Check the network connection and backdoor of this machine: netstat
What should I do if a certain network service is obviously started, but even if I can't connect? First, you need to check the port that the following network interface is listening to to see if it has really been started, because sometimes the OK displayed on the screen may not really mean OK.
netstat -[rn] # 与路由有关的参数
netstat -[antulpc] # 与网络接口有关的参数
选项:
-r:列出路由表(route table),功能如同 route这个命令
-n:不使用主机名与服务名称,使用IP与port number,如同route -n 与网络接口有关的参数
-a:列出所有的连接状态,包括 tcp/ydp/unix socket 等
-t:仅列出TCP数据包的连接
-u:仅列出UDP数据包的连接
-l:仅列出已在Listen(监听)的服务的网络状态
-p:列出PID与Program的文件名
-c:可以设置几秒钟自动更新一次,例如 -c 5 为每5s更新一次网络状态的显示
Use Cases
List the current routing table status and display it in IP and port number
[root@localhost ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.200.2 0.0.0.0 UG 0 0 0 ens34
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-c7756c2eefb2
172.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-429bf6695726
192.168.200.0 0.0.0.0 255.255.255.0 U 0 0 0 ens34
List all current network connection status, using IP and port number
[root@localhost ~]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 192.168.200.20:22 192.168.200.1:54511 ESTABLISHED
tcp 0 52 192.168.200.20:22 192.168.200.1:54509 ESTABLISHED
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
udp 0 0 127.0.0.1:323 0.0.0.0:*
udp6 0 0 ::1:323 :::*
raw6 0 0 :::58 :::* 7
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 11781 /run/lvm/lvmetad.socket
unix 2 [ ] DGRAM 22796 /var/run/chrony/chronyd.sock
unix 2 [ ACC ] STREAM LISTENING 34068 public/pickup
unix 2 [ ACC ] STREAM LISTENING 34072 public/cleanup
.......
.......
.......
.......
The output of netstat is mainly divided into two parts, namely the TCP/IP network interface part and the traditional Unix socket part.
Here is a detailed explanation of the output:
-
Proto: The protocol used for the connection (such as TCP or UDP). -
Recv-Q: The number of bytes waiting to receive data. -
Send-Q: The number of bytes waiting to send data. -
Local Address: Local IP address and port number. -
Foreign Address: Remote IP address and port number. -
State: Connection status, common statuses are:LISTEN(正在监听),ESTABLISHED(已建立连接)SYN_SENT: Send a connection packet destined for the connection (SYN flag)
SYN_RECV: Received an active connection packet requesting a connection
FIN_WAIT1: The socket service (socket) has been interrupted and the connection is being disconnected.
FIN_WAIT2: The connection has been hung up, but is waiting for the other host to respond to the disconnection confirmation packet
TIME_WAIT: The connection has been hung up, but the socket is still waiting on the network
The function of netstat, even if you check the connection status of the network, and in the network connection status, you can check " 我目前开了多少port在等待客户端的连接" and " 目前的网络连接状态中,有多少连接已建立或产生问题", you can use the following command to check
Display currently started network services
The most important parameter in the above figure is actually -lthe parameter, because only the ports in the Listen state can be listed
View the status of all network connections on this machine
See more commands
man netstat
Text interface downloader: wget
wget is a download tool used in the command line to download various types of files such as text files, image files, compressed files, etc.
wget [option] 网址
常用选项:
-O:指定要将下载的文件保存为的文件名。
-r:递归下载,下载指定目录下的所有文件。
-c:断点续传下载,如果下载中断,下次下载时可以从中断的地方继续下载。
Use Cases
What if I want to download the repo file of Alibaba Cloud's CentOS 7 warehouse and store it in the /etc/yum.repos.d/ directory?
wget -O /etc/yum.repos.d/aliyun.repo http://mirrors.aliyun.com/repo/Centos-7.repo