Posts

Showing posts from March, 2008

Linux - list online computer in LAN

for ip in $(seq 1 254); do ping -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo "192.168.1.$ip UP" || : ; done

Linux - vi replacement

利用 :s 命令可以實現字符串的替換。具體的用法包括:

:s/str1/str2/ 用字符串 str2 替換行中首次出現的字符串 str1
:s/str1/str2/g 用字符串 str2 替換行中所有出現的字符串 str1
:.,$ s/str1/str2/g 用字符串 str2 替換正文當前行到末尾所有出現的字符串 str1
:1,$ s/str1/str2/g 用字符串 str2 替換正文中所有出現的字符串 str1
:g/str1/s//str2/g 功能同上

從上述替換命令可以看到:g 放在命令末尾,表示對搜索字符串的每次出現進行替換;
不加 g,表示只對搜索字符串的首次出現進行替換;
g 放在命令開頭,表示對正文中所有包含搜索字符串的行進行替換操作。


Example:
:s/vivi/sky/ 換當前行第一個 vivi 為 sky
:s/vivi/sky/g 換當前行所有 vivi 為 sky
:n,$s/vivi/sky/ 換第 n 行到最後行中每一行的第一個 vivi 為 sky
:n,$s/vivi/sky/g 換第 n 行到最後行中每一行所有 vivi 為 sky
:%s/vivi/sky/ (等同於 :g/vivi/s//sky/) 換每一行的第一個 vivi 為 sky
:%s/vivi/sky/g (等同於 :g/vivi/s//sky/g) 換每一行中所有 vivi 為 sky
:s#vivi/#sky/# 換當前行第一個 vivi/ 為 sky/;使用 # 作為分隔符,此時中間出現的 / 不會作為分隔符
:%s+/oradata/+/user01+ (使用+ 來 替換 / ): /oradata/替換成/user01/
· :%s/^M$//g 刪除文本中的^M

Linux - 刪除文本中的^M

cat filename1 | tr -d “^V^M” > newfile;
or
sed -e “s/^V^M//” filename > outputfilename

需要注意的是在1、2兩種方法中,^V和^M指的是Ctrl+V和Ctrl+M。你必須要手工進行輸入,而不是粘貼。
如果上述方法無用,則正確的解決辦法是:

tr -d "\r" <>dest
tr -d "\015" dest
strings A>B

多做事、少說話

張飛: 「大哥 !」

名人金句
三國名將張飛 對劉備講過
張飛: 「大哥 !」

不招人妒是庸才

Linux - php errors to a log fiie

Add following line to /etc/php.ini to log errors to specified file – /var/log/php-scripts.log
# vi /etc/php.ini

Modify error_log directive
error_log = /var/log/php-scripts.log

Make sure display_errors set to Off (no errors to end users)
display_errors = Off

Save and close the file. Restart web server:
# /etc/init.d/httpd restart

Linux - convert UTC seconds

# date +"%D %T"; date +%s
03/19/08 16:23:27
1205915007

# date -d "1970-01-01 UTC 1205915007 seconds" +"%D %T"
03/19/08 16:23:27

Linux - Turn off "snmpd: Connection from - 127.0.0.1"

> May 20 10:40:03 mx01 snmpd[2572]: Connection from - 127.0.0.1
> May 20 10:40:03 mx01 snmpd[2572]: transport socket = 12
>
> Is there a way to turn off this useless logging?
Ok I found the answer to this problem. The /etc/rc.d/init.d/snmpd script contains the following code snippet:

if [ -e /etc/sysconfig/snmpd.options ]; then
. /etc/sysconfig/snmpd.options
else
OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a"
fi

Note that the OPTIONS= line indicates that smnpd starts with both -Lsd and -Lf /dev/null. As a result a ps auxww shows:

root 19645 0.0 0.2 12340 4436 ? S 12:05 0:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a

and apparently the -Lsd overrides the -Lf /dev/null so everything gets logged. If I create a /etc/sysconfig/snmpd.options file containing:

OPTIONS="-LS 4 d -p /var/run/snmpd.pid -a"

then only warnings or worse are logged to /var/log/messages and the useless connection messages get suppressed. The key is to rem…

