[Linux] Network commands

Watch

# Incoming Network connection
watch ss -tp
#-t Turn off the header showing the interval, command
#-p Make watch attempt to run command every interval seconds
# etc: watch the content of a directory change
watch -d ls -l
watch -d 'ls -l | fgrep brian'

Netstat

# Get current stat of the configured network interface
netstat -i
# Displays the kernel routing table. The –n option forces netstat to print the IP addresses. Without this option, netstat attempts to display the host names.
netstat -rn
# TCP connection
netstat -ant
# UDP connection
netstat -anu
# see connections with running program & pid
netstat -tulpn
# display summary statistics of all protocols
netstat -s

ifconfig

# Set IP & netmask
ifconfig eth# <ip>/<cidr>
ex:
ifconfig eth0 104.122.188.120
# Set virtual interface
ifconfig eth0:1 <ip>/<cidr>
# up or down a interface
ifconfig eth0 up
ifconfig eth0 down

To change permanently edit /etc/network/interfaces

auto ens199
# setting static ip in ens199
iface ens199 inet static
address 192.168.1.211
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 192.168.1.1 192.168.1.5
# setting DHCP
auto eth0
iface eth0 inet dhcp
# restart
sudo service networking restart

ss

dump socket stats

# -a : all listening
# -t : display tcp
# -u : display udp
ss -atu

socket commands

# nc : netcat
# The nc (or netcat) utility is used for just about anything under the sun involving TCP, UDP, or UNIX-domain sockets
# create UNIX socket
nc -lkU a.sock
# socat
# socket cat
# will send message to a.sock
echo "hello" | sudo socat a.sock stdio

route

route manipulates the kernel’s IP routing tables.

# show routing table status
route -n
# FLAGS
U : Route is UP
! : Reject route
G : Use gateway
M : Modified from route daemon or redirect
H : Target is Host
# add gateway
route add default gw 192.168.1.1
# add route 192.168.100.0/16
route add -net 192.168.100.0 netmask 255.255.0.0 dev eth0

How routing works:

From top to down if we want to reach www.yahoo.com following the steps below:

nslookup www.yahoo.com
# get server address 23.239.24.5
# In our routing table
# Route to 23.239.24.5 from top to down
# That is, use the gateway 104.200.18.1 to reach our destination ip

ip

# show all devices
ip link show
# show only eth0
ip link show eth0
# show eth0 with RX/TX details
ip -s link show eth0
# change one interface set
ip link set eth0 up
ip link set eth0 down
# edit maximal transition unit
ip link set eth0 mtu 1000

arp

arp is the command to display and manipulate the ARP cache table

The ARP cache table is like:

<IP address> <MAC address>

ARP lifetime typically is 2 mins, and at most 20 mins.

The default timeout timer for is 4 hours for Cisco devices

# display ARP cache content
arp -a
# delete an ARP entry with IP address
arp –d 10.0.1.12
# delete all ARP entries
arp -d
# add a ARP cache entry
arp -s 10.0.1.12 00:02:2D:0D:68:C1

What ARP request looks like?

Private IP Classes

  • Class A:10.0.0.0–10.255.255.255
  • Class B:172.16.0.0–172.31.255.255
  • Class C:192.168.0.0–192.168.255.255

Explain the role of interface lo, the loopback interface.

The loopback interface is a virtual network environment that allows to communicate with itself

IPv4 Assign all IP in the 127.0.0.0/8 address block

IP address block : 127.0.0.1–127.255.255.254

ref

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store