Tuesday, July 1, 2014

Useful Linux Commands

Useful Linux Commands


Disk space

Free disk space
  • df -k Mounted disk list 
  • df -h - shows disk free info 
  • du -sh - shows information about utilisation 
  • du -sk * | sort -n - what files/directories are using the most storage

What is taking up disk space?

  • find / -type f -size +100000k -exec ls -lh {} \; | awk '{print $5 ": " $NF}'

Find Folder size, sorted.

  • du * -sh | sort –nr

Remove specific files recursively

  • rm `find . -name '*.log'` -rf

Finding files
Finding files by filename
  • find / -name mystuff 
Note: this ignores symbolic links
Finding files by content

  • grep -H -r “the text” /home/tom 
Finding strings in file recursively looking through directories

  • find ./ |xargs grep -i StringToFind 
Finding the process that access a log file
  • fuser -m -u /var/log/logfile.log


What is blocking the local port?
  • netstat -tlnp | grep 50101
Finding the application that is using the port
  • lsof | grep 50101
Finding the application that is using the port
  • fuser -v -n tcp 80
  • netstat –i – list all the interfaces (including bonded interfaces)
  • netstat –s – summary statistics - dropped packets, retransmissions
  • netstat –l – show listening sockets - who’s got what port open
  • netstat –t – show active connections - who’s connected
  • netstat –r – show the routing table used by the kernel - what routes are currently loaded
  • ss -no state established '( dport = :8999 or sport = :8999 )' - who is connected to/from port 8999
  • ss -pmn (processes, memory, numeric – don’t resolve) (su to pricing) - show the process and memory info of each socket
With this command and its different options one can obtain statistics as well as configure any network adapter connected in the system.
  • ifconfig [devicename] [reqd. action] [options] :
example : To assign IP Address to a network adapter.
  • ifconfig eth0
whois [options] <arg[@server]> : Queries the WHOIS database, to retrieve available information about the given server / domain-name. example : To obtain information about a domain, suppose google.com.
  • whois google.com
ping [options] [host-address/name] : This command sends Internet Control Message Protocol (ICMP) to the specified network host. example : To ping a network host ""
  • ping
netstat [options] : Gives information about the all the network connections established by the system through different ports. -t : Displays only TCP socket connections -a : Displays all the sockets that is listening and non-listening ones For example :
  • netstat -a
traceroute [options] [host-name/address] : Displays identity of hosts visited by the packet while routing from its source to destination. -n : This option disables the DNS lookups for the IP Addresses example :
  • traceroute
route [options] [destination host-name/address] : Displays as well as allows to manipulate the IP routing table. -n : Displays IP addresses as by default hostnames are displayed example : The command below displays the numerical IP addresses in the IP routing table
  • route -n
telnet [options] [host] [port_number] : Does an interactive communication with another host through TELNET protocol on the specified port number. By default it uses TCP port number 23 and the connection is not encrypted. -l : specify user name to login as on the remote system example : To login into remote host in username "abc"
  • telnet -l abc
ssh [options] [username@host-address] : Enables a user to make secure remote login to the specified host address. -C : Compresses the data which sent over the connection to specified host -X : Enables the user to use X server features. example : In order to ssh to host with username "abc" following is the command.
  • ssh -X abc@
scp [options] [username@host-address:file_location] : Enables a user to make secure copy of the file to the specified host-address. -r : Recursively copies the data in directories -C : Compresses the data which sent over the connection to specified host example : In order to scp file.txt to host with username "abc" following is the command.
  • scp file.txt abc@\
wget [options] [URL] : Performs HTTP request from through the shell to get data from the URL -r : Get the URL and all its links in recursive manner
  • wget http://www.google.co.za

iptables [options] : This command requires root permission. It enables to carry out packet filtering and Network Address Translation. -F : Flush set of rules -n : Show rules without carrying out DNS lookups -A : Appends one or more rules to the end of the selected chain. -j : Specify the target of the rule -s : specify source -L : Current rules are listed For example : To block packets from certain IP Address, can be done by
  • iptables -A INPUT -s -j DROP
tcpdump [options] : Outputs the contents of packets on the network interface. It can also output only certain packets based on the condition provided.
-i ether0 to select the interface you what to monitor
  • tcpdump -i ethe0

How To Find My Public IP Address From Command Line On a Linux

  •  dig +short myip.opendns.com @resolver1.opendns.com


  • top : The top program provides a dynamic real-time view of a running system.
  • mpstat : writes to standard output activities for each available processor. Repeat every second : "mpstat 1"
  • ps : Display all running processes (eg : to list java processes = "ps -ef | grep java" )
  • pgrep : Looks through the currently running processes and lists the process IDs which matches the selection criteria to screen
  • pstree : shows running processes as a tree
  • netstat : displays network connections (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics (the very useful "-p" option is not allowed in PROD unless you're root)
  • htop : Show all CPU running process (For mutilator CPU)
Find threads/handles for all users
  • ps -eLf 
Total counts on threads/handles for all users
  • ps -eLf | wc -l


  • Never use kill -9 if you can help it
  • You can send any signal you like (use kill -l to list them) SIGUSR1 and SIGUSR2 are user defined. Each signal has a default action, e.g. to temporarily interrupt or to terminate the program

 strace - system trace

  • strace -p 25292 -f : trace pid 25292 in real time
  • strace -p 25292 -f -c : trace pid 25292 and report summary statistics on exit

How to use VI editor.


For adding text to a file  ( press Esc and then below command)  . The three most common ways to enter the Insert Mode are:
iStarts inserting in front of the current cursor position
IStarts adding at the front of the line
aStarts adding after the cursor
AStarts adding at the end of the line
oStarts opening a new line underneath the cursor
OStarts opening a line above the cursor.
<Esc>Gets out of Insert Mode


Generally for moving the cursor and deleting stuff.
In the Edit Mode, the keys do not type letters, but do other actions such as cursor movement, deletions, copying lines, etc.
LetterSimple Cursor Movement
hMoves cursor left one spaceNote: the Arrow keys do work locally, but sometimes mess up over a network.
jMoves cursor down one line
kMoves cursor up one line
lMoves cursor right one space
Fast Cursor Movement
wMoves the cursor a full word at a time to the right
bMoves the cursor back to the left a word at a time
^Moves the cursor to the front of a line
$Moves the cursor to the end of a line
<ctrl>fMoves the cursor forward a full page of text at a time
<ctrl>bMoves the cursor backward a full page of text at a time
Modifying Text
xDeletes the character under the cursor
ddDeletes the line where the cursor is located (type d twice!)
n ddDelete n consecutive lines ( n is an integer)
rReplaces the character under the cursor with the next thing typed
JJoins current line with the one below (Capital J!)
uUndoes the last edit operation
<ctrl> rRedo (Undoes the last undo operation)
Cut and Paste Operations
yyCopies or yanks a line ( 5yy yanks 5 lines)
pPuts the yanked text on the line below the cursor (lower case p)
PPuts the yanked text above the current line (capital P)
Note: If vi is already in the input mode, text from that or another window may be highlited using the left mouse button, and copied into place by pressing the middle mouse button.


For interacting with the operating system. To enter the Command Mode, a colon “ : ” must precede the actual command.
: r <file>reads a file from disk into the vi editor
: w <file>writes current file to disk
: wqwrites the file and quits vi
: q!quits without writing (useful if you’ve messed up!)