*-================================ -*
* Network
*-================================ -*
; Restart the network
$/Etc/init. d/network restart
$ Service network restart
; DHCP
; Re-obtain the IP address on ethX
$ Dhclient ethX
"DOMAIN", "NOERR" indicates no error, and "NXDOMAIN" indicates no DOMAIN. If the DNS service is configured, check whether the record and region file record are correct. If the tracked server is another DNS server, check the domain name you entered,
$ Dig @ DNS DOMAIN
$ Dig @ 8.8.8.8 baidu.com
$ Nslookup DOMAIN
; Modify Network DNS
$ Vi/etc/resolv. conf
Nameserver server1
Nameserver server2
; Modify the interface IP Address
$ Vi/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE = eth0
ONBOOT = YES
BOOTPROTO = static
IPADDR = x. x
NETMASK = x. x
GATEWAY = x. x
Modify the gateway, host name, and whether to enable the network. Note that some applications may need to correctly configure the host name to work properly.
$ Vi/etc/sysconfig/network
NETWORKING = YES
HOSTNAME = SAM
GATEWAY = x. x
Command to modify the IP address and gateway
$ Ifconfig eth0 x. x netmask x. x
$ Route add 0.0.0.0/0 gw x. x
; Access the NFS server
$ Mount-t nfs x. x. x:/MP/SHARE/mnt/nfs
$ Umount/mnt/nfs
; Access SMB
$ Mount-t cifs-o username = xxx, password = yyy // Server/SHARE/mnt/MountPoint
$ Umount/mnt/MountPoint
; Routing
$ Ip route add 192.168.0.0/24 via 192.168.0.1
$ Ip route add 192.168.0.0/24 dev eth0
$ Ip route del 192.168.0.0/24 via 192.168.0.1
$ Ip route add default via 192.168.0.1
$ Ip route flush cache; FLUSH FIB
; The command is 'route add x. x/x [-p] 'under windows series system
; IP tunneling
$ Modprobe ipip
$ Ip tunnel add Tunnel1 mode ipip remote x. x local x. x ttl 255
$ Ifconfig Tunnel1 x. x
$ Ip route add x. x/x dev Tunnel1
; VLAN
$ Lsmode | grep 8021q
$ Modprobe 8021q
+ Network statistics
$ Netstat-sw; collects statistics on various packets in RAW format
$ Netstat-I 'eth0'; view total interface traffic
$ Ifconfig lo | egrep 'rx | TX '; Same as above
$ Ifconfig | egrep 'link | RX | TX '; view the total traffic of all interfaces.
$ Netstat-rCF; view route table, cache, and forwarding table
$ Dstat; view the NETWORK Column
View opened ports and processes
$ Netstat-anp; netstat-tulnp
*-================================ -*
* System
*-================================ -*
-Time Zone & time
$ Cp/usr/share/zoneinfo/Asia/Shanghai/etc/localtime
$ Date-R
$ Ntpdate us.pool.ntp.org; synchronize the clock with the NTP server
$ Date-s M/D/Y; in the specified format
$ Date-s H: M: S
$ Date + % S returned seconds
$ Date + % s total number of seconds returned
$ Date + % s % N real random number
$ Date + % s % N % Y
$ Clock-w; write clock into CMOS
$ Hwclock -- hctosys; write the CMOS clock into the system clock
-Language
* Export LANG = en_US
* LC_ALL = en_US
* Vi/etc/default/locale
-System release Problems
* Lsb_release-
* Head-n1/etc/issue
* Uname-a; See CPU
* Getconf LONG_BIT; number of system digits
-Hardware
* Disk SMART
; View information: smartctl-I/dev/sda
; Enabled: smartctl -- smart-on -- offlineauto = on -- saveauto = on/dev/sda
Health status: smartctl-H/dev/sda
* PCI Bus
View: $ lspci [-TV]
; Hardware and BIOS: $ dmidecode | less
; USB Bus: $ lsusb [-TV]
; SCSI bus SCSI OIR
$ Cat/proc/scsi
$ Echo "scsi add-single-device ControllerID ChannelID SCSI-ID LUN-ID">/proc/scsi
$ Echo "scsi remove-single-device ControllerID ChannelID SCSI-ID LUN-ID">/proc/scsi
$ Echo "scsi add-single-device 0 0 1 0">/proc/scsi
$ Echo "---">/sys/class/scsi_host/hostX/scan
The Controller ID. If it is a common server, there is only one controller. The channel ID is also 0 and SCSIID in VMWARE. This will be different, and the LUNID is generally 0.
