Forwards localhost:1234 to machine:port, running all data through your chain of piped commands. The above command logs inbound and outbound traffic to two files. Tip: replace tee with sed to manipulate the data in real time (use "sed -e 's/400 Bad Request/200 OK/'" to tweak a web server's responses ;-) Limitless possibilities.
Blacklisted is a compiled list of all known dirty hosts (botnets, spammers, bruteforcers, etc.) which is updated on an hourly basis. This command will get the list and create the rules for you, if you want them automatically blocked, append |sh to the end of the command line. It's a more practical solution to block all and allow in specifics however, there are many who don't or can't do this which is where this script will come in handy. For those using ipfw, a quick fix would be {print "add deny ip from "$1" to any}. Posted in the sample output are the top two entries. Be advised the blacklisted file itself filters out RFC1918 addresses (10.x.x.x, 172.16-31.x.x, 192.168.x.x) however, it is advisable you check/parse the list before you implement the rules Show Sample Output
Find files in a specific date range - in this case, the first half of last year.
-newermt = modification time of the file is more recent than this date
GNU find allows any date specfication that GNU date would accept, e.g.
find . -type f -newermt "3 years ago" ! -newermt "2 years ago"
or
find . -type f -newermt "last monday"
Write a file you edited in Vim but that you do not have the permissions to write to (unless you use sudo.) Same as #1204 but without the echo to stdout that I find annoying.
How often do you make a directory (or series of directories) and then change into it to do whatever? 99% of the time that is what I do. This BASH function 'md' will make the directory path then immediately change to the new directory. By using the 'mkdir -p' switch, the intermediate directories are created as well if they do not exist. Show Sample Output
Get your colorized grep output in less(1). This involves two things: forcing grep to output colors even though it's not going to a terminal and telling less to handle those properly.
remotely connects to an https site, fetches the ssl certificate and displays the valid dates for the cert
Print all columns except the 1st and 3rd.
Negative shell globs already come with bash. Make sure to turn on extended pattern matching with 'shopt -e extglob'.
This captures traffic on a remote machine with tshark, sends the raw pcap data over the ssh link, and displays it in wireshark. Hitting ctrl+C will stop the capture and unfortunately close your wireshark window. This can be worked-around by passing -c # to tshark to only capture a certain # of packets, or redirecting the data through a named pipe rather than piping directly from ssh to wireshark. I recommend filtering as much as you can in the tshark command to conserve bandwidth. tshark can be replaced with tcpdump thusly:
ssh root@example.com tcpdump -w - 'port !22' | wireshark -k -i -
If you're a moron like me, sometimes your fingers get away from you and you, for example, enter your password when you're already authenticated to ssh-agent, sudo, etc., and your password ends up in shell history. Here's how to get it out. Show Sample Output
You have an external USB drive or key. Apply this command (using the file path of anything on your device) and it will simulate the unplug of this device. If you just want the port, just type : echo $(sudo lshw -businfo | grep -B 1 -m 1 $(df "/path/to/file" | tail -1 | awk '{print $1}' | cut -c 6-8) | head -n 1 | awk '{print $1}' | cut -c 5- | tr ":" "-") Show Sample Output
Even faster without the need for cut... :)
If X is 5, it will about a number between 1 and 5 inclusive. This works in bash and zsh. If you want between 0 and 4, remove the +1.
This command is more portable than it's cousin netstat. It works well on all the BSDs, GNU/Linux, AIX and Mac OS X. You won't find lsof by default on Solaris or HPUX by default, but packages exist around the web for installation, if needed, and the command works as shown. This is the most portable command I can find that lists listening ports and their associated pid. Show Sample Output
If you want to be notified when a long-running command is finished, but you have already started it:
CTRL+Z
fg; echo "finished" | sendmail me@example.com
I use a script to post a tweet, which sends me a txt:
fg; echo "finished" | tweet
sorts the files by integer megabytes, which should be enough to (interactively) find the space wasters. Now you can
dush
for the above output,
dush -n 3
for only the 3 biggest files and so on. It's always a good idea to have this line in your .profile or .bashrc
Show Sample Output
~$ tar --version tar (GNU tar) 1.20
After the command is done, open the html file in a browser
this exits bash without saving the history. unlike explicitly disabling the history in some way, this works anywhere, and it works if you decide *after* issuing the command you don't want logged, that you don't want it logged
... $$ ( or ${$} ) is the pid of the current bash instance
this also works perfectly in shells that don't have $$ if you do something like
kill -9 `readlink /proc/self`
Long before tabbed terminals existed, people have been using Gnu screen to open many shells in a single text terminal. Combined with ssh, it gives you the ability to have many open shells with a single remote connection using the above options. If you detach with "Ctrl-a d" or if the ssh session is accidentally terminated, all processes running in your remote shells remain undisturbed, ready for you to reconnect. Other useful screen commands are "Ctrl-a c" (open new shell) and "Ctrl-a a" (alternate between shells). Read this quick reference for more screen commands: http://aperiodic.net/screen/quick_reference
Dumps a MySQL database over a compressed SSH tunnel and uses it as input to mysql - i think that is the fastest and best way to migrate a DB to a new server!
commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.
Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.
» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10
Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):
Subscribe to the feed for: