- route
查看或修改路由表
route [-v] [-A family] add [-net|-host] target [netmask Nm] [gw Gw] [metric N] [mss M] [window W] [irtt I] [reject] [mod] [dyn] [reinstate] [[dev] If]
常用参数:
-n //查看时不使用域名解析
add //添加路由条目
del //删除路由条目
-net //添加网段
gw //gateway(网关)
default //设定默认
例如:
[root@kyle ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
2.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.204.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.16.104.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 2.2.2.1 0.0.0.0 UG 0 0 0 eth0
[root@kyle ~]# route add default gw 2.2.2.254 //添加默认网关
[root@kyle ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
2.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.204.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.16.104.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 2.2.2.254 0.0.0.0 UG 0 0 0 eth0
0.0.0.0 2.2.2.1 0.0.0.0 UG 0 0 0 eth0
[root@kyle ~]# route del default gw 2.2.2.254 //删除默认网关
[root@kyle ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
2.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.204.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.16.104.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 2.2.2.1 0.0.0.0 UG 0 0 0 eth0
[root@kyle ~]# route add -net 192.168.2.0/24 eth0 //添加网段
[root@kyle ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
2.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.204.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.16.104.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 2.2.2.1 0.0.0.0 UG 0 0 0 eth0
[root@kyle ~]# route del -net 192.168.2.0/24 eth0 //删除网段
[root@kyle ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
2.2.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.204.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.16.104.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 2.2.2.1 0.0.0.0 UG 0 0 0 eth0
- /proc/net/dev
查看网络状况
[root@kyle ~]# cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 2474304 2458 0 0 0 0 0 0 2474304 2458 0 0 0 0 0 0
eth0:332565751 977628 0 0 0 0 0 0 73458156 967301 0 0 0 0 0 0
sit0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
vmnet1: 0 0 0 0 0 0 0 0 0 46 0 0 0 0 0 0
vmnet8: 0 0 0 0 0 0 0 0 0 46 0 0 0 0 0 0
- netstat
查看网络信息
netstat [address_family_options] [--tcp|-t] [--udp|-u] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-
ports] [--symbolic|-N] [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [delay]
常用选项:
-r //查看路由
-n //不做域名解析
-i //查看接口
-e //查看详细
-a //查看所有端口状态
-t //查看tcp端口的信息
-u //查看utp端口的信息
-l //查看正在监听的端口
-p //查看正在使用此端口的进程
例如:
[root@kyle ~]# netstat -luntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN 2538/hpiod
tcp 0 0 0.0.0.0:609 0.0.0.0:* LISTEN 2123/rpc.statd
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2662/mysqld
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2088/portmap
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2565/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2695/sendmail: acce
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 2543/python
tcp 0 0 :::80 :::* LISTEN 2723/httpd
tcp 0 0 :::22 :::* LISTEN 2556/sshd
udp 0 0 0.0.0.0:48958 0.0.0.0:* 2820/avahi-daemon:
udp 0 0 0.0.0.0:603 0.0.0.0:* 2123/rpc.statd
udp 0 0 0.0.0.0:606 0.0.0.0:* 2123/rpc.statd
udp 0 0 0.0.0.0:5353 0.0.0.0:* 2820/avahi-daemon:
udp 0 0 0.0.0.0:111 0.0.0.0:* 2088/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 2565/cupsd
udp 0 0 :::59753 :::* 2820/avahi-daemon:
udp 0 0 :::5353 :::* 2820/avahi-daemon:
- tcpdump
抓包工具
tcpdump [ -AdDeflLnNOpqRStuUvxX ] [ -c count ]
[ -C file_size ] [ -F file ]
[ -i interface ] [ -m module ] [ -M secret ]
[ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]
[ -W filecount ]
[ -E spi@ipaddr algo:secret,... ]
[ -y datalinktype ] [ -Z user ]
[ expression ]
常用选项:
-A //以ASCII形式显示所有数据包信息
udp //查看udp数据包信息
tcp //查看tcp数据包信息
arp //查看arp数据包信息
icmp //查看icmp数据包信息
port //指定查看端口
-w //将输出保存到文件
-vv //查看详细信息
例如:
tcpdump dst port 80 //查看目标为dst80端口的所有数据包信息
tcpdump dst 2.2.2.50 //查看来自2.2.2.50目标为dst的所有数据包的信息
Be First to Comment