关键词
ifcfg命令家族: ifconfig; route; netstat; ifup/ifdown; hostname/hostnamectl; host/nslookup/dig;
1、ifconfig 命令:用于接口及地址的查看、管理;
ifconfig [-v] [-a] [-s] [interface]
ifconfig [-v] interface [aftype] options | address …
查看网络接口信息:
~]# ifconfig 仅显示’up’状态的网络接口信息;
~]# ifconfig -a 显示所有网络接口的的信息,包括未激活’inactive’状态的接口;
配置网络接口:
~]# ifconfig IFACE IP/MASK [up] 激活网络接口;
~]# ifconfig IFACE IP netmask NETMASK 配置网络接口的IP、掩码;
备注:通过此命令配置的信息会写入内核,配置立即生效;
2、route命令:用于路由查看及管理;
备注1,’route’命令之后会逐渐被新命令’ip route’代替;
备注2,路由条目的类型:
>> 主机路由:目标地址为单个IP;
>> 网络路由:目标主机为IP网络地址;
>> 默认路由:目标为任意主机,0.0.0.0/0.0.0.0;
~]# route -n 以数据格式显示路由条目,不带’-n’选项,则反解析为主机名,一般建议带上此选项;
添加路由条目:
———————-
完整的语法格式:
route [-v] [-A family |-4|-6] add [-net|-host] target [netmask Nm] [gw Gw] [metric N] [mss M] [window W] [irtt I] [reject] [mod] [dyn] [reinstate] [[dev] If]
常用的简写格式:route add [-net|-host] target [netmask Nm] [gw Gw] [[dev] If]
备注,’target’指的是目标网络的IP网段;’dev If’表示指定网络接口,’dev’是固定选项,’If’表示具体的网络接口名称;
~]# route add -net 10.0.0.0/8 gw 192.168.206.2 dev ens33
~]# route add -net 20.0.0.0 netmask 255.0.0.0 gw 192.168.206.2 dev ens33 添加路由条目,2条信息表达意义相同;
~]# route add -net 0.0.0.0/0.0.0.0 gw 192.168.206.2 dev ens33
~]# route add default gw 192.168.206.2 添加默认路由;
删除路由条目:
————————–
完整的语法格式:route [-v] [-A family |-4|-6] del [-net|-host] target [gw Gw] [netmask Nm] [metric N] [[dev] If]
常用的简写语法格式:route del [-net|-host] target [netmask Nm] [gw Gw] [[dev] If]
~]# route del -net 10.0.0.0/8 gw 192.168.206.2 dev ens33
~]# route del default 删除默认路由条目;
3、netstat命令:
netstat – Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships;
打印网络连接信息,路由表信息,接口统计数据信息,伪装连接信息,多播成员关系;
常规应用:
=============
显示路由表:
—————–
~]# netstat -rn ‘r’表示’routing’,路由表;’n’表示以数字格式显示;
~]# route -n
显示网络连接,常用的简写语法格式:
————————————-
netstat [–tcp|-t] [–udp|-u] [–udplite|-U] [–sctp|-S] [–raw|-w] [–listening|-l] [–all|-a] [–numeric|-n] [–numeric-hosts] [–numeric-ports] [–extend|-e [–extend|-e]] [–program|-p]
netstat [–tcp|-t] [–udp|-u] [–listening|-l] [–all|-a] [–numeric|-n] [–program|-p]
-t : TCP协议的相关连接;
-u : UDP协议的相关连接;
-w : raw socket相关的连接;
-l : 处于监听状态的连接;’State’;
-a : 所有信息状态;Show both listening and non-listening (for TCP this means established connections) sockets. With the — interfaces option, show interfaces that are not up;
-n : 以数字格式显示IP和PORT;
-e : 扩展格式;’User’,’Inode’;表示显示哪个用户开启的进程,以及此进程文件所对应的’inode’号;
-p : 显示相关的进程及PID;’PID/Program name’
~]# netstat -tun 显示已建立的TCP/UDP连接信息;
~]# netstat -tunl 显示TCP/UDP连接的监听状态信息;
~]# netstat -tunp 显示显示已建立的TCP/UDP连接信息,及建立连接的进程和此进程对应的PID号;
~]# netstat -tunlp 显示TCP/UDP连接的监听状态信息,及建立监听连接的进程和此进程对应的PID号;
~]# netstat -tanlp
显示接口的统计数据:
————————
完整语法格式:netstat {–interfaces|-I|-i} [–all|-a] [–extend|-e] [–verbose|-v] [–program|-p] [–numeric|-n] [–numeric-hosts] [–numeric-ports] [–numeric-users] [–continuous|-c] [delay]
~]# netstat -i 相当于’ip -s link’;显示所有接口的统计信息;
~]# ip -s link
~]# netstat -I<Iface> 显示指定接口的统计信息;
~]# netstat -Iens33
4、ifup/ifdown命令:
ifup – bring a network interface up
ifdown – take a network interface down
5、hostname命令(centos 6):
~]# hostname 查看主机名
~]# hostname HOSTNAME 配置主机名;
当前系统有效,重启后此信息丢失;如果想让配置永久有效,需要写入配置文件’/etc/network’,不会立即生效,但重启后永久有效;
