ip: Show or manipulate routing, devices, policy routing, and tunnels.
Commands:
ip: Show or manipulate routing, devices, policy routing, and tunnels.ip -a: Show or manipulate routing, devices, policy routing, and tunnels with all.ip -b: Show or manipulate routing, devices, policy routing, and tunnels with brief.ip -c: Show or manipulate routing, devices, policy routing, and tunnels with color.ip -d: Show or manipulate routing, devices, policy routing, and tunnels with details.ip -f: Show or manipulate routing, devices, policy routing, and tunnels with family.ip -h: Show or manipulate routing, devices, policy routing, and tunnels with help.ip -i: Show or manipulate routing, devices, policy routing, and tunnels with interface.ip -l: Show or manipulate routing, devices, policy routing, and tunnels with link.ip -m: Show or manipulate routing, devices, policy routing, and tunnels with monitor.ip -n: Show or manipulate routing, devices, policy routing, and tunnels with netns.ip -o: Show or manipulate routing, devices, policy routing, and tunnels with oneline.ip -p: Show or manipulate routing, devices, policy routing, and tunnels with protocol.ip -r: Show or manipulate routing, devices, policy routing, and tunnels with resolve.ip -s: Show or manipulate routing, devices, policy routing, and tunnels with statistics.ip -t: Show or manipulate routing, devices, policy routing, and tunnels with terse.ip -v: Show or manipulate routing, devices, policy routing, and tunnels with verbose.- subcommands
ip address: Show or manipulate routing, devices, policy routing, and tunnels with address.ip addrlabel: Show or manipulate routing, devices, policy routing, and tunnels with addrlabel.ip l2tp: Show or manipulate routing, devices, policy routing, and tunnels with l2tp.ip link: Show or manipulate routing, devices, policy routing, and tunnels with link.ip maddress: Show or manipulate routing, devices, policy routing, and tunnels with maddress.ip mroute: Show or manipulate routing, devices, policy routing, and tunnels with mroute.ip neigh: Show or manipulate routing, devices, policy routing, and tunnels with neigh.ip netns: Show or manipulate routing, devices, policy routing, and tunnels with netns.ip ntable: Show or manipulate routing, devices, policy routing, and tunnels with ntable.ip route: Show or manipulate routing, devices, policy routing, and tunnels with route.ip rule: Show or manipulate routing, devices, policy routing, and tunnels with rule.ip tcp_metrics: Show or manipulate routing, devices, policy routing, and tunnels with tcp_metrics.ip token: Show or manipulate routing, devices, policy routing, and tunnels with token.ip tunnel: Show or manipulate routing, devices, policy routing, and tunnels with tunnel.ip xfrm: Show or manipulate routing, devices, policy routing, and tunnels with xfrm.
iwconfig:
iwconfig: Configure a wireless network interface.iwconfig -a: Configure a wireless network interface with all.iwconfig -c: Configure a wireless network interface with channel.iwconfig -e: Configure a wireless network interface with essid.iwconfig -f: Configure a wireless network interface with frequency.iwconfig -h: Configure a wireless network interface with help.iwconfig -i: Configure a wireless network interface with interface.iwconfig -k: Configure a wireless network interface with key.iwconfig -m: Configure a wireless network interface with mode.iwconfig -n: Configure a wireless network interface with nick.iwconfig -p: Configure a wireless network interface with power.iwconfig -q: Configure a wireless network interface with quality.iwconfig -r: Configure a wireless network interface with rate.iwconfig -s: Configure a wireless network interface with sensitivity.iwconfig -t: Configure a wireless network interface with txpower.iwconfig -v: Configure a wireless network interface with verbose.
iwlist:
iwlist: Get more detailed wireless information from a wireless interface.iwlist -a: Get more detailed wireless information from a wireless interface with all.iwlist -c: Get more detailed wireless information from a wireless interface with channel.iwlist -e: Get more detailed wireless information from a wireless interface with essid.iwlist -f: Get more detailed wireless information from a wireless interface with frequency.iwlist -h: Get more detailed wireless information from a wireless interface with help.iwlist -i: Get more detailed wireless information from a wireless interface with interface.iwlist -k: Get more detailed wireless information from a wireless interface with key.iwlist -m: Get more detailed wireless information from a wireless interface with mode.iwlist -n: Get more detailed wireless information from a wireless interface with nick.iwlist -p: Get more detailed wireless information from a wireless interface with power.iwlist -q: Get more detailed wireless information from a wireless interface with quality.iwlist -r: Get more detailed wireless information from a wireless interface with rate.iwlist -s: Get more detailed wireless information from a wireless interface with sensitivity.iwlist -t: Get more detailed wireless information from a wireless interface with txpower.iwlist -v: Get more detailed wireless information from a wireless interface with verbose.subcommands:
iwlist scan: Get more detailed wireless information from a wireless interface with scan.iwlist freq: Get more detailed wireless information from a wireless interface with frequency.iwlist keys: Get more detailed wireless information from a wireless interface with keys.iwlist power: Get more detailed wireless information from a wireless interface with power.iwlist rate: Get more detailed wireless information from a wireless interface with rate.iwlist retry: Get more detailed wireless information from a wireless interface with retry.iwlist txpower: Get more detailed wireless information from a wireless interface with txpower.
iw:
iw: Show or manipulate wireless devices and their configuration.iw -a: Show or manipulate wireless devices and their configuration with all.iw -c: Show or manipulate wireless devices and their configuration with channel.iw -d: Show or manipulate wireless devices and their configuration with device.iw -e: Show or manipulate wireless devices and their configuration with essid.iw -f: Show or manipulate wireless devices and their configuration with frequency.iw -h: Show or manipulate wireless devices and their configuration with help.iw -i: Show or manipulate wireless devices and their configuration with interface.iw -k: Show or manipulate wireless devices and their configuration with key.iw -m: Show or manipulate wireless devices and their configuration with mode.iw -n: Show or manipulate wireless devices and their configuration with nick.iw -p: Show or manipulate wireless devices and their configuration with power.iw -q: Show or manipulate wireless devices and their configuration with quality.iw -r: Show or manipulate wireless devices and their configuration with rate.iw -s: Show or manipulate wireless devices and their configuration with sensitivity.iw -t: Show or manipulate wireless devices and their configuration with txpower.iw -v: Show or manipulate wireless devices and their configuration with verbose.
LXC / LXD
- LXC: Linux Containers. LXC is a containerization technology that enables the creation and management of lightweight system containers.
- LXD: Linux Containers Daemon. LXD is a container management tool that provides a more user-friendly interface to LXC.
- lxc: LXC command-line interface.
Commands:
lxc: LXC command-line interface.lxc -a: LXC command-line interface with all.lxc -c: LXC command-line interface with configuration.lxc -d: LXC command-line interface with debug.lxc -e: LXC command-line interface with execute.lxc -f: LXC command-line interface with file.lxc -h: LXC command-line interface with help.lxc -i: LXC command-line interface with information.lxc -l: LXC command-line interface with list.lxc -m: LXC command-line interface with monitor.lxc -n: LXC command-line interface with network.lxc -o: LXC command-line interface with output.lxc -p: LXC command-line interface with profile.lxc -q: LXC command-line interface with quiet.lxc -r: LXC command-line interface with remote.lxc -s: LXC command-line interface with server.lxc -t: LXC command-line interface with template.lxc -u: LXC command-line interface with user.lxc -v: LXC command-line interface with verbose.
- lxd: LXD command-line interface.
Commands:
lxd: LXD command-line interface.lxd -a: LXD command-line interface with all.lxd -c: LXD command-line interface with configuration.lxd -d: LXD command-line interface with debug.lxd -e: LXD command-line interface with execute.lxd -f: LXD command-line interface with file.lxd -h: LXD command-line interface with help.lxd -i: LXD command-line interface with information.lxd -l: LXD command-line interface with list.lxd -m: LXD command-line interface with monitor.lxd -n: LXD command-line interface with network.lxd -o: LXD command-line interface with output.lxd -p: LXD command-line interface with profile.lxd -q: LXD command-line interface with quiet.lxd -r: LXD command-line interface with remote.lxd -s: LXD command-line interface with server.lxd -t: LXD command-line interface with template.lxd -u: LXD command-line interface with user.lxd -v: LXD command-line interface with verbose.
- lxc-create: Create LXC containers.
Commands:
lxc-create: Create LXC containers.lxc-create -a: Create LXC containers with all.lxc-create -c: Create LXC containers with configuration.lxc-create -d: Create LXC containers with debug.lxc-create -e: Create LXC containers with execute.lxc-create -f: Create LXC containers with file.lxc-create -h: Create LXC containers with help.lxc-create -i: Create LXC containers with information.lxc-create -l: Create LXC containers with list.lxc-create -m: Create LXC containers with monitor.lxc-create -n: Create LXC containers with network.lxc-create -o: Create LXC containers with output.lxc-create -p: Create LXC containers with profile.lxc-create -q: Create LXC containers with quiet.lxc-create -r: Create LXC containers with remote.lxc-create -s: Create LXC containers with server.lxc-create -t: Create LXC containers with template.lxc-create -u: Create LXC containers with user.lxc-create -v: Create LXC containers with verbose.
- lxc-destroy: Destroy LXC containers.
Commands:
lxc-destroy: Destroy LXC containers.lxc-destroy -a: Destroy LXC containers with all.lxc-destroy -c: Destroy LXC containers with configuration.lxc-destroy -d: Destroy LXC containers with debug.lxc-destroy -e: Destroy LXC containers with execute.lxc-destroy -f: Destroy LXC containers with file.lxc-destroy -h: Destroy LXC containers with help.lxc-destroy -i: Destroy LXC containers with information.lxc-destroy -l: Destroy LXC containers with list.lxc-destroy -m: Destroy LXC containers with monitor.lxc-destroy -n: Destroy LXC containers with network.lxc-destroy -o: Destroy LXC containers with output.lxc-destroy -p: Destroy LXC containers with profile.lxc-destroy -q: Destroy LXC containers with quiet.lxc-destroy -r: Destroy LXC containers with remote.lxc-destroy -s: Destroy LXC containers with server.lxc-destroy -t: Destroy LXC containers with template.lxc-destroy -u: Destroy LXC containers with user.lxc-destroy -v: Destroy LXC containers with verbose.libvirt: Libvirt is a toolkit for managing virtualization platforms.
- virsh: Libvirt command-line interface.
Commands:
virsh: Libvirt command-line interface.virsh -a: Libvirt command-line interface with all.virsh -c: Libvirt command-line interface with connect.virsh -d: Libvirt command-line interface with debug.virsh -e: Libvirt command-line interface with execute.virsh -f: Libvirt command-line interface with file.virsh -h: Libvirt command-line interface with help.virsh -i: Libvirt command-line interface with information.virsh -l: Libvirt command-line interface with list.virsh -m: Libvirt command-line interface with monitor.virsh -n: Libvirt command-line interface with network.virsh -o: Libvirt command-line interface with output.virsh -p: Libvirt command-line interface with profile.virsh -q: Libvirt command-line interface with quiet.virsh -r: Libvirt command-line interface with remote.virsh -s: Libvirt command-line interface with server.virsh -t: Libvirt command-line interface with template.virsh -u: Libvirt command-line interface with user.virsh -v: Libvirt command-line interface with verbose.
- virt-install: Create virtual machines.
Commands:
virt-install: Create virtual machines.virt-install -a: Create virtual machines with all.virt-install -c: Create virtual machines with configuration.virt-install -d: Create virtual machines with debug.virt-install -e: Create virtual machines with execute.virt-install -f: Create virtual machines with file.virt-install -h: Create virtual machines with help.virt-install -i: Create virtual machines with information.virt-install -l: Create virtual machines with list.virt-install -m: Create virtual machines with monitor.virt-install -n: Create virtual machines with network.virt-install -o: Create virtual machines with output.virt-install -p: Create virtual machines with profile.virt-install -q: Create virtual machines with quiet.virt-install -r: Create virtual machines with remote.virt-install -s: Create virtual machines with server.virt-install -t: Create virtual machines with template.virt-install -u: Create virtual machines with user.virt-install -v: Create virtual machines with verbose.
- virt-clone: Clone virtual machines.
Commands:
virt-clone: Clone virtual machines.virt-clone -a: Clone virtual machines with all.virt-clone -c: Clone virtual machines with configuration.virt-clone -d: Clone virtual machines with debug.virt-clone -e: Clone virtual machines with execute.virt-clone -f: Clone virtual machines with file.virt-clone -h: Clone virtual machines with help.virt-clone -i: Clone virtual machines with information.virt-clone -l: Clone virtual machines with list.virt-clone -m: Clone virtual machines with monitor.virt-clone -n: Clone virtual machines with network.virt-clone -o: Clone virtual machines with output.virt-clone -p: Clone virtual machines with profile.virt-clone -q: Clone virtual machines with quiet.virt-clone -r: Clone virtual machines with remote.virt-clone -s: Clone virtual machines with server.virt-clone -t: Clone virtual machines with template.virt-clone -u: Clone virtual machines with user.virt-clone -v: Clone virtual machines with verbose.
- virt-convert: Convert virtual machines.
Commands:
virt-convert: Convert virtual machines.virt-convert -a: Convert virtual machines with all.virt-convert -c: Convert virtual machines with configuration.virt-convert -d: Convert virtual machines with debug.virt-convert -e: Convert virtual machines with execute.virt-convert -f: Convert virtual machines with file.virt-convert -h: Convert virtual machines with help.virt-convert -i: Convert virtual machines with information.virt-convert -l: Convert virtual machines with list.virt-convert -m: Convert virtual machines with monitor.virt-convert -n: Convert virtual machines with network.virt-convert -o: Convert virtual machines with output.virt-convert -p: Convert virtual machines with profile.virt-convert -q: Convert virtual machines with quiet.virt-convert -r: Convert virtual machines with remote.virt-convert -s: Convert virtual machines with server.virt-convert -t: Convert virtual machines with template.virt-convert -u: Convert virtual machines with user.virt-convert -v: Convert virtual machines with verbose.
- netstat: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.
Commands:
netstat: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.netstat -a: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with all.netstat -c: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with continuous.netstat -e: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with extend.netstat -f: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with fib.netstat -h: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with help.netstat -i: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with interfaces.netstat -l: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with listening.netstat -m: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with memory.netstat -n: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with numeric.netstat -o: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with owner.netstat -p: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with programs.netstat -r: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with routing.netstat -s: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with summary.netstat -t: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with tcp.netstat -u: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with udp.netstat -v: Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships with verbose.
- ss: Show socket statistics.
Commands:
ss: Show socket statistics.ss -a: Show socket statistics with all.ss -c: Show socket statistics with continuous.ss -d: Show socket statistics with details.ss -e: Show socket statistics with extended.ss -f: Show socket statistics with fib.ss -h: Show socket statistics with help.ss -i: Show socket statistics with interfaces.ss -l: Show socket statistics with listening.ss -m: Show socket statistics with memory.ss -n: Show socket statistics with numeric.ss -o: Show socket statistics with owner.ss -p: Show socket statistics with programs.ss -r: Show socket statistics with routing.ss -s: Show socket statistics with summary.ss -t: Show socket statistics with tcp.ss -u: Show socket statistics with udp.ss -v: Show socket statistics with verbose.tcpdump: Dump traffic on a network.
Commands:
tcpdump: Dump traffic on a network.tcpdump -a: Dump traffic on a network with all.tcpdump -c: Dump traffic on a network with count.tcpdump -d: Dump traffic on a network with datalink.tcpdump -e: Dump traffic on a network with ethernet.tcpdump -f: Dump traffic on a network with file.tcpdump -h: Dump traffic on a network with help.tcpdump -i: Dump traffic on a network with interface.tcpdump -l: Dump traffic on a network with link.tcpdump -n: Dump traffic on a network with numeric.tcpdump -o: Dump traffic on a network with options.tcpdump -p: Dump traffic on a network with promiscuous.tcpdump -q: Dump traffic on a network with quick.tcpdump -r: Dump traffic on a network with read.tcpdump -s: Dump traffic on a network with snaplen.tcpdump -t: Dump traffic on a network with timestamp.tcpdump -u: Dump traffic on a network with udp.tcpdump -v: Dump traffic on a network with verbose.tcpdump -w: Dump traffic on a network with write.tcpdump -x: Dump traffic on a network with hex.
examples with output:
tcpdump -i eth0 -c 10 -n -v -X -s 0 -w /tmp/tcpdump.pcap- netcat: Utility for managing network connections.
Commands:
netcat: Utility for managing network connections.netcat -a: Utility for managing network connections with all.netcat -b: Utility for managing network connections with bind.netcat -c: Utility for managing network connections with close.netcat -d: Utility for managing network connections with delay.netcat -e: Utility for managing network connections with execute.netcat -f: Utility for managing network connections with file.netcat -g: Utility for managing network connections with gateway.netcat -h: Utility for managing network connections with help.netcat -i: Utility for managing network connections with interval.netcat -l: Utility for managing network connections with listen.netcat -m: Utility for managing network connections with max.netcat -n: Utility for managing network connections with numeric.netcat -o: Utility for managing network connections with output.netcat -p: Utility for managing network connections with port.netcat -q: Utility for managing network connections with quit.netcat -r: Utility for managing network connections with random.netcat -s: Utility for managing network connections with source.netcat -t: Utility for managing network connections with tcp.netcat -u: Utility for managing network connections with udp.netcat -v: Utility for managing network connections with verbose.netcat -w: Utility for managing network connections with timeout.netcat -x: Utility for managing network connections with proxy.netcat -z: Utility for managing network connections with zero.
- iftop: Display bandwidth usage on an interface.
Commands:
iftop: Display bandwidth usage on an interface.iftop -a: Display bandwidth usage on an interface with all.iftop -b: Display bandwidth usage on an interface with bar.iftop -c: Display bandwidth usage on an interface with config.iftop -d: Display bandwidth usage on an interface with display.iftop -e: Display bandwidth usage on an interface with elapsed.iftop -f: Display bandwidth usage on an interface with filter.iftop -h: Display bandwidth usage on an interface with help.iftop -i: Display bandwidth usage on an interface with interface.iftop -l: Display bandwidth usage on an interface with log.iftop -n: Display bandwidth usage on an interface with numeric.iftop -o: Display bandwidth usage on an interface with order.iftop -p: Display bandwidth usage on an interface with port.iftop -s: Display bandwidth usage on an interface with sort.iftop -t: Display bandwidth usage on an interface with time.iftop -v: Display bandwidth usage on an interface with version.
- nethogs: Monitor network traffic.
Commands:
nethogs: Monitor network traffic.nethogs -a: Monitor network traffic with all.nethogs -b: Monitor network traffic with bytes.nethogs -c: Monitor network traffic with capture.nethogs -d: Monitor network traffic with device.nethogs -e: Monitor network traffic with ethernet.nethogs -f: Monitor network traffic with filter.nethogs -h: Monitor network traffic with help.nethogs -i: Monitor network traffic with interface.nethogs -l: Monitor network traffic with log.nethogs -n: Monitor network traffic with numeric.nethogs -o: Monitor network traffic with order.nethogs -p: Monitor network traffic with port.nethogs -s: Monitor network traffic with sort.nethogs -t: Monitor network traffic with time.nethogs -v: Monitor network traffic with version.
- bmon: Bandwidth monitor and rate estimator.
Commands:
bmon: Bandwidth monitor and rate estimator.bmon -a: Bandwidth monitor and rate estimator with all.bmon -b: Bandwidth monitor and rate estimator with bytes.bmon -c: Bandwidth monitor and rate estimator with capture.bmon -d: Bandwidth monitor and rate estimator with device.bmon -e: Bandwidth monitor and rate estimator with ethernet.bmon -f: Bandwidth monitor and rate estimator with filter.bmon -h: Bandwidth monitor and rate estimator with help.bmon -i: Bandwidth monitor and rate estimator with interface.bmon -l: Bandwidth monitor and rate estimator with log.bmon -n: Bandwidth monitor and rate estimator with numeric.bmon -o: Bandwidth monitor and rate estimator with order.bmon -p: Bandwidth monitor and rate estimator with port.bmon -s: Bandwidth monitor and rate estimator with sort.bmon -t: Bandwidth monitor and rate estimator with time.bmon -v: Bandwidth monitor and rate estimator with version.
- iperf: Network bandwidth measurement tool.
Commands:
iperf: Network bandwidth measurement tool.iperf -a: Network bandwidth measurement tool with all.iperf -b: Network bandwidth measurement tool with bind.iperf -c: Network bandwidth measurement tool with client.iperf -d: Network bandwidth measurement tool with dual.iperf -e: Network bandwidth measurement tool with execute.iperf -f: Network bandwidth measurement tool with format.iperf -h: Network bandwidth measurement tool with help.iperf -i: Network bandwidth measurement tool with interval.iperf -l: Network bandwidth measurement tool with length.iperf -m: Network bandwidth measurement tool with mss.iperf -n: Network bandwidth measurement tool with num.iperf -o: Network bandwidth measurement tool with output.iperf -p: Network bandwidth measurement tool with port.iperf -r: Network bandwidth measurement tool with reverse.iperf -s: Network bandwidth measurement tool with server.iperf -t: Network bandwidth measurement tool with time.iperf -u: Network bandwidth measurement tool with udp.iperf -v: Network bandwidth measurement tool with verbose.iperf -w: Network bandwidth measurement tool with window.
- mtr: Network diagnostic tool.
Commands:
mtr: Network diagnostic tool.mtr -a: Network diagnostic tool with all.mtr -b: Network diagnostic tool with bitfields.mtr -c: Network diagnostic tool with cycles.mtr -d: Network diagnostic tool with display.mtr -e: Network diagnostic tool with extended.mtr -f: Network diagnostic tool with filename.mtr -h: Network diagnostic tool with help.mtr -i: Network diagnostic tool with interval.mtr -l: Network diagnostic tool with local.mtr -n: Network diagnostic tool with numeric.mtr -o: Network diagnostic tool with order.mtr -p: Network diagnostic tool with port.mtr -q: Network diagnostic tool with quiet.mtr -r: Network diagnostic tool with report.mtr -s: Network diagnostic tool with split.mtr -t: Network diagnostic tool with tcp.mtr -u: Network diagnostic tool with udp.mtr -v: Network diagnostic tool with version.
- nmap: Network exploration tool and security scanner.
Commands:
nmap: Network exploration tool and security scanner.nmap -a: Network exploration tool and security scanner with all.nmap -b: Network exploration tool and security scanner with badsum.nmap -c: Network exploration tool and security scanner with checksum.nmap -d: Network exploration tool and security scanner with debugging.nmap -e: Network exploration tool and security scanner with ethernet.nmap -f: Network exploration tool and security scanner with fragmentation.nmap -h: Network exploration tool and security scanner with help.nmap -i: Network exploration tool and security scanner with idle.nmap -l: Network exploration tool and security scanner with list.nmap -n: Network exploration tool and security scanner with numeric.nmap -o: Network exploration tool and security scanner with output.nmap -p: Network exploration tool and security scanner with port.nmap -q: Network exploration tool and security scanner with quick.nmap -r: Network exploration tool and security scanner with reason.nmap -s: Network exploration tool and security scanner with scan.nmap -t: Network exploration tool and security scanner with timing.nmap -u: Network exploration tool and security scanner with udp.nmap -v: Network exploration tool and security scanner with verbose.nmap -w: Network exploration tool and security scanner with write.
- arp: Manipulate the system ARP cache.
