Jump to menu and information about this site.


Useful but Unknown Unix Tools: Calculating with IPs, The Sequel //at 20:09 //by abe

from the juggling-with-IPv6-netmasks dept.

This is a direct followup on my previous blog posting about calculating IPs and netmasks with the tools netmask and prips. Kurt Roeckx (via e-mail) and Niall Donegan (via a comment to that blog posting) both told me about the package sipcalc, and Kurt also mentioned the package ipcalc. Thanks for that! And since I found both useful, too, let’s put them in their own blog posting:

Both tools, ipcalc and sipcalc offer a “get all information at once” mode which are not present in the previously presented tool netmask.


ipcalc by default outputs all information and even in ANSI colors:

$ ipcalc
Address:         11000000.10101000.01100 000.00000000
Netmask: = 21   11111111.11111111.11111 000.00000000
Wildcard:            00000000.00000000.00000 111.11111111
Network:      11000000.10101000.01100 000.00000000
HostMin:         11000000.10101000.01100 000.00000001
HostMax:      11000000.10101000.01100 111.11111110
Broadcast:      11000000.10101000.01100 111.11111111
Hosts/Net: 2046                  Class C, Private Internet

(Coloured “Screenshots” done with ANSI HTML Adapter from the package aha.)

You can suppress the bitwise option or directly output HTML via commandline options. For example ipcalc -b -h outputs the following content:

Netmask: = 21
Hosts/Net: 2046 Class C, Private Internet

Yes, that’s an HTML table and no preformatted text, just with a monospaced font. (I just removed the hardcoded text color from it, otherwise it would not look nice on dark backgrounds like in Planet Commandline’s default color scheme.)

Like netmask, ipcalc can also deaggregate IP ranges into largest possible networks:

$ ipcalc -
deaggregate -

(ipcalc -r is just another way to write this, and it results in the same output.)

To find networks with at least 20, 63 and 30 IP addresses within a /24 network, use for example:

Netmask: = 24   
Hosts/Net: 254                   Class C

1. Requested size: 20 hosts
Netmask: = 27 
Hosts/Net: 30                    Class C

2. Requested size: 63 hosts
Netmask: = 25 
Hosts/Net: 126                   Class C

3. Requested size: 30 hosts
Netmask: = 27 
Hosts/Net: 30                    Class C

Needed size:  192 addresses.
Used network:


sipcalc is similar to ipcalc. One big difference seems to be the IPv6 support:

$ sipcalc 2001:DB8::/32
-[ipv6 : 2001:DB8::/32] - 0

Expanded Address        - 2001:0db8:0000:0000:0000:0000:0000:0000
Compressed address      - 2001:db8::
Subnet prefix (masked)  - 2001:db8:0:0:0:0:0:0/32
Address ID (masked)     - 0:0:0:0:0:0:0:0/32
Prefix address          - ffff:ffff:0:0:0:0:0:0
Prefix length           - 32
Address type            - Aggregatable Global Unicast Addresses
Network range           - 2001:0db8:0000:0000:0000:0000:0000:0000 -

(Thanks to Niall for the pointer to RFC3849. :-)

It can also split up networks into smaller chunks, but only same-size chunks, like e.g. split a /32 IPv6 network into /34 networks:

sipcalc -S34 2001:DB8::/32
-[ipv6 : 2001:DB8::/32] - 0

[Split network]
Network                 - 2001:0db8:0000:0000:0000:0000:0000:0000 -
Network                 - 2001:0db8:4000:0000:0000:0000:0000:0000 -
Network                 - 2001:0db8:8000:0000:0000:0000:0000:0000 -
Network                 - 2001:0db8:c000:0000:0000:0000:0000:0000 -


Similar thing with IPv4:

sipcalc -s27
-[ipv4 :] - 0

[Split network]
Network                 -       -
Network                 -      -
Network                 -      -
Network                 -      -
Network                 -     -
Network                 -     -
Network                 -     -
Network                 -     -

sipcalc also has a “show me all information” mode with the -a option:

$ sipcalc -a
-[ipv4 :] - 0

Host address            -
Host address (decimal)  - 3232260096
Host address (hex)      - C0A86000
Network address         -
Network class           - C
Network mask            -
Network mask (hex)      - FFFFFF00
Broadcast address       -

