Thursday 31 January 2013

How SSL Handshake Works


* An SSL session always begins with an exchange of messages called the SSL handshake.
    
* Here is summary of the steps involved in the SSL handshake. 

1. The client sends the server the client's SSL version number, cipher settings, randomly generated data, 
and other information the server needs to communicate with
 the client using SSL.

2. The server sends the client the server's SSL version number, cipher settings, randomly generated data, and other information the client needs to communicate with the server over SSL.

 The server also sends its own digital certificate and, if the client is requesting a server resource that requires client authentication, requests the client's digital certificate.

3. The client uses the information sent by the server to authenticate the server.If the server cannot be authenticated, the user is warned of the problem that an encrypted and authenticated connection cannot be established. If the server can be successfully authenticated, the client proceeds.

4. Using all data generated in the handshake so far, the client creates the pre-master secret for the session, encrypts it with the server's public key (obtained from the server's digital certificate), and sends the encrypted pre-master secret to the server.

5. If the server has requested client authentication (an optional step in the handshake), the client also signs another piece of data that is unique to this handshake and known by both the client and server. In this case the client sends both the signed data and the client's own digital certificate to the server along with the encrypted pre-master secret.

6. If the server has requested client authentication, the server attempts to authenticate the client. If the client cannot be authenticated, the session is terminated. If the client can be successfully authenticated, the server uses its private key to decrypt the pre-master secret, then performs a series of steps which the client also performs, starting from the same pre-master secret to generate the master secret. 

7. Both the client and the server use the master secret to generate session keys which are symmetric keys used to encrypt and decrypt information exchanged during the SSL session and to verify its integrity.

8. The client informs the server that future messages from the client will be encrypted with the session key. It then sends a separate encrypted message indicating that the client portion of the handshake is finished.

9. The server sends a message to the client informing it that future messages from the server will be encrypted with the session key. It then sends a separate encrypted message indicating that the server portion of the handshake is finished.

10. The SSL handshake is now complete, and the SSL session has begun. The client and the server use the session keys to encrypt and decrypt the data they send to each other and to validate its integrity.

SSL Alert Protocol

* The SSL Alert Protocol signals problems with an SSL session.

* Alert messages convey the severity of the message and a description of the alert.

* Upon transmission or receipt of a fatal alert message, both parties immediately close the connection. 

* The client and the server must communicate that the connection is ending to avoid a truncation attack. 

* Either party may initiate the exchange of closing messages. 

* Normal termination occurs when the close_notify message is sent.

* This message notifies the recipient that the sender will not send any more messages on this connection. 

* The session becomes un-resumable if any connection is terminated without a proper close_notify message. 

The following error alerts are defined:-

 handshake_failure
 no_certificate
 bad_certificate
 certificate_expired
 unsupported_certificate
 certificate_unknown

Cipher-Spec-Protocol

* The change cipher spec message is sent by both the client and server to notify the receiving party that subsequent records will be protected under the just-negotiated CipherSpec and keys.


* It exists to update the cipher suite to be used in the connection. 

* It permits a change in the SSL session occur without having to renegotiate the connection.

* The message consists of a single byte of value 1. 

* There are two states for the change cipher spec message.
    * Read Current
    * Read Pending 

* The change cipher spec message is normally sent at the end of the SSL handshake.
   
@ A cipher suite is a set of cryptographic algorithms.

   * The SSL handshake protocol determines how the client and server negotiate which cipher suites they will use. 

@ The most commonly used cipher suites are:

    DES (Data Encryption Standard)
    DSA (Digital Signature Algorithm)
    KEA (Key Exchange Algorithm)
    MD5
    RC2
    RC4
    RSA
    SHA-1 (Secure Hash Algorithm)
    SKIPJACK
    Triple DES




Shell Scripting Basics For Easy Reference


The first line in your script must be #!/bin/bash, that is a # (Hash) followed by a ! (bang) followed by the path of the shell, (#!) known as hashbang or shebang or poundbang. This line lets the environment know the file is a shell script.

#! -- shebang or hashbang

---> Interactinve and Non-Interactive shell interfaces

---> In interactive we get direct access, we can do any thing on the shell.

