commandlinefu.com is the place to record those command-line gems that you return to again and again.
Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.
If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/
You can sign-in using OpenID credentials, or register a traditional username and password.
First-time OpenID users will be automatically assigned a username which can be changed after signing in.
Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.
Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):
Subscribe to the feed for:
This will check all .HTML file contents for the word "Hacked" and dump it to hacklog.txt. This is great for located all those files affected by nasty Joomla exploits. Change the .HTML to any other extension you wish to check, and of course the word "HACKED" for other searches.
This will tell you who has the most Apache connections by IP (replace IPHERE with the actual IP you wish to check). Or if you wish, remove | grep -c IPHERE for the full list.
List top 20 IP from which TCP connection is in SYN_RECV state.
Useful on web servers to detect a syn flood attack.
Replace SYN_ with ESTA to find established connections
Find all files that contain string XXX in them, change the string from XXX to YYY, make a backup copy of the file and save a list of files changed in /tmp/fileschanged.
Find random strings within /dev/urandom. Using grep filter to just Alphanumeric characters, and then print the first 30 and remove all the line feeds.
Prints a graphical directory tree from your current directory
I sometimes want to know what packages are installed on my Ubuntu system. I still haven't figured out how to use aptitude effectively, so this is the next best thing. This allows finding by name.
The grep '^ii' limits the display to only installed packages. If this is not specified, then it includes listing of non-installed packages as well.
Change the -p argument for the port number. See "man nmap" for different ways to specify address ranges.
Check if Fail2Ban is running on the system and alert it with a message in the terminal
Surround the first letter of what you are grepping with square brackets and you won't have to spawn a second instance of grep -v. You could also use an alias like this (albeit with sed):
alias psgrep='ps aux | grep $(echo $1 | sed "s/^\(.\)/[\1]/g")'
Shows the current directory and those below it in a simple tree structure. Recommended use:
* = where
checking files in current and sub directories, finding out the files containing "sampleString" and removing the containing lines from the file.
* Beware that The command will update the original file [no backup].
The command can be extended if play with 'find' command together,
e.g. it is possible to execute on certain type of files: *.xml, *.txt... (find -name "*.xml" | grep....)
if anybody knows a better solution on that, please drop a comment. thx.
Counts number of lines of code in *.h and *.cc files
show physical disk using, except tmpfs, gvfs, and so on.