Introduction to Linux Chapter 5th: Network Applications _unix Linux

5.1 Common network commands

With network-related tools available in the Red Hat Linux 7.1 system, it is essential that these tools be well mastered:
Category one: Setting tools
1.netconf:
Netconf is part of the linuxconf provided by Red Hat Linux and is primarily used to set network-related parameters. It can be run under Consle (Text menu), or it can be run in X-window (graphical interface). In the front, we introduced some of the application of netconf, it is relatively simple to use, as long as the understanding of the above English can be, so no more to say here. BTW, if you set up the X-window, use the graphical interface of the netconf, will be more beautiful yo.
2.ifconfig
Ifconfig is one of the most common tools used in Linux systems for displaying and setting up network devices. where "if" is the abbreviation of "interface". It can be used for the status of the device's NIC, or for displaying the current settings.
Here's a brief description of the commonly used command combinations:
1 The IP address of the first network card is set to 192.168.0.1:
Ifconfig eth0 192.168.0.1 (format: Ifconfig network device name IP address)
2 temporarily turn off or enable the network card:
Turn off the first Nic: Ifconfig eth0 down
Enable first network card: ifconfig eth0 up
3 Set the subnet mask of the first network card to 255.255.255.0:
Ifconfig eth0 netmask 255.255.255.0 (format: Ifconfig network device name netmask subnet mask)
We can also set the IP address and subnet mask at the same time:
Ifconfig eth0 192.168.0.1 netmask 255.255.255.0
4 set the broadcast address of the first network card to 192.168.0.255:
Ifconfig Eth0–broadcast 192.168.0.255
5 Set the first NIC to not receive multicast packets:
IFCONIFG eth0 Allmulti
If you want to have it received, use the command: Ifconfig eth0-allmulti
6 View the status of the first NIC:
Ifconfig eth0
If you want to see all network card status, use the Ifconfig command without parameters directly.
The state information of the ifconfig output is very useful, and below, let's briefly explain:
Several states are more important:
Øup/down: Whether the network card is started, if it is down, it will certainly not be used;
The number of errors packages in the ØRX packets is too large to indicate a problem with the NIC when it is received;
The number of errors packets in the ØTX packets is too large to indicate a problem with the NIC when it is sent;
3.route
The route command is used to view and set the routing information for a Linux system to communicate with other networks. To achieve network traffic between two different subnets, you need a gateway that connects two network routers or is located in two networks at the same time.
In a Linux system, we usually set up a route to solve the problem: the Linux machine in a local area network, the LAN has a gateway, can let your machine access to the Internet, then we need to set the IP address of this machine as the default route of the Linux machine.
1) Add a default route:
Route add 0.0.0.0 GW gateway address
2 Delete a default route:
Route del 0.0.0.0 GW Gateway address
3 shows the current routing table
Route

Category II: Diagnostic tools
1.ping
Ping is one of the most commonly used to detect whether a network communication connection can be established with a remote machine. It is implemented via Internet Control Message Protocol ICMP. And now some hosts filter ICMP, in this particular case, it is possible to make some hosts ping impassability, but can establish a network connection. This is a special case that is explained in advance.
Again, this does not list all the optional parameters of the ping command, but it is an example to illustrate some of the common combinations that need to be understood in more detail and can be obtained through the www.linuxaid.com.cn Web site Online Training Command query tool.
1 detect the connection with a machine is normal:
Ping 192.168.0.1
Ping www.linuxaid.com.cn
In other words, we can use the IP address or domain name to specify the machine.
2 Specify ping response times to 4:
Under Linux, if you don't specify the number of responses, the ping command will continue to send ICMP information to the remote machine. We can use the-C parameter to qualify: Ping–c 4 192.168.0.1
3 ping through a specific network card:
Sometimes, we need to check whether a certain network card (many in the system) can ping the remote machine. We need to do the ping command to indicate:
Ping–i eth0 192.168.0.1
2.traceroute
If you ping a distant machine, you want to know where the problem is, or you want to know what routers the remote machine has gone through, and you can use the traceroute command. As the name suggests: Trace is a trace, route is a route, that is, a trace route.
Using this command is simple:
Traceroute remote host IP address or domain name
The output of this command is similar to the following:
1 Router (gateway) IP address time required 1 Access time 2 access time 3
2 Router (gateway) IP address time required 1 Access time 2 access time 3
.........
1 The first number represents "after the first few stops";
2 The IP address of the router (gateway) is the IP address of "the station";
3 Access time 1, 2, 3 refers to the time required to access this router (gateway).

