导航：首页 > 网络安全 >

Linux常用命令笔记---网络管理

发表于：2024-11-24 作者：千家信息网编辑

千家信息网最后更新 2024年11月24日，[root@szm X11]# cat /etc/sysconfig/network-scripts/ifcfg-eth0DEVICE=eth0 HWADDR=00:0c:29:1e:5e:57 NM

千家信息网最后更新 2024年11月24日Linux常用命令笔记---网络管理

[root@szm X11]# cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0 HWADDR=00:0c:29:1e:5e:57 NM_CONTROLLED=yes ONBOOT=yes BOOTPROTO=dhcp TYPE=Ethernet USERCTL=no PEERDNS=yes IPV6INIT=no

IPADDR NETMASK HWADDR TYPE(指定网络类型)

[root@szm X11]# ifconfig --help

Usage:

ifconfig [-a] [-v] [-s] [[]

]

[add

[/]]

[del

[/]]

[[-]broadcast [

]] [[-]pointopoint [

]]

[netmask

] [dstaddr

] [tunnel

]

[outfill ] [keepalive ]

[hw

] [metric ] [mtu ]

[[-]trailers] [[-]arp] [[-]allmulti]

[multicast] [[-]promisc]

[mem_start ] [io_addr ] [irq ] [media ]

[txqueuelen ]

[[-]dynamic]

[up|down] ...

=Hardware Type.

List of possible hardware types:

loop (Local Loopback) slip (Serial Line IP) cslip (VJ Serial Line IP)

slip6 (6-bit Serial Line IP) cslip6 (VJ 6-bit Serial Line IP) adaptive (Adaptive Serial Line IP)

strip (Metricom Starmode IP) ash (Ash) ether (Ethernet)

tr (16/4 Mbps Token Ring) tr (16/4 Mbps Token Ring (New)) ax25 (AMPR AX.25)

netrom (AMPR NET/ROM) rose (AMPR ROSE) tunnel (IPIP Tunnel)

ppp (Point-to-Point Protocol) hdlc ((Cisco)-HDLC) lapb (LAPB)

arcnet (ARCnet) dlci (Frame Relay DLCI) frad (Frame Relay Access Device)

sit (IPv6-in-IPv4) fddi (Fiber Distributed Data Interface) hippi (HIPPI)

irda (IrLAP) ec (Econet) x25 (generic X.25)

infiniband (InfiniBand)

=Address family. Default: inet

List of possible address families:

unix (UNIX Domain) inet (DARPA Internet) inet6 (IPv6)

ax25 (AMPR AX.25) netrom (AMPR NET/ROM) rose (AMPR ROSE)

ipx (Novell IPX) ddp (Appletalk DDP) ec (Econet)

ash (Ash) x25 (CCITT X.25)

[root@szm X11]#

[root@szm X11]# ifdown eth0

Device state: 3 (disconnected)