6、hostnamectl命令(centos 7):
~]# hostnamectl status 查看主机名状态信息
~]# hostnamectl set-hostname NAME 设置主机名,立即生效,且永久有效;无需更改配置文件;
7、配置DNS服务器指向:
/etc/resolv.conf
SERVER_NAME DNS_SERVER_IP 此记录在centos 7 中最多可以有3条;centos 6中最多记录2条;
host/nslookup/dig 命令:
~]# yum install bind-utils 如果系统中没有上述命令,可自行安装命令对应的程序包’bind-utils'(centos系列);’dnsutils’对应Ubuntu;
~]# dig -t A FQDN 域名解析成IP地址;
~]# dig -t A lucifer.kouyuushinn.cn
~]# dig -x IPaddr IP地址反解析成域名,互联网一般都不支持反解析;
~]# nslookup FQDN
~]# host FQDN
*******************************************************************************************
F.E.
1、添加路由条目:
[root@kouyuushinn ~]# [root@kouyuushinn ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.206.2 0.0.0.0 UG 100 0 0 ens33 192.168.206.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@kouyuushinn ~]# [root@kouyuushinn ~]# route add -net 10.0.0.0/8 gw 192.168.206.2 dev ens33 [root@kouyuushinn ~]# [root@kouyuushinn ~]# route add -net 20.0.0.0 netmask 255.0.0.0 gw 192.168.206.2 dev ens33 [root@kouyuushinn ~]# [root@kouyuushinn ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.206.2 0.0.0.0 UG 100 0 0 ens33 10.0.0.0 192.168.206.2 255.0.0.0 UG 0 0 0 ens33 20.0.0.0 192.168.206.2 255.0.0.0 UG 0 0 0 ens33 192.168.206.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
2、删除路由条目:
[root@kouyuushinn ~]# [root@kouyuushinn ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.206.2 0.0.0.0 UG 100 0 0 ens33 10.0.0.0 192.168.206.2 255.0.0.0 UG 0 0 0 ens33 20.0.0.0 192.168.206.2 255.0.0.0 UG 0 0 0 ens33 192.168.206.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@kouyuushinn ~]# [root@kouyuushinn ~]# route del -net 10.0.0.0/8 gw 192.168.206.2 [root@kouyuushinn ~]# [root@kouyuushinn ~]# route del -net 20.0.0.0/8 gw 192.168.206.2 dev ens33 [root@kouyuushinn ~]# [root@kouyuushinn ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.206.2 0.0.0.0 UG 100 0 0 ens33 192.168.206.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@kouyuushinn ~]#
3、显示路由表:
[root@kouyuushinn ~]# [root@kouyuushinn ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.206.2 0.0.0.0 UG 100 0 0 ens33 192.168.206.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@kouyuushinn ~]# [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.206.2 0.0.0.0 UG 0 0 0 ens33 192.168.206.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33 [root@kouyuushinn ~]# [root@kouyuushinn ~]# [root@kouyuushinn ~]# ip route default via 192.168.206.2 dev ens33 proto static metric 100 192.168.206.0/24 dev ens33 proto kernel scope link src 192.168.206.132 metric 100 [root@kouyuushinn ~]#
4、显示网络连接,’netstat’,以TCP连接为例:
[root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tn Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 192.168.206.132:22 192.168.206.1:61721 ESTABLISHED tcp 0 52 192.168.206.132:22 192.168.206.1:61528 ESTABLISHED tcp 0 0 192.168.206.132:22 192.168.206.1:61529 ESTABLISHED [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tnlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 969/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1051/master tcp6 0 0 :::22 :::* LISTEN 969/sshd tcp6 