• linux命令单次或组合样例


    ###解压命令
    .tar.gz    格式解压为    tar   -zxvf   xx.tar.gz
    .tar.bz2   格式解压为     tar   -jxvf    xx.tar.bz2

    ###
    E:TDDOWNLOAD新建文件夹 (2)>dir >D:programPuTTYa.txt
    E:TDDOWNLOAD新建文件夹>dir >>D:programPuTTYa.txt
    D:programPuTTY>pscp.exe a.txt root@192.168.1.104:/root/
    [root@localhost film]# tr -s ' ' ' ' <a.txt >b.txt
    [root@localhost film]# cat name |grep "^[" >name-1


    ####查看进程pid的标准做法,pid文件全在/var/run/目录下
    cat /var/run/httpd.pid
    kill -TERM `cat /var/run/httpd.pid`

    ####查找大批量的文件时最合适了
    [root@rac02 u01]# find /u01 -size +10M -type f|grep log_[0-9][0-9].xml
    [root@rac02 u01]# find /u01 -size +10M -type f|grep l[0-9][0-9]

    ####单行变多行
    [root@250-shiyan log]# echo /etc/init/avahi-{daemon,lol,what}.conf
    /etc/init/avahi-daemon.conf /etc/init/avahi-lol.conf /etc/init/avahi-what.conf
    [root@250-shiyan log]# echo /etc/init/avahi-{daemon,lol,what}.conf|xargs -n 1
    /etc/init/avahi-daemon.conf
    /etc/init/avahi-lol.conf
    /etc/init/avahi-what.conf

    ####改名
    [root@250-shiyan frag]# mv aabb.{dd,ee}
    [root@250-shiyan frag]# ls
    aabb.bak  aabb.ee  age  check-root.sh  eth.sh  for.sh  here.sh  jj  while2.sh  while.sh
    [root@250-shiyan frag]# cp mail.rc{,.bak}

    [root@rac02 log]# grep "Failed password for root" /var/log/secure.1|wc -l
    27625
    [root@rac02 log]# grep "Failed password for root" /var/log/secure.2|wc -l
    63933
    [root@rac02 log]# grep "Failed password for root" /var/log/secure.3|wc -l
    51078
    [root@rac02 log]# grep "Failed password for root" /var/log/secure.4|wc -l
    82726
    [root@rac02 log]# ll secure*
    -rw------- 1 root root  8031968 Oct 27 09:41 secure
    -rw------- 1 root root 37622253 Oct 26 04:03 secure.1
    -rw------- 1 root root 48321044 Oct 19 04:03 secure.2
    -rw------- 1 root root 37040497 Oct 12 04:04 secure.3
    -rw------- 1 root root 29897126 Oct  5 04:03 secure.4
    ###来统计一下有多少人在暴力破解我的 root 密码吧
    [root@rac02 log]# grep "Failed password for root" /var/log/secure | awk '{print $11}' | sort | uniq -c | sort -nr | more
    ###很明显我禁用了 root 登录,人家也不是那么笨,开始暴力猜用户名
    [root@rac02 log]# grep "Failed password for invalid user" /var/log/secure | awk '{print $11}' | sort | uniq -c | sort -nr | more

