If you want to solve administrative levels of problems, and want information about processes, this hands-on lab, will help you learn the Advanced level of commands to understand the system and solve issues in an effective manner.
How advanced linux commands are important for admin?
The task of a system administrator is to make sure that the system is working accurately. To perform administrative tasks such as troubleshooting, maintaining computer servers and networks, and monitoring the processes, you must know Linux advanced commands.
Prerequisite
- You should also know the basic set of commands in Linux. You can learn them in one of the hands-on labs we have.
- If your local machine have different OS than Linux. You can install Linux on top of Virtual Machine to follow the commands given below.
Advanced Linux commands
In this hands-on lab, you will learn the top most advanced Linux commands to help you understand the processes. So let’s get started!
Linux Commands Cheatsheet
For quick reference, review the below table for advanced Linux commands.
| Index | command | Usage |
| 1 | systemctl | It is used to get all information and to manage services in the system. |
| 2 | Journalctl | It is used to collect log information. |
| 3 | dig | It is used to get DNS server information. |
| 4 | nslookup | It is used to get DNS server information. |
| 5 | zip/unzip/tar | It is used to compress or decompress the file. |
| 6 | lsblk | It is used to see the block device’s information with their logical partition. |
| 7 | curl & wget | It is used to transfer data to or from a server, also used in connection-related troubleshooting. |
| 8 | free | It Keeps track of memory and displays free and used memory. |
| 9 | usermod | It is used to add and modify an existing user. |
| 10 | kill | It is used to terminate a process under a given ID |
| 11 | uptime | It is used to display for how long the system is running. |
| 12 | sed | It is a text editor used to perform a different operation on a file. |
| 13 | chmod | It is used to change file/directory permission. |
| 14 | chown | It is used to change file/directory ownership. |
| 15 | wall | It is used to write messages to all users. |
| 16 | df & du | Both commands are used to see disk space. Df-used to see free and used space on the mounted system.Du-used to see disk usage for all files and directories. |
| 17 | Ip or ifconfig | Both work the same to display and manipulate route & network interface. |
| 18 | traceroute | It is a network troubleshooting utility |
| 19 | mount & umount | 1)mount is used to attach (or mount) a filesystem to a specific directory in the file system hierarchy.2)umount is used to detach (or unmount) a mounted filesystem from its mount point. |
| 20 | fdisk | This command is used to see disk space.fdisk is especially used to display disk partitions, sizes, managing disk and types with the multiple commands under fdisk. |
| 21 | tcpdump | tcpdump tool is mostly used by the system administrator for troubleshooting connectivity-related issues in linux. |
| 22 | ping | To check connectivity between 2 nodes. |
| 23 | netstat | To get the network statistic/status information. |
| 24 | env | To see current environment variables and their associated values. |
| 25 | ufw | The ufw (uncomplicated firewall) command is used to configure and use the firewall. |
| 26 | awk | used for text processing and manipulation. |
Now, let’s dive deep into all the commands mentioned in the cheat sheet above one by one.
systemctl command
systemctl [option(s)] <command name>
In Linux, systemd is used as a service and system manager. The systemd provides a systemctl utility that helps you to get to know all active services running in the system. you can use the systemctl command to start and stop the service, to monitor the service status. With the help of systemctl, you can configure the service to run at the start of a system.
- To see active services running on a linux system
systemctl
root@master:~# systemctl UNIT LOAD ACTIVE SUB DESCRIPT> sys-devices-pci0000:00-0000:00:02.0-0000:01:00.0-virtio0-net-enp1s0.device loaded active plugged Virtio n> sys-devices-pci0000:00-0000:00:02.2-0000:03:00.0-virtio2-virtio\x2dports-vport2p1.device loaded active plugged /sys/dev> sys-devices-pci0000:00-0000:00:02.3-0000:04:00.0-virtio3-block-vda-vda1.device loaded active plugged /sys/dev> sys-devices-pci0000:00-0000:00:02.3-0000:04:00.0-virtio3-block-vda-vda14.device loaded active plugged /sys/dev> sys-devices-pci0000:00-0000:00:02.3-0000:04:00.0-virtio3-block-vda-vda15.device loaded active plugged /sys/dev> sys-devices-pci0000:00-0000:00:02.3-0000:04:00.0-virtio3-block-vda.device loaded active plugged /sys/dev> sys-devices-pci0000:00-0000:00:02.4-0000:05:00.0-virtio4-block-vdb.device loaded active plugged /sys/dev> sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/dev>
Press “q” to quit from the navigation window
| UNIT | The name of systemd unit |
| LOAD | Whether UNIT configurations are properly loaded into memory or not |
| ACTIVE | UNIT status, whether it is active or not |
| SUB | It provides more detailed information about UNIT, and values depend on unit type |
| DESCRIPTION | explain each unit and what it does |
- If you want to start/stop/enable/disable etc, any service
sudo systemctl status/start/stop <service name>
For example, here, we can check the apache2 service. If it’s not installed in the system, you can use the following command to install it.
sudo apt update && sudo apt install apache2 -y
root@master:~# sudo apt install apache2 -y Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: apache2-bin apache2-data apache2-utils libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libjansson4 liblua5.2-0 ssl-cert Suggested packages: apache2-doc apache2-suexec-pristine | apache2-suexec-custom www-browser ufw openssl-blacklist The following NEW packages will be installed: apache2 apache2-bin apache2-data apache2-utils libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libjansson4
To see the status you can use
sudo systemctl status apache2
root@master:~# sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2023-04-18 13:21:28 UTC; 2min 11s ago
Docs: https://httpd.apache.org/docs/2.4/
Main PID: 1638 (apache2)
Tasks: 55 (limit: 2335)
Memory: 5.5M
CGroup: /system.slice/apache2.service
├─1638 /usr/sbin/apache2 -k start
├─1641 /usr/sbin/apache2 -k start
└─1642 /usr/sbin/apache2 -k start
Apr 18 13:21:28 master systemd[1]: Starting The Apache HTTP Server...
Apr 18 13:21:28 master apachectl[1637]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >
Apr 18 13:21:28 master systemd[1]: Started The Apache HTTP Server.To start or to stop service we can use
sudo systemctl stop apache2
root@master:~# sudo systemctl stop apache2
root@master:~# sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Tue 2023-04-18 13:32:22 UTC; 3s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 1948 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS)
Main PID: 1638 (code=exited, status=0/SUCCESS)
Apr 18 13:21:28 master systemd[1]: Starting The Apache HTTP Server...
Apr 18 13:21:28 master apachectl[1637]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >
Apr 18 13:21:28 master systemd[1]: Started The Apache HTTP Server.sudo systemctl start apache2
root@master:~# sudo systemctl start apache2
root@master:~# sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2023-04-18 13:33:00 UTC; 4s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 1961 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 1965 (apache2)
Tasks: 55 (limit: 2335)
Memory: 5.2M
CGroup: /system.slice/apache2.service
├─1965 /usr/sbin/apache2 -k start
├─1966 /usr/sbin/apache2 -k start
└─1967 /usr/sbin/apache2 -k startFor more information and options, you can use the systemctl --help command.
journalctl command
journalctl [option(s)]
Systemd collects all logs from the kernel,initrd, different services, etc. These logs are known as journals. systemd runs the systemd-journald.service, which stores these logs in journal form. The systemd-journald.service stores these logs in binary format, To read and display these logs in a readable format, the journalctl utility is used. By default, journalctl displays logs in order, with the oldest first. (basically, to display all logs, to access and manipulate these logs journalctl command is used)
- To get all logs
journalctl
root@master:~# journalctl -- Logs begin at Fri 2021-12-10 12:45:27 UTC, end at Tue 2023-04-18 13:52:16 UTC. -- Dec 10 12:45:27 ubuntu kernel: Linux version 5.4.0-1050-kvm (buildd@lcy01-amd64-024) (gcc version 9.3.0 (Ubuntu 9.3.0-17ubu> Dec 10 12:45:27 ubuntu kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-5.4.0-1050-kvm root=PARTUUID=15d78722-1303-4b20-8724-> Dec 10 12:45:27 ubuntu kernel: x86/fpu: x87 FPU will use FXSAVE Dec 10 12:45:27 ubuntu kernel: BIOS-provided physical RAM map: Dec 10 12:45:27 ubuntu kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable Dec 10 12:45:27 ubuntu kernel: BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved Dec 10 12:45:27 ubuntu kernel: BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved Dec 10 12:45:27 ubuntu kernel: BIOS-e820: [mem 0x0000000000100000-0x000000007ffdcfff] usable Dec 10 12:45:27 ubuntu kernel: BIOS-e820: [mem 0x000000007ffdd000-0x000000007fffffff] reserved Dec 10 12:45:27 ubuntu kernel: BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved Dec 10 12:45:27 ubuntu kernel: BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved Dec 10 12:45:27 ubuntu kernel: NX (Execute Disable) protection: active
- To display priority-specific log entries.
journalctl -p warning
root@master:~# journalctl -p warning
-- Logs begin at Fri 2021-12-10 12:45:27 UTC, end at Tue 2023-04-18 19:50:12 UTC. --
Dec 10 12:45:27 ubuntu kernel: GPT:Primary header thinks Alt. header is not at the end of the disk.
Dec 10 12:45:27 ubuntu kernel: GPT:4612095 != 67108863
Dec 10 12:45:27 ubuntu kernel: GPT:Alternate GPT header not at the end of the disk.
Dec 10 12:45:27 ubuntu kernel: GPT:4612095 != 67108863
Dec 10 12:45:27 ubuntu kernel: GPT: Use GNU Parted to correct GPT errors.
Dec 10 12:45:33 ubuntu systemd[1]: cloud-config.service: Failed with result 'exit-code'.
Dec 10 12:45:33 ubuntu systemd[1]: Failed to start Apply the settings specified in cloud-config.
Dec 10 12:45:38 ubuntu sshd[527]: error: kex_exchange_identification: Connection closed by remote host
-- Reboot --
Apr 18 19:10:49 ubuntu kernel: Unstable clock detected, switching default tracing clock to "global"
If you want to keep using the local clock, then add:
"trace_clock=local"
on the kernel command line- To see only today’s log
journalctl --since today
root@master:~# journalctl --since today -- Logs begin at Fri 2021-12-10 12:45:27 UTC, end at Tue 2023-04-18 19:52:16 UTC. -- Apr 18 19:10:49 ubuntu kernel: Linux version 5.4.0-1050-kvm (buildd@lcy01-amd64-024) (gcc version 9.3.0 (Ubuntu 9.3.0-17ubu> Apr 18 19:10:49 ubuntu kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-5.4.0-1050-kvm root=PARTUUID=15d78722-1303-4b20-8724-> Apr 18 19:10:49 ubuntu kernel: x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' Apr 18 19:10:49 ubuntu kernel: x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' Apr 18 19:10:49 ubuntu kernel: x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' Apr 18 19:10:49 ubuntu kernel: x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
For more information and options, you can use the journalctl --help command.
dig command
dig [server] [Name] [type]
| [server] | IP address or Hostname of the name server |
| [Name] | The name of the resource which is going to be searched |
| [Type] | type of query requested by dig command |
- To install dig for ubuntu-based linux system
sudo apt update && sudo apt install dnsutils -y
The dig(Domain Information Groper) command is used to get information about DNS name servers, also used to troubleshoot DNS problems. basically, this command is mostly used by the network administrator.
- To query the domain name
dig cloudyuga.guru
root@master:~# dig cloudyuga.guru ; <<>> DiG 9.16.1-Ubuntu <<>> cloudyuga.guru ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26920 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;cloudyuga.guru. IN A ;; ANSWER SECTION: cloudyuga.guru. 60 IN A 13.127.124.182 cloudyuga.guru. 60 IN A 3.7.83.249 ;; Query time: 120 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Tue Apr 18 19:53:44 UTC 2023 ;; MSG SIZE rcvd: 75
It gives information such as dig version, and statistics about the query.
- To get short information, use the
+shortoption.
dig cloudyuga.guru +short
root@master:~# dig cloudyuga.guru +short 3.6.134.16 52.66.175.36
If no argument is specified with the dig command, It considers by default value as A(which stands for Address) and asks the DNS server to return the IP address associated with the domain name.
dig
root@master:~# dig ; <<>> DiG 9.16.1-Ubuntu <<>> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14149 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 86107 IN NS g.root-servers.net. . 86107 IN NS j.root-servers.net. . 86107 IN NS e.root-servers.net.
For more information and options, you can use the dig --help command.
nslookup command
nslookup [-option(s) ][ name|-][ server ]
Note – If nslookup command not found use apt-get install dnsutils -y command.
The nslookup command is used to get the information from the DNS server. This command is one of the most used commands by administrators for testing, getting domain names, IP addresses, and troubleshooting the DNS server.
The nslookup command can be worked in two modes such as interactive and non-interactive modes.