0 0 ::1:25 :::* LISTEN 1051/master [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tne Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode tcp 0 0 192.168.206.132:22 192.168.206.1:61721 ESTABLISHED 0 281291 tcp 0 52 192.168.206.132:22 192.168.206.1:61528 ESTABLISHED 0 279239 tcp 0 0 192.168.206.132:22 192.168.206.1:61529 ESTABLISHED 0 279272 [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tnle Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 20206 tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 20747 tcp6 0 0 :::22 :::* LISTEN 0 20215 tcp6 0 0 ::1:25 :::* LISTEN 0 20748 [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tnlpe Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 20206 969/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 20747 1051/master tcp6 0 0 :::22 :::* LISTEN 0 20215 969/sshd tcp6 0 0 ::1:25 :::* LISTEN 0 20748 1051/master [root@kouyuushinn ~]# ----------------------------------------------------------- [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -ta Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 0 kouyuushinn.cn:ssh 192.168.206.1:61721 ESTABLISHED tcp 0 52 kouyuushinn.cn:ssh 192.168.206.1:61528 ESTABLISHED tcp 0 0 kouyuushinn.cn:ssh 192.168.206.1:61529 ESTABLISHED tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 192.168.206.132:22 192.168.206.1:61721 ESTABLISHED tcp 0 52 192.168.206.132:22 192.168.206.1:61528 ESTABLISHED tcp 0 0 192.168.206.132:22 192.168.206.1:61529 ESTABLISHED tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tanl Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 192.168.206.132:22 192.168.206.1:61721 ESTABLISHED tcp 0 52 192.168.206.132:22 192.168.206.1:61528 ESTABLISHED tcp 0 0 192.168.206.132:22 192.168.206.1:61529 ESTABLISHED tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tanlp Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 969/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1051/master tcp 0 0 192.168.206.132:22 192.168.206.1:61721 ESTABLISHED 69909/sshd: root@pt tcp 0 52 192.168.206.132:22 192.168.206.1:61528 ESTABLISHED 69742/sshd: root@pt tcp 0 0 192.168.206.132:22 192.168.206.1:61529 ESTABLISHED 69744/sshd: root@pt tcp6 0 0 :::22 :::* LISTEN 969/sshd tcp6 0 0 ::1:25 :::* LISTEN 1051/master [root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -tanlpe Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 20206 969/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 20747 1051/master tcp 0 0 192.168.206.132:22 192.168.206.1:61721 ESTABLISHED 0 281291 69909/sshd: root@pt tcp 0 52 192.168.206.132:22 192.168.206.1:61528 ESTABLISHED 0 279239 69742/sshd: root@pt tcp 0 0 192.168.206.132:22 192.168.206.1:61529 ESTABLISHED 0 279272 69744/sshd: root@pt tcp6 0 0 :::22 :::* LISTEN 0 20215 969/sshd tcp6 0 0 ::1:25 :::* LISTEN 0 20748 1051/master [root@kouyuushinn ~]#
5、显示所有接口统计信息:
[root@kouyuushinn ~]#
[root@kouyuushinn ~]# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
ens33 1500 287864 0 0 0 129993 0 0 0 BMRU
lo 65536 2096 0 0 0 2096 0 0 0 LRU
[root@kouyuushinn ~]#
[root@kouyuushinn ~]# ip -s link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