---> shell performs command line parsing # cd --- takes us to the users home directory

---> shell is comes as follows " username@name-of-the-system current-directory"

---> # shows as root level user

---> $ normal level user

---> Files in bash which helps to customise user's environment:- system and user level configuration files

---> The less root level privilage you use with script that much better

---> Built-in and non-built-in commands are there.

---> vim /etc/profile --------- a global configuration file. system wide environment and startup for 
login-setup also configure functions and alias in /etc/bashrc and bashrc.

---> hostname,history size and several login options 
are able to configure in /etc/profile, And bash reads
its global settings from the file /etc/profile 
( main bash config file). which contains system wide
environmental variables.

---> Define variable with upper-case. System variables 
and User Defined variables. System Variables usually in 
caps and User Defined variables usually in lowercase letters.

---> bashrc file also contains aliases and functions, 
any logic which is performed on a user which loges into the
system goes to " bashrc " where as /etc/profile contains 
global variables(mail,logname etc).

---> /etc/skel, contains .bash_logout, .bash_profile, 
.bashrc, these imp files. When you logout anything 
specified in .bash_logout will happen.

If we make any changes in /etc/skel only new users which 
created will inherit the new properties not the existing
users. In-order to affect the currently existing users in 
system you have to modify there individual .bash_ files.

---> ~ in bash represents users home directory.

---> when a user logged-in first a system wide file 
and then user based files are read. 
 /etc/profile,/etc/bashrrc, ~/.bash_profile, ~/.bashrc

---> when you create a new users using useradd, 
what all files are there in /etc/skel are copied 
in their home directory automatically.

---> In redhat linux bash is the default shell.

---> anything prefixed by a $ sign acts as a variable
When ever you created a variable, in-order to get it 
on the bash you have to export it,just defining is not 
enough, you have to export it(/etc/profile )

---> variables are of two types, system variables and user defined variables.

# echo $SHELL
# echo $PATH

---> variablename=value
         n=10
# echo $n -----> $ sign is used with the variable in-order
 to print the contents of the variable ($n).

---> To define a null variable n=""

---> echo command to display the test or value of a variable.
some options include -e, -n, \n---> new line, -t etc.

----> userlevel variable set in .bash_profile helps to 
over-ride the global variable set in /etc/profile.Check by
setting variables in /etc/profile and in .bash_profile for a user and echo it in the shell eg: # echo $TEST

And this user level variables did not affect globally.

----> If we export the variables in /etc/skel files,
when we created a new user it will export the same variables for new user as well, no need to export it seperately so we can save time as well.

Conditional testing / Comparison / Decision making


Bash invokes 'test' when ever we needs comparisons between
strings,files etc. test allows conditional testing.
To instruct bash we are doing a test we can either use
" [ expression ] " bracket or " test expression " itself.

eg:- # test 1 -eq 1 OR [ 1 -eq 1 ]

either way we can use the comparison.

---> in shell $? acts as an exit-status variable. In a
command/script it will return two types of values, 
if return value is zero command is successful, if return value is non-zero command is not successful.

$? ----> gives the exit status of previously executed command. In unix terminology 0 is good and if it is any other number say 1,2 etc command is not executed properly.And in boolean terminology 0 is false and 1 is true. If a false value it will display from -1,32 but not zero.

# echo $?

---> Different operators in shell script for comparision are:

-eq, -le, -ge, -ne, -lt, -gt

 -eq = equal to


 -ne = not equal to


 -lt = less than


 -le = less than or equal to


 -gt = greater than


 -ge = greater than or equal to


example:- with "test" and "[ ]"

 if test 5 -eq 6 OR if [ 5 -eq 6 ]

 if test 5 -ne 6 OR if [ 5 -ne 6 ]


 if test 5 -lt 6 OR if [ 5 -lt 6 ]


 if test 5 -le 6 OR if [ 5 -le 6 ]


 if test 5 -gt 6 OR if [ 5 -lt 6 ]


 if test 5 -ge 6 OR if [ 5 -ge 6 ]



We can use both ways of comparision, just check below as well. the below set is mainly used for "string comparision".

