search by tags

for the user

adventures into the land of the command line

linux networking tools

Some that I like

ifconfig - network interface configuration

$ ifconfig
eth0      Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx
          inet addr:172.33.200.4  Bcast:172.33.200.255  Mask:255.255.255.0
          inet6 addr: xx80::20d:xxff:xx50:xx3c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:985823 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1358771 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:520179256 (520.1 MB)  TX bytes:224683842 (224.6 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:1344 (1.3 KB)  TX bytes:1344 (1.3 KB)

route - kernel routing configuration, linux and mac

$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         172.33.200.1    0.0.0.0         UG    0      0        0 eth0
168.63.129.16   172.33.200.1    255.255.255.255 UGH   0      0        0 eth0
169.254.169.254 172.33.200.1    255.255.255.255 UGH   0      0        0 eth0
172.33.200.0    *               255.255.255.0   U     0      0        0 eth0

$ ip r
default via 172.33.200.255 dev eth0
172.168.1.8 via 192.168.0.250 dev eth0
192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.250

$ netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            192.168.1.1        UGSc          360        0     en0
127                127.0.0.1          UCS             1        0     lo0
127.0.0.1          127.0.0.1          UH             10     6672     lo0

iptables - system firewall

$ iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootpc

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

$ iptables -S
$ iptables -t nat -S

netstat - print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

$ netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 *:8022                  *:*                     LISTEN
tcp        0      0 172.33.200.15:51320     123.123.123.16:http      TIME_WAIT
tcp        0      0 172.33.200.15:51314     123.123.123.16:http      TIME_WAIT
.
.
.

nslookup - query internet name servers interactively

$ nslookup abc.ipt.aol.com
Server:     123.123.129.123
Address:    123.123.129.123#53

Non-authoritative answer:
Name:   abc.ipt.aol.com
Address: 123.128.1.123

traceroute - print the route packets trace to network host

$ traceroute 192.168.0.248
traceroute to 192.168.0.248 (192.168.0.248), 30 hops max, 60 byte packets
 1  abc.ipt.aol.com (123.128.1.123)  22.757 ms  22.759 ms  22.759 ms
 2  192.168.0.248 (192.168.0.248)  23.091 ms  23.093 ms  23.092 ms

ping - send ICMP ECHO_REQUEST to network hosts

$ ping 192.168.0.248
PING 192.168.0.248 (192.168.0.248) 56(84) bytes of data.
64 bytes from 192.168.0.248: icmp_seq=1 ttl=63 time=21.0 ms
64 bytes from 192.168.0.248: icmp_seq=2 ttl=63 time=21.2 ms
--- 192.168.0.248 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 21.021/21.114/21.207/0.093 ms

nc - arbitrary TCP and UDP connections and listens. good for when you can’t use ping!

$ nc -u -v -w 1 192.168.0.248 8889
Connection to 192.168.0.248 8889 port [udp/*] succeeded!
$ nc -t -v -w 1 192.168.0.248 8889
Connection to 192.168.0.248 8889 port [tcp/*] succeeded!

telnet - user interface to the TELNET protocol

$ telnet 192.168.0.248 8889
Trying 192.168.0.248...
telnet: Unable to connect to remote host: Connection refused

nmap - port scanner

$ nmap -p 80 192.168.0.248

tcpdump - inspect network packets

$ tcpdump -i eth0
.
.
.
$ tcpdump port 5000
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
16:15:05.593757 IP 10.10.2.69.39600 > 192.168.0.247.4505: Flags [.], ack 673817267, win 6821, options [nop,nop,TS val 1727956480 ecr 2010465084], length 0
16:15:05.593791 IP 192.168.0.247.4505 > 10.10.2.69.39600: Flags [.], ack 1, win 227, options [nop,nop,TS val 2010540058 ecr 1533985621], length 0
16:15:05.784653 IP 10.10.3.7.58382 > 192.168.0.247.4505: Flags [.], ack 3460200736, win 4429, options [nop,nop,TS val 1728076800 ecr 2010465132], length 0
16:15:05.784683 IP 192.168.0.247.4505 > 10.10.3.7.58382: Flags [.], ack 1, win 227, options [nop,nop,TS val 2010540105 ecr 1534105901], length 0
16:15:05.784704 IP 10.10.3.7.58383 > 192.168.0.247.4505: Flags [.], ack 1699645310, win 4429, options [nop,nop,TS val 1728076800 ecr 2010465132], length 0
16:15:05.784719 IP 192.168.0.247.4505 > 10.10.3.7.58383: Flags [.], ack 1, win 227, options [nop,nop,TS val 2010540105 ecr 1534105901], length 0
16:15:05.834222 IP 10.10.2.74.55376 > 192.168.0.247.4505: Flags [.], ack 3451747456, win 4429, options [nop,nop,TS val 1727973120 ecr 2010465144], length 0