linux命令--网络相关

目录：

1 -- ping

2 -- tcpdump

1、ping

ping使用的是icmp协议，因此可以通过防火墙去禁止或允许icmp协议的开启间接的允许机器是否可以ping

-c count  #ping发送的次数

-I interface #指定网卡

-i time #时间间隔

-s <data_size> ##设置发送数据包的大小，默认为56字节，再加上8字节的ICMP头，一共是64字节的ICMP包

-t <time> #生存周期，设置TTL的值，默认为128，常见的有32,64,128,255

例子：

[root@ansible01 ~]# ping -c 2 baidu.com

PING baidu.com (220.181.57.216) 56(84) bytes of data.
64 bytes from 220.181.57.216: icmp_seq=1 ttl=128 time=82.3 ms
64 bytes from 220.181.57.216: icmp_seq=2 ttl=128 time=82.4 ms

[root@ansible01 ~]# ping -I eth1 220.181.57.216
PING 220.181.57.216 (220.181.57.216) from 172.16.1.121 eth1: 56(84) bytes of data.
From 172.16.1.121 icmp_seq=1 Destination Host Unreachable
From 172.16.1.121 icmp_seq=2 Destination Host Unreachable

[root@ansible01 ~]# ping -c 20 -t 255 -i 2 baidu.com   ##ping 20次，间隔2s一次，生存期为255
PING baidu.com (123.125.115.110) 56(84) bytes of data.
64 bytes from 123.125.115.110: icmp_seq=1 ttl=128 time=42.2 ms
64 bytes from 123.125.115.110: icmp_seq=2 ttl=128 time=42.4 ms

2、tcpdump 抓包工具：（获取网络数据包）

-n 不进行DNS解析

-c Exit after receiving count packets.接到指定的数据包数目后退出命令

-i 网络接口 指定监听数据包的网络接口

-q 快速输出

-nn 

[root@m01 ~]# tcpdump -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:36:51.418845 IP 10.0.0.61.52113 > 10.0.0.1.51631: Flags [P.], seq 3571880229:3571880425, ack 2030220423, win 279, length 196
13:36:51.419796 IP 10.0.0.61.52113 > 10.0.0.1.51631: Flags [P.], seq 196:376, ack 1, win 279, length 180

[root@m01 ~]# tcpdump -n -i eth0 -c 2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:43:37.179366 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 1511691371:1511691567, ack 3240277309, win 279, length 196
13:43:37.179659 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 196:376, ack 1, win 279, length 180
2 packets captured
2 packets received by filter
0 packets dropped by kernel

[root@m01 ~]# tcpdump -q -c 2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:44:11.051390 IP bogon.52113 > bogon.50881: tcp 196
13:44:11.051641 IP bogon.46653 > google-public-dns-a.google.com.domain: UDP, length 39
2 packets captured
9 packets received by filter
0 packets dropped by kernel

[root@m01 ~]# tcpdump -n host 10.0.0.1 -c 2 #监听所有的10.0.0.1的主机收到和发出的数据包
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:45:05.274934 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 1512022643:1512022839, ack 3240285681, win 279, length 196
13:45:05.276267 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 196:376, ack 1, win 279, length 180
2 packets captured
2 packets received by filter
0 packets dropped by kernel

[root@m01 ~]# tcpdump -n src host 10.0.0.1 -c 2 #监听所有的10.0.0.1的主机发出的数据包
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:46:20.331682 IP 10.0.0.1.50881 > 10.0.0.61.52113: Flags [.], ack 1512026243, win 14960, length 0
13:46:20.384232 IP 10.0.0.1.50881 > 10.0.0.61.52113: Flags [.], ack 149, win 16384, length 0
2 packets captured
2 packets received by filter
0 packets dropped by kernel
[root@m01 ~]# tcpdump -n dst host 10.0.0.1 -c 2 #监听所有的10.0.0.1的主机收到的数据包
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:46:28.977013 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 1512028091:1512028287, ack 3240289633, win 279, length 196
13:46:28.977998 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 196:376, ack 1, win 279, length 180
2 packets captured
2 packets received by filter
0 packets dropped by kernel

