====== Hálózati okosságok ======

==== File letöltő BASH-sel ====

<file>
#!/bin/bash
# Usage: ./download_file 'https://www.baeldung.com/java-weekly-495' 'java_weekly_495.html'
raw_download() {
    wPROTO="${1%://*}"
    af="${1#*://}"
    wBASE="${af%%/*}"
    wSUB="${af#*/}"

    HTTP_REQUEST="$({
        echo -en 'GET /'"${wSUB}"' HTTP/1.1\r\n'
        echo -en 'Host: '"${wBASE}"'\r\n'
        echo -en 'Connection: close\r\n\r\n'
    })"

    if [[ "${wPROTO,,}" = 'https' ]] ; then
        echo "${HTTP_REQUEST}" | openssl s_client -quiet -connect ${wBASE}:443
    else
        exec {NFD}<>"/dev/tcp/${wBASE}/80"
        echo "${HTTP_REQUEST}" >&"${NFD}"
        while read -u "${NFD}" lz; do
            echo "${lz}"
        done
        exec {wFD}>&-
    fi
}

main() {
    raw="$(raw_download "${1}" 2>errorlog.txt)"
    echo "${raw#*$'\r\n\r\n'}" > "${2}"
}

main "${@}"
</file>

==== Rsync ====

To create a new directory at the destination and back up your files there, add a trailing slash (/) at the end of the destination path. If you add the trailing slash to the source, then the source directory will not be created at the destination. Rsync only transfers its content in that case.
Kulcs használat:

  rsync e "ssh -i $HOME/.ssh/somekey"

==== Firewalld ====

[[https://linuxconfig.org/introduction-to-firewalld-and-firewall-cmd-command-on-linux]]

==== Port tesztelés BASH-sel ====

/dev/tcp/host/port: (If host is a valid hostname or Internet address, and port is an integer port number or service name, bash attempts to open a TCP connection to the corresponding socket.)

/dev/udp/host/port: (If host is a valid hostname or Internet address, and port is an integer port number or service name, bash attempts to open a UDP connection to the corresponding socket.)

So you could use something like this:

  xenon-lornix:~> cat < /dev/tcp/127.0.0.1/22
  SSH-2.0-OpenSSH_6.2p2 Debian-6
  ^C pressed here

Szkriptbe:

  (echo > /dev/tcp/localhost/1500) >/dev/null 2>&1 && echo "It's up" || echo "It's down"
  timeout 1s bash -c "true <>/dev/tcp/localhost/443" >/dev/null 2>&1 && echo "It's up" || echo "It's down"
  while [[ -n $((echo > /dev/tcp/$TCPS/$TCPP) 2>&1 > /dev/null) ]]; do echo varunk; sleep 10; done

nc-vel:

  nc -zv hoszt port

Windows PowerShell:

  Test-NetConnection -ComputerName myserver.com -Port 443
==== NFS okosságok ====

Portcheck ([[http://bluefinch-nl.blogspot.com/2014/04/mounting-nfs-shares-from-linux-server.html|link]])

==== SSH okosságok ====

[[linux:ssh-exit-codes.sh|SSH exit kódok]]

=== SSH-n másolás köztes állomáson át ===

  tar cvf - file1 file2 | ssh KoztesHoszt "ssh -o \"StrictHostKeyChecking no\" CelHoszt \"cd CelMappa && tar -xvf -\""
  
Kicsit kultúráltabban:

~/.ssh/config:

<file>
Host jumphost1
  User username1
Host jumphost2
  User username2
  ProxyCommand ssh -W %h:%p jumphost1
Host jumphost3
  User username3
  ProxyCommand ssh -W %h:%p jumphost2
Host server
  User username4
  ProxyCommand ssh -W %h:%p jumphost3
</file>

Majd 
  ssh/scp server ...

=== Több parancs futtatása SSH-n ===

  ssh user@server "$( cat <<'EOT'
  echo "These commands will be run on: $( uname -a )"
  EOT
  )"

Vagy csak simán az escape problémákra megoldás: 

  ssh root@server ps uax \| grep ba[c] \| \'{ print \$2 }\' \> /tmp/back.tmp

or you could double quote the single quotes instead of escaping them (in both cases, you need to escape the dollar sign)

  ssh root@server ps uax \| grep ba[c] \| "'{ print \$2 }'" \> /tmp/back.tmp

=== Jelszavas sudo parancs futtatása SSH-n ===

<file>
#!/bin/bash
read -a Pass -s -p "Jelszavad? : "
expect -c "
      set timeout 5
      spawn ssh -tt -n $server \"echo -e \\"$Pass\\r\\" | sudo -S <parancs>\"
      expect "Are you sure" { send "yes\r"} timeout {}
      expect "?assword:"
      send \"$Pass\r\"
      expect eof"
</file>

Az ssh parancs ne hajtsa végre a hibás RC kódú parancs utáni többi parancsot: set -e

