Table of Contents for
Linux Shell Scripting Cookbook - Third Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Linux Shell Scripting Cookbook - Third Edition by Shantanu Tushar Published by Packt Publishing, 2017
  1. B05265 Linux Shell Scripting Cookbook, Third Edition
  2. Title Page
  3. Copyright
  4. Credits
  5. About the Authors
  6. About the Reviewer
  7. www.PacktPub.com
  8. Customer Feedback
  9. Table of Contents
  10. Preface
  11. What this book covers
  12. What you need for this book
  13. Who this book is for
  14. Sections
  15. Getting ready
  16. How to do it…
  17. How it works…
  18. There's more…
  19. See also
  20. Conventions
  21. Reader feedback
  22. Customer support
  23. Downloading the example code
  24. Downloading the color images of this book
  25. Errata
  26. Piracy
  27. Questions
  28. Shell Something Out
  29. Introduction
  30. Displaying output in a terminal
  31. Getting ready
  32. How to do it...
  33. How it works...
  34. There's more...
  35. Escaping newline in echo
  36. Printing a colored output
  37. Using variables and environment variables
  38. Getting ready
  39. How to do it...
  40. There's more...
  41. Finding the length of a string
  42. Identifying the current shell
  43. Checking for super user
  44. Modifying the Bash prompt string (username@hostname:~$)
  45. Function to prepend to environment variables
  46. How to do it...
  47. How it works...
  48. Math with the shell
  49. How to do it...
  50. Playing with file descriptors and redirection
  51. Getting ready
  52. How to do it...
  53. How it works...
  54. There's more...
  55. Redirection from a file to a command
  56. Redirecting from a text block enclosed within a script
  57. Custom file descriptors
  58. Arrays and associative arrays
  59. Getting ready
  60. How to do it...
  61. There's more...
  62. Defining associative arrays
  63. Listing of array indexes
  64. Visiting aliases
  65. How to do it...
  66. There's more...
  67. Escaping aliases
  68. Listing aliases
  69. Grabbing information about the terminal
  70. Getting ready
  71. How to do it...
  72. Getting and setting dates and delays
  73. Getting ready
  74. How to do it...
  75. How it works...
  76. There's more...
  77. Producing delays in a script
  78. Debugging the script
  79. How to do it...
  80. How it works...
  81. There's more...
  82. Shebang hack
  83. Functions and arguments
  84. How to do it...
  85. There's more...
  86. The recursive function
  87. Reading the return value (status) of a command
  88. Passing arguments to commands
  89. Sending output from one command to another
  90. Getting ready
  91. How to do it...
  92. There's more...
  93. Spawning a separate process with subshell
  94. Subshell quoting to preserve spacing and the newline character
  95. Reading n characters without pressing the return key
  96. How to do it...
  97. Running a command until it succeeds
  98. How to do it...
  99. How it works...
  100. There's more...
  101. A faster approach
  102. Adding a delay
  103. Field separators and iterators
  104. Getting ready
  105. How to do it...
  106. Comparisons and tests
  107. How to do it...
  108. Customizing bash with configuration files
  109. How to do it...
  110. Have a Good Command
  111. Introduction
  112. Concatenating with cat
  113. How to do it...
  114. There's more...
  115. Getting rid of extra blank lines
  116. Displaying tabs as ^I
  117. Line numbers
  118. Recording and playing back terminal sessions
  119. Getting ready
  120. How to do it...
  121. How it works...
  122. Finding files and file listing
  123. Getting ready
  124. How to do it...
  125. There's more...
  126. Search based on name or regular expression match
  127. Negating arguments
  128. Searching based on the directory depth
  129. Searching based on file type
  130. Searching by file timestamp
  131. Searching based on file size
  132. Matching based on file permissions and ownership
  133. Performing actions on files with find
  134. Deleting based on file matches
  135. Executing a command
  136. Skipping specified directories when using the find command
  137. Playing with xargs
  138. Getting ready
  139. How to do it...
  140. How it works...
  141. There's more...
  142. Passing formatted arguments to a command by reading stdin
  143. Using xargs with find
  144. Counting the number of lines of C code in a source code directory
  145. While and subshell trick with stdin
  146. Translating with tr
  147. Getting ready
  148. How to do it...
  149. How it works...
  150. There's more...
  151. Deleting characters using tr
  152. Complementing character sets
  153. Squeezing characters with tr
  154. Character classes
