linux命令单次或组合样例
2024-10-15 05:43:56
###解压命令
.tar.gz 格式解压为 tar -zxvf xx.tar.gz
.tar.bz2 格式解压为 tar -jxvf xx.tar.bz2 ###
E:\TDDOWNLOAD\新建文件夹 (2)>dir >D:\program\PuTTY\a.txt
E:\TDDOWNLOAD\新建文件夹>dir >>D:\program\PuTTY\a.txt
D:\program\PuTTY>pscp.exe a.txt root@192.168.1.104:/root/
[root@localhost film]# tr -s ' ' ' ' <a.txt >b.txt
[root@localhost film]# cat name |grep "^\[" >name-1 ####查看进程pid的标准做法,pid文件全在/var/run/目录下
cat /var/run/httpd.pid
kill -TERM `cat /var/run/httpd.pid` ####查找大批量的文件时最合适了
[root@rac02 u01]# find /u01 -size +10M -type f|grep log_[0-9][0-9].xml
[root@rac02 u01]# find /u01 -size +10M -type f|grep l[0-9][0-9] ####单行变多行
[root@250-shiyan log]# echo /etc/init/avahi-{daemon,lol,what}.conf
/etc/init/avahi-daemon.conf /etc/init/avahi-lol.conf /etc/init/avahi-what.conf
[root@250-shiyan log]# echo /etc/init/avahi-{daemon,lol,what}.conf|xargs -n 1
/etc/init/avahi-daemon.conf
/etc/init/avahi-lol.conf
/etc/init/avahi-what.conf ####改名
[root@250-shiyan frag]# mv aabb.{dd,ee}
[root@250-shiyan frag]# ls
aabb.bak aabb.ee age check-root.sh eth.sh for.sh here.sh jj while2.sh while.sh
[root@250-shiyan frag]# cp mail.rc{,.bak} [root@rac02 log]# grep "Failed password for root" /var/log/secure.1|wc -l
27625
[root@rac02 log]# grep "Failed password for root" /var/log/secure.2|wc -l
63933
[root@rac02 log]# grep "Failed password for root" /var/log/secure.3|wc -l
51078
[root@rac02 log]# grep "Failed password for root" /var/log/secure.4|wc -l
82726
[root@rac02 log]# ll secure*
-rw------- 1 root root 8031968 Oct 27 09:41 secure
-rw------- 1 root root 37622253 Oct 26 04:03 secure.1
-rw------- 1 root root 48321044 Oct 19 04:03 secure.2
-rw------- 1 root root 37040497 Oct 12 04:04 secure.3
-rw------- 1 root root 29897126 Oct 5 04:03 secure.4
###来统计一下有多少人在暴力破解我的 root 密码吧
[root@rac02 log]# grep "Failed password for root" /var/log/secure | awk '{print $11}' | sort | uniq -c | sort -nr | more
###很明显我禁用了 root 登录,人家也不是那么笨,开始暴力猜用户名
[root@rac02 log]# grep "Failed password for invalid user" /var/log/secure | awk '{print $11}' | sort | uniq -c | sort -nr | more ###快速备份文件
[root@250-shiyan ~]# cp mail.rc{,.bak}
###循环显示pid为3066的pmap命令的结果,如果watch不方便的话,就用循环
[root@C44 ~]# while true; do pmap -d | tail -; sleep ; done
[root@250-shiyan sh]# while sleep 2;do pstree;done
[root@109-com1 ~]# while sleep 1;do echo `/usr/sbin/ss -n|grep ESTAB|awk '($2 && $3)!~/0/{printf $0}'`;done
###查看和本机80端口建立连接并状态在established的所有ip
[root@-comecs ~]# netstat -an |grep |grep ESTA |awk '{print$5 " "}' |awk 'BEGIN {FS=":"} {print $1 " "}' |sort |uniq
###查看系统tcp连接中各个状态的连接数。
[root@-comecs ~]# netstat -an|awk '/^tcp/ {++S[$NF]} END {for (a in S) print a,S[a]}'
ESTABLISHED
LISTEN
###查看udp所属进程,udp没有连接的概念,只能用tcpdump抓包才能看到有数据产生,tcp用netstat来查看。
###udp 查看com上的asterisk进程与cache的连接
[root@com1 ~]# tcpdump port
