GNU/Linux Tips

来自Jack's Lab
跳转到: 导航, 搜索

目录

1 RK61

RK61 RGB 蓝牙键盘

  • Fn+空格 长按3秒,恢复出厂设置
  • Fn+Win 关闭/开启Win键


1.1 蓝牙

  • Fn+Tab USB 有线/蓝牙模式切换
  • Fn+P 长按 3 秒进入蓝牙配对模式。配对时 P 键连续闪烁,配对结束 P 键停止闪烁。温馨提示:在蓝牙配对之前,请先将键盘切换为蓝牙模式,否则此功能无效
  • Fn+Q/W/E 蓝牙设备切换。RK31 支持同时存储 3 台蓝牙设备,并可在 3 台设备之间任意切换,切换时全键背光闪烁多次,则表示切换成功
  • 蓝牙配对详细方法
    • 打开键盘背部开关,状态为ON
    • Fn+Tab切换至蓝牙模式
    • 通过Fn+Q/W/E选择一组将要连接的蓝牙模式,比如Fn+Q,此时全键背光闪烁多次,则表示切换成功,若没反应则表示键盘未进入蓝牙模式,请再次重复步骤二切换为蓝牙模式
    • 长按Fn+P进入蓝牙配对模式,此时P键连续闪烁
    • 打开电脑/手机蓝牙,搜索并连接名为"RK bluetooth keyboadr"的设备
    • 连接成功,P键停止闪烁,完成


1.2 背光

  • Fn + | 背光效果切换,支持 19 种
  • Fn + [ 或 ] 背光亮度增加或减小
  • Fn + ; 动态变换速度减小


1.3 复合键

复合键支持主功能和副功能,副功能需配合 Fn 使用,当按下 Fn+复合功能键时,即可实现该按键的副功能

  • Fn + 左Ctrl:复合键的主功能与副功能切换
    • 默认情况下:主功能为上排字符,副功能为下排字符
    • 按一次 Fn+左Ctrl,主/副功能互换,即:主功能为下排字符,副功能为上排字符
    • 再单一次 Fn+左Ctrl, Y / U /  I  / H / J / K / N / M / ,< 恢复主键功能,其他仍为副键功能
    • 第三次按下 Fn+左Ctrl,恢复为默认状态
  • Fn+右Shift:锁定/解锁方向键
    • 在任意情况下,都可以通过 Fn+右Shift 锁定/开启方向键。
    • 当主键功能和副键功能互换后,需再次通过 Fn+右Shift 锁定方向键
    • 当方向键锁定后,按 Fn+ ↑  功能为  /  ;按 Fn+左Shift + ↑ 功能为 ? 


2 XPS 9560

2.1 Dual Video Card


2.2 touchpad issue


2.3 Buffer I/O error


2.4 BIOS

开机按“F2”,进入到Bios界面,修改bios :

  • System Configuration - SATA Operation 改成 AHCI


2.5 optimus


2.6 Thunderbolt to DP

  • USB-C to DisplayPort adapter/cable: Allows you to use a single DisplayPort 1.2 output, which can drive a single 4K 60 Hz display, dual 2560x1600 60 Hz displays, or up to 3x 1080p displays. The system only supports 3 independent active displays total, fyi.


  • USB-C to HDMI 2.0 adapter/cable: Allows you to run a single display up to 4K at 60 Hz, assuming the display itself supports that via its HDMI input, and not all 4K 60 Hz displays do.


  • USB-C docking station (such as the WD15): This would only allow up to dual 1080p displays or a single 2560x1600 displays at 60 Hz, or a single 4K display only at 30 Hz, since now the USB-C port has to carry both display and USB data, which reduces available display bandwidth. But obviously you get more connectivity with a dock than a simple cable/adapter, and you'd also be able to charge the system with this single cable. If you get the WD15, you'll need the one with the 180W adapter.


  • Thunderbolt 3 to Dual DisplayPort adapter: Allows you to use two DisplayPort 1.2 outputs, which means up to dual 4K 60 Hz displays or 3x 2560x1600 60 Hz displays (if you use DisplayPort daisy chaining). If needed, you can connect active DisplayPort to HDMI/DVI/VGA adapters to this adapter, but not the less expensive and more common passive adapters.


  • TB3 docking station (such as the TB16): Same display capabilities as above since you're now using Thunderbolt rather than USB-C and there's no "penalty" for carrying the other data at the same time like there is with USB-C. If you get the TB16, you'd be able to use passive DisplayPort adapters if needed, and if you wanted to charge your system, you'd need the TB16 version with the 240W adapter.


2.7 Reference


3 GPD Pocket2

 $ dd if=my_usb_image.iso of=/dev/sdX bs=4M

https://ubuntu-mate.org/umpcs/


4 Mirror


5 HTTPS 自有数字证书的生成

HTTPS 网站所用的证书可向可信 CA 机构申请,不过这一类基本上都是商业机构,申请证书需要缴费,一般是按年缴费,费用因为 CA 机构的不同而不同。低成本应用可以使用 openssl 工具生成自签发的数字证书,可以节约费用,不过得妥善保护好证书私钥,不能泄露或者丢失。HTTPS 通信所用的数字证书格式为 X.509。

自签发数字证书步骤如下:

5.1 生成自己的 CA 根证书

# 生成CA私钥文件ca.key:
$ openssl genrsa -out ca_private.key 1024

# 生成X.509证书签名请求文件ca.csr:
$ openssl req -new -key ca_private.key -out ca.csr

# 在生成ca.csr的过程中,会让输入一些组织信息等。

# 生成X.509格式的CA根证书ca_public.crt(公钥证书):
$ openssl x509 -req -in ca.csr -signkey ca_private.key -out ca_public.crt


5.2 生成服务端证书

# 先生成服务器私钥文件server_private.key:
$ openssl genrsa -out server_private.key 1024

# 根据服务器私钥生成服务器公钥文件server_public.pem:
$ openssl rsa -in server_private.key -pubout -out server_public.pem

# 服务器端需要向CA机构申请签名证书,在申请签名证书之前依然是创建自己的证书签名请求文件server.csr:
$ openssl req -new -key server_prviate.key -out server.csr

# 对于用于HTTPS的CSR,Common Name必须和网站域名一致,以便之后进行Host Name校验。

# 服务器端用server.csr文件向CA申请证书,签名过程需要CA的公钥证书和私钥参与,最终颁发一个带有CA签名的服务器端证书server.crt:
$ openssl x509 -req -CA ca_public.crt -CAkey ca_private.key -CAcreateserial -in server.csr -out server.crt

# 如果服务器端还想校验客户端的证书,可以按生成服务器端证书的形式来生成客户端证书。

# 使用openssl查看证书信息:
$ openssl x509 -in server.crt -text -noout


服务器配置,指定两个文件即可:

  • ssl_certificate = server.crt
  • ssl_private_key = server_private.key


6 Console width

 stty rows 50 cols 132


7 Locales

安装中文支持包:

$ sudo apt install language-pack-zh-hans*



8 Timezone

$ sudo timedatectl set-timezone Asia/Shanghai

or:

$ sudo ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

or:

$ sudo dpkg-reconfigure tzdata


9 grub

修复 windows 双启动:

 sudo grub-probe --target=hints_string /boot/efi/EFI/Microsoft/Boot/bootmgfw.efi
 sudo grub-probe --target=fs_uuid /boot/efi/EFI/Microsoft/Boot/bootmgfw.efi
 sudo grub-mkconfig -o /tmp/grub.cfg

其会自动检测所有硬盘上的系统,自动生成配置文件

把新生成的 /tmp/grub.cfg 覆盖 /boot/grub/grub.cfg 即可

参考:https://www.jianshu.com/p/5007e555ec12


10 gnome-terminal

打开 *.desktop,找到 Exec=gnome-terminal

Exec = gnome-terminal --hide-menubar --full-screen
Exec = gnome-terminal --hide-menubar --maximize


11 Bash

11.1 sort


11.2 While

while [[ $snum -le $enum ]];  
do  
echo $snum  
((snum++))  
done


11.3 For

DIDS="
121
122
123
124
125
"

for d in $DIDS; do echo $d; done

11.4 Bell

echo -en "\007"


11.5 Random Num

RANDOM := $(shell od -An -N2 -i /dev/random | tr -d ' ')

##############################################
RANDOM := $(shell /bin/bash -c 'echo $$RANDOM')

test:
    echo $(RANDOM)

##############################################
awk 'BEGIN{srand();printf("%d", 65536*rand())}'


11.6 Notes

$ set -- one two
$ echo $1
one
$ echo ${1}
1
$ eval echo ${1}
one

$ n=2
$ echo ${n}
2
$ echo ${!n}
two
$ eval echo \${$n}
two

String:

text=${text/ /-}     # 只替换一个空格
text=${text// /-}    # 全部替换空格

$ cat test.txt |tr -s [:space:]

echo ${var^}      # 把变量中的第一个字符换成大写 
echo ${var^^}    # 把变量中的所有小写字母,全部替换为大写
echo ${var,}       # 把变量中的第一个字符换成小写
echo ${var,,}      # 把变量中的所有大写字母,全部替换为小写



11.7 Bash readline

#!/bin/bash 
count=1
cat X1A001.dat | while read line        # 从文本文件 X1A001.dat 一行一行的读 
do 
   echo "$count:$line" 
   count=$(($count + 1))
done
exit 0



11.8 命令行历史

1. 忽略当前这条命令
 $ export HISTCONTROL=ignorespace
 $ [space]echo "this is a top secret"


2. 禁用当前会话的所有历史记录
 $ export HISTSIZE=0


3. 工作结束后清除整个历史
 $ history -cw


4. 只针对你的工作关闭历史记录
 $ [space]set +o history

要重新开启:

 $ [space]set -o history


5. 从历史记录中删除指定的命令
 $ history
 $ history -d 3



12 vim

去除数字标号后的换行符 0x0a:

:%s/^\([0-9]\+\.\)\n/\1/g


13 User Add

$ userdel comcat
$ adduser clark



14 Sudo

修改 sudo 配置建议使用 visudo

不建议使用 vim 直接修改 /etc/sudoers,而是使用 visudo。因为修改 /etc/sudoers 文件需遵循一定的语法规则,使用 visudo 的好处就在于,当修改完毕 /etc/sudoers 文件,离开修改页面时,系统会自行检验 /etc/sudoers 文件的语法

$ sudo visudo

15 ngrok


16 Static IP

查看哪个网卡插了网线:

$ cat /sys/class/net/YourNetCardName/carrier
1

1 表示有载波,说明有网线

Ubuntu:

$ sudo nano /etc/netplan/01-netcfg.yaml

# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    ens33:
      dhcp4: no
      dhcp6: no
      addresses: [192.168.1.100/24]
      gateway4: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8,8.8.4.4]

$ sudo netplan apply
$ sudo netplan --debug apply


Debian:

$ vi /etc/netwrok/interfaces
iface eth0 inet static
      address 10.1.1.125
      netmask 255.0.0.0
      gateway 10.1.1.1


17 端口文件

 /etc/services:各类网络服务对应的 port 记录文件


18 Ping

Ping 的本质:https://www.jianshu.com/p/e1795962ad76


19 Network Monitor

19.1 iftop

监测服务器与各客户端 IP 地址之间的通讯流量:

$ sudo apt-get install iftop
$ sudo iftop -P -i eth1


19.2 ifstat

$ sudo apt-get install ifstat
$ sudo ifstat -t -i wlan0 2
  Time          wlan0       
HH:MM:SS   KB/s in  KB/s out
11:04:42      0.00      0.00
11:04:44      0.02      0.03
11:04:46      0.12      1.29
11:04:48     32.94      9.75
11:04:50     63.31     12.23


refter to: http://www.binarytides.com/linux-commands-monitor-network/



20 Firewall

[oracle@localhost ~]$ sudo firewall-cmd --query-port=80/tcp
no
[oracle@localhost ~]$ sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
success
[oracle@localhost ~]$ sudo firewall-cmd --query-port=80/tcp
no
[oracle@localhost ~]$ sudo systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2020-07-16 10:14:01 CST; 37min ago
     Docs: man:firewalld(1)
 Main PID: 936 (firewalld)
    Tasks: 2
   CGroup: /system.slice/firewalld.service
           └─936 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid

Jul 16 10:14:01 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Jul 16 10:14:01 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
[oracle@localhost ~]$ sudo systemctl restart firewalld.service
[oracle@localhost ~]$ sudo firewall-cmd --query-port=80/tcp
yes
[oracle@localhost ~]$ sudo firewall-cmd --query-port=80/tcp
yes
[oracle@localhost ~]$ sudo firewall-cmd --permanent --zone=public --remove-port=80/tcp
success
[oracle@localhost ~]$ sudo firewall-cmd --query-port=80/tcp
yes
[oracle@localhost ~]$ sudo firewall-cmd --reload                  # 更新规则之后,要运行--reload 使其生效
success
[oracle@localhost ~]$ sudo firewall-cmd --query-port=80/tcp
no


21 HTTP 抓包

HTTP 协议分析:

$ tshark tcp port 80 or tcp port 443 -V -R "http.request || http.response" -i eth1 |
 sed -rn '/Hypertext Transfer Protocol/{:a;N;/    \\r\\n:?/{/.*/p;d};ba}'


只显示 GET 类请求的头:

  $ tshark 'tcp port 80' -R 'http.request.method == "GET" || http.request.method == "HEAD"' -i eth1



22 Port Scan

# TCP Connect scanning
# nmap -v -sT localhost
# nmap -v -sT 192.168.31.0/24

# nmap TCP SYN (half-open) scanning
# nmap -v -sS localhost

# nmap TCP FIN scanning
# nmap -v -sF localhost

# nmap TCP Xmas tree scanning
# nmap -v -sX localhost

# nmap TCP Null scanning
# nmap -v -sN localhost

nmap TCP RPC scanning
# nmap -v -sR localhost

nmap UDP scanning
# nmap -v -O localhost

nmap remote software version scanning
# nmap -v -sV localhost



23 netcat

23.1 简单web服务器

web 查看系统状态 (TOP):

#!/bin/bash
top -b -n 1 > /tmp/top.txt
app = "nc -l 996"
count=1;

while [ count>0 ]
do
        pn = `ps -wef|grep "${app}" |grep -v grep |grep " 1 "|wc -l`
        echo $pn
        if  test $pn -lt 1
        then
                top -b -n 1 >/tmp/top.txt
                nc -l 996   </tmp/top.txt
        fi
done    



23.2 传送文件

server: nc -v -l -p 1234 > 1.txt

client: nc -v -n 192.168.0.1 1234 < 1.txt
server: $ cat backup.iso | nc -l 3333

client: $ nc 192.168.0.1 3333 > backup.iso


Show the progress of the data transfer:

server: $ cat backup.iso | pv -b | nc -l 3333

client: $ nc 192.168.0.1 3333 | pv -b o> backup.iso



23.3 Other

S: $ dd if=/dev/hdb5 | gzip -9 | nc -l 3333
C: $ nc 192.168.0.1 3333 | pv -b > myhdb5partition.img.gz

S: $ tar -czf - /etc/ | nc -l 3333
C: $ nc 192.168.0.1 3333 | pv -b > mybackup.tar.gz



24 WiFi Config

24.1 wireless tools

$ sudo ip link set wlan0 up
$ sudo iw dev wlan0 scan | less 

$ sudo iw dev wlan0 connect [网络 SSID]
$ sudo iw dev wlan0 connect [网络 SSID] key 0:[WEP 密钥]   # For WEP


$ cat /etc/wpa_supplicant/my.conf
network={
    ssid="[网络 ssid]"
    psk="[密码]"
    priority=1
}

$ sudo wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/my.conf &
$ sudo dhclient wlan0


24.2 nmcli

# list your connections
$ sudo nmcli c

$ sudo nmcli c up uuid <paste essid uuid here>



24.3 Reference



25 Sed

1. 关于 -n 的说明 The default operation of sed is to output every input line. The -n option suppresses the automatic output. When specifying this option, each instruction intended to produce output must contain a print command, p. Look at the following example.