  155. Checksum and verification
  156. Getting ready
  157. How to do it...
  158. How it works...
  159. There's more...
  160. Checksum for directories
  161. Cryptographic tools and hashes
  162. How to do it...
  163. Sorting unique and duplicate lines
  164. Getting ready
  165. How to do it...
  166. How it works...
  167. There's more...
  168. Sorting according to keys or columns
  169. uniq
  170. Temporary file naming and random numbers
  171. How to do it...
  172. How it works...
  173. Splitting files and data
  174. How to do it...
  175. There's more...
  176. Specifying a filename prefix for the split files
  177. Slicing filenames based on extensions
  178. How to do it...
  179. How it works...
  180. Renaming and moving files in bulk
  181. Getting ready
  182. How to do it...
  183. How it works...
  184. Spell–checking and dictionary manipulation
  185. How to do it...
  186. How it works...
  187. Automating interactive input
  188. Getting ready
  189. How to do it...
  190. How it works...
  191. There's more...
  192. Automating with expect
  193. Making commands quicker by running parallel processes
  194. How to do it...
  195. How it works...
  196. There's more...
  197. Examining a directory, files and subdirectories in it
  198. Getting ready
  199. How to do it...
  200. Generating a tree view of a directory.
  201. Generating a summary of files and sub-directories
  202. File In, File Out
  203. Introduction
  204. Generating files of any size
  205. How to do it...
  206. The intersection and set difference (A-B) on text files
  207. Getting ready
  208. How to do it...
  209. How it works...
  210. Finding and deleting duplicate files
  211. Getting ready
  212. How to do it...
  213. How it works...
  214. Working with file permissions, ownership, and the sticky bit
  215. How to do it...
  216. There's more...
  217. Changing ownership
  218. Setting the sticky bit
  219. Applying permissions recursively to files
  220. Applying ownership recursively
  221. Running an executable as a different user (setuid)
  222. Making files immutable
  223. Getting ready
  224. How to do it...
  225. Generating blank files in bulk
  226. Getting ready
  227. How to do it...
  228. Finding symbolic links and their targets
  229. How to do it...
  230. How it works...
  231. Enumerating file type statistics
  232. Getting ready
  233. How to do it...
  234. How it works...
  235. Using loopback files
  236. How to do it...
  237. How it works...
  238. There's more...
  239. Creating partitions inside loopback images
  240. Mounting loopback disk images with partitions more quickly
  241. Mounting ISO files as loopback
  242. Flush changing immediately with sync
  243. Creating ISO files and hybrid ISO
  244. Getting ready
  245. How to do it...
  246. There's more...
  247. Hybrid ISO that boots off a flash drive or hard disk
  248. Burning an ISO from the command line
  249. Playing with the CD-ROM tray
  250. Finding the difference between files, and patching
  251. How to do it...
  252. There's more...
  253. Generating difference against directories
  254. Using head and tail for printing the last or first 10 lines
  255. How to do it...
  256. Listing only directories - alternative methods
  257. Getting ready
  258. How to do it...
  259. How it works...
  260. Fast command-line navigation using pushd and popd
  261. Getting ready
  262. How to do it...
  263. There's more...
  264. pushd and popd are useful when there are more than three directory paths used. However, when you use only two locations, there is an alternative and easier way, that is, cd -.
  265. Counting the number of lines, words, and characters in a file
  266. How to do it...
  267. Printing the directory tree
  268. Getting ready
  269. How to do it...
  270. There's more...
  271. HTML output for tree
  272. Manipulating video and image files
  273. Getting ready
  274. Extracting Audio from a movie file (mp4)
  275. How to do it...
  276. Making a video from a set of still images
  277. How to do it...
  278. How it works...
  279. Creating a panned video from a still camera shot
  280. How to do it...
  281. How it works...
  282. Texting and Driving
  283. Introduction
  284. Using regular expressions
  285. How to do it...
  286. Position markers
  287. Identifiers
  288. Count modifiers
  289. Other
  290. There's more...
  291. How it works...
  292. There's more...
  293. Treatment of special characters
  294. Visualizing regular expressions
  295. Searching and mining text inside a file with grep
  296. How to do it...
  297. There's more...
  298. Recursively searching many files
  299. Ignoring case in patterns