[root@com1 ~]# netstat -anp|grep
udp 0.0.0.0: 0.0.0.0:* /asterisk
###过滤出1521的连接,并排序第4列的字段,即local address
[root@-com1 asterisk]# netstat -nap|grep |sort -k
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
###持续观察命令输出,-d 高亮显示变化
[root@coreserv ~]# watch -d 'netstat -an|grep 10001'
[root@coreserv ~]# watch -d 'asterisk -rx "fltcs show client"'
[root@com1 ~]# watch -d 'ipvsadm -l --stats'
[root@com1 ~]# watch uptime
[root@com1 ~]# watch -t uptime
[root@com1 ~]# watch -d -n netstat -ntlp
[root@com1 ~]# watch -d 'ipvsadm -l --stats'
[root@com1 ~]# watch -d 'netstat -an|grep 10000'
[root@com1 ~]# tcpdump port udp
[root@com1 ~]# tcpdump tcp port -c -vv -w udp.pcap
[root@com1 ~]# netstat -anp|grep
###监测goface的文件
[root@com1 ~]# watch -d ’ls -l | fgrep goface’
[root@com1 ~]# watch -t -differences=cumulative uptime
###监控mail
[root@com1 ~]# watch -n from
###监测磁盘inode和block数目变化情况
[root@com1 ~]# watch -n 'df -i;df'
###测试http连接的请求时间
[root@CentOS5 dev]# curl -o /dev/null -s -w '%{time_connect}:%{time_starttransfer}:%{time_total}' http://www.vmware.com
电影字幕
Dialogue: 0,0:00:11.00,0:00:20.00,Default,,0000,0000,0000,,翻译:Duck two 基吉星团 Candice Emma 海鱼 \N城际以北 吭哧 lalala sorgenfri 以诺 杂食季 轻音 \N校对:杳杳 CC西 william2568
Dialogue: 0,0:01:28.75,0:01:30.95,Default,,0000,0000,0000,,这是一次电话线路自动测试\N{\fnMicrosoft YaHei\fs14\2a&HF0&\4a&H32&}This is an automated test of your digital phone line.{\r}
Dialogue: 0,0:01:31.13,0:01:32.96,Default,,0000,0000,0000,,抱歉打扰了\N{\fnMicrosoft YaHei\fs14\2a&HF0&\4a&H32&}Sorry for the interruption.{\r}
Dialogue: 0,0:01:34.21,0:01:35.55,Default,,0000,0000,0000,,查理 维克多 威士忌\N{\fnMicrosoft YaHei\fs14\2a&HF0&\4a&H32&}Charlie. Victor. Whiskey.{\r}
匹配每一行直到Default之前的内容,notepad中先替换成1,不能直接删除
^([^t]*)t
匹配每一行大括号里的内容,并删除之
\{\\[^{}]*\}
[root@localhost ~]# lsmod |wc -l [root@localhost ~]# modprobe -l|wc -l [root@localhost ~]# modprobe -l|grep ipvs
kernel/net/netfilter/ipvs/ip_vs.ko
kernel/net/netfilter/ipvs/ip_vs_rr.ko
kernel/net/netfilter/ipvs/ip_vs_wrr.ko
kernel/net/netfilter/ipvs/ip_vs_lc.ko
kernel/net/netfilter/ipvs/ip_vs_wlc.ko
kernel/net/netfilter/ipvs/ip_vs_lblc.ko
kernel/net/netfilter/ipvs/ip_vs_lblcr.ko
kernel/net/netfilter/ipvs/ip_vs_dh.ko
kernel/net/netfilter/ipvs/ip_vs_sh.ko
kernel/net/netfilter/ipvs/ip_vs_sed.ko
kernel/net/netfilter/ipvs/ip_vs_nq.ko
kernel/net/netfilter/ipvs/ip_vs_ftp.ko
kernel/net/netfilter/ipvs/ip_vs_pe_sip.ko
[root@localhost ~]# modprobe -l|grep kvm
kernel/arch/x86/kvm/kvm.ko
kernel/arch/x86/kvm/kvm-intel.ko
kernel/arch/x86/kvm/kvm-amd.ko
[root@localhost ~]# modprobe -l|grep ipta
kernel/net/ipv4/netfilter/iptable_filter.ko
kernel/net/ipv4/netfilter/iptable_mangle.ko
kernel/net/ipv4/netfilter/iptable_nat.ko
kernel/net/ipv4/netfilter/iptable_raw.ko
kernel/net/ipv4/netfilter/iptable_security.ko
3.
