182 lines
6.2 KiB
Markdown
182 lines
6.2 KiB
Markdown
## 1、ARP
|
||
- -a # 主机 :显示 arp 缓冲区的所有条目;
|
||
- -H # 地址类型 :指定 arp 指令使用的地址类型;
|
||
- -d # 主机 :从 arp 缓冲区中删除指定主机的 arp 条目;
|
||
- -D # 使用指定接口的硬件地址;
|
||
- -e # 以 Linux 的显示风格显示 arp 缓冲区中的条目;
|
||
- -i # 接口 :指定要操作 arp 缓冲区的网络接口;
|
||
- -s # 主机 MAC 地址 :设置指定的主机的 IP 地址与 MAC 地址的静态映射;
|
||
- -n # 以数字方式显示 arp 缓冲区中的条目;
|
||
- -v # 显示详细的 arp 缓冲区条目,包括缓冲区条目的统计信息;
|
||
- -f # 文件 :设置主机的 IP 地址与 MAC 地址的静态映射。
|
||
```shell
|
||
[root@centos ~]#arp -a
|
||
目标地址 MAC地址 接口
|
||
? (169.254.0.138) at fe:ee:e4:1e:74:cd [ether] on eth0
|
||
? (169.254.0.83) at fe:ee:e4:1e:74:cd [ether] on eth0
|
||
? (169.254.0.15) at fe:ee:e4:1e:74:cd [ether] on eth0
|
||
```
|
||
## 2、netstat
|
||
netstat 命令
|
||
|
||
- -t:tcp协议相关
|
||
- -u:udp协议相关
|
||
- -l:监听状态的
|
||
- -a:所有状态
|
||
- -n:显示ip和端口
|
||
- -p:显示进程
|
||
- -I:指定网卡
|
||
```shell
|
||
root@jumpserver:~# netstat -s
|
||
|
||
Ip: //与 IP 协议相关的统计信息。
|
||
Forwarding: 2 //如果该值为 2,表示 IP 转发(路由)已启用。
|
||
64972 total packets received //接收到的总数据包数量
|
||
0 forwarded
|
||
0 incoming packets discarded //成功传递到上层协议(如 TCP 或 UDP)的数据包数量。
|
||
64972 incoming packets delivered
|
||
47450 requests sent out
|
||
20 outgoing packets dropped
|
||
4 dropped because of missing route
|
||
Icmp:
|
||
43 ICMP messages received //
|
||
0 input ICMP message failed
|
||
ICMP input histogram:
|
||
destination unreachable: 43
|
||
43 ICMP messages sent
|
||
0 ICMP messages failed
|
||
ICMP output histogram:
|
||
destination unreachable: 43
|
||
IcmpMsg:
|
||
InType3: 43
|
||
OutType3: 43
|
||
Tcp:
|
||
51 active connection openings //主动打开的 TCP 连接数量(由本机发起)。
|
||
2992 passive connection openings //被动打开的 TCP 连接数量(由远程机器发起)。
|
||
0 failed connection attempts
|
||
66 connection resets received
|
||
1 connections established
|
||
64420 segments received
|
||
47156 segments sent out
|
||
9 segments retransmitted
|
||
0 bad segments received
|
||
76 resets sent
|
||
Udp:
|
||
240 packets received
|
||
41 packets to unknown port received
|
||
0 packet receive errors
|
||
284 packets sent
|
||
0 receive buffer errors
|
||
0 send buffer errors
|
||
IgnoredMulti: 228
|
||
UdpLite:
|
||
TcpExt:
|
||
31 TCP sockets finished time wait in fast timer
|
||
132 delayed acks sent
|
||
1 delayed acks further delayed because of locked socket
|
||
Quick ack mode was activated 3438 times
|
||
13014 packet headers predicted
|
||
16401 acknowledgments not containing data payload received
|
||
12784 predicted acknowledgments
|
||
1 congestion windows recovered without slow start after partial ack
|
||
TCPLostRetransmit: 3
|
||
TCPTimeouts: 6
|
||
TCPLossProbes: 3
|
||
TCPBacklogCoalesce: 49
|
||
TCPDSACKOldSent: 3438
|
||
TCPDSACKRecv: 4
|
||
2 connections reset due to unexpected data
|
||
57 connections reset due to early user close
|
||
TCPDSACKIgnoredNoUndo: 4
|
||
TCPRcvCoalesce: 852
|
||
TCPAutoCorking: 17
|
||