[root@m01 ~]# tcpdump -nn port 52113 -c 2 ##监听指定端口的数据包
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:47:50.761692 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 1512138655:1512138851, ack 3240294209, win 279, length 196
13:47:50.763648 IP 10.0.0.61.52113 > 10.0.0.1.50881: Flags [P.], seq 196:376, ack 1, win 279, length 180
2 packets captured
2 packets received by filter
0 packets dropped by kernel

[root@m01 ~]# tcpdump -n icmp ##监听指定协议（想要看下面的监听数据，可以使用其他机器ping本机即可）
常见协议：icmp、arp、tcp、udp、ip

[root@m01 ~]# tcpdump -n arp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:51:34.052840 ARP, Request who-has 10.0.0.61 (00:0c:29:c6:ed:b9) tell 10.0.0.1, length 46
13:51:34.052850 ARP, Reply 10.0.0.61 is-at 00:0c:29:c6:ed:b9, length 28

多个过滤条件混合使用：
[root@m01 ~]# tcpdump -n ip host 10.0.0.5 and ! 10.0.0.1 ##获取主机10.0.0.5与除10.0.0.1之外的所有主机通信的数据包
13:55:23.725868 IP 10.0.0.5.34450 > 192.168.200.3.connlcli: Flags [S], seq 52001552, win 14600, options [mss 1460,sackOK,TS val 304578734 ecr 0,nop,wscale 6], length 0
13:55:23.725875 IP 10.0.0.5.38708 > 192.168.201.100.https: Flags [S], seq 3792685025, win 14600, options [mss 1460,sackOK,TS val 304578735 ecr 0,nop,wscale 6], length 0

[root@m01 ~]# tcpdump -n tcp dst port 80 or src 12.130.132.30 -i eth0

3.、ifconfig (yum -y install net-tools) 临时生效，重启网卡就失效，在windows上是ipconfig

4、ifup和ifdown      对网卡进行启停

5、route 显示或管理路由表

-n 不进行DNS解析
[root@m01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0

-ee 显示详细的路由信息
add 添加路由信息
del 删除路由信息
target 指定目标网络或主机
-net 到一个网络的路由，后面接的是一个网络号地址
-host 到一个主机的路由，后面接的是一个主机地址
gw/GW 为发往目标网络/主机的任何分组指定网关
dev If 指定有哪个网络设备出去，后面接eth0等

删除默认网关：
[root@m01 ~]# route del default
[root@m01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1

[root@m01 ~]# route add default gw 10.0.0.2
[root@m01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0

[root@m01 ~]# route add -net 192.168.56.0/24 gw 10.0.0.61
[root@m01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.56.0 10.0.0.61 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@m01 ~]#

[root@m01 ~]# route add -host 192.168.2.55 dev eth1 ##配置和删除主机路由
[root@m01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.55 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.56.0 10.0.0.61 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@m01 ~]# route add -host 8.8.8.8 dev lo
[root@m01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
8.8.8.8 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.2.55 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.56.0 10.0.0.61 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@m01 ~]# route del -host 8.8.8.8 dev lo
[root@m01 ~]# route -n                ###与netstat -rn  的输出是一样
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.55 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.56.0 10.0.0.61 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0

6、traceroute追踪数据传输路由状况(在不同的网段之间可以用来排查是主机的问题还是网关的问题)
[root@m01 logs]# traceroute -n www.baidu.com
traceroute to www.baidu.com (163.177.151.110), 30 hops max, 60 byte packets
1 10.0.0.2 0.111 ms 0.091 ms 0.089 ms
2 * * *
3 * * *
4 * * *
5 * * *
[root@m01 logs]# traceroute -In www.baidu.com
traceroute to www.baidu.com (163.177.151.110), 30 hops max, 60 byte packets
1 10.0.0.2 0.113 ms 0.092 ms 0.049 ms
2 * * *
3 * * *
4 * * *
5 * * *