To use the nslookup command in interactive mode you can use the “nslookup” command on the terminal without passing any argument.
nslookup
root@master:~# nslookup > www.google.com Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: www.google.com Address: 142.250.194.36 Name: www.google.com Address: 2404:6800:4002:820::2004 > exit root@master:~#
To exit from interactive mode type “exit”
To use the nslookup command in the non-interactive mode, you have to pass the domain name or IP address of the domain.
The syntax for non-interactive mode –
nslookup <option(s)> [domain-name]
- To get the IP address of the domain name.
nslookup google.com
root@master:~# nslookup google.com Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: google.com Address: 142.250.193.238 Name: google.com Address: 2404:6800:4002:819::200e
- To get domain information from IP
nslookup <ip-address>
root@master:~# nslookup 142.250.193.238 238.193.250.142.in-addr.arpa name = del11s18-in-f14.1e100.net. Authoritative answers can be found from:
- To see the debugging information, use
debugflag.
nslookup -debug cloudyuga.guru
root@master:~# nslookup -debug cloudyuga.guru
Server: 127.0.0.53
Address: 127.0.0.53#53
------------
QUESTIONS:
cloudyuga.guru, type = A, class = IN
ANSWERS:
-> cloudyuga.guru
internet address = 3.7.83.249
ttl = 30
-> cloudyuga.guru
internet address = 13.127.124.182
ttl = 30
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name: cloudyuga.guru
Address: 3.7.83.249
Name: cloudyuga.guru
Address: 13.127.124.182
------------
QUESTIONS:
cloudyuga.guru, type = AAAA, class = IN
ANSWERS:
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------For more information about options, you can use the “man nslookup” command.
zip/unzip/tar commands
zip command
zip [option(s)] <archive name.zip> <files names separated by space>
The zip command is simply used to compress the file size. The extension of a zip-compressed file is.zip
- You can use the following command when an error for zip occurs (zip: command not found)
sudo apt update && sudo apt install zip -y
- To compress files using the zip command
zip <newfile_name.zip> <file/path>
root@master:~/zip# touch {1,2,3}.txt
root@master:~/zip# ls
1.txt 2.txt 3.txt
root@master:~/zip# zip newzip.zip 1.txt 2.txt 3.txt
adding: 1.txt (stored 0%)
adding: 2.txt (stored 0%)
adding: 3.txt (stored 0%)
root@master:~/zip# ls
1.txt 2.txt 3.txt newzip.zipFor more information and options, you can use the zip –help command.
unzip command
unzip [option(s)] <archive name>
unzip command will simply list, test and extract files from a zip archive file.
- To extract a file using unzip command
unzip <file_name.zip>
root@master:~/zip# ls newzip.zip root@master:~/zip# unzip newzip.zip Archive: newzip.zip extracting: 1.txt extracting: 2.txt extracting: 3.txt root@master:~/zip# ls 1.txt 2.txt 3.txt newzip.zip
For more information and options, you can use the unzip --help command.
tar command
tar [options] [archive-file] [file or directory to be archived]
tar(Tape Archive) command is used to create and extract archived files in linux. With the help of the tar command, we can extract multiple different archive files. The extension of the tar-compressed file is .tar .If you want better compression you can use gzip which gives a .tar.gz extension file.
- To create and archive a file, we use the
-cparameter.
tar -cvf <tar file name.tar> <file/dir path>
root@master:~/zip# ls 1.txt 2.txt 3.txt root@master:~/zip# tar -cvf newtar.tar 1.txt 2.txt 3.txt 1.txt 2.txt 3.txt root@master:~/zip# ls 1.txt 2.txt 3.txt newtar.tar
- To extract an archived tar file
-xparameter is used.
tar -xvf <archive file name>
root@master:~/zip# ls newtar.tar root@master:~/zip# tar -xvf newtar.tar 1.txt 2.txt 3.txt root@master:~/zip# ls 1.txt 2.txt 3.txt newtar.tar
Options –
| -c | To create an archive file this parameter is used |
| -x | To extract the archive file this command is used |
| -f | To create an archive file with the given name |
| -v | To display verbose information |
| -z | zip, tells tar command to create tar file using gzip |
For more information and options, you can use the tar --help command.
lsblk command
lsblk [option(s)] <device>
The lsblk (list block device) is used to list all block devices of a system with their logical partition. The lsblk command reads the sysfs filesystem and udev db to get this information. Expect (RAM disks) This command lists all block devices in a tree-like format.
- To display block devices on your system.
lsblk
root@master:~# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT vda 254:0 0 32G 0 disk ├─vda1 254:1 0 31.9G 0 part / ├─vda14 254:14 0 4M 0 part └─vda15 254:15 0 106M 0 part /boot/efi vdb 254:16 0 1M 0 disk
- To display information about the device owner, group, and mode of the block device.
lsblk -m
root@master:~# lsblk -m NAME SIZE OWNER GROUP MODE vda 32G root disk brw-rw---- ├─vda1 31.9G root disk brw-rw---- ├─vda14 4M root disk brw-rw---- └─vda15 106M root disk brw-rw---- vdb 1M root disk brw-rw----
- To see the information about the specific device.
sudo lsblk /dev/vda1
root@master:~# sudo lsblk /dev/vda1 NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT vda1 254:1 0 31.9G 0 part /
For more information and options, you can use the lsblk --help command
curl and wget command
curl
curl [option(s)]<URL>
Curl is a command-line tool is used to transfer data to or from the server and also used in connection-related troubleshooting. Curl command transfer data using different protocols(HTTP, FTP, IMAP, SMTP, SFTP, etc). curl uses the libcurl library
- To display the source code of the homepage for the domain. If we did not mention any protocol curl will interpret the content to HTTP.
curl https://cloudyuga.guru/
You can also download files from a remote location with the curl command and different options like –
a) The -O option will save the remote file in the current working directory with the same file name as the remote.
curl -O https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
root@master:~# mkdir test
root@master:~# cd test/
root@master:~/test# curl -O https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 113k 100 113k 0 0 587k 0 --:--:-- --:--:-- --:--:-- 587k
root@master:~/test# ls
tree-736885_960_720.jpgb)The -o option will save the remote file at your specified location with a different file name as well.
curl -o tree.jpg https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
root@master:~/test# curl -o tree.jpg https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 113k 100 113k 0 0 499k 0 --:--:-- --:--:-- --:--:-- 499k
root@master:~/test# ls
tree-736885_960_720.jpg tree.jpgFor more information and options, you can use the curl --help command.
wget
wget [option(s)]<URL>
Wget(world wide web get) tool is similar to curl but wget downloads the files from the server even when a user has not logged into the system(i.e non-interactive). It can work in the background without delaying the current process. It supports HTTP, HTTPS, and FTP protocols. Due to a network problem if downloading failed wget will keep retrying until the whole file has been downloaded.