Commands:
arp: Manipulate the system ARP cache.arp -a: Manipulate the system ARP cache with all.arp -d: Manipulate the system ARP cache with delete.arp -e: Manipulate the system ARP cache with ethernet.arp -f: Manipulate the system ARP cache with file.arp -g: Manipulate the system ARP cache with get.arp -h: Manipulate the system ARP cache with help.arp -i: Manipulate the system ARP cache with interface.arp -l: Manipulate the system ARP cache with list.arp -n: Manipulate the system ARP cache with numeric.arp -p: Manipulate the system ARP cache with publish.arp -q: Manipulate the system ARP cache with query.arp -r: Manipulate the system ARP cache with read.arp -s: Manipulate the system ARP cache with set.arp -v: Manipulate the system ARP cache with verbose.
- ip: Show / manipulate routing, devices, policy routing, and tunnels.
Commands:
ip: Show / manipulate routing, devices, policy routing, and tunnels.ip -a: Show / manipulate routing, devices, policy routing, and tunnels with all.ip -b: Show / manipulate routing, devices, policy routing, and tunnels with brief.ip -c: Show / manipulate routing, devices, policy routing, and tunnels with commands.ip -d: Show / manipulate routing, devices, policy routing, and tunnels with details.ip -e: Show / manipulate routing, devices, policy routing, and tunnels with execute.ip -f: Show / manipulate routing, devices, policy routing, and tunnels with family.ip -h: Show / manipulate routing, devices, policy routing, and tunnels with help.ip -i: Show / manipulate routing, devices, policy routing, and tunnels with interface.ip -l: Show / manipulate routing, devices, policy routing, and tunnels with link.ip -m: Show / manipulate routing, devices, policy routing, and tunnels with monitor.ip -n: Show / manipulate routing, devices, policy routing, and tunnels with netns.ip -o: Show / manipulate routing, devices, policy routing, and tunnels with oneline.ip -p: Show / manipulate routing, devices, policy routing, and tunnels with protocol.ip -r: Show / manipulate routing, devices, policy routing, and tunnels with resolve.ip -s: Show / manipulate routing, devices, policy routing, and tunnels with statistics.ip -t: Show / manipulate routing, devices, policy routing, and tunnels with terse.ip -v: Show / manipulate routing, devices, policy routing, and tunnels with verbose.
SOFTWARE
- apt: Advanced Package Tool.
Commands:
apt: Advanced Package Tool.apt -a: Advanced Package Tool with all.apt -b: Advanced Package Tool with build.apt -c: Advanced Package Tool with cache.apt -d: Advanced Package Tool with download.apt -e: Advanced Package Tool with edit.apt -f: Advanced Package Tool with fix-broken.apt -g: Advanced Package Tool with generate.apt -h: Advanced Package Tool with help.apt -i: Advanced Package Tool with install.apt -l: Advanced Package Tool with list.apt -m: Advanced Package Tool with mark.apt -n: Advanced Package Tool with no.apt -o: Advanced Package Tool with option.apt -p: Advanced Package Tool with purge.apt -q: Advanced Package Tool with quiet.apt -r: Advanced Package Tool with remove.apt -s: Advanced Package Tool with search.apt -t: Advanced Package Tool with target-release.apt -u: Advanced Package Tool with update.apt -v: Advanced Package Tool with version.- /etc/apt/sources.list.d: Directory for additional APT repositories.
- /etc/apt.conf: APT configuration file.
- dpkg: Package manager for Debian.
Commands:
dpkg: Package manager for Debian.dpkg -a: Package manager for Debian with all.dpkg -b: Package manager for Debian with build.dpkg -c: Package manager for Debian with contents.dpkg -d: Package manager for Debian with debug.dpkg -e: Package manager for Debian with extract.dpkg -f: Package manager for Debian with field.dpkg -g: Package manager for Debian with get-selections.dpkg -h: Package manager for Debian with help.dpkg -i: Package manager for Debian with install.dpkg -l: Package manager for Debian with list.dpkg -m: Package manager for Debian with merge.dpkg -n: Package manager for Debian with no.dpkg -o: Package manager for Debian with option.dpkg -p: Package manager for Debian with purge.dpkg -q: Package manager for Debian with query.dpkg -r: Package manager for Debian with remove.dpkg -s: Package manager for Debian with status.dpkg -t: Package manager for Debian with trigger.dpkg -u: Package manager for Debian with update.dpkg -v: Package manager for Debian with version.
- rpm: Package manager for Red Hat.
Commands:
rpm: Package manager for Red Hat.rpm -a: Package manager for Red Hat with all.rpm -b: Package manager for Red Hat with build.rpm -c: Package manager for Red Hat with check.rpm -d: Package manager for Red Hat with debug.rpm -e: Package manager for Red Hat with erase.rpm -f: Package manager for Red Hat with freshen.rpm -g: Package manager for Red Hat with group.rpm -h: Package manager for Red Hat with help.rpm -i: Package manager for Red Hat with install.rpm -l: Package manager for Red Hat with list.rpm -m: Package manager for Red Hat with modify.rpm -n: Package manager for Red Hat with no.rpm -o: Package manager for Red Hat with options.rpm -p: Package manager for Red Hat with package.rpm -q: Package manager for Red Hat with query.rpm -r: Package manager for Red Hat with replace.rpm -s: Package manager for Red Hat with setperms.rpm -t: Package manager for Red Hat with test.rpm -u: Package manager for Red Hat with update.rpm -v: Package manager for Red Hat with verify.
- yum: Package manager for Red Hat.
Commands:
yum: Package manager for Red Hat.yum -a: Package manager for Red Hat with all.yum -b: Package manager for Red Hat with best.yum -c: Package manager for Red Hat with check.yum -d: Package manager for Red Hat with download.yum -e: Package manager for Red Hat with erase.yum -f: Package manager for Red Hat with freshen.yum -g: Package manager for Red Hat with group.yum -h: Package manager for Red Hat with help.yum -i: Package manager for Red Hat with install.yum -l: Package manager for Red Hat with list.yum -m: Package manager for Red Hat with merge.yum -n: Package manager for Red Hat with no.yum -o: Package manager for Red Hat with options.yum -p: Package manager for Red Hat with package.yum -q: Package manager for Red Hat with query.yum -r: Package manager for Red Hat with remove.yum -s: Package manager for Red Hat with search.yum -t: Package manager for Red Hat with time.yum -u: Package manager for Red Hat with update.yum -v: Package manager for Red Hat with version.
- zypper: Package manager for SUSE.
Commands:
zypper: Package manager for SUSE.zypper -a: Package manager for SUSE with all.zypper -b: Package manager for SUSE with best.zypper -c: Package manager for SUSE with check.zypper -d: Package manager for SUSE with download.zypper -e: Package manager for SUSE with erase.zypper -f: Package manager for SUSE with freshen.zypper -g: Package manager for SUSE with group.zypper -h: Package manager for SUSE with help.zypper -i: Package manager for SUSE with install.zypper -l: Package manager for SUSE with list.zypper -m: Package manager for SUSE with merge.zypper -n: Package manager for SUSE with no.zypper -o: Package manager for SUSE with options.zypper -p: Package manager for SUSE with package.zypper -q: Package manager for SUSE with query.zypper -r: Package manager for SUSE with remove.zypper -s: Package manager for SUSE with search.zypper -t: Package manager for SUSE with time.zypper -u: Package manager for SUSE with update.zypper -v: Package manager for SUSE with version.
- pacman: Package manager for Arch Linux.
Commands:
pacman: Package manager for Arch Linux.pacman -a: Package manager for Arch Linux with all.pacman -b: Package manager for Arch Linux with build.pacman -c: Package manager for Arch Linux with check.pacman -d: Package manager for Arch Linux with download.pacman -e: Package manager for Arch Linux with erase.pacman -f: Package manager for Arch Linux with freshen.pacman -g: Package manager for Arch Linux with group.pacman -h: Package manager for Arch Linux with help.pacman -i: Package manager for Arch Linux with install.pacman -l: Package manager for Arch Linux with list.pacman -m: Package manager for Arch Linux with merge.pacman -n: Package manager for Arch Linux with no.pacman -o: Package manager for Arch Linux with options.pacman -p: Package manager for Arch Linux with package.pacman -q: Package manager for Arch Linux with query.pacman -r: Package manager for Arch Linux with remove.pacman -s: Package manager for Arch Linux with search.pacman -t: Package manager for Arch Linux with time.pacman -u: Package manager for Arch Linux with update.pacman -v: Package manager for Arch Linux with version.
- createrepo: Create a repository. Updates the XML files used to reference the repository location.
- .repo Configuration File: Configuration file for YUM. Provides additional information about the repository and is stored in the /etc/yum.repos.d/ directory.
- yum.conf: Configuration file for YUM. Provides additional information about the repository and is stored in the /etc/ directory.
- yum.repos.d: Directory that contains the .repo configuration files for YUM.
- rpmdb: RPM database. Contains information about installed packages.
- rpm2cpio: Extracts the contents of an RPM package.
- rpmbuild: Builds an RPM package.
- rpmsign: Signs an RPM package.
- reposync: Synchronizes a local repository with a remote repository. Manages the mirroring process.
- /etc/apt.conf: Configuration file for APT. Provides additional information about the repository and is stored in the /etc/ directory.
- /etc/apt/sources.list: Configuration file for APT. Provides additional information about the repository and is stored in the /etc/ directory.
- /etc/apt/sources.list.d: Directory that contains the .list configuration files for APT.
Acquire Software
wget/curl: Download files from the internet.
wget http://example.com/file.tar.gz-b: Background.-c: Continue.-d: Debug.-h: Help.-i: Input file.-l: Limit.-m: Mirror.-n: Number of tries.
curl -O http://example.com/file.tar.gz-#: Progress bar.-A: User agent.-b: Background.-c: Continue.-d: Debug.-h: Help.-i: Input file.-l: Limit.-m: Mirror.-n: Number of tries.
| wget | curl |
|---|---|
| Command-line utility only | Cross-platform |
| Can download files recursively | Cannot download files recursively |
| Supports HTTP/S and FTP only | Supports more network protocols |
| Downloads files | Builds/manages complex requests |
(tar) Tape Archiver: Bundles together multiple files into a single tarball with a .tar extension.
tar -cvf archive.tar file1 file2 file3: Create a tarball.tar -xvf archive.tar: Extract a tarball.tar -tvf archive.tar: List the contents of a tarball.tar -rvf archive.tar file4: Add a file to a tarball.tar -uvf archive.tar file5: Update a file in a tarball.tar -xvf archive.tar -C /tmp: Extract a tarball to a specific directory.
