One liner collection (and short things)

aaaa oneliner collection.sh

# open gist for oneliner (or very short bash things) collection

anti-dos-iptables.sh

# Anti-HTTP-DoS iptables rule
iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 30 -j REJECT --reject-with tcp-reset

# this will reject http traffic if there are more than 30 per second

authorized_keys2puppet.sh

# Parse authorized_keys to get Puppet syntax
cat authorized_keys | grep -Eve "^$" -e "^#.*$" | while read line; do type="$(echo $line | awk '{print $1}')"; key="$(echo $line | awk '{print $2}')"; name="$(echo $line | awk '{print $3}')"; echo -e "    '$name':\n      ensure => present,\n      type   => '$type',\n      key    => '$key',\n      user   => '\$user';\n"; done

batch-passwd.sh

# Batch multi password change for users
for u in user1 user2 user3 user4; do pw="$(apg -m8 -x8  -n1 -a0 -MNCL)"; echo -e "Benutzername: $u\nPasswort: $pw"; echo "$u:$pw" | chpasswd; sleep 0.5;   echo ""; done

block-facebook.sh

# Block IP ranges of Facebook
for i in $(whois -h whois.radb.net '!gAS32934' | head -n2 | tail -n1); do sudo iptables -A OUTPUT -d $i -j REJECT; done

check-pdns-db.sh

# Check PDNS database for corrupt entries (non-ASCII records)
mysql pdns -e "select * from records where content <> convert(content using ASCII);"

check-spf-lookup-errors.sh

# Check SPF lookup errors and also check for already whitelisted IP addresses
for ip in `grep -i spf /var/log/mail.log | grep -i lookups | grep -i rejec | awk -F\[ '{print $3}' | awk -F\] '{print $1}' | sort | uniq`; do if [ ! -d "/var/lib/tumgreyspf/config/client_address/`echo $ip | tr "." "/"`" ] ; then echo "IP $ip -> `host $ip | awk '{print $5}'`" ; fi; done

date-eval-in-cron.sh

# Date evaluation in cronjob command
/path/to/script | mail -s "Subject with calendar week `date +\%V`" recipient@domain.tld

default-ip.sh

# Get default outbound IP address
ip addr show dev $(ip route show | grep default | awk '{print $5}') | grep inet | awk '{print $2}' | awk -F\/ '{print $1}' | head -n 1

erb_array_magic.erb

if var['something'].respond_to?('each')
    puts "It is an array"
else
    puts "It is not an array"
end

export-pgp-key-to-remote-server.sh

# Fast, secure and convenient way to transfer a secret key to another server
gpg --export-secret-key --armor <your key id> | ssh <remotehost> gpg --import

find-mails-with-x-php-originating.sh

# Find X-PHP-Originating-Script headers in /var/spool/postfix
find /var/spool/postfix/ -type f -exec grep -l X-PHP {} \; | cut -d / -f 7 | xargs -n1 postcat -q | grep X-PHP

# OR: Search for "X-PHP-Originating-Script" in all undelivered Postfix mails
grep -rinl "X-PHP-Originating-Script" /var/spool/postfix  | xargs -n 1 -I {} bash -c "echo {} | cut -d/ -f7" | xargs -n1 postcat -q | grep PHP

fix-igneg-bug.sh

# Fix igneg_nice bug on vserver guests and hosts
for i in `vserver-stat | awk '{ print $1; }'` ; do if [ $i != "CTX" ] ; then vattribute --xid $i --set --flag igneg_nice ; fi ; done

git-outside.sh

# Git from outside of repository
git --git-dir=/home/user/example-repo/.git --work-tree=/home/user/example-repo $GITCOMMAND_HERE

ip-grep.sh

# Search for IP addresses and print all IPs found

# complex IP regex
# matches:
# - 1.3.3.7
# - 001.003.003.007
# - 0.0.0.0 (also valid)
# - 01.255.255.255

"(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)"

list-gpg-rcpts.sh

# Lists all GPG recipients of a file
gpg --list-only --no-default-keyring --secret-keyring /dev/null $infile

mute-bash-cmd.sh

# Mute bash output the short way
command &> /dev/null

non-ascii-renamer.sh

# Rename non-ascii filenames in one line for shell
for f in * ; do mv "$f" `echo $f | tr -cd "a-zA-Z0-9.-_"`; done

numix-gtk.sh

# Install numix GTK theme
sudo add-apt-repository ppa:numix/ppa
sudo apt-get update
sudo apt-get install numix-plymouth-theme numix-gtk-theme numix-icon-theme numix-icon-theme-circle

