Commands
ab
apache benchmarking
ab -n 50 https://www.halfface.se/photos/ ab -n 1000 -c 10 https://www.halfface.se/wiki/index.php/Halfface
abcde
Rip cd.
abcde
agrep
Aproximate grep. 3 differences from andreas
agrep -3 andreas /var/log/messages
alternatives
alternatives --set mta /usr/sbin/sendmail.postfix
antiword
antiword bad.doc > pure.txt
arecord
List soundcards.
arecord -l
Chose source.
alsamixer
Create mp3 from source.
arecord -f cd -d 5 -t raw | lame -x -r - out.mp3
arp-scan
Scan ip addresses on local subnet
sudo arp-scan --localnet | sort -n -k4 -t.
base64
base64 -d /tmp/html | elinks --dump | less -ISRM
blkid
Get uuid of disk.
blkid /dev/sdb1 /dev/sdb1: UUID="64cd54f7-5330-425d-81e5-a0e473a5f5e7" TYPE="ext4" PARTLABEL="primary" PARTUUID="21f38e48-af2d-4fdd-854a-5910f392a6e0"
bonnie++
Report performance on disk. benchmark
bonnie++ -u 0:0
On machine running out of disk
sudo bonnie++ -d ./ -s 400 -r 200 -u root
Example command.
bonnie++ -d /storage/temp/ -s 32G -n 0 -m TEST -f -b -u abjorklund
boot
Booting singe user mode.
kernel ... single
bootchart
Analyze startup times.
bootgraph
How to use.
Kernel later than 2.6.28 kernel option initcall_debug dmesg | /usr/src/linux-headers-2.6.28-11-generic/scripts/bootgraph.pl > /tmp/bootgraph.svg
bzip2
Extract keep original
bzip2 -dk /compressed_file.bz2 and extract standard out via tar.
Extract bunzip2 file and extract via tar from standard out.
bzip2 -c /compressed_file.bz2 | tar -xivf -
cdrecord
Blank cd/dvd rw
cdrecord -v gracetime=2 dev=/dev/cdrom -eject blank=all -force
chage
List password properties of user
chage -l abjorklund
Unlimited login
chage -I -1 -m 0 -M 99999 -E -1 sftponly
chattr/lsattr
Set extendet attributes of files.
# Lock file for most activities. chattr +i file # Unlock file chattr -i file # recursive lsattr looking for imutable. lsattr -aR -- .//. 2>/dev/null | sed -rn '/i.+\.\/\/\./s/\.\/\///p'
chmod
Sticky bit on directory. Only owners of files are able to delete.
chmod 1755 /file. -rwxr-xr-t
GUID on file. binaries started will have the group set to the defined group.
chmod 2755 /file -rwxr-sr-x
SUID on file.
chmod 4755 /file -rwsr-xr-x
chntpw
# Change windows passwords offline mkdir /mnt/disk ; mount /dev/sd1 /mnt/disk; cd /mnt/disk/Windows/System32/config # List local users. chntpw -l SAM # clear password on user. chntpw -u Administrator SAM
chrony
# setup time sync via ntp. /etc/chrony.conf # look at status chronyc tracking # List ntp sources. chronyc sources
chvt
From a script change to a virtual interface and connect script to that terminal. chvt 3 exec < /dev/tty3 > /dev/tty3
cacafire
View some fire in ascii.
clean
Clean file from comments and blank lines.
sed '/ *#/d; /^ *$/d'
codepage
Change codepage of file.
convmv -f cp850 -t iso-8859-1 --notest * convmv -f utf8 -t iso8859-1 -r --notest * convmv -f iso8859-1 -t en_US.UTF-8 -r --notest .
Change codepage of file.
iconv --from-code=ISO-8859-15 --to-code=UTF-8 document.csv > document_iconv.csv
column
Create nice column. Use tab as delimiter.
column -t -s $'\t' /file.tsv
convert
Convert Image to 8 bit grey with threshold for white.
for tif in *.tif; do convert -depth 8 -white-threshold 70% ${tif} ${tif%%.*}.png;done
Resize image
convert -resize 25% -gamma 1.5 2011-08-03_11-09-43.jpg 2011-08-03_11-09-43_new.jpg
Multipage pdf.
convert -adjoin -page A4 -compress jpeg Infineon1.tif Infineon2.tif Infineon.pdf
Prepare photos for printing.
convert -rotate 90 -gamma 1.5 -resize 25% -compress jpeg -quality 80 -adjoin -page A4 * print.pdf
Resize change aspect.
convert Slide1.PNG -resize 1920x1080\! slide01.png
animated gif
convert -delay 100 -loop 0 *.jpg animation.gif
Create multipage pdf of photos.
convert -resize 25% -adjoin -page A4 -rotate 90 -compress jpeg *.jpg test.pdf ; pdfjam test.pdf --no-landscape --frame true --nup 2x2 --suffix 4up --outfile /temp/photos/Alva/test_2x2.pdf
Addition of images.
convert 1.png 3.png -append montage.png
cpio
Copy wanted partitions.
#!/bin/bash ssh root@192.168.2.148 "(cd /boot/ ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc )" | (cd /mnt/sysimage/boot ; cpio -idvuma ) ssh root@192.168.2.148 "(cd / ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc)" | (cd /mnt/sysimage ; cpio -idvuma ) # -o copy out mode. # -0 terminated by null character. # -Hnewc som storing format. # -i extract copy in mode. # -d make directories. # -v verbose. # -V print dot. # -u replace all files. # -m preserve modification time. # -a preserve access time.
crontab/cron
crontab.
* * * * * command to be executed - - - - - | | | | | | | | | +----- day of week (0 - 6) (Sunday=0) | | | +------- month (1 - 12) | | +--------- day of month (1 - 31) | +----------- hour (0 - 23) +------------- min (0 - 59) 0 Sunday 1 Monday 2 Tuesday 3 Wednesday 4 Thursday 5 Friday 6 Saturday @reboot "run command at reboot"
Run command every 10 minutes.
*/10 * * * * command
Run command at 12:00 and 24:00 hours.
00 0,12 * * * command
Run command between 8-17 every 2 hours.
0 8-17/2 * * * /path/command 0 8,10,12,14,16 * * * /path/command
Start program under crontab.
#!/bin/bash COMMAND="screen -L -d -m ping www.dn.se" if [ "$(ps -ef | grep -i ping | grep -v grep)" ] then echo "\"${COMMAND}\" already running." else echo "Starting \"${COMMAND}\"." cd /tmp ${COMMAND} fi
cut
Cuf everything from field 5.
cut -f5- -d ' '
curl
Get http return code.
curl --connect-timeout 3 --max-time 9 -ksL -w '%{http_code}\n' 'http://www.dn.se' -o /dev/null
get external ip.
curl ifconfig.me
get external ip and all related browser information.
curl ifconfig.me/all
Alternative address for domain.
curl -sk --resolve www.halfface.se:80:127.0.0.1 http://www.halfface.se
Get header / mime type
curl -I http://url.se
post file
curl -X POST -d @myfilename http://user:pass@myhost/hudson/job/_jobName_/postBuildResult
cookie format. tab delimited.
domain - The domain that created AND that can read the variable. .halfface.se flag - A TRUE/FALSE value indicating if all machines within a given domain can access the variable. This value is set automatically by the browser, depending on the value you set for domain. path - The path within the domain that the variable is valid for. secure - A TRUE/FALSE value indicating if a secure connection with the domain is needed to access the variable. expiration - The UNIX time that the variable will expire on. UNIX time is defined as the number of seconds since Jan 1, 1970 0:00:00 GMT. name - The name of the variable. value - The value of the variable.
date
Get date in requested format.
date '+%Y-%m-%d %H:%M' date +%Y-%m-%d-%H%M date "+%F_%T" # 2017-01-16_19:41:41
date 033121422003.55
Mon Mar 31 21:42:55 PST 2003 date MMDDhhmmCCYY.ss
Whats the date in 1000 years. Or any other increment.
date --date="+1000 years" +%C%y-%m-%d date --date="-2 hour" +%C%y-%m-%d\ %H:%M TZ=CEST date --date="-2 hour" +%C%y-%m-%d\ %H:%M
What is the time in other timezone given in unixtime/epoch.
TZ=GMT date -d '@1345064585' Wed Aug 15 21:03:05 GMT 2012
Unix time.
date +%s
Unix to normal
date -d @1234567890
scew clock by a second.
DATE_OFF=$(date --date="-5 second" +%C%y-%m-%d\ %H:%M:%S\ %Z) ; date --set="${DATE_OFF}"
dateseq
Create date sequense.
dateseq 2017-04-01 2017-04-05
db2
Empty catalog remove node
for DB2 in $(db2 list node directory | grep "Node name" | awk '{print $4}') ; do db2 uncatalog node $DB2;done
Empty catalog remove db
for DB2 in $(db2 list db directory | grep "Database name" | awk '{print $4}') ; do db2 uncatalog db $DB2;done
- Load db2 environment.