(dar) Disk Archiver: Creates a backup of a directory.
dar -c archive.dar directory1: Create a backup.dar -x archive.dar: Extract a backup.dar -l archive.dar: List the contents of a backup.dar -r archive.dar directory2: Add a file to a backup.dar -u archive.dar directory3: Update a file in a backup.dar -x archive.dar -C /tmp: Extract a backup to a specific directory.dar -R mydata -c full.bak: Create a full backup.dar -R mydata -c -A incr.bak: Create an incremental backup.dar -R mydata -c -A incr.bak -K incr.snar: Create an incremental backup with a snapshot file.dar -R mydata -c -A incr.bak -K incr.snar -s 100M: Create an incremental backup with a snapshot file and a size limit.
cpio: Copies files to and from archives.
cpio -o < file1 file2 file3 > archive.cpio: Create an archive.cpio -i < archive.cpio: Extract an archive.cpio -t < archive.cpio: List the contents of an archive.cpio -p directory1 < archive.cpio: Copy files to a directory.cpio -d < archive.cpio: Create directories as needed.cpio -m < archive.cpio: Preserve modification times.cpio -v < archive.cpio: Verbose output.
dd (disk duplicate): Copies and converts files.
dd if=/dev/sda of=/dev/sdb: Copy a disk.dd if=/dev/sda of=/tmp/disk.img: Copy a disk to an image file.dd if=/dev/sda of=/dev/sdb bs=512 count=1: Copy the first sector of a disk.dd if=/dev/sda of=/dev/sdb bs=1M count=1: Copy the first megabyte of a disk.dd if=/dev/zero of=/dev/sda: Write zeros to a disk.dd if=/dev/zero of=/dev/sda bs=1M count=1: Write zeros to the first megabyte of a disk.dd if=/dev/urandom of=/dev/sda: Write random data to a disk.dd if=/dev/urandom of=/dev/sda bs=1M count=1: Write random data to the first megabyte of a disk.
mirrorvg: Copies a volume group to another disk.
mirrorvg -m /dev/vg1 /dev/sdb: Mirror a volume group.mirrorvg -l /dev/vg1: List logical volumes in a volume group.mirrorvg -c /dev/vg1: Check a mirrored volume group.mirrorvg -r /dev/vg1: Remove a mirrored volume group.mirrorvg -s /dev/vg1: Split a mirrored volume group.mirrorvg -b /dev/vg1: Break a mirrored volume group.mirrorvg -a /dev/vg1: Add a mirrored volume group.mirrorvg -p /dev/vg1: Print mirrored volume group information.
pvmove: Moves physical extents from one disk to another.
pvmove /dev/sda /dev/sdb: Move physical extents.pvmove -n /dev/sda /dev/sdb: Move physical extents with a name.pvmove -v /dev/sda /dev/sdb: Move physical extents with verbose output.pvmove -b /dev/sda /dev/sdb: Move physical extents with a background process.pvmove -i 10 /dev/sda /dev/sdb: Move physical extents with an interval.pvmove -t 10 /dev/sda /dev/sdb: Move physical extents with a timeout.pvmove -d /dev/sda /dev/sdb: Move physical extents with debug output.pvmove -s /dev/sda /dev/sdb: Move physical extents with a status report.
rsync: Synchronizes files and directories between two locations.
rsync -avz /tmp/dir1/ /tmp/dir2: Synchronize directories.rsync -avz /tmp/dir1/ user@remote:/tmp/dir2: Synchronize directories over SSH.rsync -avz --delete /tmp/dir1/ /tmp/dir2: Synchronize directories and delete extraneous files.rsync -avz --exclude='*.txt' /tmp/dir1/ /tmp/dir2: Synchronize directories and exclude files.rsync -avz --dry-run /tmp/dir1/ /tmp/dir2: Synchronize directories without making changes.rsync -avz --progress /tmp/dir1/ /tmp/dir2: Synchronize directories and show progress.rsync -avz --bwlimit=100 /tmp/dir1/ /tmp/dir2: Synchronize directories and limit bandwidth.rsync -avz --log-file=/tmp/rsync.log /tmp/dir1/ /tmp/dir2: Synchronize directories and log output.rsync -avz --include='*.txt' /tmp/dir1/ /tmp/dir2: Synchronize directories and include files.rsync -avz --exclude='*.txt' --delete /tmp/dir1/ /tmp/dir2: Synchronize directories and exclude files.
(gzip) GNU Zip: Compresses files with a .gz extension.
- `gzip file1`: Compress a file. - `gzip -d file1.gz`: Decompress a file. - `gzip -l file1.gz`: List the contents of a compressed file. - `gzip -k file1`: Keep the original file. - `gzip -r directory1`: Compress all files in a directory. - `gzip -t file1.gz`: Test a compressed file.(gunzip) GNU Zip: Decompresses files with a .gz extension.
- `gunzip file1.gz`: Decompress a file. - `gunzip -l file1.gz`: List the contents of a compressed file. - `gunzip -k file1.gz`: Keep the original file. - `gunzip -r directory1`: Decompress all files in a directory. - `gunzip -t file1.gz`: Test a compressed file.xz: Compresses files with a .xz extension.
- `xz file1`: Compress a file. - `xz -d file1.xz`: Decompress a file. - `xz -l file1.xz`: List the contents of a compressed file. - `xz -k file1`: Keep the original file. - `xz -r directory1`: Compress all files in a directory. - `xz -t file1.xz`: Test a compressed file.(tar.xz) Tarball: Compresses files with a .tar.xz extension.
- `tar -cJvf archive.tar.xz file1 file2 file3`: Create a tarball. - `tar -xJvf archive.tar.xz`: Extract a tarball. - `tar -tJvf archive.tar.xz`: List the contents of a tarball. - `tar -rJvf archive.tar.xz file4`: Add a file to a tarball. - `tar -uJvf archive.tar.xz file5`: Update a file in a tarball. - `tar -xJvf archive.tar.xz -C /tmp`: Extract a tarball to a specific directory.(bzip2) Bzip2: Compresses files with a .bz2 extension.
- `bzip2 file1`: Compress a file. - `bzip2 -d file1.bz2`: Decompress a file. - `bzip2 -l file1.bz2`: List the contents of a compressed file. - `bzip2 -k file1`: Keep the original file. - `bzip2 -r directory1`: Compress all files in a directory. - `bzip2 -t file1.bz2`: Test a compressed file.(zip) Zip: Compresses files with a .zip extension.
- `zip archive.zip file1 file2 file3`: Create a zip archive. - `unzip archive.zip`: Extract a zip archive. - `unzip -l archive.zip`: List the contents of a zip archive. - `unzip -t archive.zip`: Test a zip archive. - `unzip -d /tmp archive.zip`: Extract a zip archive to a specific directory.(unzip) Unzip: Extracts files from a .zip archive.
- `unzip archive.zip`: Extract a zip archive. - `unzip -l archive.zip`: List the contents of a zip archive. - `unzip -t archive.zip`: Test a zip archive. - `unzip -d /tmp archive.zip`: Extract a zip archive to a specific directory.(tar.gz) Tarball: Compresses files with a .tar.gz extension.
tar -czvf archive.tar.gz file1 file2 file3: Create a tarball.tar -xzvf archive.tar.gz: Extract a tarball.tar -tzvf archive.tar.gz: List the contents of a tarball.tar -rzvf archive.tar.gz file4: Add a file to a tarball.tar -uzvf archive.tar.gz file5: Update a file in a tarball.tar -xzvf archive.tar.gz -C /tmp: Extract a tarball to a specific directory.
Security
- Chroot Jail: Restricts a process to a specific directory.
- /etc/chroot.conf: Configuration file for chroot.
- /etc/chroot.d: Directory that contains chroot configuration files.
- SELinux: Security-Enhanced Linux. Provides access control security policies. References inodes directly.
- /etc/selinux/config: Configuration file for SELinux.
- /etc/selinux/semanage.conf: Configuration file for SELinux.
- /etc/selinux/semanage.conf.d: Directory that contains SELinux configuration files.
- AppArmor: Application Armor. Provides access control security policies. Works with file system objects.
- /etc/apparmor.d: Directory that contains AppArmor configuration files.
- tunables: AppArmor tunables file.
- /etc/apparmor.d/tunables/home: AppArmor tunables file.
- abstractions: AppArmor abstractions file.
- profiles: AppArmor profiles file.
- ACLs: Access Control Lists. Provide fine-grained permissions for files and directories.
- getfacl: Get file ACLs.
- setfacl: Set file ACLs.
- PAM: Pluggable Authentication Modules. Provides dynamic authentication support.
- /etc/pam.d: Directory that contains PAM configuration files.
- Sudo: Provides limited root access to users.
- /etc/sudoers: Configuration file for sudo.
- /etc/sudoers.d: Directory that contains sudo configuration files.
- iptables: Command-line utility for configuring the Linux kernel firewall.
- /etc/sysconfig/iptables: Configuration file for iptables.
- /etc/sysconfig/iptables-config: Configuration file for iptables.
- /etc/sysconfig/ip6tables: Configuration file for iptables.
- /etc/sysconfig/ip6tables-config: Configuration file for iptables.
- /var/log/messages: Log file for iptables. Contains system messages.
- /var/log/kern.log: Log file for iptables. Contains kernel messages.
- Filter table: Default table for iptables.
- INPUT chain: Input chain for iptables.
- OUTPUT chain: Output chain for iptables.
- FORWARD chain: Forward chain for iptables.
- NAT table: Network Address Translation table for iptables.
- PREROUTING chain: Pre-routing chain for iptables.
- POSTROUTING chain: Post-routing chain for iptables.
- OUTPUT chain: Output chain for iptables.
- Mangle table: Packet alteration table for iptables. Used to alter the packets' TCP/IP header.
- PREROUTING chain: Pre-routing chain for iptables.
- OUTPUT chain: Output chain for iptables.
- INPUT chain: Input chain for iptables.
- FORWARD chain: Forward chain for iptables.
- POSTROUTING chain: Post-routing chain for iptables.
- Raw table: Raw table for iptables. Used to mark packets for special processing. Does not track connection state. Used for performance.
- PREROUTING chain: Pre-routing chain for iptables.
- OUTPUT chain: Output chain for iptables.
- Security table: Security table for iptables. Used to filter packets based on SELinux context.
- INPUT chain: Input chain for iptables.
- OUTPUT chain: Output chain for iptables.
- FORWARD chain: Forward chain for iptables.
- Filter table: Default table for iptables.
- ufw: Uncomplicated Firewall. Command-line utility for configuring the Linux kernel firewall.
- /etc/ufw: Directory that contains ufw configuration files.
- /etc/default/ufw: Configuration file for ufw. Configure high-level settings like policy defaults and kernel module usage.
- /etc/ufw/before.rules: Configuration file for ufw.
- /etc/ufw/after.rules: Configuration file for ufw.
- /etc/ufw/sysctl.conf: Configuration file for ufw.
- firewalld: Dynamic Firewall Manager. Command-line utility for configuring the Linux kernel firewall without requiring a restart.
- /etc/firewalld: Directory that contains firewalld configuration files.
- /etc/firewalld/firewalld.conf: Configuration file for firewalld.
- /etc/firewalld/zones: Directory that contains firewalld zone configuration files.
- /etc/firewalld/services: Directory that contains firewalld service configuration files.
- /etc/firewalld/icmptypes: Directory that contains firewalld ICMP type configuration files.
- /etc/firewalld/richrules: Directory that contains firewalld rich rule configuration files.
- /etc/firewalld/direct.xml: Configuration file for firewalld.
- firewall-cmd: Command-line utility for firewalld.
- --get-zones: Get firewalld zones.
- --get-services: Get firewalld services.
- --get-active-zones: Get active firewalld zones.
- --get-default-zone: Get the default firewalld zone.
- --get-icmptypes: Get firewalld ICMP types.
- --get-rich-rules: Get firewalld rich rules.
- --get-log-denied: Get firewalld log denied.
- --get-logging: Get firewalld logging.
- --get-nflog-group: Get firewalld nflog group.
- --get-nflog-prefix: Get firewalld nflog prefix.
- --get-nflog-range: Get firewalld nflog range.
- --get-nflog-threshold: Get firewalld nflog threshold.
- --get-nflog-size: Get firewalld nflog size.
- --get-nflog-numeric: Get firewalld nflog numeric.
- --get-nflog-reset: Get firewalld nflog reset.
- firewall-offline-cmd: Command-line utility for firewalld.
- firewall-config: Graphical utility for firewalld.
- DenyHost: Intrusion prevention software.
- /etc/denyhosts.conf: Configuration file for DenyHost.
- ADMIN_EMAIL: Email address for DenyHost notifications.
- SMTP_HOST: SMTP server for DenyHost notifications.
- SMTP_PORT: SMTP port for DenyHost notifications.
- SMTP_FROM: Email address for DenyHost notifications.
- SMTP_SUBJECT: Subject line for DenyHost notifications.
- SMTP_USERNAME: SMTP username for DenyHost notifications.
- SMTP_PASSWORD: SMTP password for DenyHost notifications.
- BLOCK_SERVICE: Service to block for DenyHost.
