Linux Project Utility Commands

Summarize the commands that are commonly used under Linux

nc

NC command, which is commonly carried by Linux, is known as the "Swiss Army Knife". Both Windows and Linux have a platform tool that you can download and install accordingly. The use of UDP and TCP protocol network connection to read and write data, is a stable backdoor tool. It is also a powerful network debugging and sniffing tool.

Use format:

NC [-options] hostname port[s] [ports] ... Connect to a Place

Nc-l-P port [options] [hostname] [port] bind port waiting for connection

The parameters are:

-e Prog program redirection, once the connection is executed. It also has security implications.

-I secs delay interval

-L listening mode for inbound connections

-N Set the IP address of the number, cannot use the host name

-P Port

-O file record 16-binary transfer

-R arbitrarily specify local and remote segment ports

-S addr Local Source Address

-U UDP mode

-v Verbose output with two-V to get more detailed content

-W secs timeout

-Z turns the input and output off for scanning

The port number can specify a single, the latter a range

Of course NC Can and watch command configure dynamic real-time monitoring

Netstat

The netstat command is used to display various network related information, such as: Network connection, routing table, interface status multicast member, etc.

Netstat output can be divided into two parts: Active TCP connection and active UNIX domain socket interface

Active TCP is primarily used to monitor network transmission related

Active UNIX is used for native communication, and performance can be increased by one times

often See parameters:

-A all means to display the options used, and the default does not show listen related

-T TCP meaning only TCP-related options are shown

-u UDP means only UDP-related

-N rejects the display of aliases, can show all numbers converted into numbers

-l list only service status in listen

-P Display the program name of the CV related link

-R display routing information, routing table

-E Display Extended information

-S statistics according to each protocol

-C time interval for executing netstat

In addition listen and listening states can only be seen with-a or-l

NETSTAT-A lists all ports, including listening and non-listening

Netstat-at List TCP ports

Netstat-pt first dead PID and process name (-p)

Netstat-i Display the list of network interfaces

You can use watch and awk to extract the relevant required fields for listening

Lsof

Full Name list open files, listing the current system opening file

The application open file descriptor provides a lot of information about the application itself, so being able to view this list through the Lsof tool can be a great help for system detection and troubleshooting

Lsof Common parameters:

lsof filename Displays all processes that open the specified file

Lsof-a indicates that two parameters must be met before the results are displayed

Lsof-c string Displays the command column that contains the specified string in the process open descriptor

Lsof-u Username Displays the files that are open by the user process

Lsof-g GID shows the status of the GID process

Lsof +d/dir/displays files that are opened by the process in the directory

Lsof +d/dir/Ibid, but recursive

Lsof-n do not convert IP to hostname

Lsof-i used to display condition-compliant processes

LS-I[46] [Protocol] [@hostname |hostaddr][:service|port]

Ipv4|ipv6 tcp| Udp

LSOF-I:22 View 22 Port operating conditions

Uptime

Display results include the time the server has been running, how many users are logged in, and the overall evaluation of server performance

Load average records the last 1,5,15 minute interval, indicating the number of processes waiting to be executed in the queue, and if the CPU is blocked, the value becomes larger

The best value for load average is 1, which indicates that each process can be processed by CU immediately, and that this value should be divided by the number of physical CPUs in the system of multiple CPUs

Top

The top command shows the actual CPU usage, and the default 5s refreshes once

PID: Process identification

User: Username for process Owner

PRI: Priority of the process

Ni:nice level

Size: The amount of memory the process consumes, including code, data, and stacks

RSS: The amount of physical memory used by the process

SHARE: The number of shared memory for this process and other processes

STAT: Status of the process

S Sleep State

R Run Status

T Stop State

D Interrupt Sleep State

Z Zombie Status

%CPU: Shared CPU usage

%MEM Shared physical Memory

Time: Process consumed by CPU

Command: Start a task with an argument

Iostat

Iostat is part of the Sysstat package, showing that the average CPU time is similar to uptime after the system is booted

Can show disk subsystem usage, IOSTAT can be used to detect CPU utilization and disk utilization

%user:user level (application) CPU usage

%nice: CPU Usage for the user level with nice priority

%sys:system level (kernel) CPU usage

%idle: Idle CPU resource condition

Device: Block device name

Tps: The number of devices per second that the device transmits (I/O requests per second). Multiple individual I/O requests can be composed of one transport operation because a transfer operation can be of different capacity

BLK_READ/S,BLK--WRTN/S: The number of blocks that the device reads and writes per second, the block may be of different capacity

BLK_READ,BLK_WRTN: Total number of block devices read and written since the system started

Vmstat

The Vmstat command provides monitoring of information such as processes, memory, page I/O blocks, and CPUs, and Vmstat can display the average or sampled values of the test results

. Process (Procs)

R: Number of processes waiting for run time

B: Process in non-disruptive sleep state

W: Processes that are swapped out but can still be run, this value is calculated

. MEMORYSWPD: Number of virtual memory

Free: Amount of idle memory

Buff: The amount of memory used as a buffer

. Swap

Si: Quantity exchanged from hard disk

So: Swap to hard drive to get the number

. Io

BI: The fast number of outputs to a single block device

Bo: Number of blocks accepted from a single block device

. system

In: Number of interrupts per second, including clock

CS: Number of context switches that occur per second

% CPU Uptime

US: Non-kernel code run time (user time, nice time)

SY: Kernel code run time (System time)

ID: Idle Time

WA: Waiting for I/O operation time

Vmstat Additional parameters:

. M: Show the memory utilization of the kernel

. A: Display memory page information, including active and inactive memory pages

. N: Displays the header line, which is used when you use the sample mode and the command results are output to a file.

-P partition, Vmstat provides statistics on I/O results

Ps/pstree

System analysis of the most commonly used commands, PS provides a list of running processes

The Pstree command can display all process information in a tree-like structure, and can integrate child process information

Sar

The SAR program is also part of the Sysstat installation package for mobile, reporting, and storage System information.

SAR command three application composition

SAR: Used to display data

SA1/SA2: Used to collect and store data

The data generated by the SAR command is saved by default in the/var/log/sa/directory

You can also use SAR to get a real-time execution result from the command line, which can include CPU utilization, memory page, network I/O, etc.

SAR 3 5 per 3s execution, 5 times SAR

Free

The free command displays the memory usage used by the system, including idle, used, and swapped space.

The free command display also includes some cache and buffer information used by the kernel

Parameters:

-b,-k,-m,-g are displayed with Bytes,kilobytes,megabytes,gigabytes respectively.

-l difference shows low and high memory

-C {Count} shows the number of free outputs

Pmap

The PMAP command shows how much memory is used by one or more processes, and this tool can be used to determine which process on the server is consuming excessive memory and causing a memory bottleneck

Strace

Strace intercepts and records the system invocation information of the process, and also includes the command signals that the process accepts. This is a good diagnostic and debugging tool, but requires system administrator privileges

Strace-p <pid>

Ulimit

Ulimit can be used to control the use of system resources

Mpstat

The Mpstat command is also part of the Sysstat. Primarily used to monitor the situation of each available CPU in a multi-CPU system. The Mpstat command shows the operation of each CPU or all CPUs, as well as the use of parameters to monitor a certain frequency of sample results, as in the case of the Vmstat command.

Valgrind

Memory and performance detection tools, primarily for memory leak detection, performance detection