. /home/db2/sqllib/db2profile
- Connect to database.
db2 connect to ${database_name} user ${user} using ${password}
- Test query.
SELECT service_level, fixpack_num, bld_level FROM TABLE (sysproc.env_get_inst_info()) as A;
- System Database Directory
db2 list db directory
- Node Directory
db2 list node directory
- setup directory
db2 "catalog tcpip node db2datan remote 1.2.3.4 server 5000" db2 "catalog db db2datadb as db2datadb at node db2datan"
- Drop connection.
db2 terminate
dbus-monitor
dbus-monitor # Monitor activity on the dbus to see what system and sessions are doing.
dd
output your microphone to a remote computer's speaker
dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp
Add 2GB to disk image.
dd if=/dev/zero of=/system_image.img bs=1M oflag=append conv=notrunc count=2000
dd with progress bar.
pv -ptre /install/backup/machine/raspberry/ipcenter_view.img | sudo dd of=/dev/mmcblk0 bs=1M
dd to position on disk
dd of=/dev/disk1 if=/dev/urandom obs=500000 seek=1 bs=1MB count=1 conv=notrunc
dhclient
[root@wall sysconfig]# cat /etc/dhclient.conf
interface "eth0" { prepend domain-name-servers 127.0.0.1; supersede domain-name "bltprojektering.se"; }
diff
sdiff <(echo -e 'hej\nda\nvi\nses\ni\nmorgon') <(echo -e 'hej\ndå\nvi\nSES\ni\nmorgon')
which files differ between servers.
rsync -nrlptDqv --delete --exclude napsjb/server/naps/tmp/ /opt/ongame/ 10.6.21.11:/opt/ongame | less -n dry run. -r recursive -l copy symlinks av symlinks. -p preserve permission -t preserve tims. -D --device --special. Keep special files. -q quiet -v verbose
dig
- Get all dns information about host.
dig any www.halfface.se
- Trace dns lookups from root dns. Use 8.8.8.8 for lookups.
dig +trace @8.8.8.8 www.halfface.se
- Recursive lookup.
dig -tAXFR halfface.se
- backward resolve
dig -x 89.253.75.84
- get ttl
dig +nocmd +multiline +noall +answer any halfface.se
digitemp
digitemp_DS9097 -c /etc/.digitemprc -t0
disk
disk usage
baobab
foremost
recover deleted files.
disown
Disconnect process(pid) so that is survives a logout.
disown %2
display
Change resolution
xrandr --output LVDS --mode 1280x800 xrandr --output default --mode 1280x1024
Query graphics card capabilities.
xrandr -q
Change dpi
xrandr --dpi 138/eDP1
duplicity
Encrypted backups over rsync
dmidecode
List memory banks
sudo dmidecode -t 17
dnf
install skip if not exist
sudo dnf install --setopt=strict=0 $(sort -u /temp/other_machine_rpm)
update system
dnf -y upgrade --refresh reboot dnf -y install dnf-plugin-system-upgrade dnf -y system-upgrade download --refresh --allowerasing --releasever=25 dnf -y system-upgrade reboot # broken deps. dnf repoquery --unsatisfied # look for duplicates dnf repoquery --duplicated # which rpms do not exit in repo. dnf list extras # remove no longer used. dnf autoremove dnf remove $(rpm -qa| grep \.fc23)
auto update
# Install auto updates. dnf install dnf-automatic # Enable auto update. sed -i "s/apply_updates = no/apply_updates = yes/g;s/email_from = root@example.com/email_from = root@${HOSTNAME}/g;s/email_to = root/email_to = anden@halfface.se/g" /etc/dnf/automatic.conf # Enable timer. systemctl enable dnf-automatic.timer && systemctl start dnf-automatic.timer # Trigger timer. systemctl start dnf-automatic.timer # Check status of dnf-automatic: systemctl list-timers *dnf-*
dvgrab
Capture dv material
dvgrab -f dv2 -i -showstatus -s 0 -timestamp California-2
e2fsck
Scan for bad blocks.
e2fsck -ycv /dev/VolGroup00/LogVol00
edid/ddc
startx -- -logverbose 5. The EDID information turns up in /var/log/Xorg.0.log.
enca
detect and convert encoding of text files. (codepage utf)
enca -L none /temp/locale2
encryption
Simple encryption decryption with gnupg.
gpg -c --force-mdc /temp/shadow echo "$(gpg -qd /temp/shadow.gpg)"
etckeeper
Keep your /etc/ directory under git revision control.
What has happened.
git log -p /etc/resolv.conf
ethtool
show-features
ethtool -k generic-segmentation-offload = gso tcp-segmentation-offload = tso
exiftool
Change meta data for files, exif, jpg, mp3...
fdupes
Find duplicate files.
fdupes -r /home
ffmpeg
ffmpeg
ffmpeg -y -deinterlace -aspect 16:9 -author "Andreas Bjorklund" -title "Tanzania" -year 2007 -i Tanzania.m2t -acodec mp3 -vcodec mpeg4 -b 3000k -s 720x540 test.avi
Create swf/flv from mpeg2 stream
ffmpeg -deinterlace -i VTS_01_1.VOB -ab 56 -ar 22050 -b 500000 -r 15 -s 360x288 sisyfos.swf
Create horse movie.
ffmpeg -deinterlace -i /temp/VTS_01_1.VOB -ab 100 -ar 22050 -b 1200000 -r 25 -s 360x288 3horses.swf
Cut video from command prompt.
ffmpeg -i video.avi -vcodec copy -acodec copy -ss 00:00:00 -t 00:00:04 trimmed_video.avi
Record desktop.
ffmpeg -f alsa -ac 2 -i pulse -f x11grab -r 5 -s 1920x1080 -i :0.0 -acodec pcm_s16le -vcodec libx264 -threads 0 -y output.mkv ffmpeg -f x11grab -s $(xrandr | grep \*+|awk '{print $1}') -r 25 -i :0.0 -sameq /tmp/out.mpg
Change container.
ffmpeg -i film.mov -vcodec copy -acodec copy film.mp4
Transcode to h264 aac
ffmpeg -i original.avi -vcodec libx264 -acodec aac -strict experimental new_file.mp4
Transcode mp3 to ogg vorbis
for file in *.mp3; do ffmpeg -i "${file}" -acodec libvorbis "${file/%mp3/ogg}";done
Take photo
ffmpeg -f video4linux2 -s 1280x720 -i /dev/video0 -f image2 snapshot.jpg
Take a photo from a video steam every 10 seconds.
ffmpeg -i video.mp4 -r 0.1 -f image2 %03dandreas.jpg
Take a photo every 1 put it in a file.
ffmpeg -y -i http://balcony.halfface.se:8080 -r 1 -f image2 -update 1 stream_image.jpg -probesize 5e+07
Rotate 180 degrees.
ffmpeg -i input.mp4 -filter:v "transpose=1,transpose=1" output.mp4
Change rotation without transcoding.
ffmpeg -i IMG_0703.MOV -metadata:s:v rotate="" -codec copy rotate_IMG_0703.MOV
Concaternate videos.
ffmpeg -f concat -safe 0 -i mylist.txt -c copy output
find
Find exluding directory.
find . -wholename '/var/' -prune -o -ls
Find in only files.
find /opt/ongame/ -type f -exec grep --color=always -r '10\.7\.' /dev/null {} \;
Find text file in directoy execpt directory. Grep for text in that file and show it with colours in less.
find /opt/ongame/ -wholename '/opt/ongame/napsjb/server/naps/tmp' -prune -o -type f -exec grep --color=always -r '/fraud' /dev/null {} \; | less -SR
Find excluding several directories.
find / -type d \( -path /proc -o -path /dev -o -path /net \) -prune -o -gid 1002 -exec chgrp -h 1001 {} \;
Find excluding svn.
find . -path '*/.svn' -prune -o -type f -print
Searches for files modified up to 4 days ago.
find ./ -type f -mtime -4
Searches for files modified between certain dates. Here for files older than 30 days but younger than 60 (penultimate month).
find ./ -type f -mtime -60 ! -mtime -30 sudo find . -newermt "2014-10-19 09:30" ! -newermt "2014-10-19 09:35"
findmnt
view the mount tree
findmnt
flash
When firefox is complaining about outdated flash plugin
rm pluginreg.dat
flock
used to use cript that only used 1 time concurrently.
flock
fmt
Join lines
ifconfig -a | fmt -w 300
forward traffic
service x11 { disable = no socket_type = stream protocol = tcp wait = no user = root server = /usr/bin/nc server_args = 172.28.37.152 6000 }
free
You have 15956MB physical ram. 9033MB is used by applications. 6922MB is free.
free -m total used free shared buffers cached Mem: 15956 15755 200 0 300 6421 -/+ buffers/cache: 9033 6922 Swap: 19998 2405 17593
free new
Total memory 8076624k and 5169152 free.