如何管理自己的情緒

到底怎麼樣察覺情緒、控制情緒呢?以下提供幾個情緒管理的方法給各位參考。 

第一、體察自己的情緒。也就是,時時提醒自己注意:「我現在的情緒是什麼?」例如:當你因為朋友約會遲到而對他冷言冷語,問問自己:「我為什麼這麼做?我現在有什麼感覺?」如果你察覺你已對朋友三番兩次的遲到感到生氣,你就可以對自己的生氣做更好的處理。有許多人認為:「人不應該有情緒」,所以不肯承認自己有負面的情緒,要知道,人一定會有情緒的,壓抑情緒反而帶來更不好的結果,學著體察自己的情緒,是情緒管理的第一步。

第二、適當表達自己的情緒。再以朋友約會遲到的例子來看,你之所以生氣可能是因為他讓你擔心,在這種情況下,你可以婉轉的告訴他:「你過了約定的時間還沒到,我好擔心你在路上發生意外。」試著把「我好擔心」的感覺傳達給他,讓他了解他的遲到會帶給你什麼感受。什麼是不適當的表達呢?例如:你指責他:「每次約會都遲到,你為什麼都不考慮我的感覺?」當你指責對方時,也會引起他負面的情緒,他會變成一隻刺蝟,忙著防禦外來的攻擊,沒有辦法站在你的立場為你著想,他的反應可能是:「路上塞車嘛!有什麼辦法,你以為我不想準時嗎?」如此一來,兩人開始吵架,別提什麼愉快的約會了。如何「適當表達」情緒,是一門藝術,需要用心的體會、揣摩,更重要的是,要確實用在生活中。

第三、以合宜的方式紓解情緒。紓解情緒的方法很多,有些人會痛哭一場、有些人找三五好友訴苦一番、另些人會逛街、聽音樂、散步或逼自己做別的事情以免老想起不愉快,比較糟糕的方式是喝酒、飆車,甚至自殺。要提醒各位的是,紓解情緒的目的在於給自己一個釐清想法的機會,讓自己好過一點,也讓自己更有能量去面對未來。如果紓解情緒的方式只是暫時逃避痛苦,爾後需承受更多的痛苦,這便不是一個合宜的方式。有了不舒服的感覺,要勇敢的面對,仔細想想,為什麼這麼難過、生氣?我可以怎麼做,將來才不會再重蹈覆徹?怎麼做可以降低我的不愉快?這麼做會不會帶來更大的傷害?根據這幾個角度去選擇適合自己且能有效紓解情緒的方式,你就能夠控制情緒,而不是讓情緒來控制你!

2038-01-19 03:14:07 (Y2K38 bug)

2038年1月19日是一個值得注意的日期,它標誌了Y2K38 bug 30年倒計時開始。國際互聯網將於30年後遭遇“千年蟲”式問題,並可能導致網路崩潰。

到2038年,Unix系統時間所使用的32位整數將溢出。屆時,時間可能以負數形式出現。當然,更為關鍵的是,所有程式都將出現問題。因為程式所能夠識別的時間將變為1901年,而不是2038年。

儘管“千年蟲”問題並未給全球帶來太大的災難,但“2038 Bug”問題仍不容忽視。因為2006年的AOL Web伺服器崩潰就是最好的證明。

*** Unix系統是從1970年1月1日開始計算,到2038年超過2^31,確切的時間是世界標準時2038年1月19日星期二淩晨03:14:07。

Linux - The most slim VNC service on CentOS/ Redhat

yum install vncserver twm xterm firefox

su - root
vncpasswd
# enter VNC password

vi /etc/sysconfig/vncservers
# add the 2 lines
VNCSERVERS="1:root"
VNCSERVERARGS[1]="-geometry 800x600"

service vncserver start

Linux - default gateway

route add default gw 192.168.1.254 eth0

Linux - what is going on the Linux console screen

/dev/vcsN is a character device i.e. it refers to the memory of the currently displayed virtual console terminal. These are character devices for virtual console terminals, they have major number 7 and minor number 1 to 63.

