• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

The FreeBSD SysAdmin's Favorite Tools

APseudoUtopia

Member

Thanks: 1
Messages: 20

#1
Hey everyone,

I've been using FreeBSD for about 2 years now, and I've loved every minute of it. I've been discovering new programs/tools almost every week that do something that just make me think "damn, that was cool!"

I was thinking it would be helpful to newcomers, as well as users like myself, and even maybe experienced gurus, to make up a list of awesome sysadmin software. Such as sysutils like portupgrade, lsof, mtr, and other software like cacti, whatmask, cmdwatch, and daemontools.

So, what's your favorite FreeBSD sysadmin tool? Please include a quick description of it.
 

brd@

Administrator
Staff member
Administrator
Moderator
Developer

Thanks: 89
Messages: 297

#2
Hmm.. lets see..

Nagios - Monitor your network to make sure the services and hosts are up.
Samhain - File integrity monitor.
Portaudit - Check your install ports against a database of vulnerable ports.
Screen - Terminal multiplexer.

Thats all I can think of right now..
 

jonathan

New Member


Messages: 3

#3
ive done nagios, but ive just recently discovered zabbix at my new job. it has both a server and client, and can tell you just about everything you never wanted to know about windows, *.nix, and practically any host you want to monitor.
 

ken

New Member

Thanks: 1
Messages: 10

#4
Too many to list but one in particular worthy of mention is portmaster. I used portupgrade for years, and it was a godsend in it's day, but for last couple have replaced with Doug Barton's excellent portmaster

/bin/sh based so no need for additional packages such as Ruby, db4, etc. Also much, much faster.
 

bsddaemon

Active Member

Thanks: 14
Messages: 101

#5
My pick would be SSH, tcpdump, sed, awk and shell script. Cant leave home without them :D
 

hedwards

Active Member

Thanks: 21
Messages: 207

#6
I think that portmaster, awk, sed, grep, screen and bacula are pretty much must haves in most cases. The time it takes to learn sed, awk and grep properly is time well spent. Even learning to use them a little bit can save a huge amount of time and effort.

With ZFS, I may give up on bacula and just dump the snapshots to a separate storage system for back ups. But I'm not sure how I'd be able to give up the database portion.
 

kmf

New Member


Messages: 2

#8
Hi APseudoUtopia,
A day rarely passes without me using sed / awk.

Never under estimate the power of a editor ... (vi) :)

We are busy testing, OCS Inventory + GLPI, so that we can keep track of all our assets and systems.

Karl
 

snes-addict

New Member


Messages: 14

#9
Let's see...

Although I'm an Emacs fan, I always use vi for editing system configs and short memos.

I've been using ftp quite a bit recently, also.

I have always loved the ports tools (portupgrade, portsnap, etc.).

The lynx or links browsers are also awesome on systems without X11, and are especially a must on those systems when something goes wrong and advice from others is needed.

On systems where keeping track of file modifications is important, rcs, cvs, and Subversion are the way to go.​


Aw, heck, the entire base system is the best administrative tool! FreeBSD is just that good.
 

ken

New Member

Thanks: 1
Messages: 10

#10
hedwards said:
I think that portmaster, awk, sed, grep, screen and bacula are pretty much must haves in most cases. The time it takes to learn sed, awk and grep properly is time well spent. Even learning to use them a little bit can save a huge amount of time and effort.

With ZFS, I may give up on bacula and just dump the snapshots to a separate storage system for back ups. But I'm not sure how I'd be able to give up the database portion.
Ditto. Although you can use Bacula with ZFS, you loose the NFS ACL bits. Tis' a shame really, because otherwise Bacula just rocks! Perhaps once ZFS sees critical mass with the penguinistas we'll see that change.
 

anomie

Aspiring Daemon

Thanks: 116
Messages: 783

#11
Favorite network troubleshooting tools:
  • nmap - tcp/udp port scanner, lots of features (see the av)
  • tcpdump - packet analyzer
  • arpwatch - passive ethernet sniffer, keeps MAC / IP address db
 

locnar

New Member


Messages: 2

#12
dvtm

I agree with all those that have been listed so far, but I have to add one. dvtm (in the ports) is a great little command line terminal manager. It has two great features: One, it doesn't react poorly with screen, so you can call it from with in a screen session and just keep working as screen lets you and as dvtm lets you. Two, having a file and another file right next to each other for comparing in two or more windows with only one terminal saves loads of setup time for my work day.
 

