List of useful FreeBSD Commands
Below is a list of my favorite commands I often use during my daily system administration duties and others I use just for fun. I hope my readers will find this informative and learn a few things by the end of this post. Most of these will also work on Linux.
Check the weather
install curl
# pkg install curl
Now check the weather
# curl http://wttr.in
ever wonder what development stack or CMS a website is using?
Install whatweb
# pkg install whatweb
Find out what stack that site uses
# whatweb medium.comhttp://medium.com [301 Moved Permanently] CloudFlare, Cookies[__cfduid,__cfruid], Country[UNITED STATES][US], HTTPServer[cloudflare], HttpOnly[__cfduid,__cfruid], IP[104.16.121.127], RedirectLocation[https://medium.com/], Title[301 Moved Permanently], UncommonHeaders[cf-cache-status,x-content-type-options,cf-ray,alt-svc,cf-request-id]https://medium.com/ [200 OK] CloudFlare, Cookies[__cfduid,__cfruid,optimizelyEndUserId,sid,uid], Country[UNITED STATES][US], Email[9ygdqoKprhwuTVKUM0DLPA@2x.png,haCUs0wF6TgOOvfoY-jEoQ@2x.png,u002F589e367c28ca47b195ce200d1507d18b@sentry.io,uULpIlImcO5TDuBZ6lm7Lg@2x.png], Google-Analytics[Universal][UA-24232453–2], HTML5, HTTPServer[cloudflare], HttpOnly[__cfduid,__cfruid,sid,uid], IP[104.16.122.127], Open-Graph-Protocol[website][542599432471018], OpenSearch[/osd.xml], Script[application/ld+json], Strict-Transport-Security[max-age=15552000; includeSubDomains; preload], UncommonHeaders[sepia-upstream,medium-fulfilled-by,x-envoy-upstream-service-time,cf-cache-status,expect-ct,x-content-type-options,cf-ray,alt-svc,cf-request-id], X-Frame-Options[allow-from medium.com]
Check if a reboot is required on a FreeBSD system; if versions do not match a reboot is required
# uname -r; freebsd-version
check if reboot is required on a Debian based systems; if output reads “ No such file or directory” than a reboot is not required”
# cat /var/run/reboot-required
Gnu-watch (just watch on Linux) is a helpful command that can be used in conjunction with any command that gives output but does not have an option to provide continued or real-time output of the command; for example anyone who has ever managed a mail/postfix server will be familiar with another one of my go to commands “mailq”. This command which prints out all queued messages that are pending delivery due to various reason such as being blocked by a spam list or users on the system sending emails to incorrect address’s.
Often times when you discover an issue with mail delivery this is the go to command to determine the reason, then once you have identified the root cause, and resolved the issue there is nothing more satisfying than seeing the number of messages in the queue go down lower and lower until they are all released from the queue.
Install gnu-watch
# pkg install gnu-watch
To monitor the mailq and print out an update every 5 seconds you would simply run
# gnu-watch -n 5 mailq
Ctrl+C to close.
Another equally awesome command to monitor the mailq in real time which provides a more comprehensive overview of the the queue is pfqueue
install pfqueue
# pkg install pfqueue
check the mailq
# pfqueue
aww yea! an empty mailq just what I like to see :)
RSYNC Commands
Rsync a very powerful tool to copy files locally and remotely and can also be scripted to create backup scripts. Check out this example of these scripts that perfrom both local and off-site backups a LAMP stack applications.
install rsync
# pkg install rsync
sync local folder nginx to a local directory, external drive, or nfs share.
# rsync -av /root/backup/nginx/ /mnt/nas02/lb01/sending incremental file list./nginx-backup_test-2020.tar.gznginx-backup_test2–2020.tar.gznginx-backup_test3–2020.tar.gzsent 18,555,489 bytes received 76 bytes 37,111,130.00 bytes/sectotal size is 102,235,136 speedup is 5.51
sync a local folder to a remote server over ssh (this is known as push)
# rsync -avzh username@host:/local/folder/ /remote/files/to/copy
sync a folder on a remote system to your local machine (this is know as pull)
# rsync -avzh username@host:/local/folder/ /remote/files/to/copy
sync directory while excluding a sub-directory
# rsync — exclude=folder_to_exclude/ -avhP /local/folder/username@host:/remote/folder/to/copy/files/to
MYSQL
export mysql database
# mysqldump -u username -p database_name > data-dump.sql
import mysql database
Login to mysql console
mysql -u root -p
create database name if it does not already exist.
# CREATE DATABASE new_database;
now import database
# mysql -u username -p new_database < data-dump.sql
reset mysql root password
# service mysqld stop# mysqld_safe — skip-grant-tables &# mysql — user=root mysql# update user set Password=PASSWORD(‘new-password’) where user=’root’;# flush privileges;# exit;
Viewing and manipulating files & logs
view a file
# cat filename.txt
tail a log file for real-time viewing or example the mail log
# tail /var/log/maillog
search a file for a specific word, in the below example I’m searching the mailq for an email address, which is useful when you are trying to track down issue with an inbox that may not be receiving or sending mail
# tail -f /var/log/mail.log | grep “email@domain.com”
sometimes its helpful to narrow down what we are looking for by viewing the lines before and after each targeted word.