You may do a screendump on using cat command (vt2) or just see what is going on the Linux console screen:

# cat /dev/vcs2 > /tmp/output.vt2.
# cat /dev/vcs2

Linux - Serial Console (Method 2 - Enable serial console on bootup)

Linux - Serial Console (Method 1 - Enable serial console on bootup)
Linux - Serial Console (Method 2 - Enable serial console on bootup)

Step # 1: Serial redirection in the GRUB

# vi /boot/grub/grub.conf

Append the following lines below “hiddenmenu” option:
serial --unit=1 --speed=19200
terminal --timeout=8 console serial

make sure splashimage options is disabled as graphics can’t be displayed across the serial port. Remove splashimage line or just comment it out by prefixing # symbol:
#splashimage=(hd0,0)/grub/splash.xpm.gz

Step # 2: Enabling serial output from the Linux kernel

Enabling serial output from the Linux kernel
Add the following at the end of that line - console=tty0 console=ttyS0,9600n

title Red Hat Enterprise Linux ES (2.6.9-42.0.10.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-42.0.10.ELsmp ro root=LABEL=/ console=tty0 console=ttyS1,19200n8
initrd /initrd-2.6.9-42.0.10.ELsmp.img

Step #3: Logging in via the serial console

Linux - Serial Ports Under Linux

Check serial devices
# dmesg | grep tty
or
# setserial -g /dev/ttyS[0123]


minicom Common features / usage
=> Setting up a remote serial console
=> Access a computer / server if the LAN is down
=> Connect to embedded Linux / BSD device via null modem cable
=> Connect to Cisco routers for configuration
=> Connect to dump device i.e. device w/o keyboard and mouse
=> Dialing directory with auto-redial
=> Support for UUCP-style lock files on serial devices
=> Separate script language interpreter
=> Capture to file
=> Multiple users with individual configurations

Setup minicom
# minicom -s
or
# minicom -s -c on

Start minicom
# minicom

minicom keyboard short cut keys
Use the following keys:
1. UP arrow-up or k
2. DOWN arrow-down or j
3. LEFT arrow-left or h
4. RIGHT arrow-right or l
5. CHOOSE (select menu) Enter
6. CANCEL ESCape

Linux - Postfix relay via ISP

Due to different ISP have different security rules, this article is just for reference.

Add the following line in to main.cf

relayhost = [ISP_SMTP_HOST]
myhostname = [HOSTNAME]
mydomain = [DOMAIN]

* edit the value of [...] according to your environment.

Linux - Program / Service on a Specific TCP Port

lsof
Type the following command to see IPv4 port(s), enter:
# lsof -Pnl +M -i4
Type the following command to see IPv6 listing port(s), enter:
# lsof -Pnl +M -i6

netstat
Type the command as follows:
# netstat -tulpn
# netstat -npl

Linux - ext3 File Tuning / Directory Optimization

To improve my file server performance, using e2fsck command. The -D option causes e2fsck to try to optimize all directories, either by reindexing them if the filesystem supports directory indexing, or by sorting and compressing directories for smaller directories, or for filesystems using traditional linear directories. It improves performance by using hashed binary trees.

Login as the root user

Take down system to single user mode and unmount file system:
# umount /dev/hda1

Now run e2fsck on unmounted file system:
# e2fsck -D -f /dev/hda1

Output:
e2fsck 1.39 (29-May-2006)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 3A: Optimizing directories
Pass 4: Checking reference counts
Pass 5: Checking group summary information

/disk2: ***** FILE SYSTEM WAS MODIFIED *****
/disk2: 39/26104 files (17.9% non-contiguous), 20045/104388 blocks

Mount file system:
# mount /dev/hda1

Linux - Microsoft Internet Explorer under Linux

IEs4LinuxIEs4Linux is the simpler way to have Microsoft Internet Explorer running on Linux

Linux - Network Auditing NMAP (2)

