New Install of Ubuntu or similar

new_setup.sh

apt update
apt upgrade -y
apt install linux-xanmod-edge -y

apt install glances htop nmap bleachbit git python3-pip iperf3 easy-rsa iptables-persistent tuned neofetch net-tools fail2ban ntpdate ntp ntpstat -y
service tuned start
tuned-adm list
tuned-adm profile throughput-performance
service tuned restart
apt autoclean -y
apt autoremove -y

pip3 install pipreqs
#pip freeze > requirements.txt
/usr/local/bin/pip3 --version
#pip install --upgrade pip
/usr/local/bin/pip3 cache purge
pipreqs --force
sed -i 's/==/>=/g' requirements.txt
/usr/local/bin/pip3 install --no-cache-dir --no-use-pep517 -r requirements.txt --upgrade


systemctl start fail2ban
systemctl enable fail2ban

cat <<EOF >/etc/fail2ban/jail.local
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
EOF

systemctl restart fail2ban

sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_control

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -j REJECT --reject-with tcp-reset
iptables -A INPUT -p udp -j REJECT --reject-with icmp-host-unreachable
iptables -A INPUT -p icmp -j REJECT --reject-with icmp-host-unreachable
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#iptables -t mangle -A OUTPUT -p udp -j DSCP --set-dscp-class ef
#iptables -t mangle -A OUTPUT -p tcp -j DSCP --set-dscp-class ef
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -A OUTPUT -p udp -j DSCP --set-dscp-class AF21
iptables -t mangle -A OUTPUT -p tcp -j DSCP --set-dscp-class AF21
iptables -t mangle -L -v

sudo hwclock --show --verbose
ntpq -p
timedatectl status
ntpstat