net
文章目录
命令
ip address show
ifconfig -s
ifconfig -a
netstat -i
ifconfig <iface> up
ifconfig <iface> down
ps aux |grep 8118 |grep -v grep | awk '{print $2}' | xargs kill -9
ip add show up |grep inet |grep -v inet6 |awk '{print $2"\t"$(NF) }'
ip link set <device> up
ip link set <device> down
ip -br link show
ip -br address show
ip -br address show up
ip -4 -brief address show
ip -oneline address show
ip -oneline -4 address show up
ip -s link
ip -s link show up
ip -s link show kube-ipvs0
ip route get 74.125.226.35
ip route show | grep ^default | cut -d ' ' -f 3-5
netstat -rn
route -n
ip a show eth0
ip a list eth0
ip a show dev eth0
ip -4 a
ip -6 a
ip link ls up
ip a add {ip_addr/mask} dev {interface}
ip a add 192.168.1.200/255.255.255.0 dev eth0
ip a add 192.168.1.200/24 dev eth0
ip addr add brd {ADDDRESS-HERE} dev {interface}
ip addr add broadcast {ADDDRESS-HERE} dev {interface}
ip addr add broadcast 172.20.10.255 dev dummy0
ip addr add 192.168.1.50/24 brd + dev eth0 label eth0Home
ip addr add 127.0.0.1/8 dev lo brd + scope host
ip a del {ipv6_addr_OR_ipv4_addr} dev {interface}
ip a del 192.168.1.200/24 dev eth0
ip -s -s a f to 192.168.2.0/24
ip -4 addr flush label "ppp*"
ip -4 addr flush label "eth*"
ip link set dev {DEVICE} {up|down}
ip link set dev eth1 down
ip link set dev eth1 up
ip link set txqueuelen 10000 dev eth0
ip a list eth0
ip link set mtu {NUMBER} dev {DEVICE}
ip link set mtu 9000 dev eth0
ip a list eth0
ip n show
ip neigh show
ip route add {NETWORK/MASK} via {GATEWAYIP}
ip route add {NETWORK/MASK} dev {DEVICE}
ip route add default {NETWORK/MASK} dev {DEVICE}
ip route add default {NETWORK/MASK} via {GATEWAYIP}
nslookup -qt=A tool.chinaz.com 8.8.8.8
dig +short -p 1053 @127.0.0.1 baidu.com
dig +noall +answer AAAA -p 1053 @127.0.0.1 youku.com
dig +short A kubernetes.default.svc.cluster.local
dig +noall +answer A -p 53 @10.254.0.2 kubernetes.default.svc.cluster.local
host -v kubernetes
nc -nvz 192.168.33.26 30001-30020
nc -nvuz 10.254.0.2 53
sudo netstat -tunlp
netstat -rn
route -n
ss -plnt
ss -lp | tr -s ' ' '\t'
ss -o state established '( dport = :ssh or sport = :ssh )'
ss -o state established '( dport = :http or sport = :http )'
ss -4 state closing
ss -n src 192.168.33.27
ss dst 192.168.1.5:443
ss -t -a
ss -s
ss -lp
ss -wa
ss -wa
ss -ta
ss -ua
sudo iptables -L -n -t filter |grep policy
sudo iptables -L -n -t nat |grep policy
cat /proc/net/tcp
cat /proc/net/tcp6
cat /proc/net/udp
cat /proc/sys/net/ipv4/ip_local_port_range
cat /proc/[PID]]/cgroup
ls -al /proc/[PID]/fd
