Some basic Unix Commands


Following assume you use Dovecot

      • find all the IP's a user connects from to check dovecot mail with number of connections for each
        grep 'dovecot:' /var/log/mail.log | grep 'Login:' | grep 'rip=' | cut -d',' -f3 | cut -d'=' -f2 | sort | uniq -c
      • find all protocols a user connects from to check dovecot mail, with number of connections
        grep 'dovecot:' /var/log/mail.log | grep 'Login:' | cut -d':' -f4 | cut -d'-' -f1 | sort | uniq -c
      • Get a list of all banned sites with the jails that banned them from fail2ban with number of hits (gives you a list of IP's that are hitting you a lot)
        # limit by date
        grep '2014-02-2' fail2ban.log | grep 'Ban' | cut -d' ' -f5,7 | sort | uniq -c | sort
        # dump the whole log file
        grep 'Ban' fail2ban.log | cut -d' ' -f5,7 | sort | uniq -c | sort
        
      • Block all UDP traffic with IPTables
        iptables -A INPUT -p udp -j DROP
        iptables -A OUTPUT -p udp -j DROP
        # to disable, issue this command
        iptables -D OUTPUT -p udp -j DROP
        
      • As above, but allow DNS via port 53, see http://stackoverflow.com/questions/11064248/block-all-udp-traffic-except-dns-using-iptables
        iptables -A INPUT -p udp --sport 53 -j ACCEPT
        iptables -A INPUT -p udp --dport 53 -j ACCEPT
        iptables -A OUTPUT -p udp --sport 53 -j ACCEPT
        iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
        iptables -A INPUT -p udp -j DROP
        iptables -A OUTPUT -p udp -j DROP
        
      • Block someone who is attacking you via iptables
        iptables -A INPUT -s address.of.bad.guy -j DROP
        
      • find all .bak files in the samba share and determine total space used by them
        find samba/ -type f -iname '*\.bak' -exec du -Bk \{\} \; | cut -dK -f1| paste -sd+ - | bc
        
        • This is in three parts. First, we use find to locate all *.bak files (case insensitive), then have it run the du command on them. Using -Bk means the output will all be in kilobytes
        • Then, we pass the output of that to cut, parsing only the numbers before the 'K' that du puts after the number, so we have a stream of integers, one per line.
        • Now, pass that to paste, which will concatenate all ines together, separated by a delimiter (a plus sign in this case). paste normally wants a file, but using the trailing - tells it to take its input from STDIN
        • At this point, we have a formula, fs1+fs2+fs3, which we simply pass to bc. It calculates the results of the formula, and prints the result on the output.
      • As above, but also count the number of files. Warning: This only works in bash, zsh and ksh. Will not work in dash or sh (or bash in sh mode)
        find samba/ -type f -iname '*\.bak' -exec du -Bk \{\} \; | cut -dK -f1| tee >(wc>/tmp/a) | paste -sd+ - | bc ; cat /tmp/a
        
      • Find the oldest file in a directory tree
        find -type f -printf '%T+ %p\n' | sort | head -n 1 # oldest
        find -type f -printf '%T+ %p\n' | sort -r | head -n 1 # newest
        http://superuser.com/questions/552600/how-can-i-find-the-oldest-file-in-a-directory-tree#552606

 

Tags: dovecot, iptables
Last update:
2016-06-14 03:59
Author:
Rod
Revision:
1.5
Average rating:0 (0 Votes)

You cannot comment on this entry

Chuck Norris has counted to infinity. Twice.

Records in this category

Tags