[root@szm ~]# netstat -tulnp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:51695               0.0.0.0:*                   LISTEN      1987/rpc.statd
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      1912/rpcbind
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      2224/sshd
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2300/master
tcp        0      0 :::46592                    :::*                        LISTEN      1987/rpc.statd
tcp        0      0 :::111                      :::*                        LISTEN      1912/rpcbind
tcp        0      0 :::22                       :::*                        LISTEN      2224/sshd
udp        0      0 0.0.0.0:38783               0.0.0.0:*                               1956/avahi-daemon:
udp        0      0 0.0.0.0:815                 0.0.0.0:*                               1912/rpcbind
udp        0      0 0.0.0.0:53296               0.0.0.0:*                               1987/rpc.statd
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               1972/dhclient
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               1975/dhclient
udp        0      0 0.0.0.0:5353                0.0.0.0:*                               1956/avahi-daemon:
udp        0      0 0.0.0.0:111                 0.0.0.0:*                               1912/rpcbind
udp        0      0 0.0.0.0:891                 0.0.0.0:*                               1987/rpc.statd
udp        0      0 :::52525                    :::*                                    1987/rpc.statd
udp        0      0 :::815                      :::*                                    1912/rpcbind
udp        0      0 :::111                      :::*                                    1912/rpcbind
 
 
[root@szm ~]# /etc/init.d/avahi-daemon stop
Shutting down Avahi daemon:                                [  OK  ]
 
[root@szm ~]# chkconfig avahi-daemon off
 
[root@szm ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
HWADDR="00:0C:29:24:C2:A5"
BOOTPROTO=dhcp
NM_CONTROLLED="yes"
-----------网络控制
ONBOOT="yes"
 
[root@szm ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=szm.test.com
 
[root@szm ~]# cat /etc/resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain test.com
nameserver 192.168.179.2
nameserver 172.16.2.1
nameserver 172.16.2.6
 
[root@szm ~]# cat /etc/hosts
192.168.179.139 szm.test.com    szm     # Added by NetworkManager
127.0.0.1       localhost.localdomain   localhost
::1     szm.test.com    szm     localhost6.localdomain6 localhost6
 
[root@szm ~]# dig www.baidu.com
 
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22349
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4
 
;; QUESTION SECTION:
;www.baidu.com.                 IN      A
 
;; ANSWER SECTION:
www.baidu.com.          5       IN      CNAME   www.a.shifen.com.
www.a.shifen.com.       5       IN      A       61.135.169.105
www.a.shifen.com.       5       IN      A       61.135.169.125
 
;; AUTHORITY SECTION:
a.shifen.com.           5       IN      NS      ns5.a.shifen.com.
a.shifen.com.           5       IN      NS      ns7.a.shifen.com.
a.shifen.com.           5       IN      NS      ns9.a.shifen.com.
a.shifen.com.           5       IN      NS      ns4.a.shifen.com.
 
;; ADDITIONAL SECTION:
ns4.a.shifen.com.       5       IN      A       123.125.113.67
ns5.a.shifen.com.       5       IN      A       220.181.3.178
ns7.a.shifen.com.       5       IN      A       220.181.38.47
ns9.a.shifen.com.       5       IN      A       61.135.166.226
 
;; Query time: 11 msec
;; SERVER: 192.168.179.2#53(192.168.179.2)
;; WHEN: Wed Mar 20 22:43:59 2013
;; MSG SIZE  rcvd: 226
 
[root@szm ~]# iwconfig
lo        no wireless extensions.
 
eth0      no wireless extensions.
 
eth1      no wireless extensions.
 
[root@szm ~]# iwlist --help
Usage: iwlist [interface] scanning [essid NNN] [last]
              [interface] frequency
              [interface] channel
              [interface] bitrate
              [interface] rate
              [interface] encryption
              [interface] keys
              [interface] power
              [interface] txpower
              [interface] retry
              [interface] ap
              [interface] accesspoints
              [interface] peers
              [interface] event
              [interface] auth
              [interface] wpakeys
              [interface] genie
              [interface] modulation
 
 
 
       Flags  Possible flags include
              U (route is up)
              H (target is a host)
              G (use gateway)
              R (reinstate route for dynamic routing)
              D (dynamically installed by daemon or redirect)
              M (modified from routing daemon or redirect)
              A (installed by addrconf)
              C (cache entry)
              !  (reject route)
 
 
[root@szm ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.128.0    0.0.0.0         255.255.255.0   U     1      0        0 eth1
0.0.0.0         172.16.128.254  0.0.0.0         UG    0      0        0 eth1
 
