21CTO 导读:
作为一名Linux管理员,或者即使是刚刚开始使用 Linux 的新手,充分了解解决网络问题时有用的命令也是至关重要的。
我们将探讨用于诊断和解决常见网络问题的 10 个基本 Linux 命令。每个命令都将附有实际示例,以说明其用法与有效性。
1. ping
例如:ping www.21cto.com
[root@VM-0-5-centos ~]# ping www.21cto.com``PING www.21cto.com (81.70.105.8) 56(84) bytes of data.``64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=1 ttl=63 time=0.228 ms``64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=2 ttl=63 time=0.285 ms``64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=3 ttl=63 time=0.282 ms``64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=4 ttl=63 time=0.268 ms``64 bytes from 81.70.105.8 (81.70.105.8): icmp_seq=5 ttl=63 time=0.211 ms`` ``--- www.21cto.com ping statistics ---``13 packets transmitted, 13 received, 0% packet loss, time 12018ms``rtt min/avg/max/mdev = 0.200/0.233/0.285/0.027 ms
- 1
ping 命令使用ICMP协议。
ICMP代表互网际网络控制消息协议(Internet Control Message Protocol),ICMP是网络设备用来通信的网络层协议。
ping有助于测试主机的可达性,帮助我们查找源和目标之间的延迟情况。
2.traceroute
例子:traceroute baidu.com
如果显示:
-bash: traceroute: command not found
- 1
表示没有安装此工具,可以使用根据自己当前操作系统环境安装。
Ubuntu类:
# For Debian based distributions like Ubuntu`` ``sudo apt-get install traceroute
- 1
CentOS:
# For RPM based distributions like CentOS`` ``sudo yum install traceroute
- 1
接下来,我们再来尝试:
[root@VM-0-5-centos ~]# traceroute baidu.com``traceroute to baidu.com (39.156.66.10), 30 hops max, 60 byte packets` `1 * * *` `2 11.66.248.84 (11.66.248.84) 0.293 ms * *` `3 * * *` `4 10.200.46.253 (10.200.46.253) 0.631 ms 10.200.46.93 (10.200.46.93) 1.152 ms 10.196.89.113 (10.196.89.113) 0.628 ms` `5 * * *` `6 39.156.0.81 (39.156.0.81) 2.165 ms 2.649 ms 2.702 ms` `7 111.13.188.38 (111.13.188.38) 4.329 ms 111.13.0.174 (111.13.0.174) 4.259 ms 111.13.188.38 (111.13.188.38) 4.488 ms` `8 39.156.27.5 (39.156.27.5) 4.441 ms 4.458 ms 3.997 ms` `9 39.156.67.17 (39.156.67.17) 3.914 ms 39.156.67.1 (39.156.67.1) 14.343 ms 13.673 ms
- 1
Traceroute显示数据包到达目标主机所经过的路由。它显示路径上路由器的 IP 地址,并计算每一跳的往返时间 (RTT)。
Traceroute可以帮助我们识别网络拥塞或者路由问题。
3. netstat
例子:netstat -tulpn
[root@VM-0-5-centos ~]# netstat -tulpn`` ``Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name`` ``tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 870/redis-server 12`` ``tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1188/nginx: master`` ``tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd`` ``tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1188/nginx: master`` ``tcp 0 0 0.0.0.0:7001 0.0.0.0:* LISTEN 2059145/sshd: /usr/`` ``tcp6 0 0 :::3306 :::* LISTEN 819/mysqld`` ``tcp6 0 0 ::1:6379 :::* LISTEN 870/redis-server 12`` ``tcp6 0 0 :::33060 :::* LISTEN 819/mysqld`` ``tcp6 0 0 :::443 :::* LISTEN 1188/nginx: master`` ``tcp6 0 0 :::111 :::* LISTEN 1/systemd`` ``tcp6 0 0 :::80 :::* LISTEN 1188/nginx: master`` ``tcp6 0 0 :::7001 :::* LISTEN 2059145/sshd: /usr/`` ``udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd`` ``udp 0 0 127.0.0.1:323 0.0.0.0:* 666/chronyd`` ``udp6 0 0 :::111 :::* 1/systemd`` ``udp6 0 0 ::1:323 :::* 666/chronyd`` ``
- 1
Netstat 显示网络连接、路由表、接口统计信息、伪装连接和多重广播成员资格。它对于排除网络连接故障、识别开放端口和监控网络性能非常有用。
4.ifconfig/ip
例子:ifconfig 或 ifconfig
[root@VM-0-5-centos ~]# ifconfig eth0`` ``eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500`` ` `inet 172.21.0.5 netmask 255.255.240.0 broadcast 172.21.15.255`` ` `inet6 fe80::5054:ff:feca:cdf8 prefixlen 64 scopeid 0x20<link>`` ` `ether 52:54:00:ca:cd:f8 txqueuelen 1000 (Ethernet)`` ` `RX packets 80835008 bytes 32467819740 (30.2 GiB)`` ` `RX errors 0 dropped 0 overruns 0 frame 0`` ` `TX packets 96298531 bytes 91472563700 (85.1 GiB)`` ` `TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0`` ``
