Difference between revisions of "Networking"
Jump to navigation
Jump to search
| (28 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | [[Category:networking]] | |
| + | [[Category:Linux/Unix]] | ||
| − | == | + | =Check network connectivity= |
| − | ;<code>nc <host> <port></code> | + | |
| − | : | + | ;netstat -nap |
| + | :Show port status (LISTEN, ESTABLISHED, .....) and the program that owns it. You need to be root to see the process information | ||
| + | |||
| + | ;<code>nc -v -z <host> <port></code> | ||
| + | :Netcat: Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet | ||
| + | |||
| + | ;<code>nc -v -u -z <host> <port></code> | ||
| + | :Tell me if we can open a connection to <host> on a UDP <port> | ||
| − | |||
;<code>curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL></code> | ;<code>curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL></code> | ||
| − | :Get the data from <remote URL> -k allows insecure SSL connections | + | :Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections |
| + | |||
| + | ;<code>curl -vvv telnet://<IP>:<port></code> | ||
| + | :Just test connectivity to a port | ||
| + | |||
| + | <syntaxhighlight lang=bash> | ||
| + | #!/bin/bash | ||
| + | |||
| + | PORT=$1 | ||
| + | |||
| + | TARGETS="999.999.999.999 | ||
| + | 888.888.888.888 | ||
| + | 777.777.777.777 | ||
| + | 666.666.666.666 | ||
| + | " | ||
| + | |||
| + | for TARGET in ${TARGETS} | ||
| + | do | ||
| + | curl http://${TARGET}:${PORT} --connect-timeout 1 > /dev/null 2>&1 | ||
| + | if [ $? == 28 ] # 28 is the curl code for connection timeout | ||
| + | then | ||
| + | echo No connection to ${TARGET}:${PORT} | ||
| + | fi | ||
| + | done | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | =[[OpenSSL]]= | ||
| + | See the [[OpenSSL]] page | ||
| + | |||
| + | =Interfaces= | ||
| + | ;ifconfig -a | ||
| + | :Show all network interfaces | ||
| + | |||
| + | ;ifconfig <interface> <ipaddress> | ||
| + | :Assign <ipaddress> to <interface> | ||
| + | |||
| + | ;ip -a address | ||
| + | ;ip -a -6 address | ||
| + | :Show all IP adresses | ||
| + | |||
| + | :Show all IPv4 addresses | ||
| + | |||
| + | ;ip -6 addr add <ipv6address>/<prefixlength> dev <interface> | ||
| + | :Add an IPv6 address to <interface> | ||
| + | |||
| + | ;mii-tool <interface> | ||
| + | :Show interface link status (speed) | ||
| + | |||
| + | ;The interfaces file | ||
| + | <syntaxhighlight lang=bash> | ||
| + | apt-get purge network-manager | ||
| + | vi /etc/network/interfaces | ||
| + | auto <interface> # Boot process waits until the interface is up or a time-out (5 minutes) | ||
| + | allow-hotplug <interface> # Boot process does not wait for the interface. | ||
| + | iface <interface> inet dhcp | ||
| + | wpa-ssid <ssid> | ||
| + | wpa-psk <password> | ||
| + | |||
| + | # To have ipv6 autoconfigured (by radvd) and add own address | ||
| + | iface <interface> inet6 static | ||
| + | address unique:local:address:prefix:your:own:host:address | ||
| + | autoconf 1 | ||
| + | netmask 64 | ||
| + | |||
| + | # Add another address to <interface>(work for IPv4 addresses too | ||
| + | iface <interface> inet6 static | ||
| + | address unique:local:address:prefix:your:own:host:address | ||
| + | netmask 64 | ||
| + | |||
| + | # To have ipv6 autoconfigured (by radvd) and query a dhcp-server | ||
| + | iface <interface> inet6 dhcp | ||
| + | autoconf 1 | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | ;Disable an interface completely (even not shown by ifconfig) | ||
| + | :vi /etc/modprobe.d/blackllst.conf | ||
| + | :Put in the driver for your interface like: <code>blacklist ath9k</code> | ||
| + | |||
| + | =Wireless= | ||
| + | ;iwscan <interface> scanning | ||
