How to monitor ICMP packets that are not ping packets with tcpdump?
Here is the command:
tcpdump ‘icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply’
May 17, 2006
May 16, 2006
How would you find a bash string variables length?
Two ways: using ‘expr’ or ${#variable}. Example:
zia@lappy:~$ string=supercalifragilisticexpialidocious
zia@lappy:~$ echo ${#string}
34
zia@lappy:~$ expr length $string
34
zia@lappy:~$ expr “$string” : ‘.*’
34
zia@lappy:~$ expr match “$string” ‘.*’
34
Source: http://www.tldp.org/LDP/abs/html/string-manipulation.html
May 15, 2006
What are the special characters of Bash?
| # | Comments. (with exception of “#!”). |
| ; | Command separator (semicolon). |
| ;; | Terminator in a ‘case’ option (double semicolon) |
| . | “dot” command (period). Equivalent to “source;” or “dot” as a componant of a filename or “dot” character match in regular expression. |
| “ | partial quoting (double quote) |
| ‘ | full quoting (single quote) |
| , | comma operator. The comma operator links together a series of arithmetic operations. |
| \ | escape (backslash). A quoting mechanism for single characters. |
| / | Filename path separator (forward slash). |
| ` | command substitution. The `command` construct makes available the output of command for assignment to a variable. |
| : | null command (colon). This is the shell equivalent of a “NOP” (no op, a do-nothing operation). |
| ! | reverse (or negate) the sense of a test or exit status (bang). |
| * | wild card (asterisk) or arithmetic operator (denotes multiplication) |
| ? | test operator. Within certain expressions, the ? indicates a test for a condition or wild card. The ? character serves as a single-character “wild card” for filename expansion. |
| $ | Variable substitution (contents of a variable) or end-of-line. In a regular expression, a “$” addresses the end of a line of text. |
| ${} | Parameter substitution. |
| $*, $@ | positional parameters. |
| $? | exit status variable. The $? variable holds the exit status of a command, a function, or of the script itself. |
| $$ | process ID variable. The $$ variable holds the process ID of the script in which it appears. |
| () | command group. |
| {} | {xxx,yyy,zzz,…}, this is brace expansion & {}, this is block of code (curly brackets). |
| {} \; | pathname. Mostly used in find constructs. This is not a shell builtin. |
| [ ] | Test expression between [ ]. |
| [[ ]] | test. Test expression between [[ ]] (shell keyword). |
| [ ] | array element (n the context of an array) or range of characters (As part of a regular expression) |
| (( )) | integer expansion. Expand and evaluate integer expression between (( )). |
| > &> >& >> < |
redirection. |
| << | redirection used in a here document. |
| <<< | redirection used in a here string. |
| <<< | redirection used in a here string. |
| >, < | ASCII comparison. |
| \<, \> | word boundary in a regular expression. |
| | | pipe. Passes the output of previous command to the input of the next one, or to the shell. |
| <| | force redirection (even if the noclobber option is set). |
| || | OR logical operator. |
| & | Run job in background. |
| && | AND logical operator. |
| - | option, prefix. Option flag for a command or filter. Prefix for an operator. or redirection from/to stdin or stdout (if postfixed) or previous working directory. A cd - command changes to the previous working directory. or Minus. Minus sign in an arithmetic operation. |
| = | Equals. Assignment operator. |
| + | Plus. Addition arithmetic operator. or Option. Option flag for a command or filter. |
| % | modulo. Modulo (remainder of a division) arithmetic operation. |
| ~ | home directory (tilde). |
| ~+ | current working directory. |
| ~- | previous working directory. |
| =~ | regular expression match. |
| ^ | beginning-of-line. In a regular expression, a “^” addresses the beginning of a line of text. |
Source: http://www.tldp.org/LDP/abs/html/special-chars.html
What is the difference between a single-quote, a quote, and a back-tick in the shell?
Single quote: variables ($), backticks (“) & backslash (\) are not treated specially in single quote.
Example:
zia@lappy:~$ echo ‘$(ls -al t*)’
$(ls -al t*)
zia@lappy:~$ echo ‘`ls -lah t*`’
`ls -lah t*`
zia@lappy:~$ echo ‘`ls -lah t*` \”‘
`ls -lah t*` \”
Synopsis: with single-quote, the special characters (i.e. $, “, \ etc.) are not treated specially, they are treated literally.
