标签存档: Linux

Linux下利用Rsync命令进行增量备份

今天在研究Linux下增量备份的时候,发现了一个非常Genius的命令。

用这个命令即可以做到增量备份,又可以最少量的占用硬盘空间。

 

rm -rf backup.3
mv backup.2 backup.3
mv backup.1 backup.2
cp -al backup.0 backup.1
rsync -a --delete source_directory/ backup.0/

 

多的懒得写了,大家自己体会吧。:D

 

Refer:http://www.admin-magazine.com/Articles/Using-rsync-for-Backups/

怎样创建一个只允许FTP登录的Linux用户

Here are steps to setup a user and allow the user access only via FTP (i.e. no SSH) and also limit access to a specific (user home) directory on proftpd:

1. Add new user: adduser newusername
2. Set password: passwd newusername
3. Modify user home directory from default to a new folder:

usermod -d /target/directory username

4. Edit shells file: vi /etc/shells and add /dev/null at the end
5. Modify newusername entry in the passwd file: vi /etc/passwd to add /./ before the newusername so that the entry looks like this:

newusername:x:502:502::/home/ftp/./newusernamehomedirectory/:/dev/null

6. Edit /etc/proftpd/proftpd.conf file and uncomment the line DefaultRoot ~

怎样遍历目录找到包含特定字串的文件

grep -rnw '/path/to/somewhere/' -e 'pattern'
  • -r or -R is recursive,
  • -n is line number, and
  • -w stands for match the whole word.
  • -l (lower-case L) can be added to just give the file name of matching files.

Along with these, --exclude--include--exclude-dir flags could be used for efficient searching:

  • This will only search through those files which have .c or .h extensions:
    grep --include=\*.{c,h} -rnw '/path/to/somewhere/' -e "pattern"
    
  • This will exclude searching all the files ending with .o extension:
    grep --exclude=*.o -rnw '/path/to/somewhere/' -e "pattern"
    
  • For directories, it’s possible to exclude a particular directory(ies) through --exclude-dirparameter. For example, this will exclude the dirs dir1/, dir2/ and all of them matching *.dst/:
    grep --exclude-dir={dir1,dir2,*.dst} -rnw '/path/to/somewhere/' -e "pattern"
    

This works very well for me, to achieve almost the same purpose like yours.

For more options check man grep

怎样安装ShadowSocks Server

1、查看系统

[root@localhost ~]# cat /etc/issue
CentOS release 6.6 (Final)
[root@localhost ~]# uname -a
Linux localhost.localdomain 2.6.32-042stab106.6 #1 SMP Mon Apr 20 14:48:47 MSK 2015 x86_64 x86_64 x86_64 GNU/Linux

2、安装ShadowSocks

# yum install python-setuptools && easy_install pip
# pip install shadowsocks

3、创建配置文件/etc/shadowsocks.json

[root@localhost /]# touch /etc/shadowsocks.json
[root@localhost /]# vi /etc/shadowsocks.json
{
"server":"138.128.208.158",
"server_port":443,
"local_address": "127.0.0.1",
"local_port":1080,
"password":"MyPass",
"timeout":300,
"method":"rc4-md5"
}

备注:加密方式官方默认使用aes-256-cfb,推荐使用rc4-md5,因为 RC4比AES速度快好几倍。 继续阅读 »

Get a list of Open Ports

LINUX

netstat -lntu

as replied by @askmish will give you list of services running on your system on tcp and udp ports where

  • -l = only services which are listening on some port
  • -n = show port number, don’t try to resolve the service name
  • -t = tcp ports
  • -u = udp ports
  • -p = name of the program

You don’t need the ‘p’ parameter as you’re only interested in getting which ports are free and not which program is running on it.

This only shows which ports on your system are used up, though. This doesn’t tell you the status of your network e.g. if you’re behind NAT and you want some services to be accessible from outside. Or if the firewall is blocking the port for outside visitors. In that case, nmap comes to the rescue. WARNING: Use nmap only on networks which are under your control. Also, there are firewall rules which can block nmap pings, you’ll have to fiddle around with options to get correct results.

2016.09.27 更新
netstat -peanut 用这个参数更可以列出是哪个程序在占用哪个端口

Windows

netstat -ano 可以直接列出PID,然后到任务管理器里面可以根据PID查看是哪个程序。

Linux下遍历查找某的文件包含某个关键字的命令

如下命令

grep -rnw '/path/to/somewhere/' -e "pattern"

-r 或者 -R 为递归查找, -n 是行号 -w 为要求全匹配. -l (小写L) 参数可以只列出文件名.

除此以外, –exclude 或者 –include 参数可以提供更有效的查找。比如:

grep --include=\*.{c,h} -rnw '/path/to/somewhere/' -e "pattern"

这个可以查找扩展名为.c或者.h的文件. –exclude的用法也类似:

grep --exclude=*.o -rnw '/path/to/somewhere/' -e "pattern"

上面这行命令在搜索中会排除扩展名为.0的文件。和包含/不包含文件一样,目录也可以使用 –exclude-dir 和 –include-dir 参数。 比如下面列出怎么使用 –exclude-dir:

grep --exclude-dir={dir1,dir2,*.dst} -rnw '/path/to/somewhere/' -e "pattern"

如果单是遍历查找文件的话可以用

find . -name '*.xml'

如果想遍历删除某种类型的文件的话,可以用

 find . -name '*.xml' -type f -delete

Ubuntu等效Chkconfig的命令

在Ubuntu中是没有chkconfig这个命令的,如果想要在Ubuntu里面使用类似Chkconfig的命令怎么办呢?