3.netstat
In a Linux system, a powerful tool for viewing network status is provided: Netstat. It lets you know the entire Linux system's network situation.
1) Statistics of the transmission of various network equipment, receive packets:
Using commands: Netstat–i
This command will output a table, which includes:
Iface: Network Interface name MTU: Maximum Transmission unit
RX-OK: Total number of packets successfully received RX-ERR: Packets received the number of errors in the package
RX-DRP: How many packets were lost when received RX-OVR: How many collision packs were received?
TX-OK: How many packets have been successfully sent Tx-err: How many errors are there in the package?
TX-DRP: How many packets are lost in the number of pounds TX-OVR: How many collision packs were received?
2 Display the statistics of the network
Using commands: Netstat–s
By using this command, the communication information in the form of IP, ICMP, TCP, UDP and Tcpext will be counted in the form of a digest.
3 shows the network connectivity of the TCP transport protocol:
Using commands: Netstat–t
The output of this command is also a table, which includes:
Local addresses: Address, format is IP address: port number
Foreign Address: Remote addresses, format is also IP address: port number
State: Connection status, including listen, established, time_wait, etc.
4 shows only network connections using UDP:
Using commands: Netstat–t
The output format is the same.
5) Display the routing table:
Using commands: Netstat–r
The output of this command is the same as the output of the route command.
　　
　　 5.2 Network configuration Files
In red Hat Linux 7.1, there are files for storing network configuration:
1./etc/hosts
A list of IP addresses and host names is stored in the file, and if the IP address of a host is indicated in the list, DNS resolution is not required to access the host.
2./etc/host.conf
This file is used to specify the order of domain name resolution methods, such as:
Order Hosts,bind
It explains that, first through the/etc/hosts file resolution, if there is no corresponding host name and IP address in the corresponding relationship, and then through the domain name server bind to resolve.
3./etc/resolv.conf
The IP address of the domain name server is stored in the file.
4./etc/protocols
The Red Hat Linux 7.1 system uses this file to identify the use of this host, and it completes the mapping between the Protocol and the Protocol number, and the user should not modify the file.
5./etc/services
The user is used to define an existing network service that the user does not need to modify, and is typically maintained by the program that installs the Network service. The file includes the network service name, the network port number, and the protocol type used, where there is a slash between the network port number and the type of protocol used, and the alias of the service can be added at the end of the set line.
5./ETC/XINETD.D Directory
In the Linux system there is a Super service program inetd, most of the network services are initiated by it, such as Chargen, Echo, finger, talk, Telnet, wu-ftpd, etc., the version between 7.0 its setting is in the/etc/ inetd.conf, after Red Hat 7.0, it is changed to a xinetd.d directory.
In the XINETD.D directory, each service has a corresponding configuration file, let's take telnet as an example to illustrate the meaning of each configuration line:
Service Telnet
{
Socket_type=stream
Wait=no
User=root
Server=/usr/sbin/in.telnetd
Log_on_failure+=userid
Disable=yes
}
The first line, which indicates that the configuration is used to set the Telnet service.
The second line indicates that the socket connection type is a stream, which is the TCP
The third line, which means not waiting until the start is complete
Line four refers to starting the service process as root
Line five means that the service process is/usr/sbin/in.telnetd
Line six, is used to make some error log
Line seventh, refers to the prohibition of remote Telnet, if you need to open the configuration will be changed to: Disable=no
Modified XINETD configuration, need to restart xinetd to be effective, there are two ways to achieve:
1) Execute the following order:
/etc/rc.d/init.d/xinetd restart
2) Execute the following order:
Killall–hup xinetd
　　
5.3 Network Service access Restrictions
Enhanced network security in red Hat Linux 7.1 If you install a security level that is not at the lowest level, all access outside of this computer may be denied. This is because some of the default IPChains settings are made in red Hat 7.1, which is a built-in firewall mechanism for Linux that can use rules to allow or disallow some access.
Its rules are stored in the/etc/sysconfig/ipchains file, if you want it to not take effect temporarily, then you can run/etc/rc.d/init.d/ipchains stop, then all the rules are canceled, all network access will be allowed.
You can run/etc/rc.d/init.d/ipchains status to learn about the current restrictions on network access. About this knowledge, this article is limited to the length of the detailed description, interested readers can refer to the "Linux firewall" book.

