One-liner: How to scan a network for up & down hosts and show OUI info

This is another version of the ping sweep one-liner script. To show the OUI (Ethernet interface manufacturer) it needs to be run locally (to scan the locally connected networks).

Ubuntu version:

for i in {1..10}
 do 
  ( ip="10.0.1.$i"
  up=`ping -n -q -W1 -c2 $ip | fgrep transmitted | sed -e 's/.*100%.*/down/' -e 's/.*0%.*/up/'`
  mac=`arp -an $ip | awk '{print $4}'`
  oui=`fgrep $(echo $mac | tr -d ":" | head -c6 | tr '[a-z]' '[A-Z]') /usr/share/ieee-data/oui.txt | sed -e 's/^.*)..//'`
  name=`host $ip | awk '/pointer/{print $NF}'`
  echo $ip $up $name $mac $oui ) 2>/dev/null &  
done | sed -e 's/<incomplete>//'  -e 's/entries//'  | sort -n -t. -k4

Result:

10.0.1.1 down 
10.0.1.2 down 
10.0.1.3 up host1. 00:08:9b:c0:ff:ee ICP Electronics Inc.
10.0.1.4 down 
10.0.1.5 down host2. 
10.0.1.6 up nas3. 52:54:00:c0:ff:ee
10.0.1.7 down laptop. 
10.0.1.8 down 
10.0.1.9 up switch2. 88:51:fb:c0:ff:ee Hewlett Packard
10.0.1.10 down printer. 

RedHat/CheckPoint firewall version:

for i in {1..10}
 do 
  (ip="10.0.1.$i"
  up=`ping -n -q -W1 -c2 $ip | fgrep transmitted | sed -e 's/.*100%.*/down/' -e 's/.*0%.*/up/'`
  mac=`arp -an $ip | awk '{print $4}'`
  oui=`fgrep $(echo $mac | tr -d ":" | head -c6 | tr '[a-z]' '[A-Z]')  /usr/share/hwdata/oui.txt | sed -e 's/^.*)..//'`
  name=`host $ip | awk '/pointer/{print $NF}'`
  echo $ip $up $name $mac $oui ) 2>/dev/null &  
done | sed -e 's/<incomplete>//' -e 's/entries//'  | sort -n -t. -k4

The OUI database /usr/share/ieee-data/oui.txt  (for Ubuntu) or /usr/share/hwdata/oui.txt  (for RedHat/CheckPoint) should be kept up-to-date.

Semi-colon separated version for Ubuntu:

for i in {1..10}
 do 
  (ip="10.0.1.$i"
  up=`ping -n -q -W1 -c2 $ip | fgrep transmitted | sed -e 's/.*100%.*/down/' -e 's/.*0%.*/up/'`
  mac=`arp -an $ip | awk '{print $4}'`
  oui=`fgrep $(echo $mac | tr -d ":" | head -c6 | tr '[a-z]' '[A-Z]') /usr/share/ieee-data/oui.txt | sed -e 's/^.*)..//'`
  name=`host $ip | awk '/pointer/{print $NF}'`
  echo "$ip;$up;$name;$mac;$oui"  ) 2>/dev/null &  
done | sed -e 's/<incomplete>//'  -e 's/entries//'  | sort -n -t. -k4

Result:

10.0.1.1;down;;;
10.0.1.2;down;;;
10.0.1.3;up;host1.;00:08:9b:c0:ff:ee;ICP Electronics Inc.
10.0.1.4;down;;;
10.0.1.5;down;host2.;;
10.0.1.6;up;nas3.;52:54:00:c0:ff:ee;
10.0.1.7;down;laptop.;;
10.0.1.8;down;;;
10.0.1.9;up;switch2.;88:51:fb:c0:ff:ee;Hewlett Packard
10.0.1.10;down;printer.;;

One-liner: how to get Pulse Secure (Juniper SSL VPN) ACLs per role

Export ACLs as XML from the GUI into acls.xml file, then run the following command:

 

cat acls.xml | sed -e 's/&amp;/\&/g' | awk '
BEGIN { acls=""; acl=0;}
/<network-connect-acl>/ { acl=1;}
/<resource>/ { if ( acl == 1) {a=gensub(".*<resource>(.*)<\/resource>.*","\\1","g",$0); acls = acls " " a; } } 
/<roles>/ { if (acl == 1) { roles[gensub(".*<roles>(.*)<\/roles>.*","\\1","g",$0)]=acls;} }
/<action>/ { if (acl == 1) { action=gensub(".*<action>(.*)<\/action>.*","\\1","g",$0)};}
/<\/network-connect-acl>/ { acl=0; acls=""; for ( i in roles) {printf("%s;%s;%s\n", i,roles[i],action);} delete roles;}' | sed -e 's/; /;/g' | less