2. debian 下读取指定软件包的所有信息(实质上是读取相邻两个空行之间的所有数据)

   sed -n '/^Package: libc6-udeb/{:next;N;//n$/!b next;p}' Packages

PS: 每 N 一行,缓冲区会加入 /n<newline> ,当读入一空行时,缓冲区的最后一个字符就是 /n


3. 读取所有软件包的名字

   sed -n 's/^Package: \(.*\)/\1/p' Packages

PS: \1 表示保留 pattern 中第一个子模式,即匹配括号中模式的予以保留


4. 提取含有特定信息的数据块(比如获取所有 gnome 用到的包)

   sed '/^Package:/{:next;N;//n$/!b next;/Section: gnome/b;d}' Packages


5. sed 中使用 bash 中定义的变量

   sed -n "/^Package: $file/{:next;N;//n$/! b next;p}" Packages

PS: 注意 sed 的命令部分是用“”括起来的,这样可以引用 bash中定义的变量 file;另外!和 b之间 要留有空格否则bash 会报错,因为在bash中!有特殊用途。


6. 关键字提取

$  sed -n 's/.*[^a-zA-Z]\{1\}\([a-zA-Z]\+[bB]\{1\}ot\).*/\1/p' 2024-01-19-access.log.1 | sort | uniq
dotbot
xxBot
$ sed -n 's/^\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\).*/\1/p' 2024-02-19-access.log | sort | uniq 



26 Grep

1. 提取文件中所有符合模式的字符串:

 egrep -or "MJD[0-9]{12}" /tmp/alldevid



27 Kernel代码格式化

kernel source tree 的 scripts/ 下有一个 Lindent 的脚本:

#!/bin/sh
PARAM="-npro -kr -i8 -ts8 -sob -l80 -ss -ncs -cp1"
RES=`indent --version`
V1=`echo $RES | cut -d' ' -f3 | cut -d'.' -f1`
V2=`echo $RES | cut -d' ' -f3 | cut -d'.' -f2`
V3=`echo $RES | cut -d' ' -f3 | cut -d'.' -f3`
if [ $V1 -gt 2 ]; then
  PARAM="$PARAM -il0"
elif [ $V1 -eq 2 ]; then
  if [ $V2 -gt 2 ]; then
    PARAM="$PARAM -il0";
  elif [ $V2 -eq 2 ]; then
    if [ $V3 -ge 10 ]; then
      PARAM="$PARAM -il0"
    fi
  fi
fi
indent $PARAM "$@"



28 udev

$ lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
Bus 002 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
Bus 003 Device 002: ID 413c:2003 Dell Computer Corp. Keyboard
Bus 002 Device 003: ID 413c:3016 Dell Computer Corp. Optical 5-Button Wheel Mouse
Bus 002 Device 016: ID 18d1:4e22 Google Inc. Nexus S (debug)

Bus 002 Device 016 就是我的手机,对应的设备节点是 /dev/bus/usb/002/016

如下命令查看设备信息:

$ udevadm info -q all -n /dev/bus/usb/002/016 
P: /devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6
N: bus/usb/002/016
E: BUSNUM=002
E: DEVNAME=/dev/bus/usb/002/016
E: DEVNUM=016
E: DEVPATH=/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6
E: DEVTYPE=usb_device
E: DRIVER=usb
E: ID_BUS=usb
E: ID_MEDIA_PLAYER=google_nexus-s
E: ID_MODEL=SGH-T959
E: ID_MODEL_ENC=SGH-T959
E: ID_MODEL_ID=4e22
E: ID_REVISION=0231
E: ID_SERIAL=samsung_SGH-T959_32334071DA1D00EC
E: ID_SERIAL_SHORT=32334071DA1D00EC
E: ID_USB_INTERFACES=:080650:ff4201:
E: ID_VENDOR=samsung
E: ID_VENDOR_ENC=samsung
E: ID_VENDOR_ID=18d1
E: MAJOR=189
E: MINOR=143
E: PRODUCT=18d1/4e22/231
E: SUBSYSTEM=usb
E: TAGS=:udev-acl:
E: TYPE=0/0/0
E: UDEV_LOG=3
E: USEC_INITIALIZED=599355697049

或者:

$ udevadm info -q path -n /dev/bus/usb/002/016 
/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6

$ udevadm info -a -p $(udevadm info -q path -n /dev/bus/usb/002/016)

  looking at device '/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6':
    KERNEL=="2-1.6"
    SUBSYSTEM=="usb"
    DRIVER=="usb"
    ATTR{configuration}==""
    ATTR{bNumInterfaces}==" 2"
    ATTR{bConfigurationValue}=="1"
......
......

