Linux Network Management commands

Source: Internet
Author: User
Tags domain name server

Ifconfig Configuring or displaying network interface information
-A displays all network interface information, including active and inactive
Up activates the specified network interface
Down to close the specified network interface
HW Sets the physical address (MAC address) of the network interface
Examples of Use:
Ifconfig ==> Display all network card information in the system
Ifconfig eth0 up ==> start Nic Eth0
Ifconfig eth0 down ==> switch off the NIC Eth0
Ifconfig eth0:0 10.0.0.8 netmask 255.255.255.0 up ==> Configuring the alias IP for the NIC


Ifup [Iface] activating the specified network interface

Ifdown[iface] Disable network specified interface

Route display or management routing table
-N Direct use of IP address, no DNS resolution host name *
-ee Show more detailed routing information
Add Route information *
Del Delete Routing information *
Target specifies the destination network or host. can use IP address or host/Network name
-net a route to a network followed by a network address *
-host the route to a host, followed by a host address *
Netmask NM specifying the subnet mask for added routes *
GW GW Specifies the gateway for how the network/host is grouped
Dev If specifies which network device to go out, followed by network device name, such as Eth0 *
Examples of Use:
Route del default ==> Delete Gateway Method 1
Route add default GW 10.0.0.2 ==> Add Gateway Method 1
Route del default GW 10.0.0.2 ==> Remove Gateway Method 2
Route add default GW 10.0.0.2 dev eth0 ==> Add Gateway Method 2, use dev to indicate network devices for hosts with multiple fast network devices
Configure network routing (route to a network or network segment)
Route add-net 192.168.1.0/24 GW 10.0.0.254
Route add-net 192.168.1.0 netmask 255.255.255.0 Dev eth0
Route add-net 192.168.1.0/24 Dev eth0
Route del-net 192.168.1.0/24 Dev eth0 ==> Delete network routes
#以上配置重启网络后会失效如果希望永久生效, there are several ways
Method 1:
Vim/etc/sysconfig/netwoark-scripts/route-eth0 ==> This file does not exist by default
Add Content:
192.168.1.0/24 via 10.0.0.254

Method 2:
Vim/etc/sysconfig/static-routes ==> This file does not exist by default
Add Content:
Any net 192.168.1.0/24 GW 10.0.0.254
Method 3:
Vim/etc/rc.local
Add Content:
Route add-net 192.168.1.0/24 GW 10.0.0.254
hint: write to/etc/rc.local only load on boot, manually restart the network will be invalid, but after restarting the system will take effect



ARP cache for ARP management system
-N Display Digital IP address *
-S < host > <MAC> set static mappings of IP addresses and MAV addresses for specified hosts *
-D < host > remove ARP entries for the specified host from the ARP cache *
-I < interfaces > Specify network interfaces
-V displays detailed ARP buffer entries, including statistics for buffer entries
Examples of Use:
ARP ==> displays all entries for ARP buffers
Arp-n ==> using the-N option to display all entries in the ARP cache in digital form
Arp-n 10.0.0.1 ==> Specifies the ARP entry for query 10.0.0.1
Arp-s 10.0.0.1 00:0c:29:c0:5s:ef ==> bind IP address and MAC address
arp-d 10.0.0.100 ==> Delete static ARP bindings

IP network Configuration tool (see P352 for parameter details)
Examples of Use:
IP link Show Dev eth0 = Display the properties of the NIC Eth0
Ip-s-S link show Dev Eth0 + two-S to show the properties of the NIC eth0 in more detail
IP link set eth0 up ==> activates the NIC Eth0
IP link set eth0 down ==> off the NIC Eth0
IP a ==> viewing NIC information
IP a add 172.16.1.13/24 dev eth0 ==> can add multiple IP addresses, which are added as secondary IPs, previously created by the ifconfig command alias called IP
IP a del 172.16.1.12/24 dev eth0 (Note: Remove the primary IP address of the network card, delete all IP addresses of the network card, remove the secondary IP address of the network card, and do not affect the other IP addresses of the network card)
IP a add 10.0.0.20/32 dev eth0 label Eth0:1 ==> use the label option to create an alias IP
#小结: The alias Ip,ip command created by the Ifconfig command can be queried, instead, the secondary ip,ficonfig command created by the IP command cannot be queried unless you create your alias IP with the label feature of the IP command
IP route ==> View routing table
IP route|column-t ==> is formatted with the column command, option-T, by default creates a table based on the number of columns that determine the input row
IP route add 10.1.0.0/24 via 10.0.0.254 dev eth0 ==> add static route
IP route del 10.1.0.0/24 ==> delete static route
IP neighbour ==> viewing ARP cache
IP neighbour add 192.168.1.100 lladdr 00:0c:29:c0:5s:ef dev eth0 ==> adding static ARP
IP neighbour add 192.168.1.100 dev eth0 ==> delete static arp