    ###快速备份文件
    [root@250-shiyan ~]# cp mail.rc{,.bak}
    ###循环显示pid为3066的pmap命令的结果,如果watch不方便的话,就用循环 [root@C44
    ~]# while true; do pmap -d 3066 | tail -1; sleep 2; done
    [root@250-shiyan sh]# while sleep 2;do pstree;done
    [root@109-com1 ~]# while sleep 1;do echo `/usr/sbin/ss -n|grep ESTAB|awk '($2 && $3)!~/0/{printf $0}'`;done
    ###查看和本机80端口建立连接并状态在established的所有ip [root@221-comecs ~]# netstat -an |grep 10001 |grep ESTA |awk '{print$5 " "}' |awk 'BEGIN {FS=":"} {print $1 " "}' |sort |uniq   ###查看系统tcp连接中各个状态的连接数。 [root@221-comecs ~]# netstat -an|awk '/^tcp/ {++S[$NF]} END {for (a in S) print a,S[a]}' ESTABLISHED 16 LISTEN 12 ###查看udp所属进程,udp没有连接的概念,只能用tcpdump抓包才能看到有数据产生,tcp用netstat来查看。 ###udp 查看com上的asterisk进程与cache的连接 [root@com1 ~]# tcpdump port 50001    [root@com1 ~]# netstat -anp|grep 41934 udp 0 0 0.0.0.0:41934 0.0.0.0:* 20917/asterisk ###过滤出1521的连接,并排序第4列的字段,即local address [root@109-com1 asterisk]# netstat -nap|grep 1521 |sort -k 4   Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name ###持续观察命令输出,-d 高亮显示变化 [root@coreserv ~]# watch -d 'netstat -an|grep 10001' [root@coreserv ~]# watch -d 'asterisk -rx "fltcs show client"' [root@com1 ~]# watch -d 'ipvsadm -l --stats' [root@com1 ~]# watch uptime [root@com1 ~]# watch -t uptime [root@com1 ~]# watch -d -n 1 netstat -ntlp [root@com1 ~]# watch -d 'ipvsadm -l --stats' [root@com1 ~]# watch -d 'netstat -an|grep 10000' [root@com1 ~]# tcpdump port 50001 udp [root@com1 ~]# tcpdump tcp port 1521 -c 20 -vv -w udp.pcap [root@com1 ~]# netstat -anp|grep 41934 ###监测goface的文件 [root@com1 ~]# watch -d ’ls -l | fgrep goface’ [root@com1 ~]# watch -t -differences=cumulative uptime ###监控mail [root@com1 ~]# watch -n 60 from ###监测磁盘inode和block数目变化情况 [root@com1 ~]# watch -n 1 'df -i;df' ###测试http连接的请求时间 [root@CentOS5 dev]# curl -o /dev/null -s -w '%{time_connect}:%{time_starttransfer}:%{time_total}' http://www.vmware.com


    电影字幕
    Dialogue: 0,0:00:11.00,0:00:20.00,Default,,0000,0000,0000,,翻译:Duck two 基吉星团 Candice Emma 海鱼 N城际以北 吭哧 lalala sorgenfri 以诺 杂食季 轻音 N校对:杳杳 CC西 william2568
    Dialogue: 0,0:01:28.75,0:01:30.95,Default,,0000,0000,0000,,这是一次电话线路自动测试N{fnMicrosoft YaHeifs142a&HF0&4a&H32&}This is an automated test of your digital phone line.{ }
    Dialogue: 0,0:01:31.13,0:01:32.96,Default,,0000,0000,0000,,抱歉打扰了N{fnMicrosoft YaHeifs142a&HF0&4a&H32&}Sorry for the interruption.{ }
    Dialogue: 0,0:01:34.21,0:01:35.55,Default,,0000,0000,0000,,查理 维克多 威士忌N{fnMicrosoft YaHeifs142a&HF0&4a&H32&}Charlie. Victor. Whiskey.{ }

    
    

    匹配每一行直到Default之前的内容,notepad中先替换成1,不能直接删除
    ^([^t]*)t
    匹配每一行大括号里的内容,并删除之
    {\[^{}]*}

    [root@localhost ~]# lsmod |wc -l
    59
    [root@localhost ~]# modprobe -l|wc -l
    1973
    [root@localhost ~]# modprobe -l|grep ipvs
    kernel/net/netfilter/ipvs/ip_vs.ko
    kernel/net/netfilter/ipvs/ip_vs_rr.ko
    kernel/net/netfilter/ipvs/ip_vs_wrr.ko
    kernel/net/netfilter/ipvs/ip_vs_lc.ko
    kernel/net/netfilter/ipvs/ip_vs_wlc.ko
    kernel/net/netfilter/ipvs/ip_vs_lblc.ko
    kernel/net/netfilter/ipvs/ip_vs_lblcr.ko
    kernel/net/netfilter/ipvs/ip_vs_dh.ko
    kernel/net/netfilter/ipvs/ip_vs_sh.ko
    kernel/net/netfilter/ipvs/ip_vs_sed.ko
    kernel/net/netfilter/ipvs/ip_vs_nq.ko
    kernel/net/netfilter/ipvs/ip_vs_ftp.ko
    kernel/net/netfilter/ipvs/ip_vs_pe_sip.ko
    [root@localhost ~]# modprobe -l|grep kvm
    kernel/arch/x86/kvm/kvm.ko
    kernel/arch/x86/kvm/kvm-intel.ko
    kernel/arch/x86/kvm/kvm-amd.ko
    [root@localhost ~]# modprobe -l|grep ipta
    kernel/net/ipv4/netfilter/iptable_filter.ko
    kernel/net/ipv4/netfilter/iptable_mangle.ko
    kernel/net/ipv4/netfilter/iptable_nat.ko
    kernel/net/ipv4/netfilter/iptable_raw.ko
    kernel/net/ipv4/netfilter/iptable_security.ko

    3.

