标签 shell 下的文章

“”

Ubuntu 20使用rc-local时,出现这个错误提示。
The unit files have no [Install] section. They are not meant to be enabled using systemctl.

解决办法:
rc-local.service添加Install字段。

[Install]
WantedBy=multi-user.target

结果:

cat /lib/systemd/system/rc-local.service
[Unit]
Description=/etc/rc.local Compatibility
Documentation=man:systemd-rc-local-generator(8)
ConditionFileIsExecutable=/etc/rc.local
After=network.target

[Service]
Type=forking
ExecStart=/etc/rc.local start
TimeoutSec=0
RemainAfterExit=yes
GuessMainPID=no

[Install]
WantedBy=multi-user.target

重新enable
systemctl enable rc-local.service

创建/etc/rc.local,并赋予执行权限

cat /etc/rc.local
#!/bin/sh
echo "ok" >> ~/rc.local.ok
exit 0

想指定某一个IP地址使用某路由/网关

方法:

route add -host 192.168.1.2 gw 192.168.2.1

如果是一个网段批定路由

route add -net 192.168.1.0/24 gw 192.168.2.1

通过route指令查看当前路由规则,列表一般有Destination,Gateway,Genmask,Flags,Metric,Ref,Use Iface例如

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 eth0
10.163.0.0      0.0.0.0         255.255.128.0   U     0      0        0 eth0
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
192.168.1.11    0.0.0.0         255.255.255.255 UH    0      0        0 eth0

目的地址可以是个网络地址例如172.17.0.0,也可是个具体的ip地址如192.168.1.11.
网关Gateway,如果在添加的时候没有指定gw选项则默认填充0.0.0.0或*缺省,此时会按照网卡作为下一跳。
mask是子网掩码,对于具体的ip地址掩码则是4个255.
flags有U可用正在生效,G通过网关(gateway)连接(即Gateway一栏不为0.0.0.0),H目的地址是个ip(host)而不是网络.
metric跳数(跃点数),经过多少个网关到达,一般不添加就是0了,多数时候不需要在意这个值
UseIface就是通过哪张网卡。 route add和route del是最常用的指令,分别用于添加和删除路由规则
route add
-net目的网络地址
-host目的ip地址
gw设置网关
dev设置网卡
设置到另一个网络的路由用-net,设置到一个具体ip的用-host,设置到达目的地址的网关用gw,设置到达目的地址的下一跳网卡用dev

指定访问网络用哪张网卡

route add -net 10.0.0.0/24 dev eth0

指定访问网络通过哪个网关

route add -net 10.0.0.0/24 gw 192.168.1.1

指定访问ip用哪张网卡

route add -host 10.0.0.1 dev eth0

指定访问网络通过哪个网关

route add -host 10.0.0.1 gw 192.168.1.1

默认路由

route add -net 0.0.0.0/0 dev eth0
route add -net 0.0.0.0/0 gw 1.1.1.1

简略写法

route add default dev eth0
route add default gw 1.1.1.1

关于掩码,下列两者等价

route add -net 10.0.0.0/24 gw 192.168.1.1
route add -net 10.0.0.0 netmask 255.255.255.0 gw 192.168.1.1

route del
用法和route add一样如

route del -net 10.0.0.0/24 dev eth0
route del -net 10.0.0.0/24 gw 192.168.1.1
route del -host 10.0.0.1 dev eth0
route del -host 10.0.0.1 gw 192.168.1.1

有些时候可以简化比如到达网络或ip的路由只有想删除的那一条就直接

route del -net 10.0.0.0/24
route del -host 10.0.0.1

Referenced from:https://xiaogenban1993.github.io/18.2/utils_route&iptables%25E6%258C%2587%25E4%25BB%25A4.html

