Ansible 2.0

If you're managing configuration with Puppet or Chef, chances are you've heard of Ansible as well.

Just last week we got Ansible 2.0 released which brings quite a few improvents on top of a massive refactoring.

I'm quite late starting with Ansible but very impressed with it so far: it's a great way of quickly confirming remote server's state with SSH and sudo AND a neat way of scripting configurations with Ansible playbooks.

I have written my first playbook two weeks ago and need to change them now so that they follow the updated syntax.

Are you guys using Ansible as well?


Centralized BASH history with timestamps

For every Unix user, there comes a point where shell history suddenly becomes very relevant. You learn to consult it, then start recovering the last command, then switch to searching past commands history to save precious time normaly taken typing.
Shortly after such a point in your life, you'll probably want to enhance your shell history in two very common ways:
  1. Make sure every terminal window can update AND access your centralized shell history. So you run a command or two in one window, then type "history" anywhere else and see them two commands right there.
  2. Provide meanigful timeline, this is done with timestamps. Very simple and powerful change helps you see exactly when each command occured.

Here's how you achieve both of these massive improvents to your history in BASH. Just add this to /etc/bashrc on your Linux system:

export HISTTIMEFORMAT="%d.%m.%y %T "
export HISTCONTROL=ignoredups:erasedupsshopt -s histappend
export PROMPT_COMMAND="${PROMPT_COMMAND:+$PROMPT_COMMAND$'\n'}history -a; history -c; history -r;"
export HISTCONTROL=ignoreboth

How to change filesystem label with tune2fs

Some properties of ext2, ext3, and ext4 file systems on Linux and UNIX can be tuned on the fly using the tune2fs command. This includes the file system's label.

First of all let's list the existing values of a given file system using the -l option:

tune2fs -l /dev/sda1

You can also use dumpe2fs /dev/sda1 to list a lot more of the information about the file system, but the above command will neatly list all of the tunable values including the "Filesystem volume name", which is the file system label.

To change the label use the -L or –volume-label option followed by the new desired label. Keep in mind ext2 file system labels can be only 16 characters long, and will otherwise be truncated.

tune2fs -L /dev/sda1 MyFilesystem

Of course, replace "MyFilesystem" with your own desired label and /dev/sda1 with your own device. After you set the label you can specify this file system by its label when using programs like fsck and mount or in the /etc/fstab configuration file by using LABEL=MyFilesystem.

Keep iptables rules after reboot

The iptables command on Linux allows setting the rules for the Linux built-in firewall to follow when filtering packets flowing through the system. The iptables command applies to IPv4 packets and the ip6tables applies to IPv6 packets. When you make modifications to your set up you can save them using the iptables-save command for IPv4 rules and ip6tables-save for IPv6 rules:

In Debian or Ubuntu systems you would therefore do this for IPv4:

iptables-save > /etc/iptables/rules.v4

And this for IPv6:

ip6tables-save > /etc/iptables/rules.v6

And the same for RedHat Enterprise Linux or CentOS:

iptables-save > /etc/sysconfig/iptables
ip6tables-save > /etc/sysconfig/ip6tables

Then you would use the iptables-restore command to restore the saved rules:

iptables-restore < /etc/iptables/rules.v4

Manually restoring your own rules every time you boot the system may be a chore. Luckily there is an easy way to do this automatically. On Debian or Ubuntu just use the iptables-persistent package:

apt-get install iptables-persistent

If you saved your rules in /etc/iptables/rules.v4 as specified above they will load automatically on every boot.

For RHEL or CentOS systems you can simply enable the iptables service:

chkconfig iptables on

And make sure your rules are saved:

service iptables save

How to capture network traffic with tcpdump

With tcpdump you can intercept, read, and save TCP/IP packets flowing through a particular network interface. These packets, which are the fundamental unit of data being transmitted over a TCP/IP network such as the internet, consist of two kinds of data. One is control data and the other is user data. Control data is the information about where the user data is to be delivered, where it's coming from, what is its length, and other information about the actual user data. The user data is the actual data being transmitted, which could include just about anything. It could even include passwords and usernames if this data is sent in clear text and not encrypted.

Simply running tcpdump on the command line will capture and display packets flowing through the eth0 network interface, which is the typical default interface used. However, it will only be indiscriminately listing packets with their control data, and you wont actually see any user data. To display that you'll need to run tcpdump with the -X option:

tcpdump -X

To make what you're getting more useful though we can use a few options. For example, we could save this stuff in a file instead of having it just be dumped on our screen, which makes it pretty hard to read anyway:

tcpdump -X -w packets.txt

Once you run this your packets.txt file will start getting filled up with lots of information really quickly so long as there's any traffic flowing through eth0. Let's say that you're running a web server and someone visits your web site. You would see the HTML contents of the web page being requested in the packets.txt file as user data of that packet. You see everything that's being transmitted. If what is being transmitted is by any chance encrypted though you might only see incomprehensible gibberish, but not making it easy to discern what's being transmitted by intercepting these packets is the whole point of encryption.