cat /proc/net/tcp |tail -n +2 | cut -c 16-19 |sort|uniq
cat /proc/net/tcp |tail -n +2 | cut -c 16-19 |sort|uniq |awk '{print "0x"$1}' | xargs printf "%d\n"
### awk
cat /proc/net/tcp |tail -n +2 | awk '{print $2}' | awk -F ':' '{print $2}' |sort|uniq
cat /proc/net/tcp |tail -n +2 | awk '{print $2}' | awk -F ':' '{print "0x"$2}' |sort|uniq| xargs printf "%d\n"
## grep
## yum install gawk
grep -v "local_address" /proc/net/tcp* | awk '{print $3}' | awk -F ':' '{print "0x"$2}'
grep -v "local_address" /proc/net/tcp* | awk '{print $3}' | awk -F ':' '{printf ("%d\n" , strtonum("0x"$2))}' |sort |uniq
awk '!/local_address/' /proc/net/tcp* | awk '{print $2}' | awk -F ':' '{printf ("%d\n" , strtonum("0x"$2))}'
lsof -i -P -n | grep LISTEN
lsof -Pnl +M -i4
lsof -Pnl +M -i4 | grep 8080
lsof -Pnl +M -i6
lsof -i:port
# 检测到打开套接字的状况
sar -n SOCK
# 查看tcp创建的连接数
tcpdump -iany tcp port 9000
tcpdump -i eth0 -nnX port 21
# 对tcp端口为9000的进行抓包
socat TCP4-LISTEN:28222,reuseaddr,fork TCP4:192.168.9.1:22 &
curl -k -H "host:baidu.com"
wget --no-check-certificate
端口16进制
0050=80
1F90=8080
0016=22
2382=9090
1FB6=8118
0CEA=3306
1538=5432
其他
#!/bin/bash
#Written by Gemmy.Rao
#Email to: <a href="mailto:chenlin.rao@bj.china.com">chenlin.rao@bj.china.com</a>
#Version 0.2
#CHANGES
#Add -p option for checking other service's port
#Init
PORT=80
WARNING=5000
CRITICAL=20000
#get options
while getopts "w:c:p:hs" OPT;do
case $OPT in
w)
WARNING=${OPTARG}
;;
c)
CRITICAL=${OPTARG}
;;
p)
PORT=${OPTARG}
#转换各端口的十进制成十六进制
PORT_16=`echo ${PORT}|awk -F, '{for(i=1;i<=NF;i++)printf "|%.4X",$i}'|sed 's/|//'`
;;
h)
echo "Usage: $0 -w 500 -c 2000 -p 80,8081 -s"
exit 0
;;
s)
SILENT=1
;;
*)
echo "Usage: $0 -w 500 -c 2000 -p 80,8081"
exit 0
;;
esac
done
#经过time测试,取值速度netstat > awk '//{a++}END{print a}' > cat|grep|wc > cat|awk|wc,在2w连接下,netstat要20s,最快的方式不到5s(一般nagios到10s就该直接报timeout了)
PORT_CONN=`cat /proc/net/tcp*|awk '$2~/:('$PORT_16')$/'|wc -l`
if [[ "$SILENT" == 1 ]];then
[[ -d /usr/local/nagios ]] || mkdir -p /usr/local/nagios
echo "Silent log write OK | Port ${PORT}=${PORT_CONN};${WARNING};${CRITICAL};0;0"
echo -en "`date`t$PORT_CONNn" >> /usr/local/nagios/conn.log
exit 0
elif [[ "$PORT_CONN" -lt "$WARNING" ]];then
echo "Port $PORT connection OK for $PORT_CONN. | Port ${PORT}=${PORT_CONN};${WARNING};${CRITICAL};0;0"
exit 0
elif [[ "$PORT_CONN" -gt "$CRITICAL" ]];then
echo "Port $PORT connection critical for $PORT_CONN!! | Port ${PORT}=${PORT_CONN};${WARNING};${CRITICAL};0;0"
exit 2
else
echo "Port $PORT connection warning for $PORT_CONN! | Port ${PORT}=${PORT_CONN};${WARNING};${CRITICAL};0;0"
