y ppa:freyja-dev/unity-tweak-tool-daily
sudo add-apt-repository -y ppa:stefansundin/truecrypt
sudo apt-key adv –keyserver pgp.mit.edu –recv-keys 5044912E
sudo apt-key adv –keyserver keyserver.ubuntu.com –recv-keys 94558F59
sudo wget -q -O – https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add –

Basic Update
sudo apt-get -y –force-yes update
sudo apt-get -y –force-yes upgrade

Install Apps
sudo apt-get -y install \
libxss1 spotify-client sublime-text-installer git gitk gitg \
virtualbox virtualbox-guest-additions-iso filezilla dropbox \
skype btsync-user gimp p7zip p7zip-full p7zip-rar unity-tweak-tool \
indicator-multiload curl gparted dkms google-chrome-stable \
ubuntu-wallpapers* php5-cli php5-common php5-mcrypt php5-sqlite \
php5-curl php5-json phpunit mcrypt ssmtp mailutils mpack truecrypt\
nautilus-open-terminal google-talkplugin linux-headers-generic \
build-essential tp-smapi-dkms thinkfan moc

Install Composer
sudo curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
sudo chmod 755 /usr/local/bin/composer

Install Laravel
sudo wget http://laravel.com/laravel.phar
sudo mv laravel.phar /usr/local/bin/laravel
sudo chmod 755 /usr/local/bin/laravel

Virtualbox
sudo adduser x vboxusers

Email
sudo cp ./data/etc/ssmtp.conf /etc/ssmtp/ssmtp.conf
sudo chmod 744 /etc/ssmtp/ssmtp.conf

x200 Fan Settings
echo “tp_smapi” | sudo tee -a /etc/modules
echo “thinkpad_acpi” | sudo tee -a /etc/modules
echo “options thinkpad_acpi fan_control=1” | sudo tee /etc/modprobe.d/thinkpad_acpi.conf
sudo cp ./data/etc/default/thinkfan /etc/default/thinkfan
sudo cp ./data/etc/thinkfan.conf /etc/thinkfan.conf
sudo chmod 744 /etc/default/thinkfan
sudo chmod 744 /etc/thinkfan.conf

Usb Wifi + Disable Built in Wifi
mkdir -p /tmp/bootstrap/usb-wifi-fix/
unzip -d /tmp/bootstrap/usb-wifi-fix/ ./data/usb-wifi-fix.zip
sudo dkms add /tmp/bootstrap/usb-wifi-fix/
sudo dkms install 8192cu/1.8
sudo depmod -a
sudo cp /tmp/bootstrap/usb-wifi-fix/blacklist-native-rtl8192.conf /etc/modprobe.d/

Swappiness
cat ./data/etc/sysctl-append >> /etc/sysctl.conf

Sublime Text 3
mkdir ~/.config/sublime-text-3/
unzip -d ~/.config/sublime-text-3/ ./data/sublime-text-3.zip
cp -ar ./data/sublime-text-3/* ~/.config/sublime-text-3/

Fonts
mkdir ~/.fonts
cp -ar ./data/fonts/* ~/.fonts/

Scripts
mkdir ~/.scripts
cp -ar ./data/scripts/* ~/.scripts/
chmod +x ~/.scripts/*

Dotfiles
shopt -s dotglob
cp -a ./data/dotfiles/* ~

Autostart
cp -a ./data/autostart/* ~/.config/autostart/

Filezilla servers
mkdir ~/.filezilla/
cp -a ./data/filezilla/sitemanager.xml ~/.filezilla/

Terminal
cp -a ./data/gconf/%gconf.xml ~/.gconf/apps/gnome-terminal/profiles/Default/

Folders
rm -rf ~/Documents
rm -rf ~/Public
rm -rf ~/Templates
rm -rf ~/Videos
rm -rf ~/Music
rm ~/examples.desktop
mkdir ~/Development
mkdir ~/BTSync

