Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2011-03-12 - Confoo 2011 presentation
Slides are available from the commandlinefu presentation at Confoo 2011: http://presentations.codeinthehole.com/confoo2011/
2011-01-04 - Moderation now required for new commands
To try and put and end to the spamming, new commands require moderation before they will appear on the site.
2010-12-27 - Apologies for not banning the trolls sooner
Have been away from the interwebs over Christmas. Will be more vigilant henceforth.
2010-09-24 - OAuth and pagination problems fixed
Apologies for the delay in getting Twitter's OAuth supported. Annoying pagination gremlin also fixed.
Hide

Top Tags

Hide

Functions

Commands using grep from sorted by
Terminal - Commands using grep - 1,600 results
for i in $(svn st | grep "?" | awk '{print $2}'); do svn add $i; done;
find . -type f -name '*.html' -exec grep -H HACKED {} \; > hacklog.txt
2009-02-16 08:57:25
User: nullrouter
Functions: find grep
0

This will check all .HTML file contents for the word "Hacked" and dump it to hacklog.txt. This is great for located all those files affected by nasty Joomla exploits. Change the .HTML to any other extension you wish to check, and of course the word "HACKED" for other searches.

netstat -anl | grep :80 | awk '{print $5}' | cut -d ":" -f 1 | uniq -c | sort -n | grep -c IPHERE
2009-02-16 08:54:08
User: nullrouter
Functions: awk cut grep netstat sort uniq
3

This will tell you who has the most Apache connections by IP (replace IPHERE with the actual IP you wish to check). Or if you wish, remove | grep -c IPHERE for the full list.

netstat -pant 2> /dev/null | grep SYN_ | awk '{print $5;}' | cut -d: -f1 | sort | uniq -c | sort -n | tail -20
2009-02-16 08:49:38
3

List top 20 IP from which TCP connection is in SYN_RECV state.

Useful on web servers to detect a syn flood attack.

Replace SYN_ with ESTA to find established connections

find . -type f -exec grep -l pattern {} \; | xargs vi +/pattern
find . -type f -exec grep -l XXX {} \;|tee /tmp/fileschanged|xargs perl -pi.bak -e 's/XXX/YYY/g'
2009-02-16 02:55:23
User: drossman
Functions: find grep perl tee xargs
6

Find all files that contain string XXX in them, change the string from XXX to YYY, make a backup copy of the file and save a list of files changed in /tmp/fileschanged.

ls -F | grep '\''\*'\'' | sed '\''s/\*$//'\
strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo
2009-02-16 00:39:28
User: jbcurtis
Functions: grep head strings tr
44

Find random strings within /dev/urandom. Using grep filter to just Alphanumeric characters, and then print the first 30 and remove all the line feeds.

dd bs=1 count=32 if=/dev/random 2> /dev/null | md5 | grep -o '\w*'
ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'
2009-02-15 20:43:21
Functions: grep ls sed
55

Prints a graphical directory tree from your current directory

du -hs * | grep '^[0-9,]*[MG]' | sort -rn
dpkg --list '*linux*' | grep '^ii'
2009-02-13 17:05:37
User: piyo
Functions: grep
1

I sometimes want to know what packages are installed on my Ubuntu system. I still haven't figured out how to use aptitude effectively, so this is the next best thing. This allows finding by name.

The grep '^ii' limits the display to only installed packages. If this is not specified, then it includes listing of non-installed packages as well.

find . -type f -print | xargs grep foo
curl -s http://myip.dk | grep '<title>' | sed -e 's/<[^>]*>//g'
2009-02-13 01:44:12
User: uzi
Functions: grep sed
3

add this alias in .bashrc to fast check the ip address of your modem router

alias myip="curl -s http://myip.dk | grep '' | sed -e 's/]*>//g'"

nmap -sT -p 80 -oG - 192.168.1.* | grep open
2009-02-11 17:47:27
User: bendavis78
Functions: grep
18

Change the -p argument for the port number. See "man nmap" for different ways to specify address ranges.

svn st | grep /main/java | awk '{print $2}' | xargs echo | xargs svn ci -m "my comment here"
FAIL2BAN=`ps ax | grep fail2ban | grep -v grep | awk {'print $1'}` && if [ -n "$FAIL2BAN" ]; then printf "\n[INFO] Fail2Ban is running and the PID is %s\n\n" $FAIL2BAN; else printf "\n [INFO] Fail2Ban is not running\n\n"; fi
2009-02-11 04:36:49
User: fmdlc
Functions: awk grep printf
-6

Check if Fail2Ban is running on the system and alert it with a message in the terminal

svn st | grep "^\?" | awk "{print \$2}" | xargs rm -rf
ps aux | grep [h]ttpd
2009-02-10 02:59:20
User: abcde
Functions: grep ps
10

Surround the first letter of what you are grepping with square brackets and you won't have to spawn a second instance of grep -v. You could also use an alias like this (albeit with sed):

alias psgrep='ps aux | grep $(echo $1 | sed "s/^\(.\)/[\1]/g")'

ls -R | grep : | sed -e '\''s/:$//'\'' -e '\''s/[^-][^\/]*\//--/g'\'' -e '\''s/^/ /'\'' -e '\''s/-/|/'\''
2009-02-09 22:32:01
User: scw
Functions: grep ls sed
-3

Shows the current directory and those below it in a simple tree structure. Recommended use:

alias lt='$command_above'

grep -lir "text to find" *
grep -r "sampleString" . |uniq | cut -d: -f1 | xargs sed -i "/sampleString/d"
2009-02-09 20:21:30
User: sk1418
Functions: cut grep sed xargs
-2

checking files in current and sub directories, finding out the files containing "sampleString" and removing the containing lines from the file.

* Beware that The command will update the original file [no backup].

The command can be extended if play with 'find' command together,

e.g. it is possible to execute on certain type of files: *.xml, *.txt... (find -name "*.xml" | grep....)

if anybody knows a better solution on that, please drop a comment. thx.

find . \( -name '*.h' -o -name '*.cc' \) | xargs grep . | wc -l
2009-02-09 11:44:35
User: dgomes
Functions: find grep wc xargs
3

Counts number of lines of code in *.h and *.cc files

alias pfind='ps aux | grep '
df -x tmpfs | grep -vE "(gvfs|procbususb|rootfs)"
2009-02-09 01:54:05
User: bones7456
Functions: df grep
-1

show physical disk using, except tmpfs, gvfs, and so on.