  300. grep by matching multiple patterns
  301. Including and excluding files in a grep search
  302. Using grep with xargs with the zero-byte suffix
  303. Silent output for grep
  304. Printing lines before and after text matches
  305. Cutting a file column-wise with cut
  306. How to do it...
  307. There's more
  308. Specifying the range of characters or bytes as fields
  309. Using sed to perform text replacement
  310. How to do it...
  311. There's more...
  312. Removing blank lines
  313. Performing replacement directly in the file
  314. Matched string notation ()
  315. Substring match notation (\1)
  316. Combining multiple expressions
  317. Quoting
  318. Using awk for advanced text processing
  319. Getting ready
  320. How to do it...
  321. How it works...
  322. There's more...
  323. Special variables
  324. Passing an external variable to awk
  325. Reading a line explicitly using getline
  326. Filtering lines processed by awk with filter patterns
  327. Setting delimiters for fields
  328. Reading the command output from awk
  329. Associative arrays in Awk
  330. Using loop inside awk
  331. String manipulation functions in awk
  332. Finding the frequency of words used in a given file
  333. Getting ready
  334. How to do it...
  335. How it works...
  336. See also
  337. Compressing or decompressing JavaScript
  338. Getting ready
  339. How to do it...
  340. How it works...
  341. See also
  342. Merging multiple files as columns
  343. How to do it...
  344. See also
  345. Printing the nth word or column in a file or line
  346. How to do it...
  347. See also
  348. Printing text between line numbers or patterns
  349. Getting ready
  350. How to do it...
  351. See also
  352. Printing lines in the reverse order
  353. Getting ready
  354. How to do it...
  355. How it works...
  356. Parsing e-mail address and URLs from text
  357. How to do it...
  358. How it works...
  359. See also
  360. Removing a sentence in a file containing a word
  361. Getting ready
  362. How to do it...
  363. How it works...
  364. See also
  365. Replacing a pattern with text in all the files in a directory
  366. How to do it...
  367. How it works...
  368. There's more...
  369. Text slicing and parameter operations
  370. How to do it...
  371. See also
  372. Tangled Web? Not At All!
  373. Introduction
  374. Downloading from a web page
  375. Getting ready
  376. How to do it...
  377. How it works...
  378. There's more...
  379. Restricting the download speed
  380. Resume downloading and continue
  381. Copying a complete website (mirroring)
  382. Accessing pages with HTTP or FTP authentication
  383. Downloading a web page as plain text
  384. Getting ready
  385. How to do it...
  386. A primer on cURL
  387. Getting ready
  388. How to do it...
  389. How it works...
  390. There's more...
  391. Continuing and resuming downloads
  392. Setting the referer string with cURL
  393. Cookies with cURL
  394. Setting a user agent string with cURL
  395. Specifying a bandwidth limit on cURL
  396. Specifying the maximum download size
  397. Authenticating with cURL
  398. Printing response headers excluding data
  399. See also
  400. Accessing unread Gmail e-mails from the command line
  401. How to do it...
  402. How it works...
  403. See also
  404. Parsing data from a website
  405. How to do it...
  406. How it works...
  407. See also
  408. Image crawler and downloader
  409. How to do it...
  410. How it works...
  411. See also
  412. Web photo album generator
  413. Getting ready
  414. How to do it...
  415. How it works...
  416. See also
  417. Twitter command-line client
  418. Getting ready
  419. How to do it...
  420. How it works...
  421. See also
  422. Accessing word definitions via a web server
  423. Getting ready
  424. How to do it...
  425. How it works...
  426. See also
  427. Finding broken links in a website
  428. Getting ready
  429. How to do it...
  430. How it works...
  431. See also
  432. Tracking changes to a website
  433. Getting ready
  434. How to do it...
  435. How it works...
  436. See also
  437. Posting to a web page and reading the response
  438. Getting ready
  439. How to do it...
  440. See also
  441. Downloading a video from the Internet
  442. Getting ready
  443. How to do it...
  444. How it works...
  445. Summarizing text with OTS
  446. Getting ready
  447. How to do it...
  448. How it works...
  449. Translating text from the command line
  450. Getting ready
  451. How to do it...
  452. How it works...
  453. Repository Management
  454. Introduction
  455. Creating a new git repository
  456. Getting ready
  457. How to do it...
  458. How it works...
  459. Cloning a remote git repository