- To download the file in the background and also create and write output into the file.
wget -b https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
root@master:~# mkdir wget
root@master:~# cd wget
root@master:~/wget# wget -b https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
Continuing in background, pid 760.
Output will be written to 'wget-log'.
root@master:~/wget# ls
tree-736885_960_720.jpg wget-log
root@master:~/wget# cat wget-log
--2023-04-19 10:13:07-- https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
Resolving cdn.pixabay.com (cdn.pixabay.com)... 104.18.14.16, 104.18.15.16, 2606:4700::6812:e10, ...
Connecting to cdn.pixabay.com (cdn.pixabay.com)|104.18.14.16|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 116655 (114K) [binary/octet-stream]
Saving to: 'tree-736885_960_720.jpg'
0K .......... .......... .......... .......... .......... 43% 1.31M 0s
50K .......... .......... .......... .......... .......... 87% 2.90M 0s
100K .......... ... 100% 720K=0.07s
2023-04-19 10:13:08 (1.51 MB/s) - 'tree-736885_960_720.jpg' saved [116655/116655]- To view all possible options of the wget command with URL.
wget -h https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg
root@master:~/wget# wget -h https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg GNU Wget 1.20.3, a non-interactive network retriever. Usage: wget [OPTION]... [URL]... Mandatory arguments to long options are mandatory for short options too. Startup: -V, --version display the version of Wget and exit -h, --help print this help -b, --background go to background after startup -e, --execute=COMMAND execute a `.wgetrc'-style command Logging and input file: -o, --output-file=FILE log messages to FILE -a, --append-output=FILE append messages to FILE -d, --debug print lots of debugging information
For more information and options, you can use the wget --help command.
free command
free [option(s)]
Free command is used to know the total amount of available free space, used space, and swap memory of a system. By default, it shows memory in kb (kilobytes). swap memory is part of a hard disk drive that acts like virtual RAM.
- To see available memory
free
root@master:~# free
total used free shared buff/cache available
Mem: 1996044 172868 1304768 488 518408 1797792
Swap: 0 0 0| Total | displays total installed memory(memory present in /proc/meminfo) |
| Used | It shows used memory |
| Free | it will display unused memory |
| Shared | it will display memory used by tmpfs(memory present in /proc/meminfo and it will display zero if it’s not available ) |
| Buff | It will display memory used by the kernel buffer |
| Cache | display memory used by page cache and slabs |
| buff/cache | display the sum of buffer and cache |
| Available | it shows available space |
- To get data in a human-readable format
free -h
This command gives output in the shortest 3-digit format with their respective units like B(bytes), K(kilos), M(megas), G(gigas), and T(teras).
For more information and options, you can use the free --help command.
usermod command
Usermod [option(s)] <username>
The usermod command is used to modify existing users. It can be used to modify attributes such as usernames, groups, permissions, etc. When we execute this command, it will make some changes in the file, which stores information about users.These files are:
| /etc/passwd | It contains information about the user accounts |
| /etc/group | It contains information about the groups |
| /etc/shadow | It contains secret information related to the user account such as password in encrypted form and can be accessed by the root user only |
| /etc/gshadow | It contains secret information related to the group, such as passwords in encrypted form, and can be accessed by the root user only |
| /etc/login.defs | define various settings related to the login process for users. It is a global configuration file that applies to all users on the system |
- To add information about the user by option
-c. You have to pass the user name after the usermod command in the example below: “ubuntu” is the user name.
sudo usermod -c "This is ubuntu user" ubuntu
root@master:~# sudo usermod -c "This is ubuntu user" ubuntu root@master:~# getent passwd ubuntu ubuntu:x:1000:1000:This is ubuntu user:/home/ubuntu:/bin/bash
getent command is used to check the user-related entry in /etc/passwd.
- To change the user home directory using the
-doption.
sudo usermod -d [directory-location][username]
root@master:~# useradd mike root@master:~# sudo usermod -d /var/mike mike root@master:~# getent passwd mike mike:x:1001:1001::/var/mike:/bin/sh
For more information and options, you can use the usermod --help command.
kill command
kill [option(s)] PID
The kill command is used to terminate the process. By sending a signal It will terminate the process single at a time with a given process ID.kill command sends SIGTERM signal to stop the process.
- To see all available locations of the kill command
type -a kill
root@master:~# type -a kill kill is a shell builtin kill is /usr/bin/kill kill is /bin/kill
We can use options (or signal) with kill command in different ways like –
- By number (eg. -2)
- With SIG prefix(eg. -SIGTERM)
- Without SIG prefix (eg. -KILL)
The process behaves according to the signal sent by the kill command and if no signal is specified, the default signal is -15(-TERM).
- To know all signals available for the kill command
kill -l
root@master:~# kill -l 1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP 6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1 11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM 16) SIGSTKFLT 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP 21) SIGTTIN 22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ 26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO 30) SIGPWR 31) SIGSYS 34) SIGRTMIN 35) SIGRTMIN+1 36) SIGRTMIN+2 37) SIGRTMIN+3 38) SIGRTMIN+4 39) SIGRTMIN+5 40) SIGRTMIN+6 41) SIGRTMIN+7 42) SIGRTMIN+8 43) SIGRTMIN+9 44) SIGRTMIN+10 45) SIGRTMIN+11 46) SIGRTMIN+12 47) SIGRTMIN+13 48) SIGRTMIN+14 49) SIGRTMIN+15 50) SIGRTMAX-14 51) SIGRTMAX-13 52) SIGRTMAX-12 53) SIGRTMAX-11 54) SIGRTMAX-10 55) SIGRTMAX-9 56) SIGRTMAX-8 57) SIGRTMAX-7 58) SIGRTMAX-6 59) SIGRTMAX-5 60) SIGRTMAX-4 61) SIGRTMAX-3 62) SIGRTMAX-2 63) SIGRTMAX-1 64) SIGRTMAX
To kill the unresponsive process with a number kill -9 <PID> or with signal kill -SIGKILL <PID>
kill -9 <PID>
root@master:~# root@master:~# sleep 100 & [1] 534 root@master:~# ps aux | grep sleep root 534 0.0 0.0 4260 588 pts/1 S 18:41 0:00 sleep 100 root 536 0.0 0.0 5188 724 pts/1 S+ 18:42 0:00 grep --color=auto sleep root@master:~# kill -9 534 root@master:~# ps aux | grep sleep root 538 0.0 0.0 5188 724 pts/1 S+ 18:42 0:00 grep --color=auto sleep [1]+ Killed sleep 100
There are multiple methods to kill the process depending on whether you know only name, PID, or how long process has been running such as –
- killall <process name>
- pkill [option(s)] <pattern>
- Xkill <resource>
For more information and options, you can use the kill --help command.
uptime command
uptime [option(s)]
uptime command is used to display the time for how long the system is running.
