Difference between revisions of "Networking"
Jump to navigation
Jump to search
(→Curl) |
|||
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Category:networking]] | [[Category:networking]] | ||
[[Category:Linux/Unix]] | [[Category:Linux/Unix]] | ||
− | |||
− | == | + | ==Check network connectivity== |
+ | |||
+ | ;netstat -nap | ||
+ | :Show port status (LISTEN, ESTABLISHED, .....) and the program that owns it. | ||
+ | |||
;<code>nc -v -z <host> <port></code> | ;<code>nc -v -z <host> <port></code> | ||
− | :Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet | + | :Netcat: Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet |
;<code>nc -v -u -z <host> <port></code> | ;<code>nc -v -u -z <host> <port></code> | ||
:Tell me if we can open a connection to <host> on a UDP <port> | :Tell me if we can open a connection to <host> on a UDP <port> | ||
− | |||
;<code>curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL></code> | ;<code>curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL></code> | ||
:Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections | :Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections | ||
Line 38: | Line 40: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
− | |||
;<code>wget <URL></code> | ;<code>wget <URL></code> | ||
:Get the data from <URL> | :Get the data from <URL> | ||
Line 51: | Line 52: | ||
;ifconfig <interface> <ipaddrss> | ;ifconfig <interface> <ipaddrss> | ||
:Assign <ipaddress> to <interface> | :Assign <ipaddress> to <interface> | ||
+ | |||
+ | ;ip -6 addr add <ipv6address>/<prefixlength> dev <interface> | ||
+ | :Add an IPv6 address to <interface> | ||
;mii-tool <interface> | ;mii-tool <interface> | ||
:Show interface link status (speed) | :Show interface link status (speed) | ||
+ | |||
+ | ;The interfaces file | ||
+ | <syntaxhighlight lang=bash> | ||
+ | apt-get purge network-manager | ||
+ | vi /etc/network/interfaces | ||
+ | auto <interface> | ||
+ | iface <interface> inet dhcp | ||
+ | wpa-ssid <ssid> | ||
+ | wpa-psk <password> | ||
+ | |||
+ | # To have ipv6 autoconfigured (by radvd) and add own address | ||
+ | iface <interface> inet6 static | ||
+ | address unique:local:address:prefix:your:own:host:address | ||
+ | autoconf 1 | ||
+ | netmask 64 | ||
+ | |||
+ | # Add another address to <interface>(work for IPv4 addresses too | ||
+ | iface <interface> inet6 static | ||
+ | address unique:local:address:prefix:your:own:host:address | ||
+ | netmask 64 | ||
+ | |||
+ | # To have ipv6 autoconfigured (by radvd) and query a dhcp-server | ||
+ | iface <interface> inet6 dhcp | ||
+ | autoconf 1 | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | For interfaces that may not be connected use <code>allow-hotplug</code> instead of <code>auto</code>.<br> | ||
+ | The bootprocces now does not wait for an DCHP-answer on disconnected interfaces. Saves you about 5 minutes during startup. | ||
+ | |||
+ | ==Routing== | ||
+ | ;route add -net default gw <IPaddress> | ||
+ | :Add a default route using <IPaddress> as gateway | ||
==Tunneling== | ==Tunneling== | ||
Line 60: | Line 96: | ||
:Now if you connect to port 8080 on your local server you are connected to port 3006 on the remotehost | :Now if you connect to port 8080 on your local server you are connected to port 3006 on the remotehost | ||
:Using <code>-nNT</code> prevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active. | :Using <code>-nNT</code> prevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active. | ||
+ | |||
+ | ==Tracing== | ||
+ | For tracing traffic see [[Tcpdump]] |
Revision as of 19:34, 27 April 2020
Check network connectivity
- netstat -nap
- Show port status (LISTEN, ESTABLISHED, .....) and the program that owns it.
nc -v -z <host> <port>
- Netcat: Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet
nc -v -u -z <host> <port>
- Tell me if we can open a connection to <host> on a UDP <port>
curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL>
- Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections
curl -vvv telnet://<IP>:<port>
- Just test connectivity to a port
#!/bin/bash
PORT=$1
TARGETS="999.999.999.999
888.888.888.888
777.777.777.777
666.666.666.666
"
for TARGET in ${TARGETS}
do
curl http://${TARGET}:${PORT} --connect-timeout 1 > /dev/null 2>&1
if [ $? == 28 ]
then
echo No connection to ${TARGET}:${PORT}
fi
done
wget <URL>
- Get the data from <URL>
OpenSSL
See the OpenSSL page
Interfaces
- ifconfig -a
- Show all network interfaces
- ifconfig <interface> <ipaddrss>
- Assign <ipaddress> to <interface>
- ip -6 addr add <ipv6address>/<prefixlength> dev <interface>
- Add an IPv6 address to <interface>
- mii-tool <interface>
- Show interface link status (speed)
- The interfaces file
apt-get purge network-manager
vi /etc/network/interfaces
auto <interface>
iface <interface> inet dhcp
wpa-ssid <ssid>
wpa-psk <password>
# To have ipv6 autoconfigured (by radvd) and add own address
iface <interface> inet6 static
address unique:local:address:prefix:your:own:host:address
autoconf 1
netmask 64
# Add another address to <interface>(work for IPv4 addresses too
iface <interface> inet6 static
address unique:local:address:prefix:your:own:host:address
netmask 64
# To have ipv6 autoconfigured (by radvd) and query a dhcp-server
iface <interface> inet6 dhcp
autoconf 1
For interfaces that may not be connected use allow-hotplug
instead of auto
.
The bootprocces now does not wait for an DCHP-answer on disconnected interfaces. Saves you about 5 minutes during startup.
Routing
- route add -net default gw <IPaddress>
- Add a default route using <IPaddress> as gateway
Tunneling
ssh -L 8080:remotehost:3006 proxy
- Login over ssh to proxy and there connect to remotehost port 3006. Connect local port 8080 to the remote connection.
- Now if you connect to port 8080 on your local server you are connected to port 3006 on the remotehost
- Using
-nNT
prevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active.
Tracing
For tracing traffic see Tcpdump