  460. How to do it...
  461. Adding and committing changes with git
  462. How to do it...
  463. Creating and merging branches with git
  464. Getting ready...
  465. How to do it...
  466. How it works...
  467. There's more...
  468. Merging branches
  469. How to do it...
  470. How it works...
  471. There's more...
  472. Sharing your work
  473. How to do it...
  474. Pushing a branch to a server
  475. How to do it...
  476. Checking the status of a git repository
  477. How to do it...
  478. How it works...
  479. Viewing git history
  480. How to do it...
  481. Finding bugs
  482. How to do it...
  483. There's more...
  484. How to do it...
  485. How it works...
  486. Tagging snapshots
  487. How to do it...
  488. Committing message ethics
  489. How to do it...
  490. Using fossil
  491. Getting ready
  492. How to do it...
  493. Creating a new fossil repository
  494. How to do it...
  495. How it works...
  496. There's more...
  497. Web interface to fossil
  498. How to do it...
  499. Making a repository available to remote users
  500. Cloning a remote fossil repository
  501. How to do it...
  502. How it works...
  503. Opening a fossil project
  504. How to do it...
  505. How it works...
  506. There's more...
  507. Adding and committing changes with fossil
  508. How to do it...
  509. There's more...
  510. Using branches and forks with fossil
  511. How to do it
  512. How it works...
  513. There's more...
  514. Merging forks and branches
  515. How to do it...
  516. Sharing your work with fossil
  517. How to do it...
  518. How it works...
  519. Updating your local fossil repository
  520. How to do it...
  521. Checking the status of a fossil repository
  522. How to do it...
  523. Viewing fossil history
  524. How to do it...
  525. Finding bugs
  526. How to do it...
  527. There's more...
  528. Tagging snapshots
  529. How to do it...
  530. There's more...
  531. The Backup Plan
  532. Introduction
  533. Archiving with tar
  534. Getting ready
  535. How to do it...
  536. How it works...
  537. There's more...
  538. Appending files to an archive
  539. Extracting files and folders from an archive
  540. stdin and stdout with tar
  541. Concatenating two archives
  542. Updating files in an archive with a timestamp check
  543. Comparing files in the archive and filesystem
  544. Deleting files from the archive
  545. Compression with the tar archive
  546. Excluding a set of files from archiving
  547. Excluding version control directories
  548. Printing the total bytes
  549. See also
  550. Archiving with cpio
  551. How to do it...
  552. How it works...
  553. Compressing data with gzip
  554. How to do it...
  555. There's more...
  556. Gzip with tarball
  557. zcat - reading gzipped files without extracting
  558. Compression ratio
  559. Using bzip2
  560. Using lzma
  561. See also
  562. Archiving and compressing with zip
  563. How to do it...
  564. How it works...
  565. Faster archiving with pbzip2
  566. Getting ready
  567. How to do it...
  568. How it works...
  569. There's more...
  570. Manually specifying the number of CPUs
  571. Specifying the compression ratio
  572. Creating filesystems with compression
  573. Getting ready
  574. How to do it...
  575. There's more...
  576. Excluding files while creating a squashfs file
  577. Backing up snapshots with rsync
  578. How to do it...
  579. How it works...
  580. There's more...
  581. Excluding files while archiving with rsync
  582. Deleting non-existent files while updating rsync backup
  583. Scheduling backups at intervals
  584. Differential archives
  585. How to do it...
  586. How it works...
  587. Creating entire disk images using fsarchiver
  588. Getting ready
  589. How to do it...
  590. How it works...
  591. The Old-Boy Network
  592. Introduction
  593. Setting up the network
  594. Getting ready
  595. How to do it...
  596. There's more...
  597. Printing the list of network interfaces
  598. Displaying IP addresses
  599. Spoofing the hardware address (MAC address)
  600. Name server and DNS (Domain Name Service)
  601. DNS lookup
  602. Showing routing table information
  603. See also
  604. Let us ping!
  605. How to do it...
  606. There's more...
  607. Round Trip Time
  608. Sequence number
  609. Time to live
  610. Limiting the number of packets to be sent
  611. Return status of the ping command
  612. Tracing IP routes
  613. How to do it...
  614. Listing all available machines on a network
  615. Getting ready
  616. How to do it...
  617. How it works...
  618. There's more...
  619. Parallel pings
  620. Using fping
  621. See also
  622. Running commands on a remote host with SSH