- To get the current system time, time for running state of the system, number of users logged in, and the load time for the past 1,5 and 15 minutes respectively.
uptime
root@master:~# uptime 18:43:39 up 5 min, 0 users, load average: 0.02, 0.04, 0.00
-sis used to get a specific starting time and date of the running process.
uptime -s
root@master:~# uptime -s 2023-04-19 18:38:13
For more information and options, you can use the uptime --help command.
sed command
sed [option(s)] <script><inputfile>
sed is a text stream editor used to perform lots of functions on files such as filtering, find and replace, insertion or deletion without opening a file. The most common use of the sed command is to find and replace the word.
- To replace/substitute string
sflag is used.
sed 's/old_string/new_string/' <file_name>
cat << EOF > test.txt hello This is demo file EOF
sed 's/demo/text/' test.txt
Above command replaces only the first occurrence.
- To replace all occurrences, use the
gflag in last.
sed 's/old_string/new_string/g' <file_name>
cat << EOF > sample.txt hello John How are you John? EOF
sed 's/John/Mr.bin/g' sample.txt
- To delete a specific line use
#dwhere # is the number of lines
sed 1d <file_name>
root@master:~# cat -n sample.txt
1 hello John
2 How are you John?
root@master:~# sed 2d sample.txt
hello JohnFor more information and options, you can use the sed --help command.
awk command
awk 'pattern { action }' input_fileThe awk command is used for text processing and manipulation. It is a powerful scripting language used for text scripting .though this is a text processing command but also used to generate reports, analyze data, and more.
Though linux provide the sed command it has some restriction .where awk provide feature such as –
- It scans line by line from files
- It is also used to format the output
- It is used to build small-scale programs, reports, etc.
- It splits the input line into fields.
- It is used to transform data files and much more
- To print the content of the file.
awk '{print}' <file_name>cat test.txt
awk '{print}' test.txt In the above example, no pattern is specified to the command, so the actions are applied to the whole file data.
- To print data from files that match the given pattern
awk '/<pattern>/{print}' file_nameawk '/demo/{print}' test.txt In the above example, the awk command prints all the line which matches the given pattern.
and also, To print data from files by sorting lines into fields. By default, the awk command splits the data delimited by whitespace characters and stores it into $n variables. suppose the line has 4 words in line then these words are stored in $1 to $4 variables respectively.$0 represents the whole line.
awk '{print $variable-range}' <file_name>awk '{print $1,$3}' test.txt In the above example, $1 & $4 represent the Name and Position fields respectively.
For more information about options, you can use the awk --help command.
chmod command
chmod [option(s)] <permission(s)> <file or directory>
To change the file and directory permissions the chmod(i.e change mode) command is used. This command only required permission and file name.
Permission– Can be read, write, execute, or a combination of them. It takes permission in number format as well.
File or directory– name of file or directory for which permission can be changed.
There are some specific letters that are used to give permission for that specific user.
To add permission there are 2 modes-
- Symbolic mode- In this mode symbols are used like u,g, and o to show user, group, and others and permission as well like r,w,x.
- Absolute mode- In this mode, we assign permission in 3 digit number which has ranged from 0-7.
| Reference | Class | Description |
| u | owner | Owner of file |
| g | group | Users who are members files group. |
| o | others | These users are not part of the owner or group. |
| a | all | All three of the above same as u-g-o |
There are some operators which are used to give permission
| + | This operator is used to add permission to a file/directory |
| – | This operator is used to remove permission to file/directory |
| = | This operator is used to assign equal permission to file/directory |
Permission which is assigned to given classes
| r | Permission to read the file |
| w | Permission to write or delete the file |
| x | Permission to execute the file / directory |
- If you want to give executable permission to the owner (Symbolic mode)
chmod u+x <file_name>
root@master:~/chmod# touch a.txt root@master:~/chmod# ls a.txt -ltr -rw-r--r-- 1 root root 0 Apr 19 19:16 a.txt root@master:~/chmod# chmod u+x a.txt root@master:~/chmod# ls a.txt -ltr -rwxr--r-- 1 root root 0 Apr 19 19:16 a.txt
- If you want to give executable permission to the owner (absolute mode)
chmod 744 <file_name>
root@master:~/chmod# touch b.txt root@master:~/chmod# ls b.txt -ltr -rw-r--r-- 1 root root 0 Apr 19 19:21 b.txt root@master:~/chmod# chmod 744 b.txt root@master:~/chmod# ls b.txt -ltr -rwxr--r-- 1 root root 0 Apr 19 19:21 b.txt
For more information and options, you can use the chmod –help command.
chown command
chown <new owner/user name> <file/directory name>
The ownership and permission of the file and directory ensure that the file and directory are secured. chown(change ownership) command is used to change the ownership of a file or directory.
For example to change the ownership
sudo chown root <file_name>
root@master:~/chmod# ls a.txt -ltr -rwxr--r-- 1 root root 0 Apr 19 19:16 a.txt root@master:~/chmod# sudo chown ubuntu a.txt root@master:~/chmod# ls a.txt -ltr -rwxr--r-- 1 ubuntu root 0 Apr 19 19:16 a.txt
It shows a message when a file change is made with -c option
sudo chown -c user_name <file_name>
root@master:~/chmod# ls a.txt -ltr -rwxr--r-- 1 root root 0 Apr 19 19:16 a.txt root@master:~/chmod# sudo chown -c root a.txt changed ownership of 'a.txt' from ubuntu to root root@master:~/chmod# ls a.txt -ltr -rwxr--r-- 1 root root 0 Apr 19 19:16 a.txt
For more information and options, you can use the chown --help command.
wall command
wall [option(s)]<message/file>
wall command is used to write a message to all users. This command displays the message and content of the file otherwise it takes a message as an argument and passes it as input to the wall.