---> For comparing strings of characters,

 test hai  = hai

 test hai != hai


---> another good function is checking "NEWER THAN ( -nt )", say create new files and check whether one is newer than other.

 eg:- touch test1
      
      touch test2  ---- both have same timestamp when we type but have a seconds difference. Let's check how it working

 [ test1 -nt test2 ]; echo $?

 We can use "OLDER THAN ( -ol )" as well. 

 [ test1 -nt test2 ]; echo $?

---> we can check other files whether it is a "character devices" or "block devices"

eg:-  test -b test1; echo $?
     
      test -c /dev/cdrom; echo $?

---> Also we can check whether a file existing or not

 test -e testing3; echo $? --- it will return 1 if not existing. We can check both files and directories like this.


---> check whether its a regular file or not

 mkdir testing3

test -f testing3; echo $? ----> will return 1 and its not a regular file.

now remove testing3 and touch a file called testing3 and run the previous command

test -f testing3; echo $? ---> it will return 0 and its is a regular file.

  [ -f testing3 ]; echo $?

---> we can also check for sockets as well 

test -S /var/lib/mysql/mysql.sock ; echo $?

---> Zero byte or non-zero byte file

test -s file3; echo $?

check man test for more options.


Shell also Test for Files and Directories 

-s file --- File exists and it's a non-empty file ie, file contains something.
-f file --- File exists and it's a normal file and not a directory
-d dir  --- File exists and it's a directory 
-w file --- File is writable, need write permission on the file
-r file --- File is readable
-x file --- File is Executable

 Operator and Its Meaning

 ! expression ---> Logical NOT

 expression1 -a expression2 ---> Logical AND


 expression1 -o expression2 ---> Logical OR



 Shell Arithmetics

# expr 1 + 1
  
  expr 2 - 1

  expr 10 / 2


  expr 20 % 3 ---- remainder


  expr 10 \* 10 ---- multiplication



Quotes inside the shell

" " ------> Double quote ----> Anything enclosed in double quote removes meaning of those character ( except \, `, and $ )

 '   ------> Single quote ----> Anything enclosed in single quote remains unchanged

 `   ------> Back quote   ----> To execute command

eg: echo "Today is `date`"

    echo `expr 6 + 3` 

 Reading input from command line/standard input

" read " statement is used to get input (data) from user and store the data in a variable.

eg:- # echo "your name:"
     # read fname
     # echo "Hello $fname, let's be friends.


Command line arguments

 When you run the command # ls file1 file2 file3, ls is the command and file1,file2,file3 are command line arguments passed to it.

Hence command has 3 command line arguments,

---> $# holds number of arguments specified on command line.And $* or $@ refers to all arguments passed to script.

---> $* expands to a single variable containing all the command line parameters separated by space.

---> $@ expands to a list of separated words, each containing one of the command line parameters.

---> $# is the number of parameters excluding $0

These command line arguments to shell script are known as "positional parameters".

---> $1 represent first argument, $2 represents second argument, $3 represents third argument and so on.


 Basic commands in bash environment

---> cat # concatenate files ( standard input to standard output), which works with the beginning of the file.

---> tac # which performs reverse of cat

---> cat test1
---> cat < tst1 # both performs same operation

---> cat -A test1

ctechz$
scripting$
test$
ctechz^Itest

in the above examp, it prints all lines and contains a $(regular expression) sign which indicates the end of the line. ^I which indicates a tab(if we press tab after ctechz onlt it will show).

-A --- show all
-T --- show Tabs
-s --- squeeze-blank ---- which will remove the blank spaces

---> cat test1 test2 > test1A # all datas in test1 and test2 are updates in test1A

---> tac test1 # it will perform the reverse of the cat, ie, cat will display from the first line of the file to last line and tac will display from the last line to first line.

---> which # tells the location of a command

---> /var/log/messages # system messages files

---> wc # count

wc file1 # it will display number of lines,words,characters in a file.

---> cut # wc -l test1 | cut -d ' ' -f 7
        
here -d represents delimeter here it is space ' ' --- represents space and -f represents field. Specify the delimeter in a single quote.

---> ls

---> ls --time=atime -lrt test1 # shows the last access time os test1 file

ls --time=ctime -lrt test1 # shows the last modification time

---> sleep # the number of sec the script should sleep for

   sleep 5 -- sleep for 5 sec

---> usleep # it counted in micro sec

---> time # it shows how much time it take to run a command

      time cmd

---> ps -aux # shows all the proceses running.

