Linux quick reference

tcpdump

Tcpdump is a command-line packet analyser.

Monitor external traffic (i.e. not originating from subnet) with destination 192.168.1.123

sudo tcpdump -i eth0 "not src net 192.168.1.0/24 and dst host 192.168.1.123"

Monitor traffic from 192.168.1.123 going external (outside of subnet)

sudo tcpdump -i eth0 "dst host 192.168.1.123 and not src net 192.168.1.0/24"

SSH using public and private keys

I have made a guide here: Raspberry Pi: SSH using public and private keys

Clear logs to free up space

View log space used

First switch to super user, then list directories and size:

$ sudo -i
# du -h /var/log/

View log file sizes in a specific directory:

# cd /var/log
# du -h *

Delete log files

Delete all .gz and rotated files

find /var/log -type f -regex ".*\.gz$" -delete
find /var/log -type f -regex ".*\.[0-9]$" -delete

Run without -detete to test first.