Linux 常用命令
概述
Linux 命令太多了,实在记不住,这里记录一下
功能
查看文件大小
bash
# 查看磁盘占用
$ df -h
# 递归遍历当前目录,并计算目录大小
$ du -h压缩与解压
bash
# 压缩当前目录下的 dist 目录
# -c, --create: create a new archvie
# -v, --verbose: verbosely list files processed
# -f, --file: use archive file or device
# -z, --gzip, --gunzip, --ungzip: filter the archive through gzip
$ tar cvfz dist.tar.gz ./dist
# 解压文件
# -z, --gzip, --gunzip, --ungzip: filter the archive through gzip
# -x, --extract, --get: extract files from an archive
# -v, --verbose: verbosely list files processed
# -f, --file: use archive file
$ tar -zxvf dist.tar.gz一些其它压缩包的解压命令:
- *.tar 用 tar -xvf 解压
- *.gz 用 gzip -d 或 gunzip 解压
- *.tar.gz 或 *.tgz 用 tar -xzf qev dyf
- *.bz2 用 bzip2 -d 或 bunzip2 解压
- *.tar.bz2 用 tar -xjf 解压
- *.Z 用 uncompress 解压
- *.tar.X 用 tar -xZf 解压
- *.rar 用 unrar e 解压
- *.zip 用 unzip 解压
查看网卡信息
bash
$ ifconfig
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.30 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::ceac:bee9:94a5:2e45 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:fa:e5:dd txqueuelen 1000 (Ethernet)
RX packets 64466 bytes 71618885 (68.3 MiB)
RX errors 0 dropped 114 overruns 0 frame 0
TX packets 35432 bytes 2127323 (2.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 16 bytes 1280 (1.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1280 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0查看端口监听
bash
# 查看所有端口占用情况
$ netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1202/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1290/master
tcp6 0 0 :::22 :::* LISTEN 1202/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1290/master
udp 0 0 127.0.0.1:323 0.0.0.0:* 948/chronyd
udp6 0 0 ::1:323 :::* 948/chronyd
# 查看指定端口占用情况
$ netstat -tunlp | grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1202/sshd
tcp6 0 0 :::22 :::* LISTEN 1202/sshd查看网速
bash
$ ifstat
ifstat: history is aged out, resetting
#kernel
Interface RX Pkts/Rate TX Pkts/Rate RX Data/Rate TX Data/Rate
RX Errs/Drop TX Errs/Drop RX Over/Rate TX Coll/Rate
lo 16 0 16 0 1280 0 1280 0
0 0 0 0 0 0 0 0
ens192 65535 0 35661 0 71685K 0 2142K 0
0 160 0 0 0 0 0 0iptables
修改 /etc/sysconfig/iptables 文件。
# Generated by iptables-save v1.4.21 on Mon Oct 25 21:27:57 2021
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [228:45504]
:DOCKER - [0:0]
:syn-flood - [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i docker0 -j ACCEPT
-A INPUT -i docker0 -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -i docker0 -p tcp -m tcp --dport 6379 -j ACCEPT
-A INPUT -i docker0 -p tcp -m tcp --dport 8088 -j ACCEPT
-A INPUT -s 10.10.0.0/16 -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j syn-flood
-A INPUT -i ens192 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m connlimit --connlimit-above 15 --connlimit-mask 32 --connlimit-saddr -j DROP
-A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 12/sec --limit-burst 24 -j ACCEPT
-A FORWARD -i docker0 -o ens192 -j ACCEPT
-A FORWARD -i ens192 -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-A DOCKER -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 2222 -j ACCEPT
-A DOCKER -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT
-A DOCKER -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A syn-flood -p tcp -m limit --limit 3/sec --limit-burst 6 -j RETURN
-A syn-flood -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Mon Oct 25 21:27:57 2021
# Generated by iptables-save v1.4.21 on Mon Oct 25 21:27:57 2021
*nat
:PREROUTING ACCEPT [11:932]
:INPUT ACCEPT [10:600]
:OUTPUT ACCEPT [10:520]
:POSTROUTING ACCEPT [10:520]
:DOCKER - [0:0]
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.17.0.5/32 -j MASQUERADE
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A POSTROUTING -s 172.17.0.5/32 -o bridge0 -j MASQUERADE
-A POSTROUTING -s 172.17.0.5/32 -o docker0 -j MASQUERADE
-A POSTROUTING -s 172.17.0.6/32 -d 172.17.0.6/32 -p tcp -m tcp --dport 2222 -j MASQUERADE
-A POSTROUTING -s 172.17.0.6/32 -d 172.17.0.6/32 -p tcp -m tcp --dport 443 -j MASQUERADE
-A POSTROUTING -s 172.17.0.6/32 -d 172.17.0.6/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A DOCKER -i docker0 -j RETURN
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 2222 -j DNAT --to-destination 172.17.0.6:2222
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 10443 -j DNAT --to-destination 172.17.0.6:443
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 8088 -j DNAT --to-destination 172.17.0.6:80
COMMIT