nabsta

New Member

Thanks: 9
Messages: 7

#14
jonathan said:
ive done nagios, but ive just recently discovered zabbix at my new job. it has both a server and client, and can tell you just about everything you never wanted to know about windows, *.nix, and practically any host you want to monitor.
So could you tell us more about how Zabbix could be installed on freebsd, some hints would be great for all;)
 

vermaden

Son of Beastie

Thanks: 902
Messages: 2,578

#15
Besides tools that are already mentioned I would add these:
vi | sh -x | (g)shred | when | lsof | sockstat | top -P | top -b -ores | rsync | scp | urxvt -pe tabbed | lftp | luit | zsh | mtr | arping | pbzip2 | vim -d

locnar said:
Two, having a file and another file right next to each other for comparing in two or more windows with only one terminal saves loads of setup time for my work day.
Have you tried: vim -d files_to_compare.*
 

bsddaemon

Active Member

Thanks: 14
Messages: 101

#16
vermaden said:
Besides tools that are already mentioned I would add these:
vi | sh -x | (g)shred | when | lsof | sockstat | top -P | top -b -ores | rsync | scp | urxvt -pe tabbed | lftp | luit | zsh | mtr | arping | pbzip2 | vim -d
They are indeed good ultilities, but they are more like every day, general tools, rather than administrative tools
 

vermaden

Son of Beastie

Thanks: 902
Messages: 2,578

#17
bsddaemon said:
They are indeed good ultilities, but they are more like every day, general tools, rather than administrative tools
vi --> edit config files
sh -x --> debug scripts
lsof --> check "blocked" files
sockstat --> check "blocked" files
top --> no comment
rsync --> remote backup
scp --> can be used for remote backup or temporary file ransfers
mtr --> network troubleshooting
arping --> network troubleshooting
vim -d --> compare config files


Isn't THAT administration?
 

Daemony

New Member


Messages: 13

#19
screen screen screen

the first and the best tool for me!
portupgrade - has the second place here. :)
 

bsddaemon

Active Member

Thanks: 14
Messages: 101

#20
Geoff said:
rsync has saved my bacon on numerous occasions, also love daemontools, ucspi-tcp and netcat
I heard R1Soft has better file archive algorithm comparing to rsync, pity it is not free, in fact it is damn pricey. It is mostly for commercial, business, mission critical use.

But indeed rsync is one of the excellent application out there, I wish it came with FreeBSD out of the box.

Back in the day I was writing a port scanning shell script (just for fun actually, and because nmap is kinda noisy). My script is telnet based, but I realised telnet doesnt support UDP, then I found netcat (aka. nc). But netcat was not better, actually it was more than useless. It reported every UDP port open???

%nc -vzu google.com 3000-3005

Connection to google.com 3000 port [udp/*] succeeded!
Connection to google.com 3001 port [udp/*] succeeded!
Connection to google.com 3002 port [udp/*] succeeded!
Connection to google.com 3003 port [udp/*] succeeded!
Connection to google.com 3004 port [udp/*] succeeded!
Connection to google.com 3005 port [udp/*] succeeded!
I must be missing smt here?
 

cnr

New Member

Thanks: 1
Messages: 4

#21
my basic and favorite tools;
vim, top, rsync, portaudit, portsnap, freebsd-update, tcpdump and pftop ;)
 

locnar

New Member


Messages: 2

#22
vermaden said:
Besides tools that are already mentioned I would add these:
vi | sh -x | (g)shred | when | lsof | sockstat | top -P | top -b -ores | rsync | scp | urxvt -pe tabbed | lftp | luit | zsh | mtr | arping | pbzip2 | vim -d


Have you tried: vim -d files_to_compare.*
Yes, Yes I have. dvtm allows for a bit more flexability and it is repeatable for my co-workers who see me doing neat things, but can't stand vim. dvtm is just a window manager in ncurses. I can tail a maillog, be running top, and have the config file open in one terminal. I guess I used a silly example for why it is a great tool to have on your system.
 

vermaden

Son of Beastie

Thanks: 902
Messages: 2,578

#23
locnar said:
Yes, Yes I have. dvtm allows for a bit more flexability and it is repeatable for my co-workers who see me doing neat things, but can't stand vim. dvtm is just a window manager in ncurses. I can tail a maillog, be running top, and have the config file open in one terminal. I guess I used a silly example for why it is a great tool to have on your system.
Thanks for explanation.

I have heard about it some time ago (dvtm) but did not had time to check it, but I definitely will in some closer time.
 

oliverh

Aspiring Daemon

Thanks: 38
Messages: 557

#24
Without screen I would be sometimes lost ;-) Vi is such an essential tool too, rsync and of course more or less some of the above mentioned tools.
 

thortos

New Member

Thanks: 3
Messages: 12

#25
bsddaemon said:
telnet doesnt support UDP, then I found netcat (aka. nc). But netcat was not better, actually it was more than useless. It reported every UDP port open???

I must be missing smt here?
Yes you are. UDP is connectionless It throws the packets by the way of the destination and doesn't care about them once they're gone. This is why you can't telnet via UDP (you can't connect with a connectionless protocol), and this is also why the output of nc is correct - it could perfectly send out the packets, which is all it cares about.

I agree that using the word "connection" in the nc output is confusing in this use case, but maybe the authors of nc assumed that people using it know what they're doing.

Maybe you want to do some basic reading on IP networking, it's an interesting thing to get into. Also, I hope you're not responsible for any network security. :e