- DENY_THRESHOLD_INVALID: Invalid login threshold for DenyHost.
- DENY_THRESHOLD_VALID: Valid login threshold for DenyHost.
- DENY_THRESHOLD_ROOT: Root login threshold for DenyHost.
- DENY_THRESHOLD_RESTRICTED: Restricted login threshold for DenyHost.
- DENY_THRESHOLD_ROOT_RESTRICTED: Root restricted login threshold for DenyHost.
- DENY_THRESHOLD_UNKNOWN: Unknown login threshold for DenyHost.
- DENY_THRESHOLD_VALID_FROM_SAME_IP: Valid login from the same IP threshold for DenyHost.
- DENY_THRESHOLD_ROOT_FROM_SAME_IP: Root login from the same IP threshold for DenyHost.
- DENY_THRESHOLD_RESTRICTED_FROM_SAME_IP: Restricted login from the same IP threshold for DenyHost.
- DENY_THRESHOLD_ROOT_RESTRICTED_FROM_SAME_IP: Root restricted login from the same IP threshold for DenyHost.
- DENY_THRESHOLD_UNKNOWN_FROM_SAME_IP: Unknown login from the same IP threshold for DenyHost.
- DENY_THRESHOLD_ROOT_RESTRICTED: Root restricted login threshold for DenyHost.
- ADMIN_EMAIL: Email address for DenyHost notifications.
- /etc/hosts.deny: Configuration file for DenyHost.
- /var/log/denyhosts: Log file for DenyHost.
- /etc/denyhosts.conf: Configuration file for DenyHost.
- (fail2ban) Fail2Ban: Intrusion prevention software.
- /etc/fail2ban/jail.conf: Configuration file for Fail2Ban.
- [DEFAULT]: Default section for Fail2Ban.
- ignoreip: IP addresses to ignore for Fail2Ban.
- bantime: Ban time for Fail2Ban.
- findtime: Find time for Fail2Ban.
- maxretry: Maximum retries for Fail2Ban.
- backend: Backend for Fail2Ban.
- usedns: Use DNS for Fail2Ban.
- destemail: Destination email for Fail2Ban.
- sender: Sender for Fail2Ban.
- mta: Mail transfer agent for Fail2Ban.
- protocol: Protocol for Fail2Ban.
- chain: Chain for Fail2Ban.
- action: Action for Fail2Ban.
- banaction: Ban action for Fail2Ban.
- bantime: Ban time for Fail2Ban.
- findtime: Find time for Fail2Ban.
- maxretry: Maximum retries for Fail2Ban.
- backend: Backend for Fail2Ban.
- usedns: Use DNS for Fail2Ban.
- destemail: Destination email for Fail2Ban.
- sender: Sender for Fail2Ban.
- mta: Mail transfer agent for Fail2Ban.
- protocol: Protocol for Fail2Ban.
- chain: Chain for Fail2Ban.
- action: Action for Fail2Ban.
- banaction: Ban action for Fail2Ban.
- [sshd]: SSHD section for Fail2Ban.
- enabled: Enable SSHD for Fail2Ban.
- port: Port for SSHD for Fail2Ban.
- filter: Filter for SSHD for Fail2Ban.
- logpath: Log path for SSHD for Fail2Ban.
- maxretry: Maximum retries for SSHD for Fail2Ban.
- findtime: Find time for SSHD for Fail2Ban.
- bantime: Ban time for SSHD for Fail2Ban.
- action: Action for SSHD for Fail2Ban.
- banaction: Ban action for SSHD for Fail2Ban.
- [apache]: Apache section for Fail2Ban.
- enabled: Enable Apache for Fail2Ban.
- [DEFAULT]: Default section for Fail2Ban.
- fail2ban-client: Fail2Ban command-line client. Manages Fail2Ban configuration.
- fail2ban-server: Fail2Ban server. Monitors log files and bans malicious IP addresses.
- sealert: SELinux alert browser. Displays detailed information about SELinux alerts.
- semanage: SELinux policy management tool. Manages SELinux policy.
- setenforce: Set the enforcing mode of SELinux.
- getenforce: Get the enforcing mode of SELinux.
- restorecon: Restore the SELinux context of files.
- chcon: Change the SELinux context of files.
- audit2allow: Generate SELinux policy modules.
- RuleName.pp: SELinux policy module. Policy package file.
- RuleName.te: SELinux policy module. Type engorcement file.
- audit2why: Explain SELinux audit messages.
- auditd: Audit daemon. Collects and logs SELinux audit messages.
- ls-Z: List SELinux context of files.
- ps-Z: List SELinux context of processes.
- runcon: Run a command in a specific SELinux context.
newrole: Change to a new SELinux role.
/etc/fail2ban: Directory that contains fail2ban configuration files.
/etc/fail2ban: Directory that contains fail2ban configuration files.
(LUKS) Linux Unified Key Setup: Disk encryption.
cryptsetup luksFormat /dev/sda1: Encrypt a partition.cryptsetup luksOpen /dev/sda1 my_encrypted_partition: Open an encrypted partition.cryptsetup luksClose my_encrypted_partition: Close an encrypted partition.cryptsetup luksDump /dev/sda1: Display information about an encrypted partition.cryptsetup luksAddKey /dev/sda1: Add a key to an encrypted partition.cryptsetup luksRemoveKey /dev/sda1: Remove a key from an encrypted partition.cryptsetup luksChangeKey /dev/sda1: Change a key on an encrypted partition.cryptsetup luksKillSlot /dev/sda1: Remove a key slot from an encrypted partition.
(GPG) GNU Privacy Guard: Encrypts and signs data.
gpg --gen-key: Generate a new key pair.gpg --list-keys: List public keys.gpg --list-secret-keys: List private keys.gpg --delete-secret-keys: Delete a key pair.
shred: Securely delete files.
shred file1: Securely delete a file.shred -n 3 file1: Securely delete a file three times.shred -u file1: Securely delete a file and remove it.shred -v file1: Securely delete a file and show progress.
(openssl) Open Secure Socket Layer: Secure communication.
openssl genrsa -out key.pem 2048: Generate a private key.openssl req -new -key key.pem -out csr.pem: Generate a certificate signing request.openssl x509 -req -in csr.pem -signkey key.pem -out cert.pem: Generate a self-signed certificate.openssl pkcs12 -export -in cert.pem -inkey key.pem -out cert.p12: Generate a PKCS#12 certificate.openssl s_client -connect example.com:443: Connect to a secure server.openssl s_server -key key.pem -cert cert.pem -accept 443: Start a secure server.
(ssh) Secure Shell
Secure Shell (SSH) is a cryptographic network protocol for secure communication and remote management of servers. It allows users to log in to remote machines, execute commands, and transfer files securely.
Basic Commands and Usage
Generate an SSH Key Pair:
Command:
ssh-keygen -t rsa -b 2048 -f keyDescription: Creates a 2048-bit RSA key pair for secure authentication.
-t rsa: Specifies the key type.-b 2048: Sets the key size to 2048 bits.-f key: Defines the output filename (e.g.,keyfor private andkey.pubfor public).
Copy an SSH Key to a Remote Host:
Command:
ssh-copy-id -i id_rsa.pub user@hostDescription: Installs your public key (
id_rsa.pub) on the remote server for password-less authentication.
Add Private Key Identities
Command:
ssh-add keyDescription: Adds the specified private key (
key) to the SSH agent for authentication.
Connect to a Remote Host with an SSH Key:
Command:
ssh -i key user@hostDescription: Establishes an SSH connection to a remote host using the specified private key (
key).
Tunneling with SSH
Create an SSH Tunnel:
Command:
ssh -L 8080:localhost:80 user@hostDescription: Forwards port
8080on your local machine to port80on the remote host.- Useful for accessing web servers or other services running on the remote host through your local machine.
Create a Reverse SSH Tunnel:
Command:
ssh -R 8080:localhost:80 user@hostDescription: Forwards port
8080on the remote host to port80on your local machine.- Useful when accessing a service on your local machine from the remote host.
Create a Dynamic SSH Tunnel:
Command:
ssh -D 8080 user@hostDescription: Sets up a SOCKS proxy on port
8080on your local machine.- Useful for routing browser traffic securely through the SSH tunnel.
File Transfer with SSH
Securely Copy Files to a Remote Host (SCP):
Command:
scp file1 user@host:/pathDescription: Transfers
file1from your local machine to the specified directory (/path) on the remote host.
Secure File Transfer Protocol (SFTP):
Command:
sftp user@hostDescription: Provides an interactive interface for transferring files between your local machine and the remote host securely.
Practical Examples
Generate an RSA key pair:
ssh-keygen -t rsa -b 2048 -f mykeyCopy your public key to a server:
ssh-copy-id -i mykey.pub [email protected]Add the private key to the SSH agent:
ssh-add mykeySSH into the server with the private key:
ssh -i mykey [email protected]Forward a web server on the remote host:
ssh -L 8080:localhost:80 [email protected]Transfer a file securely:
scp report.pdf [email protected]:/home/alex/documentsSet up a SOCKS proxy:
ssh -D 8080 [email protected] -N
- TCP Wrapper: Provides access control for network services.
- /etc/hosts.allow: Configuration file for TCP Wrapper. Allows access to services.
- /etc/hosts.deny: Configuration file for TCP Wrapper. Denies access to services.
To disable Ctrl+Alt+Del on Linux, you can modify the system configuration to prevent this key combination from triggering a system reboot. Here's how to do it:
- For Systemd-based systems (e.g., Ubuntu, Debian, CentOS, etc.):
- Open the ctrl-alt-del configuration file:
sudo systemctl edit ctrl-alt-del.target
- Mask the target: Add the following lines in the editor:
[Unit]
Description=Mask Ctrl+Alt+Del Reboot
RefuseManualStart=yes
RefuseManualStop=yes
Save and exit:
- Press Ctrl+O, then Enter to save.
- Press Ctrl+X to exit.
- Reload the systemctl daemon:
sudo systemctl daemon-reexec
- Verify the configuration:
sudo systemctl status ctrl-alt-del.target
It should show as "masked".
Banner: A message displayed before the login prompt.
- /etc/issue: Banner displayed before the login prompt.
- /etc/issue.net: Banner displayed before the login prompt for remote connections.
- /etc/motd: Message displayed after login.
- /etc/ssh/banner: Banner displayed before SSH login.
Logging and Monitoring
syslog: System logging daemon. Collects and logs system messages.
- /etc/syslog.conf: Configuration file for syslog.
- /etc/rsyslog.conf: Configuration file for rsyslog.
- /var/log/messages: Log file for system messages.
- /var/log/syslog: Log file for system messages.
- /var/log/auth.log: Log file for authentication messages.
- /var/log/secure: Log file for security messages.
- /var/log/maillog: Log file for mail messages.
- /var/log/cron: Log file for cron messages.
- /var/log/boot.log: Log file for boot messages.
- /var/log/kern.log: Log file for kernel messages.
- /var/log/dmesg: Log file for kernel messages.
- /var/log/lastlog: Log file for last login information.
- /var/log/wtmp: Log file for login records.
- /var/log/btmp: Log file for failed login attempts.
- /var/log/utmp: Log file for current login information.
- /var/log/[application]: Log file for application messages.
- logger: Command-line utility for logging messages.
-p: Priority level.-t: Tag.-f: File.-i: ID.-u: Socket.-P: Port.-n: Network.-d: Debug.-s: Size.-r: Remote.-T: Timestamp.-h: Host.-m: Message.-w: Wait.-v: Verbose.-k: Secure.-a: Append.-b: Batch.-c: Count.-e: Exit.-l: Level.-o: Output.-q: Quiet.-x: Hex.-z: Zero.-A: Address.-B: Buffer.-C: Command.-D: Directory.-E: Escape.-F: Facility.-G: Group.-H: Header.-I: Interval-J: Journal.
journalctl: Query and display messages from the systemd journal.
