one-liner Archives - Page 2 of 3

One-liner: how to convert CheckPoint netconf.C routes to Gaia/Clish commands

Provided all route metrics are zeroes:

cat /etc/sysconfig/netconf.C | tr '(' ' '| tr ')' ' ' | tr '"' ' '| tr ':' ' ' | tr '\t' ' '| tr -s ' '| sed -e 's/^ //' | sed 's/routes//' | awk '/route/ {printf("set static-route ");} /dest/ {printf("%s ",$2);} /via/ {printf("nexthop gateway address %s ",$2);} /metric/ {print "on"}'

The result:

set static-route 10.13.198.160/27 nexthop gateway address 10.12.12.1 on
set static-route 10.13.198.192/27 nexthop gateway address 10.12.12.1 on
set static-route 192.168.112.0/24 nexthop gateway address 10.12.12.1 on
set static-route 192.168.113.0/24 nexthop gateway address 10.12.12.1 on
set static-route 192.168.114.0/24 nexthop gateway address 10.12.12.1 on
set static-route 192.168.115.0/24 nexthop gateway address 10.12.12.1 on
set static-route default nexthop gateway address 10.0.0.1 on

One-liner: how to check file growth in real time

Not quite a one-liner, but it can be copy&pasted in a terminal window 😉

bash
TIME=10
FILE=file.log
function fsize {
	SIZE=`ls -l $FILE | awk '{print $5}'`
}
fsize
S1=$SIZE
while true
do
	sleep $TIME
	fsize
	S2=$SIZE
	(( DIFF=($S2-$S1)/$TIME ))
	echo "($S2-$S1)/$TIME = $DIFF"
	S1=$S2
done

The script above will check the “file.log” size every 10 seconds and output the previous size, the new size and bytes per second:

(30117062-30085517)/10 = 3154
(30148404-30117062)/10 = 3134
(30179199-30148404)/10 = 3079
^C
^D

One-liner: how to generate group-url for all remote-access tunnel-groups (Cisco ASA)

This one-liner takes Cisco ASA config, checks for “tunnel-group … remote-access” and generates the following two lines:

tunnel-group GROUPNAME webvpn-attributes
 group-url https://CISCO_ASA_FW_FQDN/GROUPNAME enable

for i in `fgrep tunnel-group CISCO_ASA.conf | fgrep remote-access | awk '{print $2}'`
do
echo "tunnel-group $i webvpn-attributes"
echo " group-url https://CISCO_ASA_FW_FQDN/$i enable"
done

One-liner: how to get image URLs from Google Image search

Let’s search for “red apple”:

For Solaris (use gsed instead of sed):

curl -A "Mozilla/5.0 (X11; SunOS i86pc; rv:52.0) Gecko/20100101 Firefox/52.0" \
'https://www.google.nl/search?q=red+apple&tbm=isch' 2>/dev/null | \ 
tail -1 | gsed -e 's/,"ow":/*/g' -e 's/,"ou":/*Image:/g' | \ 
tr '*' '\n' | grep "^Image" | sed -e 's/^Image:"//' -e 's/"$//'

For Linux:

curl -A "Mozilla/5.0 (X11; SunOS i86pc; rv:52.0) Gecko/20100101 Firefox/52.0" \
'https://www.google.nl/search?q=red+apple&tbm=isch' 2>/dev/null | \ 
tail -1 | sed -e 's/,"ow":/*/g' -e 's/,"ou":/*Image:/g' | \ 
tr '*' '\n' | grep "^Image" | sed -e 's/^Image:"//' -e 's/"$//'

One-liner: PPA signature update (for 01.org)

wget https://download.01.org/gfx/RPM-GPG-GROUP-KEY-ilg -O - | \
sudo apt-key add -

One-liner: how to get all service names and associated protocol numbers on Fortigate

Run in a VDOM:

sh firewall service custom | grep 'edit\|port\|type\|proto'

    edit "ALL"
        set protocol IP
    edit "ALL_TCP"
        set tcp-portrange 1-65535
    edit "ALL_UDP"
        set udp-portrange 1-65535
    edit "ALL_ICMP"
        set protocol ICMP
        unset icmptype
    edit "GRE"
        set protocol IP
        set protocol-number 47
    edit "DHCP"
        set udp-portrange 67-68
    edit "DNS"
        set tcp-portrange 53
        set udp-portrange 53
    edit "FTP"
        set tcp-portrange 21
    edit "FTP_GET"
        set tcp-portrange 21
    edit "FTP_PUT"
        set tcp-portrange 21
    edit "H323"
        set tcp-portrange 1720 1503
        set udp-portrange 1719
    edit "HTTP"
        set tcp-portrange 80
    edit "HTTPS"
        set tcp-portrange 443
. . .

One-liner: how to check the SSL certificate expiration of several servers

for i in cnn.com bbc.co.uk
do
  exp=`echo | openssl s_client -connect $i:443  2>/dev/null | 
  openssl x509 -noout -dates | fgrep notAfter | sed -e 's/^.*=//'`
  echo "$i        $exp"
done

cnn.com	    Feb  6 12:00:00 2018 GMT
bbc.co.uk   Apr 20 10:01:10 2017 GMT

One-liner: how to show the top 5 web-server user IP-addresses

cat /var/log/apache2/access.log | 
awk ' {conn[$1]++;} END { for ( i in conn ) print conn[i],"",i;}' |
sort -nr | head

NB: the feline abuse is intentionally left for simplicity and modularity.

One-liner: how to count the total amount of specific lines in several files

Let’s calculate the amount of lines, containing the word “extended” in */*.conf files:

egrep -c extended */*.conf | 
awk 'BEGIN {FS=":"; sum=0;}{sum +=$2} END {print sum}'

BTW, using awk alone is slower:

time awk 'BEGIN {sum=0;}/extended/{sum++} END {print sum}' */*.conf
110653

real	0m0.94s
user	0m0.91s
sys	0m0.01s

time egrep -c extended */*.conf | 
awk 'BEGIN {FS=":"; sum=0;}{sum +=$2} END {print sum}'
110653

real	0m0.13s
user	0m0.10s
sys	0m0.02s

fgrep is slower than egrep:

time fgrep -c extended */*.conf | 
awk 'BEGIN {FS=":"; sum=0;}{sum +=$2} END {print sum}'
110653

real	0m0.21s
user	0m0.17s
sys	0m0.03s

One-liner: how to remove the shared memory segments

 for i in `ipcs -m | awk '/0x0/ {print $2}'`
 do
  ipcrm -m $i
 done