5.4 Web Server
The most suitable server in Linux system when the number of Apache,red Hat Linux 7.1 integrated with the Apache 1.3.19 version, you only select the Web server at the time of installation, then the system will automatically complete the Apache server installation, by default, The WWW service has been started.
If you do not select a Web server package at installation, it does not matter, you can simply execute the following command:
1 Put the first sheet of the red Hat Linux 7.1 installation CD into the optical drive, and then execute the following command:
# Mount/mnt/cdrom
2 Go to the directory where the Apache installation files are located:
# Cd/mnt/cdrom/redhat/rpms
3 use RPM to complete the installation:
# RPM–IVH apache-1.3.19-5.i386.rpm
Now, you already have a Linux based Web server, its configuration file is located in the/etc/httpd/conf directory, you can modify according to need, after the modification of the implementation:/ETC/RC.D/INIT.D/HTTPD restart can be. And the Web service's home directory is in the/var/www/html directory, you can upload your Web page here can be updated.
And if each user wants to have a homepage of their own, then:
1 first in their own user's home directory to build a public_html directory:
# CD
# mkdir Public_html
2) then change the permissions of the user's home directory to read
# chmod 755 User Home Directory
3 So you can use the "localhost/~ username/" To access the home page of each user.
　　
　　 5.5 FTP Server
In red Hat Linux 7.1 integrated wu-ftp 2.6.1 as an FTP server, as long as you choose to install the FTP package, then your Linux server is an FTP server, if there is no installation, there is no relationship, as with the installation of Apache:
1 Put the first sheet of the red Hat Linux 7.1 installation CD into the optical drive, and then execute the following command:
# Mount/mnt/cdrom
2 Go to wu-ftp installation file directory:
# Cd/mnt/cdrom/redhat/rpms
3 use RPM to complete the installation:
# RPM–IVH wu-ftp-2.6.1-16.i386.rpm
Because the FTP service was created by the XINETD Super Server, the configuration of the FTP server is in the wu-ftpd file in the/ETC/XINETD.D directory:
Service FTP
{
Socket_type=stream
Wait=no
User=root
Server=/usr/sbin/in.ftpd
Server_args=-l–a
Log_on_success+=duration USERID
Log_on_failure+=userid
nice=10
Disable=no
}
Below, we introduce some management methods about the FTP server:
1, temporarily shut down the FTP service
There are two ways to suspend the FTP service:
1) as Root user execution:
# Ftpshut Now
This will generate a shutmsg file in the/etc directory, and the FTP server will not be available until you delete the file.
2 Modify the configuration file/etc/xinetd.d/wu-ftpd, change the Disable=no to Disable=yes, and then restart XINETD.
2, prohibit a user to use the FTP service
There are two ways to prevent a user from using an FTP server:
1 Write the user account name in/etc/ftpuser
2 Write one line of configuration in/etc/ftpaccess:
Deny-uid User Name
In this way, you can also prevent users of a group from using
Deny-gid Group Name
3, Prohibit anonymous user (anonymous) login FTP server
There are a number of ways to do this, but I think the easiest and most effective way is to write anonymous to the configuration file:/etc/ftpuser.