  623. Getting ready
  624. How to do it...
  625. There's more...
  626. SSH with compression
  627. Redirecting data into stdin of remote host shell commands
  628. Running graphical commands on a remote machine
  629. How to do it...
  630. See also
  631. Transferring files through the network
  632. Getting ready
  633. How to do it...
  634. There's more...
  635. Automated FTP transfer
  636. SFTP (Secure FTP)
  637. The rsync command
  638. SCP (secure copy program)
  639. Recursive copying with scp
  640. See also
  641. Connecting to a wireless network
  642. Getting ready
  643. How to do it...
  644. How it works...
  645. See also
  646. Password-less auto-login with SSH
  647. Getting ready
  648. How to do it...
  649. Port forwarding using SSH
  650. How to do it...
  651. There's more...
  652. Non-interactive port forward
  653. Reverse port forwarding
  654. Mounting a remote drive at a local mount point
  655. Getting ready
  656. How to do it...
  657. See also
  658. Network traffic and port analysis
  659. Getting ready
  660. How to do it...
  661. How it works...
  662. There's more...
  663. Opened port and services using netstat
  664. Measuring network bandwidth
  665. How to do it...
  666. Creating arbitrary sockets
  667. Getting ready
  668. How to do it...
  669. There's more...
  670. Quickly copying files over the network
  671. Creating a broadcasting server
  672. How it works...
  673. Building a bridge
  674. Getting ready
  675. How to do it...
  676. Sharing an Internet connection
  677. Getting ready
  678. How to do it...
  679. How it works
  680. Basic firewall using iptables
  681. How to do it...
  682. How it works...
  683. There's more...
  684. Creating a Virtual Private Network
  685. Getting ready
  686. How to do it...
  687. Creating certificates
  688. Configuring OpenVPN on the server
  689. Configuring OpenVPN on the client
  690. Starting the server
  691. Starting and testing a client
  692. Put On the Monitors Cap
  693. Introduction
  694. Monitoring disk usage
  695. Getting ready
  696. How to do it...
  697. There's more...
  698. Displaying disk usage in KB, MB, or blocks
  699. Displaying the grand total sum of disk usage
  700. Printing sizes in specified units
  701. Excluding files from the disk usage calculation
  702. Finding the ten largest size files from a given directory
  703. Disk free information
  704. Calculating the execution time for a command
  705. How to do it...
  706. How it works...
  707. Collecting information about logged in users, boot logs, and boot failures
  708. Getting ready
  709. How to do it...
  710. Listing the top ten CPU– consuming processes in an hour
  711. Getting ready
  712. How to do it...
  713. How it works...
  714. See also
  715. Monitoring command outputs with watch
  716. How to do it...
  717. There's more
  718. Highlighting the differences in the watch output
  719. Logging access to files and directories
  720. Getting ready
  721. How to do it...
  722. How it works...
  723. Logging with syslog
  724. Getting ready
  725. How to do it...
  726. See also
  727. Managing log files with logrotate
  728. Getting ready
  729. How to do it...
  730. How it works...
  731. Monitoring user logins to find intruders
  732. Getting ready
  733. How to do it...
  734. How it works...
  735. Monitoring remote disk usage health
  736. Getting ready
  737. How to do it...
  738. How it works...
  739. See also
  740. Determining active user hours on a system
  741. Getting ready
  742. How to do it...
  743. How it works...
  744. Measuring and optimizing power usage
  745. Getting ready
  746. How to do it...
  747. Monitoring disk activity
  748. Getting ready
  749. How to do it...
  750. Checking disks and filesystems for errors
  751. Getting ready
  752. How to do it...
  753. How it works...
  754. Examining disk health
  755. Getting ready
  756. How to do it...
  757. How it works
  758. Getting disk statistics
  759. Getting ready
  760. How to do it...
  761. How it works
  762. There's more
  763. Administration Calls
  764. Introduction
  765. Gathering information about processes
  766. Getting ready
  767. How to do it...
  768. How it works...
  769. There's more...
  770. Showing environment variables for a process
  771. Creating a tree view of processes
  772. Sorting ps output
  773. Filters with ps for real user or ID, effective user or ID
  774. TTY filter for ps
  775. Information about process threads
  776. Specifying the output width and columns to be displayed
  777. What's what – which, whereis, whatis, and file
  778. How to do it...
  779. Finding the process ID from the given command names