[root@szm X11]# ifup eth0

Active connection state: activating

Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/1

state: activated

Connection activated

[root@szm X11]# ip --help

Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }

ip [ -force ] -batch filename

where OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |

tunnel | maddr | mroute | mrule | monitor | xfrm }

OPTIONS := { -V[ersion] | -s[tatistics]（详细） | -d[etails] | -r[esolve] |

-f[amily]（特定协议信息） { inet | inet6 | ipx | dnet | link } |

-o[neline] | -t[imestamp] | -b[atch] [filename] |

-rc[vbuf] [size]}

[root@szm X11]#

[root@szm X11]# ethtool --help -i -driver 查看网卡驱动程序 -s -change 调整网卡的功能，后面接网卡的工作模式 [root@szm X11]# ifconfig -a eth0 Link encap:Ethernet HWaddr 00:0C:29:1E:5E:57 inet addr:192.168.179.136 Bcast:192.168.179.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe1e:5e57/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:9171 errors:0 dropped:0 overruns:0 frame:0 TX packets:5585 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:12058919 (11.5 MiB) TX bytes:381322 (372.3 KiB) Interrupt:18 Base address:0x2024 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:216 errors:0 dropped:0 overruns:0 frame:0 TX packets:216 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:33535 (32.7 KiB) TX bytes:33535 (32.7 KiB) virbr0 Link encap:Ethernet HWaddr 52:54:00:99:86:A0 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:27 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:3785 (3.6 KiB) virbr0-nic Link encap:Ethernet HWaddr 52:54:00:99:86:A0 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) [root@szm ~]# ifconfig eth0:2 192.168.179.222 netmask 255.255.255.0 up [root@szm ~]# ifconfig eth0:2 eth0:2 Link encap:Ethernet HWaddr 00:0C:29:1E:5E:57 inet addr:192.168.179.222 Bcast:192.168.179.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:18 Base address:0x2024 [root@szm ~]# ping 192.168.179.222 -c1 PING 192.168.179.222 (192.168.179.222) 56(84) bytes of data. 64 bytes from 192.168.179.222: icmp_seq=1 ttl=64 time=1.86 ms --- 192.168.179.222 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 2ms rtt min/avg/max/mdev = 1.863/1.863/1.863/0.000 ms [root@szm ~]# ip addr show 1: lo: mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:1e:5e:57 brd ff:ff:ff:ff:ff:ff inet 192.168.179.136/24 brd 192.168.179.255 scope global eth0 inet 192.168.179.222/24 brd 192.168.179.255 scope global secondary eth0:2 inet6 fe80::20c:29ff:fe1e:5e57/64 scope link valid_lft forever preferred_lft forever 3: virbr0: mtu 1500 qdisc noqueue state UNKNOWN link/ether 52:54:00:99:86:a0 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 4: virbr0-nic: mtu 1500 qdisc noop state DOWN qlen 500 link/ether 52:54:00:99:86:a0 brd ff:ff:ff:ff:ff:ff [root@szm ~]# ethtool eth0 Settings for eth0: Supported ports: [ TP ] Supported link modes: 1000baseT/Full Supported pause frame use: No Supports auto-negotiation: No Advertised link modes: Not reported Advertised pause frame use: No Advertised auto-negotiation: No Speed: 1000Mb/s Duplex: Full Port: Twisted Pair PHYAD: 0 Transceiver: internal Auto-negotiation: off MDI-X: Unknown Link detected: yes [root@szm network-scripts]# route --helo route: unrecognized option '--helo' Usage: route [-nNvee] [-FC] [] List kernel routing tables route [-v] [-FC] {add|del|flush} ... Modify routing table for AF. route {-h|--help} [] Detailed usage syntax for specified AF. route {-V|--version} Display version/author and exit. -v, --verbose be verbose -n, --numeric don't resolve names -e, --extend display other/more information -F, --fib display Forwarding Information Base (default) -C, --cache display routing cache instead of FIB =Use '-A ' or '--'; default: inet List of possible address families (which support routing): inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) x25 (CCITT X.25) [root@szm network-scripts]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.179.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 0.0.0.0 192.168.179.2 0.0.0.0 UG 0 0 0 eth0 添加路由： [root@szm network-scripts]# route add -net 192.168.179.0 netmask 255.255.255.0 gw 192.168.179.2 [root@szm network-scripts]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.179.0 192.168.179.2 255.255.255.0 UG 0 0 0 eth0 192.168.179.