$ Service kudzu start; can be used to scan for hardware changes
; Hard Disk
* View UUID: blkid
* View and modify the volume label e2label <device> [newLabel]
* Mount by volume Label: mount/Label
* View partitions: fdisk-l [device]
* Create and modify partitions: fdisk/dev/sda
* Disk clone: dd if =/dev/sda of =/dev/sdb
* MBR backup: dd if =/dev/sda of =/root/disk. mbr bs = 512 count = 1
* Disk decommission: dd if =/dev/zero of =/dev/sda
* Format the partition: mkfs-t Fs/dev/sdb1
* Mount Disk: mount/dev/sda1/cc
* View usage: df-h
* GPT-supports hard disks larger than 2 TB
View partitions: parted/dev/sda & print [free]
Create a partition: parted/dev/sda & mklabel gpt & mkpart
Load GPT partitions </etc/fstab>: UUID = <UUID>/cc OPTIONS
* REMOVABLE & USB & NTFS
Eject; pop-up
Mount-t ntfs-3g/dev/sdb1/mnt/USBRAM-o force; NTFS USBRAM
Mount-o loop-t iso9660 x. iso/media/ISO; load the ISO file
Dd if =/dev/cdrom of = x. iso; create an ISO from the CD
-Device management
; LOOP
$ Modprobe loop; load the LOOP driver. The LOOP can virtualize the file.
$ Dd if =/dev/zero of =/root/SS bs = 1 k count = 100; Create file backup
$ Ls-lL/dev/loop0; view LOOP0 Information
$ Mknod/dev/SS-m 640 B 7 0; create a LOOP device based on relevant information
$ Losetup/dev/SS/root/SS; install the file to/dev/SS
$ Mkfs-t ext3/dev/SS; format the partition. The subsequent loading is omitted.
$ Losetup-d/dev/SS; unbind
; RAMFS; use the physical memory as a disk (for high-performance computing)
$ Moount-t ramfs none/RAM-o maxsize = SIZE
; TMPFS; temporary file system, RAM or hard disk
$ Mount-t tmpfs/RAM-o size = 32 M
-System inittab File
* Init Ss123456Qq
* After modifying the INITTAB, you can use the "init Q" command to reload it, or you can use kill-HUP 1.
* Stop CTRL + ALT + DEL: # ca: ctrlaltdel:/sbin/shutdown-r now-t3
* System initialization script: si: sysinit:/etc/rc. d/rc. sysinit
* Default start level: id: 3: initdefault:
*-= -*
* System Security
*-= -*
-Kernel
; View the kernel forwarding status
$ Sysctl net. ipv4.ip _ forward
$ Sysctl-w net. ipv4.ip _ forward = 1; Enabled
$ Echo 1>/proc/sys/net/ipv4/ip_forward; Same as above
-Modify file attributes
$ Chattr + I; cannot be deleted
$ Chattr + a; Append only
$ Chattr + B; File Access time not updated
$ Chattr + S; instant update without entering the CACHE
$ Chattr + s; confidential file, cannot be recovered after deletion
-Security Log
$ Tail/var/log/secure *; SSH & PAM
$ Tail/var/log/httpd/* _ access_log
$ Tail/var/log/cron; Scheduled Task Log
$ Kill-HUP id; Use smooth restart instead of Terminate to restart the service.
