Commands

From Halfface
Jump to navigation Jump to search

7za

decompress file

7za e myfiles.7z

ab

apache benchmarking

ab -n 50 https://www.halfface.se/photos/
ab -n 1000 -c 10 https://www.halfface.se/wiki/index.php/Halfface

abcde

Rip cd.

abcde

agrep

Aproximate grep. 3 differences from andreas

agrep -3 andreas /var/log/messages

alternatives

alternatives --set mta /usr/sbin/sendmail.postfix

antiword

antiword bad.doc > pure.txt

arecord

List soundcards.

arecord -l

Chose source.

alsamixer

Create mp3 from source.

arecord -f cd -d 5 -t raw | lame -x -r - out.mp3

arp-scan

Scan ip addresses on local subnet

sudo arp-scan --localnet | sort -n -k4 -t.

at

Run command at specific time. Look at queue.

echo '/usr/bin/espeak -s120 "I will say this only once."' | at -t 201810180833
atq

List at jobs.

atq ; atq | awk '{print $1}' | while read i ; do echo '***' $i ; at -c $i 2>&1 | tail -3 | head -1 ; done
2       Sun May 17 04:00:00 2020 a root
*** 2
/usr/bin/systemctl restart springboot_uc_supportrouter.service

base64

 base64 -d /tmp/html | elinks --dump | less -ISRM

blkid

Get uuid of disk.

blkid /dev/sdb1
/dev/sdb1: UUID="64cd54f7-5330-425d-81e5-a0e473a5f5e7" TYPE="ext4" PARTLABEL="primary" PARTUUID="21f38e48-af2d-4fdd-854a-5910f392a6e0"

bonnie++

Report performance on disk. benchmark

bonnie++ -u 0:0

On machine running out of disk

sudo bonnie++ -d ./ -s 400 -r 200 -u root

Example command.

bonnie++ -d /storage/temp/ -s 32G -n 0 -m TEST -f -b -u abjorklund

boot

Booting singe user mode.

kernel ... single

bootchart

Analyze startup times.

bootgraph

How to use.

Kernel later than 2.6.28
kernel option initcall_debug
dmesg | /usr/src/linux-headers-2.6.28-11-generic/scripts/bootgraph.pl > /tmp/bootgraph.svg

bpftrace

run code at each system call

#!/usr/bin/bpftrace

interval:s:5
{
  exit();
}

kprobe:do_sys_open
{
  printf("%s %s\n", comm, str(arg1));
}

bzip2

Extract keep original

bzip2 -dk /compressed_file.bz2 and extract standard out via tar.

Extract bunzip2 file and extract via tar from standard out.

bzip2 -c /compressed_file.bz2 | tar -xivf -

cdrecord

Blank cd/dvd rw

cdrecord -v gracetime=2 dev=/dev/cdrom -eject blank=all -force

chage

List password properties of user

chage -l abjorklund

Unlimited login

chage -I -1 -m 0 -M 99999 -E -1 sftponly

chattr/lsattr

Set extendet attributes of files.

# Lock file for most activities.
chattr +i file
# Unlock file
chattr -i file
# recursive lsattr looking for imutable.
lsattr -aR -- .//. 2>/dev/null | sed -rn '/i.+\.\/\/\./s/\.\/\///p'

chmod

Sticky bit on directory. Only owners of files are able to delete.

chmod 1755 /file.
-rwxr-xr-t

GUID on file. binaries started will have the group set to the defined group.

chmod 2755 /file
-rwxr-sr-x

SUID on file.

chmod 4755 /file
-rwsr-xr-x

Remover permissions for others

chmod o-rwx

chntpw

# Change windows passwords offline
mkdir /mnt/disk ; mount /dev/sd1 /mnt/disk; cd /mnt/disk/Windows/System32/config
# List local users.
chntpw -l SAM
# clear password on user.
chntpw -u Administrator SAM

chrony

# setup time sync via ntp.
/etc/chrony.conf
# look at status
chronyc tracking
# List ntp sources.
chronyc sources

Force syncronize

sudo chronyc -a 'burst 4/4'

Make a big step. Did not work for me.

chronyc -a makestep

Verify clock

chronyd -q 'server pool.ntp.org iburst'

chvt

From a script change to a virtual interface and connect script to that terminal. chvt 3 exec < /dev/tty3 > /dev/tty3

cacafire

View some fire in ascii.

clean

Clean file from comments and blank lines.

sed '/ *#/d; /^ *$/d'

codepage

Change codepage of file.

convmv -f cp850 -t iso-8859-1 --notest *
convmv -f utf8 -t iso8859-1 -r --notest *
convmv -f iso8859-1 -t en_US.UTF-8 -r --notest .

Change codepage of file.

iconv --from-code=ISO-8859-15 --to-code=UTF-8 document.csv > document_iconv.csv

column

Create nice column. Use tab as delimiter.

column -t -s $'\t' /file.tsv

compgen

List all commands

compgen -A function -abck

convert

Convert Image to 8 bit grey with threshold for white.

for tif in *.tif; do convert -depth 8 -white-threshold 70% ${tif} ${tif%%.*}.png;done

Resize image

convert -resize 25% -gamma 1.5 2011-08-03_11-09-43.jpg 2011-08-03_11-09-43_new.jpg

Multipage pdf.

convert -adjoin -page A4 -compress jpeg Infineon1.tif Infineon2.tif Infineon.pdf

Prepare photos for printing.

convert -rotate 90 -gamma 1.5 -resize 25% -compress jpeg -quality 80 -adjoin -page A4 * print.pdf

Resize change aspect.

convert Slide1.PNG -resize 1920x1080\! slide01.png

animated gif

convert -delay 100 -loop 0 *.jpg animation.gif

Create multipage pdf of photos.

convert -resize 25% -adjoin -page A4 -rotate 90 -compress jpeg *.jpg test.pdf ; pdfjam test.pdf --no-landscape --frame true --nup 2x2 --suffix 4up --outfile /temp/photos/Alva/test_2x2.pdf

For vertical stacking (top to bottom):

convert -append 1.jpg 2.jpg out.jpg

For horizontal stacking (left to right):

convert +append 1.jpg 2.jpg out.jpg

Remove transparancy

convert image.png -background white -flatten image.jpg

cpio

Copy wanted partitions.

#!/bin/bash
ssh root@192.168.2.148 "(cd /boot/ ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc )" | (cd /mnt/sysimage/boot ; cpio -idvuma )
ssh root@192.168.2.148 "(cd / ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc)" | (cd /mnt/sysimage ; cpio -idvuma )
# -o copy out mode.
# -0 terminated by null character.
# -Hnewc som storing format.
# -i extract copy in mode.
# -d make directories.
# -v verbose.
# -V print dot.
# -u replace all files.
# -m preserve modification time.
# -a preserve access time.

cpulimit

Limit application cpu usage to 25% cpu utilization. Inherit limit to spawned processes.

cpulimit -i -l 25 /apps

crontab/cron

crontab.

* * * * *  command to be executed
- - - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)
0 Sunday
1 Monday
2 Tuesday
3 Wednesday
4 Thursday
5 Friday
6 Saturday
@reboot "run command at reboot"
If you need % in crontab escape it. \%

Run command every 10 minutes.

*/10 * * * * command

Run command at 12:00 and 24:00 hours.

00 0,12 * * *      command

Run command between 8-17 every 2 hours.

0 8-17/2 * * * /path/command
0 8,10,12,14,16 * * * /path/command

Start program under crontab.

#!/bin/bash
COMMAND="screen -L -d -m ping www.dn.se"
if [ "$(ps -ef | grep -i ping | grep -v grep)" ]
then
  echo "\"${COMMAND}\" already running."
else
  echo "Starting \"${COMMAND}\"."
  cd /tmp
  ${COMMAND}
fi

cut

Cuf everything from field 5.

cut -f5- -d ' '

curl

Get http return code.

curl --connect-timeout 3 --max-time 9 -ksL -w '%{http_code}\n' 'http://www.dn.se' -o /dev/null

get external ip. what is my ip

curl ifconfig.me 

get external ip and all related browser information.

curl ifconfig.me/all 

Alternative address for domain.

curl -sk --resolve www.halfface.se:80:127.0.0.1 http://www.halfface.se
curl http://127.0.0.1/ -H "Host: halfface.se" -H "X-Forwarded-Proto: https" -I

Get header / mime type

curl -I http://url.se

post file

curl -X POST -d @myfilename http://user:pass@myhost/hudson/job/_jobName_/postBuildResult

cookie format. tab delimited.

domain     - The domain that created AND that can read the variable. .halfface.se
flag       - A TRUE/FALSE value indicating if all machines within a given domain can access the variable. This value is set automatically by the browser, depending on the value you set for domain.
path       - The path within the domain that the variable is valid for.
secure     - A TRUE/FALSE value indicating if a secure connection with the domain is needed to access the variable.
expiration - The UNIX time that the variable will expire on. UNIX time is defined as the number of seconds since Jan 1, 1970 0:00:00 GMT.
name       - The name of the variable.
value      - The value of the variable.

add certificate authority to openssl

Redhat based os:es this file gets updated. /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt

cp /tmp/ca.crt /etc/pki/ca-trust/source/anchors/
update-ca-trust

Debian based

cp /tmp/ca.crt /usr/share/ca-certificates/extra
update-ca-certificates

curl ipv6

curl -6 -g "http://[::1]:80/"
curl -g "http://[2001:9b1:402d:0:ffff:f038:ec3e:b5d4]/"

proxy

curl  --proxy http://proxy.se:3128 -sk "http://mirrorlist.centos.org"

qr code

encode

qrencode "Andreas" -o /tmp/qr_Andreas.png

decode

zbarimg /tmp/qr_Andreas.png

date

Get date in requested format.

date '+%Y-%m-%d %H:%M'
date +%Y-%m-%d-%H%M
date "+%F_%T" # 2017-01-16_19:41:41

date 033121422003.55

Mon Mar 31 21:42:55 PST 2003
date MMDDhhmmCCYY.ss

Whats the date in 1000 years. Or any other increment.

date --date="+1000 years" +%C%y-%m-%d
date --date="-2 hour" +%C%y-%m-%d\ %H:%M
TZ=CEST date --date="-2 hour" +%C%y-%m-%d\ %H:%M

What is the time in other timezone given in unixtime/epoch.

TZ=GMT date -d '@1345064585'
Wed Aug 15 21:03:05 GMT 2012

Unix time.

date +%s

Unix to normal

date -d @1234567890

scew clock by a second.

DATE_OFF=$(date --date="-5 second" +%C%y-%m-%d\ %H:%M:%S\ %Z) ; date --set="${DATE_OFF}"

Set clock

date '+%Y-%m-%d %T %Z' -s "2008-11-28 08:08:08 UTC"

dateseq

Create date sequense.

dateseq 2017-04-01 2017-04-05

db2

Empty catalog remove node

for DB2 in $(db2 list node directory | grep "Node name" | awk '{print $4}') ; do db2 uncatalog node $DB2;done

Empty catalog remove db

for DB2 in $(db2 list db directory | grep "Database name" | awk '{print $4}') ; do db2 uncatalog db $DB2;done
  1. Load db2 environment.
. /home/db2/sqllib/db2profile
  1. Connect to database.
db2 connect to ${database_name} user ${user} using ${password}
  1. Test query.
SELECT service_level, fixpack_num, bld_level FROM TABLE (sysproc.env_get_inst_info()) as A;
  1. System Database Directory
db2 list db directory
  1. Node Directory
db2 list node directory
  1. setup directory
db2 "catalog tcpip node db2datan remote 1.2.3.4 server 5000"
db2 "catalog db db2datadb as db2datadb at node db2datan"
  1. Drop connection.
db2 terminate

dbus-monitor

dbus-monitor   # Monitor activity on the dbus to see what system and sessions are doing.

dd

output your microphone to a remote computer's speaker

dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp

Add 2GB to disk image.

dd if=/dev/zero of=/system_image.img bs=1M oflag=append conv=notrunc count=2000

dd with progress bar.

dd if=kali.iso of=/dev/sdc status=progress
pv -ptre /install/backup/machine/raspberry/ipcenter_view.img | sudo dd of=/dev/mmcblk0 bs=1M

dd to position on disk

dd of=/dev/disk1 if=/dev/urandom obs=500000 seek=1 bs=1MB count=1 conv=notrunc

consume 100GB ram

mount -o remount,size=300G /dev/shm
dd if=/dev/zero of=/dev/shm/$(date '+%Y-%m-%d_%H-%M-%S') bs=1073741824 count=100 status=progress

debugfs

ctime:  Shows file change time.
atime:  Shows file access time.
mtime:  Shows file modification time.
crtime: Shows file creation time. Birth.