    [root@localhost ~]# which passwd
    /usr/bin/passwd
    [root@localhost ~]# whereis passwd
    passwd: /usr/bin/passwd /etc/passwd /usr/share/man/man1/passwd.1.gz /usr/share/man/man5/passwd.5.gz
    [root@localhost ~]# locate passwd
    /etc/passwd
    /etc/passwd-
    /etc/pam.d/passwd
    /etc/security/opasswd
    /lib64/security/pam_passwdqc.so
    /lib64/security/pam_unix_passwd.so
    [root@localhost ~]# find / -name passwd
    /selinux/class/passwd
    /selinux/class/passwd/perms/passwd
    /usr/bin/passwd
    /etc/pam.d/passwd
    /etc/passwd
    [root@localhost ~]# mkdir wode
    [root@localhost ~]# locate wode
    [root@localhost ~]# updatedb
    [root@localhost ~]# locate wode
    /root/wode
    [root@localhost ~]# type type
    type is a shell builtin
    [root@localhost ~]# type cd
    cd is a shell builtin
    [root@localhost ~]# type if
    if is a shell keyword
    [root@localhost ~]# type ssh
    ssh is /usr/bin/ssh
    [root@localhost ~]# type -p ssh
    /usr/bin/ssh
    [root@localhost ~]# type ls
    ls is aliased to `ls --color=auto'
    [root@localhost ~]# type cp
    cp is aliased to `cp -i'
    
    [root@localhost wode]# ls -altr
    [root@localhost wode]# ls -alt
    总用量 140
    drwxr-xr-x. 2 root root   4096 2月  27 12:53 .
    dr-xr-x---. 7 root root   4096 2月  27 12:53 ..
    -rw-r--r--. 1 root root    219 2月  17 02:12 fi
    -rw-r--r--. 1 root root     97 2月  16 13:02 ee
    -rw-r--r--. 1 root root     97 2月  16 13:02 dd
    -rw-r--r--. 1 root root 122479 2月  16 11:02 aa
    [root@localhost ~]# du -ab --max-depth=1|sort -n
    18      ./.bash_logout
    58      ./.lesshst
    66      ./.xauth1RcH8v
    100     ./.cshrc
    129     ./.tcshrc
    176     ./.bash_profile
    176     ./.bashrc
    219     ./si
    586     ./.sqlite_history
    1160    ./.mysql_history
    ###查找文件内容
    [root@localhost ~]# find / -name "*.c" | xargs grep "printf"
    [root@localhost ~]# find / -name "*.h" | xargs ls -alt|more
    [root@localhost ~]# find / -name "*.c" | xargs grep "printf"|more
    [root@localhost ~]# find ./ ! -type d
    ./.lesshst
    ./.sqlite_history
    ./.gconfd/saved_state
    ./.bashrc

    2.