*-= -*
* Shell
*-= -*
; Directory bookmarks
$ SS = '/home/CAMPUS/CC'
$ Cd $ SS
Duplicate commands, directory switch commands, and Exit commands are not recorded
$ Export HISTIGNORE = "&: cd: exit: ls"
; Run the previous command in privileged Mode
$ Sudo !!
; Share the current folder as HTTP, port 8000
$ Python-m SimpleHTTPServer
Vi command to save files that require ROOT permission
: W! Sudo tee %
: Q!
; Back to the previous directory
$ Cd-
; Replace the parameters in the command line
$ !! : S/PAT/TEXT/
; Empty a file S
$:> S
; SSH reverse proxy
$ Ssh-N L2001: TARGET: 80 id @ HOST
Forward the data on port 2001 of the local machine to the TARGET through the HOST. The id is the login credential.
; HOSTS file: echo '127. 0.0.1 TARGET '>/etc/hosts
Terminal reset/garbled code: $ reset
; Midnight parade: $ echo COMMAND | at midnight
; Send voice over SSH: $ dd if =/dev/dsp | ssh id @ HOST dd of =/dev/dsp
; SSH stepping stone: $ ssh-t id @ HOST1 id @ HOST2 id @ HOST3... id @ TARGET
*-= -*
* Network Security
*-= -*
-NMAP
* Obtain the host type and Port
$ Nmap-sS-P0-sV TARGET
;-SS => TCP. SYN scan, also called half scan, stealth Scan
;-P0 => do not use ICMP PING
;-SV => detect the operating system version
;-O => try to identify the remote operating system
;-A => simultaneous operating system version and fingerprint detection
;-V => display progress
* List hosts with specified ports Enabled
$ Nmap-sT-p 80-oG TARGET | grep open
;-ST => use TCP
;-P 80 => scan port 80
* Search for online hosts
$ Nmap-sP TARGETS
;-SP => Use PING to search
* Search for unused IP addresses on the subnet
$ Nmap-T4-sP TARGETs & egrep "00: 00: 00: 00: 00"/proc/net/arp
*-===================================== -*
* Online help
*-===================================== -*
* Man 5 proc; PROC FS
* Man 5 filesystem; FS
* Man 7 bootparam
* Man 7 charset
*-===================================== -*
* Garbled Problem
*-===================================== -*
; Software Package
$ Yum install fonts-chinese -*
$ Yum install fonts-ISO8859-2 -*
$ Yum install xorg-x11-fonts *
Vi/etc/sysconfig/i18n
*-===================================== -*
# LANG = "zh_CN.UTF-8"
LANG = "zh_CN.GB18030"
LANGUAGE = "zh_CN.GB18030: zh_CN.GB2312: zh_CN"
SUPPORTED = "zh_CN.UTF-8: zh_CN: zh: en_US.UTF-8: en_US: en"
SYSFONT = "lat0-sun16"
# SYSFONT = "latarcyrheb-sun16"
*-===================================== -*
; Virtualization
; Yum groupinstall "Virtualization"
; Yum groupremove "Virtualization"
*-= -*
* Linux Startup Problems
*-= -*
GRUB commands that are least needed to start the system
; Specifies where to find the startup Kernel
$ Root = (hdx, y)
Specifies the location of the kernel as "/" and the Kernel File
$ Kernel =/vmlinuz-* ro root =/dev/sda6
Which of the following is the system's initialization RAM/INITRD, which generally corresponds to the kernel version?
$ Module/initrd-*. img; which image is initialized by the system?
Create INITRD and the kernel file is required to exist
$ Cd/boot & ls
$ Mkinitrd initrd-$ (uname-a). img $ (uname-)
; Kernel Installation
$ Mkdir/mnt/CDROM
$ Mount-t iso9660/dev/hdX/mnt/CDROM
$ Cd/mnt/CDROM/RPMS
$ Rpm-ivh -- force kernel-*. rpm
In rescue mode, the optical drive is HDX instead of CDROM.