total used free shared buff/cache available Mem: 8076624 2536328 1069132 284152 4471164 5169152 Swap: 7815164 2809244 5005920
Free memory usage from /proc/zoneinfo and /proc/meminfo
awk -v low=$(grep low /proc/zoneinfo | awk '{k+=$2}END{print k}') '{a[$1]=$2} END{print a["MemFree:"]+a["Active(file):"]+a["Inactive(file):"]+a["SReclaimable:"]-(12*low);}' /proc/meminfo 5168456
fstab
Use ram for some logfiles.
none /var/log/ tmpfs defauls,noatime,size=10% 0 0 none /tmp/ tmpfs defauls,noatime,size=10% 0 0 none /var/tmp/ tmpfs defauls,noatime,size=10% 0 0 none /var/spool/ tmpfs defauls,noatime,size=10% 0 0
fswebcam
Capture photo.
fswebcam -r 1920x1080 --jpeg 85 -D 1 --quiet --no-banner shot.jpg fswebcam -d /dev/video0 -i 0 -r 2592x1944 -p YUYV /net/10.111.222.1/storage/temp/logitech.jpg
genisoimage
genisoimage -o nuc.iso nuc
gphoto2
Capture photo from the command line linux.
gphoto2 --camera='Canon EOS 40D (PTP mode)' --port=usb: --capture-image-and-download
graphviz
Create graph.
dot -Tps /flow -o /tmp/flow.ps
grep
Colorize grep output.
grep --color=always -r '10\.7\.' /opt/ongame/
Show non comment lines ending with a blank.
find . -name '*.properties' -exec grep --color=always -E '^[^#].*\ $' {} \; | less -SR
grep ipaddress from message file.
sudo grep DHCP /var/log/messages | grep -oir --color=always '192\.168\.[0-9]*\.[0-9]*' | sort -u grep -E '([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))'
grep ipaddress from file
grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
grep for tab
grep 10.199.2.1$'\t' /etc/hosts
grep from word containing regex space separated.
grep -oE '\S*regex\S*' /file
When grep start to complain about file being binary run the following command to define where.
grep -Pa '\x00' /temp/file_name
Grep email addresses.
grep -E -o "\b[a-zA-Z0-9.-]+@[a-zA-Z0-9.-]+\.[a-zA-Z0-9.-]+\b" filename.txt
Grep for exact string like \
grep -F \\ blabla.json
gsettings
Emulate 3 button mouse
gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true
Blinking cursor disable
gsettings set org.gnome.Terminal.Legacy.Profile:/org/gnome/terminal/legacy/profiles:/:$(gsettings get org.gnome.Terminal.ProfilesList default|tr -d \')/ cursor-blink-mode off
gsync
Install gsync
git clone https://github.com/iwonbigbro/gsync.git cd gsync/ sudo python setup.py install
Download data.
gsync -u -r -t -v --progress --delete -l -s drive://motion/ /temp/motion2/
gzip
Compress a stream.
find . | gzip -9 > /tmp/file_list.gz
gscan2pdf
Scan and ocr pdf dokuments
Handbrake
Compress dvd
- Rip dvd.
sudo vobcopy -o /storage/temp/ -v -x -l
- compress video.
HandBrakeCLI -e x264 -Z Normal -i source.vob -o destination.mkv -a 2 -r 25 -E faac -f mkv -d -S 600 --crop 0:0:0:0
- Create film for android.
HandBrakeCLI -i 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.vob -o 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.mp4 -x level=30:bframes=0:cabac=0:ref=1:vbv-maxrate=1500:vbv-bufsize=2000:analyse=all:me=umh:no-fast-pskip=1 -e x264 --vb 300 -E faac --ab 128 --maxWidth 320 -2 -T -d
- Compress.
SOURCE=/ssd/temp ; DESTINATION=/temp ; for FILM in $(cd ${SOURCE}; ls *.mov | sed 's/\.mov$//g'); do HandBrakeCLI -e x264 -q 20 -B 160 -i ${SOURCE}/${FILM}.mov -o ${DESTINATION}/${FILM}.mp4 ;done
- High profile
HandBrakeCLI -i DVD -o ~/Movies/movie.mp4 -e x264 -q 20.0 -a 1 -E faac -B 160 -6 dpl2 -R Auto -D 0.0 -f mp4 --strict-anamorphic -m -x ref=2:bframes=2:subme=6:mixed-refs=0:weightb=0:8x8dct=0:trellis=0
htmldoc
Convert html document to pdf
htmldoc --webpage -f php_html_doc.pdf /home/andreasbj/php_manual_en.html 2>/tmp/htmldoc
hunspell
hunspell -d sv_SE swedish.txt
hydra
Password checking.
hydra -l root -P /etc/passwdknown -t 5 192.168.29.62 ssh2
ifconfig
Configure network.
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
ip address alias
ifconfig eth0:0 192.168.1.2
Network configuration Full config.
echo -e "options timeout:1 attempts:1 domain halfface.se nameserver 84.246.88.10 nameserver 84.246.88.20" > /etc/resolv.conf ifconfig eth0 89.253.75.84 netmask 255.255.255.224 up route add default gw 89.253.75.65 eth0
Vip on loopback /etc/sysconfig/network-scripts/ifcfg-lo:ipdbm
DEVICE=lo:ipdbm IPADDR=192.168.122.2 NETMASK=255.255.255.255 NETWORK=192.168.122.0 ONBOOT=yes
Setting up multiple addresses. ifcfg-eth0-range0
TYPE=Ethernet IPADDR_START=192.168.122.3 IPADDR_END=192.168.122.15
ifcfg-eth0
DEVICE=eth0 BOOTPROTO=static ONBOOT=yes TYPE=Ethernet IPADDR=10.111.222.2 NETMASK=255.255.255.0 GATEWAY=10.111.222.1 DNS1=10.111.222.253 DNS2=10.111.222.254 DOMAIN="halfface.se subdomain.halfface.se"
ilo
log in to ilo
env -u LANG ssh -v Ongame@10.1.1.94
restart ilo
reset map1
start system
start system1
install
Crete directory
install -d --mode=755 --owner=user --group=group /apps/IP/IPim/var/log
iostat
iostat -xtc 5
ip
Add vlan 23
ip link add link eno1 name eno1.23 type vlan id 23
View vlan protocol
ip -d link show eno1.23
Configure vlan
ip addr add 10.151.23.101/24 brd 10.151.23.255 dev eno1.23 ip link set dev eno1.23 up
create default route
ip route add default via 192.168.1.254
show routing
ip route show
Add static route
ip route add 10.10.20.0/24 via 192.168.50.100 dev eth0
Remove static route.
ip route del 10.10.20.0/24
which outgoing interfaces are available.
ip r l| awk '/src/{print $9}'
Which route is used for ip.
ip route get 192.168.122.252
route subnet over interface.
sudo ip route add 145.251.242.0/24 dev tun0
Show ipaddress on interface tun0
ip address show tun0
vlan tag interface.
ip link add link eth0 name eth0.8 type vlan id 8
set ip on interface.
ip addr add 192.168.50.5 dev eth1
set secondary ip on interface
ip addr add 192.168.50.6/24 dev eth0
remove ip address.
ip addr del 192.168.50.5/24 dev eth1
enable interface
ip link set eth1 up
list arp entries.
ip neigh show
local routing table
ip route list table local
rule base routing. List rules
ip rule show
Disable traffic to an ipaddress.
ip route add blackhole 10.151.19.151
ipcalc
ipcalc -n 192.121.85.96/27 -m
iperf
start server on client A.
iperf -s
start measure from the other host. Limit bandwidth to 10k.
iperf -c 10.20.30.40 --bandwidth 10K
Multicast test.
On the listener side: # iperf -s -u -B 224.1.1.1 -i 1 On sender % iperf -c 224.1.1.1 -u -T 32 -t 3 -i 1
ipmitool
What is the power consumtion of dell server.
ipmitool -I lanplus -H 127.0.0.1 -U root -P calvin delloem powermonitor
iptables
Show iptables OUTPUT, PREROUTING and POSTROUTING
iptables --table nat --list --exact --verbose --numeric --line-number
Show config
iptables -L -t nat -n
Dnat to localhost.
iptables -t nat -I PREROUTING --source 131.115.115.53 -p tcp --dport 22 -j REDIRECT --to-ports 222 iptables -t nat -I OUTPUT --source 131.115.115.53 --destination 127.0.0.1 -p tcp --dport 22 -j REDIRECT --to-ports 222
Flush all rules.
iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT
Block
iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j DROP iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j REJECT
Block outgoing mail
iptables -A OUTPUT -p tcp --dport 25 -o $INTERFACE -j REJECT
Block all traffic except ssh in/out log to syslog.
iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -m tcp -p tcp --dport 22 -j ACCEPT iptables -A INPUT -m tcp -p tcp --sport 22 -j ACCEPT iptables -A INPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-in" iptables -A OUTPUT -m tcp -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -m tcp -p tcp --sport 22 -j ACCEPT iptables -A OUTPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-out"
Block traffic on certain port.
iptables -A INPUT -p tcp --dport 7009 -j REJECT
irc
Close private messages
/window close
Close public messages
/window close
Close a query
/q
jmtpfs
Mount disk
jmtpfs /mnt/mtp
Umount disk
fusermount -u /mnt/mtp
john
Test performance
john -test
Recover passwords with password list.
john -wordlist:password.lst passfile.txt
journalctl
View log from last day.
journalctl --since yesterday
List all units.
systemctl list-unit-files
Current disk usage.
journalctl --disk-usage
Show only certain error level. (err crit)
journalctl -p err
List boots
journalctl --list-boots
Show events between two time stamps.
journalctl --since "2017-01-23 05:56:42" --until "2017-01-23 07:56:42"
jpegtran
# to lossless cut a file. jpegtran -crop 700x400+2150+1500 2012-05-19_20-39-35.jpg > /photos/Sweden/2012/2012-05-19/2012-05-19_20-39-35.jpg # Rotate counter clockwise. jpegtran -copy all -rotate 270 2012-08-18_15-06-43.jpg > 2012-08-18_15-06-43_270.jpg
jq
how many stores are actually in there:
$ cat file.json | jq 'length' 1134
retrieves the “name” field of each element of the input array.
cat file.json | jq '.[] | .name' "Graz" "Baden" "Zürich" ...