this command will display five lines after outputting what we are looking for
# tail -f /var/log/maillog | grep -A 5 “email@domain.com”
print 5 lines before outputting what we are looking for
# tail -f varlog/maillog | grep -B 5 “email@domain.com”
search all files that contain a word
# grep -i -r some_word
or a phrase
# grep -r ‘word or phrase’ *
list files that contain words; this method is much cleaner & faster then above commands (The word(s) you use are case-sensitive)
# grep -rli word
Or, if you only want to search in .txt files, combine it with find
# find /some/dir -name ‘*.txt’ -exec grep -li ‘searchstring’ {} \;
append text to an existing file
# echo ‘add this text to end of file’ >> file.txt
prepend text to an exiting file (add text to beginning of the file)
# printf ‘%s\n’ 0a “add this to begining “ . w | ed -s textfile.txt
or prepend multiple lines
# printf ‘%s\n’ 0a “line 1” “line 2” . w | ed -s textfile.tx
delete files that are X days old from a directory
the below command will purge any file(s) within /usr/jails/ezjail_archives that are 14 days or older
# find /usr/jails/ezjail_archives/* -mtime +14 -exec rm {} \;
delete files & folders that are 14 days or old
# find /folder/location/* -mtime +14 -exec rm -rf {} \;
search entire file system for a file by name
# find / -name filename
find files by searching only part of their name in a specific directory
# find /path/of/folder/to/be/searched/* -name ‘*Untraceable*’
Compress a file with tar.gz
# tar -czvf archive-name.tar.gz /path/to/directory-or-file
unpack file we just created
# tar -xzvf archive-name.tar.gz
DNS related commands
check if a domain uses DNSSEC you will see RRSIG records in the reply if DNSSEC is requested
isc.org does support DNSSEC
# dig +dnssec isc.org dnskey; <<>> DiG 9.16.2 <<>> +dnssec isc.org dnskey
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22304
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;isc.org. IN DNSKEY;; ANSWER SECTION:
isc.org. 7199 IN DNSKEY 257 3 13 zEoOfseNFDM+E8spu7RR2Ar/GzFqAehe4yapWLiv6McIUF6xmI5GcIQ3 +uLAizS2cNWHt6EArVj8ogjtrRXwfw==
isc.org. 7199 IN DNSKEY 256 3 13 1CS+VQcRn4lGTK+b3wDjVO0hFDx4DV7s3Q1Fwxuq9ahd255FRny4f4vd ZOMMMxpbRH5Zhwoh/706IV0v9JwjlA==
isc.org. 7199 IN RRSIG DNSKEY 13 2 7200 20200601130852 20200502125806 7250 isc.org. CsMS1qIiBQTFvbDR6SZQqB69+wFpHRQJcTwHW8m7GCnSUdVH7ms/MzSd C8fpNskQkGlyUtt4JkltV8WrCvk7Gw==
isc.org. 7199 IN RRSIG DNSKEY 13 2 7200 20200601130852 20200502125806 27566 isc.org. qLbAt8qocFP9FZTCpob1tGkvrDMOp9E7HaF9pTWHzS4rW30olAqSIYzR 4EeuGWqucOvujZuklS4JX8HL+rjMQg==;; Query time: 46 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Sat May 09 07:46:46 EDT 2020
;; MSG SIZE rcvd: 402
ypcr.com does not support DNSSEC
# dig +dnssec ypcr.com dnskey; <<>> DiG 9.16.2 <<>> +dnssec ypcr.com dnskey
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;ypcr.com. IN DNSKEY;; AUTHORITY SECTION:
ypcr.com. 585 IN SOA ns23.domaincontrol.com. dns.jomax.net. 2020031509 28800 7200 604800 600;; Query time: 18 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Sat May 09 07:49:33 EDT 2020
;; MSG SIZE rcvd: 105
lookup name servers for a domain name
# host -t ns domain.com
domain.com name server ns-1250.awsdns-28.org.
domain.com name server ns-166.awsdns-20.com.
domain.com name server ns-2022.awsdns-60.co.uk.
domain.com name server ns-683.awsdns-21.net.
lookup a domain’s mail server (mx records)
# host -t mx gmail.com
gmail.com mail is handled by 30 alt3.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 10 alt1.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 5 gmail-smtp-in.l.google.com.
gmail.com mail is handled by 40 alt4.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 20 alt2.gmail-smtp-in.l.google.com.
lookup a domain’s txt records (find spf records)
# host -t txt hotmail.com
hotmail.com descriptive text "v=spf1 ip4:157.55.9.128/25 include:spf.protection.outlook.com include:spf-a.outlook.com include:spf-b.outlook.com include:spf-a.hotmail.com include:_spf-ssg-b.microsoft.com include:_spf-ssg-c.microsoft.com ~all"
hotmail.com descriptive text "google-site-verification=gqFmgDKSUd3XGU_AzWWdojRHtW3_66W_PC3oFvQVZEw"
lookup domain’ss soa records
# host -t soa yahoo.com
yahoo.com has SOA record ns1.yahoo.com. hostmaster.yahoo-inc.com. 2020050900 3600 300 1814400 600
lookup DNS TTL value must use the domain’s ns server which can be found by “host -t ns domain.com”. This is if your default DNS server is not the authoritative server for the zone you are digging; dig will show the time remaining (until the next refresh) instead of the raw TTL value in this position. In short without defining the name server than dig will use your networks name server. you can lookup the name server to any domain using host -t ns domain.com
# dig +nocmd +noall +answer @nameserver_in_use_by_domain domain.com
or
lookup dns TTL value count down
# dig +nocmd +noall +answer domain.com
note: the dig tool is not installed by default in recent version of FreeBSD, this is because dig ships with BIND, which was removed from the base system in 10.x. alternately you can use drill which replacedldns-tools which has replaced BIND and shares the same syntax as dig. You can also obtain dig by installing bind-tools
# pkg install bind-tools
command to lookup public IP behind NAT/router
# dig +short domain.com @resolver1.opendns.com
FreeBSD Pro tip: Never miss a FreeBSD related post on twitter, follow @FreeBSD_Bot it retweets everything with #FreeBSD
Enjoy!