使用netstat -natp可以看到进程的pid,但在busybox上的netstat 没有-p选项,就需要使用lsof了。

使用

lsof -i :9000

可以列出所有与9000端口号相关的进程pid

lsof(list open files)是一个列出当前系统打开文件的工具。在linux环境下,任何事物都以文件的形式存在,通过文件不仅仅可以访问常规数据,还可以访问网络连接和硬件。所以如传输控制协议 (TCP) 和用户数据报协议 (UDP) 套接字等,系统在后台都为该应用程序分配了一个文件描述符,无论这个文件的本质如何,该文件描述符为应用程序与基础操作系统之间的交互提供了通用接口。因为应用程序打开文件的描述符列表提供了大量关于这个应用程序本身的信息,因此通过lsof工具能够查看这个列表对系统监测以及排错将是很有帮助的。

1.命令格式:

lsof 参数

2.命令功能:

用于查看你进程开打的文件,打开文件的进程,进程打开的端口(TCP、UDP)。找回/恢复删除的文件。是十分方便的系统监视工具,因为 lsof 需要访问核心内存和各种文件,所以需要root用户执行。

lsof打开的文件可以是:

1.普通文件

2.目录

3.网络文件系统的文件

4.字符或设备文件

5.(函数)共享库

6.管道,命名管道

7.符号链接

8.网络文件(例如:NFS file、网络socket,unix域名socket)

9.还有其它类型的文件,等等

3.命令参数:

-a 列出打开文件存在的进程

-c<进程名> 列出指定进程所打开的文件

-g  列出GID号进程详情

-d<文件号> 列出占用该文件号的进程

+d<目录>  列出目录下被打开的文件

+D<目录>  递归列出目录下被打开的文件

-n<目录>  列出使用NFS的文件

-i<条件>  列出符合条件的进程。(4、6、协议、:端口、 @ip )

-p<进程号> 列出指定进程号所打开的文件

-u  列出UID号进程详情

-h 显示帮助信息

-v 显示版本信息

4.使用实例:

实例1:无任何参数

命令:

lsof

输出:

[root@localhost ~]# lsof

COMMAND     PID USER   FD      TYPE             DEVICE     SIZE       NODE NAME
init          1 root  cwd       DIR                8,2     4096          2 /
init          1 root  rtd       DIR                8,2     4096          2 /
init          1 root  txt       REG                8,2    43496    6121706 /sbin/init
init          1 root  mem       REG                8,2   143600    7823908 /lib64/ld-2.5.so
init          1 root  mem       REG                8,2  1722304    7823915 /lib64/libc-2.5.so
init          1 root  mem       REG                8,2    23360    7823919 /lib64/libdl-2.5.so
init          1 root  mem       REG                8,2    95464    7824116 /lib64/libselinux.so.1
init          1 root  mem       REG                8,2   247496    7823947 /lib64/libsepol.so.1
init          1 root   10u     FIFO               0,17                1233 /dev/initctl
migration     2 root  cwd       DIR                8,2     4096          2 /
migration     2 root  rtd       DIR                8,2     4096          2 /
migration     2 root  txt   unknown                                        /proc/2/exe
ksoftirqd     3 root  cwd       DIR                8,2     4096          2 /
ksoftirqd     3 root  rtd       DIR                8,2     4096          2 /
ksoftirqd     3 root  txt   unknown                                        /proc/3/exe
migration     4 root  cwd       DIR                8,2     4096          2 /
migration     4 root  rtd       DIR                8,2     4096          2 /
migration     4 root  txt   unknown                                        /proc/4/exe
ksoftirqd     5 root  cwd       DIR                8,2     4096          2 /
ksoftirqd     5 root  rtd       DIR                8,2     4096          2 /
ksoftirqd     5 root  txt   unknown                                        /proc/5/exe
events/0      6 root  cwd       DIR                8,2     4096          2 /
events/0      6 root  rtd       DIR                8,2     4096          2 /
events/0      6 root  txt   unknown                                        /proc/6/exe
events/1      7 root  cwd       DIR                8,2     4096          2 /

说明:

lsof输出各列信息的意义如下:

COMMAND:进程的名称

PID:进程标识符

PPID:父进程标识符(需要指定-R参数)

USER:进程所有者

PGID:进程所属组

FD:文件描述符,应用程序通过文件描述符识别该文件。如cwd、txt等

(1)cwd:表示current work dirctory,即:应用程序的当前工作目录,这是该应用程序启动的目录,除非它本身对这个目录进行更改

(2)txt :该类型的文件是程序代码,如应用程序二进制文件本身或共享库,如上列表中显示的 /sbin/init 程序

(3)lnn:library references (AIX);

(4)er:FD information error (see NAME column);

(5)jld:jail directory (FreeBSD);

(6)ltx:shared library text (code and data);

(7)mxx :hex memory-mapped type number xx.

(8)m86:DOS Merge mapped file;

(9)mem:memory-mapped file;

(10)mmap:memory-mapped device;

(11)pd:parent directory;

(12)rtd:root directory;

(13)tr:kernel trace file (OpenBSD);

(14)v86  VP/ix mapped file;

(15)0:表示标准输出

(16)1:表示标准输入

(17)2:表示标准错误

一般在标准输出、标准错误、标准输入后还跟着文件状态模式:r、w、u等

(1)u:表示该文件被打开并处于读取/写入模式

(2)r:表示该文件被打开并处于只读模式

(3)w:表示该文件被打开并处于

(4)空格:表示该文件的状态模式为unknow,且没有锁定

(5)-:表示该文件的状态模式为unknow,且被锁定

同时在文件状态模式后面,还跟着相关的锁

(1)N:for a Solaris NFS lock of unknown type;

(2)r:for read lock on part of the file;

(3)R:for a read lock on the entire file;

(4)w:for a write lock on part of the file;(文件的部分写锁)

(5)W:for a write lock on the entire file;(整个文件的写锁)

(6)u:for a read and write lock of any length;

(7)U:for a lock of unknown type;

(8)x:for an SCO OpenServer Xenix lock on part      of the file;

(9)X:for an SCO OpenServer Xenix lock on the      entire file;

(10)space:if there is no lock.

TYPE:文件类型,如DIR、REG等,常见的文件类型

(1)DIR:表示目录

(2)CHR:表示字符类型

(3)BLK:块设备类型

(4)UNIX: UNIX 域套接字

(5)FIFO:先进先出 (FIFO) 队列

(6)IPv4:网际协议 (IP) 套接字

DEVICE:指定磁盘的名称

SIZE:文件的大小

NODE:索引节点(文件在磁盘上的标识)

NAME:打开文件的确切名称

实例2:查看谁正在使用某个文件,也就是说查找某个文件相关的进程

命令:

lsof /bin/bash

输出:

[root@localhost ~]# lsof /bin/bash
COMMAND   PID USER  FD   TYPE DEVICE   SIZE    NODE NAME
bash    24159 root txt    REG    8,2 801528 5368780 /bin/bash
bash    24909 root txt    REG    8,2 801528 5368780 /bin/bash
bash    24941 root txt    REG    8,2 801528 5368780 /bin/bash
[root@localhost ~]# 

 

说明:

实例3:递归查看某个目录的文件信息

命令:

lsof test/test3

输出:

[root@localhost ~]# cd /opt/soft/
[root@localhost soft]# lsof test/test3
COMMAND   PID USER   FD   TYPE DEVICE SIZE    NODE NAME
bash    24941 root  cwd    DIR    8,2 4096 2258872 test/test3
vi      24976 root  cwd    DIR    8,2 4096 2258872 test/test3
[root@localhost soft]# 

 

说明:

使用了+D,对应目录下的所有子目录和文件都会被列出

实例4:不使用+D选项,遍历查看某个目录的所有文件信息的方法

命令:

 lsof |grep 'test/test3'

输出:

[root@localhost soft]# lsof |grep 'test/test3'

bash      24941 root  cwd       DIR                8,2     4096    2258872 /opt/soft/test/test3
vi        24976 root  cwd       DIR                8,2     4096    2258872 /opt/soft/test/test3
vi        24976 root    4u      REG                8,2    12288    2258882 /opt/soft/test/test3/.log2013.log.swp
[root@localhost soft]# 
说明:

实例5:列出某个用户打开的文件信息

命令:

lsof -u username

说明: 

-u 选项,u其实是user的缩写

实例6:列出某个程序进程所打开的文件信息

命令:

lsof -c mysql

说明:

 -c 选项将会列出所有以mysql这个进程开头的程序的文件,其实你也可以写成 lsof | grep mysql, 但是第一种方法明显比第二种方法要少打几个字符了

实例7:列出多个进程多个打开的文件信息

命令:

lsof -c mysql -c apache

实例8:列出某个用户以及某个进程所打开的文件信息

命令:

lsof  -u test -c mysql 

说明:

用户与进程可相关,也可以不相关

实例9:列出除了某个用户外的被打开的文件信息

命令:

lsof -u ^root

说明:

^这个符号在用户名之前,将会把是root用户打开的进程不让显示

实例10:通过某个进程号显示该进行打开的文件

命令:

lsof -p 1

实例11:列出多个进程号对应的文件信息

命令:

lsof -p 1,2,3

实例12:列出除了某个进程号,其他进程号所打开的文件信息

命令:

lsof -p ^1

实例13:列出所有的网络连接

命令:

lsof -i

实例14:列出所有tcp 网络连接信息

命令:

lsof -i tcp

实例15:列出所有udp网络连接信息

命令:

lsof -i udp

实例16:列出谁在使用某个端口

命令:

lsof -i :3306

实例17:列出谁在使用某个特定的udp端口

命令:

lsof -i udp:55

或者:特定的tcp端口

命令:

lsof -i tcp:80

实例18:列出某个用户的所有活跃的网络端口

命令:

lsof -a -u test -i

实例19:列出所有网络文件系统

命令:

lsof -N

实例20:域名socket文件

命令:

lsof -u

实例21:某个用户组所打开的文件信息

命令:

lsof -g 5555

实例22:根据文件描述列出对应的文件信息

命令:

lsof -d description(like 2)

例如:lsof  -d  txt

例如:lsof  -d  1

例如:lsof  -d  2

说明:

0表示标准输入,1表示标准输出,2表示标准错误,从而可知:所以大多数应用程序所打开的文件的 FD 都是从 3 开始

实例23:根据文件描述范围列出文件信息

命令:

lsof -d 2-3

实例24:列出COMMAND列中包含字符串" sshd",且文件描符的类型为txt的文件信息

命令:

lsof -c sshd -a -d txt

输出:

[root@localhost soft]# lsof -c sshd -a -d txt
COMMAND   PID USER  FD   TYPE DEVICE   SIZE    NODE NAME
sshd     2756 root txt    REG    8,2 409488 1027867 /usr/sbin/sshd
sshd    24155 root txt    REG    8,2 409488 1027867 /usr/sbin/sshd
sshd    24905 root txt    REG    8,2 409488 1027867 /usr/sbin/sshd
sshd    24937 root txt    REG    8,2 409488 1027867 /usr/sbin/sshd
[root@localhost soft]# 
[root@localhost soft]# 

 

实例25:列出被进程号为1234的进程所打开的所有IPV4 network files 

命令:

lsof -i 4 -a -p 1234

实例26:列出目前连接主机peida.linux上端口为:20,21,22,25,53,80相关的所有文件信息,且每隔3秒不断的执行lsof指令

命令:

lsof -i @peida.linux:20,21,22,25,53,80  -r  3

Referenced from:https://www.cnblogs.com/peida/archive/2013/02/26/2932972.html

lsof stands for List Open Files.

It is easy to remember lsof command if you think of it as “ls + of”, where ls stands for list, and of stands for open files.