---> watch  # will refresh in every 2sec, 

    watch tail /var/log/messages

---> date  # date +FORMAT

    date -r filename # gives last modification time of the file


---> expr # man expr

expr 10 * 100 give an error because astrix in bash is a reserved character, is a wildcard so we have to use escape character( \ ) so just escape the character using a back slash.

     expr 10 \* 100

---> let 

ex:- # i=1
     # echo $i -- it will return value 1
     # i=`expr $i + 1` -- it will increment the value
     # echo $i -- it will return value 2

---> expr ctechz = ctechz --- which will trturn 1, which is a boolean true.

---> expr length ctechz --- will return the lenght of the string.

---> expr substr ctechz 1 5 ----> shows substring operation

here 1 mans first character and 5 means characters, ie, it prints up to 5 characters.

   var1=ctechz
   expr substr $var1 1 4
  or expr length $var1

---> touch `date +%F`.log
         2012-08-12.log


 Job controls

# seq 50 ---- will print 1 to 50 ( sequence cmd )
 seq 0 9 ---- from zero to nine

 seq helps in constructing loops.

---> # ctrl+z sends a job to background & fg sends the job to foreground.

# jobs  cmd we can use to list the jobs.will list those running in background as well.

you can kill the backgroung jobs by bring it to foreground and press ctrl+c

---> and also we can use & to sent a job to background instead of pressing ctrl+z.

  seq 10000000 > junk.log &

and we can see those jobs running in background using "jobs" command. We can see the file growth using 'watch command"

 # watch ls -l junk.log

sort and uniq

sort will sort the datas that you are passing to it. and uniq command will eliminate the duplicate entries.

# vim data.log
1
2
ctechz
zero
btechz
centos

then check using sort # sort data.log

it will sort all the values, then run # sort data.log | uniq

when we sort the values and pass it to uniq it will eliminate the duplicate entries coming when we sorting the file.

---> cut helps to specify the delimeter.

   cat /etc/passwd | cut -d: -f2
   cat /etc/passwd | cut -d: -f1,3
                             -f1,3,7


Character translation command " tr "

 # echo DATA1 | tr A-Z a-z  --- here it changes all the uppser case letters of DATA1 to lower case letters.
                 ( a-z A-Z as well )

  -s squeeze-repeats
  
ex:- # echo FILEE | tr -s A-Z
      FILE --- it will eliminate one repeated E from FILEE.

   # echo FILEE | tr -s A-Z | tr A-Z a-z
      file

 Or else we can use it in another way as well

 # echo FILEE | tr -s A-Z | tr [:upper:] [:lower:]
  file

 -c Compliment 

ex:- # echo DATA1.Log | tr -c A-Z z
      DATAzzLzzz

 will replace all lowercase letters with z

[ #!/bin/bash
  #Author: Jeffin Mathew
  #Date: 12.08.2012
  #Purpose: purpose of the script
]

# touch --- for creating files
  
 # touch file1 file2

 # touch FILE{1,2,3,4,5}

 Built in commands

cd ~  ---> home dir of currently loged in user

read ----> which allows us to read variables from command line.

 # read test  ----> shell waits for us to give a value for test and use echo command to get the value back.

 # read firstname lastname
 jeffin mathew -----> give two values for the abouve variables.

 then echo the value of each variables or echo each values together # echo $firstname $lastname

# read -n 3 answer ---- -n option helps us to specify how many characters it can except before existing.
   echo $answer

we can get the values of all thse variables using # set, 

--> set | grep answer, it will list answer=yes
    set | grep lastname

---> and when we close the shell this variables disappear. And also We can remove this variable using the command # unset variablename.

# unset lastname
# echo $lastname

source 

 if we have a script which is not an executable script while we try to run it say, ./script.sh it will give a permission denied message.( if any command that is executable, then we can finish it using tab completion option or else tab will not work )

 then to execute the previous command run # source source.sh --> it will return the answer.
                                          # . source.sh

---> export -----> for exporting the variables

   # test=1000
  #  export test
  #  set | grep test

and eg:- # set | grep pwd


 Brace Expansion

# touch test{1,2,3}  ---- will create 3 files named test1,test,test3.

 with this we can add suffix also say, # touch test{1,2,3}_file. it will create files called touch1_file,touch2_file,touch3_file.