Example

debugfs -R 'stat /etc/exports.bkp-2021-11-17_10-07-46' /dev/mapper/vg_rbnetstorage0-lv_root
debugfs 1.41.12 (17-May-2010)
Inode: 924905   Type: regular    Mode:  0644   Flags: 0x80000
Generation: 2068409071    Version: 0x00000000:00000001
User:     0   Group:     0   Size: 4775
File ACL: 0    Directory ACL: 0
Links: 1   Blockcount: 16
Fragment:  Address: 0    Number: 0    Size: 0
 ctime: 0x6194c662:deae4368 -- Wed Nov 17 10:07:46 2021
 atime: 0x6193bd7f:c4faf658 -- Tue Nov 16 15:17:35 2021
 mtime: 0x61925419:34c06f18 -- Mon Nov 15 13:35:37 2021
crtime: 0x6194c662:deae4368 -- Wed Nov 17 10:07:46 2021
Size of extra inode fields: 28
Extended attributes stored in inode body: 
  selinux = "unconfined_u:object_r:etc_t:s0\000" (31)
EXTENTS:
(0-1): 3718194-3718195

df

df output one per line. Without header.

df -Plk / /apps | tail -n+2

dhclient

[root@wall sysconfig]# cat /etc/dhclient.conf

interface "eth0" {
         prepend domain-name-servers 127.0.0.1;
         supersede domain-name "bltprojektering.se";
}

dialog

Create dialog in terminal. Example a progressbar.

for i in {0..100} ; do echo $i | dialog --gauge "Please wait" 7 70 1 ; sleep .1 ; done

diff

sdiff <(echo -e 'hej\nda\nvi\nses\ni\nmorgon') <(echo -e 'hej\ndå\nvi\nSES\ni\nmorgon')

Only show files that differ.

-q  --brief

dig

  1. Get all dns information about host.
dig any www.halfface.se
  1. Trace dns lookups from root dns. Use 8.8.8.8 for lookups.
dig +trace @8.8.8.8 www.halfface.se
  1. Recursive lookup.
dig -tAXFR halfface.se
  1. backward resolve
dig -x 89.253.75.84
  1. get ttl
dig +nocmd +multiline +noall +answer any halfface.se
  1. Get external ip.
dig +short myip.opendns.com @resolver1.opendns.com

digitemp

digitemp_DS9097 -c /etc/.digitemprc -t0

disk

disk usage

baobab

foremost

recover deleted files.

disown

Disconnect process(pid) so that is survives a logout.

disown %2

display

Change resolution

xrandr --output LVDS --mode 1280x800
xrandr --output default --mode 1280x1024

Query graphics card capabilities.

xrandr -q

Change dpi

xrandr --dpi 138/eDP1

du

du -amx / | sort -n | tail -5

duplicity

Encrypted backups over rsync

dmesg

dmesg with iso time format

dmesg --ctime --time-format iso

dmidecode

List memory banks

sudo dmidecode -t 17

dnf

install skip if not exist

sudo dnf install --setopt=strict=0 $(sort -u /temp/other_machine_rpm)

update system

dnf -y upgrade --refresh
reboot
dnf -y install dnf-plugin-system-upgrade
dnf -y system-upgrade download --refresh --allowerasing --releasever=35
dnf -y system-upgrade reboot
# broken deps.
dnf repoquery --unsatisfied
# look for duplicates
dnf repoquery --duplicated
# which rpms do not exit in repo.
dnf list extras
# remove no longer used.
dnf autoremove
dnf remove $(rpm -qa| grep \.fc23)

auto update

# Install auto updates.
dnf install dnf-automatic
# Enable auto update.
sed -i "s/apply_updates = no/apply_updates = yes/g;s/email_from = root@example.com/email_from = root@${HOSTNAME}/g;s/email_to = root/email_to = anden@halfface.se/g" /etc/dnf/automatic.conf
# Enable timer.
systemctl enable dnf-automatic.timer && systemctl start dnf-automatic.timer
# Trigger timer.
systemctl start  dnf-automatic.timer
# Check status of dnf-automatic:
systemctl list-timers *dnf-*

build environment

dnf group install "C Development Tools and Libraries"

dnsmasq

cat /etc/dnsmasq.d/shish.conf

listen-address=127.0.0.1
bind-interfaces
server=/redbridge.se/185.53.164.25
server=/int.redbridge.se/172.30.32.100
server=/mic.redbridge.se/172.30.32.100
server=/mgmt.rbcloud.net/172.30.32.100
server=10.111.222.2

dvgrab

Capture dv material

dvgrab -f dv2 -i -showstatus -s 0 -timestamp California-2

e2fsck

Scan for bad blocks.

e2fsck -ycv /dev/VolGroup00/LogVol00

edid/ddc

startx -- -logverbose 5.
The EDID information turns up in /var/log/Xorg.0.log.

enca

detect and convert encoding of text files. (codepage utf)

enca -L none /temp/locale2

etckeeper

Keep your /etc/ directory under git revision control.

What has happened.

git log -p /etc/resolv.conf

Wipe /etc/.git

etckeeper uninit 
etckeeper init

ethtool

show-features

ethtool -k
generic-segmentation-offload = gso
tcp-segmentation-offload     = tso

exiftool

Change meta data for files, exif, jpg, mp3... Get info from file.

exiftool $file.mp4

gps format

41°24'12.2"N 2°10'26.5"E

gps format known to maps.google.com

exiftool -c "%.6f" 2022-03-06_10-39-40.mp4 | grep -i gps

exportfs

Install server

dnf install nfs-utils

Start nfs server

systemctl start nfs-server

Reexport everything.

exportfs -avr

Example export.

*(rw,no_root_squash,async,insecure)
rw              rewritable
no_root_squash  Allow root on remote machine same permissions as local root
async
insecure        NFS version 2 and 3 servers only provide (insecure) host-based authentication: Hosts are allowed/denied based on hostnames and/or IP addresses. Authorization of users is controlled on the clients using the permissions of the files based on user/group IDs. allows clients with NFS implementations that don't use a reserved port for NFS

fdupes

Find duplicate files.

fdupes -r /home

ffmpeg

ffmpeg

ffmpeg -y -deinterlace -aspect 16:9 -author "Andreas Bjorklund" -title "Tanzania" -year 2007 -i Tanzania.m2t -acodec mp3 -vcodec mpeg4 -b 3000k -s 720x540 test.avi

Create swf/flv from mpeg2 stream

ffmpeg -deinterlace -i VTS_01_1.VOB -ab 56 -ar 22050 -b 500000 -r 15 -s 360x288  sisyfos.swf

Create horse movie.

ffmpeg -deinterlace -i /temp/VTS_01_1.VOB -ab 100 -ar 22050 -b 1200000 -r 25 -s 360x288 3horses.swf

Cut video from command prompt.

ffmpeg -i video.avi -vcodec copy -acodec copy -ss 00:00:00 -t 00:00:04 trimmed_video.avi

Record desktop.

ffmpeg -f alsa -ac 2 -i pulse -f x11grab -r 5 -s 1920x1080 -i :0.0 -acodec pcm_s16le -vcodec libx264 -threads 0 -y output.mkv
ffmpeg -f x11grab -s $(xrandr | grep \*+|awk '{print $1}') -r 25 -i :0.0 -sameq /tmp/out.mpg

Change container.

 ffmpeg -i film.mov -vcodec copy -acodec copy film.mp4

Transcode to h264 aac

ffmpeg -i original.avi -vcodec libx264 -acodec aac -strict experimental new_file.mp4

Transcode mp3 to ogg vorbis

for file in *.mp3;   do ffmpeg -i "${file}" -acodec libvorbis "${file/%mp3/ogg}";done

Take photo

ffmpeg -f video4linux2 -s 1280x720 -i /dev/video0 -f image2 snapshot.jpg

Take a photo from a video steam every 10 seconds.

ffmpeg -i video.mp4 -r 0.1 -f image2 %03dandreas.jpg

Take a photo every 1 put it in a file.

ffmpeg -y -i http://balcony.halfface.se:8080 -r 1 -f image2 -update 1 stream_image.jpg -probesize 5e+07

Rotate 180 degrees.

ffmpeg -i input.mp4 -filter:v "transpose=1,transpose=1" output.mp4

Change rotation without transcoding.

ffmpeg -i IMG_0703.MOV -metadata:s:v rotate="" -codec copy rotate_IMG_0703.MOV

Concaternate videos.

ffmpeg -f concat -safe 0 -i mylist.txt -c copy output

find

Find exluding directory.

find . -wholename '/var/' -prune -o -ls

Find in only files.

find /opt/ongame/ -type f -exec grep --color=always -r '10\.7\.' /dev/null {} \;

Find text file in directoy execpt directory. Grep for text in that file and show it with colours in less.

find /opt/ongame/ -wholename '/opt/ongame/napsjb/server/naps/tmp' -prune -o -type f -exec grep --color=always -r '/fraud' /dev/null {} \; | less -SR

Find excluding several directories.

find / -type d \( -path /proc -o -path /dev -o -path /net \) -prune -o -gid 1002 -exec chgrp -h 1001 {} \;

Find excluding svn.

find . -path '*/.svn' -prune -o -type f -print

Searches for files modified up to 4 days ago.

find ./ -type f -mtime -4

Searches for files modified between certain dates. Here for files older than 30 days but younger than 60 (penultimate month).

find ./ -type f -mtime -60 ! -mtime -30
sudo find . -newermt "2014-10-19 09:30" ! -newermt "2014-10-19 09:35"

Find which dir is consuming inodes.

find /var -xdev -printf '%h\n' | sort | uniq -c | sort -k 1 -n
for i in $(ls) ; do echo $(find $i | wc -l) $i ; done | sort -n

findmnt

view the mount tree

findmnt

flash

When firefox is complaining about outdated flash plugin

rm pluginreg.dat

flock

used to use cript that only used 1 time concurrently.

flock

fmt

Join lines

ifconfig -a | fmt -w 300

forward traffic

service x11
{
        disable = no
        socket_type = stream
        protocol = tcp
        wait = no
        user = root
        server = /usr/bin/nc
        server_args = 172.28.37.152 6000
}

free

You have 15956MB physical ram. 9033MB is used by applications. 6922MB is free.

free -m
             total       used       free     shared    buffers     cached
Mem:         15956      15755        200          0        300       6421
-/+ buffers/cache:       9033       6922
Swap:        19998       2405      17593

free new

Total memory 8076624k and 5169152 free.

             total        used        free      shared  buff/cache   available
Mem:        8076624     2536328     1069132      284152     4471164     5169152
Swap:       7815164     2809244     5005920

Free memory usage from /proc/zoneinfo and /proc/meminfo

awk -v low=$(grep low /proc/zoneinfo | awk '{k+=$2}END{print k}')  '{a[$1]=$2} END{print a["MemFree:"]+a["Active(file):"]+a["Inactive(file):"]+a["SReclaimable:"]-(12*low);}' /proc/meminfo
5168456

physical memory

Show physical memory in machine. Consider points below.

grep MemTotal /proc/meminfo

meminfo:

Provides information about distribution and utilisation of memory. This varies by architecture and compile options...

MemTotal:

Total usable ram (i.e. physical ram minus a few reserved bits and the kernel binary code)

Gives more information not really sure how.

dmesg|grep Memory:

List memory modules

dmidecode -t memory
lshw -class memory

fstab

Use ram for some logfiles.

none             /var/log/              tmpfs   defauls,noatime,size=10%                 0       0
none             /tmp/                  tmpfs   defauls,noatime,size=10%                 0       0
none             /var/tmp/              tmpfs   defauls,noatime,size=10%                 0       0
none             /var/spool/            tmpfs   defauls,noatime,size=10%                 0       0

fswebcam

Capture photo.

fswebcam -r 1920x1080 --jpeg 85 -D 1 --quiet --no-banner shot.jpg
fswebcam -d /dev/video0 -i 0 -r 2592x1944 -p YUYV /net/10.111.222.1/storage/temp/logitech.jpg

fwupdmgr

fwupdmgr get-devices --show-all-devices
fwupdmgr get-upgrades

genisoimage

genisoimage -o nuc.iso nuc

gnome-font-viewer

view fonts

gnome-font-viewer /file.woff2

gpg

Simple encryption decryption with gnupg.

gpg -c --force-mdc /temp/shadow
echo "$(gpg -qd /temp/shadow.gpg)"

create keys

gpg --full-generate-key

list secret keys

gpg --list-secret-keys --keyid-format LONG

list public keys

gpg --list-public-keys --keyid-format LONG

export public key

gpg --armor --export 3AA5C34371567BD2

export private key

gpg --armor --export-secret-keys 3AA5C34371567BD2

export secret subkey

gpg --armor --export-secret-subkeys 3AA5C34371567BD2

import keys

gpg --import pub.key
gpg --import sec.key
gpg --import sub.key

add trust to private key

gpg --edit-key 6252FC9A029A2669 trust quit # 5 y

edit gpg key

gpg --edit-key 6252FC9A029A2669

send gpg key

gpg --send-key 6252FC9A029A2669

delete public key

gpg --delete-key "User Name"

change trust level on all keys

gpg --list-keys --fingerprint |grep pub -A 1|egrep -Ev "pub|--"|tr -d ' '  | awk 'BEGIN { FS = "\n" } ; { print $1":6:" } ' | gpg --import-ownertrust

get info about gpg encrypted file

gpg --list-packets crypto-text.pgp

list keys in gpg file

gpg --list-packets crypto-text.pgp # | grep keyid

get public key from command above

gpg --recv-keys 754817487F42735A

encrypt file

gpg --encrypt --recipient user1@inter.net --recipient user2@inter.net --recipient user3@inter.net file.txt

decrypt gpg file

gpg --decrypt vpn-0ea602e33ab9c49fd.txt.gpg

who has encrypted file

gpg --pinentry-mode cancel --list-packets file.gpg

remove expired public keys

for i in $(gpg --list-public-keys --keyid-format LONG 2>&1 | grep -A1 -B1 expired | grep -Ev '^$|^pub|^uid') ; do gpg --delete-key $i ; done

gphoto2

Capture photo from the command line linux.