Host address            -
Host address (decimal)  - 3232260096
Host address (hex)      - C0A86000
Network address         -
Network mask            -
Network mask (bits)     - 21
Network mask (hex)      - FFFFF800
Broadcast address       -
Cisco wildcard          -
Addresses in network    - 2048
Network range           - -
Usable range            - -

[Classfull bitmaps]
Network address         - 11000000.10101000.01100000.00000000
Network mask            - 11111111.11111111.11111111.00000000

[CIDR bitmaps]
Host address            - 11000000.10101000.01100000.00000000
Network address         - 11000000.10101000.01100000.00000000
Network mask            - 11111111.11111111.11111000.00000000
Broadcast address       - 11000000.10101000.01100111.11111111
Cisco wildcard          - 00000000.00000000.00000111.11111111
Network range           - 11000000.10101000.01100000.00000000 -
Usable range            - 11000000.10101000.01100000.00000001 -

Network                 -    - (current)

Thanks again to Kurt and Niall for their contributions!

Now listening to the schreimaschine and fausttanz submissions for the interactive competition at the Bünzli/DemoDays in Olten (Switzerland)


Useful but Unknown Unix Tools: watch //at 22:18 //by abe

from the Watch-commands,-not-TV dept.

Yet another useful tool of which at least I heard quite late in my Unix career is “watch”. For a long time I wrote one-liners like this to monitor the output of a command:

while :; do echo -n "`date` "; host bla nameserver; sleep 2; done

But it’s way shorter and less error-prone to use “watch” from Debian’s procps package and just write

watch host bla nameserver

The only relevant difference is that I don’t have some kind of history when the output of the command changed, e.g. to calculate the rate with which a file grows.

You can even track the output of more than one command:

watch 'ps aux | grep resize2fs; df -hl'

Also a nice way to use watch is to run it inside GNU Screen (or tmux or splitvt) and split up the terminal horizontally, i.e. show the output of watch in one window and the process you’re tracking with the commands run by watch in the other window and see both running at the same time.

Update, Sunday, 28th of August 2011, 17:13h

I never found a useful case for watch’s -d option which highlights changes to the previous run (by inverting the changed bytes), but until now three people pointed out the -d option in response to this blog-posting and weasel also had some nice examples, so here are they:

Keep an eye on the current network routes (once per second) of a host and quickly notice when they change:

watch -n1 -d ip r

Watch the current directory for size or time stamp changes of its files:

watch -d ls -l

The option -d only highlights changes from the previous run to the next run. If you want to see all bytes which ever changed since the first run, use --differences=cumulative.

Thanks to Klaus “Mowgli” Ethgen, Ulrich “mru” Dangel, Uli “youam” Martens and Peter “weasel” Palfrader for comments and suggestions.

Useful but Unknown Unix Tools: Kill all processes of a user //at 22:15 //by abe

from the BOFH-slays-users dept.

I already got mails like “What a pity that your nice blog posting series ended”. No, it didn’t end. As announced, I knew that I won’t be able to keep up a daily schedule. It worked as long as I had already written the postings in advanced. But in the end the last postings were already written just in time and then I ran out of leisure and muse for a time. But as I said: It didn’t end, it will be continued. And this is the next such posting.

Oh, and for those who tell me further tools, I should blog about: I appreciate that, especially because that way I also hear about tools I didn’t know about. But why just telling me and not blogging yourself about it? :-) At least those whose blog is part of Planet Debian or Planet Symlink anyway really should do this themselves. I’d really like to see also others writing about cool tools. I neither have a right on the idea nor on the name of this series (call it meme if you want :-), so please go on and publish your favourite tools in a blog posting, too. :-)

And for all those who want to join me and Myon blogging about cool Unix tools, independent if listed on Planet Debian or Planet Symlink, I encourage you to offer a separate feed for this kind of postings and join us on Planet Commandline.

Anyway, here’s the next such posting:

As system administrator you often have the case that you have to kill all processes of one user, e.g. if a daemon didn’t properly shut down itself or amok running leftovers of a GUI session.