=== SFTP leírások ===

  [[https://serverfault.com/questions/639042/does-openssh-sftp-server-use-umask-or-preserve-client-side-permissions-after-put|File permissions]]
  [[https://www.techrepublic.com/article/how-to-set-up-an-sftp-server-on-linux/|How to set up SFTP server on Linux]]

==== Egyéb okosságok ====

=== Network socket darabszám mérő ===

  netstat -an | awk '/^tcp/ {A[$(NF)]++} END {for (I in A) {printf "%5d %s\n", A[I], I}}'
  
=== Hálózati áteresztőképesség mérés ===

iperf-fel, 25-ös porton, Mb-ban kiírva, 45 mp-ig, 2 mp-enként kiírva az aktuális rátát, 3 szálon ([[http://openmaniak.com/iperf.php|bővebb tutorial]]):

  [node2]# iperf -p 25 -s (server)
  [node1]# iperf -f m -p 25 -c node2 -t 45 -i 2 -P 3 (client)

SSH-val (UNIX/Linux): 

  [node1]# cat /dev/zero | ssh node2 "cat > /dev/null"
  [node1]# dd if=/dev/zero bs=1M count=1000 status=progress | ssh node2 "cat > /dev/null"

FTP-vel (Unix/Linux):

  [node1]# ftp node2
  ftp> bin
  ftp> put "| dd if=/dev/zero bs=32k count=10000 " /dev/null

=== Hálózat felderítés ===

  nmap -sP hoszt/hálózat

=== Port scanning ===

  nmap -sT hoszt

=== Ethernet és FC portok lekérdezése ===

<file>
#!/bin/bash
SEARCH=${1-.}
VLAN_SNIFF_TIME=10
#ETH
echo "Port#Address#Speed#State#VLANs#Slaves" | awk -F'#' '{printf "%-25s | %-17s | %10s | %-10s | %-13s | %-15s\n",$1,$2,$3,$4,$5,$6}'
echo "# Ethernet:"
for ETH in $(ip addr | awk -F': ' '/</{print $2}' | egrep -v '(@|lo|^$)' | grep "$SEARCH" | sort -k1); do
        STATE=$(ethtool $ETH 2>/dev/null | awk -F': ' '/Link detected/{print $2}' | sed -e 's/yes/Link UP/' -e 's/no/Link DOWN/')
        SPEED=$(ethtool $ETH 2>/dev/null | awk -F': ' '/Speed/{print $2}' | sed 's/^[0-9]*/& /')
        MAC=$(ip addr | grep -A1 "[^@]$ETH:"  | grep -o '\([0-9abcdef]\{2\}:\)\{5\}[0-9abcdef]\{2\}' | awk '{print $1}' | grep -v 'ff:ff:ff:ff:ff:ff')
        VLANS=$(timeout ${VLAN_SNIFF_TIME} tcpdump -c 1000 -nni $ETH -e vlan 2>/dev/null | grep -o 'vlan [0-9]*' | sort | uniq | awk '/vlan/{print $2}' | tr '\n' ' ')
        SLAVES=""
        for BOND in `ls /proc/net/bonding/* 2>/dev/null`; do
            if [[ $(grep -c "Slave.*$ETH" $BOND) -gt 0 ]]; then
                MAC=$(grep -A5 "Slave.*$ETH" $BOND | tail -n1 | grep -oP '(?<=addr: ).*$')
            fi
        done
        if [[ $ETH =~ ^bond ]]; then
                SLAVES=$(awk '/^Slave Interface/{print $3}' /proc/net/bonding/$ETH | tr '\n' ' ')
        fi
        echo "$ETH#$MAC#$SPEED#$STATE#$VLANS#$SLAVES" | awk -F'#' '{printf "%-25s | %-17s | %10s | %-10s | %-13s | %-15s\n",$1,$2,$3,$4,$5,$6}'
done
#FC
echo "# Fiber Channel:"
for PORT in $(ls -d /sys/class/fc_host/host*); do
        STATE=$(cat $PORT/port_state)
        SPEED=$(cat $PORT/speed)
        WWN=$(cat $PORT/port_name | sed 's/^0x//')
        echo "$PORT#$WWN#$SPEED#$STATE" | awk -F'#' '{printf "%-25s | %-17s | %10s | %-10s\n",$1,$2,$3,$4}'
done
</file>

=== Processz izolálása hálózaton ===

<file>
#!/bin/bash
[[ -e /var/run/netns/kalitka ]] || ip netns add kalitka
ip netns exec kalitka ip addr add 127.0.0.1/8 dev lo
ip netns exec kalitka ip link set dev lo up
ip netns exec kalitka $*
</file>

=== VLAN tag-ek az interfész csomagjain ===

  tcpdump -c 1000 -nni bond0 -e vlan | grep -o 'vlan [0-9]*' | sed 's/^.*$/Found & tagged pockets/' | sort | uniq

[[http://www.yolinux.com/TUTORIALS/LinuxTutorialNetworking.html#MULTICAST]]

[[https://www.aelius.com/njh/subnet_sheet.html|Subnet Mask Cheat Sheet]]