[root@localhost ~]# which passwd
/usr/bin/passwd
[root@localhost ~]# whereis passwd
passwd: /usr/bin/passwd /etc/passwd /usr/share/man/man1/passwd..gz /usr/share/man/man5/passwd..gz
[root@localhost ~]# locate passwd
/etc/passwd
/etc/passwd-
/etc/pam.d/passwd
/etc/security/opasswd
/lib64/security/pam_passwdqc.so
/lib64/security/pam_unix_passwd.so
[root@localhost ~]# find / -name passwd
/selinux/class/passwd
/selinux/class/passwd/perms/passwd
/usr/bin/passwd
/etc/pam.d/passwd
/etc/passwd
[root@localhost ~]# mkdir wode
[root@localhost ~]# locate wode
[root@localhost ~]# updatedb
[root@localhost ~]# locate wode
/root/wode
[root@localhost ~]# type type
type is a shell builtin
[root@localhost ~]# type cd
cd is a shell builtin
[root@localhost ~]# type if
if is a shell keyword
[root@localhost ~]# type ssh
ssh is /usr/bin/ssh
[root@localhost ~]# type -p ssh
/usr/bin/ssh
[root@localhost ~]# type ls
ls is aliased to `ls --color=auto'
[root@localhost ~]# type cp
cp is aliased to `cp -i' [root@localhost wode]# ls -altr
[root@localhost wode]# ls -alt
总用量
drwxr-xr-x. root root 2月 : .
dr-xr-x---. root root 2月 : ..
-rw-r--r--. root root 2月 : fi
-rw-r--r--. root root 2月 : ee
-rw-r--r--. root root 2月 : dd
-rw-r--r--. root root 2月 : aa
[root@localhost ~]# du -ab --max-depth=|sort -n
./.bash_logout
./.lesshst
./.xauth1RcH8v
./.cshrc
./.tcshrc
./.bash_profile
./.bashrc
./si
./.sqlite_history
./.mysql_history
###查找文件内容
[root@localhost ~]# find / -name "*.c" | xargs grep "printf"
[root@localhost ~]# find / -name "*.h" | xargs ls -alt|more
[root@localhost ~]# find / -name "*.c" | xargs grep "printf"|more
[root@localhost ~]# find ./ ! -type d
./.lesshst
./.sqlite_history
./.gconfd/saved_state
./.bashrc
2.