gphoto2 --camera='Canon EOS 40D (PTP mode)' --port=usb: --capture-image-and-download

graphviz

Create graph.

dot -Tps /flow -o /tmp/flow.ps

grep

Colorize grep output.

grep --color=always -r '10\.7\.' /opt/ongame/

Show non comment lines ending with a blank.

find . -name '*.properties' -exec grep --color=always -E '^[^#].*\ $' {} \; | less -SR

grep ipaddress from message file.

sudo grep DHCP /var/log/messages | grep -oir --color=always '192\.168\.[0-9]*\.[0-9]*' | sort -u
grep -E '([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))'

grep ipaddress from file

grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'

grep for tab

grep 10.199.2.1$'\t' /etc/hosts

grep from word containing regex space separated.

grep -oE '\S*regex\S*' /file

When grep start to complain about file being binary run the following command to define where.

grep -Pa '\x00' /temp/file_name

Remove binary part of file.

sed -i 's/\x00//g' /temp/file_name

Grep email addresses.

grep -E -o "\b[a-zA-Z0-9.-]+@[a-zA-Z0-9.-]+\.[a-zA-Z0-9.-]+\b" filename.txt

Grep for exact string like \

grep -F \\ blabla.json

gsettings

Emulate 3 button mouse

gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true

Blinking cursor disable

gsettings set org.gnome.Terminal.Legacy.Profile:/org/gnome/terminal/legacy/profiles:/:$(gsettings get org.gnome.Terminal.ProfilesList default|tr -d \')/ cursor-blink-mode off

List settings

gsettings list-recursively

gsync

Install gsync

git clone https://github.com/iwonbigbro/gsync.git
cd gsync/
sudo python setup.py install

Download data.

gsync -u -r -t -v --progress --delete -l -s drive://motion/ /temp/motion2/

gzip

Compress a stream.

find . | gzip -9 > /tmp/file_list.gz

gscan2pdf

Scan and ocr pdf dokuments

Handbrake

Compress dvd

  1. Rip dvd.
sudo vobcopy -o /storage/temp/ -v -x -l
  1. compress video.
HandBrakeCLI -e x264 -Z Normal -i source.vob -o destination.mkv -a 2 -r 25 -E faac -f mkv -d -S 600 --crop 0:0:0:0
  1. Create film for android.
HandBrakeCLI -i 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.vob -o 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.mp4 -x level=30:bframes=0:cabac=0:ref=1:vbv-maxrate=1500:vbv-bufsize=2000:analyse=all:me=umh:no-fast-pskip=1 -e x264 --vb 300 -E faac --ab 128 --maxWidth 320 -2 -T -d
  1. Compress.
SOURCE=/ssd/temp ; DESTINATION=/temp ; for FILM in $(cd ${SOURCE}; ls *.mov | sed 's/\.mov$//g'); do HandBrakeCLI -e x264 -q 20 -B 160 -i ${SOURCE}/${FILM}.mov -o ${DESTINATION}/${FILM}.mp4 ;done
  1. High profile
HandBrakeCLI -i DVD -o ~/Movies/movie.mp4  -e x264 -q 20.0 -a 1 -E faac -B 160 -6 dpl2 -R Auto -D 0.0 -f mp4 --strict-anamorphic -m -x ref=2:bframes=2:subme=6:mixed-refs=0:weightb=0:8x8dct=0:trellis=0

hostnamectl

hostnamectl set-hostname rocky_8_1

htmldoc

Convert html document to pdf

htmldoc --webpage -f php_html_doc.pdf /home/andreasbj/php_manual_en.html 2>/tmp/htmldoc

hunspell

hunspell -d sv_SE swedish.txt

hydra

Password checking.

hydra -l root -P /etc/passwdknown -t 5 192.168.29.62 ssh2

ifconfig

Configure network.

ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up

ip address alias

ifconfig eth0:0 192.168.1.2 netmask 255.255.255.0

Network configuration Full config.

echo -e "options timeout:1 attempts:1
domain halfface.se
nameserver 84.246.88.10
nameserver 84.246.88.20" > /etc/resolv.conf
ifconfig eth0 89.253.75.84 netmask 255.255.255.224 up
route add default gw 89.253.75.65 eth0

Vip on loopback /etc/sysconfig/network-scripts/ifcfg-lo:ipdbm

DEVICE=lo:ipdbm
IPADDR=192.168.122.2
NETMASK=255.255.255.255
NETWORK=192.168.122.0
ONBOOT=yes

Setting up multiple addresses. ifcfg-eth0-range0

TYPE=Ethernet
IPADDR_START=192.168.122.3
IPADDR_END=192.168.122.15

ifcfg-eth0

DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
TYPE=Ethernet
IPADDR=10.111.222.2
NETMASK=255.255.255.0
GATEWAY=10.111.222.1
DNS1=10.111.222.253
DNS2=10.111.222.254
DOMAIN="halfface.se subdomain.halfface.se"

ilo

log in to ilo

env -u LANG ssh -v Ongame@10.1.1.94

restart ilo

reset map1

start system

start system1

install

Crete directory

install -d --mode=755 --owner=user --group=group /apps/IP/IPim/var/log

Create empty file

install -o 0664 -o user -g group /dev/null ${ALFRESCO_DIR}/logs/catalina.out

inotifywathc

Se what access /dev/random

inotifywatch -v -t 60 /dev/random

inxi

inventory report.

inxi -Frmxx

iostat

iostat -xtc 5
-x extended statistics.
-t print time for each report.
-c display the cpu utalization report.
-y Omit first report with statistics since the system boot

iostat -xty 5 1 dm-3

Linux 2.6.32-573.7.1.el6.x86_64 (rb-netstorage02.int.redbridge.se)      12/30/2021      _x86_64_        (12 CPU)
12/30/2021 11:47:42 AM
avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.12    0.00    2.01    4.23    0.00   93.65
Device:         rrqm/s   wrqm/s     r/s     w/s   rsec/s   wsec/s avgrq-sz avgqu-sz   await  svctm  %util
dm-3              0.00     0.00 5806.20    0.00 1485056.00     0.00   255.77     1.54    0.27   0.17  97.44
# Explained.
rrqm/s   The number of read requests merged per second that were queued to the device.
wrqm/s   The number of write requests merged per second that were queued to the device.
r/s      The number of read requests that were issued to the device per second.
w/s      The number of write requests that were issued to the device per second.
rsec/s   The number of sectors read from the device per second.
wsec/s   The number of sectors written to the device per second.
avgrq-sz The average size (in sectors) of the requests that were issued to the device.
avgqu-sz The average queue length of the requests that were issued to the device.
await    The average time (in milliseconds) for I/O requests issued to the device to be served. This includes the time spent by the requests in queue and the time spent servicing them.
svctm    The average service time (in milliseconds) for I/O requests that were issued to the device. Warning! Do not trust this field any more. This field will be removed in a future sysstat version.
%util    Percentage of elapsed time during which I/O requests were issued to the device (bandwidth utilization for the device). Device saturation occurs when this value is close to 100%.

ip

Add vlan 23

ip link add link eno1 name eno1.23 type vlan id 23

View vlan protocol

ip -d link show eno1.23

Configure vlan

ip addr add 10.151.23.101/24 brd 10.151.23.255 dev eno1.23
ip link set dev eno1.23 up

create default route

ip route add default via 192.168.1.254

show routing

ip route show

more info

ip route show table all

Add static route

ip route add 10.10.20.0/24 via 192.168.50.100 dev eth0

Remove static route.

ip route del 10.10.20.0/24

which outgoing interfaces are available.

ip r l| awk '/src/{print $9}'

Which route is used for ip.

ip route get 192.168.122.252

route subnet over interface.

sudo ip route add 145.251.242.0/24 dev tun0

Show ipaddress on interface tun0

ip address show tun0

vlan tag interface.

ip link add link eth0 name eth0.8 type vlan id 8

set ip on interface.

ip addr add 192.168.50.5 dev eth1
ip addr add 192.168.50.5/24 dev eth1

set secondary ip on interface

ip addr add 192.168.1.2/24 dev eth0

remove ip address.

ip addr del 192.168.50.5/24 dev eth1

enable interface

ip link set eth1 up

disable interface

ip link set eth1 down

list arp entries.

ip neigh show

local routing table

ip route list table local

rule base routing. List rules

ip rule show

show multicast networks

ip maddr show

Disable traffic to an ipaddress.

ip route add blackhole 10.151.19.151

ipcalc

ipcalc -n 192.121.85.96/27 -m

iperf

start server on client A.

iperf -s

start measure from the other host. Limit bandwidth to 10k.

iperf -c 10.20.30.40 --bandwidth 10K

Multicast test.

On the listener side:
# iperf -s -u -B 224.1.1.1 -i 1
On sender
% iperf -c 224.1.1.1 -u -T 32 -t 3 -i 1

ipmitool

What is the power consumtion of dell server.

ipmitool -I lanplus -H 127.0.0.1 -U root -P calvin delloem powermonitor

iptables

Show iptables OUTPUT, PREROUTING and POSTROUTING

iptables --table nat --list --exact --verbose --numeric --line-number

Show config

iptables -L -t nat -n

Dnat to localhost.

iptables -t nat -I PREROUTING --source 131.115.115.53 -p tcp --dport 22 -j REDIRECT --to-ports 222
iptables -t nat -I OUTPUT --source 131.115.115.53 --destination 127.0.0.1 -p tcp --dport 22 -j REDIRECT --to-ports 222

Flush all rules.

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

Block

iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j DROP
iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j REJECT

Block outgoing mail

iptables -A OUTPUT -p tcp --dport 25 -o $INTERFACE -j REJECT

Block all traffic except ssh in/out log to syslog.

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m tcp -p tcp --sport 22 -j ACCEPT 
iptables -A INPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-in"
iptables -A OUTPUT -m tcp -p tcp --dport 22 -j ACCEPT 
iptables -A OUTPUT -m tcp -p tcp --sport 22 -j ACCEPT 
iptables -A OUTPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-out"

Block traffic on certain port.

iptables -A INPUT -p tcp --dport 7009 -j REJECT

Fake source

iptables -t nat -A POSTROUTING -d "${DST}" -p udp --dport 162 -j SNAT --to "${SRC}" &>/dev/null
# Remove the current rules
iptables -t nat -D POSTROUTING -d "${DST}" -p udp --dport 162 -j SNAT --to "${SRC}"

redirect ip

Send traffic destined for one ip and port to another ip and port.

iptables -t nat -A OUTPUT -p tcp -d 146.213.6.7 --dport 1023 -j DNAT --to-destination 10.199.150.111:1023
iptables -t nat -A OUTPUT -p icmp -d 146.213.6.7 -j DNAT --to-destination 10.199.150.111

allow trafic from subnet

iptables -A INPUT -s 172.16.27.0/24 -j ACCEPT

allow ssh from all

iptables -A INPUT -p tcp -dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -dport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT

or

-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT

find which rule is blocking by removing one at a time. Better way is to enable logging

iptables -L -n --line-numbers
iptables -D <line-number>

List rules from OUTPUT chain with line number

iptables -t filter -L OUTPUT --line-numbers -n

Add rule to specific row number

iptables -I OUTPUT $ROW_NUMBER -d 54.72.175.186/32 -p tcp -m tcp --dport 443 -j ACCEPT

irc

Close private messages

/window close

Close public messages

/window close

Close a query

/q

jmtpfs

Mount disk

jmtpfs /mnt/mtp

Umount disk

fusermount -u /mnt/mtp

john

Test performance

john -test

Recover passwords with password list.

john -wordlist:password.lst passfile.txt

journalctl

View log from last day.

journalctl --since yesterday

List all units.

systemctl list-unit-files

Current disk usage.

journalctl --disk-usage

Show only certain error level. (err crit)

journalctl -p err

List boots

journalctl --list-boots

Show events between two time stamps.

journalctl --since "2017-01-23 05:56:42" --until "2017-01-23 07:56:42"

show entries for one unit.

journalctl -u openvpn-server@server
journalctl -u sshd  -f

iptables logs

journalctl -k -f | grep -i iptables

persistent logging

Enable persistent logging in systemd-journald. grep journal /usr/lib/tmpfiles.d/systemd.conf. Install syslog instead.

mkdir /var/log/journal 
chmod 2755 /var/log/journal
chown root:systemd-journal /var/log/journal
killall -USR1 systemd-journald

jpegtran

# to lossless cut a file.
jpegtran -crop 700x400+2150+1500 2012-05-19_20-39-35.jpg > /photos/Sweden/2012/2012-05-19/2012-05-19_20-39-35.jpg
# Rotate counter clockwise.
jpegtran  -copy all -rotate 270 2012-08-18_15-06-43.jpg > 2012-08-18_15-06-43_270.jpg

jq

how many stores are actually in there:

$ cat file.json | jq 'length'
1134

retrieves the “name” field of each element of the input array.

cat file.json | jq '.[] | .name'
"Graz"
"Baden"
"Zürich"
...

Give us first store.

jq '.[0]'

Select specific fields

jq '.[] | {eta: .eta, ticketID: .ticketID}'

Select specific files shortended.

jq '.[] | {eta, ticketID}'

url encode a string.

jq -sRr @uri <<< "${IPRADAR_SERVICE}" | sed 's/%0A$//g'

Pick extra_vars under results in raw format.

jq -r '.results[]|.extra_vars'

Select array name based on content.

jq -r '.[]|select(.name=="the name you want to print")'==

Display keys

jq 'keys'

Select specific key

 jq -r '. | {all}'

kdump

Change action to dump memory.

