tcpdump 获取80 端口 http请求内容

tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' -n -s 0 -A

strace 获取某进程发出的请求

strace -p 10095 -q -f  -s 10000 -e trace=network

查找与替换

查找当前目录 log 文件 中含有 关键字的 文件

find -name '*.py'|xargs grep 'webssh'

替换

find -name '*.py' | xargs perl -pi -e 's|abc|efg|g'

正则

查找不包含某个字符串

^((?!abc).)*$

nginx

日志

http{
  log_format apm '[$time_local]\tclient=$remote_addr\t'
               'request="$request"\t request_length=$request_length\t'
               'http_referer="$http_referer"\t'
               'bytes_sent=$bytes_sent\t'
               'body_bytes_sent=$body_bytes_sent\t'
               #'user_agent="$http_user_agent"\t'
               'upstream_addr=$upstream_addr\t'
               'upstream_status=$upstream_status\t'
               #'cookie="$http_cookie"\t'
               #'request_body="$request_body"\t'
               'document_root="$document_root"\t'
               'fastcgi_script_name="$fastcgi_script_name"\t'
               'request_filename="$request_filename"\t'
               'request_time=$request_time\t'
               'upstream_response_time=$upstream_response_time\t'
               'upstream_connect_time=$upstream_connect_time\t'
               'upstream_header_time=$upstream_header_time\t';
    access_log  /opt/logs/nginx/access.log  apm;
}

firewall-cmd 端口管理

1. 开放/删除端口

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=80/tcp --permanent

2. 查询某个/全部端口

firewall-cmd --query-port=80/tcp
firewall-cmd --list-port

3. 重启防火墙

firewall-cmd --reload

4. 开启/关闭防火墙

systemctl start firewalld.service
systemctl stop firewalld.service

5. 加入/禁止开机启动

systemctl enable firewalld.service
systemctl disable firewalld.service