Give us first store.
jq '.[0]'
Select specific fields
jq '.[] | {eta: .eta, ticketID: .ticketID}'
Select specific files shortended.
jq '.[] | {eta, ticketID}'
keyboard
keymaps dumpkeys loadkeys sv-latin1 loadkeys us setxkbmap en setxkbmap -layout se -variant nodeadkeys
reset corrupt keyboard after using vmware.
setxkbmap
kill
suspend/resume a jobb.
# kill -STOP PID # kill -CONT PID
kpartx
# Create device files from disk image. sudo kpartx -av disk_image.raw add map loop0p1 (252:2): 0 3082240 linear /dev/loop0 2048 add map loop0p2 (252:3): 0 17887232 linear /dev/loop0 3084288 # Mount device files. sudo mount /dev/mapper/loop0p2 /mnt #Unmount what you mounted and remove the device mapping: sudo umount /mnt sudo kpartx -d disk_image.raw
lastb
Show failed ssh logins.
lastb
ln
Create link even if it exists.
ln -sfT /destination link
locale
To show 24 hour format.
LC_ALL=C
localectl
Change keyboard.
localectl list-keymaps localectl set-keymap se-nodeadkeys localectl set-x11-keymap se-nodeadkeys
lock
locking keyboard under linux.
lock-keyboard-for-baby
logging
bash create log.
#!/bin/bash exec > /logfile
alternative
exec 2>/tmp/log
Read logs on system.
tail -f $(lsof | grep log$ |awk '{ print $NF }' | sort -u |xargs)
logrotate
Test run logrotate file. -d=debug -f=force
logrotate -d -f /etc/logrotate.conf
losetup
Create loopback devices for partitions in image
losetup -P /dev/loop2 harddrive.img
ls
ls -la --time-style="+%Y-%m-%d %H:%M:%S" *.3gp
List processes in epoch date
( cd /proc; ls -rtd --full-time --time-style=+%s [0123456789]*; )
List memory modules.
lshw -C memory
lshw
Is cpu 32 or 64bit.
lshw -class processor
lsof
List recurivly all process that have a path open.
lsof +D /apps/
command line mail with changed from
echo message | mail -s Subject -r from@inter.net reciever@inter.net
command line mail with changed from with attachment
echo message | mail -s Subject -r from@inter.net -a /attach.ment reciever@inter.net
man
man correct caracters.
LANG=C man passwd
man clean for output to file.
man [manual] | col -b > file.txt
mbr
backup mbr.
# dd if=/dev/sdX of=/temp/sdx-mbr bs=512 count=1
restore mbr
# dd if=/temp/sdx-mbr of=/dev/sdX bs=446 count=1
mkfs
Create fat32 file system.
mkfs.vfat -F 32 /dev/sdc1
mogrify
Resize, crop... a file. Removes original.
mogrify -resize 800 *.jpg
mount
Mount a temporary ram partit
mount -t tmpfs tmpfs /mnt -o size=1024
Mount a cift filesystem and change ower on mountpoint.
mount.cifs -o credentials=/home/user/cifs.credentials,gid=1004,uid=1004 //server/c$ /mnt/cifs
Disallow normal user to ps. If not belonging to gid 1001.
- /etc/fstab
proc /proc proc defaults,hidepid=2,gid=1001 0 0
movgrab
List available formats
movgrab -T http://youtu.be/ucivXRBrP_0
Get version listed.
movgrab -f mp4:1920x1080 http://www.youtube.com/v/ucivXRBrP_0
mplayer
mplayer in ascii mode.
mplayer -monitoraspect 4:3 -vo aa LinaFreestyler.avi
mplayer on second soundcard.
mplayer -ao oss:/dev/dsp *.mp3 mplayer -ao alsa:device=hw=0.0 *.mp3
Or, to specify a non-default (secondary) device either of the following commands can be used.
mplayer -ao oss:/dev/dsp1 *.mp3 mplayer -ao alsa:device=hw=1.0 *.mp3
play from v4l
mplayer -tv device=/dev/video:driver=v4l:input=1:width=640:height=480:norm=ntsc:adevice=/dev/dsp tv://1 -zoom -aspect 4:3 mplayer -fps 15 tv:// -tv driver=v4l2:width=640:height=480:device=/dev/video0play hdv material. mplayer -monitoraspect 16:9 -vf pp=lb
play dvd image.
mplayer dvd://1 -dvd-device DVD.iso
play h264 webcam
mplayer -fps 24 tv:// -tv driver=v4l2:width=1920:height=1080:device=/dev/video0:outfmt=0x34363248 -aspect 16:10 -fs
play mjpeg webcam
mplayer -fps 24 tv:// -tv driver=v4l2:outfmt=mjpeg:width=1920:height=1080:device=/dev/video0 -aspect 16:10 -fs
play mp3 in different speed keep pitch.
mplayer -speed 1.5 -af scaletempo /mp3/music.mp3 # list chapters. mplayer dvd://1 -dvd-device /dev/sr0 -identify -novideo -nosound # dump chapters. mplayer -dvd-device /dev/sr0 dvd://3 -dumpstream -dumpfile 3.vob
MP4Box
Combine mp4 files
MP4Box -add file1.mp4 -add file2.mp4 output.mp4
mtr
ping and traceroute combined.
mtr -rc 10 www.googe.com
- Generate report.
mtr --report --report-cycles 10 www.google.com > google_net_report.txt
mutt
Put the followin in .muttrc to change From.
set realname="Joe User" set from="user@host" set use_from=yes
command line mail with attachment
mutt -s subject -a syslogs.tar.gz admin@domain.org < /dev/null
Change sender from command line.
export EMAIL=address@inter.net && mutt -s "Subject Test" anden@halfface.se < /dev/null echo "Test message" | mutt -s "Subject test" -e "set realname=\"Real Name\"" -e "set from=\"anden@halfface.se\"" -e "set use_from=yes" anden@halfface.se
Change envolope from
export REPLYTO=email@inter.net export EMAIL=email@inter.net echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment
oneliner
export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "${EMAIL} testing on ${HOSTNAME}" | mutt -e "set envelope_from=yes" -s "${EMAIL} testing on ${HOSTNAME}" "${EMAIL}"
Dont trigger out of Out Of Office reply.
echo "email@inter.net testing" | mutt -e "unignore list-id" email@inter.net
nc (netcat)
- Check communication.
listen on port 3333.
nc -l 3333
talk to port 3333.
nc 192.168.0.1 3333
- Transfer data.
Cat file, calculate size listen on port 3333.
cat backup.iso | pv -b | nc -l 3333
Receive file.
nc 192.168.0.1 3333 | pv -b > backup.iso
- Setup telnet server
nc -L -l -p1234 -d -e cmd.exe
- Test connection.
nc -w2 -znv 10.1.22.31 7222
- tunnel
On the server, we open a listener on the TCP port 6667 which will forward data to UDP port 53 of a specified IP. If you want to do DNS forwarding like me, you can take the first nameserver's IP you will find in /etc/resolv.conf - in this example, this is 192.168.1.1. But first, we need to create a fifo. The fifo is necessary to have two-way communication between the two channels. A simple shell pipe would only communicate left process' standard output to right process' standard input.
mkfifo /tmp/fifo nc -l -p 6667 < /tmp/fifo | nc -u 192.168.1.1 53 > /tmp/fifo
- Dont eat up standard output.
nc -v --send-only --recv-only localhost 22
Talk to pop3 server over ssl.
nc --ssl mail.tele2.se 995
net
Start service via samba.
net rpc service start ipremote -I 172.17.255.99 -U 'domain/user%password'
netstat
Look at network connections. tcp/ip4.
netstat -4anpt
nmap
Scan for open ssh ports.
nmap -p 22 --open -sV 10.0.0.*
- Syn scan.
nmap -P0 -sS -p1023 www.halfface.se
- Ping scan. Do not resolve.
nmap -sn -n 10.127.254.1-254
- Which chippers are allowed.