netstat viewing network status
-R Displays routing information, which is similar to the route and IP route
-G Displays multicast feature group information, which is similar to IP maddr
-I displays the network interface information, which is similar to the ip-s link
-S displays statistics for various protocols
-N Displays the address in digital form instead of the zone resolution host, port, or user name. *
-a displays the socket information in the listening and non-listening state *
-a displays network connection status for the specified network type
-C < seconds > followed by seconds, indicating that the refresh is displayed once per few seconds *
-l display only the network status of a service with a connection status of "LISTEN"
-T displays all TCP connection conditions *
-U display of all UDP connections *
-P shows the PID and name of the process the socket belongs to
Common combination: Netstat-an #<== Show All connection information
Netstat-lntup #<== shows all connection information that TCP and UDP are listening on

SS View network status
-N Display IP address, no DNS resolution *
-R attempts to parse the digital IP address and port
-A Show all socket connections *
-L Display all monitoring socket*
-O Display Calculator information
-e Display Detailed socket information
-m shows memory usage using sockets
-P shows the process using the socket
-I display TCP internal information
-s display socket usage statistics
-4 Only IPv4 sockets are displayed
-6 Only IPv6 sockets are displayed
-0 Only packet sockets are displayed
-T shows only TCP socket*
-U only shows UDP socket*
-D displays only DCCP sockets
-W Show only raw sockets
-x displays only UNIX sockets
Common combination: Ss-an #<== displays all socket connections.
Ss-lntup #<== shows all TCP and UDP connections that are listening

Ping the connectivity of the network between test hosts
-C < number > Specifies the number of times an ICMP message is sent. Otherwise, the ping command will always send the message *
-I < interval > time interval between two consecutive delivery times, the default interval is 1s*
-N Do not query host name, directly display IP address
-Q displays only the information at the beginning of the command and the statistics at the end of the run
-s < packet size > set the size of the sending packet, the default size is 56 bytes, plus 8 bytes of ICMP header, which is a total of 64 bytes of ICMP packets
-T < lifetime > Set the value of the sent Packet's lifetime (TTL)
-W cutoff time exceeds deadline, exit Ping program immediately
-W timeout waiting for response time-out

Traceroute tracking data Transmission routing situation
-Q <nqueries> Set the number of probe packets per hop, default is 3
-I uses the ICMP echo probe, which is ping
-N Direct use of IP addresses without host names
-M sets the maximum number of hops
Examples of Use:
Traceroute www.oldboyedu.com ==> View a host routing situation

Arping sending ARP Requests
-C Exit command after sending a specified number of ARP messages *
-F When a response message is received, exit the command immediately, this option is used to determine if the target host is present or functioning correctly *
-I < network interface > specify the network interface to send ARP messages
-W < cut-off time > Set execution deadline for commands
-S source set arping sent ARP Packet's origin address
Examples of Use:
Arping-f 10.0.0.1 ==> detects if 10.0.0.1 host is alive
Arp-c 1-i eth0-s 10.0.05 10.0.0.2 ==> Here 10.0.0.5 is the IP address, 10.0.0.2 when the Internet gateway

NC Multifunctional Network Tools
-l Specifies the listening port and waits for network connections *
-Z means zero, which means no data is sent when scanning *
-V Show More information *
-W Set timeout time, fail on-l key
-p Specifies the port used by the NC command and cannot be used with the-l option
-U uses UDP connection, default TCP connection
-s Specifies the source IP address for sending data for multiple NIC hosts
Usage examples
Nc-l 123 >oldboy.nc ==> listens on port 123 and writes data to OLDBOY.NC
Nc-l <test.txt ==> has been listening to 80 ports, Test.txt is sent to the user's content
Nc-z 10.0.0.12 20-30 ==> scanning the 20-30 port of the 10.0.0.12 host

SSH secure telnet to host
-P Specify SSH login port *
-T forces a pseudo-terminal to execute any full-screen program on the remote machine *
-V Debug Mode *
Examples of Use:
ssh-p [email protected] ==> log on to the remote server using a Oldboy user
ssh-p [email protected] "free-m" ==> Remote execution command

wget command-Line download tool
-O writes the execution results of the command line to the file
-O To specify the saved file name after download *
-limit-rate Speed Limit Download *
-B into the background execute command
-C power-down continued transmission
--user-agent Specifying Client Flags
-Q Turn off output when downloading
--tries=number setting the number of retries
--spider Simulated crawler Access
-T seconds setting the time-out for access
--timeout=second setting the time-out for access

