Chinaunix首页 | 论坛 | 博客
  • 博客访问: 2441866
  • 博文数量: 328
  • 博客积分: 4302
  • 博客等级: 上校
  • 技术积分: 5486
  • 用 户 组: 普通用户
  • 注册时间: 2010-07-01 11:14
个人简介

悲剧,绝对的悲剧,悲剧中的悲剧。

文章分类

全部博文(328)

文章存档

2017年(6)

2016年(18)

2015年(28)

2014年(73)

2013年(62)

2012年(58)

2011年(55)

2010年(28)

分类:

2010-10-03 21:34:16


/etc/hosts 存储主机名和IP地址的映射
/etc/networks 存储子网名和子网IP网段地址的映射
ifconfig 配置以太网接口
/sbin/route [-n] 路由显示
netstat
监控网络




whois
查询DNS系统
nslookup
查询DNS
telnet
远程登录工具
ftp
get/mget       取得文件/多个文件
put/mput       发送文件/多个文件
lcd               改变本地目录
! command      在本地执行命令
n



ifconfig 配置网卡

配置网卡的IP地址

ifconfig eth0 192.168.0.1 netmask 255.255.255.0

在eth0上配置上192.168.0.1 的IP地址及24位掩码。若想再在eth0上在配置一个192.168.1.1/24 的IP地址怎么办?用下面的命令

ifconfig eth0:0 192.168.1.1 netmask 255.255.255.0

这时再用ifconifg命令查看,就可以看到两个网卡的信息了,分别为:eth0和eth0:0。若还想再增加IP,那网卡的命名就接着是:eth0:1、eth0:2...想要几个就填几个。ok!

配置网卡的硬件地址

ifconfig eth0 hw ether xx:xx:xx:xx:xx:xx

就将网卡的硬件地址更改了,此时你就可以骗过局域网内的IP地址邦定了。

将网卡禁用

ifconfig eth0 down

将网卡启用

ifconfig eth0 up

 

  Ifconfig 三大指令与CISCO指令的对应
 Ifconfig -a
相当于show ip int brief
 Ifconfig int up/down  相当于no shutdown
Ifconfig int address netmask …
ifconfig lo 127.0.0.1 
 相当于ip address …


    ifconfig 配地址,注意掩码要有关键字netmask
[root@nm socket]# /sbin/ifconfig eth0:3 192.168.32.8 netmask 255.255.255.0
[root@nm socket]# /sbin/ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:0C:29:35:74:A1  
          inet addr:10.4.3.117  Bcast:10.4.255.255  Mask:255.255.0.0


   一个ifconfig … up的实际应用例子
 netstat -nr    看不见接口qfe1的路由,推测可能是接口没打开
 ifconfig -a  确实没看到接口
 ifconfig -qfe1 up    (相当于 no shutdown)
 netstat -nr    可以看见接口qfe1的路由


    ifconfig le0 up/down和ifconfig le0 plumb/unplumb的区别
$ifconfig le0 up/down          配置网络接口状态 
$ifconfig le0 plumb/unplumb    配置网卡起用/停用


    为某个接口配多个IP地址---用虚拟接口的方式(实际相当于路由器的secondary地址)
ifconfig eth0 210.34.6.89 netmask 255.255.255.128 broadcast 210.34.6.127
ifconfig eth0:0 210.34.6.88 netmask 255.255.255.128 broadcast 210.34.6.127

 
   接口不论UP,DOWN,在本地都能PING通
  • 不管是直接就没起来(ONBOOT=NO
  • 还是没接网线
  • 还是接口ifconfig eth0 down
上面三种情况都能PING通eth0 的地址


   接口不论UP,DOWN,ifconfig 都看不出区别来
PC有两块网卡(eth0,eth1)
把eth0 进行ifconfig eth0 down
竟然还能从外边PING通eth0(10.4.3.135)
其实外边是从eth1 ping进来的。eth0甚至没连网线。
真要把接口DOWN掉,还是建议用ONBOOT=NO,然后/etc/init.d/network restart

