UNIX / Linux: vi / vim perform search and replace operation

Posted on in Categories , , , , , , , , last updated May 12, 2008

Q. I’ve just installed CentOS Linux server and started to use vi text editor to make changes to config files. How do I perform search and replace operation using vi / vim text editor?

A. vi (vim) is not difficult to learn, the vi editor is well known and used for both writing code and editing config files.

VI search and replace command format

Simple format is as follows:
%s/old-string/new-string/

VI search and replace command examples

Let us say you would like to find a word called “foo” and replace with “bar”.

First hit [Esc] key

Type : (colon) followed by %s/foo/bar/ and hit [Enter] key.
:%s/foo/bar/
Above command will replace first occurrence of word foo with bar on all lines. The % is shorthand for all lines.

To replace all occurrences of word foo with bar on all lines, use the g option (which indicates all occurrences on a line).
:%s/foo/bar/g

Note that the g can be replaced with a number 1,2,…N to change only the n’th occurrence on each line.

Use find and replace on line ranges (match by line numbers)

You can also make changes on range of lines i.e. replace first occurrence of foo with bar on lines 5 through 20 only, enter:
:5,20s/foo/bar/

Following command will replace first occurrence of foo with bar starting at the current line for the next 100 lines:
:.,+100s/foo/bar/

Match by words

Finally, you can match by words i.e. replace first occurrence of foo with bar starting at at the next line containing a word “test”:
:/test/s/foo/bar/g
As usual you can specify ranges:
:/test/,/guest/s/foo/bar/g

Please note that all search/replace commands should be start with the [ESC]: keystroke combination only.

Linux Firewall: Display Status and Rules of Iptables Firewall

Posted on in Categories , , , , , , , , , last updated January 17, 2008

Q. How do I display / list all rules in the selected chain? How do I find out which rules are active? What is blocked and opened with my firewall?

A. To List all rules in the selected chain use the -L option. If no chain is selected, all chains are listed. As every other iptables command, it applies to the specified table. The -n option help to print IP addresses and port numbers in numeric format.

To check the status of your firewall and all rules, enter:
# iptables -L -n
OR
$ sudo iptables -L -n
Output:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
droplist   all  --  0.0.0.0/0            0.0.0.0/0           
droplist   all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  66.228.118.0/23      0.0.0.0/0           
DROP       all  --  213.240.4.233        0.0.0.0/0           
DROP       all  --  75.126.132.23        0.0.0.0/0           
DROP       all  --  80.58.205.35         0.0.0.0/0    
.....
...
.....
DROP       all  --  91.200.56.0/22       0.0.0.0/0           
LOG        all  --  91.200.72.0/22       0.0.0.0/0           LOG flags 0 level 4 prefix `DROP List Block' 
DROP       all  --  91.200.72.0/22       0.0.0.0/0           

The –line-numbers option adds line numbers to the beginning of each rule, corresponding to that rule’s position in the chain. The -v option makes the list command show the interface name, the rule options (if any), and the TOS masks. The packet and byte counters are also listed, with the suffix K, M or G for 1000, 1,000,000 and 1,000,000,000 multipliers respectively (but see the -x flag to change this).
# iptables -L -v -n --line-numbers