Tuesday, July 1, 2014

Useful Linux Commands

Useful Linux Commands

Linux

Disk space

Free disk space
  • df -k Mounted disk list 
  • df -h - shows disk free info 
  • du -sh - shows information about utilisation 
  • du -sk * | sort -n - what files/directories are using the most storage

What is taking up disk space?

  • find / -type f -size +100000k -exec ls -lh {} \; | awk '{print $5 ": " $NF}'

Find Folder size, sorted.

  • du * -sh | sort –nr

Remove specific files recursively

  • rm `find . -name '*.log'` -rf

Finding files
Finding files by filename
  • find / -name mystuff 
Note: this ignores symbolic links
Finding files by content


  • grep -H -r “the text” /home/tom 
Finding strings in file recursively looking through directories

  • find ./ |xargs grep -i StringToFind 
Finding the process that access a log file
  • fuser -m -u /var/log/logfile.log

Networking

What is blocking the local port?
  • netstat -tlnp | grep 50101
Finding the application that is using the port
  • lsof | grep 50101
  • List Open Files
  • lsof List all files opened by any process
  • lsof-p 1000 List files opened by a process with PID 1000
  • sof -p ^1000 ist files opened by any other process than PID 1000
  • lsof-u <username> List files opened by specific user-owned processes
  • sof -u^root List files opened by all non-root users
  • sof <directory> Show what processes are using <directory>
  • lsof <filename> List all processes that have opened <filename>
  • lsof+D /tmp List all files that have been opened under /tmp
  • [sof +L1 List files deleted but still held open by running processes
  • lsof-c <command> List open files by processes executing <command>
  • lsof-d mem List all memory-mapped files
  • List Network Connections and Sockets
  • lsof-i List all open network connections
  • lsof-i:80 List open TCP/UDP connections with port 80
  • lsof-i tcp:1-1024 List open TCP connections with a given port range
  • lsof-i-n List open network connections with no reverse DNS lookup
  • lsof-i-n -P List open network connections with no port name conversion
  • lsof-i6 List open IPv6 network connections (-i4 for IPv4)
  • Other Usages
  • lsof-U List open unix domain sockets
  • sof /dev/tty1 List commands/processes associated with /dev/tty-
  • kill -9 $(lsof-t -u <username>) Kill all activities of a specific user
  • 192
  • 34 shares
Finding the application that is using the port
  • fuser -v -n tcp 80
  • netstat –i – list all the interfaces (including bonded interfaces)
  • netstat –s – summary statistics - dropped packets, retransmissions
  • netstat –l – show listening sockets - who’s got what port open
  • netstat –t – show active connections - who’s connected
  • netstat –r – show the routing table used by the kernel - what routes are currently loaded
  • ss -no state established '( dport = :8999 or sport = :8999 )' - who is connected to/from port 8999
  • ss -pmn (processes, memory, numeric – don’t resolve) (su to pricing) - show the process and memory info of each socket
With this command and its different options one can obtain statistics as well as configure any network adapter connected in the system.
  • ifconfig [devicename] [reqd. action] [options] :
example : To assign IP Address to a network adapter.
  • ifconfig eth0 192.168.1.1
whois [options] <arg[@server]> : Queries the WHOIS database, to retrieve available information about the given server / domain-name. example : To obtain information about a domain, suppose google.com.
  • whois google.com
ping [options] [host-address/name] : This command sends Internet Control Message Protocol (ICMP) to the specified network host. example : To ping a network host "192.168.1.1"
  • ping 192.168.1.1
netstat [options] : Gives information about the all the network connections established by the system through different ports. -t : Displays only TCP socket connections -a : Displays all the sockets that is listening and non-listening ones For example :
  • netstat -a
traceroute [options] [host-name/address] : Displays identity of hosts visited by the packet while routing from its source to destination. -n : This option disables the DNS lookups for the IP Addresses example :
  • traceroute 192.168.1.1
route [options] [destination host-name/address] : Displays as well as allows to manipulate the IP routing table. -n : Displays IP addresses as by default hostnames are displayed example : The command below displays the numerical IP addresses in the IP routing table
  • route -n
telnet [options] [host] [port_number] : Does an interactive communication with another host through TELNET protocol on the specified port number. By default it uses TCP port number 23 and the connection is not encrypted. -l : specify user name to login as on the remote system example : To login into remote host 192.168.1.1 in username "abc"
  • telnet -l abc 192.168.1.1
ssh [options] [username@host-address] : Enables a user to make secure remote login to the specified host address. -C : Compresses the data which sent over the connection to specified host -X : Enables the user to use X server features. example : In order to ssh to host 192.168.1.1 with username "abc" following is the command.
  • ssh -X abc@192.168.1.1
scp [options] [username@host-address:file_location] : Enables a user to make secure copy of the file to the specified host-address. -r : Recursively copies the data in directories -C : Compresses the data which sent over the connection to specified host example : In order to scp file.txt to host 192.168.1.1 with username "abc" following is the command.
  • scp file.txt abc@192.168.1.1:~\
wget [options] [URL] : Performs HTTP request from through the shell to get data from the URL -r : Get the URL and all its links in recursive manner
  • wget http://www.google.co.za