/etc/kdump.conf

Reload config.

systemctl restart kdump

keyboard

keymaps 
dumpkeys
loadkeys sv-latin1
loadkeys us
setxkbmap en
setxkbmap -layout se -variant nodeadkeys

reset corrupt keyboard after using vmware.

setxkbmap

kill

suspend/resume a jobb.

# kill -STOP PID
# kill -CONT PID

kpartx

# Create device files from disk image.
sudo kpartx -av disk_image.raw 
add map loop0p1 (252:2): 0 3082240 linear /dev/loop0 2048
add map loop0p2 (252:3): 0 17887232 linear /dev/loop0 3084288
# Mount device files.
sudo mount /dev/mapper/loop0p2 /mnt
#Unmount what you mounted and remove the device mapping:
sudo umount /mnt
sudo kpartx -d disk_image.raw

lastb

Show failed ssh logins.

lastb

less

Toggle line wrap

- -> S

tail with less. CTRL + c = scroll around. SHIFT + f = to tail again.

less +F -B /tmp/tmp

lftp

lftp -u user,password $ftp_server

ln

Create link even if it exists.

ln -sfT /destination link

locale

To show 24 hour format.

LC_ALL=C

localectl

Change keyboard.

localectl list-keymaps
localectl set-keymap se-nodeadkeys
localectl set-x11-keymap se-nodeadkeys

lock

locking keyboard under linux.

lock-keyboard-for-baby

logging

bash create log.

#!/bin/bash
exec > /logfile

alternative

exec 2>/tmp/log

Read logs on system.

tail -f $(lsof | grep log$ |awk '{ print $NF }' | sort -u |xargs)

logrotate

Test dry run logrotate file. -d=debug -f=force

logrotate -d -f /etc/logrotate.conf

Force logrotate in verbose mode.

logrotate -v -f /etc/logrotate.conf

Create logrotate config entry.

# Configure log rotation.
cat << EOF > /etc/logrotate.d/ipmonperfj_cleanupdaemon
/apps/IPsoft/IPmonPerfJ/logs/cleanupdaemon.log {
   copytruncate
   size 100M
   rotate 60
   compress
   missingok
   olddir old
}
EOF

Disable logrotate. Look for file extension to ignore.

man logrotate.conf, you can read find tabooext
Ex. mv /etc/logrotate.d/mysql{,.rpmsave}

losetup

Create loopback devices for partitions in image. Force the kernel to scan the partition table on a newly created loop device

losetup -P /dev/loop2 harddrive.img

Set up next available device read only.

losetup -f -r /temp/rb-slog05/sda6

Show all

losetup -a

detatach

losetup -d /dev/loop2

ls

ls -la --time-style="+%Y-%m-%d %H:%M:%S" *.3gp

List processes in epoch date

( cd /proc; ls -rtd --full-time --time-style=+%s [0123456789]*; )

lshw

List memory modules

lshw -C memory

Is cpu 32 or 64bit.

lshw -class processor

lsof

List recurivly all process that have a path open.

lsof +D /apps/

which ports has a process opened?

lsof -Pan -p 13354 -i

which process listen to port

lsof -i :443

mail

command line mail with changed from

echo message | mail -s Subject -r from@inter.net reciever@inter.net

command line mail with changed from with attachment

echo message | mail -s Subject -r from@inter.net -a /attach.ment reciever@inter.net

man

man correct caracters.

LANG=C man passwd

man clean for output to file.

man [manual] | col -b > file.txt

mbr

backup mbr.

# dd if=/dev/sdX of=/temp/sdx-mbr bs=512 count=1

restore mbr

# dd if=/temp/sdx-mbr of=/dev/sdX bs=446 count=1

mdadm

Add disk that was lost

mdadm /dev/md125 -a /dev/vda1

minimodem

Transmit file via audio.

minimodem -t 200 

Recieve file via audio

minimodem -r 200

mkfs

Create fat32 file system.

mkfs.vfat -F 32 /dev/sdc1

mogrify

Resize, crop... a file. Removes original.

mogrify -resize 800 *.jpg

mount

Mount a temporary ram partit

mount -t tmpfs tmpfs /mnt -o size=1024

Mount a cift filesystem and change ower on mountpoint.

mount.cifs -o credentials=/home/user/cifs.credentials,gid=1004,uid=1004 //server/c$ /mnt/cifs

Disallow normal user to ps. If not belonging to gid 1001.

  • /etc/fstab
proc                    /proc                   proc    defaults,hidepid=2,gid=1001        0 0

movgrab

List available formats

movgrab -T http://youtu.be/ucivXRBrP_0

Get version listed.

movgrab -f mp4:1920x1080 http://www.youtube.com/v/ucivXRBrP_0

mplayer

mplayer in ascii mode.

mplayer -monitoraspect 4:3 -vo aa LinaFreestyler.avi
mplayer -vo aa -monitorpixelaspect 0.5 *.mp4

mplayer on second soundcard.

mplayer -ao oss:/dev/dsp *.mp3
mplayer -ao alsa:device=hw=0.0 *.mp3

Or, to specify a non-default (secondary) device either of the following commands can be used.

mplayer -ao oss:/dev/dsp1 *.mp3
mplayer -ao alsa:device=hw=1.0 *.mp3

play from v4l

mplayer -tv device=/dev/video:driver=v4l:input=1:width=640:height=480:norm=ntsc:adevice=/dev/dsp tv://1 -zoom -aspect 4:3
mplayer -fps 15 tv:// -tv driver=v4l2:width=640:height=480:device=/dev/video0play hdv material.
mplayer -monitoraspect 16:9 -vf pp=lb

play dvd image.

mplayer dvd://1 -dvd-device DVD.iso

play h264 webcam

mplayer -fps 24 tv:// -tv driver=v4l2:width=1920:height=1080:device=/dev/video0:outfmt=0x34363248 -aspect 16:10 -fs

play mjpeg webcam

mplayer -fps 24 tv:// -tv driver=v4l2:outfmt=mjpeg:width=1920:height=1080:device=/dev/video0 -aspect 16:10 -fs

play mp3 in different speed keep pitch.

mplayer -speed 1.5 -af scaletempo /mp3/music.mp3
# list chapters.
mplayer dvd://1 -dvd-device /dev/sr0 -identify -novideo -nosound 
# dump chapters.
mplayer -dvd-device /dev/sr0 dvd://3 -dumpstream -dumpfile 3.vob

MP4Box

Combine mp4 files

MP4Box -add file1.mp4 -add file2.mp4 output.mp4

mpstat

top like output of system usage

mpstat 5 5

mtr

ping and traceroute combined.

mtr -rc 10 8.8.8.8

mutt

Put the followin in .muttrc to change From.

set realname="Joe User"
set from="user@host"
set use_from=yes

command line mail with attachment

mutt -s subject -a syslogs.tar.gz admin@domain.org < /dev/null

Change sender from command line.

export EMAIL=address@inter.net && mutt -s "Subject Test" anden@halfface.se < /dev/null
echo "Test message" | mutt -s "Subject test" -e "set realname=\"Real Name\"" -e "set from=\"anden@halfface.se\"" -e "set use_from=yes" anden@halfface.se

Change envolope from

export REPLYTO=email@inter.net
export EMAIL=email@inter.net
echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment

oneliner

export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment 
export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "${EMAIL} testing on ${HOSTNAME}" | mutt -e "set envelope_from=yes" -s "${EMAIL} testing on ${HOSTNAME}" "${EMAIL}"

Dont trigger out of Out Of Office reply.

echo "email@inter.net testing" | mutt -e "unignore list-id" email@inter.net

multilog

split standard output to logfiles. In this case keep specific size. t means to prepend a TAI timestamp on each line. 10000B. 5 logfiles. tai64nlocal program simply reads stdin and replaces TAI timestamps with human-readable ones. http://blog.teksol.info/pages/daemontools/best-practices. Compress rotated logfiles.

mkdir /tmp/myapp ; ./myapp | multilog t s10000 n5 '!tai64nlocal' '!gzip' /tmp/myapp 2>&1

nc (netcat)

Check communication.

listen on port 3333.

nc -kl 3333

talk to port 3333.

nc 192.168.0.1 3333

Transfer data

Cat file, calculate size listen on port 3333.

cat backup.iso | pv -b | nc -l 3333

Receive file.

nc 192.168.0.1 3333 | pv -b > backup.iso

Setup telnet server

nc -L -l -p1234 -d -e cmd.exe

Test connection.

nc -w2 -znv 10.1.22.31 7222

tunnel

On the server, we open a listener on the TCP port 6667 which will forward data to UDP port 53 of a specified IP. If you want to do DNS forwarding like me, you can take the first nameserver's IP you will find in /etc/resolv.conf - in this example, this is 192.168.1.1. But first, we need to create a fifo. The fifo is necessary to have two-way communication between the two channels. A simple shell pipe would only communicate left process' standard output to right process' standard input.

mkfifo /tmp/fifo
nc -l -p 6667 < /tmp/fifo | nc -u 192.168.1.1 53 > /tmp/fifo

Dont eat up standard output.

nc -v --send-only --recv-only localhost 22

Talk to pop3 server over ssl.

nc --ssl mail.tele2.se 995

Talk to web server

URL_SSL=halfface.se ; echo -e "HEAD / HTTP/1.1\nHost: ${URL_SSL}\n\n" | nc --ssl ${URL_SSL} 443
echo -e 'GET /users/password/new HTTP/1.1\r\nHost: localhost\r\nConnection: Close\r\n\r\n' | nc localhost 80 | head

To overcome problems with nc closing connection too fast.

(echo -en 'GET / HTTP/1.1\r\nHost: 172.30.156.15\r\nConnection: close\r\n\r\n'; sleep .1) | nc 172.30.156.15 80 | head -30
nc --no-shutdown -v 172.30.156.15 80 <<<$(echo -en 'GET / HTTP/1.1\r\nHost: 172.30.156.15\r\nConnection: close\r\n\r\n')

ncdu

disk usage. Stay in one filesystem.

ncdu -x /

net

Start service via samba.

net rpc service start ipremote -I 172.17.255.99 -U 'domain/user%password'

netstat

Look at network connections. tcp/ip4.

netstat -4anpt

Look at multicast groups

netstat -g

What does it mean?=

  ESTABLISHED
         The socket has an established connection.
  SYN_SENT
         The socket is actively attempting to establish a connection.
  SYN_RECV
         A connection request has been received from the network.
  FIN_WAIT1
         The socket is closed, and the connection is shutting down.
  FIN_WAIT2
         Connection is closed, and the socket is waiting for  a  shutdown
         from the remote end.
  TIME_WAIT
         The socket is waiting after close to handle packets still in the
         network.
  CLOSE  The socket is not being used.
  CLOSE_WAIT
         The remote end has shut down, waiting for the socket to close.
  LAST_ACK
         The remote end has shut down, and the socket is closed.  Waiting
         for acknowledgement.
  LISTEN The  socket is listening for incoming connections.  Such sockets
         are  not  included  in  the  output  unless  you   specify   the
         --listening (-l) or --all (-a) option.
  CLOSING
         Both  sockets are shut down but we still don't have all our data
         sent.
  UNKNOWN
         The state of the socket is unknown.

statistics

netstat -s
netstat -s | retransmit

nmap

Scan for open ssh ports.

nmap -p 22 --open -sV 10.0.0.*
  1. Syn scan.
nmap -P0 -sS -p1023 www.halfface.se
  1. Ping scan. Do not resolve.
nmap -sn -n 10.127.254.1-254
  1. Which chippers are allowed.
nmap --script ssl-enum-ciphers -p 465 www.halfface.se
  1. arp scan.
nmap -PR 192.168.0.0/24
  1. which kex_algorithms server_host_key_algorithms encryption_algorithms compression_algorithms
nmap --script ssh2-enum-algos -sV -p 22 ssh.server.inter.net

Which manufacturer.

nmap -sn 10.111.222.0/24

nmcli

List connections

nmcli con

manage network from cli

http://fedoraproject.org/wiki/Networking/CLI

Connect to a configured connection by name

nmcli connection up WireLess

Disconnection by name

nmcli connection down Wireless

Connect to remembered network.

nmcli con up '[-_-] halfface 5' 

List available wireless networks.

nmcli device wifi list

Generate list of available wireless networks.

nmcli device wifi rescan

Creaete connection for wireless network.

nmcli device wifi connect Bredband password P4ssM0rd

List networks on specific interface.

nmcli device wifi list ifname wlp0s18f2u4

Disconnect network interface.

nmcli device disconnect wlp0s18f2u4

Manually setup interface.

nmcli con add con-name "static-ens32" ifname ens32 type ethernet ip4 xxx.xxx.120.44/24 gw4 xxx.xxx.120.1
nmcli con mod "static-ens32" ipv4.dns "xxx.xxx.120.1,8.8.8.8"
nmcli con up "static-ens32" iface ens32

setup interface manually

list devices.

nmcli device status

list connections.

nmcli connection show

delete connection

nmcli con delete "Wired connection 1"

add connection with static ip.

nmcli con add con-name ens224 ifname ens224 type ethernet ip4 172.30.109.16/24

show properties for connection

nmcli dev show ens224

set dns server

nmcli connection modify enp1s0 ipv4.dns "10.111.222.2,8.8.8.8"

edit

nmcli con edit $connection
print all

autostart

nmcli connection modify IFNAME connection.autoconnect yes|no

nohup

Start binary under nohup and tail log.

nohup ./run.sh & sleep 1 ; tail -1000f nohup.out

Start process and log to specified file.

nohup daemon > /path/daemon.log &

nping

nping -c 1 --tcp -p 80 www.halfface.se

ntfs-3g

mount ntfs filesystem. read and write.

yum install fuse fuse-libs ntfs-3g
mount /dev/sda1 /media/c_drive -t ntfs-3g -r -o umask=0222,locale=en_US
mount /dev/sda1 /media/c_drive -t ntfs-3g -rw -o umask=0000,locale=en_US
fstab read and write.
/dev/sda3   /media/e_drive     ntfs-3g    ro,defaults,umask=0222 0 0
/dev/sda1   /media/c_drive     ntfs-3g    rw,defaults,umask=0000 0 0

Create ntfs partition.

fdisk 7
mkfs.ntfs /dev/sdx1

numbers

series of numbers

bash:
echo {1..10}

numfmt

iec=accept optional single letter suffix. No output suffix. Remove B from input.

numfmt --from=iec --to=none --suffix=B 8.7KB

nwipe (dban)

Wipe your disk

nwipe --nogui --nowait --autonuke /dev/sdb

omping

multicast ping

 omping -c10 10.111.222.118 10.111.222.121

openssl

Grab the public key.

openssl s_client -connect www.halfface.se:443 </dev/null 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'

What does the ssl cert look like.

