vnStat
January 22, 2021 — 16:58

Author: silver  Category: bsd linux  Comments: Off

You might have used vnstat to view monthly traffic statistics in CLI, e.g. vnstat -i eth0 -m. But if you’re like me you might also not have followed the project for a few years and know there’s now JSON output available (--json) and there is vnstati to output to PNG images.

Oneliner to output all possible stats:

inf="eth0"
for i in h d m t s hs vs; do
  vnstati -i $inf -${i} -o vnstati-$i.png
done
Editing with vi
May 2, 2015 — 21:27

Author: silver  Category: bsd linux  Comments: Off

..actually mostly vim :)

config:

a few useful settings for ~/.vimrc

set number
filetype indent on
set expandtab
set shiftwidth=2
set softtabstop=2
syntax on
set background=dark
" or: set background=light
" colorscheme default

(" = comment)


edit modes:

i to insert and r to replace a to append d to delete

ESC always switches back to ‘command mode’

copy:

yank (copy) current character: l

yank n characters: yn

yank the current word: yw

vim visual mode:

visual line: SHIFT+V
visual block: CTRL+V

current word:

select the current word (visual)
viw

indent:

auto reindent file:

gg=G

indent line right: >>

indent line left: <<

case:

to upper/lower case: ~ (tilde)


commands:

:open <file>

:new <file>

:no paste

:set nu and :set nonu (number)

:set list and :set nolist

tabs:

:set noai tabstop=4 shiftwidth=4 softtabstop=4 noexpandtab

noai = no auto indent
tabstop = actual tab width in spaces
shiftwidth = indent size in spaces
expandtab = tab uses spaces instead of ^I (tab char)
softtabstop = tab is x number of spaces

syntax:

:set syntax=python

:set syntax=ps1.vim

:set filetype=xml

:filetype indent on

if needed, reindent (gg=G)

run external command:

:!<command>

:!ls -la /tmp

:sh (open shell)

format json:

:%!python -m json.tool


moving:

code blocks:

on bracket/curley brace/parentheses, press: %

goto column:

use "|<NUMBER>"
e.g. 80| moves to column 80

center:

to center the screen on your current position, press: zz


search

history:

same as with ":"
press “/” then “UP” or “DOWN” key

word:

to search for the word you are on
*
#


bookmark:

set a bookmark called ‘a’

ma

go to the bookmark called ‘a’ (the ` is the key left of 1)

`a


modes:

readonly:

$ vi -R  (or view)

diff:

$ vi -d (or vimdiff)


package manager

since vim8 “pack” is built in

user location:

  • ~/.vim/pack/<package group>/start/<your package>
  • or, use “opt” dir instead of “start” to not autoload (optional pkg)

in vim:

:packadd <opt-pkg>
:helptags ~/.vim/pack/<package group>/start/<your package>/doc/
:h packages

FreeBSD
May 2, 2015 — 21:25

Author: silver  Category: bsd  Comments: Off

Rosetta Stone:

Linux command (Red-Hat/Debian) FreeBSD equivalent Purpose
yum/apt install package pkg install package Install package from remote repository
rpm -ivh package / dpkg -i package pkg add package Install local package
rpm -qa / dpkg -l pkg info List installed packages
lspci pciconf List PCI devices
lsmod kldstat List loaded kernel modules
modprobe kldload / kldunload Load/Unload kernel modules
strace truss Trace system calls

Profile:

~/.profile:

Sparsefiles/loop:

add:

mdconfig -a -t vnode -f /usr/data/gdata.md

del:

mdconfig -d -u 0

list:

mdconfig -l

Disks:

fsck -p -t ffs /dev/md0.eli
newfs -U -O 1 -f 512 -b 4096 -i 8192 /dev/md0
grep ada /var/run/dmesg.boot
grep ada /var/run/dmesg.boot | grep \<
grep "\(atapci\|ahcich\)" /var/run/dmesg.boot|sort
camcontrol devlist 
camcontrol devlist -b
camcontrol devlist -v
camcontrol devlist -v|grep -A 1 ^sc
camcontrol identify ada0
diskinfo -v /dev/ada0
diskinfo -t