 

   netstat 无参数,看当前的TCP连接
[root@ntracker proc]# netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address 

              Foreign Address             State      
tcp            0 ntracker:13301              ntracker:32839              ESTABLISHED
tcp          134 10.4.3.120:telnet           10.4.3.119:1653             ESTABLISHED
tcp            0 ::ffff:192.168.10.1:ssh     ::ffff:192.168.10.119:1580  ESTABLISHED
tcp            0 ntracker:32839              ntracker:13301              ESTABLISHED
tcp            0 ntracker:32854              ntracker:smtp               TIME_WAIT


   netstat –i 看接口状态   可以看对应接口的inbytes,outbytes
[root@ntracker proc]# netstat -i
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500     1412                 681              0 BMU
eth1       1500     13786                6001              0 BMRU
lo        16436   291861               291861              0 LRU



    netstat -s        看当前几种包的summary ,包括ip,tcp,udp,icmp
[root@ntracker proc]# netstat -s
Ip:
    305961 total packets received
    0 forwarded
    0 incoming packets discarded
    305496 incoming packets delivered
    298521 requests sent out
    31 dropped because of missing route
Icmp:
    136 ICMP messages received
    60 input ICMP message failed.
    ICMP input histogram:
        destination unreachable: 53
        redirects: 3
        echo requests: 13
        echo replies: 7
Tcp:
    49 active connections openings
    48 passive connection openings
    0 failed connection attempts
    14 connection resets received
    4 connections established
    301505 segments received
    298472 segments send out
    6 segments retransmited
    0 bad segments received.
    20 resets sent
Udp:
    2 packets received
    53 packets to unknown port received.
    0 packet receive errors
    55 packets sent



    netstat –s的子命令-su
[root@nm mac]# netstat -su
Udp:
    278683 packets received
    67 packets to unknown port received.
    0 packet receive errors
    3603 packets sent
netstat –s只有-su的子命令,没有-st,-si


    netstat –n         :显示数字,不显示host名或port协议名或其他名称
[root@ntracker proc]# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.10.0                 255.255.255.0          0 0          0 eth0
10.4.0.0                     255.255.0.0            0 0          0 eth1
169.254.0.0                  255.255.0.0            0 0          0 eth1
default         10.4.1.198      0.0.0.0         UG        0 0          0 eth1
[root@ntracker proc]# netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.10.0    0.0.0.0         255.255.255.0          0 0          0 eth0
10.4.0.0        0.0.0.0         255.255.0.0            0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0            0 0          0 eth1
0.0.0.0         10.4.1.198      0.0.0.0         UG        0 0          0 eth1

[root@ntracker proc]# netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp            0 ntracker:13301              ntracker:32839              ESTABLISHED
tcp          134 10.4.3.120:telnet           10.4.3.119:1653             ESTABLISHED
tcp            0 ::ffff:192.168.10.1:ssh     ::ffff:192.168.10.119:1580  ESTABLISHED
tcp            0 ntracker:32839              ntracker:13301              ESTABLISHED
tcp            0 ntracker:32854              ntracker:smtp               TIME_WAIT  
[root@ntracker proc]# netstat -n
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp            0 127.0.0.1:13301             127.0.0.1:32839             ESTABLISHED
tcp          134 10.4.3.120:23               10.4.3.119:1653             ESTABLISHED
tcp            0 ::ffff:192.168.10.1:22      ::ffff:192.168.10.119:1580  ESTABLISHED
tcp            0 ::ffff:127.0.0.1:32839      ::ffff:127.0.0.1:13301      ESTABLISHED
tcp            0 ::ffff:127.0.0.1:32854      ::ffff:127.0.0.1:25         TIME_WAIT   
 