nmap --script ssl-enum-ciphers -p 465 www.halfface.se
- arp scan.
nmap -PR 192.168.0.0/24
- which kex_algorithms server_host_key_algorithms encryption_algorithms compression_algorithms
nmap --script ssh2-enum-algos -sV -p 22 ssh.server.inter.net
nmcli
manage network from cli
http://fedoraproject.org/wiki/Networking/CLI
Connect to a configured connection by name
nmcli connection up WireLess
Disconnection by name
nmcli connection down Wireless
Connect to remembered network.
nmcli con up '[-_-] halfface 5'
List available wireless networks.
nmcli device wifi list
Generate list of available wireless networks.
nmcli device wifi rescan
Creaete connection for wireless network.
nmcli device wifi connect Bredband password P4ssM0rd
List networks on specific interface.
nmcli device wifi list ifname wlp0s18f2u4
Disconnect network interface.
nmcli device disconnect wlp0s18f2u4
nohup
Start binary under nohup and tail log.
nohup ./run.sh & sleep 1 ; tail -1000f nohup.out
nping
nping -c 1 --tcp -p 80 www.halfface.se
ntfs-3g
mount ntfs filesystem. read and write.
yum install fuse fuse-libs ntfs-3g mount /dev/sda1 /media/c_drive -t ntfs-3g -r -o umask=0222,locale=en_US mount /dev/sda1 /media/c_drive -t ntfs-3g -rw -o umask=0000,locale=en_US fstab read and write. /dev/sda3 /media/e_drive ntfs-3g ro,defaults,umask=0222 0 0 /dev/sda1 /media/c_drive ntfs-3g rw,defaults,umask=0000 0 0
numbers
series of numbers
bash: echo {1..10}
nwipe (dban)
Wipe your disk
nwipe --nogui --nowait --autonuke /dev/sdb
omping
multicast ping
omping -c10 10.111.222.118 10.111.222.121
openssl
Grab the public key.
openssl s_client -connect www.halfface.se:443 </dev/null 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
What does the ssl cert look like.
echo | openssl s_client -connect www.sslsite.com:443 | openssl x509 -noout -startdate -enddate -subject -issuer -nameopt RFC2253,sep_comma_plus_space
Connect to ssl server
echo hello | openssl s_client -connect www.halfface.se:8140
Connect to ssl server -cipher NULL,LOW
echo hello | openssl s_client -connect www.halfface.se:8140
Connect with openssl v3
openssl s_client -ssl3 -connect ipmon01.dupont:443
Connect with low security cipher
echo X | openssl s_client -cipher NULL,LOW -connect www.halfface.se:8140
PEM convert to DER
openconnect x509 -inform PEM -in /file.pem -outform DER file.der
p12 to cer
openssl pkcs12 -in infile.p12 -out outfile.cer -nodes
Extract p12 password protected keys in
openssl pkcs12 -in /file.p12 -passin file:/password -nokey -nodes -out /file.nokeys
Encrypt file
openssl aes-256-cbc -a -salt -in file -out file,encoded -passin file:passfile
Decrypte file
openssl aes-256-cbc -d -a -salt -in file -out file,encoded -passin file:passfile
Install new root ca
# Change to the directory: cd /etc/pki/tls/certs # Next download the College root certificate: wget https://icca2.ic.ac.uk/certenroll/ic-root.crt # Convert the certificate to PEM format: openssl x509 -inform der -in ic-root.crt -out ic-root.pem # Create a link with the certificate hash: ln -s ic-root.pem `openssl x509 -hash -noout -in ic-root.pem`.0 # Create sha256 base64 encoded hash openssl dgst -binary -sha256 | openssl base64 # Verify root ca. openssl verify -CApath /etc/pki/tls/certs ic-inter-root.pem icrootca.cer: OK
The server certificate is the first certificate returned, and will be PEM formatted. The CA certificate is the final certificate returned, and is also PEM formatted.
openssl': echo | openssl s_client -connect www.sslsite.com:443 -showcerts
Check ca store files.
find . -name '*.pem' | while read PEM ; do echo '###' ${PEM} '###';ls -la "${PEM}" ; set -x ; curl --cacert "${PEM}" https://site.test.net/index.htm.
Verify pop3 connectivity.
openssl s_client -crlf -connect mail.tele2.se:110 -starttls pop3 USER yiming PASS foobar LIST – lists the messages available in the user’s account, returning a status message and list with each row containing a message number and the size of that message in bytes STAT – returns a status message, the number of messages in the mailbox, and the size of the mailbox in bytes RETR [message_num] – returns the message identified by the message number, which is the same as the message number shown in the LIST command output TOP [message_num] [n] – returns the top n lines of the message denoted by message number. QUIT command will end the session.
Create wildcard self signed certificate.
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout wildcard.test.internal.zone.key -out wildcard.test.internal.zone.crt Common Name (eg, your name or your server's hostname) []:*.test.internal.zone
pam_tally2
Configured here.
/etc/pam.d/password-auth:auth required pam_tally2.so file=/var/log/tallylog onerr=fail per_user deny=6 no_magic_root
What is status from account?
pam_tally2 --user=user1 Login Failures Latest failure From user1 8 04/20/15 11:39:54 192.168.1.1
parallel
Run command 10 times in parallel.
seq 10 | parallel -n0 echo "Hello, World"
Run command 10 times in parallel dryrun.
seq 10 | parallel --dry-run -n0 echo "Hello, World"
Compress logfiles in parallel.
parallel gzip ::: *.log
paste
Combine to files to one in multiple column. Replace tab with spaces.
paste /tmp/check_name_nagios /tmp/filename | column -t -s $'\t'
patch
Update release area Windows.
servicepack.exe -s:z:\w2k3
pcregrep
Multiline grep
pcregrep -M 'pattern: line1\nPattern lin2' /temp/files_*
pidof
which pids has a program stared. Find pid.
ping
Ping ipv6 loopback
ping6 ::1 -c1
Ping ipv6 broadcast
ping6 ff02::1%2 | cut -d\ -f4
Ping short output
ping -w1 -q -c1 -i10 localhost | grep received
Ping to discover mtu. 1460, 1450. When reply increase with 2. when found highest value increase with 28 to get mtu.
ping -M do -s 1472 123.45.56.78
pgrep
Grep any processlines including 1066
pgrep -lf 1066
pmap
Look at memory usage of process.
sudo pmap 2258
postfix
remove mails in queue.
mailq 2>&1 | grep ^[A-F0-9] | awk '{print $1}' | postsuper -d -
postgres
Connect to remote database:
export PGPASSWORD=password && psql --host=10.111.222.1 --port=5492 --username=user --no-password postgres
List databases.
SELECT datname FROM pg_database;
printscreen
import -window root test.png
/proc
- /proc/meminfo
MemTotal — Total amount of physical RAM, in kilobytes.
MemFree — The amount of physical RAM, in kilobytes, left unused by the system.
Buffers — The amount of physical RAM, in kilobytes, used for file buffers.
Cached — The amount of physical RAM, in kilobytes, used as cache memory.
SwapCached — The amount of swap, in kilobytes, used as cache memory.
Active — The total amount of buffer or page cache memory, in kilobytes, that is in active use. This is memory that has been recently used and is usually not reclaimed for other purposes.
Inactive — The total amount of buffer or page cache memory, in kilobytes, that are free and available. This is memory that has not been recently used and can be reclaimed for other purposes.
HighTotal and HighFree — The total and free amount of memory, in kilobytes, that is not directly mapped into kernel space. The HighTotal value can vary based on the type of kernel used.
LowTotal and LowFree — The total and free amount of memory, in kilobytes, that is directly mapped into kernel space. The LowTotal value can vary based on the type of kernel used.
SwapTotal — The total amount of swap available, in kilobytes.
SwapFree — The total amount of swap free, in kilobytes.
Dirty — The total amount of memory, in kilobytes, waiting to be written back to the disk.
Writeback — The total amount of memory, in kilobytes, actively being written back to the disk.
Mapped — The total amount of memory, in kilobytes, which have been used to map devices, files, or libraries using the mmap command.
Slab — The total amount of memory, in kilobytes, used by the kernel to cache data structures for its own use.
Committed_AS — The total amount of memory, in kilobytes, estimated to complete the workload. This value represents the worst case scenario value, and also includes swap memory.
PageTables — The total amount of memory, in kilobytes, dedicated to the lowest page table level.
VMallocTotal — The total amount of memory, in kilobytes, of total allocated virtual address space.
VMallocUsed — The total amount of memory, in kilobytes, of used virtual address space.
VMallocChunk — The largest contiguous block of memory, in kilobytes, of available virtual address space.
HugePages_Total — The total number of hugepages for the system. The number is derived by dividing Hugepagesize by the megabytes set aside for hugepages specified in /proc/sys/vm/hugetlb_pool. This statistic only appears on the x86, Itanium, and AMD64 architectures.
HugePages_Free — The total number of hugepages available for the system. This statistic only appears on the x86, Itanium, and AMD64 architectures.
