Monday, November 12, 2012

Linux command line tips and tricks

This post lists a number of useful tips and tricks from my daily Linux experience. Mostly I deal with RHEL but I believe these commands are quite independent on Linux distribution (or can be adapted).

Network commands
Here are network commands represented.

Basic net utils:
# Who is listening to port:
netstat -lp | grep <port>

# Show all connections with numeric addresses and proc IDs:
netstat -anp

# Listen to port (to check connectivity from another side):
netcat -l -p <port>
# -or-
nc -l -p <port>
SSH tunnel:
# Tunnel to remote_ip:remote_port via proxy_ip with known login/password
# The remote_ip:remote_port is being redirected to localhost:local_port
ssh -L local_port:remote_ip:remote_port login@proxy_ip

# Real-world example of tunnel to remote Sedna XML DB:
ssh -L 5050: pxqa1@
Download via HTTP proxy with wget:
# Download resource from internet from behind a proxy:
http_proxy=http://host:port ; export http_proxy ; wget --proxy=on

# The same for ftp resources:
ftp_proxy=http://host:port ; export ftp_proxy ; wget --proxy=on
Telnet via HTTP proxy:
# 1. Connect to the proxy:
pxqa1@server:/home/pxqa1>telnet 8080
Connected to (
Escape character is '^]'.

## 2. Establish SFTP tunnel
CONNECT remote_sftp_server:22 HTTP/1.0
Proxy-Authorization: Basic bnhw...OQ==

HTTP/1.1 200 Connection established

SSH-2.0-OpenSSH_5.1p1 FreeBSD-20080901

## -or- 2. Establish HTTP tunnel

## -or- 2. Establish FTP tunnel
CONNECT remote_ftp_server:21 HTTP/1.0
Proxy-Authorization: Basic bnhw...OQ==

HTTP/1.1 200 Connection established

220 Test FTP server (version 6.1.1) ready.
USER username
331 Password required for username.
PASS password
230-Welcome to Test!
230 User username logged in.
Transfer data with rsync:
# Copy/update data locally:
rsync -acv --delete source_path destination_path

# Copy/update data remotely via SSH, e.g. war build:
rsync -acv --delete --rsh=ssh .war jboss@

# Upload files interruption-safe:
rsync -av --partial --rsh=ssh local_file_name username@remote_host:remote_path
# Show all rules:
iptables -L
# Show all rules with numeric addresses:
iptables -L -n

# Manage service:
service iptables start/stop/status
# Save changes to config file:
service iptables save

# Redirect port, e.g. from 80 to 8080:
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

# Block particular IP address:
iptables -I INPUT -s -j DROP
# Unblock particular IP address:
iptables -D INPUT -s -j DROP

# Delete chains/rules in table 'nat'
iptables -t nat -F
iptables -t nat -X

Local commands
Here are local commands represented.

Specific finds:
# Find by name with wildcards, e.g. '*.txt'
find . -name "*.txt"

# Find files that contain specific substring, e.g. 'qqq'
find . -exec grep 'qqq' '{}' \; -print

# Find broken symlinks
find . -xdev -type l -print0 | xargs -0 -I '{}' sh -c "[ -e '{}' ] || (echo '{}' is broken)"
One-liners with bash logic:
# Using for loop, e.g. removing all .svn directories recursively
for i in `find -name .svn`; do rm -fr $i ; done

# Using if condition
if [ $t -eq 10 ] ; then echo 'yes'; elif echo 'no'; fi
AWK and SED transformations:
# Just a simple example - extracting time value from ping response
PINGRESPONSE="64 bytes from icmp_seq=1 ttl=128 time=0.221 ms"
TIME=`echo $PINGRESPONSE | awk '{print $7}' | sed 's/time=//'`