可以用以下命令查看:ifconfig、ping、netstat、traceroute、nslookup、dig、finger、lsof、socketstat等。
1、ifconfig
显示所有网络接口的详细情况,用ifconfig显示服务器的所有网络接口配置如下:
- [root@localhost ~]# ifconfig
- eth0 Link encap:Ethernet HWaddr 00:0C:29:F9:23:72
- inet addr:192.168.1.143 Bcast:192.168.1.255 Mask:255.255.255.0
- inet6 addr: fe80::20c:29ff:fef9:2372/64 Scope:Link
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:1956 errors:0 dropped:0 overruns:0 frame:0
- TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:1000
- RX bytes:255969 (249.9 KiB) TX bytes:9355 (9.1 KiB)
- Interrupt:19 Base address:0x2000
-
- lo Link encap:Local Loopback
- inet addr:127.0.0.1 Mask:255.0.0.0
- inet6 addr: ::1/128 Scope:Host
- UP LOOPBACK RUNNING MTU:16436 Metric:1
- RX packets:4 errors:0 dropped:0 overruns:0 frame:0
- TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:240 (240.0 b) TX bytes:240 (240.0 b)
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:F9:23:72
inet addr:192.168.1.143 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fef9:2372/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1956 errors:0 dropped:0 overruns:0 frame:0
TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:255969 (249.9 KiB) TX bytes:9355 (9.1 KiB)
Interrupt:19 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:240 (240.0 b) TX bytes:240 (240.0 b)
如果只显示eh0的IP地址,命令如下:
- [root@localhost ~]# ifconfig eth0 | grep "inet addr" | awk -F[" "]+ '{print $3}'|awk -F[:""]+ '{print $2}'
- 192.168.1.143
[root@localhost ~]# ifconfig eth0 | grep "inet addr" | awk -F[" "]+ '{print $3}'|awk -F[:""]+ '{print $2}'
192.168.1.143
2、ping
用于检查网络上某台主机是否为活跃状态或者是发生故障。下面我们试着用5个数据包去ping一下主机192.168.1.110:
- [root@localhost ~]# ping -c 5 192.168.1.110
- PING 192.168.1.110 (192.168.1.110) 56(84) bytes of data.
- 64 bytes from 192.168.1.110: icmp_seq=1 ttl=128 time=0.934 ms
- 64 bytes from 192.168.1.110: icmp_seq=2 ttl=128 time=0.849 ms
- 64 bytes from 192.168.1.110: icmp_seq=3 ttl=128 time=0.792 ms
- 64 bytes from 192.168.1.110: icmp_seq=4 ttl=128 time=0.772 ms
- 64 bytes from 192.168.1.110: icmp_seq=5 ttl=128 time=0.827 ms
-
- --- 192.168.1.110 ping statistics ---
- 5 packets transmitted, 5 received, 0% packet loss, time 4010ms
- rtt min/avg/max/mdev = 0.772/0.834/0.934/0.067 ms
[root@localhost ~]# ping -c 5 192.168.1.110
PING 192.168.1.110 (192.168.1.110) 56(84) bytes of data.
64 bytes from 192.168.1.110: icmp_seq=1 ttl=128 time=0.934 ms
64 bytes from 192.168.1.110: icmp_seq=2 ttl=128 time=0.849 ms
64 bytes from 192.168.1.110: icmp_seq=3 ttl=128 time=0.792 ms
64 bytes from 192.168.1.110: icmp_seq=4 ttl=128 time=0.772 ms
64 bytes from 192.168.1.110: icmp_seq=5 ttl=128 time=0.827 ms
--- 192.168.1.110 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4010ms
rtt min/avg/max/mdev = 0.772/0.834/0.934/0.067 ms
通常大家比较关心的是ping通的时间和有无丢包。
3、netstat
netstat命令的功能是显示网络连接、路由表和网络接口的信息,可以了解目前有哪些网络连接正在运作。
下面是它的重要参数
-c 每隔1秒就重新显示一遍,直到用户中断它。
-i 显示所有网络接口的信息,格式“netstat -i”。
-n 以网络IP地址代替名称,显示出网络连接情形。
-r 显示核心路由表,格式同“route -e”。
-t 显示TCP协议的连接情况
-u 显示UDP协议的连接情况。
-v 显示正在进行的工作。
-A 显示任何关联的协议控制块的地址。主要用于调试
-a 显示所有套接字的状态。在一般情况下不显示与服务器进程相关联的套接字
-i 显示自动配置接口的状态。那些在系统初始引导后配置的接口状态不在输出之列
-m 打印网络存储器的使用情况
-n 打印实际地址,而不是对地址的解释或者显示主机,网络名之类的符号
-r 打印路由选择表
-f address -family对于给出名字的地址簇打印统计数字和控制块信息。到目前为止,唯一支持的地址簇是inet
-I interface 只打印给出名字的接口状态
-p protocol-name 只打印给出名字的协议的统计数字和协议控制块信息
-s 打印每个协议的统计数字
-t 在输出显示中用时间信息代替队列长度信息。