  780. Determining how busy a system is
  781. The top command
  782. See also...
  783. Killing processes, and sending and responding to signals
  784. Getting ready
  785. How to do it...
  786. There's more...
  787. The kill family of commands
  788. Capturing and responding to signals
  789. Sending messages to user terminals
  790. Getting ready
  791. How to do it...
  792. Sending one message to one user
  793. Holding a conversation with another user
  794. Sending a message to all users
  795. The /proc filesystem
  796. How to do it...
  797. Gathering system information
  798. How to do it...
  799. Scheduling with a cron
  800. Getting ready
  801. How to do it...
  802. How it works...
  803. There's more...
  804. Specifying environment variables
  805. Running commands at system start-up/boot
  806. Viewing the cron table
  807. Removing the cron table
  808. Database styles and uses
  809. Getting ready
  810. How to do it...
  811. There's more...
  812. Creating a table
  813. Inserting a row into an SQL database
  814. Selecting rows from a SQL database
  815. Writing and reading SQLite databases
  816. Getting ready
  817. How to do it...
  818. How it works...
  819. There's more...
  820. Writing and reading a MySQL database from Bash
  821. Getting ready
  822. How to do it...
  823. How it works...
  824. User administration scripts
  825. How to do it...
  826. How it works...
  827. Bulk image resizing and format conversion
  828. Getting ready
  829. How to do it...
  830. How it works...
  831. See also
  832. Taking screenshots from the terminal
  833. Getting ready
  834. How to do it...
  835. Managing multiple terminals from one
  836. Getting ready
  837. How to do it...
  838. Tracing the Clues
  839. Introduction
  840. Tracing packets with tcpdump
  841. Getting ready
  842. How to do it...
  843. Displaying only HTTP packets
  844. Displaying only HTTP packets generated by this host
  845. Viewing the packet payload as well as headers
  846. How it works...
  847. Finding packets with ngrep
  848. Getting ready
  849. How to do it...
  850. How it works...
  851. There's more...
  852. Tracing network routes with ip
  853. Getting ready
  854. How to do it...
  855. Reporting routes with ip route
  856. Tracing recent IP connections and the ARP table
  857. Tracing a route
  858. How it works...
  859. Tracing system calls with strace
  860. Getting ready
  861. How to do it...
  862. How it works...
  863. Tracing dynamic library functions with ltrace
  864. Getting ready
  865. How to do it...
  866. How it works...
  867. There's more...
  868. Tuning a Linux System
  869. Introduction
  870. Identifying services
  871. Getting ready
  872. How to do it...
  873. systemd-based computers
  874. RedHat-based computers
  875. Debian-based computers
  876. There's more
  877. Gathering socket data with ss
  878. Getting ready
  879. How to do it...
  880. Displaying the status of tcp sockets
  881. Tracing applications listening on ports
  882. How it works
  883. Gathering system I/O usage with dstat
  884. Getting ready
  885. How to do it...
  886. Viewing system activity
  887. How it works
  888. There's more...
  889. Identifying a resource hog with pidstat
  890. Getting ready
  891. How to do it...
  892. How it works
  893. Tuning the Linux kernel with sysctl
  894. Getting started
  895. How to do it...
  896. Tuning the task scheduler
  897. Tuning a network
  898. How it works
  899. There's more...
  900. Tuning a Linux system with config files
  901. Getting ready
  902. How to do it...
  903. How it works
  904. Changing scheduler priority using the nice command
  905. How to do it...
  906. How it works
  907. There's more
  908. Containers, Virtual Machines, and the Cloud
  909. Introduction
  910. Using Linux containers
  911. Getting ready
  912. How to do it...
  913. Creating a privileged container
  914. Starting a container
  915. Stopping a container
  916. Listing known containers
  917. Displaying container information
  918. Creating an unprivileged container
  919. Creating an Ethernet bridge
  920. How it works...
  921. Using Docker
  922. Getting ready
  923. How to do it...
  924. Finding a container
  925. Downloading a container
  926. Starting a Docker container
  927. Listing the Docker sessions
  928. Attaching your display to a running Docker container
  929. Stopping a Docker session
  930. Removing a Docker instance
  931. How it works
  932. Using Virtual Machines in Linux
  933. Getting ready
  934. How to do it...
  935. Linux in the cloud
  936. Getting ready
  937. Ubuntu 16.10
  938. OpenSuSE Tumbleweed
  939. How to do it...
  940. Configuring OwnCloud
  941. There's more...