HOST=www.halfface.se ; PORT=443 ; echo | openssl s_client -connect ${HOST}:${PORT} -servername ${HOST}| openssl x509 -ext subjectAltName -noout -startdate -enddate -subject -issuer -nameopt RFC2253,sep_comma_plus_space

What does crl look like. (Certificate Revocation List)

openssl crl -inform PEM -text -noout -in crl.pem

Connect to ssl server

echo hello | openssl s_client -connect www.halfface.se:8140

Connect to ssl server -cipher NULL,LOW

echo hello | openssl s_client -connect www.halfface.se:8140

Connect with openssl v3

openssl s_client -ssl3 -connect ipmon01.dupont:443

Connect with low security cipher

echo X | openssl s_client -cipher NULL,LOW -connect www.halfface.se:8140

PEM convert to DER

openssl x509 -inform PEM -in /file.pem -outform DER file.der

p12 to cer

openssl pkcs12 -in infile.p12 -out outfile.cer -nodes

pfx to pem

Complete file.

openssl pkcs12 -in filename.pfx -out cert.pem -nodes

Get private cert. The remove password

openssl pkcs12 -in filename.pfx -nocerts -out key.pem
openssl rsa -in key.pem -out server.key

Get public cert.

openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem

Extract p12 password protected keys in

openssl pkcs12 -in /file.p12 -passin file:/password -nokey -nodes -out /file.nokeys

Encrypt file

openssl aes-256-cbc -a -salt -in file -out file,encoded -passin file:passfile

Decrypte file

openssl aes-256-cbc -d -a -salt -in file -out file,encoded -passin file:passfile

Install new root ca

# Change to the directory:
cd /etc/pki/tls/certs
# Next download the College root certificate:
wget https://icca2.ic.ac.uk/certenroll/ic-root.crt
# Convert the certificate to PEM format:
openssl x509 -inform der -in ic-root.crt -out ic-root.pem
# Create a link with the certificate hash:
ln -s ic-root.pem `openssl x509 -hash -noout -in ic-root.pem`.0
# Create sha256 base64 encoded hash
openssl dgst -binary -sha256 | openssl base64
# Verify root ca.
openssl verify -CApath /etc/pki/tls/certs ic-inter-root.pem
icrootca.cer: OK

The server certificate is the first certificate returned, and will be PEM formatted. The CA certificate is the final certificate returned, and is also PEM formatted.

openssl': echo | openssl s_client -connect www.sslsite.com:443 -showcerts

Check ca store files.

find . -name '*.pem' | while read PEM ; do echo '###' ${PEM} '###';ls -la "${PEM}" ; set -x ; curl --cacert "${PEM}" https://site.test.net/index.htm.

Verify pop3 connectivity.

openssl s_client -crlf -connect mail.tele2.se:110 -starttls pop3
USER yiming
PASS foobar
LIST – lists the messages available in the user’s account, returning a status message and list with each row containing a message number and the size of that message in bytes
STAT – returns a status message, the number of messages in the mailbox, and the size of the mailbox in bytes
RETR [message_num] – returns the message identified by the message number, which is the same as the message number shown in the LIST command output
TOP [message_num] [n] – returns the top n lines of the message denoted by message number.
QUIT command will end the session.

Create wildcard self signed certificate.

openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout wildcard.test.internal.zone.key -out wildcard.test.internal.zone.crt
Common Name (eg, your name or your server's hostname) []:*.test.internal.zone

Verify certificate chain

openssl verify -CAfile Thawte_Primary_Root_CA.pem -untrusted thawte_SSL_CA_G2.cer www.halfface.se.pem

Look at certificate chain.

openssl s_client -connect www.halfface.se:443
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = www.halfface.se
verify return:1
---
Certificate chain
 0 s:CN = www.halfface.se
   i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
---

Verify chain.

openssl s_client -showcerts -verify 5 -connect www.halfface.se:443 < /dev/null 2>&1

Connect to smtp server via ssl.

openssl s_client -connect www.halfface.se:25 -starttls smtp

compare two certifactes

Compare the use case for the certificate.

 sdiff <(openssl x509 -in server.crt -noout -issuer -subject -enddate -purpose) <(openssl x509 -in uc_activemq.crt -noout -issuer -subject -enddate -purpose)| less

create a csr

openssl req -new -sha256 -nodes -out www.halfface.se.csr -newkey rsa:2048 -keyout www.halfface.se.key -config <(
cat <<-EOF
[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
O=Organisation: halfface
C=SE
ST=Stockholm
L=Stockholm
CN = www.halfface.se
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = halfface.se
DNS.2 = ldap.halfface.se
DNS.3 = mqtt.halfface.se
EOF
)

csr information

openssl req -noout -text -in file.csr | grep -vE '  [0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:'

confirm that public private and csr match

# For your SSL certificate: 
CERT_PUBLIC=$(ls *.crt)
echo $(openssl x509 -noout -modulus -in "${CERT_PUBLIC}" | openssl md5 | awk '{print $2}'),"${CERT_PUBLIC}",public cert.
# For your RSA private key: 
CERT_PRIVATE=$(ls *.key)
echo $(openssl rsa -noout -modulus -in "${CERT_PRIVATE}" | openssl md5 | awk '{print $2}'),"${CERT_PRIVATE}",private key
# For your CSR: 
CERT_CSR=$(ls *.csr)
echo $(openssl req -noout -modulus -in "${CERT_CSR}" | openssl md5 | awk '{print $2}'),"${CERT_CSR}",certificate signing request

connect with ca private and public key

openssl s_client -CAfile ca.pem -cert public.crt -key private.key -connect 10.12.118.184:1023 -tls1_2

create a ca

Create ca and certificates.

# Create folder structure.
mkdir /root/ca/
mkdir /root/ca/certs/
mkdir /root/ca/crl/
mkdir /root/ca/newcerts/
mkdir /root/ca/private/
mkdir /root/ca/requests/
touch /root/ca/index.txt
echo 1000 > /root/ca/serial
chmod 600 /root/ca
# Create private key for the CA certificate. pass phrase: $(pwgen 15)
cd /root/ca/
openssl genrsa -aes256 -out private/cakey.pem 4096
# Create a public certificate for the CA.
openssl req -new -x509 -key /root/ca/private/cakey.pem -out cacert.pem -days 36525
Country Name (2 letter code) [AU]:SE
State or Province Name (full name) [Some-State]:Stockholm
Locality Name (eg, city) []:Stockholm
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Company
Organizational Unit Name (eg, section) []:Company
Common Name (e.g. server FQDN or YOUR name) []:Certificate Authority
Email Address []:anden@halfface.se
# Copy system openssl.cnf to /root/ca dir. Then change dir in config.
vim openssl.cnf
[ CA_default ]
dir = /root/ca # Where everything is kept

Create signed certificate keypair

cd requests/
# Create csr
openssl req -new -newkey rsa:2048 -nodes -keyout <client>.key -out <client>.csr -config ../openssl.cnf
# Issue certificate for csr.
openssl ca -in <client>.csr -out <client>.crt -config ../openssl.cnf -days 36525

talk http via openssl

openssl s_client -crlf -quiet -connect www.halfface.se:443 <<EOF
GET / HTTP/2.0
Host: www.halfface.se

EOF

look at cert

openssl asn1parse -in rb-ca.crt.2021-02-28

performance testing

openssl speed -evp aes-256-ecb

confirm that ca is correct

echo | openssl s_client -CAfile Sectigo_RSA_Domain_Validation_Secure_Server_CA.pem -no-CAfile -no-CApath -tls1_2 -connect 172.30.32.141:5044 2>&1 | grep Verification
Verification: OK

openssl s_server

Setup server listening as http server.

openssl s_server -status_verbose -HTTP -cert host.inter.net.crt -key host.inter.net.key

Setup https server listening on https on port 4433 providing complete chain

openssl s_server -status_verbose -HTTP -cert halfface.se.pem -cert_chain halfface.se.intermediate.pem -key halfface.se.key -accept 4433

othername:<unsupported>

You will have to locate the "OCTET STRING" line just below the "OBJECT :X509v3 Subject Alternative Name" line then strpars

# print section offset via
openssl asn1parse -in yourcert.pem
# parse otherName from "OCTET STRING" <offset> is the value in the beginning of the line.
openssl asn1parse -in yourcert.pem -strparse <offset>

Another way of seeing same data is through

openssl asn1parse -in /tmp/tmp -dump -strictpem

create password string

openssl passwd -6 -salt $RANDOM $PASSWORD

pactl

Pulse Audio cli tool. List output devices.

pactl list short sinks

Set default output device

pactl set-default-sink $i

List where applications send output.

pactl list short sink-inputs

Move application to other output device.

pactl move-sink-input $applicaiton $sink

pam

Troubleshooting pam.

/etc/syslog.conf
# Get debugging data.
*.debug     /var/log/debug.log

Create logfile and restart *syslog.

touch /var/log/debug.log
service syslog restart

Put pam in debug mode.

touch /etc/pam_debug

OR you can enable debugging only for the modules you're interested in by adding "debug" to the end of the relevant lines in /etc/pam.d/system-auth or the other /etc/pam.d/* files:

login   auth    required    pam_unix.so debug

Debugging is found in /var/log/debug.log.

pam_tally2

Configured here.

/etc/pam.d/password-auth:auth        required      pam_tally2.so file=/var/log/tallylog onerr=fail per_user deny=6 no_magic_root

What is status from account?

pam_tally2 --user=user1
Login           Failures Latest failure     From
user1             8    04/20/15 11:39:54  192.168.1.1

parallel

Run command 10 times in parallel.

seq 10 | parallel -n0 echo "Hello, World"

Run command 10 times in parallel dryrun.

seq 10 | parallel --dry-run -n0 echo "Hello, World"

Compress logfiles in parallel.

parallel gzip ::: *.log

paste

Combine to files to one in multiple column. Replace tab with spaces.

paste /tmp/check_name_nagios /tmp/filename | column -t -s $'\t'

pcregrep

Multiline grep

pcregrep -M 'pattern: line1\nPattern lin2' /temp/files_*

pdftotext

grab text from pdf document.

pdftotext document.pdf

pidof

which pids has a program stared. Find pid.

ping

Ping ipv6 loopback

ping6 ::1 -c1

Ping ipv6 broadcast

ping6 ff02::1%2 | cut -d\  -f4

Ping short output

ping -w1 -q -c1 -i10 localhost | grep received
PING=$(ping -w1 -q -c1 -i10 google.com 2>&1) ; RTT=$( grep rtt <<<"${PING}" | awk -F/ '{print $6}') ; RECEIVED=$(grep received <<<"${PING}") ; echo $RECEIVED, rtt=${RTT}

Ping to discover mtu. 1460, 1450. When reply increase with 2. when found highest value increase with 28 to get mtu.

ping -M do -s 1472 123.45.56.78

pip

which versions of django exist

pip install pylibmc

which versions are install

pip list

which files does pip package provide.

pip show -f $package

Uppgrade package.

pip install $package --upgrade

where your own packages might end up

/usr/local/lib/python3.9
/usr/lib/python2.7/site-packages/

pgrep

Grep any processlines including 1066

pgrep -lf 1066

pmap

Look at memory usage of process.

sudo pmap 2258

postfix

remove mails in queue.

mailq | grep ^[A-F0-9] | awk '{print $1}' | postsuper -d -

list mails in queue

mailq | grep "^[A-F0-9]"

Get mails in better output to better decide what to do with mails.

mailq | grep -v -- "-Queue ID-" |  sed 's/^$/\x0/g' | tr -d '\n' | sed 's/\x0/\n/g'

Remove stuck emails.

postsuper -d ALL deferred

List email

postcat -q E55692442F

Read mail

postcat -vq [message-id]

printscreen

import -window root test.png

Gnome copy graphics to paste buffer. Copy selected portion of screen.

gnome-screenshot -a

/proc

  • /proc/meminfo

MemTotal — Total amount of physical RAM, in kilobytes.