    [root@Firewall ~]# snmpwalk  -v 2c -c public localhost
    [root@Firewall ~]# iptables -I INPUT -p UDP --dport 161 -j ACCEPT
    [root@Firewall ~]# lsof -i:161
    COMMAND   PID USER   FD   TYPE  DEVICE SIZE NODE NAME
    snmpd   19624 root    8u  IPv4 4621955       UDP *:snmp
    [root@109-com1 asterisk]# lsof -Pnl +M -i4|grep 40002
    asterisk  16858        0    9u  IPv4 1603908      0t0  UDP *:40002
    [root@109-com1 asterisk]# lsof -Pnl +M -i4|grep LISTEN|grep 10000
    asterisk  16858        0  154u  IPv4 1604159      0t0  TCP *:10000 (LISTEN)
    ###-O n 以数字显示
    [root@coreserv ~]# snmpwalk -c 123456 -O n -v 2c 192.168.2.254
    ###samba用户首先是系统用户,修改samba用户密码
    [root@fileserv samba]# smbpasswd lizongbin
    ###nagios相关操作
    [root@CentOS5 dev]# htpasswd -c /usr/local/nagios/htpasswd.users 用户名 新密码
    [root@rac02 cache-bin]# java -jar ~/cache-monitor.jar localhost 10003
    ###过滤配置文件
    [root@coreserv ~]# less /etc/php.ini|grep -v "^;"|grep -v "^$"
    ###删除每行前导空格
    [root@coreserv ~]# sed -e ‘s/^[ /t]*//g’ ###去掉每行结尾的空格 [root@coreserv ~]# sed -e ‘s/[ ]*$//g’ 文件名
    ###sed怎么删除最后3行?
    tac file|sed 1,3d|tac
    sed '$d' file|sed '$d' |sed '$d'
    grep "<80>"    精确匹配80,而不是8005或808都匹配,
    [root@8a2serv com1_bak]# crontab -l */60 * * * * /usr/sbin/ntpdate 192.168.2.1 && /sbin/clock -w > /dev/null 2>&1 0 */1 * * * sh /etc/asterisk/logger.sh 10 12 */1 * * find /u01/asterisk/messages-201* -ctime +3 | xargs rm -f [root@Firewall my]# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm [root@Firewall my]# rpm -ivh rpmforge-release-0.5.2-2.el5.rf.i386.rpm [root@Firewall my]# yum install ntop [root@Firewall my]# ntop & [root@Firewall ~]# vi /etc/iptables_fw.sh [root@Firewall ~]# iptables -A INPUT -p tcp --dport 3000 -j ACCEPT [root@Firewall ~]# iptables -A OUTPUT -p tcp --sport 3000 -j ACCEPT [root@Firewall ~]# sh /etc/iptables_fw.sh [root@coreserv s]# tar czf gosh.tar.gz gosh [root@coreserv s]# scp -P 2002 gosh.tar.gz 192.168.2.101:~/ [root@8a2serv ~]# fuser -k /dev/pts/*  断开所有用户的连接 [root@test1 ~]# fuser -u /usr/sbin/sshd /usr/sbin/sshd: 2438e(root) 3754e(root) 6066e(root) [root@test1 ~]# fuser -v /usr/sbin/sshd USER PID ACCESS COMMAND /usr/sbin/sshd: root 2438 ...e. sshd root 3754 ...e. sshd root 6066 ...e. sshd [root@test1 ~]# ps -ef|grep ssh root 2438 1 0 08:27 ? 00:00:00 /usr/sbin/sshd root 3754 2438 0 09:02 ? 00:00:00 sshd: root@pts/0 root 6066 2438 0 16:40 ? 00:00:00 sshd: root@pts/1 root 6144 6070 0 16:45 pts/1 00:00:00 grep ssh [root@test1 ~]# fuser 10001/tcp -v USER PID ACCESS COMMAND 10001/tcp: root 2946 F.... asterisk [root@test1 ~]# fuser 50001/tcp -v [root@test1 ~]# fuser 50001/udp -v USER PID ACCESS COMMAND 50001/udp: root 2808 F.... java