-b: Show messages from the current boot.-u: Show messages from a specific unit.-f: Follow messages in real-time.-n: Show the last N lines.-p: Show messages with a specific priority.-r: Reverse the output.-o: Output format.-k: Show kernel messages.-x: Show messages in a concise format.-t: Show messages with a specific tag.-S: Show messages since a specific time.-U: Show messages until a specific time.-M: Show messages from a specific machine.-a: Show all messages.-c: Show messages from a specific catalog.-l: Show messages with long lines.-i: Show messages with a specific identifier.-m: Show messages with a specific message ID.-q: Show messages with a specific message ID.-e: Show messages with a specific message ID.-g: Show messages with a specific message ID.-h: Show messages with a specific message ID.-j: Show messages with a specific message ID.-n: Show messages with a specific message ID.-o: Show messages with a specific message ID.-p: Show messages with a specific message ID.-r: Show messages with a specific message ID.-s: Show messages with a specific message ID.-t: Show messages with a specific message ID.-u: Show messages with a specific message ID.-v: Show messages with a specific message ID.-w: Show messages with a specific message ID.-x: Show messages with a specific message ID.-y: Show messages with a specific message ID.-z: Show messages with a specific message ID.-A: Show messages with a specific message ID.-B: Show messages with a specific message ID.-C: Show messages with a specific message ID.-D: Show messages with a specific message ID.-E: Show messages with a specific message ID.-F: Show messages with a specific message ID
logrotate: Rotates, compresses, and archives log files.
- /etc/logrotate.conf: Configuration file for logrotate.
- /etc/logrotate.d: Directory that contains logrotate configuration files.
- /var/lib/logrotate/status: Logrotate status file.
- /var/log/logrotate: Logrotate log file.
- /var/log/messages: Log file for logrotate messages.
- /var/log/syslog: Log file for logrotate messages.
- /var/log/auth.log: Log file for logrotate messages.
- /var/log/secure: Log file for logrotate messages.
- /var/log/maillog: Log file for logrotate messages.
- /var/log/cron: Log file for logrotate messages.
- /var/log/boot.log: Log file for logrotate messages.
- /var/log/kern.log: Log file for logrotate messages.
- /var/log/dmesg: Log file for logrotate messages.
- /var/log/lastlog: Log file for logrotate messages.
- /var/log/wtmp: Log file for logrotate messages.
- /var/log/btmp: Log file for logrotate messages.
- /var/log/utmp: Log file for logrotate messages.
- logwatch: Log analysis and reporting tool.
- logcheck: Log analysis and reporting tool.
- rsyslog: Enhanced system logging daemon.
- auditd: Audit daemon. Collects and logs security messages.
- auditctl: Audit control command. Manages audit rules.
- ausearch: Audit search command. Searches audit logs.
- aureport: Audit report command. Generates audit reports.
- autrace: Audit trace command. Traces system calls.
- auparse: Audit parse command. Parses audit logs.
- audit.rules: Audit rules file. Contains audit rules.
- /etc/audit/auditd.conf: Configuration file for auditd.
- /etc/audit/audit.rules: Configuration file for audit rules.
- /var/log/audit/audit.log: Log file for audit messages.
- /var/log/audit/audit.rules: Log file for audit rules.
/var/log/audit/audit.rules.d: Directory that contains audit rules files.
- syslog-ng: Enhanced system logging daemon.
- logstash: Log data processing pipeline.
- fluentd: Log data collector.
- graylog: Log management platform.
- splunk: Log analysis and monitoring tool.
- kibana: Data visualization tool.
- grafana: Data visualization tool.
- prometheus: Monitoring and alerting toolkit.
- telegraf: Agent for collecting metrics.
- influxdb: Time-series database.
elasticsearch: Distributed search and analytics engine.
- last: Show last logins.
- lastb: Show last failed logins.
- lastlog: Show last login information.
- utmpdump: Dump UTMP file.
- wtmpdump: Dump WTMP file.
- ac: Show connect time.
- acpid: Advanced Configuration and Power Interface daemon.
- apmd: Advanced Power Management daemon.
- atd: Job scheduler daemon.
Bash Scripting
Shebang: Specifies the interpreter for the script.
#!/bin/bash: Use the Bash interpreter.#!/bin/sh: Use the Bourne shell interpreter.#!/bin/zsh: Use the Z shell interpreter.#!/bin/dash: Use the Debian Almquist shell interpreter.#!/bin/ksh: Use the Korn shell interpreter.#!/bin/csh: Use the C shell interpreter.#!/bin/tcsh: Use the TENEX C shell interpreter.
Variables: Store and manipulate data.
variable=value: Assign a value to a variable.echo $variable: Print the value of a variable.export variable: Export a variable to the environment.unset variable: Unset a variable.readonly variable: Make a variable read-only.readonly -p: List read-only variables.readonly -f: List read-only functions.
Environment Variables: Predefined variables.
$HOME: Home directory.$PATH: Search path for executables.$PWD: Present working directory.$USER: Username.$SHELL: Shell.$TERM: Terminal type.$EDITOR: Default text editor.$LANG: Default language.$LC_ALL: Default locale.$TZ: Timezone.$HOSTNAME: Hostname.$PS1: Primary prompt.$PS2: Secondary prompt.$PS3: Select prompt.$PS4: Debug prompt.$IFS: Internal field separator.$RANDOM: Random number.$UID: User ID.$EUID: Effective user ID.$GID: Group ID.$EGID: Effective group ID.$PPID: Parent process ID.$BASH_VERSION: Bash version.$BASH: Bash path.$BASH_ENV: Bash environment file.$BASH_VERSINFO: Bash version information.$BASH_SOURCE: Bash source file.$BASH_SUBSHELL: Bash subshell level.$BASH_ALIASES: Bash aliases.$BASH_ARGC: Bash argument count.$BASH_ARGV: Bash argument vector.$BASH_LINENO: Bash line number.$BASH_REMATCH: Bash regular expression match.$BASH_EXECUTION_STRING: Bash execution string.$BASH_COMMAND: Bash command- local configuration: /etc/locale.conf
- user configuration: ~/.bashrc
- system configuration: /etc/bash.bashrc
- global configuration: /etc/profile
- user configuration: ~/.bash_profile
- LC_*={locale}: Colletion of Localization Environment Variables for the system. Used to set the locale for the system.
- LANG={locale}: Default locale for the system. Used to set the default locale for the system.
- LANGUAGE={locale}: Language preference for the system. Used to set the language preference for the system.
- LC_ALL={locale}: Override for all locale settings. Used to override all locale settings.
- TZ={timezone}: Timezone for the system. Used to set the timezone for the system.
- PS1={prompt}: Primary prompt for the shell. Used to set the primary prompt for the shell.
- env: Display environment variables.
- printenv: Display environment variables.
- set: Display shell variables.
- export: Export environment variables.
- unset: Unset environment variables.
- readonly: Make variables read-only.
- declare: Declare variables.
- local: Declare local variables.
- typeset: Declare variables.
- read: Read input from the user.
- shift: Shift positional parameters.
source: Execute a script.
- HISTFILESIZE: Maximum number of lines in the history file.
- HISTSIZE: Maximum number of commands in the history.
- HISTCONTROL: Control how commands are saved in the history.
- HISTIGNORE: Ignore commands in the history.
- HISTTIMEFORMAT: Format for displaying the history timestamp.
HISTFILE: History file location.
- alias: Create an alias for a command.
unalias: Remove an alias.
Comments: Add comments to scripts.
# comment: Single-line comment.: 'comment': Multi-line comment.<<'EOF': Here document start.EOF: Here document end.
Quotes: Preserve whitespace and special characters.
echo "message": Print a message.echo 'message': Print a message.echo "Hello, $USER!": Print a message with a variable.echo 'Hello, $USER!': Print a message without a variable.echo "Hello, \$USER!": Print a message with an escaped variable.echo "Hello, ${USER}!": Print a message with a variable in braces.echo "Hello, $(whoami)!": Print a message with command substitution.echo "Hello,whoami!": Print a message with command substitution.echo "Hello, $((2+2))!": Print a message with arithmetic expansion.echo "Hello, $[2+2]!": Print a message with arithmetic expansion.echo "Hello, $USER"!: Print a message with a variable and punctuation.echo "Hello, $USER!": Print a message with a variable and an exclamation mark.echo "Hello, $USER!": Print a message with a variable and double quotes.echo 'Hello, $USER!': Print a message with a variable and single quotes.echo "Hello, $USER!": Print a message with a variable and escaped quotes.echo "Hello, $USER!": Print a message with a variable and nested quotes.echo "Hello, $USER!": Print a message with a variable and backticks.echo "Hello, $USER!": Print a message with a variable and double quotes.echo "Hello, $USER!": Print a message with a variable and single quotes.echo "Hello, $USER!": Print a message with a variable and escaped quotes.echo "Hello, $USER!": Print a message with a variable and nested quotes.echo "Hello, $USER!": Print a message with a variable and backticks.
Special Variables: Predefined variables.
$0: Script name.$1,$2, ...: Positional parameters.$@: All positional parameters.$#: Number of positional parameters.$?: Exit status of the last command.$$: Process ID of the script.$!: Process ID of the last background command.$USER: Username of the user running the script.$HOME: Home directory of the user running the script.$PWD: Current working directory.$SHELL: Shell of the user running the script.$HOSTNAME: Hostname of the machine.$RANDOM: Random number.$LINENO: Current line number.
Arithmetic: Perform mathematical operations.
((expression)): Evaluate an arithmetic expression.let variable=expression: Assign the result of an expression to a variable.((variable++)): Increment a variable.((variable--)): Decrement a variable.((variable+=value)): Add a value to a variable.((variable-=value)): Subtract a value from a variable.((variable*=value)): Multiply a variable by a value.((variable/=value)): Divide a variable by a value.((variable%=value)): Get the remainder of a variable divided by a value.
Conditional Expressions: Make decisions based on conditions.
- `if condition; then commands; fi`: Execute commands if a condition is true. - `if condition; then commands; else other_commands; fi`: Execute commands based on a condition. - `if condition; then commands; elif other_condition; then other_commands; else more_commands; fi`: Execute commands based on multiple conditions. - `[[ expression ]]`: Evaluate an expression. - `[[ -e file ]]`: Check if a file exists. - `[[ -f file ]]`: Check if a file is a regular file. - `[[ -d file ]]`: Check if a file is a directory. - `[[ -r file ]]`: Check if a file is readable. - `[[ -w file ]]`: Check if a file is writable. - `[[ -x file ]]`: Check if a file is executable. - `[[ -z string ]]`: Check if a string is empty. - `[[ -n string ]]`: Check if a string is not empty. - `[[ string1 == string2 ]]`: Check if two strings are equal. - `[[ string1 != string2 ]]`: Check if two strings are not equal. - `[[ n1 -eq n2 ]]`: Check if two numbers are equal. - `[[ n1 -ne n2 ]]`: Check if two numbers are not equal. - `[[ n1 -lt n2 ]]`: Check if n1 is less than n2. - `[[ n1 -le n2 ]]`: Check if n1 is less than or equal to n2. - `[[ n1 -gt n2 ]]`: Check if n1 is greater than n2. - `[[ n1 -ge n2 ]]`: Check if n1 is greater than or equal to n2. - `[[ !condition ]]`: Negate a condition. - `[[ condition1 && condition2 ]]`: Check if both conditions are true. - `[[ condition1 || condition2 ]]`: Check if either condition is true. - `(("$a" < "$b"))`: Compare two numbers. - `(("$a" <= "$b"))`: Compare two numbers. - `(("$a" > "$b"))`: Compare two numbers. - `(("$a" >= "$b"))`: Compare two numbers. - `(("$a" == "$b"))`: Compare two numbers. - `(("$a" != "$b"))`: Compare two numbers.String Manipulation: Modify and extract strings.