[root@Firewall ~]# snmpwalk -v 2c -c public localhost
[root@Firewall ~]# iptables -I INPUT -p UDP --dport -j ACCEPT
[root@Firewall ~]# lsof -i:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
snmpd root 8u IPv4 UDP *:snmp
[root@-com1 asterisk]# lsof -Pnl +M -i4|grep
asterisk 9u IPv4 0t0 UDP *:
[root@-com1 asterisk]# lsof -Pnl +M -i4|grep LISTEN|grep
asterisk 154u IPv4 0t0 TCP *: (LISTEN)
###-O n 以数字显示
[root@coreserv ~]# snmpwalk -c -O n -v 2c 192.168.2.254
###samba用户首先是系统用户,修改samba用户密码
[root@fileserv samba]# smbpasswd lizongbin
###nagios相关操作
[root@CentOS5 dev]# htpasswd -c /usr/local/nagios/htpasswd.users 用户名 新密码
[root@rac02 cache-bin]# java -jar ~/cache-monitor.jar localhost
###过滤配置文件
[root@coreserv ~]# less /etc/php.ini|grep -v "^;"|grep -v "^$"
###删除每行前导空格
[root@coreserv ~]# sed -e ‘s/^[ /t]*//g’
###去掉每行结尾的空格
[root@coreserv ~]# sed -e ‘s/[ ]*$//g’ 文件名
###sed怎么删除最后3行?
tac file|sed 1,3d|tac
sed '$d' file|sed '$d' |sed '$d'
grep "\<80\>" 精确匹配80,而不是8005或808都匹配,
[root@8a2serv com1_bak]# crontab -l
*/ * * * * /usr/sbin/ntpdate 192.168.2.1 && /sbin/clock -w > /dev/null >&
*/ * * * sh /etc/asterisk/logger.sh
*/ * * find /u01/asterisk/messages-* -ctime + | xargs rm -f [root@Firewall my]# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
[root@Firewall my]# rpm -ivh rpmforge-release-0.5.-.el5.rf.i386.rpm
[root@Firewall my]# yum install ntop
[root@Firewall my]# ntop &
[root@Firewall ~]# vi /etc/iptables_fw.sh
[root@Firewall ~]# iptables -A INPUT -p tcp --dport -j ACCEPT
[root@Firewall ~]# iptables -A OUTPUT -p tcp --sport -j ACCEPT
[root@Firewall ~]# sh /etc/iptables_fw.sh
[root@coreserv s]# tar czf gosh.tar.gz gosh
[root@coreserv s]# scp -P gosh.tar.gz 192.168.2.101:~/
[root@8a2serv ~]# fuser -k /dev/pts/* 断开所有用户的连接
[root@test1 ~]# fuser -u /usr/sbin/sshd
/usr/sbin/sshd: 2438e(root) 3754e(root) 6066e(root)
[root@test1 ~]# fuser -v /usr/sbin/sshd USER PID ACCESS COMMAND
/usr/sbin/sshd: root 2438 ...e. sshd
root 3754 ...e. sshd
root 6066 ...e. sshd
[root@test1 ~]# ps -ef|grep ssh
root 2438 1 0 08:27 ? 00:00:00 /usr/sbin/sshd
root 3754 2438 0 09:02 ? 00:00:00 sshd: root@pts/0
root 6066 2438 0 16:40 ? 00:00:00 sshd: root@pts/1
root 6144 6070 0 16:45 pts/1 00:00:00 grep ssh
[root@test1 ~]# fuser 10001/tcp -v USER PID ACCESS COMMAND
10001/tcp: root 2946 F.... asterisk
[root@test1 ~]# fuser 50001/tcp -v
[root@test1 ~]# fuser 50001/udp -v USER PID ACCESS COMMAND
50001/udp: root 2808 F.... java
1.网络
[root@225-oth ~]# ss -lnup|grep 50001
UNCONN 0 0 :::50001 :::* users:(("java",31662,30))
[root@225-oth ~]# ss -lnp|grep 10003
LISTEN 0 50 :::10003 :::* users:(("java",31662,31))
[root@-shiyan ~]# ss -lnu
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN *: *:*
UNCONN ::: :::*
UNCONN ::: :::*
[root@-shiyan ~]# ss -ln
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN ::: :::*
LISTEN *: *:*