# mkdir test{1,2,3,4,5}

# mkdir -p jeffin mathew ctechz

# mkdir test {1,2,3,4,5}{6,1,8,9} ---> each left side characters will get a match in the right.

# rm -rf files{1,2,3} ---> to remove files other that rm -rf *

 Aliases

# vim .basrc

alias rm='rm -rf'
alias cp='cp -prf'
alias vi='vim'

after set like this "source" or "."the file inorder to work at the same time. 

remebmer we can give this alias in either /etc/bashrc or in .bashrc

To know which all aliases are set just run the command # alias

# alias ls='ls -l' ---> we can set alias like this as well. no export is necessary.

# unalias nameOfTheAlias ---> to unset an alias.

  unalias rm

 Exit Status / Error Levels

if we try to run a command that is not exit in the system an error status of 127 will return.

if we run a valid command with a bad argument it will return exit status 1.

While we execute certain command and it return an error, and if its exit status return error number 126 means there are some permission problems.

# exit

---> The exit status is mainly based on the last command it is run in the bash.

Command Chaining

Multiple commands in a single line. We can use | or ; for that.

# command1; command2; command3; command4.

 ctrl+A takes us to the beginning of the command line and Ctrl+E takes us to the end of the command line.

&& ----> command1 && command2 , if we put && (and) in between two commands the second one execute only if the first command is executed successfully or is the first command is return an exit status of zero.

|| ----> command1 || command2 , if we put ||(or) in between two commands the second command will executed only if the first one fails or if the first commands exit status is other than zero.

 I/O Redirection

Standard In and standard Out

When we run a command the standard-in is the keyboard and standard-out is the screen.

' < ' ---> used for Input Redirection

# cat < cmdFile ---> Redirecting the standard input to cat. Here the input is taking from cmdFile.

# grep Hello < cmdFile

 grep searches matching string and returns entire row.

' > ' ---> used for Output Redirection

# cat cmdFile > NewFileName  ----> redirect the output to new file called NewFileName.

' >> ' ---> we can append the commands to a file. if we give only one > it will over ride the existing file.

# grep Hello < cmdFile > cmdFile2.txt

 Pipes

Pipe allows to connects the output stream of a command "A"to the input stream of another command "B".

ls -a we can see hidden . and .. , the single . indicates the current directory and double .. indicates the root directory /.

to count the line count in a directory use # ls -A | wc -l. -A avoids listing . and ..

# ls | wc

3  3  15

3 files, 3 rows, and 15 characters.

 Command Substitution

use back quote for command substitution. ` `

# variable=`ls -l /etc`  ---> if we echo the contents of the variable it display the results in an ugly format. To preserver it in a good format use the following:

# echo "$variable" ---> if you want to preserve the formatting use " " and thus we can preserver the formatting.

To reassign a variable simply override the previous values with the new values.

for input redirection to a variable try, # testFile=`< list.txt`

 # echo $testFile

CS almost same as piping.

 Quoting nuances

While we are using one of the reserve key words in the bash be careful with it, 

eg: # echo i live me $

i love me $ ---> Here $ sign is printed. How ever if $ sigh is followed by any other values then bash interpreter will think what followed after $ will need variable substitution.

 eg: echo i love me $more

    i love me ---> here this much only print '$' and 'more' will not printed this is because bash by default cross reference it's set of variables in search of a variable called 'more'.

---> inorder to print the $ sign with the word 'more' we actually need to escape the $ sign. If we not escape the $ sign the bash interpreter thinks that it is for variable substitution or it is one of the reserver key words.

---> The official escape character in a bash interpreter is the "back slash (\)". When we specify \ the very next character or the character which follows it is escaped and is printed literally. 

eg: # echo i want money $50

i want money 0 ---> it will not print any just print zero

   # echo i want oney \$50 

i want money $50 ---> when we escape $ it will print $50.

