spartazhc's blog

0%

linux network tools

发表于 分类于 阅读次数: Valine:
本文字数: 5.8k 阅读时长 ≈ 5 分钟

某天摸鱼的时候在看sdn-handbook,然后尝试了一下里面提到的网络工具,做了简要的汇总。(感觉是最近完成度最高的一篇了,虽然也是逐渐偷工减料)

net-tools

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
sudo apt-get install net-tools
# 包含以下工具 --难怪netstat和route返回结果一样了
/bin
/bin/netstat
/usr/sbin
/usr/sbin/arp
/sbin
/sbin/nameif
/sbin/ipmaddr
/sbin/plipconfig
/sbin/ifconfig
/sbin/route
/sbin/mii-tool
/sbin/iptunnel
/sbin/rarp
/sbin/slattach

netstat

Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

usage

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# 查看端口使用情况
netstat -ntulp | grep port-num
    -t (tcp) 仅显示tcp相关选项
    -u (udp)仅显示udp相关选项
    -n 拒绝显示别名,能显示数字的全部转化为数字
    -l 仅列出在Listen(监听)的服务状态
    -p 显示建立相关链接的程序名
    
# 除了基本用法以外,还可以查看以下内容
    --route , -r
           Display the kernel routing tables. See the description in route(8) for details.  netstat -r and route -e produce the same output.
   --groups , -g
       Display multicast group membership information for IPv4 and IPv6.
   --interfaces, -i
       Display a table of all network interfaces.
   --masquerade , -M
       Display a list of masqueraded connections.
   --statistics , -s
       Display summary statistics for each protocol.

example

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
sparta@vostrozhc:~$ sudo netstat -ntulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address        Foreign Address     State    PID/Program name
tcp        0      0 0.0.0.0:80           0.0.0.0:*           LISTEN   1079/nginx -g daemo
tcp        0      0 127.0.1.1:53         0.0.0.0:*           LISTEN   1315/dnsmasq    
tcp        0      0 0.0.0.0:22           0.0.0.0:*           LISTEN   1072/sshd       
tcp        0      0 127.0.0.1:631        0.0.0.0:*           LISTEN   20096/cupsd     
tcp        0      0 127.0.0.1:57468      0.0.0.0:*           LISTEN   12057/code      
tcp        0      0 127.0.0.1:19645      0.0.0.0:*           LISTEN   2644/python     
tcp6       0      0 :::80                :::*                LISTEN   1079/nginx -g daemo
tcp6       0      0 :::34642             :::*                LISTEN   7094/nutstore   
tcp6       0      0 :::22                :::*                LISTEN   1072/sshd       
tcp6       0      0 ::1:631              :::*                LISTEN   20096/cupsd     
tcp6       0      0 127.0.0.1:19080      :::*                LISTEN   7094/nutstore   
udp        0      0 127.0.0.1:19081      0.0.0.0:*                    2635/nautilus   
udp        0      0 0.0.0.0:53305        0.0.0.0:*                    879/avahi-daemon: r
udp   188032      0 224.0.0.251:5353     0.0.0.0:*                    9287/chrome --type=
udp        0      0 224.0.0.251:5353     0.0.0.0:*                    9287/chrome --type=
udp        0      0 224.0.0.251:5353     0.0.0.0:*                    9248/chrome     
udp        0      0 0.0.0.0:5353         0.0.0.0:*                    879/avahi-daemon: r
udp        0      0 0.0.0.0:56122        0.0.0.0:*                    1315/dnsmasq    
udp        0      0 127.0.1.1:53         0.0.0.0:*                    1315/dnsmasq    
udp        0      0 0.0.0.0:68           0.0.0.0:*                    20136/dhclient  
udp6       0      0 :::5353              :::*                         879/avahi-daemon: r
udp6       0      0 :::47874             :::*                         879/avahi-daemon: r

FILES

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
/etc/services -- The services translation file