根据 http://www.reactivated.net/writing_udev_rules.html#basic 写一个 udev rules 文件 /etc/udev/rules.d/62-android.rules:

# 匹配上设备则将设备节点文件的 mode 改为 0666,建一个 /dev/GalasyS 的符号链接指向它 
SUBSYSTEM=="usb", ENV{ID_VENDOR_ID}=="18d1", ENV{ID_MODEL}=="Galaxy", MODE="0666", SYMLINK+="GalaxyS"
SUBSYSTEM=="usb", ENV{ID_VENDOR_ID}=="18d1", ENV{ID_MODEL_ID}=="4e22", MODE="0666", SYMLINK+="GalaxyS"
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e22", ATTR{product}=="Galaxy" MODE="0666", SYMLINK+="GalaxyS"

如对某一行 rule 没底,可用如下命令测试这个 rule:

$ udevadm test --action='"usb", ENV{ID_VENDOR_ID}=="18d1", ENV{ID_MODEL}=="Galaxy", MODE="0666", SYMLINK+=
"GalaxyS"' $(udevadm info -q path -n /dev/bus/usb/002/016)
......
udev_node_add: creating device node '/dev/bus/usb/002/016', devnum=189:143, mode=0664, uid=0, gid=0
udev_node_mknod: preserve file '/dev/bus/usb/002/016', because it has correct dev_t
udev_node_mknod: preserve permissions /dev/bus/usb/002/016, 020664, uid=0, gid=0
node_symlink: preserve already existing symlink '/dev/char/189:143' to '../bus/usb/002/016'
......

确定后重启 udev 即可:

 sudo service udev restart





29 VirtualBox

29.1 Mount VDI image

$ od -j344 -N4 -td4 /work/FreeDos.vdi | awk 'NR==1{print $2;}'
8192

$ sudo losetup -f --show -o 8192 /work/FreeDos.vdi
/dev/loop0

$ sudo fdisk  -lu /dev/loop0

Disk /dev/loop0: 113 MB, 113246208 bytes
16 heads, 63 sectors/track, 219 cylinders, total 221184 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

      Device Boot      Start         End      Blocks   Id  System
/dev/loop0p1   *          63     1023119      511528+   6  FAT16

$ sudo mount -o loop,offset=$((512*63)) /dev/loop0 /mnt

$ ls /mnt/
AUTOEXEC.BAT  BOOTSECT.BIN  COMMAND.COM  FDCONFIG.SYS  FDOS  KERNEL.SYS


$ sudo umount /mnt
$ sudo losetup -d /dev/loop0

$ VBoxManage clonehd /work/FreeDos.vdi /work/freedos.vdi --format VDI --variant Fixe



30 Mount a disk image

$ sudo losetup -fv ./rasper-pi.img 
Loop device is /dev/loop0

$ sudo kpartx -av /dev/loop0
add map loop0p1 (252:0): 0 114688 linear /dev/loop0 8192
add map loop0p2 (252:1): 0 7917568 linear /dev/loop0 122880

$ sudo mount /dev/mapper/loop0p2 /mnt

$ ls /mnt/
bin  boot  dev  etc  home  lib  lost+found  media  mnt  opt  proc  root  run  sbin  selinux  srv  sys  tmp  usr  var



31 xxd

Revert byte order:

$ printf "0x%016X" 11903500002 | xxd -r -p >t.bin
$ xxd -g 1 t.bin
00000000: 00 00 00 02 c5 80 fe e2

$ printf "%016X" 11903500002 | fold -w2 | tac | tr -d "\n" | xxd -r -s 8 -p - x.bin
$ xxd  -g1 x.bin  | head
00000000: aa ff ff ff ff ff ff ff e2 fe 80 c5 02 00 00 00  ................
00000010: f8 2a ff ff ff ff ff ff ff ff ff ff ff ff ff ff  .*..............
00000020: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................


$ echo 4BF8E | rev
E8FB4

$ echo 030201 | grep -o .. | tac | paste -sd '' -
010203

function revert_hex() {
    echo ${1} | fold -w2 | tac | tr -d "\n";
}
$ revert_hex 030201

https://zhuanlan.zhihu.com/p/82199492


32 GDB Tips

GDB



33 OpenOCD

OpenOCD


34 Strace Tips

1. strace 是一个诊断调试工具,其借助内核 ptrace 机制,跟踪目标进程所执行的系统调用和收到的信号。

2. 常用选项

-o filename: 将输出信息写到文件filename中,默出输出到标准错误(stderr)
-c: 统计输出,包括每个系统调用的执行时间、被调用次数等
-tt: 每行前加上相对时间戳
-e trace=open,close: 只跟踪open, close
-e trace=file: 只跟踪以文件名为参数的的调用,等价于 -e trace=open,stat,chmod,unlink...
-e trace=process: 进程管理相关
-e trace=network: 网络相关
-e trace=ipc: 进程间通信相关
-e trace=signal: 信号相关
-e verbose=close,open: vebose模式输出(结构体成员都输出)
-e abbrev=open: 默认情况下所有调用的显示都是abbreviate,只要给这个选项,就只有open为abbrev
-e raw=open: open 调用以16进制形式输出参数
-e read=3,5: 显示文件描述符3、5的读取数据
-e write=3,5
-p pid: 绑定到pid对应的正在运行的进程。此参数常用来调试后台进程
-f: 除了跟踪当前进程外,还跟踪其子进程
-ff: 当跟踪多个进程且输出到文件时,使用该选项则将各个进程的跟踪信息写入各个filename.pid中



35 Git

git diff的时候忽略换行符的差异:

 git config --global core.whitespace cr-at-eol


http proxy:

 git config --global http.proxy 'socks5://127.0.0.1:8080'


git server:

$ apt-get install git-daemon-sysvinit
$ cat /etc/default/git-daemon
GIT_DAEMON_ENABLE=true
GIT_DAEMON_USER=gitdaemon

GIT_DAEMON_DIRECTORY=/var/data/git
GIT_DAEMON_BASE_PATH=/var/data/git

GIT_DAEMON_OPTIONS="--export-all --enable=upload-pack --enable=upload-archive --enable=receive-pack --informative-errors"


修改.git/config添加如下代码:

[receive]
    denyCurrentBranch = ignore


在初始化远程仓库时最好使用 git --bare init 而不要使用 git init

如果使用了git init初始化,则远程仓库的目录下,也包含work tree,当本地仓库向远程仓库push时, 如果远程仓库正在push的分支上(不在push分支,没有问题), 那么push后的结果不会反应在work tree上, 也即在远程仓库的目录下对应的文件还是之前的内容,必须得使用git reset --hard才能看到push后的内容



35.1 Tag

列显已有的标签:

$ git tag
v0.1
v1.3
$ git tag -l 'v1.4.2.*'
v1.4.2.1
v1.4.2.2
v1.4.2.3


创建 Tag:

$ git tag -a v1.4 -m 'my version 1.4'
$ git tag v1.4-lw
$ git tag -s v1.5 -m 'my signed 1.5 tag'


后期加注标签:

$ git log --pretty=oneline
15027957951b64cf874c3557a0f3547bd83b3ff6 Merge branch 'experiment'
a6b4c97498bd301d84096da251c98a07c7723e65 beginning write support
0d52aaab4479697da7686c15f77a3d64d9165190 one more thing

$ git tag -a v1.2 0d52aaab


本地 Tag 推送到远程:

$ git push --tags


获取远程 Tag:

$ git fetch origin tag <tagname>


删除远程 Tag:

$ git push origin --delete tag <tagname>



35.2 submodule

关联:
$ git submodule add git://github.com/icamgo/xtensa-toolchain.git tools/xtensa-toolchain
$ git status
	new file:   .gitmodules
	new file:   tools/xtensa-toolchain

$ cat .gitmodules 
[submodule "tools/xtensa-toolchain"]
	path = tools/xtensa-toolchain
	url = git://github.com/icamgo/xtensa-toolchain.git

$ git commit -a -m "add the xtensa-toolchain as submodule"
$ git push


使用
$ git submodule init
$ git submodule update



35.3 Remove

First, remove the commit on your local repository:

$ git reset --soft HEAD^

Then, force push to GitHub by using:

$ git push origin +master



35.4 Remove from upstream

using https://rtyley.github.io/bfg-repo-cleaner/

$ bfg --strip-blobs-bigger-than 50M
# Git history will be cleaned - files in your latest commit will *not* be touched



35.5 Branch

35.5.1 push

  $ git push origin local_branch



35.5.2 delete

  $ git push origin :remote_branch



35.6 Merge

35.6.1 git cherry-pick

55e0513c is at branch devel, we merge it into master:

$ git checkout master
$ git cherry-pick 55e0513c



35.7 Patch

export all the 19 commits:

$ git format-patch  -s -p --stat -19 -o /tmp/



35.8 Bitbucket

Get started with an existing project:

$ cd /path/ to/your/repo
$ git remotee add origin ssh://git@bitbucket.org/YOUR_UNAME/repo.git
$ git push -u origin master


Get started from scratch:

$ git clone git@bitbucket.org:YOUR_UNAME/repo.git
$ cd repo
$ echo '# README' >> README.md
$ git add README.md
$ git commit -m "Initial commit"
$ git push -u origin master



35.9 ssh agent

# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
Agent pid 59566

$ ssh-add ~/.ssh/id_rsa


35.10 Using SSH over the HTTPS port

~/.ssh/config:

Host github.com
Hostname ssh.github.com
Port 443
User git

Testing:

$ ssh -T git@github.com
> Hi USERNAME! You've successfully authenticated, but GitHub does not
> provide shell access.

https://docs.github.com/en/authentication/troubleshooting-ssh/using-ssh-over-the-https-port



36 Fonts

Google 思源黑体被称为 Noto Sans CJK

Google-noto-font.jpg

comcat@jackslab:/$ sudo apt-cache search "Noto Sans CJK"
fonts-noto-cjk - "No Tofu" font families with large Unicode coverage (CJK)
comcat@jackslab:/$ sudo apt-get install fonts-noto-cjk


37 Markdown

$ sudo apt-get install pandoc
$ sudo apt-get install texlive-xetex texlive-latex-recommended texlive-latex-extra
$ sudo apt-get install ttf-arphic-gbsn00lp ttf-arphic-ukai # from arphic
$ sudo apt-get install ttf-wqy-microhei ttf-wqy-zenhei     # from WenQuanYi
$
$ git clone git://github.com/tinyclub/markdown-lab.git
$ cd markdown-lab/article/
$ make 



38 Gitbook



39 ip 反查域名

https://www.dnspod.cn/proxy_diagnose/recordscan/bugscaner.com?callback=jQuery11130016070984887319728_1514449435423&_=1514449435426



40 ATA Secure Erase

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase



41 nginx/php

$ sudo apt-get install nginx
$ sudo apt-get install php7-fpm

$ sudo /etc/init.d/nginx start
$ sudo /etc/init.d/php7-fpm start



42 crontab

crontab的格式:

 分 时 日 月 星期 要运行的命令

第1列分钟 1~59

第2列小时 1~23(0表示子夜)

第3列日 1~31

第4列月 1~12

第5列星期 0~6(0表示星期天)

第6列要运行的命令


例子:

30 21 * * * /usr/local/apache/bin/apachectl restart
上面的例子表示每晚的21:30重启apache。

45 4 1,10,22 * * /usr/local/apache/bin/apachectl restart
上面的例子表示每月1、10、22日的4 : 45重启apache。

10 1 * * 6,0 /usr/local/apache/bin/apachectl restart
上面的例子表示每周六、周日的1 : 10重启apache。

0,30 18-23 * * * /usr/local/apache/bin/apachectl restart
上面的例子表示在每天18 : 00至23 : 00之间每隔30分钟重启apache。

0 23 * * 6 /usr/local/apache/bin/apachectl restart
上面的例子表示每星期六的11 : 00 pm重启apache。

* */1 * * * /usr/local/apache/bin/apachectl restart
每一小时重启apache

* 23-7/1 * * * /usr/local/apache/bin/apachectl restart
晚上11点到早上7点之间,每隔一小时重启apache

0 11 4 * mon-wed /usr/local/apache/bin/apachectl restart
每月的4号与每周一到周三的11点重启apache

0 4 1 jan * /usr/local/apache/bin/apachectl restart
一月一号的4点重启apache



43 dns bind9

root@srv:~#  apt-get install bind9

配置文件的路径在/etc/bind路径下面

vim /etc/bind/named.conf.local 
添加如下:

zone "jk.com"  { type master; file "/etc/bind/db.jk.com"; };

修改db的配置文件
root@srv:/etc/bind# cp db.local db.jk.com
root@srv:/etc/bind# vim db.jk.com
$TTL    604800
@       IN      SOA     jk.com. root.localhost. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      localhost.
@       IN      A       127.0.0.1
@       IN      AAAA    ::1
test       IN      A       192.168.0.11
test       IN      A       192.168.0.12
test       IN      A       192.168.0.13

修改/etc/bind/named.conf.option 配置文件,在 named.conf 中可以设置 bind 的 round-robin 的给出结果的顺序:

rrset-order { order cyclic; };

rrset-order 支持三个参数:fixed, random, cyclic 。
fixed 会将多个A记录按配置文件的顺序固定给出
random 会随机给出
cyclic 会循环给出



44 dnsmasq



45 iptables

iptables

5 个 "hook points" (Chain):

  • PREROUTING
  • POSTROUTING
  • FORWARD # that flow through a gateway computer, coming in one interface and going right back out another
  • INPUT # just before they are delivered to a local process
  • OUTPUT # just after they are generated by a local process

选择 chain:

If you want to filter outgoing packets, it is best to do so in the OUTPUT chain because the POSTROUTING chain is not associated with the filter table.


3 个内建 Tables:

  • filter (不用 -t 指定 table,则默认使用此 table)
  • mangle
  • nat


Targets:

  • -j 指定
  • DNAT
    • DNAT 模式用来做目的网络地址转换,比如把某个目的端口包都转发到内网的地址端口,可以做某种类型的负载平衡
    • 一般挂在 PREROUTING chain of the nat table。
    • Destination NAT (DNAT) exposes specific services on an internal network to the outside world without linking the internal computers directly to the Internet.
  • SNAT (gateway computer has a static IP address)
    • SNAT 模式用于源网络地址转换,就是重写包的源 IP 地址。比如内网多台机器通过一个网关上网,网关负责将内网 ip 重写为网关的公网 ip
    • 一般挂在 POSTROUTING chain of the nat table。
    • Source NAT (SNAT) is used to share a single Internet connection among computers on a network。
  • MASQUERADE (gateway computer has a dynamic IP address)
  • ACCEPT
  • REDIRECT
  • DROP
  • QUEUE
  • RETURN


45.1 开启 ip4 forward

Command line:

$ sysctl -w net.ipv4.ip_forward=1
# 查看
$ sysctl -p

# or 
$ echo 1 > /proc/sys/net/ipv4/ip_forward


Configuration:

$ sudo vim /etc/sysctl.conf

# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1


45.2 实例

网关端口映射到内网:

$ iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.87:8080


共享网关公网地址入网:

# static ip
$ iptables -t nat -A POSTROUTING -o eth1 -j SNAT

# dynamic IP
$ iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE


If you have an HTTP proxy (such as Squid) configured to run as a transparent proxy on your firewall computer and listen on port 8888, you can add one rule to redirect outbound HTTP traffic to the HTTP proxy:

$ iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8888
# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 6666


将测试网段的端口的包转发到本机端口,其他网段则正常访问原端口:

$ iptables -t nat -A PREROUTING -p tcp -s 192.168.10.0/24 --dport 1234 -j REDIRECT --to-ports 6666


端口转发,将源为 A 访问 B 的 1234 端口的包,转发到 C 的 6666 端口,其他的不管:

$ iptables -t nat -A PREROUTING -s 192.168.10.2 -p tcp --dport 1234 -j DNAT --to-destination 192.168.10.6:6666 
$ iptables -t nat -A POSTROUTING --dst 192.168.10.2 -p tcp --dport 6666 -j MASQUERADE