# mkdir testing directory with a space

it will create 5 directory instead of one. In order to create it as a one directory we need to escape the space, 

# mkdir testing\ directory\ with\ a\ space ---> the slash after space tells to preserver the space.

---> we can also use double quote for making files or directory with space. 

 # mkdir "testing directory"

and when we echo any thing within a double quote it will echoed but anything followed by a $ sigh will not print say,

# echo "this is $" ---> here $ sign will print, if any value followed by this $ sign is there nothing will print including the $ sign.
# echo "this is $6" ---> Here it will not print $6.

In order to print $6 we have to use 'single quote'. # echo 'this is $6'. Or else we have to use escape character in front of the $ sign and it will print.

Every thing is preserved in single quote.


 Hello World 1

---> When we write a script give a header like #!/bin/bash, This is in-order to understand which interpreter we are using.

---> And if we calling second script from the first there is no need of giving header for the second script as we already specified it in the first script.

We may have one main script which include the other scripts.
   
 Functions

 Functions helps to group logical sections of a code. 

# vim functions.sh

we can declare a function like this inside a script. function is a keyword 

function showdate() {


}


# in above eg:- after function it comes the function name ie,showdate and open and closed paranthisis.

---> We can declare the function in a few ways. If you maintain the open and closed paranthisis set () then you don't need the keyword "function". ie, we can write like this

showdate() {

}

# we can declare using just function name itself. In-order to execute the function at the end of it we need to call the function, to call the function just specify the function name.

---> We can declare multiple functions. we can call the function any where, there is no order for it.

---> we can declare variables inside a function and treat it as a local variable and also can declare out side a function and treated it as a global variable and this variables are available within each functions.

---> Here we have to declare the function first and call them after that.

 For loops

Bash by default support three types of loops for loop, while loop,until loop. 

syntax: for argument in [list]; do 
          action item
done

 OR

for argument in [list]
do
  action item
done  

argument ---- any variable that we set

argument is equal to the first element or each element in the list as it cycles through the list. It assigns value to the argument.

For loop cyclic through lists.

Eg:-  

1.     for contries in INDIA JAPAN MALI
  do
      echo $contries
  done

2. DIR="/etc"

  for i in `ls -A $DIR`
   do
 echo $i
done

3.  for num in `seq 1 100`
     do
  echo $num
done
 
4. 
PASSFILE="/etc/passwd"
COUNT=0
for user in `cat $PASSFILE | cut -f1 -d:`
   do
     echo $user
let "COUNT += 1" 
   done


 While Loops

While loop essentially checks whether the exit status is zero,

eg:-

1.  MIN=0
    MAX=20
  while [ "$MIN" -lt "$MAX" ]
   do
      echo $MIN
 let "MIN += 1"
   done
   
2. while ["``"]
  do
      echo $MIN
 let "MIN += 1"
   done

let command allows you to increment or decrements a values within a script.
   
 Until Loop

until loop is essentially checks until the exit status is zero.
 ie, until the condition is true.

until [ condition-is-true ]; do command done

eg:-
 1. NUM=100
    MIN=20
 until [ "$NUM" -eq "$MIN" ]
 do
   echo $NUM
   let "NUM -= 1"
 done   

2. until [ "$STATUS" -eq "0" ]
    do
 ping -c 1 192.168.1.35
 echo The host is down
 STATUS=`echo $?`
done

 Control Structures -- conditions[ if-then-else-elif ]

 Eg1:-

if [ 1 -eq 1 ]
then
  echo Both values are equal
fi

 Eg2:-

 if [ 1 -eq 1 ] OR if [ "ctechz" = "ctechz" ]
then
  echo Both values are equal
else
  echo Both values are unequal 
fi

 Eg3:-

for contries in INDIA JAPAN MALI
 do
    if [ "$countries" = "INDIA" ]
 then
      echo Welcome to INDIA
elif [ "$countries" = "MALI" ]
           then
              echo ONe Love
      else 
       echo $countries  
    fi   
 done

 #END

 Eg4:-

FILE="hellow.sh"
if [ -e $FILE ]
then
   echo File Exists
else
   echo NO File
fi