    -a 显示所有 listening and non-listening sockets
    -a, --all
       Show both listening and non-listening sockets
[root@ntracker proc]# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State     
tcp            0 *:13301                     *:*                         LISTEN     
tcp            0 *:telnet                    *:*                         LISTEN     
tcp            0 ntracker:smtp               *:*                         LISTEN     
tcp            0 ntracker:13301              ntracker:32839              ESTABLISHED
tcp          146 10.4.3.120:telnet           10.4.3.119:1653             ESTABLISHED
tcp            0 *:32833                     *:*                         LISTEN     
tcp            0 *:32834                     *:*                         LISTEN     
tcp            0 *:32835                     *:*                         LISTEN     
tcp            0 *:9000                      *:*                         LISTEN     
tcp            0 *:ssh                       *:*                         LISTEN     
tcp            0 ::ffff:192.168.10.1:ssh     ::ffff:192.168.10.119:1580  ESTABLISHED
tcp            0 ntracker:32839              ntracker:13301              ESTABLISHED
udp            0 *:32770                     *:*                                    
udp            0 *:9996                      *:*                                    
udp            0 *:9997                      *:*                                    
udp            0 *:9998                      *:*                                    
 
[root@ntracker proc]# netstat -an        
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State     
tcp            0 0.0.0.0:13301               0.0.0.0:*                   LISTEN     
tcp            0 0.0.0.0:23                  0.0.0.0:*                   LISTEN     
tcp            0 127.0.0.1:25                0.0.0.0:*                   LISTEN     
tcp            0 127.0.0.1:13301             127.0.0.1:32839             ESTABLISHED
tcp          146 10.4.3.120:23               10.4.3.119:1653             ESTABLISHED
tcp            0 :::32835                    :::*                        LISTEN     
tcp            0 :::9000                     :::*                        LISTEN     
tcp            0 :::22                       :::*                        LISTEN     
tcp            0 ::ffff:192.168.10.1:22      ::ffff:192.168.10.119:1580  ESTABLISHED
tcp            0 ::ffff:127.0.0.1:32839      ::ffff:127.0.0.1:13301      ESTABLISHED
udp            0 :::32770                    :::*                                   
udp            0 :::9996                     :::*                                   
udp            0 :::9997                     :::*                                   
udp            0 :::9998                     :::*    


  常用netstat -an 看listen端口打开没有
  netstat -an也能看当前建立的TCP连接(establisthed)
 
   
    netstat –nl看当前listen的
[root@FW ~]# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State     
tcp            0 0.0.0.0:23                  0.0.0.0:*                   LISTEN     
tcp            0 :::22                       :::*                        LISTEN     
udp            0 0.0.0.0:1194                0.0.0.0:*                              
udp            0 0.0.0.0:1195                0.0.0.0:*                              
udp            0 8.8.8.1:123                 0.0.0.0:*                              
udp            0 7.7.7.1:123                 0.0.0.0:*                              
udp            0 124.126.86.138:123          0.0.0.0:*                              
udp            0 124.126.86.137:123          0.0.0.0:*                              
udp            0 10.4.0.198:123              0.0.0.0:*                              
udp            0 127.0.0.1:123               0.0.0.0:*                              
udp            0 0.0.0.0:123                 0.0.0.0:*                              
udp            0 :::123                      :::*    

                                   

    netstat -nl 和netstat -nlp的区别:多了program name
[root@FW ~]# netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name  
tcp   

        0 0.0.0.0:23                  0.0.0.0:*                   LISTEN      2490/xinetd        
tcp            0 :::22                       :::*       LISTEN      2480/sshd          
udp            0 0.0.0.0:1194                0.0.0.0:*          2681/openvpn       
udp            0 0.0.0.0:1195                0.0.0.0:*          2686/openvpn       
udp            0 8.8.8.1:123                 0.0.0.0:*          11358/ntpd         


    
   netstat -c 连续刷新
[root@ntracker proc]# netstat -i -c
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500      1412                  681              0 BMU
eth1       1500     14526                 6240              0 BMRU
lo        16436    292035               292035              0 LRU
eth0       1500      1412                  681              0 BMU
eth1       1500     14534                 6245              0 BMRU
lo        16436    292035               292035              0 LRU
eth0       1500      1412                  681              0 BMU
eth1       1500     14534                 6245              0 BMRU
lo        16436    292035               292035              0 LRU
eth0       1500      1412                  681              0 BMU
eth1       1500     14542                 6249              0 BMRU
lo        16436    292035               292035              0 LRU
eth0       1500      1412                  681              0 BMU
eth1       1500     14542                 6249              0 BMRU
lo        16436    292035               292035              0 LRU