Update System Settings
gsettings set com.canonical.indicator.power show-percentage true
gsettings set com.canonical.indicator.sound interested-media-players “[‘spotify.desktop’]”
gsettings set com.canonical.indicator.sound preferred-media-players “[‘spotify.desktop’]”
gsettings set com.canonical.Unity form-factor ‘Netbook’
gsettings set com.canonical.Unity.Launcher favorites “[‘application://google-chrome.desktop’, ‘application://sublime-text.desktop’, ‘application://spotify.desktop’, ‘application://nautilus.desktop’, ‘application://gnome-control-center.desktop’, ‘application://gitg.desktop’, ‘application://gnome-terminal.desktop’, ‘unity://running-apps’, ‘unity://expo-icon’, ‘unity://devices’]”
gsettings set com.canonical.Unity.Lenses remote-content-search ‘none’
gsettings set com.canonical.Unity.Runner history “[‘/home/x/.scripts/screen_colour_correction.sh’]”
gsettings set com.ubuntu.update-notifier regular-auto-launch-interval 0
gsettings set de.mh21.indicator.multiload.general autostart true
gsettings set de.mh21.indicator.multiload.general speed 500
gsettings set de.mh21.indicator.multiload.general width 75
gsettings set de.mh21.indicator.multiload.graphs.cpu enabled true
gsettings set de.mh21.indicator.multiload.graphs.disk enabled true
gsettings set de.mh21.indicator.multiload.graphs.load enabled true
gsettings set de.mh21.indicator.multiload.graphs.mem enabled true
gsettings set de.mh21.indicator.multiload.graphs.net enabled true
gsettings set de.mh21.indicator.multiload.graphs.swap enabled false
gsettings set org.freedesktop.ibus.general engines-order “[‘xkb:us::eng’]”
gsettings set org.freedesktop.ibus.general preload-engines “[‘xkb:us::eng’]”
gsettings set org.gnome.DejaDup backend ‘file’
gsettings set org.gnome.DejaDup delete-after 365
gsettings set org.gnome.DejaDup include-list “[‘/home/x/Development’, ‘/home/x/Pictures’]”
gsettings set org.gnome.DejaDup periodic-period 1
gsettings set org.gnome.DejaDup welcomed true
gsettings set org.gnome.desktop.a11y.magnifier mag-factor 13.0
gsettings set org.gnome.desktop.background picture-uri ‘file:///usr/share/backgrounds/163_by_e4v.jpg’
gsettings set org.gnome.desktop.default-applications.terminal exec ‘gnome-terminal’
gsettings set org.gnome.desktop.input-sources sources “[(‘xkb’, ‘us’)]”
gsettings set org.gnome.desktop.input-sources xkb-options “[‘lv3:ralt_switch’, ‘compose:rctrl’]”
gsettings set org.gnome.desktop.media-handling autorun-never true
gsettings set org.gnome.desktop.privacy remember-recent-files false
gsettings set org.gnome.desktop.screensaver lock-enabled false
gsettings set org.gnome.desktop.screensaver ubuntu-lock-on-suspend false
gsettings set org.gnome.gitg.preferences.commit.message right-margin-at 72
gsettings set org.gnome.gitg.preferences.commit.message show-right-margin true
gsettings set org.gnome.gitg.preferences.diff external false
gsettings set org.gnome.gitg.preferences.hidden sign-tag true
gsettings set org.gnome.gitg.preferences.view.files blame-mode true
gsettings set org.gnome.gitg.preferences.view.history collapse-inactive-lanes 2
gsettings set org.gnome.gitg.preferences.view.history collapse-inactive-lanes-active true
gsettings set org.gnome.gitg.preferences.view.history search-filter false
gsettings set org.gnome.gitg.preferences.view.history show-virtual-staged true
gsettings set org.gnome.gitg.preferences.view.history show-virtual-stash true
gsettings set org.gnome.gitg.preferences.view.history show-virtual-unstaged true
gsettings set org.gnome.gitg.preferences.view.history topo-order false
gsettings set org.gnome.gitg.preferences.view.main layout-vertical ‘vertical’
gsettings set org.gnome.nautilus.list-view default-zoom-level ‘smaller’
gsettings set org.gnome.nautilus.preferences executable-text-activation ‘ask’
gsettings set org.gnome.settings-daemon.plugins.media-keys terminal ‘XF86Launch1’
gsettings set org.gnome.settings-daemon.plugins.power critical-battery-action ‘shutdown’
gsettings set org.gnome.settings-daemon.plugins.power idle-dim false
gsettings set org.gnome.settings-daemon.plugins.power lid-close-ac-action ‘nothing’
gsettings set org.gnome.settings-daemon.plugins.power lid-close-battery-action ‘nothing’