-e checks for files
#END   

  Eg5:-

DIR="test"
if [ -d $DIR ]
then
   echo File Exists
else
   echo NO File
fi

-d checks for directories
#END   

 Eg6:-

# To compare two files and check which one is newer
# create two file

File1="test1"
FILE2="test2"

if [ $File1 -nt $FILE2 ]
then
   echo $File1 is newer
else
   echo $FILE2 is newer
fi

#END   

Eg7:- nested if then

# This is used to check the command apache is running or not

netstat -antp | grep :80 or httpd > /dev/null 
apachestatus="$?"

if [ "$apachestatus" -eq 0 ]

  Echo apache is up and running

 # testing mysql 

   netstat -ant | grep 3306 > /dev/null

  mysqlstatus="$?"
   if [ "$mysqlstatus" != 0 ]
     then
  echo MYSQL is not running
   else
echo mysql is running
fi   
 else 
   echo apache is not running

fi 

 Eg8:-  Case function

for contries in INDIA JAPAN MALI Australia France china latnav
 do
    if [ "$countries" = "INDIA" ]
 then
      echo Welcome to INDIA
elif [ "$countries" = "MALI" ]
           then
              echo ONe Love
        elif [ "$countries" = "Australia" ]
         then
echo good bye
       elif [ "$countries" = "France" ]
 then
 echo merry
elif [ "$countries" = "china" ]
 then
 echo wall
 elif [ "$countries" = "latnav" ]
 then
 echo LNA
    else 
       echo $countries  
    fi   
 done

Modify above using case:- 

 for contries in USA Australia France Latvia Argentina Jamaica
 do
     case $countries in USA )
 echo "welcome to US" ;;  -----> ;; (double semicolon is for terminating the case atmt)

# after writing the first case there is no need of writing elif and matching strings, instead just specify the values
   
    Australia )
echo : good day" ;;
France )
echo "Merri";;
Lativa )
echo "Hi";;
Argentina )
echo "Football";;
Jamaica )
echo "Cricket";;
esac ----> close the case with esac, case reverse. 
 done

Here if it matches appropriate values it prints the echo,

 Positional parameters

Positional parameters are separated by spaces. 
# source cmd.sh 1 2

vim param.sh
#!/bin/bash

 echo $#

# source param.sh 1 
# source param.sh 1 2

 Eg2:-

 echo $#
seq $1 $2

# source param.sh 1 100

 Eg3:-

badparam=165 
 echo $#
if [ $# != 2 ]
then
   echo This script requires two arguments
    echo "you entered $# parameters"
   exit $badparam
fi
# Begin sequence
seq $1 $2

# source param.sh --- not correct
# echo $?

# source param.sh 1 10 ---> in the result first one is showing is the number of positional parameters.

 Eg4:-

badparam=165 

 #echo $#

# echo ${10} ----> if u have more than 9 or 10 parameters, just initialise like this
 if [ $# != 2 ]
then
   echo This script requires two arguments
    echo "you entered $# parameters"
   exit $badparam
fi
# Begin sequence
seq $1 $2


 Select Menus

:: shows usage of select

PS3='Select a choice: '
select var in "Choice1"
  do
#    command
    echo "Hellow world"
   break # if break specify, it immediately exit after executing 
    done

#END
the above will have one choice

--> To iterate in different choice use a Variable "i"

PS3='Select a choice: '
List="Choice1 Choice2 Quit"
select i in $List
 do
  if [ $i = "Choice1" ]
   then
     echo "Hellow world"
 elif [ $i = "Choice2" ]
  then   
   echo "GBYE"
   elif [ $i = "Quit" ]
   then
    exit
 fi
#   break # if break specify, it immediately exit after executing 
    done

#END
--

PS3='Select a choice: '
List="MySQL System Quit"
select i in $List
 do
  if [ $i = "MySQL" ]
   then
     watch tail /var/log/mysqld.log
 elif [ $i = "System" ]
  then   
   watch tail /var/log/messages
   elif [ $i = "Quit" ]
   then
    exit
 fi
#   break # if break specify, it immediately exit after executing 
    done

#END

 Move Many Files

for file in `ls -A test*`
do
 echo $file
  mv $file $file.old
done

#END
--
BADARG=165

if [ $# != 1 ]
then
  echo at least 1 positional parameter is required!
 exit $BADARG
fi

for file in `ls -A $1*`
do
 echo $file
  mv $file $file.old
done

#END

./move.sh test
---

BADARG=165
REQPARAM=2

if [ $# != $REQPARAM ]
then
  echo at least $REQPARAM positional parameter is required!
 exit $BADARG
fi

for file in `ls -A $1*`
do
 echo $file
  mv $file $file.$2
done

#END

./movemany.sh test new (positional parameters)

Here in the parameters first one shows the pattern to glob for and second one show the extensions.