    netstat 最简单的连续刷新指令,加一个秒参数即可,不用加c
[root@mail guan]# netstat -i 2
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500    916580               586437              0 BMRU
lo        16436       117                  117              0 LRU
eth0       1500    918264               587516              0 BMRU
lo        16436       117                  117              0 LRU
eth0       1500    920002               588700              0 BMRU
lo        16436       117                  117              0 LRU
eth0       1500    921727               589885              0 BMRU
lo        16436       117                  117              0 LRU
eth0       1500    923361               590942              0 BMRU
lo        16436       117                  117              0 LRU
 
[root@nm mac]# netstat -su 1
Udp:
    278683 packets received
    67 packets to unknown port received.
    0 packet receive errors
    3603 packets sent
Udp:
    278766 packets received
    67 packets to unknown port received.
    0 packet receive errors
    3686 packets sent
Udp:
    278850 packets received
    67 packets to unknown port received.
    0 packet receive errors
    3770 packets sent



   arp 看ip和MAC对应情况
[macg@machome]:/export/home/macg>$/usr/sbin/arp -a
Net to Media Table: IPv4
Device   IP Address               Mask      Flags   Phys Addr
------ -------------------- --------------- ----- ---------------
iprb0  192.168.1.11         255.255.255.255       00:40:ca:c9:a4:76
iprb0  machome              255.255.255.255 SP    00:90:27:10:d7:50
iprb0  224.0.0.0            240.0.0.0       SM    01:00:5e:00:00:00

route add ,注意关键字-net和 netmask
[root@osms guan]# /sbin/route add -net 192.168.1.0 netmask 255.255.255.0 gw 10.4.1.105

 
   route add 的dev关键字和gw关键字
  •     接口级别的要用dev关键字
route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0
  •     下一跳级别的要用gw关键字
route add -net 192.56.76.0 netmask 255.255.255.0 gw 192.56.76.123


   route del –net  删除路由

   route add -net 10.1.1.0 netmask 255.255.255.0 reject  拒绝路由(起过滤的作用)


   solaris 下的route add -net
加静态路由
route add -net ... -netmask ... ...
route add -net 182.1.1.0 -netmask 255.255.255.0 10.1.0.10
            注意,无gw参数
加缺省网关
route add -net default ...
route add -net default 134.2.250.254 1
(1的意思是1跳)

 
   route add只是临时指令,怎么变成稳固指令?
  •    用gated.conf ,但gated是一个专门的软件,不一定安装了.
  •    用开机启动script:
在etc/rc3.d/中生成一个开机自起script
加入一行route add …
more /etc/rc3.d/S99ROUTE

route add -net 182.1.1.0 -netmask 255.255.255.0 10.1.0.10
当然也可以加到rc.local中


   通过看log(/var/log/message)有可能看到网口的link up/down
#tail -f /var/log/messages
Oct 22 07:31:06 FW kernel: eth1: link down
Oct 22 07:31:11 FW kernel: eth1: link up, 100Mbps, full-duplex, lpa 0x45E1
Oct 22 07:47:53 FW kernel: eth1: link down
Oct 22 07:47:58 FW kernel: eth1: link up, 100Mbps, full-duplex, lpa 0x45E1
Oct 22 07:49:27 FW kernel: eth1: link down
Oct 22 07:49:29 FW kernel: eth1: link up, 100Mbps, full-duplex, lpa 0x45E1
Oct 22 11:15:59 FW sshd(pam_unix)[3306]: session opened for user root by root(uid=0)




阅读(3162) | 评论(0) | 转发(0) |
0

上一篇:Vi 操作

下一篇:SSL 原理

给主人留下些什么吧!~~