exit 1
fi
# Gawk version
# Remote
grep -v "rem_address" /proc/net/tcp | awk '{x=strtonum("0x"substr($3,index($3,":")-2,2)); for (i=5; i>0; i-=2) x = x"."strtonum("0x"substr($3,i,2))}{print x":"strtonum("0x"substr($3,index($3,":")+1,4))}'
# Local
grep -v "rem_address" /proc/net/tcp | awk '{x=strtonum("0x"substr($2,index($2,":")-2,2)); for (i=5; i>0; i-=2) x = x"."strtonum("0x"substr($2,i,2))}{print x":"strtonum("0x"substr($2,index($2,":")+1,4))}'
# No Gawk
# Local
grep -v "rem_address" /proc/net/tcp | awk 'function hextodec(str,ret,n,i,k,c){
ret = 0
n = length(str)
for (i = 1; i <= n; i++) {
c = tolower(substr(str, i, 1))
k = index("123456789abcdef", c)
ret = ret * 16 + k
}
return ret
} {x=hextodec(substr($2,index($2,":")-2,2)); for (i=5; i>0; i-=2) x = x"."hextodec(substr($2,i,2))}{print x":"hextodec(substr($2,index($2,":")+1,4))}'
# Remote
grep -v "rem_address" /proc/net/tcp | awk 'function hextodec(str,ret,n,i,k,c){
ret = 0
n = length(str)
for (i = 1; i <= n; i++) {
c = tolower(substr(str, i, 1))
k = index("123456789abcdef", c)
ret = ret * 16 + k
}
return ret
} {x=hextodec(substr($3,index($3,":")-2,2)); for (i=5; i>0; i-=2) x = x"."hextodec(substr($3,i,2))}{print x":"hextodec(substr($3,index($3,":")+1,4))}'
# All in one
awk 'function hextodec(str,ret,n,i,k,c){
ret = 0
n = length(str)
for (i = 1; i <= n; i++) {
c = tolower(substr(str, i, 1))
k = index("123456789abcdef", c)
ret = ret * 16 + k
}
return ret
}
function getIP(str,ret){
ret=hextodec(substr(str,index(str,":")-2,2));
for (i=5; i>0; i-=2) {
ret = ret"."hextodec(substr(str,i,2))
}
ret = ret":"hextodec(substr(str,index(str,":")+1,4))
return ret
}
NR > 1 {{if(NR==2)print "Local - Remote";local=getIP($2);remote=getIP($3)}{print local" - "remote}}' /proc/net/tcp
子网
# 172.168.20.0/24 主机个数
#【2^(32-24)】-2=254个
# 172.168.20.0/16 主机个数
#【2^(32-16)】-2=65534个
# 191.172.16.10.33/27 中的/27也就是说子网掩码是255.255.255.224 即27个全1
# 子网掩码255.255.255.0,当然十进制是为了方便人的理解,转换成机器能识别的二进制后,每个数段由8个0或1组成,一个完整的IP地址或子网掩码就转换成32个0或1组成的序列
# 可用主机数=【2^ (32-) 】
# 11100000 =
# 1*2 7= 128
# 1*2 6= 64
# 1*2 5= 32
# 1*2 4= 16
# 1*2 3= 8
# 1*2 2= 4
# 1*2 1= 2
# 1*2 0 =1
###
# 0000 0000 = 0 // 24 【2^(32-24)】-2=254
# 1000 0000 = 128 // 25 【2^(32-25)】-2=126
# 1100 0000 = 192 // 26 【2^(32-26)】-2=62
# 1110 0000 = 224 // 27 【2^(32-27)】-2=30
# 1111 0000 = 240 // 28 【2^(32-28)】-2=14
# 1111 1000 = 248 // 29 【2^(32-29)】-2=6
# 1111 1100 = 252 // 30 【2^(32-30)】-2=2
# 1111 1110 = 254 // 31 【2^(32-31)】-2=0
# 1111 1111 = 255 // 32 【2^(32-32)】-2=
参考
上次更新 2019-02-22
原始文档 查看本文 Markdown 版本 »