LISTEN *: *:*
LISTEN ::: :::*
LISTEN *: *:*
LISTEN *: *:*
LISTEN *: *:*
LISTEN ::: :::*
LISTEN 127.0.0.1: *:*
[root@-com1 ~]# ss -s
Total: (kernel )
TCP: (estab , closed , orphaned , synrecv , timewait /), ports Transport Total IP IPv6
* - -
RAW
UDP
TCP
INET
FRAG
[root@-com1 ~]# ss -on|grep -v ""|more
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 192.168.2.215: 117.136.25.137: timer:(keepalive,75min,)
ESTAB 192.168.2.215: 117.136.25.182: timer:(keepalive,53min,)
ESTAB 192.168.2.215: 117.136.25.142: timer:(keepalive,113min,)
ESTAB 192.168.2.215: 117.136.25.137: timer:(on,.236ms,)
ESTAB 192.168.2.215: 117.136.25.179: timer:(keepalive,66min,)
[root@-com1 ~]# ss -pn|more
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 192.168.2.215: 117.136.25.137: users:(("asterisk",,))
ESTAB 192.168.2.215: 117.136.25.182: users:(("asterisk",,))
ESTAB 192.168.2.109: 192.168.2.2: users:(("asterisk",,))
ESTAB 192.168.2.215: 117.136.25.142: users:(("asterisk",,))
FIN-WAIT- 192.168.2.215: 223.104.11.175:
ESTAB 192.168.2.109: 192.168.2.80: users:(("sshd",,)) [root@-shiyan ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.2.250 is already in use for device eth0...
[ OK ]
[root@localhost ~]# ifconfig
eth1 Link encap:Ethernet HWaddr :0C::::A8
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=:0C::::A5
[root@localhost ~]# cat /etc/udev/rules.d/-persistent-net.rules
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:75:34:a8", ATTR{type}=="", KERNEL=="eth*", NAME="eth0"
[root@localhost ~]# ifup eth0 up
[root@localhost ~]# route add default gw 172.16.1.126
[root@localhost ~]# ifconfig eth0 192.168.2.128/ up 简单快速临时配置ip
[root@localhost ~]# ip link set eth0 up
[root@localhost ~]# ip addr add 172.16.1.40/ dev eth0
[root@localhost ~]# ip route add default via 172.16.1.126 dev eth0
[root@Firewall ~]# netstat -ntpl 查看所有监听端口
Active Internet connections (only servers)
[root@Firewall ~]# netstat -natlp 查看已建立连接
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
[root@084-monitor newmonitor]# cat log
192.168.2.223 1521 27758/tnslsnr
192.168.2.220 1521 3535/tnslsnr
192.168.2.2 1521 9815/tnslsnr
192.168.2.2 1521 9815/tnslsnr
192.168.2.1 1521 27467/tnslsnr
192.168.2.1 1521 18372/tnslsnr
192.168.2.1 1521 18372/tnslsnr
192.168.2.224 10000 14024/asterisk
192.168.2.224 10001 14024/asterisk
192.168.2.224 40006
192.168.2.224 40004
192.168.2.224 40001
最新文章
- 深入理解CSS六种颜色模式
- 采用DBCP连接池技术管理连接
- 实验1_IPv6地址配置
- 微型orm fluentdata
- .assetbundle 和.unity3d 好处
- WPF总结
- mysql导出多个表数据为excel方法,substring函数查询
- Android 4.4 音量调节流程分析(二)
- 杂乱无章之Oracle(一)
- tableview 在ios8上面分割线不全的问题
- 【BZOJ3653】谈笑风生(长链剖分)
- L330 Black hole picture captured for first time in space ‘breakthrough’
- LoadRuner12.53教程(三)
- CM记录-Hadoop运维管理
- CSS3页面布局方案
- RegExp.$1
- 通过实例看懂diff命令输出
- Swift与C类型对应关系表
- Cocos2d-x学习笔记(六)Label字体控制
- Java虚拟机(一):JVM简介