MemFree — The amount of physical RAM, in kilobytes, left unused by the system.

Buffers — The amount of physical RAM, in kilobytes, used for file buffers.

Cached — The amount of physical RAM, in kilobytes, used as cache memory.

SwapCached — The amount of swap, in kilobytes, used as cache memory.

Active — The total amount of buffer or page cache memory, in kilobytes, that is in active use. This is memory that has been recently used and is usually not reclaimed for other purposes.

Inactive — The total amount of buffer or page cache memory, in kilobytes, that are free and available. This is memory that has not been recently used and can be reclaimed for other purposes.

HighTotal and HighFree — The total and free amount of memory, in kilobytes, that is not directly mapped into kernel space. The HighTotal value can vary based on the type of kernel used.

LowTotal and LowFree — The total and free amount of memory, in kilobytes, that is directly mapped into kernel space. The LowTotal value can vary based on the type of kernel used.

SwapTotal — The total amount of swap available, in kilobytes.

SwapFree — The total amount of swap free, in kilobytes.

Dirty — The total amount of memory, in kilobytes, waiting to be written back to the disk.

Writeback — The total amount of memory, in kilobytes, actively being written back to the disk.

Mapped — The total amount of memory, in kilobytes, which have been used to map devices, files, or libraries using the mmap command.

Slab — The total amount of memory, in kilobytes, used by the kernel to cache data structures for its own use.

Committed_AS — The total amount of memory, in kilobytes, estimated to complete the workload. This value represents the worst case scenario value, and also includes swap memory.

PageTables — The total amount of memory, in kilobytes, dedicated to the lowest page table level.

VMallocTotal — The total amount of memory, in kilobytes, of total allocated virtual address space.

VMallocUsed — The total amount of memory, in kilobytes, of used virtual address space.

VMallocChunk — The largest contiguous block of memory, in kilobytes, of available virtual address space.

HugePages_Total — The total number of hugepages for the system. The number is derived by dividing Hugepagesize by the megabytes set aside for hugepages specified in /proc/sys/vm/hugetlb_pool. This statistic only appears on the x86, Itanium, and AMD64 architectures.

HugePages_Free — The total number of hugepages available for the system. This statistic only appears on the x86, Itanium, and AMD64 architectures.

Hugepagesize — The size for each hugepages unit in kilobytes. By default, the value is 4096 KB on uniprocessor kernels for 32 bit architectures. For SMP, hugemem kernels, and AMD64, the default is 2048 KB. For Itanium architectures, the default is 262144 KB. This statistic only appears on the x86, Itanium, and AMD64 architectures.

ps

Process list in tree view.

ps axfww

Process sort by cpu usage.

ps auxwww --sort -%cpu | head

How long has process been running.

ps -p 1 -o etime=

Process list sorted after memory usage.

ps aux --sort=size

Process show memory usage... sort...

ps axo rss,%cpu,pid,euser,cmd | sort -nr | head -n 10 | less -ISRM

Process sort by mem usage.

ps auxwww --sort -rss | head

Processes sorted by time running.

ps aux --sort -time

Processes sorted by time started

ps -auxwww --sort=start_time

ps showing threads.

ps -efL

How long has process been running.

echo -n $(( ($(date +%s) - $( stat -c%X /proc/$(pgrep -f [a]ctivemq.jar))) / 3600 ))

ps long usernames

ps axo user:20,pid,pcpu,pmem,vsz,rss,tty,stat,start,time,comm

pstack

print a stack trace of a running process

pulseaudio

  1. Is pulseaudio running?
ps uxawww| grep -E pulseaudi[o]
  1. stop pulseaudio
pulseaudio -k
  1. start pulseaudio as found by ps | grep pulseaudio
/usr/bin/pulseaudio --start --log-target=syslog

putty

Always setup stay alive.

connection -> keepalive -> 60

set up tunnel

putty -load blt.homeip.net -l bjorklun -pw password -L 19242:192.168.0.42:3389 blt.homeip.net

putty without taking tty.

plink -load www.halfface.se -l user_name -pw password -R *:3389:localhost:3389 -2 -4 -N

reverse tunnel. Connect remote host 3400 to machine running putty localhost:3389.

connection -> ssh -> tunnels -> "Source Port" = 3400 -> destination = localhost:3389 -> remote.

pv

throughput in pipe. speed.

pv
pv -cN

make a dd and limit througput to 20MB/s.

dd if=${HOST}.qcow2 bs=4k conv=noerror,sync | pv -L 20M | dd of=${HOST}.dd_noerror.qcow2

pwgen

Create less complicated password.

pwgen -sy 15 -r \'\"\^\(\)\`\~\;\[\]\{\}\,

qalculate

qalc
> 40 euro to SEK
40 * euro = approx. SEK 417.36

readpst

output pst file in separate files in out directory

readpst -S -o out/ outlook.pst

reboot

Hard reboot mean that shutdown scripts will not run and machine reboot immediately without syncing hard disk drives, shutdown applications etc.
This commands enable sysrq and after this call fast reboot. 
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger

Force shutdown

echo 1 > /proc/sys/kernel/sysrq 
echo o > /proc/sysrq-trigger

rename

Recursive lowercase to uppercase

for i in $(find * -depth); do (mv $i $(echo $i | sed 's%[^/][^/]*$%%')$(echo $i | sed 's!.*/!!' | tr [:upper:] [:lower:])); done

reposync

reposync -n -c /etc/yum/yum.conf -p /repos/centos6 -d -r base -r updates -r extras -r centosplus -r contrib
createrepo -g /repos/centos6/base/repodata/comps.xml /repos/centos6/base
createrepo /repos/centos6/updates
createrepo /repos/centos6/extras
createrepo /repos/centos6/centosplus

halfface -> sync repo. -d delete what is not on remote, -n only newest version, -p store here, -r which repos to sync

reposync -d -n -p /install/system/linux/fedora/24/repo/ -r updates -r fedora -r rpmfusion-free -r rpmfusion-free-updates -r rpmfusion-nonfree -r rpmfusion-nonfree-updates

halfface -> create repository

REPODIR=/install/system/linux/fedora/24/repo ; for REPO in $(cd $REPODIR; ls) ; do echo $REPO ; createrepo_c ${REPODIR}/${REPO} ;done

reptyr

Reparent a running program to a new terminal. (move tty)

rfcomm

list usb devices

hcitool scan

What properties does the device have.

sdptool browse 00:0D:B5:30:07:79

connect bluetooth device virtual servial.

rfcomm bind /dev/rfcomm0 00:0D:B5:30:07:79 1

rkhunter

Run rkhunter full scan no keypresses needed

sudo rkhunter --checkall --skip-keypress -x

Update database

sudo rkhunter --propupd

rotatelogs

Write standard output to logfile. Rotate at 100M. Keep 3 files.

your_script.sh | rotatelogs -n3 /var/log/your.log 100M

route

The route to a network is behind 10.111.222.7

route add -net 10.111.223.0 netmask 255.255.255.0 gw 10.111.222.7

Add default route

route add default gw 192.168.122.1

Permanent route under redhat

/etc/sysconfig/static-routes
any net 198.18.129.0/24 gw 10.240.175.12

/etc/sysconfig/network-scripts/route-eth1

1.2.3.4/23 via 1.2.3.1

Drop packages to ip.

route add -host 192.168.1.51 reject

Remove reject rule.

route del -host 192.168.1.51 reject

Remove route

route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 eth0
0.0.0.0         192.168.122.1   0.0.0.0         UG    0      0        0 eth0
route del -net 10.0.0.0    gw    0.0.0.0   netmask      255.0.0.0 dev eth0

rpm

install src.rpm

rpmbuild --rebuild alien-6.51-1.src.rpm
rpm -i /usr/src/redhat/RPMS/x86_64/alien-6.51-1.rpm

List contents of rpm.

rpm -qlp myfile.rpm

Extract single file from rpm.

rpm2cpio package.rpm | cpio -idv ./search_path_to_file_from_listing_above.txt

List information about non installed rpm.

rpm -qip foo.rpm

Extract contents of rpm.

rpm2cpio *.rpm | cpio -i --make-directories

Which version of rpm is installed.

/etc/rpm/macros ~/.rpmmacros

%_query_all_fmt         %%{name}-%%{version}-%%{release}.%%{arch}

list architecture

rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}\n"

List only name of installed rpms.

rpm -qa --qf "%{NAME}\n"

Extract rpms in subdirectories.

for RPM in $(ls *|sed 's_\.rpm$__g');do echo $RPM; mkdir $RPM; rpm2cpio $RPM.rpm | (cd $RPM && cpio -i --make-directories);done

Verify content of rpm

rpm -V package
# What does those cryptic letters mean from rpm -V:
S file Size differs
M Mode differs (includes permissions and file type)
5 MD5 sum differs
D Device major/minor number mismatch
L readlink(2) path mismatch
U User ownership differs
G Group ownership differs
T mTime differs

Reinstall rpm

rpm -iv --replacepkgs package.rpm

Dependencies of rpm

rpm -qpR ${rpm}
rpm -qR ${packagename}
rpm -qp mypackage.rpm --provides
rpm -qp mypackage.rpm --requires

Rebuild rpm database.

\rm /var/lib/rpm/__db*
rpm --rebuilddb

Update minor release.

yum --releasever=6.11 update sl-release
yum clean all
yum update

Downgrade rpm.

rpm -Uvh --oldpackage /tmp/app.x86_64.rpm

Which rpm:s are required by rpm. Can be used to install rpm on machine without access to yum repo.

PKG=openssh-server ; yum install --downloadonly --installroot=/tmp/$PKG-installroot --releasever=7 --downloaddir=/tmp/$PKG $PKG

CVE:s fixed by rpm

rpm -qi --changelog openssh-server | grep -i CVE

rsync

Syncronize folders. Delete non existing files on remote host. Compress.

rsync --delete -az -e ssh bjorklun@semco.homeip.net:/install/program/windows/

Syncronize files over ssh on port 2222. Show progress. Syncronize even empty directories.

rsync -Pae 'ssh -p 2222' localhost:/opt/techops/bin/ /opt/techops/bin/

rsync with total progress bar.

rsync -a --info=progress2 /dir1/ /dir2/

Run rsync in both ends but transfer data with normal user.

sudo rsync -aP /tmp/andreas/ andreasbj@localhost:/tmp/andreas2/ --rsync-path='sudo rsync'

rsync with limit of 8 MB/s.

rsync -aP --bwlimit=8000 /source/ /destination/

rsync excluding directory

rsync -r --exclude=.svn /source/ /destination/

rsync including selinux information. Preserve hard links.

rsync -aPXH /source /destination

rsync don't keep links. Copy files referenced.

rsync -rLP /source/ /destination

Record which files to sync.

rsync -r -ptgo --delete -P --size-only -n www.halfface.se:/mp3/ /mp3/ -n | tee /temp/mp3_$(date +%Y-%m-%d)_diff.txt

Rsync new files.

rsync -RDa0P --files-from=<(find /sourcedir -mtime -7 -print0) . /targetdir/

rsync ignore existing files.

rsync -P --ignore-existing /source/* /destination/ -n

rsync excluding directories matching pattern.

SOURCE=/apps/IPsoft/IP400 ; DESTINATION=/apps/IPsoft/IP400.$(date '+%Y-%m-%d_%H-%M-%S') ; rsync -aP "${SOURCE}"/ "${DESTINATION}"/ --exclude-from=<(cd "${SOURCE}" ; find -type d -name log | sed -e 's|./||')

Sync files partially.

rsync -avz --partial --inplace

which files differ between hosts.

rsync -nrlptDqv --delete --exclude napsjb/server/naps/tmp/ /opt/ongame/ 10.6.21.11:/opt/ongame | less
-n dry run.
-r recursive
-l copy symlinks av symlinks.
-p preserve permission
-t preserve tims.
-D --device --special. Keep special files.
-q quiet
-v verbose

sar

Old sar information.

sar -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00

load average.

sar -q -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00

All information.

sar -A -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00

View network statistics.