# 将目的端口 82 的包,全部转发到 xx.xx.xx.xx:83
$ iptables -t nat -I PREROUTING -p tcp --dport 82 -j DNAT --to-destination  xx.xx.xx.xx:83
$ iptables -t nat -I POSTROUTING -d  xx.xx.xx.xx  -p tcp --dport 83 -j MASQUERADE    # 目标为 xx.xx.xx.xx:83 的 tcp 包,自动获取当前网卡的 IP 地址进行源地址转换

$ iptables -t nat -I POSTROUTING -j MASQUERADE    # 自动获取当前网卡的 IP 地址进行源地址转换
  • -s [!] addr[/mask] <===> --src <===> --source
  • -d [!] addr[/mask] <===> --dst <===> --destination
  • DNAT 模式用来做目的网络地址转换,比如把某个目的端口包都转发到内网的地址端口,可以做某种类型的负载平衡。Destination NAT (DNAT) exposes specific services on an internal network to the outside world without linking the internal computers directly to the Internet.
  • SNAT 模式用于源网络地址转换,就是重写包的源 IP 地址。一般挂在 POSTROUTING chain of the nat table。Source NAT (SNAT) is used to share a single Internet connection among computers on a network。


保存规则:

$ service iptables save 


关闭端口转发:

$ service iptables stop


45.3 策略

显示:

$ iptables [-t table] -S [chain]
$ iptables -t nat -S PREROUTING    # 显示指定的 chain 中当前生效的策略,如果不指定 chain,那么显示 table 中所有的 chain,如果不指定 table,默认为 filter table
$ iptables-save    # 显示所有 iptables 中生效的策略

$ iptables [-t table] -L [-v] [-n] [--line-number ]    # 按照表格形式显示当前生效策略的方法
$ iptables -t nat -L -n --line-number
  • -L -n 等同于 -nL, --line 等同于 --line-number
  • 使用 -v 参数可以显示额外的进出接口、包和流量统计信息。
  • 使用 -n 参数表示用数字表示IP和端口号,默认会尝试查找 dns
  • 使用 --line-number 参数显示策略行号,可以在插入、修改策略时用此参数查看 rule-num
  • 可简写为: -nvL


追加:

$ iptables [-t table] -A chain rule-specification


插入:

$ iptables [-t table] -I chain [rule-num] rule-specification


删除:

$ iptables [-t table] -D rule-num
$ iptables -t nat -D PREROUTING 2


修改:

$ iptables [-t table] -R chain rule-num rule-specification


设置默认:

$ ipables [-t table] -P target

在 filter table 中,target 可以是 DROP 或者 ACCEPT,其它 table 默认都是 ACCEPT,貌似无法修改(存疑)



46 vsftp

快速搭建简易 ftp 服务: VSFTP Quick Start


47 Samba

Quick Start: Samba Tips


48 WIKI

Quick Start: WIKI Tips


49 Language

49.1 Node.js


49.2 Perl Catalyst


50 Database

50.1 InfluxDB


50.2 mysql

Quick Start: MYSQL Tips


50.3 sqllite

Quick Start: SQLITE Tips


50.4 Mongodb

Quick Start: MongoDB Quick Start


51 Grafana

Quick Start: Grafana Quick Start


52 graphviz

Graphviz Notes


53 ubifs

# size of created mtd is 256.0 MiB
modprobe nandsim first_id_byte=0x2c second_id_byte=0xda third_id_byte=0x90 fourth_id_byte=0x95
flash_erase /dev/mtd0 0 0
ubiformat /dev/mtd0 -s 2048 -O 2048
modprobe ubi
ubiattach -m 0 -d 0 -O 2048
# set $(SIZE) to value more than size of the ubifs filesystem
ubimkvol /dev/ubi0 -N volname -s $(SIZE)
ubiupdatevol /dev/ubi0_0 $(UBIFS)
mount /dev/ubi0_0 /mnt



54 ffmpeg

Quick Start: FFMPEG Tips


55 mplayer

Quick Start: MPlayer Tips


56 Linux 下定义快捷键

56.1 xbindkeys

这是个通用方式,通过守护进程 xbindkeys 截获键盘事件,其不依赖于重型桌面环境(如 gnome, kde ...),直接使用 X11 的库。

Steps:

$ apt-get install xbindkeys
$ xbindkeys -d  > ~/.xbindkeysrc
$ echo \"gnome-screenshot\" >> ~/.xbindkeysrc
$ echo "  control+shift + s"
$ xbindkeys


56.2 Gnome 环境下

访问“System>Preferences>Keyboard Shortcuts”,选定想要设置的项目,然后键入快捷键即可生效。


56.3 Metacity 中加快捷键

1. 运行 gconf-editor

2. 去到 “Apps->Metacity->keybinding Commands”

  • 这里可设多个快捷键。选一(如 command_3),编辑该键,设置“key value”为“gedit”。按“确定”。
  • 到“Global keybingdings” ,选择“run_command_3”
  • 选择“Edit key”,改键值为 \<Control\>e
  • 按下 ctrl-e ,应该会出现 gedit 窗口。


57 SELinux

https://www.configserverfirewall.com/ubuntu-linux/disable-selinux-ubuntu/


58 Audit

https://techglimpse.com/how-to-use-auditing-system-in-linux-configure-audit-logs-and-generate-reports/

https://linux-audit.com/configuring-and-auditing-linux-systems-with-audit-daemon/










个人工具
名字空间

变换
操作
导航
工具箱