Regular Scan
nmap -v 192.168.0.224

Intense Scan
nmap -T Aggressive -A -v 192.168.0.224

Quick Scan
nmap -T Aggressive -v -n 192.168.0.224

Quick and verbose scan
nmap -d -T Aggressive --packet_trace -v -n 192.168.0.224


Operating System Detection
nmap -O -v 192.168.0.224

Quick Operating System detection
nmap -T Aggressive -O -v 192.168.0.224


Quick Full version Detection Scan
nmap -T Aggressive -sV -n -O -v 192.168.0.224

Quick Services version detection
nmap -T Aggressive -sV -v 192.168.0.224

Linux inside Windows

Image
Very nice !
andLinux is a complete Ubuntu Linux system running seamlessly in Windows 2000 based systems

Linux - VSFTPD Brute Force Attacks

yum install fail2ban

vi /etc/fail2ban.conf[VSFTPD]
enabled = true
logfile = /var/log/vsftpd.log
port = ftptimeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
timepattern = %%b %%d %%H:%%M:%%S
failregex = FAIL LOGINfwstart = iptables -N fail2ban-ftp
iptables -I INPUT -p tcp --dport ftp -j fail2ban-ftp
iptables -A fail2ban-ftp -j RETURNfwend = iptables -D INPUT -p tcp --dport ftp -j fail2ban-ftp
iptables -F fail2ban-ftp
iptables -X fail2ban-ftpfwcheck = iptables -L INPUT | grep -q fail2ban-ftp
fwban = iptables -I fail2ban-ftp 1 -s -j DROP
fwunban = iptables -D fail2ban-ftp -s -j DROP
vi /etc/vsftpd/vsftpd.conf
xferlog_enable=YES
#xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
#log_ftp_protocol=YES
dual_log_enable=YES
use_localtime=YES
service fail2ban start

Linux - Check IPTables NAT statistics

# cat /proc/net/ip_conntrack

# cat /proc/net/nf_conntrack

Login as root user and type the following to display list of all natted connections:
# netstat-nat -n
To display NAT connections with protocol selection, enter:
# netstat-nat -np
To display all connection by source IP called 192.168.1.100
# netstat-nat -s 192.168.1.100
To display all connections by destination IP/hostname called laptop, enter:
# netstat-nat -s laptop
To display SNAT connections, enter:
# netstat-nat -S
To display DNAT connections, enter:
# netstat-nat -D
To display only connections to NAT box self i.e. doesn’t show SNAT & DNAT, enter:
# netstat-nat -L
To display help, enter:
$ netstat-nat -h
$ man netstat-nat

MySQL - InnoDB tables

October 21, 2003, Table types in MySQL: Part 2 - InnoDB tables, By Ian Gilfillan

Last month we looked at the HEAP table type, a table type which runs entirely in memory. This month we look at setting up the InnoDB table type, the type of most interest to serious users. The standard MyISAM table type is ideal for website use, where there are many reads in comparison to writes, and no transactions. Where these conditions do not apply (and besides websites, they do not apply often in the database world), the InnoDB table is likely to be the table type of choice. This article is aimed at users who are familiar with MySQL, but have only used the default MyISAM table type.

InnoDB Features

* ACID-compliant transactions.
* Full referential integrity
* Row-level locking
* Tables are stored in a tablespace (unlike MyISAM tables where each table is a file)

What is an ACID-compliant transaction?

Database requests (selects, updates or inserts) happen linearly, one after the other. When one…

MySQL Replication

May 18, 2004, Database Replication in MySQL, By Ian GilfillanHow to start replicating - the master server* Grant the slave permission to replicate with the REPLICATION SLAVE privilege, for example as follows: GRANT REPLICATION SLAVE ON *.* TO slave_user IDENTIFIED BY 'slave_password'* If the master is not using the binary update log, add the following lines to the my.cnf or my.ini configuration file, and restart the server:log-bin
server-id=1

By convention, the master is usually server-id 1, and any slaves from 2 onwards, though you can change this if you wish. If the master is already using the binary update log, either take note of the offset at the moment of the backup (the next step), or use the RESET MASTER statement to clear all binary logs and immediately begin the backup. You may want to make a copy of the binary logs before doing this, in case you need to use the binary logs to restore from backup.
* Make a backup of the database. You will use this to start the slave ser…