Update Some More System Settings
dconf write /org/compiz/profiles/unity/plugins/unityshell/icon-size 32
dconf write /org/compiz/profiles/unity/plugins/core/vsize 1
dconf write /org/compiz/profiles/unity/plugins/core/hsize 5
dconf write /org/compiz/profiles/unity/plugins/opengl/texture-filter 2
dconf write /org/compiz/profiles/unity/plugins/unityshell/alt-tab-bias-viewport false

Requires Clicks
sudo apt-get install -y ubuntu-restricted-extras

Prompt For a Reboot
clear

Advertisements

VLC Installation in Ubuntu


#!/bin/sh

Suppression of VLC
sudo aptitude remove vlc

Installation de pré-requis system
sudo aptitude build-dep vlc
sudo aptitude install autoconf automake gettext pkg-config lua50 libxcb-shm0-dev libxcb-xv0-dev libx11-xcb-dev

Creating src Dir & Downloading GIT
mdkir ~/src
cd ~/src
git clone git://git.videolan.org/vlc/vlc-1.1.git
cd ~/src/vlc-1.1

Installation
./bootstrap

Configuration VLC
./configure –enable-growl –enable-v4l –enable-vcdx –enable-wma-fixed –enable-merge-ffmpeg –enable-faad –enable-real –enable-realrtsp –enable-lirc

Compilation
make
sudo checkinstall

Checking VLC Version
vlc –version

Installation is Completed
Please Check the VLC in Terminal by typing vlc

IPTables Will Block for Specific IP Address


#!/bin/bash

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT
-A INPUT -j REJECT –reject-with icmp-host-prohibited
-A FORWARD -j REJECT –reject-with icmp-host-prohibited
COMMIT

IPTables Outgoing Traffic with Conntrack


#!/bin/bash

Outgoing port 81
$IPTABLES -A OUTPUT -p tcp –dport 81 -m conntrack –ctstate NEW,ESTABLISHED -j ACCEPT
$IPTABLES -A INPUT -p tcp –sport 81 -s $MYIP -m conntrack –ctstate ESTABLISHED -j ACCEPT

Outgoing port 80 for User Account
$IPTABLES -A OUTPUT –match owner –uid-owner useraccount -p tcp –dport 80 -m conntrack –ctstate NEW,ESTABLISHED –sport 1024:65535 -j ACCEPT
$IPTABLES -A INPUT -p tcp –sport 80 –dport 1024:65535 -d $MYIP -m conntrack –ctstate ESTABLISHED -j ACCEPT

Default outgoing log + block rules
$IPTABLES -A OUTPUT -j LOG –log-prefix “BAD OUTGOING ” –log-ip-options –log-tcp-options –log-uid
$IPTABLES -A OUTPUT -j DROP

IPTables Allow Incoming SSH Connections


#!/bin/bash
iptables -F

Allow over VPN
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A OUTPUT -o tun+ -j ACCEPT

Localhost
iptables -A INPUT -s 127.0.0.1/8 -j ACCEPT
iptables -A OUTPUT -d 127.0.0.1/8 -j ACCEPT

VPN
iptables -A INPUT -s 123.123.123.123 -j ACCEPT
iptables -A OUTPUT -d 123.123.123.123 -j ACCEPT