Hugepagesize — The size for each hugepages unit in kilobytes. By default, the value is 4096 KB on uniprocessor kernels for 32 bit architectures. For SMP, hugemem kernels, and AMD64, the default is 2048 KB. For Itanium architectures, the default is 262144 KB. This statistic only appears on the x86, Itanium, and AMD64 architectures.
ps
Process list in tree view.
ps axfww
Process sort by cpu usage.
ps auxwww --sort -%cpu | head
How long has process been running.
ps -p 1 -o etime=
Process list sorted after memory usage.
ps aux --sort=size
Process show memory usage... sort...
ps axo rss,%cpu,pid,euser,cmd | sort -nr | head -n 10 | less -ISRM
Process sort by mem usage.
ps auxwww --sort -rss | head
Processes sorted by time running.
ps -aux --sort -time
Processes sorted by time started
ps -auxwww --sort=start_time
ps showing threads.
ps -efL
pulseaudio
- Is pulseaudio running?
ps uxawww| grep -E pulseaudi[o]
- stop pulseaudio
pulseaudio -k
- start pulseaudio as found by ps | grep pulseaudio
/usr/bin/pulseaudio --start --log-target=syslog
putty
set up tunnel
putty -load blt.homeip.net -l bjorklun -pw password -L 19242:192.168.0.42:3389 blt.homeip.net
putty without taking tty.
plink -load www.halfface.se -l user_name -pw password -R *:3389:localhost:3389 -2 -4 -N
pv
throughput in pipe. speed.
pv pv -cN
readpst
output pst file in separate files in out directory
readpst -S -o out/ outlook.pst
rename
Recursive lowercase to uppercase
for i in $(find * -depth); do (mv $i $(echo $i | sed 's%[^/][^/]*$%%')$(echo $i | sed 's!.*/!!' | tr [:upper:] [:lower:])); done
reposync
reposync -n -c /etc/yum/yum.conf -p /repos/centos6 -d -r base -r updates -r extras -r centosplus -r contrib createrepo -g /repos/centos6/base/repodata/comps.xml /repos/centos6/base createrepo /repos/centos6/updates createrepo /repos/centos6/extras createrepo /repos/centos6/centosplus
halfface -> sync repo. -d delete what is not on remote, -n only newest version, -p store here, -r which repos to sync
reposync -d -n -p /install/system/linux/fedora/24/repo/ -r updates -r fedora -r rpmfusion-free -r rpmfusion-free-updates -r rpmfusion-nonfree -r rpmfusion-nonfree-updates
halfface -> create repository
REPODIR=/install/system/linux/fedora/24/repo ; for REPO in $(cd $REPODIR; ls) ; do echo $REPO ; createrepo_c ${REPODIR}/${REPO} ;done
reboot
Hard reboot mean that shutdown scripts will not run and machine reboot immediately without syncing hard disk drives, shutdown applications etc. This commands enable sysrq and after this call fast reboot. echo 1 > /proc/sys/kernel/sysrq echo b > /proc/sysrq-trigger
Force shutdown
echo 1 > /proc/sys/kernel/sysrq echo o > /proc/sysrq-trigger
rfcomm
list usb devices
hcitool scan
What properties does the device have.
sdptool browse 00:0D:B5:30:07:79
connect bluetooth device virtual servial.
rfcomm bind /dev/rfcomm0 00:0D:B5:30:07:79 1
rkhunter
Run rkhunter full scan no keypresses needed
sudo rkhunter --checkall --skip-keypress -x
Update database
sudo rkhunter --propupd
route
The route to a network is behind 10.111.222.7
route add -net 10.111.223.0 netmask 255.255.255.0 gw 10.111.222.7
Add default route
route add default gw 192.168.122.1
Permanent route under redhat
/etc/sysconfig/static-routes any net 198.18.129.0/24 gw 10.240.175.12
/etc/sysconfig/network-scripts/route-eth1
1.2.3.4/23 via 1.2.3.1
rpm
List capabilities on which this package depends. Point to rpm.
rpm -q -R -p freenx-server-0.7.3-27.fc17.x86_64.rpm
install src.rpm
rpmbuild --rebuild alien-6.51-1.src.rpm rpm -i /usr/src/redhat/RPMS/x86_64/alien-6.51-1.rpm
List contents of rpm.
rpm -qlp myfile.rpm
List information about non installed rpm.
rpm -qip foo.rpm
Extract contents of rpm.
rpm2cpio *.rpm | cpio -i --make-directories
Which version of rpm is installed. /etc/rpm/macros ~/.rpmmacros
%_query_all_fmt %%{name}-%%{version}-%%{release}.%%{arch}
list architecture
rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}\n"
List only name of installed rpms.
rpm -qa --qf "%{NAME}\n"
Extract rpms in subdirectories.
for RPM in $(ls *|sed 's_\.rpm$__g');do echo $RPM; mkdir $RPM; rpm2cpio $RPM.rpm | (cd $RPM && cpio -i --make-directories);done
Verify content of rpm
rpm -V package # What does those cryptic letters mean from rpm -V: S file Size differs M Mode differs (includes permissions and file type) 5 MD5 sum differs D Device major/minor number mismatch L readlink(2) path mismatch U User ownership differs G Group ownership differs T mTime differs
Reinstall rpm
rpm -iv --replacepkgs package.rpm
Dependencies of rpm
rpm -qpR {.rpm-file} rpm -qR {package-name}
Rebuild rpm database.
\rm /var/lib/rpm/__db* rpm --rebuilddb
Update minor release.
yum --releasever=6.11 update sl-release yum clean all yum update
rsync
Syncronize folders. Delete non existing files on remote host. Compress.
rsync --delete -az -e ssh bjorklun@semco.homeip.net:/install/program/windows/
Syncronize files over ssh on port 2222. Show progress. Syncronize even empty directories.
rsync -Pae 'ssh -p 2222' localhost:/opt/techops/bin/ /opt/techops/bin/
Run rsync in both ends but transfer data with normal user.
sudo rsync -aP /tmp/andreas/ andreasbj@localhost:/tmp/andreas2/ --rsync-path='sudo rsync'
rsync with limit of 8 MB/s.
rsync -aP --bwlimit=8000 /source/ /destination/
rsync excluding directory
rsync -r --exclude=.svn /source/ /destination/
rsync including selinux information. Preserve hard links.
rsync -aPXH /source /destination
rsync don't keep links. Copy files referenced.
rsync -rLP /source/ /destination
Record which files to sync.
rsync -r -ptgo --delete -P --size-only -n www.halfface.se:/mp3/ /mp3/ -n | tee /temp/mp3_$(date +%Y-%m-%d)_diff.txt
Rsync new files.
rsync -RDa0P --files-from=<(find /sourcedir -mtime -7 -print0) . /targetdir/
sar
Old sar information.
sar -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00
load average.
sar -q -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00
All information.
sar -A -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00
View network statistics.
LANG=c sar -n DEV | grep eth0
realtime summary.
sar 4 5
script
Run command under shell even if it does not exist.
script -q -f -c "commands or scripts to run"
search&replace
perl
grep -rsl '10.6.4.102' * | xargs perl -pi -e 's/10.6.4.102/10.6.4.103/'
sed
find . -type f -exec sed -i 's/string1/string2/g' {} \;
Grep for regexp starting with CN= and stop at first occurrence of ,. not greedy
grep -oE 'CN=[^,]*,'
setfacl
Add rwx permission for user_name recursivly from /directory
setfacl -Rm u:user_name:rwx /directory
shred
Recurse remove dir
find /tmp/secret -type f -exec shred {} \;
shuf
Pick random line in file.
shuf -n1 /file
sms
Mail to sms gateway.
tele2 07XXXXXXXX@sms.tele2.se
Comviq 467xxxxxxxx@sms.comviq.se
Europolitan 4670xxxxxxx@europolitan.se
snmptrap
# send more than one string. snmptrap -v 2c -Ci -u user -c community localhost "" .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string" snmptrap -v 2c -Ci -u user -c community localhost .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string" snmptrap -v 2c -c xxxxxxx localhost .1.3.6.1.4.1.5089.1.0.1 .1.3.6.1.4.1.5089.2.0.999 s "Hej Hej"
snmptrapd
# Enable logfile. /etc/sysconfig/snmptrapd OPTIONS="-Lf /var/log/snmptrapd.log" # Disable authorization and put in logfile. /etc/snmp/snmptrapd.conf disableAuthorization yes authCommunity log public
snmpwalk
Get information from an oid.
snmpwalk -v 1 -c public snmp.device.net .1.3.6.1.4.1.2021.84
Do tcpdump while running.
tcpdump -i eth0 -n -s0 -v host snmp.device.net and port snmp
socat
Create a tunnel between localhost 2222 to remote host 2222
socat TCP-LISTEN:2222,fork TCP:10.111.222.2:2222
Create tunnel via systemctl Create file similar to this. /etc/systemd/system/socat_win.service
[Service] ExecStart=/usr/bin/socat TCP-LISTEN:3389,fork TCP:192.168.122.204:3389
Enable new file.
systemctl daemon-reload
Start new daemon
systemctl start socat_win
sort
Sort ip address.
sort -t. +0n -1 +1n -2 +2n -3 +3n -4 sort -t . -k 1,1n -k 2,2n -k 3,3n -k 4,4n
sort on fift column
sort -t, -k5n,5 /tmp/gfp
Get a list of configured ip for a set of hosts. Sort on domain then hostname
pdsh ^/host_list 'ip route get 8.8.8.8 | awk "NR==1 {print \$NF}"' | sort -t . -k 2 -k 1
Sort on first column only.
sort -n -k 1,1
spawn
Encode wav to ogg in parallel.