In the Start Menu, press "C" to enter the command line, and press "E" to enter the parameter editing (after which B starts)
The kernel needs to be reinstalled in the installation mode.
; Rescue mode: linux rescue
; Permission issues
R/READ
W/WRITE
X/EXECUTE
S/SETUID
T/STICKY
; T-sticky bit, which is only valid for directories. Only the creator can delete files in the directory.
; S-when running a program, the user can have the permissions of the program owner in a timely manner. In other words, if the program owner is ROOT, any user has the permission to run the program.
All its users have the ROOT permission.
*-================================ -*
* SSH
*-================================ -*
* SSH exit code "~ <Control-Z> <CR> "is used to log on to another host using SSH on the SSH host. CR indicates the carriage return.
* SSH query code "~ S"
*-================================ -*
* Linux SYSRQ
*-================================ -*
* System response: <ALT + SysRQ + Key>
$ Echo 1>/proc/sys/kernel/sysrq
* Key List
; 'K'-kill all processes under the virtual terminal (VC)
;'S '-Synchronize the file system and restart it. It is best to perform this operation when shutting down. Its command is "$ sync"
; 'B'-immediate system restart, dangerous
; 'E'-sends "TERM" signals to all processes except INIT
; 'M'-output current memory information to the console
; 'O'-immediately shut down the system, dangerous
; 'P'-print the current Register for debugging
; 'U'-Reload the file system in read-only mode
; 'F'-Kill processes with excessive memory usage
; 'H'-help
* Call SYSRQ
; Method 1: Press and hold ALT + SYSRQ and command key
Method 2: Write the command key to/proc/sysrq-trigger. The following command immediately closes the system
$ Echo 'O'>/proc/sysrq-trigger
* System Security shutdown and restart
$ Echo 'E'>/proc/sysrq-trigger; Terminate Processes
$ Echo 'K'>/proc/sysrq-trigger; Kill
$ Echo's '>/proc/sysrq-trigger; Sync
$ Echo 'U'>/proc/sysrq-trigger; mount-o ro-
$ Echo 'O'>/proc/sysrq-trigger
The commands can also be completed by using a combination of keys. Once a "K" or "E" signal is sent to the system, the preceding commands cannot be used. Instead, you must use a combination of keys.
*-= -*
* Linux Performance Tuning
*-= -*
Determine CPU-intensive processes in the system
; Find CPU-intensive threads for multithreading jobs, such as <Java>
$ Ps-mp $ Pid-o THREAD, tid, time
$ Ps-Lfp $ Pid
$ Top-Hp $ Pid
; Search for CPU-intensive applications
$ Ps-Lef
$ Ps aux | sort-k3-r; % CPU
$ Ps aux | sort-k4-r; % MEM
$ Vmstat # INT; # INT indicates the interval. Pay attention to the "Si/So" column.
Determine whether there is an IO bottleneck in the system
$ Iostat-c # INT; % IOWAIT
; Obtain disk-related data in the system
$ Iostat-d; view disk activity, throughput, and TPS
$ Iostat-x; view throughput and TPS
$ Dstat
Perform stress tests on the WEB, <-c> concurrent connections, and <-n> total connections
$ AB-c 10-n 100 http://www.baidu.com/
; View the file opening status
$ Lsof-p $ Pid; files opened by process $ PID
$ Lsof-I: 80; processes that open port 80
$ Lsof/tmp/Sess_xxxxx; locate the process for opening the file
; Named pipeline, suitable for sequential work
; Suitable for multiple input operations
$ Mkfifo o
$ Echo Hello> o &
$ Echo World> o &
$ Echo 'I \ 'am fc'> o &
$ Cat o
; Think about the result of the last command above.
This article IS from "nothing is serious !" Blog