iptables [options] : This command requires root permission. It enables to carry out packet filtering and Network Address Translation. -F : Flush set of rules -n : Show rules without carrying out DNS lookups -A : Appends one or more rules to the end of the selected chain. -j : Specify the target of the rule -s : specify source -L : Current rules are listed For example : To block packets from certain IP Address 192.168.1.1, can be done by
  • iptables -A INPUT -s 192.168.1.1 -j DROP
tcpdump [options] : Outputs the contents of packets on the network interface. It can also output only certain packets based on the condition provided.
-i ether0 to select the interface you what to monitor
  • tcpdump -i ethe0

How To Find My Public IP Address From Command Line On a Linux

  •  dig +short myip.opendns.com @resolver1.opendns.com

Processes

  • top : The top program provides a dynamic real-time view of a running system.
  • mpstat : writes to standard output activities for each available processor. Repeat every second : "mpstat 1"
  • ps : Display all running processes (eg : to list java processes = "ps -ef | grep java" )
  • pgrep : Looks through the currently running processes and lists the process IDs which matches the selection criteria to screen
  • pstree : shows running processes as a tree
  • netstat : displays network connections (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics (the very useful "-p" option is not allowed in PROD unless you're root)
  • htop : Show all CPU running process (For mutilator CPU)
Find threads/handles for all users
  • ps -eLf 
Total counts on threads/handles for all users
  • ps -eLf | wc -l

kill

  • Never use kill -9 if you can help it
  • You can send any signal you like (use kill -l to list them) SIGUSR1 and SIGUSR2 are user defined. Each signal has a default action, e.g. to temporarily interrupt or to terminate the program

 strace - system trace

  • strace -p 25292 -f : trace pid 25292 in real time
  • strace -p 25292 -f -c : trace pid 25292 and report summary statistics on exit

How to use VI editor.

INSERT Mode

For adding text to a file  ( press Esc and then below command)  . The three most common ways to enter the Insert Mode are:
LetterAction
iStarts inserting in front of the current cursor position
IStarts adding at the front of the line
aStarts adding after the cursor
AStarts adding at the end of the line
oStarts opening a new line underneath the cursor
OStarts opening a line above the cursor.
<Esc>Gets out of Insert Mode

EDIT Mode

Generally for moving the cursor and deleting stuff.
In the Edit Mode, the keys do not type letters, but do other actions such as cursor movement, deletions, copying lines, etc.
LetterSimple Cursor Movement
hMoves cursor left one spaceNote: the Arrow keys do work locally, but sometimes mess up over a network.
jMoves cursor down one line
kMoves cursor up one line
lMoves cursor right one space
Fast Cursor Movement
wMoves the cursor a full word at a time to the right
bMoves the cursor back to the left a word at a time
^Moves the cursor to the front of a line
$Moves the cursor to the end of a line
<ctrl>fMoves the cursor forward a full page of text at a time
<ctrl>bMoves the cursor backward a full page of text at a time
Modifying Text
xDeletes the character under the cursor
ddDeletes the line where the cursor is located (type d twice!)
n ddDelete n consecutive lines ( n is an integer)
rReplaces the character under the cursor with the next thing typed
JJoins current line with the one below (Capital J!)
uUndoes the last edit operation
<ctrl> rRedo (Undoes the last undo operation)
Cut and Paste Operations
yyCopies or yanks a line ( 5yy yanks 5 lines)
pPuts the yanked text on the line below the cursor (lower case p)
PPuts the yanked text above the current line (capital P)
Note: If vi is already in the input mode, text from that or another window may be highlited using the left mouse button, and copied into place by pressing the middle mouse button.

COMMAND Mode

For interacting with the operating system. To enter the Command Mode, a colon “ : ” must precede the actual command.
LetterAction
: r <file>reads a file from disk into the vi editor
: w <file>writes current file to disk
: wqwrites the file and quits vi
: q!quits without writing (useful if you’ve messed up!)