- To display help message and exit
wall -h
root@master:~/chmod# root@master:~# wall -h Usage: wall [options] [<file> | <message>] Write a message to all users. Options: -g, --group <group> only send message to group -n, --nobanner do not print banner, works only for root -t, --timeout <timeout> write timeout in seconds -h, --help display this help -V, --version display version For more details see wall(1).
$wall -t command stops the write attempt to the terminal after a timeout Seconds, The default value is 300 seconds, and $wall -V shows the version
wall -V
root@master:~# wall -V wall from util-linux 2.34
For more information and options, you can use the wall --help command.
df and du command
df command
df [option(s)] <file name>
df(disk free) command is used to know the total space and available space on a file system. If we did not mention the file name then it displays the space currently available on the mounted file system.
- To see the space amount drivers use, we can use the following command where
-his used to show output in a human-readable format(kilobyte, megabytes,& gigabytes).
df -h
root@master:~# df -h Filesystem Size Used Avail Use% Mounted on /dev/root 31G 1.7G 30G 6% / devtmpfs 973M 0 973M 0% /dev tmpfs 975M 0 975M 0% /dev/shm tmpfs 195M 484K 195M 1% /run tmpfs 5.0M 0 5.0M 0% /run/lock tmpfs 975M 0 975M 0% /sys/fs/cgroup /dev/vda15 105M 5.2M 100M 5% /boot/efi root@master:~#
- To get file type you can use the
-Toption, and to get the grand total, use the--totaloption.
df -T --total
root@master:~# df -T --total Filesystem Type 1K-blocks Used Available Use% Mounted on /dev/root ext4 32340732 1715392 30608956 6% / devtmpfs devtmpfs 996312 0 996312 0% /dev tmpfs tmpfs 998020 0 998020 0% /dev/shm tmpfs tmpfs 199608 484 199124 1% /run tmpfs tmpfs 5120 0 5120 0% /run/lock tmpfs tmpfs 998020 0 998020 0% /sys/fs/cgroup /dev/vda15 vfat 106858 5321 101537 5% /boot/efi total - 35644670 1721197 33907089 5% -
For more information and options, you can use the df --help command.
du command
du [option(s)] <file/directory name>
du(disk usage) command is used to know how much amount of space is used by a file or directory from disk. The du command estimate and display disk space used by files/directories.
- To see the disk used by the directory.
-hoption used to show output in human-readable format(kilobyte, megabytes,& gigabytes).
du -h /etc/apt/
root@master:/# du -h etc/apt/ 56K etc/apt/apt.conf.d 4.0K etc/apt/preferences.d 4.0K etc/apt/auth.conf.d 16K etc/apt/trusted.gpg.d 12K etc/apt/sources.list.d 112K etc/apt/
For more information and options, you can use the du --help command.
ip or ifconfig command
ip
ip [option(s)] object <command | help>
Ip command is used to perform several network administrator tasks.ip command is used to perform tasks like assigning an address to a network interface or configuring network interface parameters, showing network information, manipulating routing devices and tunnels, setting up the ip address, etc.
- To see the private ip address of the machine
ip addr
root@master:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 72:e2:55:e1:a4:d4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.113/32 scope global dynamic enp1s0
valid_lft 86312089sec preferred_lft 86312089sec
inet6 fe80::70e2:55ff:fee1:a4d4/64 scope link
valid_lft forever preferred_lft forever- To display and alter the routing table a
route(r)object can be used.
ip route
root@master:/# ip route default via 10.0.0.5 dev enp1s0 proto dhcp src 10.0.0.113 metric 100 10.0.0.5 dev enp1s0 proto dhcp scope link src 10.0.0.113 metric 100
linkobject used to see link layer information for all available devices with the driver loaded.
ip link
root@master:/# ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 72:e2:55:e1:a4:d4 brd ff:ff:ff:ff:ff:ffFor more information and options, you can use the ip –help command.
Ifconfig
ifcofig [interface_name(optional)][arguments(optional)]
Ifconfig is used to configure the network interfaces. ifconfig is a part of net-tools. The IP command work in a similar manner but ifconfig has limited capabilities compared to the IP command
In the newer version of linux distributions ifconfig command is not configured. So the user has to install
- For Debian, Ubuntu, and related Linux distributions, install it with the below command
sudo apt update && sudo apt install net-tools -y
- To see all available interfaces
-a
ifconfig -a
root@master:/# ifconfig -a
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.113 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::70e2:55ff:fee1:a4d4 prefixlen 64 scopeid 0x20<link>
ether 72:e2:55:e1:a4:d4 txqueuelen 1000 (Ethernet)
RX packets 3613 bytes 724197 (724.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2736 bytes 572153 (572.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 177 bytes 18761 (18.7 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 177 bytes 18761 (18.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0- To get interface information in short use
-s
ifconfig -s
root@master:/# ifconfig -s Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg enp1s0 1500 3700 0 0 0 2792 0 0 0 BMRU lo 65536 177 0 0 0 177 0 0 0 LRU
For more information and options, you can use the ifconfig --help command.
traceroute command
traceroute [option(s)] HOST
Traceroute is a network troubleshooting utility. It is used to get the number of hops and the route of packets to reach the host(destination). This command is used when you want to know how the data is transmitted from the local machine(source) to the destination (host/remote machine). The traceroute command displays the routes, IP addresses, and hostnames of routers over the network.
(Note– traceroute6 is equivalent to traceroute it just uses IPv6)
- To install traceroute in linux
sudo apt update && sudo apt install traceroute -y
- To understand traceroute we are going to trace ubuntu.com as host(destination) using IPv4 protocol.
traceroute ubuntu.com
Copy Code 1 * * * 2 _gateway (10.0.0.5) 0.768 ms 0.738 ms 0.681 ms 3 * * * 4 * * *
root@master:~# traceroute ubuntu.com traceroute to ubuntu.com (185.125.190.29), 30 hops max, 60 byte packets 1 * * * 2 _gateway (10.0.0.5) 0.768 ms 0.738 ms 0.681 ms 3 * * * 4 * * *
Here,
- The 1st line displays the hostname and ip address(destination), the number of hops that are going to be attempted by the traceroute command, and packets size to be sent.
- The 2nd line shows the address of that hop. Then a three-space-separated time By default for each hop 3 packets sends that’s why 3 response times(in milliseconds) are listed.
- These 3 responses mean the time taken by a packet to reach the hop.
- The ‘*’ symbol shows packet loss. this happens because of high traffic, network outage, etc.