- 1
ifconfig命令ip用于查看和配置网络参数。它们提供有关每个接口的 IP 地址、子网掩码、MAC 地址和网络状态的信息。
5.tcpdump
tcpdump也是一个外部工具,如果显示没有此命令,请使用如下方式安装:
yum install tcpdump
- 1
例子:tcpdump -i eth0 tcp port 80
[root@VM-0-5-centos ~]# tcpdump -i eth0 tcp port 80`` ``dropped privs to tcpdump`` ``tcpdump: verbose output suppressed, use -v[v]... for full protocol decode`` ``listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes`` ``12:03:17.585041 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [S], seq 1262259857, win 32120, options [mss 1460,sackOK,TS val 2931024914 ecr 0,nop,wscale 7], length 0`` ``12:03:17.594474 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [S.], seq 3139790384, ack 1262259858, win 65535, options [mss 1424,nop,nop,sackOK,nop,wscale 9], length 0`` ``12:03:17.594522 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [.], ack 1, win 251, length 0`` ``12:03:17.594599 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [P.], seq 1:182, ack 1, win 251, length 181: HTTP: POST /ca_report.cgi HTTP/1.1`` ``12:03:17.604056 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [.], ack 182, win 131, length 0`` ``12:03:17.604092 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [P.], seq 182:558, ack 1, win 251, length 376: HTTP`` ``12:03:17.613436 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [.], ack 558, win 133, length 0`` ``12:03:17.620508 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [P.], seq 1:217, ack 558, win 133, length 216: HTTP: HTTP/1.1 200 OK`` ``12:03:17.620508 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [F.], seq 217, ack 558, win 133, length 0`` ``12:03:17.620539 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [.], ack 217, win 250, length 0`` ``12:03:17.621059 IP VM-0-5-centos.39012 > 169.254.0.4.http: Flags [F.], seq 558, ack 218, win 250, length 0`` ``12:03:17.630405 IP 169.254.0.4.http > VM-0-5-centos.39012: Flags [.], ack 559, win 133, length 0`` ``12:03:18.291765 IP VM-0-5-centos.39028 > 169.254.0.4.http: Flags [S], seq 2462459289, win 32120, options [mss 1460,sackOK,TS val 2931025621 ecr 0,nop,wscale 7], length 0`` ``12:03:18.301176 IP 169.254.0.4.http > VM-0-5-centos.39028: Flags [S.], seq 333977930, ack 2462459290, win 65535, options [mss 1424,nop,nop,sackOK,nop,wscale 9], length 0`` ``^C`` ``108 packets captured`` ``108 packets received by filter`` ``0 packets dropped by kernel`` ``
- 1
tcpdump是一个实时捕获和显示网络流量的数据包分析器。
tcpdump对于排除网络问题、分析数据包内容和识别异常网络行为非常有价值。用于tcpdump检查特定接口或端口上的数据包。
6. nslookup/dig
示例:nslookup google.com
如果你的系统显示没有找到该命令,请使用如下命令安装:
yum install bind-utils
- 1
接下来我们来运行:
[root@VM-0-5-centos ~]# nslookup google.com`` ``Server: 183.60.83.19`` ``Address: 183.60.83.19#53`` `` `` ``Non-authoritative answer:`` ``Name: google.com`` ``Address: 142.251.43.14
- 1
下一步,我们使用dig:
[root@VM-0-5-centos ~]# dig google.com`` `` `` ``; <<>> DiG 9.16.23-RH <<>> google.com`` ``;; global options: +cmd`` ``;; Got answer:`` ``;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49289`` ``;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0`` `` `` ``;; QUESTION SECTION:`` ``;google.com. IN A`` `` `` ``;; ANSWER SECTION:`` ``google.com. 7 IN A 93.46.8.90`` `` `` ``;; Query time: 5 msec`` ``;; SERVER: 183.60.83.19#53(183.60.83.19)`` ``;; WHEN: Sat May 04 12:10:21 CST 2024`` ``;; MSG SIZE rcvd: 44`` ``
