关于路由表

  • route 查看或修改路由表

    route [-v] [-A family] add [-net|-host] target [netmask Nm] [gw Gw] [metric N] [mss M] [window W] [irtt I] [reject] [mod] [dyn] [reinstate] [[dev] If]

常用参数:

-n                                 //查看时不使用域名解析
add                                //添加路由条目
del                                //删除路由条目
-net                               //添加网段
gw                                 //gateway(网关)
default                            //设定默认

例如:

[root@kyle ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
2.2.2.0         0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.204.0   0.0.0.0         255.255.255.0   U     0      0        0 vmnet8
172.16.104.0    0.0.0.0         255.255.255.0   U     0      0        0 vmnet1
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         2.2.2.1         0.0.0.0         UG    0      0        0 eth0
[root@kyle ~]# route add default gw 2.2.2.254                          //添加默认网关
[root@kyle ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
2.2.2.0         0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.204.0   0.0.0.0         255.255.255.0   U     0      0        0 vmnet8
172.16.104.0    0.0.0.0         255.255.255.0   U     0      0        0 vmnet1
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         2.2.2.254       0.0.0.0         UG    0      0        0 eth0
0.0.0.0         2.2.2.1         0.0.0.0         UG    0      0        0 eth0
[root@kyle ~]# route del default gw 2.2.2.254                          //删除默认网关
[root@kyle ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
2.2.2.0         0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.204.0   0.0.0.0         255.255.255.0   U     0      0        0 vmnet8
172.16.104.0    0.0.0.0         255.255.255.0   U     0      0        0 vmnet1
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         2.2.2.1         0.0.0.0         UG    0      0        0 eth0
[root@kyle ~]# route add -net 192.168.2.0/24 eth0                          //添加网段
[root@kyle ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
2.2.2.0         0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.204.0   0.0.0.0         255.255.255.0   U     0      0        0 vmnet8
172.16.104.0    0.0.0.0         255.255.255.0   U     0      0        0 vmnet1
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         2.2.2.1         0.0.0.0         UG    0      0        0 eth0
[root@kyle ~]# route del -net 192.168.2.0/24 eth0                          //删除网段
[root@kyle ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
2.2.2.0         0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.204.0   0.0.0.0         255.255.255.0   U     0      0        0 vmnet8
172.16.104.0    0.0.0.0         255.255.255.0   U     0      0        0 vmnet1
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         2.2.2.1         0.0.0.0         UG    0      0        0 eth0
  • /proc/net/dev 查看网络状况

    [root@kyle ~]# cat /proc/net/dev
    Inter-| Receive | Transmit
    face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed

    lo: 2474304    2458    0    0    0     0          0         0  2474304    2458    0    0    0     0       0          0

    eth0:332565751 977628 0 0 0 0 0 0 73458156 967301 0 0 0 0 0 0
    sit0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
    vmnet1: 0 0 0 0 0 0 0 0 0 46 0 0 0 0 0 0
    vmnet8: 0 0 0 0 0 0 0 0 0 46 0 0 0 0 0 0

  • netstat 查看网络信息

    netstat [address_family_options] [–tcp|-t] [–udp|-u] [–raw|-w] [–listening|-l] [–all|-a] [–numeric|-n] [–numeric-hosts][–numeric-ports][–numeric-

    ports] [--symbolic|-N] [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [delay]

常用选项:

-r                                        //查看路由
-n                                        //不做域名解析
-i                                        //查看接口
-e                                        //查看详细
-a                                        //查看所有端口状态
-t                                        //查看tcp端口的信息
-u                                        //查看utp端口的信息
-l                                        //查看正在监听的端口
-p                                        //查看正在使用此端口的进程

例如:

[root@kyle ~]# netstat -luntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 127.0.0.1:2208              0.0.0.0:*                   LISTEN      2538/hpiod         
tcp        0      0 0.0.0.0:609                 0.0.0.0:*                   LISTEN      2123/rpc.statd      
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      2662/mysqld         
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      2088/portmap        
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      2565/cupsd         
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2695/sendmail: acce
tcp        0      0 127.0.0.1:2207              0.0.0.0:*                   LISTEN      2543/python         
tcp        0      0 :::80                       :::*                        LISTEN      2723/httpd         
tcp        0      0 :::22                       :::*                        LISTEN      2556/sshd           
udp        0      0 0.0.0.0:48958               0.0.0.0:*                               2820/avahi-daemon:  
udp        0      0 0.0.0.0:603                 0.0.0.0:*                               2123/rpc.statd      
udp        0      0 0.0.0.0:606                 0.0.0.0:*                               2123/rpc.statd      
udp        0      0 0.0.0.0:5353                0.0.0.0:*                               2820/avahi-daemon:  
udp        0      0 0.0.0.0:111                 0.0.0.0:*                               2088/portmap        
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               2565/cupsd         
udp        0      0 :::59753                    :::*                                    2820/avahi-daemon:  
udp        0      0 :::5353                     :::*                                    2820/avahi-daemon:
  • tcpdump 抓包工具

    tcpdump [ -AdDeflLnNOpqRStuUvxX ] [ -c count ]

    [ -C file_size ] [ -F file ]
    [ -i interface ] [ -m module ] [ -M secret ]
    [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]
    [ -W filecount ]
    [ -E spi@ipaddr algo:secret,...  ]
    [ -y datalinktype ] [ -Z user ]
    [ expression ]

常用选项:

-A                           //以ASCII形式显示所有数据包信息
udp                          //查看udp数据包信息
tcp                          //查看tcp数据包信息
arp                          //查看arp数据包信息
icmp                         //查看icmp数据包信息
port                         //指定查看端口
-w                           //将输出保存到文件
-vv                          //查看详细信息

例如:

tcpdump dst port 80                  //查看目标为dst80端口的所有数据包信息
tcpdump dst 2.2.2.50                 //查看来自2.2.2.50目标为dst的所有数据包的信息