LANG=c sar -n DEV | grep eth0

realtime summary.

sar 4 5

script

Run command under shell even if it does not exist.

script -q -f -c "commands or scripts to run"

Run session under screen in script.

screen -dm bash -c 'script --timing=script1.tm script1.out'

Replay script recorded file

scriptreplay --timing script1.tm --typescript script1.out

scp

Limit to 1.2MB/s.

scp -l 10240 Rocky-8.5-x86_64-minimal.iso halfface.se:/temp/

search&replace

perl

grep -rsl '10.6.4.102' * | xargs perl -pi -e 's/10.6.4.102/10.6.4.103/'

sed

find . -type f -exec sed -i 's/string1/string2/g' {} \;

Grep for regexp starting with CN= and stop at first occurrence of ,. not greedy

grep -oE 'CN=[^,]*,'

setfacl

Add rwx permission for user_name recursivly from /directory

setfacl -Rm u:user_name:rwx /directory

Remove acl:s

setfacl -bn foobar

shred

Recurse remove dir

find /tmp/secret -type f -exec shred {} \;

shuf

Pick random line in file.

shuf -n1 /file

sms

Mail to sms gateway.

tele2
07XXXXXXXX@sms.tele2.se
Comviq
467xxxxxxxx@sms.comviq.se
Europolitan
4670xxxxxxx@europolitan.se

snmptrap

# send more than one string.
snmptrap -v 2c -Ci -u user -c community localhost "" .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string"
snmptrap -v 2c -Ci -u user -c community localhost  .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string"
snmptrap -v 2c -c xxxxxxx localhost  .1.3.6.1.4.1.5089.1.0.1 .1.3.6.1.4.1.5089.2.0.999 s "Hej Hej"

Simple trap

snmptrap  -v 1 -c public  localhost     0 0  

snmptrapd

# Enable logfile. /etc/sysconfig/snmptrapd
OPTIONS="-Lf /var/log/snmptrapd.log"
# Disable authorization and put in logfile. /etc/snmp/snmptrapd.conf
disableAuthorization yes
authCommunity log public

snmpwalk

Get information from an oid.

snmpwalk -v 1 -c public snmp.device.net .1.3.6.1.4.1.2021.84

Do tcpdump while running.

tcpdump -i eth0 -n -s0 -v host snmp.device.net and port snmp

socat

Create a tunnel between localhost 2222 to remote host 2222

socat TCP-LISTEN:2222,fork TCP:10.111.222.2:2222
socat TCP-LISTEN:22,fork,bind=127.0.0.1 TCP:192.168.0.15:5900

Create tunnel via systemctl Create file similar to this. /etc/systemd/system/socat_win.service

[Service]
ExecStart=/usr/bin/socat TCP-LISTEN:3389,fork TCP:192.168.122.204:3389

Enable new file.

systemctl daemon-reload

Start new daemon

systemctl start socat_win

sort

Sort ip address.

sort -t. +0n -1 +1n -2 +2n -3 +3n -4
sort -t . -k 1,1n -k 2,2n -k 3,3n -k 4,4n

sort on fift column

sort -t, -k5n,5 /tmp/gfp

Get a list of configured ip for a set of hosts. Sort on domain then hostname

pdsh ^/host_list 'ip route get 8.8.8.8 | awk "NR==1 {print \$NF}"' | sort -t . -k 2 -k 1

Sort on first column only.

sort -n -k 1,1

spawn

Encode wav to ogg in parallel.

 # ls -1 *.wav | while read ; do echo "oggenc -q6 \"$REPLY\"" ; done | spawn -j4

split

Devide file into parts containing 100 lines.

split -l 100 create_updated_2013-10-29_sort_created_ci_id_name.txt --numeric-suffixes --suffix-length=3 Cleanup.

Devide file in 10 parts. Suffix length 4.

split -n 10 -a 3 bigfile.tar.gz

sqlite

Is db broken?

sqlite3 mydata.db "PRAGMA integrity_check"

recover db

sqlite3 mydata.db ".dump" | sqlite3 new.db

Show databases

sqlite> .databases
main: /var/lib/tuptime/tuptime.db

List tables

sqlite> .tables
tuptime

Run sql command

sqlite> select * from tuptime;
1544984636|2387765.42|-1|0|0.0|Linux-4.19.8-200.fc28.x86_64-x86_64-with-fedora-28-Twenty_Eight

exit|quit

.quit

ss

List all connections.

ss -an

List processes and which port they listen too. Grep process.

ss -tulpn | grep 5405

ssh

ssh-keygen

Without prompts.

yes  | ssh-keygen -N  >/dev/null

Create key pair without input.

yes | ssh-keygen -C abjorklund@redbridge.se -t rsa -b 2048 -f /tmp/ssh-keygen

Remove pass phrase

ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]

Copy public key to authorized_keys

ssh-copy-id user@host

List supported ciphers

ssh -Q cipher

List supported MACs

ssh -Q mac

List supported public key type

ssh -Q key

List supported key exchange algorithms

ssh -Q kex

List supported ciphers, macs and kexalgorithms.

sshd -T | grep "\(ciphers\|macs\|kexalgorithms\)"

Run command each time you login via ssh.

$HOME/.ssh/rc

Tunnel

sudo ssh -nNTx -R 2222:localhost:22 andreasbj@www.halfface.se

Reverse tunnel.

ssh -D \*:666 www.halfface.se
ssh -N ipmon10.ny1.ip-soft.net -L43389:ippc01.ongame.ip-soft.net:3389
-n	Dont take console. Good for background.
-N	Do not execute a remote command
-T	Disable pseudo-tty allocation.
-x	Disables X11 forwarding.
-R port:host:hostport
sudo ssh -N -L 2222:www.halfface.se:22 www.halfface.se
sudo ssh -nNTx -R 2222:www.halfface.se:22 www.halfface.se
sudo ssh -nNTx -R 443:satellite.ongame.com:443 root@10.0.254.30 # Tunnel 443 over ssh from remote host via local host.

Open tunnel on remote host. Start remote proxy server forwarding to internal network.

ssh remotehost -R remoteport:localhost:localport "ssh -D 9050 localhost:remoteport"

Multiple reverse tunnel controled by autossh. (-M)Control port,(-f)background, (-N) no remote command, reverse tunnel (-R)

autossh -M 41000 -f -N -R 0.0.0.0:8001:192.168.1.10:80 -R 0.0.0.0:8002:192.168.1.20:80 user@remotehost

reverse tunnel bound to all interfaces

The config has to allow to bind to * interface. /etc/ssh/sshd_config GatewayPorts yes

sudo ssh -i ${HOME}/.ssh/id_dsa -N -R \*:2222:localhost:22 ${USER}@www.halfface.se

Create an ssh tunnel link

https://help.ubuntu.com/community/SSH_VPN
echo 1 > /proc/sys/net/ipv4/ip_forward
vim /etc/ssh/sshd_config  PermitTunnel=yes
sudo ssh -NTCf -w 0:0 1.2.3.4
sudo ssh -v -w any:any www.halfface.se
###
local:
ip link set tun0 up
ip addr add 169.254.0.1/32 peer 169.254.0.2 dev tun0
ip route add 192.168.0/24 via 169.254.0.2
remote:
ip link set tun1 up
ip addr add 169.254.0.2/32 peer 169.254.0.1 dev tun1
arp -sD 169.254.0.2 eth1 pub
### Change default gateway. In this case, 192.168.0.1 is Machine B's current default gateway; it is the gateway on Network B that provides internet connectivity
ip route add 1.2.3.4/32 via 192.168.0.1
ip route replace default via 10.0.0.1

Limit ssh access with pam_access

/etc/security/access.conf

Proxycommand without nc

Host server1
 Hostname 10.0.1.1
 ProxyCommand ssh -q -x jumphost -W %h:22

ssh over ipv6 via 2 network interface.

ssh -6 fe80::1ec1:deff:fecb:6ce%2

ssh options

None interactive. Dont ask for password.

-o BatchMode=yes

Accept all keys.

-o StrictHostKeyChecking=no

brow.sh

browser in terminal window.

ssh brow.sh

jail

/etc/sshd/sshd_config

Match group mychroot 
ChrootDirectory /jail/ 
X11Forwarding no 
AllowTcpForwarding no

sshd debug

Start deamon once in debug mode and put output to your console.

/etc/sysconfig/sshd
OPTIONS="-ddd"

Kill of sshd which is listening for new connections. Start sshd with the following command. Debug level can bee changed.

/usr/sbin/sshd -De -o LogLevel=DEBUG3

ssh multiple jumps one cli

Jump through host1.net to get to host2.net

ssh -t host1.net ssh -t host2

Jump through host1.net to host2.net and bring port 8080 with you.

ssh -t host1.net -L 8080:localhost:8080 ssh -t host2.net -L 8080:localhost:8080

ssh force password login

ssh -o StrictHostKeyChecking=no -o ControlPath=none -o ControlMaster=no -o PubkeyAuthentication=no user@host

sshfs mount filesystem over ssh

sshfs name@server:/path/to/folder /path/to/mount/point

sshpass

ssh with password provided on the command line.

sshpass -p P@ssW0rd ssh -t -o ControlPath=none -o PreferredAuthentications=password -o PubkeyAuthentication=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=Error user@localhost hostname

sshuttle

create a network route over ssh.

sshuttle -D -r user@remotehost:2222 192.168.1.0/24

stat

View file permissions only.

stat -c "%a %n" /usr/bin/bash
Access - the last time the file was read
Modify - the last time the file was modified (content has been modified)
Change - the last time meta data of the file was changed (e.g. permissions)

Copy permissions from one location to another.

rpm -qlp package.rpm | while read FILE ; do echo chmod $(stat -c "%a" $FILE) \"$FILE\";done > /tmp/copy_permissions.sh

strace

File open activity.

strace -e open -f ls -la /temp/

File open activity under directory.

 strace -e open -P /temp/ -f ls -la /temp/

More file activity.

strace -e trace=file -p 1234
strace -e trace=desc -p 1234

Trace network activity.

sudo strace -f -e trace=network -p 1476
# 1024 long strings.
sudo strace -s 1024 -f -e trace=network -p 1476
# strace follow process with matching regex.
strace -f -e poll,select,connect,recvfrom,sendto -p $(pgrep -f login-sync.xml)
# trace nework activity
strace -f -e trace=network -s 1000000 nc localhost 3333

Memory usage

sudo strace -f -e trace=memory -p $(pgrep -f firefox)

What is taking time

[root@util01 abjorklund]# strace -f -c -p 9657
 % time     seconds  usecs/call     calls    errors syscall
------ ----------- ----------- --------- --------- ----------------
 88.11   11.614155        1644      7065      1565 futex
  9.94    1.310794       16183        81        73 restart_syscall
  1.86    0.245018          86      2850           recvfrom
  0.05    0.006784          30       228           poll
  0.03    0.004006           2      1838           sendto
  0.00    0.000271           1       253           sched_yield
  0.00    0.000134          12        11           mmap
  0.00    0.000107           0      5176           ioctl
  0.00    0.000026           0       148       148 stat
  0.00    0.000000           0         1           read
  0.00    0.000000           0       254           write
  0.00    0.000000           0        44           mprotect
  0.00    0.000000           0         1           rt_sigreturn
------ ----------- ----------- --------- --------- ----------------
100.00   13.181295                 17950      1786 total

strace multiple processes

strace -s 1024 -f -o /tmp/strace $(pidof Process_name | sed 's/\([0-9]*\)/-p \1/g')

strace to hex output. Convert to utf8.

strace -xx -f -o/tmp/strace -s0 echo bajskorv
cat /tmp/strace | while read -r line; do printf "%b\n" "$line" ; done

sudo

Enable sudo logging

sed -i "$(( $(grep -n ^Defaults /etc/sudoers | tail -1 | awk -F: '{print $1}') + 1 ))iDefaults    log_output\nDefaults    log_input" /etc/sudoers

Command above adds the following to /etc/sudoers

Defaults    log_output
Defaults    log_input

List sudo-io logs.

sudoreplay -l

Search for string in logs.

zgrep search_string $(find /var/log/sudo-io/ -type f)

Replay session. Max wait 1s. 5 times the speed.

sudoreplay -m1 -s5 000002

Replay session including stdin

sudo sudoreplay -m1 -s5 -f stdin,stdout,stderr,ttyin,ttyout 000001

Which rules apply to user

sudo -l -U username

swapon/swapof

Free swap

(swapoff -a; swapon -a) & watch free -m

sysbench

cpu test.

sysbench cpu --cpu-max-prime=20000 --threads=32 run | grep "events per second"

ram test

sysbench memory --threads=32 run | grep sec

disk test

RAM_TWO=$(( $(grep MemTotal /proc/meminfo | awk '{print $2}') * 2 ))kb
sysbench fileio --file-total-size=${RAM_TWO} prepare > /dev/null
sysbench fileio --file-total-size=${RAM_TWO} --file-test-mode=rndrw --time=300 --max-requests=0 run|grep -E ' read, | written, '
sysbench fileio --file-total-size=${RAM_TWO} cleanup > /dev/null

sysctl

Rename machine.

sysctl kernel.hostname=ipmonxx.${CLIENT}.ip-soft.net

Set tcp keepalive

$ sysctl -a | grep tcp_keepalive
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 75
sudo sysctl -w net.ipv4.tcp_keepalive_time=60 net.ipv4.tcp_keepalive_probes=3 net.ipv4.tcp_keepalive_intvl=10
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 10

systemctl

init 3

systemctl isolate multi-user.target
systemctl set-default multi-user.target

init 5

systemctl isolate graphical.target
systemctl set-default graphical.target

When you have made changes to /etc/systemd/system/*.service

systemctl daemon-reload

List all units

systemctl list-unit-files

List units with problems

systemctl list-units --failed

create service

cd /etc/systemd/system ; vim $service.service ; systemctl daemon-reload

[Unit]
Description=Set laptop brightness
After=multi-user.target 

[Service]
Type=forking
ExecStart=/bin/sh -c 'echo 1000 > /sys/class/backlight/intel_backlight/brightness'

[Install]
WantedBy=default.target

Add groups to processes started by services script

[Service]
SupplementaryGroups=33 518

strace process started by systemctl

strace -f -o /tmp/strace.log -s 2048 -p 1 & systemctl restart httpd.service

systemctl show puma

Show variables of service

systemctl show puma

systemd-analyze

What takes time at startup.

systemd-analyze plot > /tmp/systemd-analyze-plot.svg ; chrome /tmp/systemd-analyze-plot.svg

systemd-resolved

resolvectl status

clear cache.

sudo systemd-resolve --flush-caches

Look at stats.