/proc -- Mount point for the proc filesystem, which gives access to kernel status information via the following files.
    /proc/net/dev -- device information
    /proc/net/raw -- raw socket information
    /proc/net/tcp -- TCP socket information
    /proc/net/udp -- UDP socket information
    /proc/net/igmp -- IGMP multicast information
    /proc/net/unix -- Unix domain socket information
    /proc/net/ipx -- IPX socket information
    /proc/net/ax25 -- AX25 socket information
    /proc/net/appletalk -- DDP (appletalk) socket information
    /proc/net/nr -- NET/ROM socket information
    /proc/net/route -- IP routing information
    /proc/net/ax25_route -- AX25 routing information
    /proc/net/ipx_route -- IPX routing information
    /proc/net/nr_nodes -- NET/ROM nodelist
    /proc/net/nr_neigh -- NET/ROM neighbours
    /proc/net/ip_masquerade -- masqueraded connections
    /proc/net/snmp -- statistics

route

show / manipulate the IP routing table

usage

1
2
3
4
5
6
route
	add	: delete a route	
	del : add a new route
	-n  : show numerical addresses
# 其实应该就是读取了文件/proc/net/route -- IP routing information
# netstat --route|-r 也可以返回一样的结果,不过netstat应该只能查看不能删改

example

1
2
3
4
5
6
7
sparta@vostrozhc:~$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         shz82b-ldr01-v5 0.0.0.0         UG    100    0        0 enp2s0
10.67.104.0     *               255.255.255.0   U     100    0        0 enp2s0
shzsdns401.ccr. shz82b-ldr01-v5 255.255.255.255 UGH   100    0        0 enp2s0
link-local      *               255.255.0.0     U     1000   0        0 enp2s0

FILES

/proc/net/ipv6_route
/proc/net/route
/proc/net/rt_cache

arp

manipulate the system ARP cache

usage

1
2
3
4
arp						
	nothing				: print the current content of the table.
	-d address 			: delete a ARP table entry
	-s address hw_addr 	: set up a new table entry

example

1
2
3
4
5
sparta@vostrozhc:~$ arp
Address                  HWtype  HWaddress           Flags Mask            Iface
shz82b-ldr01-v504-pri.s  ether   00:04:96:9b:aa:83   C                     enp2s0
shz82b-ldr01-v504-sec.s  ether   00:04:96:9b:aa:78   C                     enp2s0
shz82b-ldr01-v504-vrrp.  ether   00:00:5e:00:01:01   C                     enp2s0

FILES

/proc/net/arp
/etc/networks
/etc/hosts
/etc/ethers

traceroute

1
sudo apt-get install traceroute

dnsutils

1
2
3
4
5
6
sudo apt-get install dnsutils

/usr/bin
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/bin/dig

dig

DNS lookup utility

usage

1
2
3
dig [@global-server] [domain] [q-type] [q-class] {q-opt}
            {global-d-opt} host [@local-server] {local-d-opt}
            [ host [@local-server] {local-d-opt} [...]]

example

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
sparta@vostrozhc:~$ dig child-prc.intel.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> child-prc.intel.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47923
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;child-prc.intel.com.		IN	A

;; ANSWER SECTION:
child-prc.intel.com.	900	IN	CNAME	child-prc.iglb.intel.com.
child-prc.iglb.intel.com. 19	IN	A	10.239.4.101

;; Query time: 2 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Sep 09 11:19:07 CST 2019
;; MSG SIZE  rcvd: 93

dnsmasq

1
sudo apt-get install dnsmasq-base

iproute2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
sudo apt-get install iproute2
/sbin
/sbin/tc
/sbin/rtacct
/sbin/tipc
/sbin/rtmon
/sbin/bridge
/etc
/etc/iproute2
/etc/iproute2/rt_protos
/etc/iproute2/ematch_map
/etc/iproute2/rt_realms
/etc/iproute2/rt_dsfield
/etc/iproute2/rt_scopes
/etc/iproute2/group
/etc/iproute2/nl_protos
/etc/iproute2/rt_tables
/usr/sbin
/usr/sbin/arpd
/usr/sbin/genl
/usr/bin
/usr/bin/routel
/usr/bin/nstat
/usr/bin/routef
/usr/bin/lnstat
/bin
/bin/ss
/bin/ip
/sbin/ip
/usr/bin/rtstat
/usr/bin/ctstat

wireshark

Interactively dump and analyze network traffic

1
sudo apt-get install wireshark

ethtool

1
sudo apt-get install ethtool

iptables

1
2
3
4
5
6
7
8
9
10
sudo apt-get install iptables
/sbin/iptables-restore
/sbin/ip6tables-save
/sbin/ip6tables
/sbin/iptables-save
/sbin/iptables
/sbin/ip6tables-restore
/usr/sbin
/usr/sbin/nfnl_osf
/usr/sbin/iptables-apply

iputils-ping

1
2
3
sudo apt-get install iputils-ping
/bin/ping6
/bin/ping

bridge-utils

1
2
sudo apt-get install bridge-utils
/sbin/brctl

欢迎关注我的其它发布渠道