SSH
iptables -A INPUT -p tcp –dport ssh -j ACCEPT

Default Deny
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP

IPTables Port Forwarding


#!/bin/bash

IPtables is empty and ACCEPT all policy is set, thus no packet is blocked. Here are the NAT rules
iptables -A PREROUTING -t nat -p tcp -d 10.100.1.79 –dport 990 -j DNAT –to 192.168.0.21:990
iptables -A POSTROUTING -t nat -d 192.168.0.21 -p tcp -m tcp –dport 990 -j SNAT –to-source 10.100.1.79
iptables -A FORWARD -p tcp -i eth0:3 -d 192.168.0.22 –dport 990 -j ACCEPT

IPtables-Persistent Script for Firewall


#!/bin/bash

. /lib/lsb/init-functions
rc=0

load_rules()
{
log_action_begin_msg “Loading iptables rules”

Load IPv4 Rules
if [ ! -f /etc/iptables/rules.v4 ]; then
log_action_cont_msg ” skipping IPv4 (no rules to load)”
else
log_action_cont_msg ” IPv4″
iptables-restore < /etc/iptables/rules.v4 2> /dev/null
if [ $? -ne 0 ]; then
rc=1
fi
fi

Load IPv6 Rules    
if [ ! -f /etc/iptables/rules.v6 ]; then
log_action_cont_msg ” skipping IPv6 (no rules to load)”
else
log_action_cont_msg ” IPv6″
ip6tables-restore < /etc/iptables/rules.v6 2> /dev/null
if [ $? -ne 0 ]; then
rc=1
fi
fi
log_action_end_msg $rc
}

save_rules()
{
log_action_begin_msg “Saving rules”

Save IPv4 Rules
/sbin/modprobe -q iptable_filter
if [ ! -f /proc/net/ip_tables_names ]; then
log_action_cont_msg ” skipping IPv4 (no modules loaded)”
elif [ -x /sbin/iptables-save ]; then
log_action_cont_msg ” IPv4″
iptables-save > /etc/iptables/rules.v4
if [ $? -ne 0 ]; then
rc=1
fi
fi

Save IPv6 Rules
/sbin/modprobe -q ip6table_filter
if [ ! -f /proc/net/ip6_tables_names ]; then
log_action_cont_msg ” skipping IPv6 (no modules loaded)”
elif [ -x /sbin/ip6tables-save ]; then
log_action_cont_msg ” IPv6″
ip6tables-save > /etc/iptables/rules.v6
if [ $? -ne 0 ]; then
rc=1
fi
fi
log_action_end_msg $rc
}

flush_rules()
{
log_action_begin_msg “Flushing rules”
if [ ! -f /proc/net/ip_tables_names ]; then
log_action_cont_msg ” skipping IPv4 (no module loaded)”
elif [ -x /sbin/iptables ]; then
log_action_cont_msg ” IPv4″
for param in F Z X; do /sbin/iptables -$param; done
for table in $(cat /proc/net/ip_tables_names)
do
/sbin/iptables -t $table -F
/sbin/iptables -t $table -Z
/sbin/iptables -t $table -X
done
for chain in INPUT FORWARD OUTPUT
do
/sbin/iptables -P $chain ACCEPT
done
fi

if [ ! -f /proc/net/ip6_tables_names ]; then
log_action_cont_msg ” skipping IPv6 (no module loaded)”
elif [ -x /sbin/ip6tables ]; then
log_action_cont_msg ” IPv6″
for param in F Z X; do /sbin/ip6tables -$param; done
for table in $(cat /proc/net/ip6_tables_names)
do
/sbin/ip6tables -t $table -F
/sbin/ip6tables -t $table -Z
/sbin/ip6tables -t $table -X
done
for chain in INPUT FORWARD OUTPUT
do
/sbin/ip6tables -P $chain ACCEPT
done
fi
log_action_end_msg 0
}

case “$1” in
start|restart|reload|force-reload)
load_rules
;;
save)
save_rules
;;
stop)
echo “Automatic flushing disabled, use \”flush\” instead of \”stop\””
;;
flush)
flush_rules
;;
*)
echo “Usage: $0 {start|restart|reload|force-reload|save|flush}” >&2
exit 1
;;
esac

exit $rc