What if you wanted to read another network interface, like eth1? Simple, just tell it to capture eth1 packets with the -i option:

tcpdump -X -w packets.txt -i eth1

To listen for any and all traffic, just use -i any instead, and it will listen to all network interfaces.

Here are a few more useful options that help you specify what you want to capture and have dumped by tcpdump. To see all of the options you can check the manpage by running man tcpdump.

To disable resolving hostnames and domains, which can save a bit of time, and display only IP addresses use the -n option. To disable port names, use -nn. With these options the first example would look like this:

tcpdump -Xnn

To show only a certain number of packets and then stop instead of running indefinitely you can specify the -c 20 option, where -c stands for "count", and "20" would represent 20 packets.

tcpdump -Xnnc 20

Finally, if you want to make absolutely sure you see the maximum possible information that is being captured use the verbosity options. You can increase verbosity up to three times. With just -v, -vv, or -vvv for maximum verbosity. Also, we can use the -S option to show absolute rather than relative sequence numbers just to make sure we see the actual numbers. So let's construct a command that would show the maximum possible information on a sample of 100 packets, and store it into packets.txt.

tcpdump -XSvvvc 100 -w packets.txt

And that should get you on the right track to playing with and learning network traffic capture with tcpdump.

Installing VLC in Ubuntu

An extremely popular and extremely powerful VLC Media Player by VideoLAN is known for its ability to play just about any media file format you can throw at it.

Great news is that VLC is readily available from Ubuntu default repositories, and you can install it by opening the Ubuntu Software Center, searching for "VLC", and clicking install.

Or you can just open the terminal and run this apt-get command:

$ sudo apt-get install vlc

If this is just too easy or (more likely) you wish to have the latest and greatest version of VLC you can get one from a third party PPA repository. Note though that this is not officially supported by VideoLAN nor Ubuntu, and you just may run into an occasional bug, even though most of the times everything's fine.

A third party repository is maintained by a user djcj at

You can add this repository by running:

$ sudo add-apt-repository ppa:djcj/vlc-stable

Then update the package database to include the new repository:

$ sudo apt-get update

Now simply install vlc as usual:

$ sudo apt-get install vlc

Also note that if you're gonna be doing any transcoding with VLC you should also install libavcodec-extra, and if you wish to use the VLC browser extension you'll also need browser-plugin-vlc. To make sure you got them all just run:

$ sudo apt-get install vlc libavcodec-extra browser-plugin-vlc

And you're done. For all information about VLC visit its web site at


Ubuntu: how to clean APT cache

Ubuntu uses APT (Advanced Package Tool) for installing, removing and managing software on the system, and in doing so it keeps a cache of previously downloaded and installed packages even after they've been uninstalled.

To save disk space the apt cache can be cleaned. This can be done in one of two ways. First will do it partially:
$ sudo apt-get autoclean
This command will remove only the outdated packages, like those superseded by a recent update, making them completely unnecessary.

This may free up some disk space, but if you want to clean out the cache in its entirety you would run:
$ sudo apt-get clean
This command will remove all of the cached packages, saving the most space. This just means that if you were to ever need a package that was cached it will simply have to be downloaded again. Depending on your connection speed and data plan this may or may not be of concern. Other than that, it is safe to do.

Perhaps noteworthy is that the apt cache resides in /var/cache/apt/archives/. You can see them if you run the ls command on that path or view it in a file manager. Manually removing packages from this directory should be safe, but with the simpler and faster methods above there's no need.

Book Review: Linux iptables Pocket Reference

Linux iptables Pocket Reference (Paperback)

List Price: $9.95 USD
New From: $4.73 USD In Stock
Used from: $2.48 USD In Stock

I've just read a really useful book on iptables: Linux iptables Pocket Reference.

It's a great reference book which is quite short but packed with more details than you'll ever want to know.

For my review of this book, please read the post on Books @ UnixTutorial website: Linux iptables Pocket Reference review.

Welcome to the all new Unix Tutorial!

Hey guys, just wanted to let you know that Unix Tutorial is now sporting a modern theme that will make it even easier to find and read articles on different topics.

Unix Tutorial Priorities for 2014 so far

  • finish the Unix Tutorial: Guide to SSH
  • expand the Unix Glossary section
  • write more about OSX command line

Anyone has more ideas? Please leave a comment so that I know!

How To Confirm Mac OS Version from Command Line

Just a very quick tip today, I stumbled upon this command a while ago and think it may be handy for someone learning the OSX command line.

By using sw_vers command, you can easily confirm the exact version of your Mac OS and the product code (build version) of it:

macbook:~ root# sw_vers
ProductName: Mac OS X
ProductVersion: 10.8.2
BuildVersion: 12C2034