2019-12-15 01:28:20
Cheat Sheet
Cheat Sheet If you can't remember, write it down :)
# MySQL # Admin Commands # Cool Commands # SSH Tunnel # GPG # vim # firewalld # tmux MySQL User administration Create user, and grant permissions to database. % Can be used as a wildcard to allow all hosts to connect. GRANT ALL PRIVILEGES ON Databasename.* to username@"localhost" IDENTIFIED BY 'mysecretpassword'; FLUSH PRIVILEGES; Search for a string replace, does not replace, only show search result. SELECT REPLACE( '', 'u', 'span class="underline"' ) FROM content; Search and replace a string in MySQL. UPDATE tblname SET fieldname = replace(fieldname,'orgiginal text','replacement text'); Backup and Restore Restore a full dump, with all databases mysql -u [user] -p < mysqlDump.gz Restore a full gz dump, with all databases pigz -dc mysqlDump.gz |mysql -u [user] -p Restore a dump of a single database. Database would likely need to be precreated mysql -u [user] -p [db_name_to_restore_to] < mysqlDump.gz Restore a gz dump of a single database. Database would likely need to be precreated pigz -dc mysqlDump.gz |mysql [db_name_to_restore_to] -u [user] -p Useful commands Show listening ports and programs attached netstat -lnp -A inet Check webserver certificate openssl s_client -connect exmaple.com:443 |openssl x509 -text And see the date only openssl s_client -connect exmaple.com:443 |openssl x509 -noout -dates Cool commands awk $0 full line, nomatter delimiter
Print lines starting with #, and printing column 5 and 6 on all others cat testtext.txt |awk '{if($1 =="#"){print $0} else {print $5,$6}}' print first 4 chars | awk '{ print substr($1,0,3) }' print last 4 chars | awk '{ print substr($1,length($1)-4,length($1)) }' print if $1 larger or equels 666 | awk '$1>=666{print $1}' # larger than and less than |awk -F',' '$2>=1607 && $2<=1612 {print $2}' do an regex match and print cat feeds/myfile.csv |awk -F',' '{ if($3 ~ /^36/) print $3}' #do an regex !notmatch and print cat feeds/myfile.csv |awk -F',' '{ if($3 !~ /^7/) print $3}' #regex field seperator (space and ? ) awk -F' |?' SSH Tunnel ssh user@remotehost -L localport:remoteip:destinationport ssh nsroot@server -L 3008:192.168.100.150:3008 -N -v GPG Generating gpg keypair gpg --gen-key # or, which allows more options gpg --full-gen-key List keys: gpg --list-keys List the secret keys gpg --list-secret-keys Import key: gpg --import Export public key: gpg --export --armor >mypublicfilename.asc Export public key: gpg --export-secret-key --armor "User Name" > >myprivatekeyfilename.asc Delete public key: gpg --delete-key "" Export private key: gpg --delete-secret-key "" Encrypt: Decrypt: If there are multiple keys, it will automatically choose the correct one. If there are not correct keys available, it will exist with an error. gpg -d vim Open files :Ex - open filexplorer in current window :Vex - opens a new vertical window :Sex - open a new horizinal window % - Create a new file, in explorer mode. Movement :Nn - move to line number Nn $ - move to end of line Marking text v - visual mode aw - mark word Marked edits :s/oldtext/newtext/g - Will search the marked text, and replace ctrl-v,mark the text, then shift+i to insert at cursor only, escape finalize edit - Insert text at multiple lines Editing yy - copy line 2yy - copy 6 lines yw - copy word y$ - copy to end of line dd - delete/cut line dw - delete/cut word d$ - delete/cut to end of line p - put "clipboard" after "cursor" P - put "clipboard" before "cursor" u - undo o - insert below ci' - delete word inside '', and insert go to insert mode. shift+A - insert end of line ctrl+shift+A - will add +1 to number at cursor. . - redo last action Search / Replace Delete lines starting with * :g/^\*/d Multiple windows/files ctrl+ws - split window ctrl+ww - switch window ctrl+wv - split window vertically ctrl+wq - quit window ctrl+wn - splut horizontal Recording q[x] - start recording, followed by a letter, example X q - stop recording @x - execute recording from register x 100@x - execute recording 100 times from register x Other :%s/^/newtext/ - will prepend 'newtext' on all lines :%s/$/newtext/ - will append 'newtext' on all lines firewalld General info about firewalld when using --permanent reload is required when --permanent is not applied, it works instantly. If reload is ran, the rules will be whiped Zones are at set of "predefines rules" which can be added to different interfaces. Zones ONLY