MAILQ Display message transfer queue
-V debug mode, show details

Mail send and receive messages
-s Specifies the subject of the message *
-A Send mail attachment with multiple attachments using multiple-a options *
-B Specify the recipient address for BCC
-C Specify the recipient address of the CC person
Examples of Use:
Mail-s "Hello from oldnoyedu" [email protected]
Eho "Hello from oldnoyedu" |mail-s "Oldoy" [email protected]
Mail-s "Hello from oldnoyedu" [email protected] <test.txt

nslookup domain name query tool

Dig Domain Name Query tool
@<dns server address > Specify Domain name server for domain name resolution *
-X reverse Domain name resolution
-t specifies the type of DNS data to query, such as a, MX, PTR, and so on. Default query type is a *
-b Specifies which IP address of this computer is used to send a domain name query request to the domain name server
-p Specifies the port number used by the domain name server
+trace tracking query results from the root domain *
+nocmd does not output dig version information
+short outputs only the most streamlined CNAME information and a records, and no other outputs
+nocomment not output dig detail annotation information
+nostat does not output the final statistics
Examples of Use:
Dig www.oldboyedu.com ==> Query the IP address of the specified domain name
Dig @223.5.5.5 www.oldboyedu.com ==> Use @ To specify the DNS server for the query
Dig-x 101.200.195.98 ==> Reverse Domain name resolution
Dig-t MX oldboyedu.com ==> Select a query type using the-t option
Dig @223.5.5.5 www.oldboyedu.com +trace ==> Show the complete process of domain name resolution to IP
Dig +nocmd +nocomment +nostat ww.oldboyedu.com ==> streamlining some explanatory information

Host Domain name query tool
-A displays detailed DNS information
-t specifies the type of domain name information for the query, or it can be "A", "All", "MX", "NS", etc.

Nmap Network Detection Tool and security/port scanning
-SS TCP Synchronous Scan *
-st TCP connection Scan
-SN do not perform port scan, only check host is running *
-SU Scanning UDP ports
-SV Probe Service Version information
-PN scan only, do not ping the host
The-PS uses a SYN packet to scan the target host. The default is 80 port, you can also specify the same port, format:-P S22 or-ps22-25,80,113,1050, remember that there is no space between PS and port number
-pu using UDP ping to scan ports
-O Activates the scan of the TCP/IP fingerprint feature to obtain the remote host's flag, which is the operating system type
-V Show details of the scan process *
-S <IP> set scanned source IP
-G Port Sets the source port of the scan
-on redirect The results of the scan to a file
-il filename reads the scan target from the file
-p Specifies the port to be scanned, either as a separate port or separated by commas, or with "-" to indicate the port range *
-N No DNS resolution for faster scan speed *
--exclude exclude a specified host
--excludefile exclude files from a specified host
Examples of Use:
Nmap 10.0.0.12 ==> Direct access to the target host, the default is to scan the top 1-1000 ports
Nmap-p 1024-65535 10.0.0.12 ==>-p option specifies the scan range
Nmap 10.0.0.0/24 ==> scan all IP in LAN
NMAP-SN ==> using the-SN option does not scan the port
NMAP-SN 10.0.0.1-10 ==> can be scanned with this address range
Nmap-o-SV 10.0.0.12 ==> probing the target host's service and operating system version

tcpdump monitoring network traffic
-a displays each packet in ASCII mode
-C < number of packets > Exit command after accepting the specified number of packets *
The Data link layer header information for the packet in the printout of-e per row
-I < network interface > specify the network interface to listen for packets *
-N No DNS resolution for faster display speed *
-NN does not convert protocol and port numbers to names *
-Q runs with fast output, this option shows only the protocol profile of the packet, and the output information is short *
-s < packet size > set packet fetch length, default is 68 bytes if not set, 0 automatically selects the appropriate length to crawl packets
-T does not display timestamp markers in each line of output,
-V Show details of command execution
Examples of Use:
Tcpdump ==> By default, the direct boot tcpdump will listen for all packets flowing through the first network interface
Tcpdump-q ==> By default, the tcpdump command outputs more information, in order to display the condensed information, you can use the-Q
Tcpdump-c 5 ==> using the-C option to specify the monitored packet traffic
Tcpdump-i eth0 ==> Use-I selection to specify the network card to listen on
Tcpdump-n host 10.0.0.1 ==> listen to all 10.0.0.1 received and sent packets
Tcpdump-n src host 10.0.0.1 ==> only listens for packets sent from 10.0.0.1
Tcpdump-n DST host 10.0.0.1 ==> only listens for packets received by 10.0.0.1
TCPDUMP-NN Port ==> Use the-N option for no DNS resolution, but some protocols, ports are converted, so use the-NN option to listen for packets on the specified port
Tcpdump-n ARP ==> listening ARP protocol packet
Tcpdump-n IP host 10.0.0.23 and! 10.0.0.1 ==> Gets the IP packets that the host 10.0.0.12 communicates with all hosts (except 10.0.0.1)
Tcpdump TCP DST port or src 12.130.132.30-i eth0-n






Linux Network Management commands

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.