| + | :Show available accesspoints | ||
| + | ;iwconfig <interface> | ||
| + | :Show details of the wireless connection | ||
| + | |||
| + | =Routing= | ||
| + | ;route add -net default gw <IPaddress> | ||
| + | :Add a default route using <IPaddress> as gateway | ||
| + | |||
| + | =Tunneling= | ||
| + | ;<code>ssh -L 8080:remotehost:3006 proxy</code> | ||
| + | :Login over ssh to proxy and there connect to remotehost port 3006. Connect local port 8080 to the remote connection. | ||
| + | :Now if you connect to port 8080 on your local server you are connected to port 3006 on the remotehost | ||
| + | :Using <code>-nNT</code> prevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active. | ||
| + | |||
| + | =Tracing= | ||
| + | For tracing traffic see [[Tcpdump]] | ||
| − | = | + | =Other= |
;<code>wget <URL></code> | ;<code>wget <URL></code> | ||
:Get the data from <URL> | :Get the data from <URL> | ||
Latest revision as of 16:26, 11 February 2024
Check network connectivity
- netstat -nap
- Show port status (LISTEN, ESTABLISHED, .....) and the program that owns it. You need to be root to see the process information
nc -v -z <host> <port>- Netcat: Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet
nc -v -u -z <host> <port>- Tell me if we can open a connection to <host> on a UDP <port>
curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL>- Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections
curl -vvv telnet://<IP>:<port>- Just test connectivity to a port
#!/bin/bash
PORT=$1
TARGETS="999.999.999.999
888.888.888.888
777.777.777.777
666.666.666.666
"
for TARGET in ${TARGETS}
do
curl http://${TARGET}:${PORT} --connect-timeout 1 > /dev/null 2>&1
if [ $? == 28 ] # 28 is the curl code for connection timeout
then
echo No connection to ${TARGET}:${PORT}
fi
done
OpenSSL
See the OpenSSL page
Interfaces
- ifconfig -a
- Show all network interfaces
- ifconfig <interface> <ipaddress>
- Assign <ipaddress> to <interface>
- ip -a address
- ip -a -6 address
- Show all IP adresses
- Show all IPv4 addresses
- ip -6 addr add <ipv6address>/<prefixlength> dev <interface>
- Add an IPv6 address to <interface>
- mii-tool <interface>
- Show interface link status (speed)
- The interfaces file
apt-get purge network-manager
vi /etc/network/interfaces
auto <interface> # Boot process waits until the interface is up or a time-out (5 minutes)
allow-hotplug <interface> # Boot process does not wait for the interface.
iface <interface> inet dhcp
wpa-ssid <ssid>
wpa-psk <password>
# To have ipv6 autoconfigured (by radvd) and add own address
iface <interface> inet6 static
address unique:local:address:prefix:your:own:host:address
autoconf 1
netmask 64
# Add another address to <interface>(work for IPv4 addresses too
iface <interface> inet6 static
address unique:local:address:prefix:your:own:host:address
netmask 64
# To have ipv6 autoconfigured (by radvd) and query a dhcp-server
iface <interface> inet6 dhcp
autoconf 1
- Disable an interface completely (even not shown by ifconfig)
- vi /etc/modprobe.d/blackllst.conf
- Put in the driver for your interface like:
blacklist ath9k
Wireless
- iwscan <interface> scanning
- Show available accesspoints
- iwconfig <interface>
- Show details of the wireless connection
Routing
- route add -net default gw <IPaddress>
- Add a default route using <IPaddress> as gateway
Tunneling
ssh -L 8080:remotehost:3006 proxy- Login over ssh to proxy and there connect to remotehost port 3006. Connect local port 8080 to the remote connection.
- Now if you connect to port 8080 on your local server you are connected to port 3006 on the remotehost
- Using
-nNTprevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active.
Tracing
For tracing traffic see Tcpdump
Other
wget <URL>- Get the data from <URL>