openvpn-connect-on-chromebook.sh

# Connect with openvpn config file on ChromeOS

# 0. shill shouldn't kill tun0
sudo stop shill
sudo start shill BLACKLISTED_DEVICES=tun0

# 1. create tun0 (or tunX) device
/usr/sbin/openvpn --dev tun0 --mktun

# 2. change to directory where .ovpn is stored
/home/chronos/user/some_folder_name/

# 3. connect using .ovpn file with device tun0 (or tunX)
/usr/sbin/openvpn --config some_file_name.conf --dev tun0

perl-sed.sh

# Perl variant of sed search replace (with multi line support)
DATA="data with multiple
lines"
cat /tmp/template | perl -i -0pe "s/_DATA_/${DATA}/g"

pfx2pem.sh

# PFX to PEM cert and key
# crt
openssl pkcs12 -in $file -out zertifikat.crt -clcerts -nokeys
# key
openssl pkcs12 -in $file -out schluessel.key -nocerts -nodes
# ca certs
openssl pkcs12 -in $file -out chain.crt-cacerts -nokeys

print-authlog-users.sh

# Print all users from /var/log/auth.log w/o CRON
grep -v CRON /var/log/auth.log | grep -E "user (.*)$" | sed -r "s/(from|by) (.*)//g" | awk '{print $NF}' | sort | uniq -c | sort -n

print-listening-ports.sh

# Print all open (and listening) ports
netstat -anp --tcp --udp | grep LISTEN

scripts-dir.sh

# variable with current script directory
dir=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )

search-all-access-logs.sh

# Search all access log directories

# grep through all access logs (with zipped ones)
for s in <server>; do ssh $s "grep -rin access.log /etc/apache2/sites-enabled /etc/apache2/puppet-vhosts /etc/apache2/user-vhosts -h | egrep -o \"\ /.*access.log\" | tr -d \"\ \" | awk -F/ '{\$NF=\"\"}1' | tr \"\ \" \"/\" | sort | uniq | xargs -n 1 -I {} sh -c \"find {} -iname '*access*' 2> /dev/null\" | while read line; do zgrep --no-filename '<grep-for-something>' \$line; done" | tee -a log_$s.log; done

# list all access log files (with zipped ones)
for s in <server>; do ssh $s "grep -rin access.log /etc/apache2/sites-enabled /etc/apache2/puppet-vhosts /etc/apache2/user-vhosts -h | egrep -o \"\ /.*access.log\" | tr -d \"\ \" | awk -F/ '{\$NF=\"\"}1' | tr \"\ \" \"/\" | sort | uniq | xargs -n 1 -I {} sh -c \"find {} -iname '*access*' 2> /dev/null\"" | tee -a log_$s.log; done

# maybe there is a better way for this but I had to to do it by myself without research

show subject and parse mime encoded string with perl.sh

curl -s --url "imaps://$IMAPSERVER/$FOLDER" -X "FETCH $msgID BODY.PEEK[HEADER.FIELDS (Subject)]" --user "$USERNAME:$PASSWORD" -D - | grep Subject | perl -pe 'use MIME::Words(decode_mimewords); $_=decode_mimewords($_);'

show-active-connetions.sh

# Show me all active connections in a timestamp loop
while true; do echo "`date | awk '{print $4}'`  connections `netstat -antp | grep -vi LISTEN | wc -l`"; sleep 0.5; done

ten-biggest-tables.sql

# Show me the ten biggest MySQL tables
mysql -e "SELECT CONCAT(table_schema, '.', table_name),
       CONCAT(ROUND(table_rows / 1000000, 2), 'M')                                    rows,
       CONCAT(ROUND(data_length / ( 1024 * 1024 * 1024 ), 2), 'G')                    DATA,
       CONCAT(ROUND(index_length / ( 1024 * 1024 * 1024 ), 2), 'G')                   idx,
       CONCAT(ROUND(( data_length + index_length ) / ( 1024 * 1024 * 1024 ), 2), 'G') total_size,
       ROUND(index_length / data_length, 2)                                           idxfrac
FROM   information_schema.TABLES
ORDER  BY data_length + index_length DESC
LIMIT  10;"

to-bytes.sh

# from http://stackoverflow.com/a/24289918
toBytes() {
 echo $1 | echo $((`sed 's/.*/\L\0/;s/t/Xg/;s/g/Xm/;s/m/Xk/;s/k/X/;s/b//;s/X/ *1024/g'`))
}