It is a command line utility which is used to list the information about the files that are opened by various processes. In unix, everything is a file, ( pipes, sockets, directories, devices, etc.). So by using lsof, you can get the information about any opened files.

  1. Introduction to lsof
    Simply typing lsof will provide a list of all open files belonging to all active processes.
# lsof

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
init 1 root cwd DIR 8,1 4096 2 /
init 1 root txt REG 8,1 124704 917562 /sbin/init
init 1 root 0u CHR 1,3 0t0 4369 /dev/null
init 1 root 1u CHR 1,3 0t0 4369 /dev/null
init 1 root 2u CHR 1,3 0t0 4369 /dev/null
init 1 root 3r FIFO 0,8 0t0 6323 pipe
...
By default One file per line is displayed. Most of the columns are self explanatory. We will explain the details about couple of cryptic columns (FD and TYPE).

FD – Represents the file descriptor. Some of the values of FDs are,

cwd – Current Working Directory
txt – Text file
mem – Memory mapped file
mmap – Memory mapped device
NUMBER – Represent the actual file descriptor. The character after the number i.e ‘1u’, represents the mode in which the file is opened. r for read, w for write, u for read and write.
TYPE – Specifies the type of the file. Some of the values of TYPEs are,

REG – Regular File
DIR – Directory
FIFO – First In First Out
CHR – Character special file
For a complete list of FD & TYPE, refer man lsof.

  1. List processes which opened a specific file
    You can list only the processes which opened a specific file, by providing the filename as arguments.
# lsof /var/log/syslog

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rsyslogd 488 syslog 1w REG 8,1 1151 268940 /var/log/syslog

  1. List opened files under a directory
    You can list the processes which opened files under a specified directory using ‘+D’ option. +D will recurse the sub directories also. If you don’t want lsof to recurse, then use ‘+d’ option.
# lsof +D /var/log/

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rsyslogd 488 syslog 1w REG 8,1 1151 268940 /var/log/syslog
rsyslogd 488 syslog 2w REG 8,1 2405 269616 /var/log/auth.log
console-k 144 root 9w REG 8,1 10871 269369 /var/log/ConsoleKit/history

  1. List opened files based on process names starting with
    You can list the files opened by process names starting with a string, using ‘-c’ option. -c followed by the process name will list the files opened by the process starting with that processes name. You can give multiple -c switch on a single command line.
# lsof -c ssh -c init

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
init 1 root txt REG 8,1 124704 917562 /sbin/init
init 1 root mem REG 8,1 1434180 1442625 /lib/i386-linux-gnu/libc-2.13.so
init 1 root mem REG 8,1 30684 1442694 /lib/i386-linux-gnu/librt-2.13.so
...
ssh-agent 1528 lakshmanan 1u CHR 1,3 0t0 4369 /dev/null
ssh-agent 1528 lakshmanan 2u CHR 1,3 0t0 4369 /dev/null
ssh-agent 1528 lakshmanan 3u unix 0xdf70e240 0t0 10464 /tmp/ssh-sUymKXxw1495/agent.1495

  1. List processes using a mount point
    Sometime when we try to umount a directory, the system will say “Device or Resource Busy” error. So we need to find out what are all the processes using the mount point and kill those processes to umount the directory. By using lsof we can find those processes.
# lsof /home

The following will also work.

# lsof +D /home/
  1. List files opened by a specific user
    In order to find the list of files opened by a specific users, use ‘-u’ option.
# lsof -u lakshmanan

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
update-no 1892 lakshmanan 20r FIFO 0,8 0t0 14536 pipe
update-no 1892 lakshmanan 21w FIFO 0,8 0t0 14536 pipe
bash 1995 lakshmanan cwd DIR 8,1 4096 393218 /home/lakshmanan
Sometimes you may want to list files opened by all users, expect some 1 or 2. In that case you can use the ‘^’ to exclude only the particular user as follows

# lsof -u ^lakshmanan

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rtkit-dae 1380 rtkit 7u 0000 0,9 0 4360 anon_inode
udisks-da 1584 root cwd DIR 8,1 4096 2 /
The above command listed all the files opened by all users, expect user ‘lakshmanan’.