- To set the initial value to attempt from a given hop number, we use
-f(first_ttl-time to live) hop(instead of 1)means it will attempt from a given hop number.
traceroute -f 12 ubuntu.com
root@master:~# traceroute -f 12 ubuntu.com traceroute to ubuntu.com (185.125.190.20), 30 hops max, 60 byte packets 12 * * * 13 * * * 14 * * * 15 * * *
For more information and options, you can use the traceroute --help command.
mount and umount command
mount
mount [type][device][dir]
To attach additional devices to the file system mount command is used. The command passes the mount instruction to the kernel to complete the mount operation.
[type] is used to describe the file system type(EXT3, EXT4, BTRFS, XFS, HPFS, VFAT, etc.).If you did not mention the [dir] part of syntax its mount point is /etc/fstab (/etc/fstab contains information about which device needs to be mounted where)
- Use
-lto display information about file system mounted of a specific type-t
mount -l -t ext4
root@master:~# mount -l -t ext4 /dev/vda1 on / type ext4 (rw,relatime) [cloudimg-rootfs]
- To mount file
sudo mount /dev/sda1 <dir_name>
root@master:~# mkdir ttt root@master:~# mount -l -t ext4 /dev/vda1 on / type ext4 (rw,relatime) [cloudimg-rootfs] root@master:~# sudo mount /dev/vda1 ttt/ root@master:~# mount -l -t ext4 /dev/vda1 on / type ext4 (rw,relatime) [cloudimg-rootfs] /dev/vda1 on /root/ttt type ext4 (rw,relatime) [cloudimg-rootfs]
For more information and options, you can use the mount --help command.
umount
umount [device] or umount[dir]
umount command is used to unmount(detach) the attached file system from the system tree. You can detach the file system by using the mount point or device name.
- To detach a file system by using directory
sudo umount <dir_name>
root@master:~# mount -l -t ext4 /dev/vda1 on / type ext4 (rw,relatime) [cloudimg-rootfs] /dev/vda1 on /root/ttt type ext4 (rw,relatime) [cloudimg-rootfs] root@master:~# sudo umount ttt/ root@master:~# mount -l -t ext4 /dev/vda1 on / type ext4 (rw,relatime) [cloudimg-rootfs]
For more information and options, you can use the umount --help command.
fdisk command
fdisk [option(s)] device
fdisk(format disk) command is used to create and manipulate the disk partition table. fdisk command is used to create, delete, resize, copy, view, and move partitions on a hard drive. fdisk allows a maximum of 4 primary partitions and depending on the size of the hard disk it will create a logical partition as well.
- To view all disk partitions
sudo fdisk -l
root@master:~# fdisk -l Disk /dev/vda: 32 GiB, 34359738368 bytes, 67108864 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: D0D1B0A1-7F45-4114-A461-D7D481DDE3D0 Device Start End Sectors Size Type /dev/vda1 227328 67108830 66881503 31.9G Linux filesystem /dev/vda14 2048 10239 8192 4M BIOS boot /dev/vda15 10240 227327 217088 106M EFI System Partition table entries are not in disk order. Disk /dev/vdb: 1 MiB, 1048576 bytes, 2048 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
- To view partitions on the specific disk.
sudo fdisk -l /dev/vda14
root@master:~# sudo fdisk -l /dev/vda14 Disk /dev/vda14: 4 MiB, 4194304 bytes, 8192 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
- To view all commands under fdisk use
sudo fdisk /dev/vda
root@master:~# sudo fdisk /dev/vda Welcome to fdisk (util-linux 2.34). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Command (m for help): m Help: GPT M enter protective/hybrid MBR Generic d delete a partition F list free unpartitioned space l list known partition types n add a new partition
For more information and options, you can use the fdisk --help command.
tcpdump command
tcpdump [option(s)]<expression>
- Install tcpdump with below command
apt update && apt install tcpdump -y
- To capture a packet of the current network interface
sudo tcpdump
9:41:05.193007 IP _gateway.49972 > master.http-alt: Flags [.], ack 39407751, win 1908, options [nop,nop,TS val 686132450 ecr 2619361836], length 0 09:41:05.193061 IP _gateway.49972 > master.http-alt: Flags [.], ack 39408180, win 1908, options [nop,nop,TS val 686132450 ecr 2619361836], length 0 09:41:05.193116 IP master.http-alt > _gateway.49972: Flags [P.], seq 39408180:39408762, ack 7, win 501, options [nop,nop,TS val 2619361836 ecr 686132450], length 582: HTTP 09:41:05.193188 IP _gateway.49972 > master.http-alt: Flags [.], ack 39408762, win 1908, options [nop,nop,TS val 686132450 ecr 2619361836], length 0 09:41:05.193213 IP master.http-alt > _gateway.49972: Flags [P.], seq 39408762:39409038, ack 7, win 501, options [nop,nop,TS val 2619361836 ecr 686132450], length 276: HTTP 09:41:05.193283 IP _gateway.49972 > master.http-alt: Flags [.], ack 39409038, win 1908, options [nop,nop,TS val 686132450 ec
- To display all available interfaces
sudo tcpdump -D
root@master:~# sudo tcpdump -D 1.enp1s0 [Up, Running] 2.lo [Up, Running, Loopback] 3.any (Pseudo-device that captures on all interfaces) [Up, Running] 4.bluetooth-monitor (Bluetooth Linux Monitor) [none] 5.nflog (Linux netfilter log (NFLOG) interface) [none] 6.nfqueue (Linux netfilter queue (NFQUEUE) interface) [none] root@master:~#
- To display information about the specific interface
-ioption is used
sudo tcpdump -i lo
root@master:~# sudo tcpdump -i lo tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
For more information and options, you can use the tcpdump --help command.
ping command
ping [option]<hostname/IP_address>
- To install ping on Ubuntu/Debian
apt update && apt install inetutils-ping -y
- To troubleshoot networking issues and check the connectivity the
pingcommand is used.
ping google.com
root@master:~# ping google.com PING google.com (142.250.193.14): 56 data bytes 64 bytes from 142.250.193.14: icmp_seq=0 ttl=57 time=2.604 ms 64 bytes from 142.250.193.14: icmp_seq=1 ttl=57 time=2.540 ms 64 bytes from 142.250.193.14: icmp_seq=2 ttl=57 time=2.787 ms 64 bytes from 142.250.193.14: icmp_seq=3 ttl=57 time=2.951 ms 64 bytes from 142.250.193.14: icmp_seq=4 ttl=57 time=2.411 ms ^C--- google.com ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 2.411/2.659/2.951/0.190 ms
For more information and options, you can use the ping --help command.
netstat command
netstat [option(s)]
- To install netstat on Ubuntu/Debian
apt-get install net-tools -y
The Netstat command is used to get the network statistic/status information. However, the netstat command finds network-related issues by specifying the amount of traffic on a network,open-closed ports, routing tables, interface records, etc.