Partitions:

gpart show ada0
gpart create -s gpt da0

single:

gpart add -t freebsd-ufs ada1

slices(?) :

gpart add -t freebsd-boot -l gpboot -b 40 -s 512K da0
gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 da0
gpart add -t freebsd-ufs -l gprootfs -b 1M -s 2G da0
gpart add -t freebsd-swap -l gpswap -s 512M da0
gpart add -t freebsd-ufs  -l gpvarfs -s 1G da0
gpart add -t freebsd-ufs  -l gptmpfs -s 256M da0
gpart add -t freebsd-ufs  -l gpusrfs -a 1M da0

gpart delete -i 1 da0

gpart destroy da0

Encrypt disk using geli:

geli init /dev/md0
geli attach md0
geli detach md0

Memory:

sysctl hw.physmem
grep memory /var/run/dmesg.boot 

Ramdisk:

mdmfs -s 1g md1 /mnt/mdmfs

Open files:

fstat
fstat -f /usr (-u pid -u user)

Monitor:

iostat -w 1 da0 da1
systat
systat iostat, vmstat, netstat, mbufs, swap
gstat

Using gcc 4.8:

./configure CC=/usr/local/bin/gcc48

Pkg:

pkg info -l pkgname
pkg which <file>
pkg audit -F

auditd:

/etc/security/audit_control: flags:lo,aa,ex,fc,fd,fw,fm,ad
/etc/security/audit_user
praudit /var/audit/current 
auditreduce -u <user> <file> | praudit
for i in /var/audit/*gz; do echo $i; zcat $i | auditreduce -u user| praudit; done
zcat /var/audit/*gz  | auditreduce -u user| praudit

ipfw:

#disable
ipfw add 1 pass all from any to any; sysctl net.inet.ip.fw.enable=0; kldunload ipfw

#enable
kldload ipfw; sysctl net.inet.ip.fw.enable=1; ipfw add 1 pass all from any to any

firewall_type="filename" // without any command-line options for ipfw
firewall_script="/etc/ipfw.rules" // executable script that includes ipfw commands

/etc/ipfw.rules

ipfw list
ipfw -a -d -e -t list

service ipfw restart

fw-test.sh:

#!/bin/sh -x
kldload ipfw; sysctl net.inet.ip.fw.enable=1; ipfw add 1 pass all from any to any
service ipfw restart
sleep 20
service ipfw stop
ipfw add 1 pass all from any to any; sysctl net.inet.ip.fw.enable=0; kldunload ipfw
/usr/share/examples/ipfw/change_rules.sh

pw:

# pw groupadd teamtwo

Adding User Accounts to a New Group Using pw
# pw groupmod teamtwo -M jru
# pw groupshow teamtwo

Update stable:

# freebsd-update fetch
# freebsd-update install

Update openssl only:

cd /usr/src
patch < /path/to/patch
cd /usr/src/secure/lib/libcrypto
make obj && make depend && make includes && make
make install
cd /usr/src/secure/lib/libssl
make clean && make depend && make includes && make
make install
cd /usr/src/secure/usr.bin/openssl
make clean && make
make install

Secure erase:

camcontrol security ada1
camcontrol security /dev/ada1 -s Erase -e Erase
camcontrol security /dev/ada1 -U user -s Erase
(?) camcontrol security ada1 --security-user user --security-set-password Erase --security-erase Erase

disable: -d password
secure erase: -e password
enhanched: -h password
unlock: -k password
password: -s password
-U user|master

Encrypted swap:

dd if=/dev/zero of=/usr/data/st0/swap0 bs=1m count=8000
chmod 0600 /usr/data/st0/swap0
mdconfig -a -t vnode -f /usr/data/st0/swap0 -u 99
geli onetime md99
chmod 600 /dev/md99.eli
swapon /dev/md99.eli

Various:

fix backspace:

stty erase \^H"

netstat -nap:

sockstat
SSH
January 20, 2014 — 0:42

Author: silver  Category: bsd linux  Comments: Off

SSH:

No host checking:

ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $1

No public key, use passwd

ssh -o PreferredAuthentications=keyboard-interactive -o PubkeyAuthentication=no

Tar/untar between hosts:


Multi hop tunnel:

ssh -A -t host1 \
-L 4648:localhost:4648 \
ssh -A -t host2 \
-L 4648:localhost:4648
ssh -A -t host3 \
-L 4648:localhost:4648

SSH Agent:

$ exec ssh-agent /bin/bash
$ ssh-add

-or-

eval `keychain --eval`

http://www.funtoo.org/Keychain

List fingerprints:

ssh-keygen -lf id_rsa

All keys in .ssh/authorized_keys:


Check priv/pub key:

ssh-keygen -y -f id_rsa

Change key passwd:

ssh-keygen -f id_rsa -p







We use Matomo free and open source web analytics
We also use Jetpack WordPress.com Stats which honores DNT