[root@szm ~]# route add -net 192.168.179.0 netmask 255.255.255.0 dev eth1
[root@szm ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.179.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
172.16.128.0    0.0.0.0         255.255.255.0   U     1      0        0 eth1
0.0.0.0         172.16.128.254  0.0.0.0         UG    0      0        0 eth1
 
[root@szm ~]# route del -net 192.168.179.0 netmask 255.255.255.0 dev eth1
[root@szm ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.128.0    0.0.0.0         255.255.255.0   U     1      0        0 eth1
0.0.0.0         172.16.128.254  0.0.0.0         UG    0      0        0 eth1
 
[root@szm ~]# route add default gw 192.168.1.254
-------不同子网,不行
SIOCADDRT: No such process
 
[root@szm ~]# route add default gw 172.16.128.154
[root@szm ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.128.0    0.0.0.0         255.255.255.0   U     1      0        0 eth1
0.0.0.0         172.16.128.154  0.0.0.0         UG    0      0        0 eth1
0.0.0.0         172.16.128.254  0.0.0.0         UG    0      0        0 eth1
 
[root@szm ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:24:c2:a5 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:0c:29:24:c2:af brd ff:ff:ff:ff:ff:ff
 
[root@szm ~]# ip link show eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:0c:29:24:c2:af brd ff:ff:ff:ff:ff:ff
 
[root@szm ~]# ip -s link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:24:c2:a5 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast
    415598     3291     0       0       0       0
    TX: bytes  packets  errors  dropped carrier collsns
    442311     2835     0       0       0       0
 
[root@szm ~]# ip link set eth1 down
[root@szm ~]# ip link set eth1 up
[root@szm ~]# ip link set eth1 mtu 1000
 
修改名字之前要Down网卡:
[root@szm ~]# ip link set eth1 name vbird
RTNETLINK answers: Device or resource busy
[root@szm ~]# ip link set eth1 down
[root@szm ~]# ip link set eth1 name vbird
 
设置网卡的MAC地址:
[root@szm ~]# ip link set vbird address 00:0c:29:23:c2:c1
[root@szm ~]# ip link show vbird
3: vbird: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:23:c2:c1 brd ff:ff:ff:ff:ff:ff
 
设置Ip地址:
[root@szm ~]# ip address show eth1
3: eth1: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:23:c2:c1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.128.211/24 brd 172.16.128.255 scope global eth1
 
[root@szm ~]# ip address add 172.16.128.99/24 broadcast + dev eth1 label eth1:vbird
[root@szm ~]# ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 00:0C:29:23:C2:C1
          inet addr:172.16.128.211  Bcast:172.16.128.255  Mask:255.255.255.0
          BROADCAST MULTICAST  MTU:1000  Metric:1
          RX packets:125594 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3863 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:12181175 (11.6 MiB)  TX bytes:492270 (480.7 KiB)
          Interrupt:19 Base address:0x20a4
 
[root@szm ~]# ip address show eth1
3: eth1: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:23:c2:c1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.128.211/24 brd 172.16.128.255 scope global eth1
    inet 172.16.128.99/24 brd 172.16.128.255 scope global secondary eth1:vbird
 
[root@szm ~]# ip address del 172.16.128.99/24 dev eth1
[root@szm ~]# ip address show eth1
3: eth1: <BROADCAST,MULTICAST> mtu 1000 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:23:c2:c1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.128.211/24 brd 172.16.128.255 scope global eth1
 
添加路由:
[root@szm ~]# ip route show
192.168.179.0/24 dev eth0  proto kernel  scope link  src 192.168.179.139  metric 1
default via 192.168.179.2 dev eth0  proto static
 
[root@szm ~]# ip route add 192.168.180.0/24 dev eth0
[root@szm ~]# ip route show
192.168.179.0/24 dev eth0  proto kernel  scope link  src 192.168.179.139  metric 1
192.168.180.0/24 dev eth0  scope link
default via 192.168.179.2 dev eth0  proto static
 
 
[root@szm ~]# ip route add 192.168.190.0/24 via 192.168.179.2 dev eth0
[root@szm ~]# ip route show
192.168.179.0/24 dev eth0  proto kernel  scope link  src 192.168.179.139  metric 1
192.168.180.0/24 dev eth0  scope link
192.168.190.0/24 via 192.168.179.2 dev eth0
default via 192.168.179.2 dev eth0  proto static
 
 
 