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 0.0.0.0 192.168.179.2 0.0.0.0 UG 0 0 0 eth0 删除默认网关： [root@szm network-scripts]# route del default [root@szm network-scripts]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.179.0 192.168.179.2 255.255.255.0 UG 0 0 0 eth0 192.168.179.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 添加默认网关： [root@szm network-scripts]# route add default gw 192.168.179.2 [root@szm network-scripts]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.179.0 192.168.179.2 255.255.255.0 UG 0 0 0 eth0 192.168.179.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 0.0.0.0 192.168.179.2 0.0.0.0 UG 0 0 0 eth0 DNS： [root@szm network-scripts]# cat /etc/hosts 127.0.0.1 localhost.localdomain localhost ::1 szm localhost6.localdomain6 localhost6 [root@szm network-scripts]# hostname --help Usage: hostname [-v] {hostname|-F file} set hostname (from file) domainname [-v] {nisdomain|-F file} set NIS domainname (from file) hostname [-v] [-d|-f|-s|-a|-i|-y|-A|-I] display formatted name hostname [-v] display hostname hostname -V|--version|-h|--help print info and exit dnsdomainname=hostname -d, {yp,nis,}domainname=hostname -y -s, --short short host name -a, --alias alias names -i, --ip-address addresses for the hostname -I, --all-ip-addresses all addresses for the host -f, --fqdn, --long long host name (FQDN) -A, --all-fqdns all long host names (FQDNs) -d, --domain DNS domain name -y, --yp, --nis NIS/YP domainname -F, --file read hostname or NIS domainname from given file This command can read or set the hostname or the NIS domainname. You can also read the DNS domain or the FQDN (fully qualified domain name). Unless you are using bind or NIS for host lookups you can change the FQDN (Fully Qualified Domain Name) and the DNS domain name (which is part of the FQDN) in the /etc/hosts file. [root@szm network-scripts]# hostname -f szm [root@szm network-scripts]# hostname -s szm [root@szm network-scripts]# hostname -a localhost6.localdomain6 localhost6 修改主机名： [root@szm network-scripts]# hostname www.szmtest.com（一次修改） [root@szm network-scripts]# hostname www.szmtest.com [root@szm network-scripts]# cat /etc/sysconfig/network（永久生效） HOSTNAME=szm NETWORKING=yes NISDOMAIN=qq DNS解析服务器： [root@szm network-scripts]# cat /etc/resolv.conf # Generated by NetworkManager domain localdomain search localdomain-----------自动使用参数后面提供域名将主机别名补全为FQDN nameserver 192.168.179.2-----最多可以指定三台DNS服务器验证DNS工具：gethostip host dig nslookup [root@szm network-scripts]# gethostip localhost(配置文件/etc/nsswitch.conf) 会去查询：/etc/hosts /etc/resov.conf localhost.localdomain 127.0.0.1 7F000001 [root@szm network-scripts]# host localhost localhost.localdomain has address 127.0.0.1 [root@szm network-scripts]# host 192.168.179.132 132.179.168.192.in-addr.arpa domain name pointer bogon. dig与nslookup命令只会查询/etc/resolv.conf不会查询/etc/hosts [root@szm network-scripts]# nslookup www.baidu.com Server: 192.168.179.2 Address: 192.168.179.2#53 Non-authoritative answer: www.baidu.com canonical name = www.a.shifen.com. Name: www.a.shifen.com Address: 61.135.169.105 Name: www.a.shifen.com Address: 61.135.169.125 网络监控工具：tcpdump netstat wireshark [root@szm network-scripts]# ping --help ping: invalid option -- '-' Usage: ping [-LRUbdfnqrvVaA] [-c count] [-i interval](时间间隔) [-w deadline] [-p pattern] [-s packetsize]（大小） [-t ttl] [-I interface or address] [-M mtu discovery hint] [-S sndbuf] [ -T timestamp option ] [ -Q tos ] [hop1 ...] destination

f：洪水***，以最快的速度发出回应请求，每个请求显示一个"."

[root@szm network-scripts]# tcpdump --help tcpdump version 4.1-PRE-CVS_2012_03_26 libpcap version 1.0.0 Usage: tcpdump [-aAdDefIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ] [ -i interface ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z command ] [ -Z user ] [ expression ]

-e：显示数据链接的包头信息

-n：显示主机的IP地址

-s：查看数据包的第一个Packetlen字节的信息

-v -vv -vvv：详细、非常详细地显示数据包信息

-w：将过滤结果用进进制方式存储在指定的文件内

-r：查看使用-w参数搜索过滤结果

[root@szm network-scripts]# authconfig-tui [root@szm network-scripts]# system-config-authentication

很赞哦！