When we use the netstat command without any option it gives information related to the network for example –
netstat
root@master:~# netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 231 master:http-alt _gateway:49972 ESTABLISHED tcp 0 0 master:2999 _gateway:38940 ESTABLISHED tcp 0 0 localhost:54306 localhost:3000 ESTABLISHED tcp 0 0 localhost:3000 localhost:54306 ESTABLISHED
Here,
- Proto – Gives information related to which protocol is used for connection like (TCP, and UDP).
- Recv-Q – Gives information related to received or ready-to-receive queue of bytes.
- Send-Q – Gives information related to the queue of bytes ready to be sent.
- Local address – Gives information related to the address and port of the local connection.
- Foreign address – Gives information related to the address and port of the remote connection.
- State – Gives information related to the state of the local socket like(ESTABLISHED, LISTENING, CLOSED or blank)
The second part shows information related to active UNIX domain sockets
Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 3 [ ] DGRAM 5331 /run/systemd/notify unix 4 [ ] DGRAM 5350 /run/systemd/journal/dev-log unix 8 [ ] DGRAM 5354 /run/systemd/journal/socket unix 3 [ ] STREAM CONNECTED 10385 unix 3 [ ] STREAM CONNECTED 10286 /run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 10387 unix 3 [ ] STREAM CONNECTED 9156 unix 3 [ ] STREAM CONNECTED 10285 unix 2 [ ] DGRAM 6639 unix 3 [ ] STREAM CONNECTED 10384 unix 2 [ ] DGRAM 10277 unix 3 [ ] STREAM CONNECTED 10386 unix 3 [ ] STREAM CONNECTED 8065 /run/systemd/journal/stdout
Here,
- Proto – Gives information related to which protocol is used for connection (always UNIX)
- RefCnt – Gives information related to attached processes to the socket(by providing the reference number).
- Flags – Gives information related to flags. It is usually ACC or Blanks(note – SO_ACCEPTON is displayed as ACC which is used to show used on unconnected sockets if their related processes are waiting for connection request )
- Type – Gives information related to types of sockets.
- State – Gives information related to sockets like CONNECTED, LISTENING, or blank.
- I-Node – Gives information about the inode related to the socket.
- Path – Gives information related to the socket system path.
- For example to list all listening port
netstat -l
root@master:~# netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:http-alt 0.0.0.0:* LISTEN tcp 0 0 localhost:domain 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:2999 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN udp 0 0 localhost:domain 0.0.0.0:* udp 0 0 master:bootpc 0.0.0.0:* raw6 0 0 [::]:ipv6-icmp [::]:* 7 Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 5334 /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 8323 /run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 8341 /run/lxd-installer.socket unix 2 [ ACC ] STREAM LISTENING 5336 /run/systemd/userdb/io.systemd.DynamicUser
For more information about options, you can use the man netstat command.
env command
env [OPTION]...[-][NAME=VALUE]...[COMMAND [ARG]...]
The env command is used to see current environment variables and their associated values. many times env command is used by shell scripts to launch the correct interpreter.
- To show all env variables without any argument.
env
root@master:~# root@master:~# env PWD=/root GIT_EXEC_PATH=/usr/lib/git-core THEIA_SHELL=/bin/bash HOME=/root LANG=C.UTF-8 LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36: LOCAL_GIT_DIRECTORY=/usr INVOCATION_ID=7a80c694d65a47a799ba33c63c621982 VSCODE_API_VERSION=1.53.2 LESSCLOSE=/usr/bin/lesspipe %s %s TERM=xterm-color LESSOPEN=| /usr/bin/lesspipe %s SHLVL=1 JOURNAL_STREAM=9:11574 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin OLDPWD=/ _=/usr/bin/env
- To display version information and exit
env --version
root@master:~# env --version env (GNU coreutils) 8.30 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Written by Richard Mlynarik, David MacKenzie, and Assaf Gordon.
For more information about options, you can use the man env command.
ufw command
ufw <option(s)> [rule]
- To install ping on Ubuntu/Debian
apt-get install ufw -y
The ufw (uncomplicated firewall) command is used to configure and use the firewall. ufw command uses the iptables. ufw command is used to set rules to allow or deny incoming and outgoing network traffic to and from their system., or to create an IPv4 or IPv6 host-based firewall, etc. Also, the ufw command is used to setting up firewall rules to protect their system from unauthorized access and malicious network traffic.
- To see the status of the firewall use ufw
sudo ufw status
root@master:~# sudo ufw status Status: inactive
- You can see in the above example that the firewall is inactive to make active use following command.
sudo ufw enable
root@master:~# sudo ufw status Status: inactive root@master:~# sudo ufw enable Firewall is active and enabled on system startup root@master:~# sudo ufw status Status: active
- If you want to block a network connection from a specific IP address, you can run the following command.
sudo ufw deny from 203.0.113.100
root@master:~# sudo ufw deny from 203.0.113.100 Rule added root@master:~# sudo ufw status Status: active To Action From -- ------ ---- Anywhere DENY 203.0.113.100
- To undo things like to allow you can use following command
sudo ufw allow from 203.0.113.100
root@master:~# sudo ufw allow from 203.0.113.100 Rule updated root@master:~# sudo ufw status Status: active To Action From -- ------ ---- Anywhere ALLOW 203.0.113.100
- To delete a rule you can use the following command to get the id and delete the rule using that id
sudo ufw status numbered
root@master:~# sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] Anywhere ALLOW IN 203.0.113.100
- To delete the rule using the id
sudo ufw delete <id>
root@master:~# sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] Anywhere ALLOW IN 203.0.113.100
root@master:~# sudo ufw delete 1
Deleting:
allow from 203.0.113.100
Proceed with operation (y|n)? y
Rule deleted
root@master:~# sudo ufw status numbered
Status: activeFor more information about options, you can use the man ufw command.
Conclusion
To perform linux administrative tasks you must have knowledge of the above commands. mastering advanced Linux commands is essential for improving productivity and streamlining workflows. Commands such as ping, awk, curl, journalctl, nslookup, etc. are powerful commands/tools for performing complex tasks, automating repetitive tasks, and troubleshooting issues efficiently.
Perform the above lab so the user can become more efficient and get a deeper understanding of Advanced linux commands.
There are lots of more helpful commands. If we have left something out, please let us know and share your favorite Advanced Linux commands in the comment section. Have Great learning!
