Chinaunix首页 | 论坛 | 博客

Go ahead, try it now..ulovko.blog.chinaunix.net

首页 |  博文目录 |  关于我

ulovko

  • 博客访问: 734536
  • 博文数量: 235
  • 博客积分: 4309
  • 博客等级: 中校
  • 技术积分: 2325
  • 用 户 组: 普通用户
  • 注册时间: 2011-01-17 11:25
个人简介

If you don\\\\\\\\\\\\\\\'t wanna do it, you find an EXCUSE; if you do, you\\\\\\\\\\\\\\\'ll find a WAY :-)

文章分类

全部博文(235)

文章存档

2014年(3)

2013年(2)

2012年(31)

2011年(199)

我的朋友
最近访客
推荐博文
相关博文
FreeBSD Monitoring

分类: BSD

2011-10-11 22:08:15

"I'm an egotistical bastard, and I name all my projects after myself. 
First Linux, now git."  ~ Linus Torvalds
1: 系统工具
  1. netstat -w 5 -d (displays how many packets and bytes your system is processing)
  2. netstat -na -f inet (view open network connections)
  3. netstat -nb -f inet (display only connections with foreign systems)
  5. netstat -m (An mbuf is a chunk of kernel memory used for networking)
  6. netstat -s -f inet -p tcp (display system-wide statistics for each network protocol)
  8. sockstat -4 (lists ports listening to the network)

  9. vmstat -w 5 -n 1 (    shows the current virtual memory statistics -n:显示磁盘数)
  11. r:等待CPU b:等待Disk w:swap out( your memory is inadequate for the work )
  12. avm:虚拟内存用量 fre:空闲内存

  14. flt:page falts re:pages reused from cache pi:page in po:page out
  15. fr:how many pages are freed per second
  16. sr:how many pages are scanned per second

  18. da0:磁盘名称
  19. in:IRQ sy:system calls cs:context switches
  1. us:user task sy:system task  id:idle
  2. (Having high fr and flt values can indicate lots of short-lived processes)

  4. top (provides a good overview of system status, displaying information
  5. about CPU, memory, and disk usage)
  6. " m "键  Display either 'cpu'  or  'io' statistics.  Default is  'cpu' 
  1. last pid: 被分配的pid数 load averages:1 5 15 平均负载 up:运行时间 当前时间
  2. 进程数目 和 进程状态 (被分配51039个pid? 程序重启会被重新分配pid!或者 有进程在不停的fork)
  3. CPU开销:user calls 优先级是否调整过 system calls IRQ 空闲时间
  4. wired memory: used for in-kernel data structures

  6. Disk I/O:
  7. # gstat (check disk activity, print statistics about GEOM disks; man 8 gstat)

  9. # man gstat
  10. SEE ALSO
  11.              systat(1), geom(4), iostat(8), vmstat(8)
  12. HISTORY
  13.              A gstat utility appeared in FreeBSD 5.0.

  15. FreeBSD 9.0                     March 12, 2009                     FreeBSD 9.0

  17. diskinfo — get information about disk device

  19. > diskinfo -ctv ada0
  20. ada0
  21. 512         # sectorsize
  22. 500107862016 # mediasize in bytes (465G)
  23. 976773168   # mediasize in sectors
  24. 0           # stripesize
  25. 0           # stripeoffset
  26. 969021       # Cylinders according to firmware.
  27. 16           # Heads according to firmware.
  28. 63           # Sectors according to firmware.
  29. 5VJ9ML6Q     # Disk ident.

  31. I/O command overhead:
  32. time to read 10MB block      0.128603 sec =    0.006 msec/sector

  34. # stat (display file status)
  1. ps -axx (following processes)
  2. ps -ajx (following processes)
  3. ps -aux (following processes)

  5. A buffer is something that has yet to be "written" to disk. A cache is something that has been "read" from the disk and stored for later use.
2:lsof
  1. Show Your Network Connections

  3. # lsof -i (Show all connections with -i)
  4. COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
  5. dhcpcd 6061 root 4u IPv4 4510 UDP *:bootpc
  6. sshd 7703 root 3u IPv6 6499 TCP *:ssh (LISTEN)
  7. sshd 7892 root 3u IPv6 6757 TCP 10.10.1.5:ssh->192.168.1.5:49901 (ESTABLISHED)

  10. # lsof -iTCP (Show only TCP ,works the same for UDP)
  11. COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
  12. sshd 7703 root 3u IPv6 6499 TCP *:ssh (LISTEN)
  13. sshd 7892 root 3u IPv6 6757 TCP 10.10.1.5:ssh->192.168.1.5:49901 (ESTABLISHED)

