6 个已弃用的 Linux 命令以及你应该使用的工具
在软件开发中,由于硬件和环境的改进,事情以惊人的速度发生变化。出于同样的原因,工具也在发生变化。有时,旧工具不能很好地适应变化,因此它们最终会逐渐消失并被其他实用程序取代(新工具是否比以前的工具更好尚有争议)。
本文分享了一些您可能仍在使用的旧工具、您应该使用哪些工具以及为什么您应该改用这些提供相同甚至更多功能的改进的替代方案。这些工具也得到了很好的维护。以下是我的列表,无特定顺序。
egrep 和 fgrep:改用标志
令人尊敬的grep命令是Unix 操作系统哲学的最佳例子之一:
编写只做一件事的程序,并做好它。编写程序以协同工作。编写程序来处理文本流,因为这是一个通用接口。
egrep
(扩展的 grep )工具使用正则表达式来匹配一行。但是,egrep
已弃用,取而代之的是使用grep
带有标志的 正则grep -E
。例如:
$ egrep '^[fj]' /etc/passwd
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
josevnz:x:1000:1000:josevnz:/home/josevnz:/bin/bash
$ grep -E '^[fj]' /etc/passwd
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
josevnz:x:1000:3000:josevnz:/home/josevnz:/bin/bash
两个示例都与文件中以字母j或f开头的行匹配/etc/passwd
。
添加新标志的另一个示例是fgrep
。fixed grep 命令使用固定字符串进行匹配(没有优化,因此比正则表达式更快),而不是-E
。它已被 取代grep -F
。以下是比较:
$ fgrep 'josevnz' /etc/passwd
josevnz:x:1000:3000:josevnz:/home/josevnz:/bin/bash
$ grep -F 'josevnz' /etc/passwd
josevnz:x:1000:3000:josevnz:/home/josevnz:/bin/bash
为什么要替换 egrep 和 fgrep?
使用标志来让工具提供类似的行为更有意义。您只需要知道grep
使用标志可以使用正则表达式或执行精确搜索。
nslookup:还活着,但不太好
如果你曾经尝试获取如下服务器的 IP 地址,请举手:
$ nslookup kodegeek.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: kodegeek.com
Address: 50.63.7.206
的替代方案nslookup
是dig
。这里有一个与上面类似的例子:
$ dig @192.168.1.1 kodegeek.com A +noall +answer +nocmd
kodegeek.com. 600 IN A 50.63.7.206
下面,交互模式显示如何获取同一台服务器的指针(PTR)记录(这是通过提供 IP 地址来获取服务器名称的反向查找):
> set type=ptr
> 50.63.7.206
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
206.7.63.50.in-addr.arpa name = ip-50-63-7-206.ip.secureserver.net.
Authoritative answers can be found from:
中的等效命令dig
如下所示:
$ dig -x @192.168.1.1 kodegeek.com +noall +answer +nocmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22696
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;1.1.168.\@192.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
in-addr.arpa. 3549 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022033331 1800 900 604800 3600
;; Query time: 24 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Tue May 17 05:08:21 EDT 2022
;; MSG SIZE rcvd: 122
kodegeek.com. 600 IN A 50.63.7.206
该dig
命令可以执行nslookup
无法执行的操作。例如,您可以请求域区域(包括所有记录类型)的 DNS 转移,以备份您的 DNS 域:
$ dig +short ns kodegeek.com
ns51.domaincontrol.com.
ns52.domaincontrol.com.
$ dig axfr kodegeek.com @ns51.domaincontrol.com.
# *Note:* In this case it won't work because kodegeek.com has a domain protection. But the domain in your intranet may work.
However, nslookup
can do things that dig cannot, like the friendly interactive mode, which is very useful when exploring DNS domains. It can also run in non-interactive mode.
So what's the difference? The dig
utility uses the operating system resolver libraries (the libraries that perform address lookups on DNS) and nslookup
does not. The two may behave differently when resolving addresses.
Why was nslookup replaced?
Actually, nslookup
was not replaced by dig
(or host
). Per Wikipedia:
nslookup was a member of the BIND name server software. Early... in the development of BIND 9, the Internet Systems Consortium planned to deprecate nslookup in favor of host and dig. This decision was reversed in 2004 with the release of BIND 9.3, and nslookup has been fully supported since then.
So it is perfectly fine to use both.
ifconfig, netstat, route: Try ip
You could use ifconfig
to get information about network interfaces and change their settings. For example:
$ /sbin/ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:43:f9:d0:b4 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp1s0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 00:1f:f3:46:38:96 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 30 bytes 1170 (1.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30 bytes 1170 (1.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wls1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.16 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::ac00:48ea:c7a6:1488 prefixlen 64 scopeid 0x20<link>
inet6 fd22:4e39:e630:1:6688:3ffd:ea5b:d9e9 prefixlen 64 scopeid 0x0<global>
ether 00:23:6c:7b:db:ac txqueuelen 1000 (Ethernet)
RX packets 1115786 bytes 107099421 (102.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 548530 bytes 359598134 (342.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
However, ifconfig
was replaced by ip
. Here is how to list your network interfaces using ip
:
$ ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether 00:1f:f3:46:38:96 brd ff:ff:ff:ff:ff:ff
3: wls1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:23:6c:7b:db:ac brd ff:ff:ff:ff:ff:ff
inet 192.168.1.16/24 brd 192.168.1.255 scope global noprefixroute wls1
valid_lft forever preferred_lft forever
inet6 fd22:4e39:e630:1:6688:3ffd:ea5b:d9e9/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::ac00:48ea:c7a6:1488/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:43:f9:d0:b4 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
Another useful tool is route
. Use the following command to check the routing table (the information on how your machine connects to other machines):
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wls1
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wls1
The ip
command can also show the routing table. The following example shows why this tool took over:
$ ip route list
default via 192.168.1.1 dev wls1 proto static metric 600
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.1.0/24 dev wls1 proto kernel scope link src 192.168.1.16 metric 600
Another utility that was replaced is netstat
. With netstat
, you can see the list of active connections, among other things. For example, to see the list of active listening TCP connections on your servers without name resolution, type:
$ /usr/bin/netstat --numeric --tcp --listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 :::9323 :::* LISTEN
tcp6 0 0 :::5355 :::* LISTEN
tcp6 0 0 :::9100 :::* LISTEN
In this case, the command ss
is the replacement:
$ ss --numeric --tcp --listen
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 127.0.0.1:631 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 4096 *:9323 *:*
LISTEN 0 4096 [::]:5355 [::]:*
LISTEN 0 4096 *:9100 *:*
Why were ifconfig, route, and netstat deprecated?
In this case, a lack of maintenance was the downfall of these tools. Newer tools took their place, according to Wikipedia:
Many Linux distributions have deprecated the use of ifconfig and route in favor of the software suite iproute2, such as ArchLinux or RHEL since version 7, which has been available since 1999 for Linux 2.2. iproute2 includes support for all common functions of ifconfig(8), route(8), arp(8), and netstat(1). It also includes multicast configuration support, tunnel and virtual link management, traffic control, and low-level IPsec configuration, among other features.
Takeaway lessons
- It is a good idea to keep up with the latest tools, as developers fix bugs and add useful functionality that may not be present in older versions. It is all about being more productive.
- Old software tends not to get bug fixes. If left unattended, some of them could compromise your system.
- And not every claim that a tool is deprecated is true! As usual, do your homework and make sure your utilities are up to date.