becomes active when there's an interface OR source ip addresses assigned to the zone. Zones is added to interfaces. For example 'internal' is added to an internal interface where only LAN traffics passes. Direct rules should be used as an last option resort, when add-service or add-rich-rule is not possible (man page refs) Ref: http://www.firewalld.org/documentation/man-pages/firewalld.zones.html Zones are located in /usr/lib/firewalld/zones/ and/or /etc/firewalld/zones/ Man page reference tags from firewalld-cmd --help [P] = (--permanent) [Z] = (--zone=) List Rules for default zone firewall-cmd --list-all Get default zone firewall-cmd --get-default-zone Get active zones firewall-cmd --get-active-zones List information from an non default zone firewall-cmd --info-zone= List everything added for, or enabled from an non default zone firewall-cmd --list-all --zone= Set default zone firewall-cmd --set-default-zone=drop Create new zone firewall-cmd --new-zone=test --permanent firewall-cmd reload firewall-cmd --zone=testzone --add-service=mysql Delete an zone firewall-cmd --delete-zone=bla --permanent Get available services for an zone firewall-cmd --get-services List rich/direct/nat rules firewall-cmd --list-rich-rules firewall-cmd --direct --get-all-rules #permanent direct rules firewall-cmd --permanent --direct --get-all-rules #permanent rich rules firewall-cmd --permanent --list-rich-rules Change zone on an interface firewall-cmd --zone=block --change-interface=eth0 firewall-cmd --get-active-zones Add port to default zone (RUNTIME only) firewall-cmd --add-port=3306/tcp #add multiple ports firewall-cmd --add-port={3306/tcp,5000/tcp} #port range firewall-cmd --add-port=5000-5010/tcp Add services to default zone firewall-cmd --add-service={http,https} --permanent Add source to an zone This would allow all services from this IP which is in the "testzone" firewall-cmd --zone=testzone --add-source=192.168.10.1 --permanent delete port rules Instead of add, remove should be used. firewall-cmd --remove-port=3306/tcp # delete rich rules (tip, get the full rule from firewall-cmd --list-rich-rules, and use exact this. firewall-cmd --remove-rich-rule 'rule family="ipv4" source address="192.168.10.11/26" port port="1556" protocol="tcp" accept' # remove direct rules firewall-cmd --permanent --direct --remove-rule ipv4 filter OUTPUT 1 -j DROP #port forwarding,locally firewall-cmd --add-forward-port=port=8080:proto=tcp:toport=80 #port forwrding, "external" firewall-cmd --add-forward-port=port=8080:proto=tcp:toport=80:toaddr=xxx.xxx.xxx.xxx Save running conf firewall-cmd --runtime-to-permanent Generating specific source rules, rich-rule #accept firewall-cmd --add-rich-rule='rule family="ipv4" source address="xxx.xxx.xxx.xxx" accept' #drop firewall-cmd --add-rich-rule='rule family="ipv4" source address="xxx.xxx.xxx.xxx" drop/reject' Add rich-rule to zone firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.10.11/32" port protocol="tcp" port=10050 accept' --zone=internal --permanent Creating NAT direct rules For example for loadbalancers.org, VIPs. We need to use direct rules here, since rich-rules cannot be used. firewall-cmd --permanent --direct --add-rule ipv4 nat PREROUTING 0 -p tcp -m tcp --dport 8080 -d 192.168.10.100/32 -j REDIRECT # redirect outgoing traffic to 192.168.10.100:8080 to 192.168.10.10:8080 firewall-cmd --permanent --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -d 192.168.10.100/32 --dport 8080 -j DNAT --to-destination 192.168.10.10:8080 Drop outgoing traffic firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -p tcp -m tcp --dport=45688/ -j DROP firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -p tcp -m tcp --dport=23364/ -j DROP firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -p tcp -m tcp --dport=3306/ -j DROP Lockdown server quickly /etc/firewalld/firewalld.conf Lockdown=yes
tmux Panes: Split pane vertical: ctrl+b % Split pane horizontal: ctrl+b " Switch pane: ctrl+b o Switch pane: ctrl+b ARROW-KEYSv show pane numbers: ctrl-b q change layout: ctrl-b SPACE resize pane(s): HOLD ctrl+b ARROW-KEYS zoom/fullscreen: ctrl-b z swap current pane with previous: ctrl+b { swap current pane with next: ctrl+b } kill pane: ctrl+b x Scroll: ctrl+b pgup/pgdown, will enable scrolling Basics: Detach: ctrl+b d Show seesions: tmux ls attach: tmux attach / tmux attach -t Other: show shortcuts: ctrl+b ?
I CAN remember, the rest
Yazan caylakpenguen | Kalıcı Bağ