  16. # lsof -i :22 (-i :port shows all networking related to a given port)
  17. COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
  18. sshd 7703 root 3u IPv6 6499 TCP *:ssh (LISTEN)
  19. sshd 7892 root 3u IPv6 6757 TCP 10.10.1.5:ssh->192.168.1.5:49901 (ESTABLISHED)

  21. # lsof -i@192.168.1.5 (To show connections to a specific host, use @host)
  22. sshd 7892 root 3u IPv6 6757 TCP 10.10.1.5:ssh->192.168.1.5:49901 (ESTABLISHED)

  24. # lsof -i@192.168.1.5:22 (Show connections based on the host and the port using @host:port
  25. sshd 7892 root 3u IPv6 6757 TCP 10.10.1.5:ssh->192.168.1.5:49901 (ESTABLISHED)

  28. # lsof -i| grep LISTEN (Grepping for "LISTEN" shows what ports your system is 
  29. waiting for connections on)
  30. iTunes 400 daniel 16u IPv4 0x4575228 0t0 TCP *:daap (LISTEN)

  33. # lsof -i| grep ESTABLISHED (Grepping for "ESTABLISHED" shows current active connections)
  34. firefox-b 169 daniel 49u IPv4 0t0 TCP 1.2.3.3:1863->1.2.3.4:http (ESTABLISHED)

  36. Working with Users, Processes, and Files
  37. You can also get information on various users, processes, and files on your system using lsof:
  39. # lsof -u daniel (Show what a given user has open using -u)
  41. -- snipped --
  42. Dock 155 daniel txt REG 14,2 2798436 823208 /usr/lib/libicucore.A.dylib
  43. Dock 155 daniel txt REG 14,2 1580212 823126 /usr/lib/libobjc.A.dylib
  44. Dock 155 daniel txt REG 14,2 2934184 823498 /usr/lib/libstdc++.6.0.4.dylib
  45. Dock 155 daniel txt REG 14,2 132008 823505 /usr/lib/libgcc_s.1.dylib
  46. Dock 155 daniel txt REG 14,2 212160 823214 /usr/lib/libauto.dylib
  47. -- snipped --

  50. # lsof -c syslog-ng (See what files and network connections a command is using with -c)
  51. COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
  52. syslog-ng 7547 root cwd DIR 3,3 4096 2 /
  53. syslog-ng 7547 root rtd DIR 3,3 4096 2 /
  54. syslog-ng 7547 root txt REG 3,3 113524 1064970 /usr/sbin/syslog-ng
  55. syslog-ng 7547 root mem REG 0,0 0 [heap]
  56. syslog-ng 7547 root mem REG 3,3 105435 850412 /lib/libpthread-2.4.so
  57. syslog-ng 7547 root mem REG 3,3 1197180 850396 /lib/libc-2.4.so
  58. syslog-ng 7547 root mem REG 3,3 59868 850413 /lib/libresolv-2.4.so
  59. syslog-ng 7547 root mem REG 3,3 72784 850404 /lib/libnsl-2.4.so
  60. syslog-ng 7547 root mem REG 3,3 32040 850414 /lib/librt-2.4.so
  61. syslog-ng 7547 root mem REG 3,3 126163 850385 /lib/ld-2.4.so
  62. -- snipped --

  65. # lsof /var/log/messages (Pointing to a file shows what's interacting with that file)
  66. COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
  67. syslog-ng 7547 root 4w REG 3,3 217309 834024 /var/log/messages

  70. #lsof -p 10075 (The -p switch lets you see what a given process ID has open, which is good 
  71.                  for learning more about unknown processes)
  72. -- snipped --
  73. sshd 10068 root mem REG 3,3 34808 850407 /lib/libnss_files-2.4.so
  74. sshd 10068 root mem REG 3,3 34924 850409 /lib/libnss_nis-2.4.so
  75. sshd 10068 root mem REG 3,3 26596 850405 /lib/libnss_compat-2.4.so
  76. sshd 10068 root mem REG 3,3 200152 509940 /usr/lib/libssl.so.0.9.7
  77. sshd 10068 root mem REG 3,3 46216 510014 /usr/lib/liblber-2.3
  78. sshd 10068 root mem REG 3,3 59868 850413 /lib/libresolv-2.4.so
  79. sshd 10068 root mem REG 3,3 1197180 850396 /lib/libc-2.4.so
  80. sshd 10068 root mem REG 3,3 22168 850398 /lib/libcrypt-2.4.so
  81. sshd 10068 root mem REG 3,3 72784 850404 /lib/libnsl-2.4.so
  82. sshd 10068 root mem REG 3,3 70632 850417 /lib/libz.so.1.2.3
  83. sshd 10068 root mem REG 3,3 9992 850416 /lib/libutil-2.4.so
  84. -- snipped --