常用的连个参数,即netstat -na,如下所示:
- [root@localhost ~]# netstat -an|grep -v unix
- Active Internet connections (servers and established)
- Proto Recv-Q Send-Q Local Address Foreign Address State
- tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
- tcp 0 0 0.0.0.0:56883 0.0.0.0:* LISTEN
- tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN
- tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
- tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
- tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
- tcp 0 52 192.168.1.143:22 192.168.1.112:58557 ESTABLISHED
- tcp 0 0 :::5989 :::* LISTEN
- tcp 0 0 :::111 :::* LISTEN
- tcp 0 0 :::33713 :::* LISTEN
- tcp 0 0 :::22 :::* LISTEN
- tcp 0 0 ::1:631 :::* LISTEN
- tcp 0 0 ::1:25 :::* LISTEN
- udp 0 0 0.0.0.0:67 0.0.0.0:*
- udp 0 0 0.0.0.0:855 0.0.0.0:*
- udp 0 0 0.0.0.0:49762 0.0.0.0:*
- udp 0 0 0.0.0.0:5353 0.0.0.0:*
- udp 0 0 0.0.0.0:750 0.0.0.0:*
- udp 0 0 0.0.0.0:111 0.0.0.0:*
- udp 0 0 0.0.0.0:631 0.0.0.0:*
- udp 0 0 192.168.122.1:123 0.0.0.0:*
- udp 0 0 192.168.1.143:123 0.0.0.0:*
- udp 0 0 127.0.0.1:123 0.0.0.0:*
- udp 0 0 0.0.0.0:123 0.0.0.0:*
- udp 0 0 0.0.0.0:52219 0.0.0.0:*
- udp 0 0 0.0.0.0:798 0.0.0.0:*
- udp 0 0 192.168.122.1:53 0.0.0.0:*
- udp 0 0 :::111 :::*
- udp 0 0 fe80::20c:29ff:fef9:2372:123 :::*
- udp 0 0 ::1:123 :::*
- udp 0 0 :::123 :::*
- udp 0 0 :::40705 :::*
- udp 0 0 :::798 :::*
- Active UNIX domain sockets (servers and established)
- Proto RefCnt Flags Type State I-Node Path
[root@localhost ~]# netstat -an|grep -v unix
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:56883 0.0.0.0:* LISTEN
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 52 192.168.1.143:22 192.168.1.112:58557 ESTABLISHED
tcp 0 0 :::5989 :::* LISTEN
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::33713 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:631 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
udp 0 0 0.0.0.0:67 0.0.0.0:*
udp 0 0 0.0.0.0:855 0.0.0.0:*
udp 0 0 0.0.0.0:49762 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:750 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:631 0.0.0.0:*
udp 0 0 192.168.122.1:123 0.0.0.0:*
udp 0 0 192.168.1.143:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
udp 0 0 0.0.0.0:52219 0.0.0.0:*
udp 0 0 0.0.0.0:798 0.0.0.0:*
udp 0 0 192.168.122.1:53 0.0.0.0:*
udp 0 0 :::111 :::*
udp 0 0 fe80::20c:29ff:fef9:2372:123 :::*
udp 0 0 ::1:123 :::*
udp 0 0 :::123 :::*
udp 0 0 :::40705 :::*
udp 0 0 :::798 :::*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
netstat -an参数中state的含义如下所示:
LISTEN:侦听来自远方的TCP端口的连接请求
SYN-SENT:再发送连接请求后等待匹配的连接请求
SYN-RECEIVED:再收到和发送一个连接请求后等待对方对连接请求的确认
ESTABLISHED:代表一个打开的连接
FIN-WAIT-1:等待远程TCP连接中断请求,或先前的连接中断请求的确认
FIN-WAIT-2:从远程TCP等待连接中断请求
CLOSE-WAIT:等待从本地用户发来的连接中断请求
CLOSING:等待远程TCP对连接中断的确认
LAST-ACK:等待原来的发向远程TCP的连接中断请求的确认
TIME-WAIT:等待足够的时间以确保远程TCP接收到连接中断请求的确认
CLOSED:没有任何连接状态
命令组合,查看服务器网络连接状态并汇总。
- [root@localhost ~]# netstat -an|awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
- LISTEN 12
- ESTABLISHED 1
[root@localhost ~]# netstat -an|awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
LISTEN 12
ESTABLISHED 1
参数说明:
CLOSED:无连接是活动的或正在进行
LISTEN:服务器在等待进入呼叫
SYN_RECV:一个连接请求已经到达,等待确认
SYN_SENT:应用已经开始,打开一个连接
ESTABLISHED:正常数据传输状态
FIN_WAIT1:应用说它已经完成
FIN_WAIT2:另一边已同意释放
ITMED_WAIT:等待所有分组死掉
CLOSING:两边同时尝试关闭
TIME_WAIT:另一边已初始化一个释放
LAST_ACK:等待所有分组死掉
Linux查看路由的方法:
第一种方法:
- [root@localhost ~]# route -n