　　 5.6 File Servers
We can also use the Red Hat Linux 7.1 built-in Samba to make a file server for a Windows host within the LAN. If the SMB server package is selected when the system is installed, the Samba service is ready after the installation is complete.
However, to facilitate configuration, it is recommended to install SWAT, which provides a configuration tool for the Web interface. Its installation package is the/redhat/rpms/samba-swat-2.0.7-36.i386.rpm of the second CD.
After installation, it creates a new Swat file in the XINETD.D directory, which reads:
Service SWAT
{
port=901
Socket_type=stream
Wait=no
only_from=127.0.0.1
Server=/usr/sbin/swat
Log_on_failure+=userid
Disable=yes
}
We see that the value of disable is yes, that is, SWAT is not enabled now, so we need to change it to Disable=no and then restart xinted. In addition, because there is a sentence:
only_from=127.0.0.1
Note You can only use SWAT on this computer, and if you want to configure it with IE in Windows, please drop this comment or delete it.
Below, we set up an example of how SWAT is set up by setting up a homes directory that everyone can access:
1 Open IE Browser, in the Address bar, enter the hostname or IP of Linux and ": 901", for example:
http://192.168.0.1:901
2 If the connection is normal, will be a login prompt window, require input username and password, where root is the username, and enter the root password, and then click OK;
3 If the input is correct, the configuration of samba will appear: SWAT's homepage;
We can see in the SWAT interface, the top 7 icons are: Home (first), GLOBALS (Global Settings), SHARES (sharing settings), PRINTERS (printer), status (status), view (view), PASSWORD (password)
4 First, we click the Globals icon and the Globals Settings page appears, where we set the following items:
Øbaseoptionàworkgroup: Enter workgroup name in some (for example, workgroup name in NetBIOS)
Øbaseoptionànetbios Name: Host name
Øsecurityoptionàsecurity: Select the security level, select "SHARE" in some
Øsecurityoptionàhosts allow: A host that is allowed, usually written to your network number, such as 192.168.0.
Øsecurityoptionàhosts deny: If you do not allow a machine to use, write its IP address
After the modification, click on the "Commit Changes" button (below the 7 icons) to save the settings.
5) Then, click the shares icon to share the settings:
First step: Enter the share name you want to set in the right text box of the Create Share button
Step Two: Click the "Create Share" button;
Step three: Verify that the Baseoptionsàpath value is the directory you want to share, such as/home/smb/test (note that this must be a pre-existing directory);
Step Fourth: Set the value of "securityoptionsàwriteable" to Yes so that the directory is shared as writable;
Step Fifth: Set the value of "securityoptionsàguest OK" to Yes so that the directory does not need password access;
Sixth step: In "securityoptionsàhosts allow, hosts deny" set the corresponding host IP;
Step seventh: Set "browseoptionsàbrowseable" to Yes to make it easy to use
Finally, click on the "Commit Changes" button to save the settings.
Now we can access this Samba server over the Windows 9x through our network neighbors and have a readable, writable shared directory.
In peacetime use of time, the system administrator can click the "Status" button, switch to the status page to monitor it, on this page, you can:
1 Start (Start SMBD button), stop Samba (stop SMBD button) service, and restart service (restart SMBD button);
2 In addition, you can see the current connection with the Samba server (Active connections), and you can press the "X" button to abort its access;
3 You can also detect the folder you are accessing (Active Shares) and the file you are opening (open files).
Samba services can also authenticate users, with Windows NT domain integration, and other powerful features, in some limited space is not detailed, interested readers can refer to the "actual Samba" book.

　　 PostScript
Through the use of a period of time, found that red Hat Linux 7.1 Regardless of installation or use, are more and more attention to ease of use, a large number of using a gorgeous graphical interface, the potential of troops desktop. and the integration of a large number of software of the latest version, is excellent performance, but is described as "Chengye, Shenya", I was in the process of trial to start KDE panic (this is in the previous version of the rare!) The system crashes and is estimated to be caused by a bug in the XFree86 4. In addition, the excellent graphical interface makes the entire X window very slow, so ease of use and performance can never be balanced.
In any case, from Red Hat Linux 7.1 rich application software, efficient network performance, a better graphical interface shows that Linux is more and more mature, I believe that many well-known it vendors under the strong support, will usher in a better tomorrow.