Many use pkill -SIGNAL -u user from the procps package or killall -SIGNAL -u user from the psmisc package for it. But that’s a) quite cumbersome to type and b) is there a chance to forget about the -u and then bad things may happen, especially with pkill’s default substring match, so I prefer another tool with a more explicit name:


slay has an easy to remember name (at least for BOFHs ;-) which is even quicker to type (alternating one character with the left and the right hand, at least on US layout keyboards) than “pkill” (all characters to type with the right hand), and has the same easy to remember commandline syntax like kill itself:

slay -SIGNAL user [user …]

But beware, slay is…

… not only for BOFHs, but also from a BOFH

It has a “mean mode” which is activated by default. With mean mode on, it won’t kill the given user but the user who called the program if it is invoked as an ordinary user without root rights. *g*

Interestingly I never ran into this issue despite I use this program often and for many years now.

But some Ubuntu users did, probably because adding a sudo in front of some command is easier to forget than doing an ssh root@localhost or su - beforehand. They even seem to be so desperate about it that they forwarded the issue from Launchpad to the Debian Bug Tracking System. ;-)

But to be honest — even if I was very amused about those bug reports — isn’t this issue “grave”, as it causes very likely (unexpected) data loss?

Now playing: Monzykill dash nine (… and your process is mine ;-)


Useful but Unknown Unix Tools: Calculating with IPs //at 12:22 //by abe

from the juggling-with-netmasks dept.

There are two small CLI tools I need often when I’m handling larger networks or more than a few IP addresses at once:


netmask is very handy for calculating with netmasks (anyone expected something else? ;-) in all variants:

$ netmask
$ netmask -s  
$ netmask --range  (2048)
$ netmask
$ netmask
$ netmask --cisco

(The IP ranges in RFC5737 where too small for the examples I had in mind. :-)

There’s though one thing netmask can’t do out of the box and that’s where the second tool comes into play:


When I read the package name prips, I always think of something like “print postscript” or so, but it’s actually an abbreviation for “print IPs”.

And that’s all it does:

$ prips
$ prips
$ prips -i 2
$ prips -f hex

prips has proven to be very useful in combination with shell loops like these:

$ prips | xargs -n 1 host
$ for ip in `prips`; do host $ip; done

And since prips doesn’t support the netmask syntax, you can even easily combine those two tools:

$ prips `netmask`

(Hah! Now I was able to use RFC5737 IP ranges! ;-)


git $something -p //at 16:09 //by abe

from the git-rules--p dept.

git add -p is one of my favourite git features. It lets you selectively add the local changes hunk by hunk to the staging area. This is especially nice if you want to commit one change in a file, but not a second one, you also already did.

Recently I noticed that you can also selectively revert changes already in the staging area using git reset -p HEAD. The user interface is exactly the same as for git add -p.

Today I discovered another selective undo in git by just trying it out of curiosity if that works, too: Undoing local changes selectively using git checkout -p. Maybe less useful than those mentioned above, but nevertheless most times quicker than firing up your favourite editor and undoing the changes manually.

Another nice git feature which I discovered by accidentially using it (this time even unwittingly) is git checkout - which behaves like cd -, just for branches instead of directories, i.e. it switches back to the previously checked out branch. Very useful for quickly changing between two branches again and again.


Finding libraries not marked as automatically installed with aptitude //at 17:26 //by abe

from the aptitude-for-the-win-again dept.

This is a direct followup on my blog posting Finding packages for deinstallation on the commandline with aptitude.

In the meantime on more alias for finding obosolete packages made it into my zsh configuration. It’s an alias to find installed libraries, …-data, …-common and other usually only automatically installed packages, which are not marked as being installed automatically nevertheless:

alias aptitude-review-unmarkauto-libraries='aptitude -o "Aptitude::Pkg-Display-Limit=( ^lib !-dev$ !-dbg$ !-utils$ !-tools$ !-bin$ !-doc$ !^libreoffice | -data$ | -common$ | -base$ !^r-base ) !~M"'

And yes, this pattern is slightly larger than those from the previous posting, so here’s the used filter in a little bit more readable way:

    !^libreoffice | 
  -data$ | 
  -common$ | 

It matches all non-automatically installed packages whose name starts with “lib”, but is neither a debug symbols package, a development header package, a documentation package, a package containing supplied commands, nor a libreoffice package.

Additionally it matches all non-automatically installed packages ending in -data, -common, or -base, but excludes r-base packages.

Of course you can then mark any erroneously unmarked library by pressing “M” (Shift-m).