119762 2096 0 0 0 0
TX: bytes packets errors dropped carrier collsns
119762 2096 0 0 0 0
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:ce:f2:dd brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
279054284 287888 0 0 0 0
TX: bytes packets errors dropped carrier collsns
45538789 130006 0 0 0 0
[root@kouyuushinn ~]#
6、显示指定接口的统计信息:
[root@kouyuushinn ~]# [root@kouyuushinn ~]# netstat -Iens33 Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg ens33 1500 288130 0 0 0 130134 0 0 0 BMRU [root@kouyuushinn ~]#
7、显示主机名信状态:
[root@kouyuushinn ~]#
[root@kouyuushinn ~]# hostname
kouyuushinn.cn
[root@kouyuushinn ~]# hostnamectl status
Static hostname: kouyuushinn.cn
Icon name: computer-vm
Chassis: vm
Machine ID: 0aef7da475504673bb0e0f2d7bfe62d4
Boot ID: 36f070d00caa4027a48b50e22f6ec876
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-693.21.1.el7.x86_64
Architecture: x86-64
[root@kouyuushinn ~]#
[root@kouyuushinn ~]#
[root@kouyuushinn ~]# hostnamectl
Static hostname: kouyuushinn.cn
Icon name: computer-vm
Chassis: vm
Machine ID: 0aef7da475504673bb0e0f2d7bfe62d4
Boot ID: 36f070d00caa4027a48b50e22f6ec876
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-693.21.1.el7.x86_64
Architecture: x86-64
[root@kouyuushinn ~]#
8、DNS域名解释测试:
[root@kouyuushinn ~]# [root@kouyuushinn ~]# dig -t A www.google.com ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -t A www.google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29329 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 600 IN A 8.7.198.45 ;; Query time: 3 msec ;; SERVER: 202.96.128.86#53(202.96.128.86) ;; WHEN: Sun May 13 07:25:30 CST 2018 ;; MSG SIZE rcvd: 48 [root@kouyuushinn ~]# [root@kouyuushinn ~]# dig -x 69.171.239.11 ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -x 69.171.239.11 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25295 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;11.239.171.69.in-addr.arpa. IN PTR ;; Query time: 5 msec ;; SERVER: 202.96.128.86#53(202.96.128.86) ;; WHEN: Sun May 13 07:26:42 CST 2018 ;; MSG SIZE rcvd: 55 [root@kouyuushinn ~]# [root@kouyuushinn ~]# nslookup www.google.com Server: 202.96.128.86 Address: 202.96.128.86#53 Non-authoritative answer: Name: www.google.com Address: 88.191.249.183 [root@kouyuushinn ~]# [root@kouyuushinn ~]# nslookup www.google.com Server: 202.96.128.86 Address: 202.96.128.86#53 Non-authoritative answer: Name: www.google.com Address: 8.7.198.45 [root@kouyuushinn ~]# nslookup www.google.com Server: 202.96.128.86 Address: 202.96.128.86#53 Non-authoritative answer: Name: www.google.com Address: 8.7.198.45 [root@kouyuushinn ~]# host www.google.com www.google.com has address 88.191.249.183 www.google.com has IPv6 address 2404:6800:4005:80a::2004 [root@kouyuushinn ~]# [root@kouyuushinn ~]# host www.google.com www.google.com has address 75.126.124.162 www.google.com has IPv6 address 2404:6800:4005:80a::2004 [root@kouyuushinn ~]# [root@kouyuushinn ~]# host www.google.com www.google.com has address 8.7.198.45 www.google.com has IPv6 address 2404:6800:4005:800::2004 [root@kouyuushinn ~]#