- `variable="string"`: Assign a string to a variable. - `echo ${#variable}`: Get the length of a string. - `echo ${variable:position:length}`: Extract a substring. - `echo ${variable#pattern}`: Remove the shortest match from the beginning. - `echo ${variable##pattern}`: Remove the longest match from the beginning. - `echo ${variable%pattern}`: Remove the shortest match from the end. - `echo ${variable%%pattern}`: Remove the longest match from the end. - `echo ${variable/pattern/replacement}`: Replace the first match. - `echo ${variable//pattern/replacement}`: Replace all matches. - `echo ${variable^}`: Uppercase the first character. - `echo ${variable^^}`: Uppercase all characters. - `echo ${variable,}`: Lowercase the first character. - `echo ${variable,,}`: Lowercase all characters.Arrays: Store multiple values.
array=(value1 value2 value3): Create an array.echo ${array[0]}: Print the first element of an array.echo ${array[@]}: Print all elements of an array.echo ${#array[@]}: Print the length of an array.unset array[1]: Unset an element of an array.unset array: Unset an array.array+=(value4): Append an element to an array.array=( "${array[@]}" "value5" ): Append an element to an array.array=( "${array[@]:0:2}" ): Slice an array.array=( "${array[@]:1}" ): Slice an array.array=( "${array[@]/pattern/replacement}" ): Replace elements in an array.array=( $(command) ): Assign the output of a command to an array.
Functions: Group commands for reuse.
function_name() { commands }: Define a function.function_name: Call a function.return value: Return a value from a function.local variable=value: Define a local variable in a function.unset -f function_name: Unset a function.declare -f: List defined functions.declare -F: List function names.declare -i: Declare an integer variable.
Loops: Repeat commands.
for variable in list; do commands; done: Iterate over a list.while condition; do commands; done: Execute commands while a condition is true.until condition; do commands; done: Execute commands until a condition is true.break: Exit a loop.continue: Skip the current iteration.select variable in list; do commands; done: Create a menu.case variable in pattern1) commands;; pattern2) commands;; esac: Execute commands based on a pattern.getopts options variable: Parse command-line options.shift: Shift command-line arguments.shopt -s extglob: Enable extended globbing.
Input/Output: Read and write data.
read variable: Read input from the user.echo "message" > file: Write output to a file.echo "message" >> file: Append output to a file.cat file: Display the contents of a file.wc -l file: Count lines in a file.grep pattern file: Search for a pattern in a file.sed 's/old/new/' file: Replace text in a file.awk '{print $1}' file: Extract columns from a file.
Error Handling: Handle errors.
set -e: Exit on error.set +e: Continue on error.trap 'command' signal: Execute a command when a signal is received.exit status: Return a status code.
File Manipulation: Manage files and directories.
touch file: Create an empty file.rm file: Remove a file.rm -r directory: Remove a directory.cp file1 file2: Copy a file.cp -r directory1 directory2: Copy a directory.mv file1 file2: Move a file.mv directory1 directory2: Move a directory.ln -s target link: Create a symbolic link.ln target link: Create a hard link.mkdir directory: Create a directory.rmdir directory: Remove an empty directory.chmod permissions file: Change file permissions.chown user:group file: Change file ownership.chown -R user:group directory: Change directory ownership.find directory -name pattern: Find files by name.find directory -type type: Find files by type.find directory -size size: Find files by size.find directory -exec command {} \;: Execute a command on files.find directory -delete: Delete files.grep pattern file: Search for a pattern in a file.grep -r pattern directory: Search for a pattern in files.grep -v pattern file: Invert the match.grep -i pattern file: Ignore case.grep -n pattern file: Show line numbers.grep -c pattern file: Count matches.grep -l pattern file: List files with matches.sed 's/old/new/' file: Replace text in a file.sed -i 's/old/new/' file: Replace text in a file.awk '{print $1}' file: Extract columns from a file.awk '{print $NF}' file: Extract the last column.awk '{print NF}' file: Count columns.awk '/pattern/' file: Search for a pattern.awk '/pattern/ {print $1}' file: Extract columns with a pattern.awk 'NR==1' file: Extract the first line.awk 'NR==2' file: Extract the second line.
Command Substitution: Execute commands and use the output.
$(command): Execute a command and use the output.variable=$(command): Assign the output of a command to a variable.
Redirection: Redirect input and output.
command > file: Redirect output to a file.command >> file: Append output to a file.command < file: Redirect input from a file.command1 | command2: Pipe output to another command.command &> file: Redirect both stdout and stderr to a file.command1 2>&1 | command2: Pipe stdout and stderr to another command.command > file 2>&1: Redirect stdout and stderr to a file.command > /dev/null: Discard output.command 2> /dev/null: Discard errors.command &> /dev/null: Discard output and errors.
Exit Status: Return a status code.
$?: Get the exit status of the last command.exit status: Return a status code.
Positional Parameters: Access command-line arguments.
$0: Script name.$1,$2, ...: Positional parameters.$@: All positional parameters.$#: Number of positional parameters.$*: All positional parameters as a single string.shift: Shift positional parameters.set --: Clear positional parameters.set value: Set positional parameters.shift n: Shift n positional parameters.example:
#!/bin/bash echo "Script name: $0" echo "First argument: $1" echo "Second argument: $2" echo "All arguments: $@" echo "Number of arguments: $#"exec: Replace the current process with a new process.
exec command: Execute a command.exec < file: Redirect stdin from a file.exec > file: Redirect stdout to a file.exec 2> file: Redirect stderr to a file.exec &> file: Redirect stdout and stderr to a file.exec 2>&1: Redirect stderr to stdout.exec 3< file: Open file for reading on file descriptor 3.exec 4> file: Open file for writing on file descriptor 4.exec 5<> file: Open file for reading and writing on file descriptor 5.exec 6>&1: Duplicate stdout to file descriptor 6.exec 7>&-: Close file descriptor 7.
trap: Execute a command when a signal is received.
trap 'command' signal: Execute a command when a signal is received.trap - signal: Reset the action for a signal.trap 'command' EXIT: Execute a command when the script exits.trap 'command' ERR: Execute a command when an error occurs.trap 'command' INT: Execute a command when interrupted.trap 'command' TERM: Execute a command when terminated.trap 'command' HUP: Execute a command
Signals: Notify a process of an event.
SIGHUP: Hangup.SIGINT: Interrupt.SIGQUIT: Quit.SIGILL: Illegal instruction.SIGTRAP: Trace/breakpoint trap.SIGABRT: Abort.SIGBUS: Bus error.SIGFPE: Floating point exception.SIGKILL: Kill.SIGUSR1: User-defined signal 1.SIGSEGV: Segmentation fault.SIGUSR2: User-defined signal 2.SIGPIPE: Broken pipe.SIGALRM: Alarm clock.SIGTERM: Termination.SIGSTKFLT: Stack fault.SIGCHLD: Child status has changed.
Debugging: Troubleshoot scripts.
set -x: Enable debugging mode.set +x: Disable debugging mode.set -e: Exit on error.set +e: Continue on error.set -u: Treat unset variables as errors.set +u: Treat unset variables as normal.
Search:
*: Match zero or more characters.?: Match any single character.[...]: Match any character in the set.[^...]: Match any character not in the set.[:class:]: Match any character in the class.[^:class:]: Match any character not in the class.?(): Match zero or one occurrence.*(): Match zero or more occurrences.+(): Match one or more occurrences.@(): Match one occurrence.!(pattern): Match anything except the pattern.Regex: Search for patterns in text.
.: Match any character.^: Match the start of a line.$: Match the end of a line.[]: Match any character in the set.[^]: Match any character not in the set.*: Match zero or more occurrences.+: Match one or more occurrences.?: Match zero or one occurrence.(): Group expressions.|: Alternation.\: Escape special characters.\b: Word boundary.\B: Not a word boundary.\d: Digit.\D: Not a digit.\s: Whitespace.\S: Not whitespace.\w: Word character.\W: Not a word character.\1: Backreference.(?i): Case-insensitive.(?s): Dot matches newline.(?m): Multi-line mode.(?x): Extended mode.(?=): Positive lookahead.(?!): Negative lookahead.(?<=): Positive lookbehind.(?<!): Negative lookbehind.(?#): Comment.
Sandbox applications: Isolate applications in a secure environment.
- snapd: Package manager for snaps.
- flatpak: Package manager for Flatpaks.
- appimage: Package format for portable applications.
- chroot: Change the root directory for a process.
- firejail: Sandboxing tool for Linux.
- bubblewrap: Unprivileged sandboxing tool.
- docker: Containerization platform.
- podman: Containerization tool.
- lxc: Linux Containers.
- lxd: Container management tool.
- systemd-nspawn: Container management tool.
- singularity: Container platform for HPC.
- kata: Lightweight virtual machines.
- qemu: Virtualization platform.
- virt-manager: Virtual machine manager.
- libvirt: Virtualization API.
- vagrant: Development environment manager.
- packer: Image builder.
- vagrant-libvirt: Vagrant provider for libvirt.
- vagrant-virtualbox: Vagrant provider for VirtualBox.
- vagrant-vmware: Vagrant provider for VMware.
- vagrant-aws: Vagrant provider for AWS.
- vagrant-azure: Vagrant provider for Azure.
- vagrant-digitalocean: Vagrant provider for DigitalOcean.
- vagrant-google: Vagrant provider for Google Cloud.
- vagrant-hyperv: Vagrant provider for Hyper-V.
- vagrant-libvirt: Vagrant provider for libvirt.
- vagrant-lxc: Vagrant provider for LXC.
- vagrant-parallels: Vagrant provider for Parallels.
- vagrant-vmware: Vagrant provider for VMware.
- vagrant-virtualbox: Vagrant provider for VirtualBox.
- vagrant-winrm: Vagrant plugin for WinRM.
- vagrant-sshfs: Vagrant plugin for SSHFS.
- vagrant-scp: Vagrant plugin for SCP.
- vagrant-share: Vagrant plugin for sharing.
- vagrant-proxyconf: Vagrant plugin for proxy configuration.
- vagrant-omnibus: Vagrant plugin for Omnibus.
- vagrant-berkshelf: Vagrant plugin for Berkshelf.
- vagrant-cachier: Vagrant plugin for caching.
- vagrant-vbguest: Vagrant
Saltstack: Configuration management and orchestration tool (Python).
- salt-master: Salt master daemon.
- salt-minion: Salt minion daemon.
- salt-ssh: Salt SSH client.
- salt-call: Salt local client.
- salt-cloud: Salt cloud client.
- salt-api: Salt API daemon.
- salt-syndic: Salt syndic daemon.
- salt-key: Salt key manager.
- salt-run: Salt runner.
- salt-cp: Salt file copy client.
- salt: Salt command-line tool.
- salt-unity: Salt Unity client.
- salt-unity-runner: Salt Unity runner.
- salt-unity-ssh: Salt Unity SSH client.
- salt-unity-ssh-runner: Salt Unity SSH runner.
- salt-unity-ssh-key: Salt Unity SSH key manager.
- salt-unity-ssh-key-runner: Salt Unity SSH key runner.
- salt-unity-ssh-key-manager: Salt Unity SSH key manager.
- salt-unity-ssh-key-manager-runner: Salt Unity SSH key manager runner.
- salt-unity-ssh-key-manager-ssh: Salt Unity SSH key manager SSH client.
- salt-unity-ssh-key-manager-ssh-runner: Salt Unity SSH key manager SSH runner.
- salt-unity-ssh-key-manager-ssh-key: Salt Unity SSH key manager SSH key manager.
- salt-unity-ssh-key-manager-ssh-key-runner: Salt Unity SSH key manager SSH key runner.
- salt-unity-ssh-key-manager-ssh-key-manager: Salt Unity SSH key manager SSH key manager.
- salt-unity-ssh-key-manager-ssh-key-manager-runner: Salt Unity SSH key manager SSH key manager runner.