How to do it...

The tcpdump application is the frontend to Wireshark and other network sniffer programs. The GUI interface supports many of the options we'll describe shortly.

This application's default behavior is to display every packet seen on the primary Ethernet link. The format of a packet report is as follows:

    TIMESTAMP SRC_IP:PORT > DEST_IP:PORT: NAME1 VALUE1, NAME2 VALUE2,...

The name-value pairs include:

  • Flags: The flags associated with this packet are as follows:
    • The term S stands for SYN (Start Connection)
    • The term F stands for FIN (Finish Connection)
    • The term P stands for PUSH (Push data)
    • The term R stands for RST (Reset Connection)
    • The period . means there are no flags
  • seq: This refers to the sequence number of the packet. It will be echoed in an ACK to identify the packet being acknowledged.
  • ack: This refers to the acknowledgement that indicates a packet is received. The value is the sequence number from a previous packet.
  • win: This indicates the size of the buffer at the destination.
  • options: This refers to the TCP options defined for this packet. It is reported as a comma-separated set of key-value pairs.

The following output shows requests from a Windows computer to the SAMBA server intermingled with a DNS request. The intermingling of different packets from different sources and applications makes it difficult to track a specific application or traffic on a given host. However, the tcpdump command has flags that make our life easier:

$ tcpdump 
22:00:25.269277 IP 192.168.1.40.49182 > 192.168.1.2.microsoft-ds: Flags [P.], seq 3265172834:3265172954, ack 850195805, win 257, length 120SMB PACKET: SMBtrans2 (REQUEST)

22:00:25.269417 IP 192.168.1.44.33150 > 192.168.1.7.domain: 13394+ PTR? 2.1.168.192.in-addr.arpa. (42)

22:00:25.269917 IP 192.168.1.2.microsoft-ds > 192.168.1.40.49182: Flags [.], ack 120, win 1298, length 0

22:00:25.269927 IP 192.168.1.2.microsoft-ds > 192.168.1.40.49182: Flags [P.], seq 1:105, ack 120, win 1298, length 104SMB PACKET: SMBtrans2 (REPLY)

The -w flag sends the tcpdump output to a file instead of the terminal. The output format is in binary form, which can be read with the -r flag. Sniffing packets must be done with root privileges, but displaying the results from a previously saved file can be done as a normal user.

By default, tcpdump runs and collects data until it is killed using Ctrl-C or SIGTERM. The -c flag limits the number of packets:

# tcpdump -w /tmp/tcpdump.raw -c 50
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
50 packets captured
50 packets received by filter
0 packets dropped by kernel

As a rule, we want to examine the activity on a single host, perhaps a single application.

The last values of the tcpdump command line form an expression that helps us filter packets. The expression is a set of key-value pairs with modifiers and Boolean operators. The next recipes demonstrate using filters.