  1. List all open files by a specific process
    You can list all the files opened by a specific process using ‘-p’ option. It will be helpful sometimes to get more information about a specific process.
# lsof -p 1753

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
bash 1753 lakshmanan cwd DIR 8,1 4096 393571 /home/lakshmanan/test.txt
bash 1753 lakshmanan rtd DIR 8,1 4096 2 /
bash 1753 lakshmanan 255u CHR 136,0 0t0 3 /dev/pts/0
...

  1. Kill all process that belongs to a particular user
    When you want to kill all the processes which has files opened by a specific user, you can use ‘-t’ option to list output only the process id of the process, and pass it to kill as follows
# kill -9 `lsof -t -u lakshmanan`

The above command will kill all process belonging to user ‘lakshmanan’, which has files opened.

Similarly you can also use ‘-t’ in many ways. For example, to list process id of a process which opened /var/log/syslog can be done by

# lsof -t /var/log/syslog

489
Talking about kill, did you know that there are 4 Ways to Kill a Process?

  1. Combine more list options using OR/AND
    By default when you use more than one list option in lsof, they will be ORed. For example,
# lsof -u lakshmanan -c init

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
init 1 root cwd DIR 8,1 4096 2 /
init 1 root txt REG 8,1 124704 917562 /sbin/init
bash 1995 lakshmanan 2u CHR 136,2 0t0 5 /dev/pts/2
bash 1995 lakshmanan 255u CHR 136,2 0t0 5 /dev/pts/2
...
The above command uses two list options, ‘-u’ and ‘-c’. So the command will list process belongs to user ‘lakshmanan’ as well as process name starts with ‘init’.

But when you want to list a process belongs to user ‘lakshmanan’ and the process name starts with ‘init’, you can use ‘-a’ option.

# lsof -u lakshmanan -c init -a

The above command will not output anything, because there is no such process named ‘init’ belonging to user ‘lakshmanan’.

  1. Execute lsof in repeat mode
  2. also support Repeat mode. It will first list files based on the given parameters, and delay for specified seconds and again list files based on the given parameters. It can be interrupted by a signal.

Repeat mode can be enabled by using ‘-r’ or ‘+r’. If ‘+r’ is used then, the repeat mode will end when no open files are found. ‘-r’ will continue to list,delay,list until a interrupt is given irrespective of files are opened or not.

Each cycle output will be separated by using ‘=======’. You also also specify the time delay as ‘-r’ | ‘+r’.

# lsof -u lakshmanan -c init -a -r5

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
inita.sh 2971 lakshmanan cwd DIR 8,1 4096 393218 /home/lakshmanan
inita.sh 2971 lakshmanan rtd DIR 8,1 4096 2 /
inita.sh 2971 lakshmanan txt REG 8,1 83848 524315 /bin/dash
inita.sh 2971 lakshmanan mem REG 8,1 1434180 1442625 /lib/i386-linux-gnu/libc-2.13.so
inita.sh 2971 lakshmanan mem REG 8,1 117960 1442612 /lib/i386-linux-gnu/ld-2.13.so
inita.sh 2971 lakshmanan 0u CHR 136,4 0t0 7 /dev/pts/4
inita.sh 2971 lakshmanan 1u CHR 136,4 0t0 7 /dev/pts/4
inita.sh 2971 lakshmanan 2u CHR 136,4 0t0 7 /dev/pts/4
inita.sh 2971 lakshmanan 10r REG 8,1 20 393578 /home/lakshmanan/inita.sh

In the above output, for the first 5 seconds, there is no output. After that a script named “inita.sh” is started, and it list the output.

Finding Network Connection
Network connections are also files. So we can find information about them by using lsof.