 
[root@szm ~]# ip route del 192.168.180.0/24
[root@szm ~]# ip route del 192.168.190.0/24
[root@szm ~]# ip route show
192.168.179.0/24 dev eth0  proto kernel  scope link  src 192.168.179.139  metric 1
default via 192.168.179.2 dev eth0  proto static
 
DHCP获得IP地址:
[root@szm ~]# dhclient eth0
 
扫描地址主机:
[root@szm bin]# cat ping.sh
#!/bin/bash
for siteip in $(seq 1 254)
do
        site="172.16.128.${siteip}"
        ping -W1 -c1 $site &> /dev/null
        if [ "$?" == "0" ]; then
                echo "$site is up"
        else
                echo "$site is down"
        fi
done
 
 如果你的主机与待检测主机并不在同一个网络内,那么TTL默认使用255,如果是同一个网络内,那么TTL则默认使用64
 
 [root@szm bin]# ping -c2 -s1000 -M do 172.16.128.254 (MTU有do和dont两个参数)
PING 172.16.128.254 (172.16.128.254) 1000(1028) bytes of data.
From 172.16.128.211 icmp_seq=1 Frag needed and DF set (mtu = 1000)
From 172.16.128.211 icmp_seq=1 Frag needed and DF set (mtu = 1000)
 
--- 172.16.128.254 ping statistics ---
0 packets transmitted, 0 received, +2 errors
 

 [root@szm bin]# traceroute -n tw.yahoo.com

traceroute to tw.yahoo.com (206.190.37.187), 30 hops max, 60 byte packets

 1  192.168.179.2  2.034 ms  1.819 ms  1.792 ms

 2  192.168.105.9  6.715 ms !N  6.630 ms !N  7.352 ms !N

 traceroute默认使用的是UDP的超时等待,默认为5秒。对每个节点检测三次。
改用TCP做超时等待
[root@szm bin]# traceroute -n -T -w 1 tw.yahoo.com
traceroute to tw.yahoo.com (206.190.37.187), 30 hops max, 60 byte packets
 1  192.168.179.2  2.161 ms  1.396 ms  1.145 ms
 2  206.190.37.187  186.995 ms  187.765 ms  175.882 ms
 
[root@szm bin]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.179.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0
172.16.128.0    0.0.0.0         255.255.255.0   U         0 0          0 eth1
0.0.0.0         192.168.179.2   0.0.0.0         UG        0 0          0 eth0
 
[root@szm bin]# netstat -an
 
[root@szm bin]# netstat -tln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:43373               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0      0 :::139                      :::*                        LISTEN
tcp        0      0 :::111                      :::*                        LISTEN
tcp        0      0 :::51412                    :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN
tcp        0      0 :::445                      :::*                        LISTEN
 

Recv-Q:由非用户程序连接所复制而来的总bytes数

Send-Q:由远程主机发送而来的,但不具有ACK标志的总Bytes数,亦指主动连接SYN或其它标志的数据包所占的bytes数。

 

 stat状态:

1.ESTABLISED:已经建立连接

2.SYN_SENT:发出主动连接(SYN标志)的连接数据包

3.SYN_RECV:接收到一个要求连接的主动连接数据包

4.FIN_WAIT1:该套接字服务(Socket)已中断,该连接正在断线当中

5.FIN_WAIT2:该连接已经挂断,但正在等待对方主机响应断线确认的数据包

6.TIME_WAIT:该连接已经挂断,但socket还在网络上等待结束

7.监听

 

[root@szm bin]# netstat -lutnp

[root@szm bin]# netstat -autnp
 

Client端是随机开放一个大于1024的Port进行连接,此外中有Root可以启动大于1024的Port 

 

[root@szm bin]# cat /etc/services-----------存放Port与服务对应关系。

 

 

 

[root@szm bin]# host www.yahoo.com

www.yahoo.com is an alias for fd-fp3.wg1.b.yahoo.com.

fd-fp3.wg1.b.yahoo.com is an alias for ds-fp3.wg1.b.yahoo.com.

ds-fp3.wg1.b.yahoo.com is an alias for ds-fo-tw-sg.wg1.b.yahoo.com.

ds-fo-tw-sg.wg1.b.yahoo.com is an alias for ds-tw-fp3.wg1.b.yahoo.com.

ds-tw-fp3.wg1.b.yahoo.com has address 203.84.197.9

ds-tw-fp3.wg1.b.yahoo.com has address 203.84.197.25

ds-tw-fp3.wg1.b.yahoo.com has IPv6 address 2406:2000:f016:1fe::3000

ds-tw-fp3.wg1.b.yahoo.com has IPv6 address 2406:2000:f016:1fe::3001

指定服务器解析:

[root@szm bin]# host www.yahoo.com 172.16.2.1
Using domain server:
Name: 172.16.2.1
Address: 172.16.2.1#53
Aliases:
 
www.yahoo.com is an alias for fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com is an alias for ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com is an alias for ds-fo-tw-sg.wg1.b.yahoo.com.
ds-fo-tw-sg.wg1.b.yahoo.com is an alias for ds-tw-fp3.wg1.b.yahoo.com.
ds-tw-fp3.wg1.b.yahoo.com has address 203.84.197.25
ds-tw-fp3.wg1.b.yahoo.com has address 203.84.197.9
ds-tw-fp3.wg1.b.yahoo.com has IPv6 address 2406:2000:f016:1fe::3000
ds-tw-fp3.wg1.b.yahoo.com has IPv6 address 2406:2000:f016:1fe::3001
 

 

 

[root@szm bin]# nslookup -a www.yahoo.com

*** Invalid option: a

Server:         192.168.179.2

Address:        192.168.179.2#53

Non-authoritative answer:

www.yahoo.com   canonical name = fd-fp3.wg1.b.yahoo.com.

fd-fp3.wg1.b.yahoo.com  canonical name = ds-fp3.wg1.b.yahoo.com.

ds-fp3.wg1.b.yahoo.com  canonical name = ds-fo-tw-sg.wg1.b.yahoo.com.

ds-fo-tw-sg.wg1.b.yahoo.com     canonical name = ds-tw-fp3.wg1.b.yahoo.com.

Name:   ds-tw-fp3.wg1.b.yahoo.com

Address: 203.84.197.25

Name:   ds-tw-fp3.wg1.b.yahoo.com

Address: 203.84.197.9

 

 

[root@szm bin]# telnet localhost 110检测本地主机110这个Port是否正确启动

Trying 127.0.0.1...

telnet: connect to address 127.0.0.1: Connection refused

[root@szm bin]# telnet localhost 25检测

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

220 szm.test.com ESMTP Postfix

ehlo localhost

250-szm.test.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

quit

221 2.0.0 Bye

Connection closed by foreign host.

 图形界面ftp:gftp

 

 

 ftp常用命令:help,dir,cd,get file,mget file*,put file,delete file,mkdir,lcd /home,passive,binary,bye
 
[root@szm bin]# ftp 172.16.3.240 21
 
[root@szm bin]# lftp 172.16.3.240 -u kjdown,kjdown
 
[root@szm ~]# cat ./bin/lftp
open ftp.ksu.edu.tw
cd /pub/CentOS/
mget -c -d RPM-GPG*
bye
 
[root@szm ~]# lftp -f ./bin/lftp
 [root@szm ~]# cat ./bin/lftp.sh
lftp -c "open ftp.ksu.edu.tw
cd /pub/CentOS/
mget -c -d RPM-GPG*
bye"
[root@szm ~]# sh ./bin/lftp.sh
 
[root@szm ~]# links /usr/share/doc/HTML/index.html
 
[root@szm ~]# links http://www.kernel.org

 h:history

g:gotoURL

d:downloadPage

q:quit

o:option,/.elinks/elinks.conf

 

下载网页:

[root@szm ~]# links -dump http://www.yahoo.com > yahoo.html

 
[root@szm ~]# tcpdump --help
tcpdump version 4.1-PRE-CVS_2010_08_20
libpcap version 1.0.0
Usage: tcpdump [-a
AdD
efIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
                [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
                [ -i interface ] [ -M secret ] [ -r file ]
                [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ]
                [ -y datalinktype ] [ -z command ] [ -Z user ]
                [ expression ]

-A:ASCII显示

-e:找二层包

-nn:不解析

-q:精简内容

-X:列出ASCII与hex内容对应

-i:接口

-w:保存包

-r:读包

-c:包数

 
[root@szm ~]# tcpdump -i eth0 -nn
 
[root@szm ~]# tcpdump -i eth0 -nn port 21
 
 
1: [root@szm ~]# tcpdump -i lo -nn
2: [root@szm ~]#  ssh localhost
 
1: [root@szm ~]# tcpdump -i lo port 21
 
[root@szm ~]# tcpdump -i lo -nn 'port 22 and src host 192.168.1.1'
 
开启20000端口监听:
[root@szm ~]# nc -l localhost 20000 &
 
连接2000端口:
[root@szm ~]# nc localhost 20000
kkk
dkfakd
eqreijkajfd^C
 
[1]+  Stopped                 nc -l localhost 20000
 
[root@szm ~]# fg
nc -l localhost 20000
 
kkk
dkfakd