# ls -1 *.wav | while read ; do echo "oggenc -q6 \"$REPLY\"" ; done | spawn -j4
split
Devide file into parts containing 100 lines.
split -l 100 create_updated_2013-10-29_sort_created_ci_id_name.txt --numeric-suffixes --suffix-length=3 Cleanup.
Devide file in 10 parts. Suffix length 4.
split -n 10 -a 3 bigfile.tar.gz
sqlite
Is db broken?
sqlite3 mydata.db "PRAGMA integrity_check"
recover db
sqlite3 mydata.db ".dump" | sqlite3 new.db
sqlplus64
Connect to oracle database.
sqlplus64 user/password@hostname
Connect to oracle database non standard port.
sqlplus64 -L user/password@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.111.222.1)(PORT=1523))(CONNECT_DATA=(SID=SIDDATABASE)))"
Connect to oracle database non standard port as sysadm.
sqlplus64 -L user/password@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.111.222.1)(PORT=1523))(CONNECT_DATA=(SID=SIDDATABASE)))" AS SYSDBA LD_LIBRARY_PATH=/usr/lib/oracle/12.1/client64/lib/ sqlplus64 -L SYS/password@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=cis.inter.net)(PORT=1521))(CONNECT_DATA=(SID=XE)))" AS SYSDBA
View databases. You can think of a mysql "database" as a schema/user in Oracle. If you have the privileges, you can query the DBA_USERS view to see the list of schemas.
SELECT DISTINCT OWNER FROM ALL_OBJECTS;
Name of database.
SELECT NAME FROM v$database;
Database version
SELECT * FROM v$version;
Size of database
SELECT SUM (bytes) / 1024 / 1024 / 1024 AS GB FROM dba_data_files;
Generate random number
SELECT ROUND (DBMS_RANDOM.VALUE () * 100) + 1 AS random_num FROM DUAL;
Create user
create user root identified by "S3cretPasSw0rd";
Grant access.
grant CREATE SESSION, ALTER SESSION, CREATE DATABASE LINK, - CREATE MATERIALIZED VIEW, CREATE PROCEDURE, CREATE PUBLIC SYNONYM, - CREATE ROLE, CREATE SEQUENCE, CREATE SYNONYM, CREATE TABLE, - CREATE TRIGGER, CREATE TYPE, CREATE VIEW, UNLIMITED TABLESPACE - to root;
ssh
Automated login on a user basis via ssh.
ssh-keygen -t dsa Generate personal ssh keys. cat id_dsa.pub >> authorized_keys Copy your personal ssh key to all machines. chmod 644 ~/.ssh/authorized_keys Verify correct access on files. ssh andreasbj@www.halfface.se "cat >> ~/.ssh/authorized_keys" < /home/andreasbj/.ssh/id_dsa.pub
Copy public key to authorized_keys
ssh-copy-id user@host
List supported ciphers
ssh -Q cipher
List supported MACs
ssh -Q mac
List supported public key type
ssh -Q key
List supported key exchange algorithms
ssh -Q kex
Tunnel
sudo ssh -nNTx -R 2222:localhost:22 andreasbj@www.halfface.se
Reverse tunnel.
ssh -D \*:666 www.halfface.se ssh -N ipmon10.ny1.ip-soft.net -L43389:ippc01.ongame.ip-soft.net:3389 -n Dont take console. Good for background. -N Do not execute a remote command -T Disable pseudo-tty allocation. -x Disables X11 forwarding. -R port:host:hostport sudo ssh -N -L 2222:www.halfface.se:22 www.halfface.se sudo ssh -nNTx -R 2222:www.halfface.se:22 www.halfface.se sudo ssh -nNTx -R 443:satellite.ongame.com:443 root@10.0.254.30 # Tunnel 443 over ssh from remote host via local host.
Open tunnel on remote host. Start remote proxy server forwarding to internal network.
ssh remotehost -R remoteport:localhost:localport "ssh -D 9050 localhost:remoteport"
Multiple reverse tunnel controled by autossh. (-M)Control port,(-f)background, (-N) no remote command, reverse tunnel (-R)
autossh -M 41000 -f -N -R 0.0.0.0:8001:192.168.1.10:80 -R 0.0.0.0:8002:192.168.1.20:80 user@remotehost
reverse tunnel bound to all interfaces
The config has to allow to bind to * interface. /etc/ssh/sshd_config GatewayPorts yes
sudo ssh -i ${HOME}/.ssh/id_dsa -N -R \*:2222:localhost:22 ${USER}@www.halfface.se
Create an ssh tunnel link
https://help.ubuntu.com/community/SSH_VPN echo 1 > /proc/sys/net/ipv4/ip_forward vim /etc/ssh/sshd_config PermitTunnel=yes sudo ssh -NTCf -w 0:0 1.2.3.4 sudo ssh -v -w any:any www.halfface.se ### local: ip link set tun0 up ip addr add 169.254.0.1/32 peer 169.254.0.2 dev tun0 ip route add 192.168.0/24 via 169.254.0.2 remote: ip link set tun1 up ip addr add 169.254.0.2/32 peer 169.254.0.1 dev tun1 arp -sD 169.254.0.2 eth1 pub ### Change default gateway. In this case, 192.168.0.1 is Machine B's current default gateway; it is the gateway on Network B that provides internet connectivity ip route add 1.2.3.4/32 via 192.168.0.1 ip route replace default via 10.0.0.1
Limit ssh access with pam_access
/etc/security/access.conf
Proxycommand without nc
Host server1 Hostname 10.0.1.1 ProxyCommand ssh -q -x jumphost -W %h:22
ssh over ipv6 via 2 network interface.
ssh -6 fe80::1ec1:deff:fecb:6ce%2
ssh options
None interactive. Dont ask for password.
-o BatchMode=yes
Accept all keys.
-o StrictHostKeyChecking=no
jail
/etc/sshd/sshd_config
Match group mychroot ChrootDirectory /jail/ X11Forwarding no AllowTcpForwarding no
sshd debug
/etc/sysconfig/sshd
OPTIONS="-ddd"
ssh multiple jumps one cli
Jump through host1.net to get to host2.net
ssh -t host1.net ssh -t host2
Jump through host1.net to host2.net and bring port 8080 with you.
ssh -t host1.net -L 8080:localhost:8080 ssh -t host2.net -L 8080:localhost:8080
sshfs mount filesystem over ssh
sshfs name@server:/path/to/folder /path/to/mount/point
sshuttle
create a network route over ssh.
sshuttle -D -r user@remotehost:2222 192.168.1.0/24
stat
View file permissions only.
stat -c "%a %n" /usr/bin/bash
Copy permissions from one location to another.
rpm -qlp package.rpm | while read FILE ; do echo chmod $(stat -c "%a" $FILE) \"$FILE\";done > /tmp/copy_permissions.sh
strace
File open activity.
strace -e open -f ls -la /temp/
File open activity under directory.
strace -e open -P /temp/ -f ls -la /temp/
More file activity.
strace -e trace=file -p 1234 strace -e trace=desc -p 1234
Trace network activity.
sudo strace -f -e trace=network -p 1476 # 1024 long strings. sudo strace -s 1024 -f -e trace=network -p 1476 # strace follow process with matching regex. strace -f -e poll,select,connect,recvfrom,sendto -p $(pgrep -f login-sync.xml)
Memory usage
sudo strace -f -e trace=memory -p $(pgrep -f firefox)
What is taking time
[root@util01 abjorklund]# strace -f -c -p 9657 % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 88.11 11.614155 1644 7065 1565 futex 9.94 1.310794 16183 81 73 restart_syscall 1.86 0.245018 86 2850 recvfrom 0.05 0.006784 30 228 poll 0.03 0.004006 2 1838 sendto 0.00 0.000271 1 253 sched_yield 0.00 0.000134 12 11 mmap 0.00 0.000107 0 5176 ioctl 0.00 0.000026 0 148 148 stat 0.00 0.000000 0 1 read 0.00 0.000000 0 254 write 0.00 0.000000 0 44 mprotect 0.00 0.000000 0 1 rt_sigreturn ------ ----------- ----------- --------- --------- ---------------- 100.00 13.181295 17950 1786 total
strace multiple processes
strace -s 1024 -f -o /tmp/strace $(pidof Process_name | sed 's/\([0-9]*\)/-p \1/g')
sudo
Enable sudo logging
sed -i "$(( $(grep -n ^Defaults /etc/sudoers | tail -1 | awk -F: '{print $1}') + 1 ))iDefaults log_output\nDefaults log_input" /etc/sudoers
Command above adds the following to /etc/sudoers
Defaults log_output Defaults log_input
List sudo-io logs.