    1.网络

    [root@225-oth ~]# ss -lnup|grep 50001
    UNCONN     0      0                        :::50001                   :::*      users:(("java",31662,30))
    [root@225-oth ~]# ss -lnp|grep 10003
    LISTEN     0      50                       :::10003                   :::*      users:(("java",31662,31))
    [root@250-shiyan ~]# ss -lnu State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 *:748 *:* UNCONN 0 0 *:44015 *:* UNCONN 0 0 *:111 *:* UNCONN 0 0 *:54901 *:* UNCONN 0 0 *:767 *:* UNCONN 0 0 *:56448 *:* UNCONN 0 0 *:2049 *:* UNCONN 0 0 *:161 *:* UNCONN 0 0 *:49698 *:* UNCONN 0 0 *:42720 *:* UNCONN 0 0 :::748 :::* UNCONN 0 0 :::111 :::* [root@250-shiyan ~]# ss -ln State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 :::111 :::* LISTEN 0 128 *:111 *:* LISTEN 0 128 *:46992 *:* LISTEN 0 128 :::22 :::* LISTEN 0 128 *:22 *:* LISTEN 0 128 *:52279 *:* LISTEN 0 128 *:51768 *:* LISTEN 0 100 ::1:25 :::* LISTEN 0 100 127.0.0.1:25 *:* [root@109-com1 ~]# ss -s Total: 457 (kernel 470) TCP: 276 (estab 268, closed 0, orphaned 3, synrecv 0, timewait 0/0), ports 74 Transport Total IP IPv6 * 470 - - RAW 0 0 0 UDP 77 77 0 TCP 276 274 2 INET 353 351 2 FRAG 0 0 0 [root@109-com1 ~]# ss -on|grep -v "1521"|more State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.2.215:10000 117.136.25.137:36837 timer:(keepalive,75min,0) ESTAB 0 0 192.168.2.215:10000 117.136.25.182:52393 timer:(keepalive,53min,0) ESTAB 0 0 192.168.2.215:10000 117.136.25.142:50951 timer:(keepalive,113min,0) ESTAB 0 20 192.168.2.215:10000 117.136.25.137:48439 timer:(on,1.236ms,0) ESTAB 0 0 192.168.2.215:10000 117.136.25.179:17432 timer:(keepalive,66min,0) [root@109-com1 ~]# ss -pn|more State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.2.215:10000 117.136.25.137:36837 users:(("asterisk",17765,330)) ESTAB 0 0 192.168.2.215:10000 117.136.25.182:52393 users:(("asterisk",17765,268)) ESTAB 0 0 192.168.2.109:58313 192.168.2.2:1521 users:(("asterisk",17765,68)) ESTAB 0 0 192.168.2.215:10000 117.136.25.142:50951 users:(("asterisk",17765,257)) FIN-WAIT-1 0 1 192.168.2.215:10000 223.104.11.175:52946 ESTAB 0 736 192.168.2.109:22 192.168.2.80:52721 users:(("sshd",17621,3)) [root@250-shiyan ~]# service network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Determining if ip address 192.168.2.250 is already in use for device eth0... [ OK ] [root@localhost ~]# ifconfig eth1 Link encap:Ethernet HWaddr 00:0C:29:75:34:A8 [root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 HWADDR=00:0C:29:75:34:A5 [root@localhost ~]# cat /etc/udev/rules.d/70-persistent-net.rules # PCI device 0x8086:0x100f (e1000) SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:75:34:a8", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0" [root@localhost ~]# ifup eth0 up [root@localhost ~]# route add default gw 172.16.1.126 [root@localhost ~]# ifconfig eth0 192.168.2.128/24 up 简单快速临时配置ip [root@localhost ~]# ip link set eth0 up [root@localhost ~]# ip addr add 172.16.1.40/25 dev eth0 [root@localhost ~]# ip route add default via 172.16.1.126 dev eth0 [root@Firewall ~]# netstat -ntpl 查看所有监听端口 Active Internet connections (only servers) [root@Firewall ~]# netstat -natlp 查看已建立连接 Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

    [root@084-monitor newmonitor]# cat log
    192.168.2.223 1521 27758/tnslsnr
    192.168.2.220 1521 3535/tnslsnr
    192.168.2.2 1521 9815/tnslsnr
    192.168.2.2 1521 9815/tnslsnr
    192.168.2.1 1521 27467/tnslsnr
    192.168.2.1 1521 18372/tnslsnr
    192.168.2.1 1521 18372/tnslsnr


    192.168.2.224 10000 14024/asterisk
    192.168.2.224 10001 14024/asterisk
    192.168.2.224 40006
    192.168.2.224 40004
    192.168.2.224 40001

  • 相关阅读:
    多线程下System.Security.Cryptography.Aes CreateDecryptor报“Safe handle has been closed”的解决方案
    使用ConfuserEx加密混淆程序以及如何脱壳反编译
    使用Dotfuscator加密混淆程序以及如何脱壳反编译
    利用Javascript解决HTML大数据列表引起的网页加载慢/卡死问题。
    cefsharp 在高DPI下闪烁的问题
    spark 笔记 8: Stage
    spark 笔记 9: Task/TaskContext
    spark 笔记 7: DAGScheduler
    spark 笔记 5: SparkContext,SparkConf
    spark 笔记 6: RDD
  • 原文地址:https://www.cnblogs.com/createyuan/p/3841194.html
Copyright © 2020-2023  润新知