systemd-resolve --statistics

restart daemon to apply settings

systemctl daemon-reload
systemctl restart systemd-networkd
systemctl restart systemd-resolved

systemctl show

will show all available properties

systemctl show $service

tail

Tail from line number 21.

tail -n +21 /file

talk

Talks swedish.

espeak -v swedish -f /tmp/file

tar

Make a backup of a directory or disk.

server: tar -cpsf - $dir | pv -b | nc -l 3333
client: nc server 3333 | pv -b | tar -xpst -

Inline tar archive.

awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' $0
tail -n $0 > archive.tar # tail -n +347 Filename

Backup dir but exclude files within

tar zcf /tmp/backup_$(date '+%Y-%m-%d_%H-%M-%S').tar.gz /apps/app --exclude=/apps/app/var/* --exclude=/apps/app/logs/*

extract files remove 5 path element components.

tar xf archive.tar --strip-components 5

extract to other directory.

tar -xzf bar.tar.gz -C foo

extract files excluding path.

tar xf $file.tar.gz --transform='s/.*\///'

tcpdump

dump trafic information, -e Print the link-level header on each dump line, -vvv verbose.

tcpdump -e -vvv port 21

dump all trafic to and from machine. -w write to file, -s0 size of package, host to listen from.

time tcpdump -w ssl_dump -s0 host test.x30.webservices.itsfogo.com

dump all trafic into files of max 100MB. 270MB in reality.

tcpdump -w snoop -s0 -C 100000000

dump all trafic. compress logfiles. Create 10 files which are 10 MB big. Dont convert numbers to names. Dont truncate frames create logfile with this name.

tcpdump -z gzip -i wlan0 -C 10 -W 10 -n -s0 -w /tmp/tcpdump.log

Which machines send a syn packet.

sudo tcpdump -nn -i eth0 'tcp[13] = 2'

Show information about all traffic on interface.

tcpdump -s0 -i eth1 -vv

Show information about communication over port 514

tcpdump -Xni any port 514

listen on port 1023 for incoming trafic. disable local subnets.

sudo tcpdump -n -i eth0 tcp and dst host 172.17.17.6 and not src net 172.17.17.0/24 and not src net 158.0.0.0/8 and 'port 1023'

listen after torrent traffic.

sudo tcpdump -Xni any portrange 6882-6999

View content of http trafic

sudo tcpdump -i any -A -s 1500 dst 89.253.75.84 and port 80

View post in utf-8 format.

sudo tcpdump -lnp -i any -A -s 1500 dst 89.253.75.84 and port 80 -w - | tr -t '[^[:print:]]' ''

Get cookie

tcpdump -i lo -A -l dst port 8000 |     grep "^Cookie: "
To create cookie for curl: https://xiix.wordpress.com/2006/03/23/mozillafirefox-cookie-format/

Look at traffic from specific ip

tcpdump -n -i any -n host 198.18.130.9

Eavesdrop password

tcpdump -i any -A -s0 port 8030 | grep Authorization:

flags

tcpdump -enni eth0 host 172.30.142.11 port 5432

F - FIN
S - SYN
R - RST
P - PSH
U - URG
E - ECN Echo
W - ECN Cwnd Reduced
. - ACK only

tcptraceroute

tcptraceroute -n -q 1 192.168.0.1 -p 22

teamdctl

teamdctl team0 state view -v

telnet

Look at world map. a - z zoom.

telnet mapscii.me

testssl

test ssl certificate

testssl www.halfface.se

tftp

# Download test.file
tftp -v 172.17.17.6 -c get test.file
# Upload file.
tftp -v 172.17.17.6 -c put /tmp/test.put test.put
# Enable upload file in in.tftpd
/etc/xinetd.d/tftp
server_args        = -c -s /var/lib/tftpboot

tibco

show permissions.

help permissions

Create user

create user surveillance "Surveillance user" password=surveillance

Grant user permission to view all

grant admin user=surveillance view-all

time

Time in a loop.

{ time sleep 2 >> ${LOG} ; } 2>> ${LOG}

How long did a command take

TIME=$( { /usr/bin/time -f "%e" sleep 1.5 ;} 2>&1 ) ; echo $TIME

Built in time command. 3 decimals in seconds.

TIMEFORMAT='%3R'; time ( sleep 61.22222 )

timedatectl

Show info how clock is synced.

timedatectl timesync-status

timeout

limit waiting for a period.

timeout 2s sleep 100

Run function under timeout

export -f my_function ; timeout 1 bash -c 'my_function options'

Run loop for some time then exit.

timeout 172800 bash -c -- 'while true ; do echo $(TZ=UTC date "+%Y-%m-%d %H:%M:%S %Z") $(ping -w1 -q -c1 -i10 192.168.10.120 | grep received) ; sleep 1 ; done| tee /tmp/ping_192.168.10.120.log'

tnef

List content of winmail.dat. Remove options to extract to current dir.

tnef -t -f winmail.dat

toilet

Generate graphics text similar to banner.

toilet -F gay -f mono12 "Some Funky Text"

tor

Select outgoing country. https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 Set country in:

torrc

One or several exit countries.

ExitNodes {us}
ExitNodes {kr},{ru},{sy},{cn}

test exit node

ifconfig.me

top

Top batch mode run one iteration

top -bn1

top derivates

apachetop
dnstop
iftop
latencytop
glances

touch

touch -am 0910120003    Give a new access time on a file 0910120003MMDDhhmmyy

linux

touch -t 197102162324 *

tput

No line wraps

tput rmam

Line wraps

tput smam

invisible cursor

tput civis

visible cursor

tput cnorm

reset is a good command to reset shell

reset

tr

translate capital to lower letter.

tr '[:upper:]' '[:lower:]'

null character to new line

tr '\000' '\n' < /proc/3575/environ

trickle

Speed limit for download

rsync -ae "trickle -d 80 ssh" user@host:/src/ /dst/

Speed limit for upload.

rsync -ae "trickle -u 80 ssh" user@host:/src/ /dst/

Limit wget to 64kbit upload and download.

trickle -d 64 -u 64 wget "https://www.halfface.se/file.txt"

tune2fs(tunefs)

tune2fs -m 0 /dev/sdb1

type

What kind of command do we use. builtin or some file?

type ls

udevadm

Monitor udev events.

udevadm monitor

udevadm info --query=all --name=sda

look at values for disk. Can be used to locate san source.

udr

rsync over udp.

udr -a 57621 -b 57631 rsync -rP host.inter.net:/source/ /destination/

ulimt

Look at current limits for logged in user.

ulimit -a

Look at limits for process with pid 12345.

cat /proc/12345/limits

unetbootin

Boot iso image from usb memory.

upower

# Powerstatus of the system. battery charge.
upower --dump

urldecode/urlencode

Encode

perl -pe's/([^-_.~A-Za-z0-9])/sprintf("%%%02X", ord($1))/seg'
echo 1212341234== | jq -sRr @uri

Decode

perl -pe 's/%([0-9a-f]{2})/sprintf("%s", pack("H2",$1))/eig'

useradd

useradd --uid 666 --gid 666 --comment 'devil' devil && echo 'devil:VerySecretPassword' | chpasswd

v4l2

Video player

qv4l2

List available formatats and resolutions.

v4l2-ctl --list-formats-ext

List available formats

v4l2-ctl --list-formats

Set camera to h264

v4l2-ctl --set-fmt-video=width=800,height=448,pixelformat=1

Set framerate.

v4l2-ctl --set-parm=30

List video parameters

v4l2-ctl --get-fmt-video

List video output

v4l2-ctl --all

Disable autofocus

v4l2-ctl --verbose --set-ctrl=focus_auto=0
v4l2-ctl --verbose --set-ctrl=focus_absolute=0

version of linux

cat /etc/os-release

vi

:set ignorecase
:set list        show all keys.
:set nolist      show their representative.

wipefs

wipefs -a /dev/sdc

vmstat

top over time.

vmstat -n 5

Description:

r=procs waiting for cpu time.
b=procs in sleep mode.
swpd=virtual memory in use in swap.
free=memory free.
buff=memory used by buffers
cache=memory used as cache.
si=swap in.
so=swap out.
bi=io block in.
bo=io block out.
in=interups
cs=contex switching.
us=cpu user space
sy=cpu system usage to serve.
id=cpu idle
wa=cpu waiting for input output. iowait.
st=cpu time stolen from a virtual machine
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu-----
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 2  1 814984 167992  26820 999460    0    0     1     0 2467 5088  2  2 95  1  0   
 0  0 814984 168100  26820 999540    0    0     2   150 2467 5026  1  2 97  0  0

wget

wget -r -nH -np --cut-dirs=1 --no-check-certificate -U Mozilla --user={uname} --password={pwd} https://my-host/my-webdav-dir/my-dir-in-webdav

wget to standard output.

wget --no-check-certificate -S -O- http://inter.net

Special heather

wget 'http://halfface.se' --header='Cookie: has_js=1'

Mirror

wget 'https://halfface.se/test' -r -l 3 --convert-links -o log  --html-extension

whois

# When does a domain expire.
whois -h whois.iana.org sivberg.se
# which ipranges does an ipaddress belong too. In this case looking at google.
whois -h whois.radb.net -- "-i origin $(whois -s -h whois.radb.net 172.217.26.68 | grep ^origin | awk '{print $2}' | tail -1)" | grep ^route | awk '{print $2}'
# Who to find address range for site.
host www.facebook.com
whois 157.240.194.35 | grep CIDR

wireshark

find packet
packet details
string

ssl decryption

export SSLKEYLOGFILE=/tmp/sslkeylog ; curl -sv -d "blablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablabla" https://www.halfface.se
wireshark. Edit - Preferences - Protocols - TLS - (Pre) -master-Secret log file.

tshark

cli version

tshark -V -r $dump.pcap

wodim

Burning disks.

wodim -scanbus    # Scan scsi bus for burners.
wodim --devices   # Discover basic information.
wodim -checkdrive # Information about burner.
wodim -tao speed=0 dev=/dev/sr0 -v -data /temp/files/                      # Burn disk containing structure from /temp/files/
wodim -eject  -tao speed=0 dev=/dev/scd0 -v -data /my/directory/image.iso   # Burn image to disc.

write

Send message to someone via tty.

who | grep user

write message end with CTRL + d

write abjorklund pts/2

xargs

locate case insensetive, regular expression. xargs string to replace imput. Print output to standard error.

locate -ir ".*\.crt$" | xargs -I '{}' -t cp {} /temp/ssl/

Do something on everything from standard input.

ls -la | xargs -i% echo '# beginning #' % '# end of line #'

split several lines into groups.

for i in {00..99} ; do echo $i, ; done | xargs -L 20

xdotool

When you have to move your mouse but you dont want to push it.

xdotool mousemove_relative -- -1 -1
xdotool mousemove_relative 1 1

Send ab to window.

xdotool search --onlyvisible --name freerdp key a key b

xfs

xfs_repair -L /dev/mapper/vg00-root

xinput

# List xinputs.
xinput list
# List properties.
xinput list-props "Logitech Unifying Device. Wireless PID:400e"
# Middle button emulation.
xinput set-prop "Logitech Unifying Device. Wireless PID:400e" "Evdev Middle Button Emulation" 1
xinput set-prop 12 "libinput Middle Emulation Enabled" 1

xkill

Kill xorg process with id 0xb6ffa0

xkill -id 0xb6ffa0

List x applictions

xwininfo

Get recursive list of x applications.

xwininfo -root -tree

xmllint

prettify xml

xmllint --format -

xset

Disable screen saver

xset -dpms ; xset s noblank ;xset s off

Disable repeat

xset r off

Enable repeat

xset r on

xxd

Hex to binary

xxd -r -p hex.txt output.bin

Hex to binary in pipe

echo "$HEX" | xxd -r -p -

yum

download src rpm

yumdownloader --source net-snmp

Reinstall default repos.

yum reinstall yum-conf-sl6x-1-2

This will give you a directory with all rpm:s that are required to install rpm.

PKG=openssh-server ; yum install --downloadonly --installroot=/tmp/$PKG-installroot --releasever=6 --downloaddir=/tmp/$PKG $PKG

broken repos

yum install bareos-client --disablerepo=* --enablerepo=bareos

search for different versions

yum --showduplicates search percona-xtrabackup

zip

Zip directory exclude files .svn directory.

zip -r /temp/ssl.zip . -x ".svn/*"

List contents of zip archive.

unzip -l archive.zip

Unzip single file

unzip file.zip file/you/want/to/extract/the_file.txt

zdump

View information from timezone tz.

zdump -v /etc/localtime

Change timezone on host

ln -sfT ../usr/share/zoneinfo/Europe/Stockholm localtime

zfs

Get sync

zfs get sync datapool/netstorage/dog/prod
NAME                          PROPERTY  VALUE     SOURCE
datapool/netstorage/dog/prod  sync      standard  default

set sync

zfs set sync=disabled datapool/netstorage/dog/prod

List snapshots(can take time)

zfs list -t snapshot

List snapshots for one mount point.

zfs list -r -t snapshot -o name,creation datapool/netstorage/bro/prod

Displays the detailed health status

zpool status

List datasets

zfs list

Create dataset

zfs create datapool/netstorage/media

zdb

display zpool debugging and consistency information

zdb -d dataset

zpool list

Lists the given pools along with a health status and space usage.

iostat

Get iostat with values since last second.

zpool iostat are -y 1 -l