The result will be shown in the following (semi-colon separated form):

Role;ACl1 ACL2 ACL3 …;action

One-liner: how to check temperature differences

The idea of this not-quite-one-liner is to periodically check the DIMM temperatures and show the differences (works in KSH, and does not work in BASH):

n=1

# Check all DIMM temperatures 
for temp in `sensors | fgrep DIMM | sed -e 's/°C.*//' -e 's/^.*+//' -e 's/\./,/'`
do

	(( B$n=$temp )) # temperature in the beginning
	(( D$n=$temp )) # current temperature
	(( n+=1 )) 	 	# next DIMM
done

while true
do

	sleep 10
	n=1
	for temp in `sensors | fgrep DIMM | sed -e 's/°C.*//' -e 's/^.*+//' -e 's/\./,/'`
	do
		(( temp_var=D$n ))
		(( DIFF1=$temp-$temp_var )) #temp diff from the last iteration
		(( temp_var=B$n ))
		(( DIFF2=$temp-$temp_var )) #temp diff from the beginning
		/bin/echo -e "$temp \t $DIFF2 \t $DIFF1"
		(( D$n=$temp ))
		(( n+=1 ))
	done
	echo ----------------------------------------
done

The result:

72,0 	 0 	 0
65,0 	 0 	 0
65,0 	 -0,5 	 -0,5
63,0 	 0 	 0
72,5 	 0 	 0
72,5 	 0 	 0
75,5 	 0 	 0
64,0 	 0 	 0
----------------------------------------
72,0 	 0 	 0
65,0 	 0 	 0
65,0 	 -0,5 	 0
63,0 	 0 	 0,5
72,5 	 0 	 0
72,5 	 0 	 0
75,5 	 0 	 0
64,0 	 0 	 0
----------------------------------------
71,0 	 -1 	 -1
65,0 	 0 	 0
65,0 	 -0,5 	 0
62,5 	 -0,5 	 -0,5
72,5 	 0 	 0
72,5 	 0 	 0
75,5 	 0 	 0
64,0 	 0 	 0
----------------------------------------

One-liner: how to check file growth in real time

Not quite a one-liner, but it can be copy&pasted in a terminal window 😉

bash
TIME=10
FILE=file.log
function fsize {
	SIZE=`ls -l $FILE | awk '{print $5}'`
}
fsize
S1=$SIZE
while true
do
	sleep $TIME
	fsize
	S2=$SIZE
	(( DIFF=($S2-$S1)/$TIME ))
	echo "($S2-$S1)/$TIME = $DIFF"
	S1=$S2
done

The script above will check the “file.log” size every 10 seconds and output the previous size, the new size and bytes per second:

(30117062-30085517)/10 = 3154
(30148404-30117062)/10 = 3134
(30179199-30148404)/10 = 3079
^C
^D

Python on Solaris: Wrong ELF class: ELFCLASS64

If “pip” installed 64-bit libraries, while python is a 32-bit binary, “pkg” might stop working with the following error messages:

ImportError: ld.so.1: bootadm: fatal: /usr/lib/python2.7/site-packages/lxml/etree.so: wrong ELF class: ELFCLASS64
ImportError: ld.so.1: python2.7: fatal: /usr/lib/python2.7/site-packages/_cffi_backend.so: wrong ELF class: ELFCLASS64
$ file `which python`
/usr/bin/python:	ELF 32-bit LSB executable 80386 Version 1 [SSE], dynamically linked, not stripped

The workaround is to remove the corresponding python packages (in this case cffi and lxml), download and recompile them manually with “-m32”:

$ export CFLAGS="-m32"

One-liner: how to generate group-url for all remote-access tunnel-groups (Cisco ASA)

This one-liner takes Cisco ASA config, checks for “tunnel-group … remote-access” and generates the following two lines:

tunnel-group GROUPNAME webvpn-attributes
 group-url https://CISCO_ASA_FW_FQDN/GROUPNAME enable
for i in `fgrep tunnel-group CISCO_ASA.conf | fgrep remote-access | awk '{print $2}'`
do
echo "tunnel-group $i webvpn-attributes"
echo " group-url https://CISCO_ASA_FW_FQDN/$i enable"
done