You can use expr utility to evaluate expressions in both of the command line or shell script. Here are a few examples:

expr 6 + 4
10

Note the spaces. Without spaces, you get the following:

expr 6+4
6+4

If you are using "*" you will need a "\" before it:

expr 10 \* 10
100

This also work for variables:

var1=2
var1=`expr $var1 \* 2`
echo $var1
4

You can get the cosine(.23):

var1=`echo "c(.23)" | bc -l`
echo $var1
.97366639500537483696

You can also do substrings:

expr substr "BigBear" 4 4
Bear

And length of strings:

mstr="12345"
expr length $mstr
5

Regular expressions:

expr "a3" : [a-z][1-9]
2

Or you can get a bit fancy:

myexpr="[a-z][1-9]"
expr "a3" : $myexpr
2

This may not be the best way to find out if it is Friday, but it seems to work. It's more of an exercise in xargs.

date
Fri Dec 31 16:44:47 EST 2004
date | xargs -i expr {} : "[Fri]"
1

Netstat is a simple and great network utility. Here are a few useful usage examples:

What Network Services are Running?

netstat -atup

or

netstat -ap | grep LISTEN | less

This can be helpful to determine the services running.

Need stats on dropped UDP packets?

netstat -s -u

or TCP

netstat -s -t

or summary of everything

netstat -s

or looking for error rates on the interface?

netstat -i

Listening interfaces?

netstat -l

For some type of setups, if network connections not available during startup process, exim4 takes long time to start. To solve this problem, you must use DC_minimaldns option of exim4. You can also configure this feature with

dpkg-reconfigure exim4-config

on Debian based systems. You should answer Yes for the question "Keep number of DNS-queries minimal?"

However, if hostname --fqdn command doesn't print a full qualified hostname (actually only checked one dot) exim4 gives a warning and DC_minimaldns function doesn't work.

For example your hostname is "debian" and if hostname --fqdn also prints just "debian" this is due to the following behaviour of hostname command:

• When used --fqdn parameter, firstly it learns the exact hostname
• After hostname is learned, it uses gethostbyname() function and prints h_name field of hostent structure.

Probably you have a record in /etc/hosts file like that:

127.0.0.1    debian

In this scenario, hostname --fqdn will also just print "debian". To solve this you must write a dotted hostname first in /etc/hosts file like that:

127.0.0.1    debian.localhost   debian

After that hostname --fqdn will print "debian.localhost" and this makes exim4 happy.

To turn this feature on just use:

shopt -s cdspell

Now mispell a directory in the cd command.

cd /usk/local

still gets you to /usr/local. What other options can you set? The following will list all the options:

shopt -p

If you want to disable emacs splash screen startup message you should enter following lines into your ~/.emacs file.

;;disable splash screen and startup message
(setq inhibit-startup-message t)
(setq initial-scratch-message nil)

aureport can be used to look at SELinux audit reports, options include [today, this-month, this-week ..etc]. And, if you get anything in the avc row, then, you can issue the --avc -i option.

$ aureport --start today

Summary Report
======================
Range of time in logs: 10/12/2007 10:09:05.572 - 10/24/2007 14:20:01.242
Selected time for report: 10/24/2007 00:00:01 - 10/24/2007 14:20:01.242
Number of changes in configuration: 0
Number of changes to accounts, groups, or roles: 0
Number of logins: 0
Number of failed logins: 0
Number of authentications: 1
Number of failed authentications: 0
Number of users: 1
Number of terminals: 2
Number of host names: 1
Number of executables: 3
Number of files: 0
Number of AVC's: 0
Number of MAC events: 0
Number of failed syscalls: 0
Number of anomaly events: 0
Number of responses to anomaly events: 0
Number of crypto events: 0
Number of process IDs: 105
Number of events: 111

You can use following command to learn details of all the available system calls for Linux:

man syscalls

You can also look at the syscall manual in Linux Programmer's Manual with:

man 2 syscall

(Reference: http://www.ibm.com/developerworks/linux/library/l-system-calls)

If you want to learn that a specific command is aliased to another or not, you can use type utility with -all parameter as below:

$ type -all ls
ls is aliased to `ls --color=auto'
ls is /bin/ls

pgrep and pkill commands used for to lookup a process by attribute. To quick find all instances of ssh running, for user root, execute the following command:

pgrep -u root -l ssh

To kill a process, or send a signal use the "pkill". For example, to make syslog reread its configuration file:

pkill -HUP syslogd

Another command command is pidof that can tell you how many processes are running. This can be useful for detecting DOS attacks.

pidof sshd
4783 4781 30008 30006 29888 29886 2246

Above there are 7 sshd's running.

Reference: "Tcpdump, Raw Socket and Libpap Tutorial" at http://souptonuts.sourceforge.net/tcpdump_tutorial.html.

If you want syntax highlighting in less, you can use source highlight software: http://www.gnu.org/software/src-highlite

In Debian bases systems, package name is source-highlight and you can start using just setting two environment values as below:

export LESSOPEN="| /usr/share/source-highlight/src-hilite-lesspipe.sh %s"

export LESS=' -R '