可以试试sysv-rc-conf命令,如果没有安装的话,可以使用apt-get install来安装这个命令。就可以以模拟图形界面的方式来配置各个service的runlevel了。

另外Ubuntu使用Upstart来替代来了传统的sysvinit,详细的使用方法参加:

https://help.ubuntu.com/community/UpstartHowto

Tomcat: redirecting traffic from port 8080 to 80 using iptables

First verify that Tomcat is running on port 8080. Run the following command

# netstat -ntl

The output will look something like

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 ::ffff:127.0.0.1:8005       :::*                        LISTEN
tcp        0      0 :::8009                     :::*                        LISTEN
tcp        0      0 :::8080                     :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN

Run the following command to redirect port 80 traffic to port 8080

# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

Run the folloing command to verify that redirect is working fine

# iptables -t nat -L

The output will look something like

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:http redir ports 8080

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Run the following command to remove the routing

# iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

 

FROM: Glass Onion Blog

6 Examples To Get Linux Hardware Details / Information

Today in this article we are going to discuss about some tools and commands that might answer your questions like name of your motherboard’s chipset, NIC type, etc. Some of the tools are in built into any Linux system and others need to be downloaded.

Example 1: lspci command

This standard Linux utility shows what your systems have got internally. The command is combination of ls, the standard command to list files and PCI that is for the peripheral connection. You can also expect your results to include AGP and onboard components like your USB chipset.

The command is much helpful in diagnosing bugs related to PCI devices.Using -t option of lspci command you can see PCI layout in a tree format. 继续阅读 »

Linux系统中网关IP修改设置命令大全

(一)修改ip地址
即时生效: # ifconfig eth0 192.168.0.20 netmask 255.255.255.0
启动生效: 修改/etc/sysconfig/network-scripts/ifcfg-eth0
修改default gateway
即时生效:# route add default gw 192.168.0.254
启动生效:修改/etc/sysconfig/network-scripts/ifcfg-eth0
修改dns
修改/etc/resolv.conf
修改后可即时生效,启动同样有效
修改host name
即时生效:# hostname fc2
启动生效:修改/etc/sysconfig/network
etc/sysconfig/network-scripts/ifcfg-ethN 文件

(二)在RedHat中,系统网络设备的配置文件保存在“/etc/sysconfig/network-scripts”目录下,ifcfg-eth0包含第一块网卡的配置信息,ifcfg-eth1包含第二块网卡的配置信息。
下面是“/etc/sysconfig/network-scripts/ifcfg-eth0”文件的示例:
DEVICE=eth0
IPADDR=x.x.x.x
NETMASK=255.255.255.0
NETWORK=x.x.x.x
BROADCAST=x.x.x.x
ONBOOT=yes
BOOTPROTO=none
USERCTL=no

(三)若希望手工修改网络地址或在新的接口上增加新的网络界面,可以通过修改对应的文件(ifcfg-ethN)或创建新的文件来实现。 
DEVICE=name     name表示物理设备的名字
IPADDR=addr     addr表示赋给该卡的IP地址
NETMASK=mask    mask表示网络掩码
NETWORK=addr    addr表示网络地址
BROADCAST=addr   addr表示广播地址
ONBOOT=yes/no   启动时是否激活该卡
none:无须启动协议
bootp:使用bootp协议
dhcp:使用dhcp协议
USERCTL=yes/no       是否允许非root用户控制该设备

(四)手工使用命令法是基于以太网卡已装入的情况下,编辑配置文件来配置网络的方法。具体步骤如下:
⑴ 编辑/etc/rc.d/rc.local文件
在该文件中加入类似下列各行:
#配置第一个以太网卡eth0的IP地址,子网掩码,UP起激活作用
/sbin/ifconfig,etho 163.1.5.125 netmask 255.255.0.0 UP
#配置并激活回环设备lo
/sbin/ifconfig lo 127.0.0.1 UP
/sbin/route add –host 127.0.0.1 lo
#让Linux将本地网的信息发送到eth0接口
/sbin/route add –net 163.1.5.125 netmask 255.255.0.0 eth0
#指定访问远程网络的缺省网关,假定缺省网关的IP地址为163.1.1.254
/sbin/route default gw 163.1.1.254 eth0
⑵ 编辑/etc/resdv.conf文件
该文件作用是设置名称服务器。可加入下列内容。
#指定本机域名为linux.net。
Domain linux.net
#域名称服务器(DNS),可以是本地网,也可以是远程网上的。按nameserver的顺序#逐一查找。若未找到,则Linux放弃寻找。
Nameserver 163.1.1.4
Nameserver 10.55.0.33
⑶ 编辑/etc/hosts.conf文件
设置主机文件表。可加入如下行:
order hosts,bind
multi on
163.1.5.125 lgx.linux.net lgx
第一行表示:查找名称时,首先检查本地主机文件(hosts),然后按/etc/resolv.conf所指定的Nameservers顺序查找。
第三行列出主机IP地址、主机名和别名。
对/etc/rc.d/rc.local,/etc/hosts.conf,/etc/resolv.conf三个文件编辑后,必须重新启动机器。

(五)结束语
综上所述,只要采用其中的任意一种方法,定义主机名字、主机表、网络接口设备及路由等参数,配置好Linux以太网,就能接入Internet,享受Internet提供的服务。