- Kernel IP routing table
- Destination Gateway Genmask Flags Metric Ref Use Iface
- 192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
- 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
- 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
以上显示内容中有UG的这行表示系统默认网关。
第二种方法:
- [root@localhost ~]# netstat -r
- Kernel IP routing table
- Destination Gateway Genmask Flags MSS Window irtt Iface
- 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
- 192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0
- default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
[root@localhost ~]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
使用traceroute来跟踪一个网络地址,其中第一条就是我们机器的网关,如下所示:
- [root@localhost ~]# traceroute www.baidu.com
- traceroute to www.baidu.com (119.75.217.56), 30 hops max, 60 byte packets
- 1 192.168.1.1 (192.168.1.1) 0.888 ms 0.680 ms 0.880 ms
- 2 180.169.100.121 (180.169.100.121) 1.387 ms 2.013 ms 5.070 ms
- 3 180.168.82.241 (180.168.82.241) 4.963 ms 4.814 ms 4.680 ms
- 4 218.1.4.185 (218.1.4.185) 4.545 ms 4.422 ms 4.267 ms
- 5 124.74.210.249 (124.74.210.249) 40.145 ms 40.020 ms 39.887 ms
- 6 61.152.86.46 (61.152.86.46) 19.107 ms 10.672 ms 10.503 ms
- 7 202.97.34.149 (202.97.34.149) 28.701 ms 28.712 ms 29.033 ms
- 8 220.181.0.42 (220.181.0.42) 28.134 ms 28.734 ms 29.744 ms
- 9 220.181.17.118 (220.181.17.118) 27.282 ms !X * *
[root@localhost ~]# traceroute www.baidu.com
traceroute to www.baidu.com (119.75.217.56), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 0.888 ms 0.680 ms 0.880 ms
2 180.169.100.121 (180.169.100.121) 1.387 ms 2.013 ms 5.070 ms
3 180.168.82.241 (180.168.82.241) 4.963 ms 4.814 ms 4.680 ms
4 218.1.4.185 (218.1.4.185) 4.545 ms 4.422 ms 4.267 ms
5 124.74.210.249 (124.74.210.249) 40.145 ms 40.020 ms 39.887 ms
6 61.152.86.46 (61.152.86.46) 19.107 ms 10.672 ms 10.503 ms
7 202.97.34.149 (202.97.34.149) 28.701 ms 28.712 ms 29.033 ms
8 220.181.0.42 (220.181.0.42) 28.134 ms 28.734 ms 29.744 ms
9 220.181.17.118 (220.181.17.118) 27.282 ms !X * *
4、nslookupnslookup查询一台机器的IPdizhi与其对应域名。
- [root@localhost ~]# nslookup
- > www.bmsmrc.com
- Server: 202.96.209.133
- Address: 202.96.209.133#53
-
- Non-authoritative answer:
- Name: www.bmsmrc.com
- Address: 74.205.108.211
- > exit5、dig[root@localhost ~]# dig www.bmsmrc.com
-
- ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> www.bmsmrc.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4200
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
-
- ;; QUESTION SECTION:
- ;www.bmsmrc.com. IN A
-
- ;; ANSWER SECTION:
- www.bmsmrc.com. 600 IN A 74.205.108.211
-
- ;; Query time: 536 msec
- ;; SERVER: 202.96.209.133#53(202.96.209.133)
- ;; WHEN: Fri Nov 9 11:05:42 2012
- ;; MSG SIZE rcvd: 48
[root@localhost ~]# nslookup
> www.bmsmrc.com
Server: 202.96.209.133
Address: 202.96.209.133#53
Non-authoritative answer:
Name: www.bmsmrc.com
Address: 74.205.108.211
> exit5、dig[root@localhost ~]# dig www.bmsmrc.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> www.bmsmrc.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4200
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.bmsmrc.com. IN A
;; ANSWER SECTION:
www.bmsmrc.com. 600 IN A 74.205.108.211
;; Query time: 536 msec
;; SERVER: 202.96.209.133#53(202.96.209.133)
;; WHEN: Fri Nov 9 11:05:42 2012
;; MSG SIZE rcvd: 48
6、figer查询用户信息,显示某个用户的用户名、主目录、停滞时间、登录时间、登录shell等信息。