  87. # lsof -t -c Mail (The -t option returns just a PID)
  88. 350
  89. # ps aux | grep Mail
  90. daniel 350 0.0 1.5 405980 31452 ?? S Mon07PM 2:50.28 /Applications/Mail.app

  92. Advanced Usage

  94. # lsof -a -u daniel -i @1.1.1.1 (Using-a allows you to combine search terms, so the query 
  95. below says, "show me everything running as daniel connected to 1.1.1.1")
  96. bkdr 1893 daniel 3u IPv6 3456 TCP 10.10.1.10:1234->1.1.1.1:31337 (ESTABLISHED)

  99. # kill -HUP `lsof -t -c sshd` (Using the -t and -c options together you can HUP processes)
  100. # kill -9 `lsof -t -u daniel` (You can also use the -t with -u to kill everything a user has open)

  103. # lsof +L1 (lsof +L1 shows you all open files that have a link count less than 1, 
  104. often indicative of a cracker trying to hide something)
  105. (hopefully nothing)

3: find
  1. Basics
  2. # find . -name "*.jpg" (find by name)
  3. # find . -user daniel (find by user)
  4. # find . -type d (find by type)
  5. # find ~/Movies/ -size +1024M  (find by size)
  6. # find /etc/ -user root -mtime 1 (find by Modification Time)

  8. The checks you can use here are:
  10. -atime: when the file was last accessed
  11. -ctime: when the file's permissions were last changed
  12. -mtime: when the file's data was last modified

  14. -amin: when (in minutes) the file was last accessed
  15. -cmin: when (in minutes) the file's permissions were last changed
  16. -mmin: when (in minutes) the file's data was last modified

  18. # find ~ -perm 777 (find by permissions)
  19. -nouser: shows output that's not associated with an existing userid
  20. -nogroup: shows output not associated with an existing groupid
  21. -links n: file has n links
  22. -newer file: file was modified more recently than file.
  23. -perm mode: file has mode permissions.

  25. Combinations
  26. # find . -user daniel -type f -name *.jpg (find .jpg images files owned by daniel)
  27. # find . -user daniel -type f -name *.jpg ! -name autumn* (!: exclude)
  28. # find /apps/ -user root -type f -amin -2 -name *.rb ( show me all ruby programs in /apps
  29. owned by root that have been accessed in the last two minutes)
  30. Combining find with exec and xargs
    # find /bin/sbin -perm +7000 -exec ls -l {} \; (含有 SGID 或 SUID 或 SBIT 的 列出来!)
    # find /bin/sbin -perm +6000 (具有 SUID 或 SGID 就列出 !)
    # find / -perm -0002 (find all files on your system that are world writable)
    # find / -nouser -print0 | xargs -0 rm  (Collect files that are not owned by valid users and delete them)

    Cookbook Examples Of find in action
    # find ~/Desktop -name "*.jpg" -o -name "*.gif" -o -name "*.png" -print0 | \
    xargs -0 mv --target-directory ~/Pictures  (Clean the images off of your *nix desktop)

    # find /your/webdir/ -type d -print0 | xargs -0 chmod 755
    # find /your/webdir -type f | xargs chmod 644 (Correct the permissions on your web dir)
    # find /etc -mtime -30  (list of files in /etc that have been modified since last month)
4: tr
  1. Basics
  2. # tr a b < originalfile > newfile (all instances of the letter a into the letter b)
  3. # tr 'a-z' 'A-Z' < originalfile > newfile (changing all lowercase to uppercase)
  4. # tr "[:lower:]" "[:upper:]" < originalfile > newfile
  5. # echo "0123456789" | tr '0-9' 'a-z'

  7. Deleting
  8. # tr -d '\r' < windowsfile > nixfile (delete the carriage returns)

  10. Squeezing
  11. # tr -s '\n' < goodfile > betterfile

  13. Cleaning Input
  14. # tr -dc 'a-z A-Z \t \n '\32'' < input > output

  16. Implementing ROT13
  17. # echo "all your base are tired of this meme" | tr 'a-z' 'n-za-m'
阅读(1025) | 评论(0) | 转发(1) |
0

上一篇:PF (Packet Filtering)

下一篇:Tcpdump

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6