  1. List all network connections
    You can list all the network connections opened by using ‘-i’ option.
# lsof -i

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
avahi-dae 515 avahi 13u IPv4 6848 0t0 UDP *:mdns
avahi-dae 515 avahi 16u IPv6 6851 0t0 UDP *:52060
cupsd 1075 root 5u IPv6 22512 0t0 TCP ip6-localhost:ipp (LISTEN)
You can also use ‘-i4’ or ‘-i6’ to list only ‘IPV4’ or ‘IPV6‘ respectively.

  1. List all network files in use by a specific process
    You can list all the network files which is being used by a process as follows
# lsof -i -a -p 234

You can also use the following

# lsof -i -a -c ssh

The above command will list the network files opened by the processes starting with ssh.

  1. List processes which are listening on a particular port
    You can list the processes which are listening on a particular port by using ‘-i’ with ‘:’ as follows
# lsof -i :25

COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
exim4 2541 Debian-exim 3u IPv4 8677 TCP localhost:smtp (LISTEN)

  1. List all TCP or UDP connections
    You can list all the TCP or UDP connections by specifying the protocol using ‘-i’.
# lsof -i tcp; lsof -i udp;
  1. List all Network File System ( NFS ) files
    You can list all the NFS files by using ‘-N’ option. The following lsof command will list all NFS files used by user ‘lakshmanan’.
# lsof -N -u lakshmanan -a

Referenced from:https://www.thegeekstuff.com/2012/08/lsof-command-examples/

一个或者多个空格替换成逗号:

sed 's/[ ][ ]*/,/g' a.txt >a.csv

或者:

cat a.txt |sed 's/\s+/,/g'  >a.csv

可以转成csv格式

一、原始文本word.txt内容

a c      b   d
d   b   c  a
a  c   d    b
c    a   r s
d   s   g   h

二、shell脚本

cat word.txt | sed 's/[ ][ ]*/,/g'

脚本说明:

s代表替换指令;
每个[ ]都包含有一个空格;
*号代表0个或多个;
g代表替换每行的所有匹配;

三、替换效果

a,c,b,d
d,b,c,a
a,c,d,b
c,a,r,s
d,s,g,h

Referenced from:https://blog.csdn.net/tterminator/article/details/52792959

linux shell 批量替换文件名中空格为下划线

for file in *; do mv "$file" `echo $file | tr ' ' '_'`; done

linux shell 批量修改文件后缀名

rename 's/\.csv/\.txt/' *

linux shell 批量转换文件名大小写

rename 'y/A-Z/a-z/' *

(反着写就是小写变大写)

linux shell 删除所有文件的后缀名

rename 's/.csv//' *

或者

rename 's/\.bak$//' *.bak

linux shell 给所有文件添加后缀名

rename 's/$/\.txt/'  *

linux shell 在所有文件名前添加某个字符串

rename 's/^/const/' *

hexdump 十六进制输出数据

echo -ne "const.net.cn" |hexdump -C

00000000 63 6f 6e 73 74 2e 6e 65 74 2e 63 6e |const.net.cn|
0000000c

echo -ne "const.net.cn" |hexdump -e '16/1 "%02X " "\n"'

63 6F 6E 73 74 2E 6E 65 74 2E 63 6E

linux shell 执行字符串命令

cmd="echo hello word"
$cmd

或者

eval $cmd

linux shell date string

Date FormatOption MeaningExample Output
date +%clocale’s date timeSat May 9 11:49:47 2020
date +%xlocale’s date05/09/20
date +%Xlocale’s time11:49:47
date +%Alocale’s full weekday nameSaturday
date +%Blocale’s full month nameMay
date +%m-%d-%YMM-DD-YYYY date format05-09-2020
date +%DMM/DD/YY date format05/09/20
date +%FYYYY-MM-DD date format2020-05-09
date +%THH:MM:SS time format11:44:15
date +%uDay of Week6
date +%UWeek of Year with Sunday as first day of week18
date +%VISO Week of Year with Monday as first day of week19
date +%jDay of Year130
date +%ZTimezonePDT
date +%mMonth of year (MM)05
date +%dDay of Month (DD)09
date +%YYear (YY)2020
date +%HHour (HH)11
date +%HHour (HH) in 24-hour clock format11
date +%IHour in 12-hour clock format11
date +%plocale’s equivalent of AM or PMAM
date +%Psame as %p but in lower caseam
date '+%F %T'

