ss – anothre utility to investigate sockets.

ss is :

ss  is  used to dump socket statistics. It allows showing information similar to netstat.  It can display more TCP and state informationsthan other tools.


This comes in iproute package in Fedora. So, to install this you would need to install “iproute” if not installed already.

sudo yum install iproute

Now, once you have done that you can look at the man page to check what all you can see with ss. but here are some examples:

#list all sockets
ss -ant
ss -art

#List all listening sockets
ss -anl

# Show detailed information and memory for all listening sockets
ss -anlme

# Display all udp sockets
ss -u -a


Enhanced by Zemanta

dnsmasq not starting from NetworkManager with SELinux enabled.

OpenWrt - Dnsmasq
OpenWrt – Dnsmasq (Photo credit: magicfab)


Some time back I posted on dnsmasq starting from Network Manager and how to setup dnsmasq.


Now, couple of days back , I setup dnsmasq in NetworkManager but was astonished to see that there was no dnsmasq running. I checked with dig and saw that there was no response from localhost for dns queries. Checked “ps -eaf|grep dns” and found that there was no dnsmasq running. I knew that once you mention “dns=dnsmasq” in the NetworkManager then it should start up but that was not happening. And then I checked audit log, found that some permissions were denied by SELinux.


First check if dnsmasq is indeed having issues because of SELinux:


grep -C 5 sealert /var/log/messages


If you do see something then time to fix it.


grep dnsmasq /var/log/audit/audit.log
audit2allow -M mypol && semodule -i mypol.pp
systemctl restart NetworkManager


And with this, you should be done, though you might have to repeat this multiple times.



Enhanced by Zemanta

slow ssh connection

If you are experiencing slow ssh connections, then possibly your system is trying to do reverse lookup of the IP address. If that is the case, then you can add the below to “hosts” line in /etc/nsswitch.conf file.


The other cause for slow connections can be GSSAPI authentication. If that is the case, then the simplest solution is to add the following in your “~/.ssh/config” file:

GSSAPIAuthentication no


Enhanced by Zemanta