- salt-unity-ssh-key-manager-ssh-key-manager-ssh: Salt Unity SSH key manager SSH key manager SSH client.
- salt-unity-ssh-key-manager-ssh-key-manager-ssh-runner: Salt Unity SSH key manager SSH key manager SSH runner.
- salt-unity-ssh-key-manager-ssh-key-manager-ssh-key: Salt Unity SSH key manager SSH key manager SSH key manager.
- salt-unity-ssh-key-manager-ssh-key-manager-ssh-key-runner: Salt Unity SSH key manager SSH key manager SSH
iproute2 (or "ip" suite)
- What It Is: A collection of utilities that manage and monitor IP addresses, network interfaces, routing tables, tunnels, and more in Linux systems. It replaces the older
net-tools(if you've seenifconfig,netstat, etc.). - Key Capabilities:
- Configure interfaces and IP addresses (
ip addr) - Manage routing tables (
ip route) - Set up tunnels like GRE or VXLAN (
ip tunnel) - Manipulate neighbor ARP tables (
ip neigh)
- Configure interfaces and IP addresses (
- Why It's Useful: Offers a more modern, unified, and extensible approach to network configuration compared to older tools.
- What It Is: A collection of utilities that manage and monitor IP addresses, network interfaces, routing tables, tunnels, and more in Linux systems. It replaces the older
Traffic Control (tc)
- What It Is: A utility (part of the iproute2 package) that enables you to shape, schedule, police, and prioritize network traffic on Linux.
- Key Capabilities:
- Rate-limiting or bandwidth throttling (e.g., capping an interface at 10 Mbps)
- Implementing QoS (Quality of Service) policies and priority queues
- Policing (dropping packets that exceed a set threshold)
- Why It's Useful: Helps in network performance tuning. For instance, if you're on a server that needs to give priority to certain traffic (like VoIP),
tccan enforce those rules so everything runs smoothly.
Devlink
- What It Is: A newer framework for interfacing with and configuring certain network devices, primarily high-speed networking or specialized hardware (like some NICs and switches).
- Key Capabilities:
- Exposes hardware or driver parameters that aren't available through the standard Linux network stack.
- Can configure advanced networking features or firmware-level settings that the usual
iporethtoolcommands might not touch.
- Why It's Useful: Allows more granular control and insights into specialized NICs (such as those with offloading capabilities). Great if you're working at scale or with high-performance networks.
Together, these tools give you powerful control over how your Linux system handles networking---from basic interface management all the way up to fine-grained control of network traffic and specialized device settings. If you want to dig deeper:
- Start with
iproute2: Learn how to configure interfaces and routes using theipcommands. - Experiment with
tc: Try simple traffic shaping scenarios, like rate-limiting an interface, to see how it affects traffic flow. - Move on to
devlink: If you're working with advanced or specialized hardware,devlinkcan give you extra performance knobs to turn.
Monit
Monit is a small utility for managing and monitoring Unix systems. It can start, stop, and restart services and programs, monitor system resources, and send alerts when things go wrong. Monit is often used to ensure that critical services are running and to take action if they're not.
Here are some common tasks you can do with Monit:
Monitoring Services: Monit can check if a service is running and restart it if it's not. For example, you can monitor your web server, database, or mail server.
Monitoring System Resources: Monit can monitor system resources like CPU usage, memory, and disk space. You can set thresholds and receive alerts if they're exceeded.
Automatic Restart: Monit can automatically restart services that have stopped unexpectedly. This can help ensure that critical services are always available.
Alerting: Monit can send alerts via email or other methods when a service or resource exceeds a threshold or when an action is taken.
Configuration: Monit is configured using a simple configuration file. You can define the services you want to monitor, set thresholds, and configure actions to take.
Web Interface: Monit comes with a web interface that allows you to monitor and manage your services from a browser.
To get started with Monit, you'll need to install it on your system and create a configuration file. Here's a basic example of a Monit configuration file:
check process apache with pidfile /var/run/apache2.pid
start program = "/etc/init.d/apache2 start"
stop program = "/etc/init.d/apache2 stop"
if failed host
www.example.com port 80 protocol http
and request "/test.html"
then restartThis configuration file monitors the Apache web server process and restarts it if it fails to respond to an HTTP request. You can create similar configurations for other services and resources on your system.
Monit is a powerful tool for managing and monitoring Unix systems. It can help you ensure that critical services are running, monitor system resources, and take action when things go wrong. If you're looking for a simple and reliable way to manage your servers, Monit is worth checking out.
Inodes
ls -i: List files with inode numbers.df -i: Show inode usage.stat <file>: Show file information.find . -inum <inode>: Find a file by inode number.
Linux vs. Windows Commands
| Command Description | Windows | Linux |
|---|---|---|
| Listing of a directory | dir | ls -l |
| Rename a file | ren | mv |
| Copy a file | copy | cp |
| Move file | move | mv |
| Clear screen | cls | clear |
| Delete file | del | rm |
| Compare contents of files | fc | diff |
| Search for a word/string in a file | find | grep |
| Display command help | command /? | man command |
| Displays your location in the file system | chdir | pwd |
| Displays the time | time | date |
| Displays the date | date | date |
| Displays the contents of a file | type | cat |
| Displays the contents of a file | more | more |
| Displays the contents of a file | notepad | nano |
| Displays the contents of a file | wordpad | vim |
| Displays the contents of a file | edit | vim |
| Displays the contents of a file | write | vim |
| Displays the contents of a file | excel | libreoffice |
| Displays the contents of a file | calc | libreoffice |
| Displays the contents of a file | powerpoint | libreoffice |
1. Kernel Modules and lsmod
Overview
The Linux kernel is modular, which means many features and drivers are loaded as modules. The lsmod command gives you a snapshot of all modules currently loaded into the kernel.
Key Commands and Concepts
- lsmod\
- Usage: Simply run
lsmodto display a list of modules.\ - It reads from /proc/modules, which is the virtual file listing all loaded modules.
- Usage: Simply run
- modinfo\
- Provides detailed information (description, author, dependencies) about a module.\
- Usage:
modinfo <module_name>
- modprobe, insmod, rmmod\
- modprobe: Automatically loads (or removes) modules along with their dependencies.\
- insmod: Inserts a module into the kernel (less common because it doesn't resolve dependencies).\
- rmmod: Removes a module.
Tip: Always prefer modprobe for managing modules to ensure dependencies are handled correctly.
2. SELinux (Security-Enhanced Linux)
Overview
SELinux is an implementation of Mandatory Access Control (MAC) integrated into the Linux kernel. It restricts programs and users to a predefined set of operations based on policies rather than the traditional discretionary access control.
Modes of Operation
- Enforcing: Policies are enforced, and violations are blocked (and logged).
- Permissive: Violations are logged but not blocked (useful for troubleshooting).
- Disabled: SELinux is not active.
Key Commands
- sestatus\
- Shows SELinux status and current mode.\
- Usage:
sestatus
- getenforce / setenforce\
getenforceshows the current mode.\setenforce 1switches to enforcing mode;setenforce 0makes SELinux permissive.
- Context Management:\
- ls -Z: Lists files along with their SELinux security contexts.\
- chcon: Temporarily change the security context of a file (changes do not persist across relabeling).
- Usage:
chcon -t <new_type> <file_or_dir>- restorecon: Resets file contexts to those defined by policy (reads from configuration files).
- Usage:
restorecon -Rv <file_or_dir>- semanage: Used to make persistent changes to SELinux policy, such as modifying file contexts, booleans, or port contexts.
- Example: Set a custom file context rule with\
semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"\ then apply withrestorecon -Rv /var/www/html.
Key Configuration Files
- /etc/selinux/config\
- The primary configuration file where you define the SELinux mode and policy (e.g., targeted, mls).
- /etc/sysconfig/selinux\
- Some distributions also use this file.
Additional Resources:\ For detailed explanations of SELinux concepts and commands, check out documentation such as the Red Hat SELinux guide
and the Ishtiaque blog on SELinux and file permissions
.
3. Mounting Filesystems and Storage Management
Mounting Overview
Mounting makes a filesystem available at a certain point in your directory tree. It's fundamental for accessing storage devices.
Key Commands
- mount\
- Usage:
mount <device> <mount_point>\ - Options:
- -o for options (e.g.,
-o remount,-o context=...for overriding SELinux labels). - defcontext=... can set a default SELinux context for files on file systems that lack extended attribute support.
- Usage:
- umount\
- Unmounts a filesystem.\
- Usage:
umount <mount_point_or_device>
- findmnt\
- Displays mounted filesystems in a tree-like format.
- df and lsblk\
df -hshows disk space usage.\lsblklists block devices and their mount points.
- /etc/fstab\
- A persistent configuration file listing filesystems to mount at boot.\
- Syntax: Each line defines a device, its mount point, filesystem type, and mount options.
Storage Management Tools
- fdisk / parted\
- Partitioning tools to create and manage disk partitions.
- blkid\
- Displays block device attributes such as UUIDs and filesystem types.
- du\
- Estimates file and directory space usage.
Note: When mounting filesystems that do not support extended attributes (like FAT or certain NFS setups), SELinux uses the context specified with the mount -o context=... or defcontext=... options. This is well documented in the Red Hat guides
.
4. Configuration Files ("Config Filex") and Their Locations
Linux uses many configuration files stored in various directories. Here are some of the most critical ones you'll encounter:
- Kernel Configuration:\
- Often stored in /boot/config-$(uname -r).
- SELinux:\
- Main config in /etc/selinux/config or /etc/sysconfig/selinux.
- Filesystem Mounts:\
- /etc/fstab for persistent mount configurations.
- Service Configuration:\
- Typically in /etc/ (for example, /etc/samba/smb.conf for Samba, /etc/apache2/ for Apache).
- User Environment:\
- Files like ~/.bashrc, ~/.profile, and /etc/profile govern shell and environment settings.
Understanding where these files live---and the syntax they use---is key to automating and troubleshooting your system.
5. Linux File Permissions and Access Control
Standard UNIX Permissions
Every file and directory has three sets of permissions: for the owner (user), group, and others. They are represented by read (r), write (w), and execute (x).
- chmod:\
- Modify permissions using symbolic (e.g.,
chmod u+x file) or numeric (e.g.,chmod 755 file) methods.
- Modify permissions using symbolic (e.g.,
- chown and chgrp:\
- Change the file's owner and group respectively (e.g.,
chown alex:alex file).
- Change the file's owner and group respectively (e.g.,
Extended Permissions and ACLs
- setfacl and getfacl:\
- Provide finer-grained control than basic permissions by assigning permissions for specific users or groups. - Example:
setfacl -m u:username:rwx filegrants a specific user full rights.getfacl filedisplays current ACLs.
File Attributes
- lsattr and chattr:\
- Manage extended attributes such as immutability.\
- For example,
chattr +i filemakes a file immutable.
Permissions in SELinux
- Besides the standard UNIX permissions, SELinux adds a security context (visible with
ls -Z) that governs access based on policies. - Tools like audit2allow can help diagnose SELinux denials and suggest policy adjustments.
6. Mastering the Commands: A Quick Reference List
Kernel Module Management
lsmodmodinfo <module>modprobe <module>rmmod <module>
SELinux Management
sestatusgetenforce/setenforce [0|1]ls -Zchcon -t <type> <file>restorecon -Rv <dir>semanage fcontext -a -t <type> "<path>(/.*)?"semanage boolean -l/setsebool -P <boolean> [on|off]audit2allow
Filesystem Mounting & Storage
mount -o <options> <device> <mount_point>umount <mount_point>findmntdf -hlsblkfdisk/partedblkid
Configuration Files
- Kernel:
/boot/config-$(uname -r) - SELinux:
/etc/selinux/config,/etc/sysconfig/selinux - Mounts:
/etc/fstab - Services & Environment: Various files under /etc/ and user home directories.
File Permissions & ACLs
chmodchownchgrpsetfacl/getfacllsattr/chattr