2021-12-30 16:26:50

linux 编码转换显示hexstring

echo -n d6d0b9fa |xxd -r -p |iconv -f gb2312 -t utf8

中国

echo -n 中国 |iconv -f utf8 -t gb2312 |xxd -p

d6d0b9fa

echo -n 中国 |xxd -p

e4b8ade59bbd

echo -n e4b8ade59bbd |xxd -r -p

中国

使用ss 查看网络监听连接

ss -nlput
ss -h

-h, --help this message
-V, --version output version information
-n, --numeric don't resolve service names
-r, --resolve resolve host names
-a, --all display all sockets
-l, --listening display listening sockets
-o, --options show timer information
-e, --extended show detailed socket information
-m, --memory show socket memory usage
-p, --processes show process using socket
-i, --info show internal TCP information
--tipcinfo show internal tipc socket information
-s, --summary show socket usage summary
--tos show tos and priority information
-b, --bpf show bpf filter socket information
-E, --events continually display sockets as they are destroyed
-Z, --context display process SELinux security contexts
-z, --contexts display process and socket SELinux security contexts
-N, --net switch to the specified network namespace name

-4, --ipv4 display only IP version 4 sockets
-6, --ipv6 display only IP version 6 sockets
-0, --packet display PACKET sockets
-t, --tcp display only TCP sockets
-S, --sctp display only SCTP sockets
-u, --udp display only UDP sockets
-d, --dccp display only DCCP sockets
-w, --raw display only RAW sockets
-x, --unix display only Unix domain sockets
--tipc display only TIPC sockets
--vsock display only vsock sockets
-f, --family=FAMILY display sockets of type FAMILY
FAMILY := {inet|inet6|link|unix|netlink|vsock|tipc|xdp|help}

-K, --kill forcibly close sockets, display what was closed
-H, --no-header Suppress header line
-O, --oneline socket's data printed on a single line

显示所有IP地址

ip -4 a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp0s31f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.10.8/24 brd 192.168.10.255 scope global noprefixroute enp0s31f6
       valid_lft forever preferred_lft forever
    inet 192.168.1.64/24 brd 192.168.1.255 scope global noprefixroute enp0s31f6
       valid_lft forever preferred_lft forever
    inet 192.168.3.64/24 brd 192.168.3.255 scope global noprefixroute enp0s31f6
       valid_lft forever preferred_lft forever
    inet 192.169.5.64/24 brd 192.169.5.255 scope global noprefixroute enp0s31f6
       valid_lft forever preferred_lft forever
    inet 192.168.6.64/24 brd 192.168.6.255 scope global noprefixroute enp0s31f6
       valid_lft forever preferred_lft forever
    inet 192.168.2.64/24 brd 192.168.2.255 scope global noprefixroute enp0s31f6
       valid_lft forever preferred_lft forever

linux shell directory md5sum
使用md5sum 校验整个目录
生成md5sum.txt

find . -type f |xargs md5sum > /path/to/file/md5sum.txt
md5sum -c /path/to/file/md5sum.txt

listing md5sum for all files
Therefore you should be able to run this command to get the result you want:

find -type f -exec md5sum "{}" +

If you really want to use pipe, then you need to tell find to delimit the responses with a null and xargs to expect null delimited arguments like this:

find -type f -print0 |xargs -0 md5sum

linux shell 写一条日志记录到syslog
Log a message to your client, eg:

logger -t hello-world -s 'Hello World - 1'

获取网卡mac地址,并设置为hostname

hostname `cat /sys/class/net/eth0/address |sed 's/://g'`

iptables 自动保存

sudo apt-get install iptables-persistent