sudoreplay -l
Search for string in logs.
zgrep search_string $(find /var/log/sudo-io/ -type f)
Replay session. Max wait 1s. 5 times the speed.
sudoreplay -m1 -s5 000002
Replay session including stdin
sudo sudoreplay -m1 -s5 -f stdin,stdout,stderr,ttyin,ttyout 000001
systemctl
init 3
systemctl isolate multi-user.target systemctl set-default multi-user.target
init 5
systemctl isolate graphical.target systemctl set-default graphical.target
When you have made changes to /etc/systemd/system/*.service
systemctl daemon-reload
List all units
systemctl list-unit-files
tail
Tail from line number 21.
tail -n +21 /file
Talk
Talks swedish.
espeak -v swedish -f /tmp/file
tar
Make a backup of a directory or disk.
server: tar -cpsf - $dir | pv -b | nc -l 3333 client: nc server 3333 | pv -b | tar -xpst -
Inline tar archive.
awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' $0 tail -n $0 > archive.tar # tail -n +347 Filename
Backup dir but exclude files within
tar zcf /tmp/backup_$(date '+%Y-%m-%d_%H-%M-%S').tar.gz /apps/app --exclude=/apps/app/var/* --exclude=/apps/app/logs/*
tcpdump
dump trafic information, -e Print the link-level header on each dump line, -vvv verbose.
tcpdump -e -vvv port 21
dump all trafic to and from machine. -w write to file, -s0 size of package, host to listen from.
time tcpdump -w ssl_dump -s0 host test.x30.webservices.itsfogo.com
dump all trafic into files of max 100MB. 270MB in reality.
tcpdump -w snoop -s0 -C 100000000
dump all trafic. compress logfiles. Create 10 files which are 10 MB big. Dont convert numbers to names. Dont truncate frames create logfile with this name.
tcpdump -z gzip -i wlan0 -C 10 -W 10 -n -s0 -w /tmp/tcpdump.log
Which machines send a syn packet.
sudo tcpdump -nn -i eth0 'tcp[13] = 2'
Show information about all traffic on interface.
tcpdump -s0 -i eth1 -vv
Show information about communication over port 514
tcpdump -Xni any port 514
listen on port 1023 for incoming trafic. disable local subnets.
sudo tcpdump -n -i eth0 tcp and dst host 172.17.17.6 and not src net 172.17.17.0/24 and not src net 158.0.0.0/8 and 'port 1023'
listen after torrent traffic.
sudo tcpdump -Xni any portrange 6882-6999
View content of http trafic
sudo tcpdump -i any -A -s 1500 dst 89.253.75.84 and port 80
View post in utf-8 format.
sudo tcpdump -lnp -i any -A -s 1500 dst 89.253.75.84 and port 80 -w - | tr -t '[^[:print:]]' ''
Get cookie
tcpdump -i lo -A -l dst port 8000 | grep "^Cookie: " To create cookie for curl: https://xiix.wordpress.com/2006/03/23/mozillafirefox-cookie-format/
Look at traffic from specific ip
tcpdump -n -i any -n host 198.18.130.9
tcptraceroute
tcptraceroute -n -q 1 192.168.0.1 -p 22
testssl
test ssl certificate
testssl www.halfface.se
tftp
# Download test.file tftp -v 172.17.17.6 -c get test.file # Upload file. tftp -v 172.17.17.6 -c put /tmp/test.put test.put # Enable upload file in in.tftpd /etc/xinetd.d/tftp server_args = -c -s /var/lib/tftpboot
toilet
Generate graphics text similar to banner.
toilet -F gay -f mono12 "Some Funky Text"
top derivates
apachetop dnstop iftop latencytop glances
tibco
show permissions.
help permissions
Create user
create user surveillance "Surveillance user" password=surveillance
Grant user permission to view all
grant admin user=surveillance view-all
time
Time in a loop.
{ time sleep 2 >> ${LOG} ; } 2>> ${LOG}
How long did a command take
TIME=$( { /usr/bin/time -f "%e" sleep 1.5 ;} 2>&1 ) ; echo $TIME
timeout
limit waiting for a period.
timeout 2s sleep 100
tnef
List content of winmail.dat. Remove options to extract to current dir.
tnef -t -f winmail.dat
touch
touch -am 0910120003 Give a new access time on a file 0910120003MMDDhhmmyy
linux
touch -t 197102162324 *
tput
No line wraps
tput rmam
Line wraps
tput smam
invisible cursor
tput civis
visible cursor
tput cnorm
reset is a good command to reset shell
reset
tr
translate capital to lower letter.
tr '[:upper:]' '[:lower:]'
trickle
Speed limit for download
rsync -ae "trickle -d 80 ssh" user@host:/src/ /dst/
Speed limit for upload.
rsync -ae "trickle -u 80 ssh" user@host:/src/ /dst/
Limit wget to 64kbit upload and download.
trickle -d 64 -u 64 wget "https://www.halfface.se/file.txt"
tune2fs
tune2fs -m 0 /dev/sdb1
udevadm
Monitor udev events.
udevadm monitor
udr
rsync over udp.
udr -a 57621 -b 57631 rsync -rP host.inter.net:/source/ /destination/
unetbootin
Boot iso image from usb memory.
upower
# Powerstatus of the system. battery charge. upower --dump
useradd
useradd --uid 666 --gid 666 --comment 'devil' devil && echo 'devil:VerySecretPassword' | chpasswd
v4l2
Video player
qv4l2
List available formatats and resolutions.
v4l2-ctl --list-formats-ext
List available formats
v4l2-ctl --list-formats
Set camera to h264
v4l2-ctl --set-fmt-video=width=800,height=448,pixelformat=1
Set framerate.
v4l2-ctl --set-parm=30
List video parameters
v4l2-ctl --get-fmt-video
List video output
v4l2-ctl --all
vi
:set ignorecase :set list show all keys. :set nolist show their representative.
vmstat
top over time.
vmstat -n 5
Description:
r=procs waiting for cpu time. b=procs in sleep mode. swpd=virtual memory in use in swap. free=memory free. buff=memory used by buffers cache=memory used as cache. si=swap in. so=swap out. bi=io block in. bo=io block out. in=interups cs=contex switching. us=cpu user space sy=cpu system usage to serve. id=cpu idle wa=cpu waiting for input output. iowait. st=cpu time stolen from a virtual machine
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free buff cache si so bi bo in cs us sy id wa st 2 1 814984 167992 26820 999460 0 0 1 0 2467 5088 2 2 95 1 0 0 0 814984 168100 26820 999540 0 0 2 150 2467 5026 1 2 97 0 0
wget
wget -r -nH -np --cut-dirs=1 --no-check-certificate -U Mozilla --user={uname} --password={pwd} https://my-host/my-webdav-dir/my-dir-in-webdav
wget to standard output.
wget --no-check-certificate -S -O- http://inter.net
whois
# When does a domain expire. whois -h whois.iana.org sivberg.se # which ipranges does an ipaddress belong too. In this case looking at google. whois -h whois.radb.net -- "-i origin $(whois -s -h whois.radb.net 172.217.26.68 | grep ^origin | awk '{print $2}' | tail -1)" | grep ^route | awk '{print $2}'
wireshark
find packet packet details string
wodim
Burning disks.
wodim -scanbus # Scan scsi bus for burners. wodim --devices # Discover basic information. wodim -checkdrive # Information about burner. wodim -tao speed=0 dev=/dev/sr0 -v -data /temp/files/ # Burn disk containing structure from /temp/files/ wodim -eject -tao speed=0 dev=/dev/scd0 -v -data /my/directory/image.iso # Burn image to disc.
xargs
locate case insensetive, regular expression. xargs string to replace imput. Print output to standard error.
locate -ir ".*\.crt$" | xargs -I '{}' -t cp {} /temp/ssl/
Do something on everything from standard input.
ls -la | xargs -i% echo '# beginning #' % '# end of line #'
xdotool
When you have to move your mouse but you dont want to push it.
xdotool mousemove_relative -- -1 -1 xdotool mousemove_relative 1 1
Send ab to window.
xdotool search --onlyvisible --name freerdp key a key b
xinput
# List xinputs. xinput list # List properties. xinput list-props "Logitech Unifying Device. Wireless PID:400e" # Middle button emulation. xinput set-prop "Logitech Unifying Device. Wireless PID:400e" "Evdev Middle Button Emulation" 1 xinput set-prop 12 "libinput Middle Emulation Enabled" 1
xset
Disable screen saver
xset -dpms ; xset s noblank ;xset s off
zip
Zip directory exclude files .svn directory.
zip -r /temp/ssl.zip . -x ".svn/*"
List contents of zip archive.
unzip -l archive.zip
zdump
View information from timezone tz.
zdump -v /etc/localtime