If you press “g” for “Go” afterwards and wonder why nothing to remove shows up, be reminded that the filter limit is active in this view, too. So press “l” for “Limit” and then Ctrl-u to erase the current filter limit of this view and press enter to set the new (now empty) filter, et voilà…

Hope this is of help for some others, too.

Tag Cloud

2CV, aha, Apache, APT, aptitude, ASUS, Automobiles, autossh, Berlin, bijou, Blogging, Blosxom, Blosxom Plugin, Browser, BSD, CDU, Chemnitz, Citroën, CLI, CLT, Conkeror, CSS, CX, deb, Debian, Doofe Parteien, E-Mail, eBay, EeePC, Emacs, Epiphany, Etch, ETH Zürich, Events, Experimental, Firefox, Fläsch, FreeBSD, Freitagstexter, FVWM, Galeon, Gecko, git, GitHub, GNOME, GNU, GNU Coreutils, GNU Screen, Google, GPL, grep, grml, gzip, Hackerfunk, Hacks, Hardware, Heise, HTML, identi.ca, IRC, irssi, Jabber, JavaShit, Kazehakase, Lenny, Liferea, Linux, LinuxTag, LUGS, Lynx, maol, Meme, Microsoft, Mozilla, Music, mutt, Myon, München, nemo, Nokia, nuggets, Open Source, OpenSSH, Opera, packaging, Pentium I, Perl, Planet Debian, Planet Symlink, Quiz, Rant, ratpoison, Religion, RIP, Sarcasm, Sarge, Schweiz, screen, Shell, Sid, Spam, Squeeze, SSH, Stoeckchen, Stöckchen, SuSE, Symlink, Symlink-Artikel, Tagging, Talk, taz, Text Mode, ThinkPad, Ubuntu, USA, USB, UUUCO, UUUT, VCFe, Ventilator, Vintage, Wahlen, WAP, Wheezy, Wikipedia, Windows, WML, Woody, WTF, X, Xen, zsh, Zürich, ÖPNV


Mo Tu We Th Fr Sa Su

Tattletale Statistics

Blog postings by posting time
Blog posting times this month


Advanced Search


Recent Postings

13 most recent of 289 postings total shown.

Recent Comments

Hackergotchi of Axel Beckert


This is the blog or weblog of Axel Stefan Beckert (aka abe or XTaran) who thought, he would never start blogging... (He also once thought, that there is no reason to switch to this new ugly Netscape thing because Mosaïc works fine. That was about 1996.) Well, times change...

He was born 1975 at Villingen-Schwenningen, made his Abitur at Schwäbisch Hall, studied Computer Science with minor Biology at University of Saarland at Saarbrücken (Germany) and now lives in Zürich (Switzerland), working at the Network Security Group (NSG) of the Central IT Services (Informatikdienste) at ETH Zurich.

Links to internal pages are orange, links to related pages are blue, links to external resources are green and links to Wikipedia articles, Internet Movie Database (IMDb) entries or similar resources are bordeaux. Times are CET respective CEST (which means GMT +0100 respective +0200).

RSS Feeds

Identity Archipelago

Picture Gallery

Button Futility

Valid XHTML Valid CSS
Valid RSS Any Browser
This content is licensed under a Creative Commons License (SA 3.0 DE). Some rights reserved. Hacker Emblem
Get Mozilla Firefox! Powered by Linux!
Typed with GNU Emacs Listed at Tux Mobil
XFN Friendly Button Maker


People I know personally

Other blogs I like or read

Independent News

Interesting Planets

Web comics I like and read

Stalled Web comics I liked

Blogging Software

Blosxom Plugins I use

Bedside Reading

Just read

  • Bastian Sick: Der Dativ ist dem Genitiv sein Tod (Teile 1-3)
  • Neil Gaiman and Terry Pratchett: Good Omens (borrowed from Ermel)

Currently Reading

  • Douglas R. Hofstadter: Gödel, Escher, Bach
  • Neil Gaiman: Keine Panik (borrowed from Ermel)

Yet to read

  • Neil Stephenson: Cryptonomicon (borrowed from Ermel)

Always a good snack

  • Wolfgang Stoffels: Lokomotivbau und Dampftechnik (borrowed from Ermel)
  • Beverly Cole: Trains — The Early Years (getty images)