- 1
nslookup和dig都是 DNS 查找工具,用于查询 DNS 服务器进行域名解析。它们提供有关与域名关联的 IP 地址的信息,并帮助诊断与 DNS 相关的问题,例如 DNS 配置不正确或服务器不可用时。
7. iptables/firewalld
示例:iptables -L或firewall-cmd --list-all
[root@VM-0-5-centos ~]# iptables -L`` ``Chain INPUT (policy ACCEPT)`` ``target prot opt source destination`` `` `` ``Chain FORWARD (policy ACCEPT)`` ``target prot opt source destination`` `` `` ``Chain OUTPUT (policy ACCEPT)`` ``target prot opt source destination`` ``
- 1
iptables和firewalld是用于配置数据包过滤和网络地址转换 ( NAT ) 规则的防火墙管理工具。它们控制传入和传出流量并保护系统免受未经授权的访问。使用它们来诊断与防火墙相关的问题并确保正常的流量。
8.ss
例子:ss -tulpn
[root@VM-0-5-centos ~]# ss -tuplpn`` ``Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process`` ``udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=653,fd=5),("systemd",pid=1,fd=118))`` ``udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=666,fd=5))`` ``udp UNCONN 0 0 [::]:111 [::]:* users:(("rpcbind",pid=653,fd=7),("systemd",pid=1,fd=120))`` ``udp UNCONN 0 0 [::1]:323 [::]:* users:(("chronyd",pid=666,fd=6))`` ``tcp LISTEN 0 511 127.0.0.1:6379 0.0.0.0:* users:(("redis-server",pid=870,fd=6))`` ``tcp LISTEN 0 511 0.0.0.0:443 0.0.0.0:* users:(("nginx",pid=1192,fd=9),("nginx",pid=1190,fd=9),("nginx",pid=1188,fd=9))`` ``tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=653,fd=4),("systemd",pid=1,fd=117))`` ``tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1192,fd=7),("nginx",pid=1190,fd=7),("nginx",pid=1188,fd=7))`` ``tcp LISTEN 0 128 0.0.0.0:7001 0.0.0.0:* users:(("sshd",pid=2059145,fd=3))`` ``tcp LISTEN 0 151 *:3306 *:* users:(("mysqld",pid=819,fd=24))`` ``tcp LISTEN 0 511 [::1]:6379 [::]:* users:(("redis-server",pid=870,fd=7))`` ``tcp LISTEN 0 70 *:33060 *:* users:(("mysqld",pid=819,fd=21))`` ``tcp LISTEN 0 511 [::]:443 [::]:* users:(("nginx",pid=1192,fd=8),("nginx",pid=1190,fd=8),("nginx",pid=1188,fd=8))`` ``tcp LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=653,fd=6),("systemd",pid=1,fd=119))`` ``tcp LISTEN 0 511 [::]:80 [::]:* users:(("nginx",pid=1192,fd=10),("nginx",pid=1190,fd=10),("nginx",pid=1188,fd=10))`` ``tcp LISTEN 0 128 [::]:7001 [::]:* users:(("sshd",pid=2059145,fd=4))`` ``
- 1
ss是一个调查Socket的实用程序。它显示有关 TCP、UDP 和 UNIX 域Socket的信息,包括侦听和已建立的连接、连接状态和进程 ID。ss对于解决与套接字相关的问题和监视网络活动非常有用。
9.arp
例子:arp -a
[root@VM-0-5-centos ~]# arp -a`` ``_gateway (172.21.0.1) at fe:ee:0b:ca:e5:69 [ether] on eth0
- 1
arp(地址解析协议)显示和修改内核使用的 IP 到 MAC 地址转换表。它将 IP 地址解析为 MAC 地址,反之亦然。arp有助于解决与网络设备发现和地址解析相关的问题。
10. mtr
例子:mtr
如果没有安装此外部命令,请先安装。如CentOS:
yum install mtr
- 1
接下来运行:
My traceroute [v0.94]`` ``VM-0-5-centos (::1) -> localhost 2024-05-04T12:20:37+0800`` ``Keys: Help Display mode Restart statistics Order of fields quit`` ` `Packets Pings`` ` `Host Loss% Snt Last Avg Best Wrst StDev`` ` `1. VM-0-5-centos 0.0% 14 0.1 0.1 0.1 0.1 0.0
- 1
mtrping(我的跟踪路由)是将ping和traceroute结合到一个诊断工具中。它持续探测主机和目的地之间的网络路径,显示有关数据包丢失、延迟和路由更改的详细统计信息。Mtr非常适合诊断间歇性网络问题和监控一段时间内的网络性能。
掌握这些命令对于解决 Linux 主机上的网络问题非常有用。
## 题外话黑客&网络安全如何学习
今天只要你给我的文章点赞,我私藏的网安学习资料一样免费共享给你们,来看看有哪些东西。
1.学习路线图
攻击和防守要学的东西也不少,具体要学的东西我都写在了上面的路线图,如果你能学完它们,你去就业和接私活完全没有问题。
2.视频教程
网上虽然也有很多的学习资源,但基本上都残缺不全的,这是我自己录的网安视频教程,上面路线图的每一个知识点,我都有配套的视频讲解。
内容涵盖了网络安全法学习、网络安全运营等保测评、渗透测试基础、漏洞详解、计算机基础知识等,都是网络安全入门必知必会的学习内容。
(都打包成一块的了,不能一一展开,总共300多集)
因篇幅有限,仅展示部分资料,需要点击下方链接即可前往获取
标签:0.0,pid,VM,就够,fd,初学者,ms,Linux,LISTEN From: https://blog.csdn.net/logic1001/article/details/139148802