Double quote: variables ($), backticks (“) & backslash (\) are treated specially or interpreted other than its literal meaning.
For example:
zia@lappy:~$ echo “$(ls -al t*)”
-rwxr-xr-x 1 zia zia 449 2006-05-03 17:07 t
-rw-r–r– 1 root root 3365 2006-03-24 12:31 target.xml
zia@lappy:~$ echo “`ls -lah t*`”
-rwxr-xr-x 1 zia zia 449 2006-05-03 17:07 t
-rw-r–r– 1 root root 3.3K 2006-03-24 12:31 target.xml
zia@lappy:~$ echo “`ls -lah t*` \”"
-rwxr-xr-x 1 zia zia 449 2006-05-03 17:07 t
-rw-r–r– 1 root root 3.3K 2006-03-24 12:31 target.xml “
Synopsis: with double quote (”"), the special characters do exactly what they are supposed to do.
Compare the output of two processes using diff. Don’t use temporary files.
use named pipes in bash, i.e.:
# diff <(process one) <(process two)
What do the variables $* and $@ do in bash?
“$*” : All the positional parameters (as a single word) [Must be quoted, otherwise it defaults to “$@”]
“$@” : All the positional parameters (as separate strings)
The $@ and $* parameters differ only when between double quotes.
Source: http://www.tldp.org/LDP/abs/html/internalvariables.html#APPREF
How can you check the exit status of a process in BASH? or In bash, what variable contains the exit status of the last executed process?
In the $? variable.
For example:
zia@lappy:~$ find . -name something-that-cant-be-found
zia@lappy:~$ echo $?
1
May 13, 2006
What is the command to run the previous command?
That would be:
root@lappy:~# !!
Works in every OS if you are in bash.
May 1, 2005
Restricitng output to a specific colunm width.
Lets say we have a file where the items in it are space separated. And we have around 5000 items in it. A simple sample looks like this:
item1 item2 item3 item4 item5 item6 item7 item8 item9 item10 item11 item12 item13 item14 item15 item16 item17 item18 item19 item20 item21 item22 item23 item24 item25 item26 item27 item28 item29 item30
Now, what we want to achieve is show only 10 items in a line or show 10 columns at a time. Unix “findutils” has a very nifty utility called “xargs” to achieve this in a blink.
Here it goes:
cat /path/to/infile | xargs -n10 echo
Yes, its that easy. 
The output will look something like:
item1 item2 item3 item4 item5 item6 item7 item8 item9 item10
item11 item12 item13 item14 item15 item16 item17 item18 item19 item20
item21 item22 item23 item24 item25 item26 item27 item28 item29 item30
Converting newline terminated items to space separted items.
If you have some items/fields in a file in this format:
item1
item2
item3
item4
and you want to convert it to
item1 item2 item3 item4
then you can use
tr '\n' ' ' </path/to/infile >/path/to/outfile
Example:
awk -F: '{print $1'} /etc/passwd | tr '\n' ' '
Quick math.
Have to do some quick math or calculate something complicated and don’t have the calculator handy? Try this:
echo '(1 + sqrt(5))/2' | bc -l
or
echo '(65536 / 1024)' | bc -l
or
echo '(2 ^ 16)' | bc -l
Voila!
Ref: http://www.iol.ie/~padraiga/cmdline.html
Finding processes w/o using ‘ps’ command.
‘ps’ is one of the most important commands in the *nix world. But, what if someone wants to find out the processes running in a system without using the command ‘ps’. Why? There could be many reasons, one of them being “what if one wants to find out hidden processes in the system supposing the system was compromised…”.
So here it is:
cd /proc
for n in [0-9]* ; do echo -n "pid: "$n" "; cat $n/cmdline; echo; done
Ref: found in a post of Robert Mognet.
Redirecting output of a list of command to a file.
It is possible to redirect the output of a list of commands to a single file with a dash of style.
Here it is:
{ comand1; command2; command3 ; } > outputfile
Replace “command1″, “command2″ and “command3″ with your commands.
To append to a file instead of overwriting use “>>” instead of “>”.