 NetWork Check

if [ "$#" -eq "0" ]
then
SITE="google.com"
else 
  SITE="$1"
  fi
  ping -c 2 $SITE > /dev/null
if [ $? != 0 ]
then
 echo `date +%F` ---> command substitution
 echo No connection
fi
#END

# ./networkcheck.sh > pinglog.`date`
# ./networkcheck.sh 192.168.1.1

Here the logic is, Default is go after google or go with the site specified with positional parameter.

 File Difference

Monitor directory for file changes:-

 Before proceeding with a directory better take a snapshot of the directory,

# cd directory
# ls -A > filelist1 -- will contain all list of files and dir in the main Dir
# wc -l dirsnap
# mkdir /usr/local/filediff/ 

--> move the script file to /usr/local/filediff Dir

#!/bin/bash
Monitordir="/root/temp2"
ls -A $Monitordir > filelist2
Filediff=`diff filelist1 filelist2 | cut -f2 -d ' '`

for file in $Filediff
do
 if [ -e $Monitordir/$file ]

# -e shows it exist, here file exist

 then 
    echo $file
done
echo $Filediff

#END

FTP Synchronization

:: contents synchronizing between two hosts,

cd temp2
:: all files in this host is going to sync with remote host

we can do it using tools called lftp, lftp has a functionality called mirroring and re-mirroring.
                                                                      forward-mirroring(push) and reverse mirroring(pull)
:: lftp root@192.168.0.11

mkdir temp2 -----> create same dir in second host to where we need to synchronize the files.
:: help mirror -- when u r on lftp prompt

:: first host
touch ftpsync.lftp
this file used to accept commands from the main file

:: # lftp
lftp :~> open -uroot,redhat 192.168.0.11

2nd file
# vim ftpsunc.lftp
open -uroot,redhat 192.168.0.11
cd temp2
lcd /root/temp2 ---> ensure our local dir in temp2 
# mirrot ---> we are doing a reverse mirroring her mirror -Rn 
:wq

# lftp -f ftpsunc.lftp -- run it

1st file
# vim ftpsysnc.sh
#!/bin/bash

Scripthome="/root/temp2"
LFTPscript=$Scripthome/ftpsync.lftp

lftp -f $LFTPscript

#END

# ./ftpsysnc.sh

 Parse Logs

:: parse service logs for unwelcomed connections

Logfiles="/var/log/vsftpd/vsftpd.log"
Badname="anonymous"
#Threshold=5 ---> this is the number of instance that will willing to tolerate.

if [ $# != 1 ]
then
  echo one parameter is required for threshold values
   exit 165
fi
Threshold=$1 --> $1 positional paramater

Offenses=`awk '/$Badname/ { print $8,$12 }' /var/log/vsftpd/vsftpd.log` | wc -l

# grep $Badname $Logfiles | awk '{ print $8,$12}' 

if [ $Offenses -gt $Threshold ]
then
  echo $Offenses attempted breaches were detected | mail -s "Breach attempt" root
fi  

#END

 BackuP Files

if [ ! -e $Backupdir ]
then
   echo creating backupdir bcz its not existing
   mkdir ~/backup
   exit 0
fi
#END

ctrl+k , ctrl+uu


Name of shell script must end with a .sh, it helps to identify that its a shell script,Before running make the file executable # chmod 755 file.sh

Let's check some shell variables and syntax :-

PATH - Sets the search path for any executable command
HOME - user home directory
MAIL - path of the location where mail addressed of the user is stored
USER - User login name.
TERM - indicates the terminal type being used
SHELL - Tells the type of shell that the user user can see when logged in

To see the values do an `echo` of the name of the variable preceeded with a $
# echo $SHELL