TCPSynRetrans: 2
|
||
TCPOrigDataSent: 27013
|
||
TCPDelivered: 26990
|
||
TcpTimeoutRehash: 6
|
||
TcpDuplicateDataRehash: 168
|
||
TCPDSACKRecvSegs: 4
|
||
IpExt:
|
||
InBcastPkts: 228
|
||
InOctets: 20619636
|
||
OutOctets: 8344373
|
||
InBcastOctets: 55089
|
||
InNoECTPkts: 68885
|
||
InECT0Pkts: 2992
|
||
MPTcpExt:
|
||
```
|
||
```shell
|
||
root@jumpserver:~# netstat -n | grep TIME_WAIT | wc -l
|
||
3
|
||
```
|
||
```shell
|
||
root@jumpserver:~# netstat -ntlp
|
||
Active Internet connections (only servers)
|
||
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
|
||
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 874/sshd: /usr/sbin
|
||
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 672/systemd-resolve
|
||
tcp6 0 0 :::22 :::* LISTEN 874/sshd: /usr/sbin
|
||
```
|
||
## 3、nload
|
||
```shell
|
||
nload -m
|
||
```
|
||
## 4、ip
|
||
```shell
|
||
root@jumpserver:~# ip a
|
||
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
|
||
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
|
||
inet 127.0.0.1/8 scope host lo
|
||
valid_lft forever preferred_lft forever
|
||
inet6 ::1/128 scope host
|
||
valid_lft forever preferred_lft forever
|
||
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
|
||
link/ether 00:0c:29:8c:8d:89 brd ff:ff:ff:ff:ff:ff
|
||
altname enp2s0
|
||
inet 192.168.30.100/24 brd 192.168.30.255 scope global ens32
|
||
valid_lft forever preferred_lft forever
|
||
inet6 fe80::20c:29ff:fe8c:8d89/64 scope link
|
||
valid_lft forever preferred_lft forever
|
||
```
|
||
```shell
|
||
root@jumpserver:~# ip route
|
||
default via 192.168.30.250 dev ens32 proto static
|
||
192.168.30.0/24 dev ens32 proto kernel scope link src 192.168.30.100
|
||
```
|
||
```shell
|
||
ip route add 目标ip via 转发设备(网关) dev 网卡 src 源IP
|
||
|
||
root@jumpserver:~# ip route add 192.168.30.201 via 192.168.30.11 dev ens32
|
||
root@jumpserver:~# ip route
|
||
default via 192.168.30.250 dev ens32 proto static
|
||
192.168.30.0/24 dev ens32 proto kernel scope link src 192.168.30.100
|
||
192.168.30.201 via 192.168.30.11 dev ens32
|
||
```
|
||
```shell
|
||
root@jumpserver:~# ip route del 192.168.30.201
|
||
root@jumpserver:~# ip route
|
||
default via 192.168.30.250 dev ens32 proto static
|
||
192.168.30.0/24 dev ens32 proto kernel scope link src 192.168.30.100
|
||
```
|
||
```shell
|
||
ip route get 目标地址
|
||
```
|
||
## 5、ss
|
||
```shell
|
||
-n, --numeric 不解析服务名称
|
||
-a, --all 显示所有套接字(sockets)
|
||
-l, --listening 显示监听状态的套接字(sockets)
|
||
-m, --memory 显示套接字(socket)的内存使用情况
|
||
-p, --processes 显示使用套接字(socket)的进程
|
||
-i, --info 显示 TCP内部信息
|
||
-4, --ipv4 仅显示IPv4的套接字(sockets)
|
||
-6, --ipv6 仅显示IPv6的套接字(sockets)
|
||
-0, --packet 显示 PACKET 套接字(socket)
|
||
-t, --tcp 仅显示 TCP套接字(sockets)
|
||
-u, --udp 仅显示 UCP套接字(sockets)
|
||
```
|
||
```shell
|
||
root@jumpserver:~# ss -4 state time-wait | wc -l
|
||
4
|
||
```
|