Difference between revisions of "Networking"
Jump to navigation
Jump to search
(11 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
[[Category:Linux/Unix]] | [[Category:Linux/Unix]] | ||
− | + | =Check network connectivity= | |
+ | |||
+ | ;netstat -nap | ||
+ | :Show port status (LISTEN, ESTABLISHED, .....) and the program that owns it. You need to be root to see the process information | ||
− | |||
;<code>nc -v -z <host> <port></code> | ;<code>nc -v -z <host> <port></code> | ||
− | :Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet | + | :Netcat: Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet |
;<code>nc -v -u -z <host> <port></code> | ;<code>nc -v -u -z <host> <port></code> | ||
:Tell me if we can open a connection to <host> on a UDP <port> | :Tell me if we can open a connection to <host> on a UDP <port> | ||
− | |||
;<code>curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL></code> | ;<code>curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL></code> | ||
:Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections | :Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections | ||
Line 32: | Line 33: | ||
do | do | ||
curl http://${TARGET}:${PORT} --connect-timeout 1 > /dev/null 2>&1 | curl http://${TARGET}:${PORT} --connect-timeout 1 > /dev/null 2>&1 | ||
− | if [ $? == 28 ] | + | if [ $? == 28 ] # 28 is the curl code for connection timeout |
then | then | ||
echo No connection to ${TARGET}:${PORT} | echo No connection to ${TARGET}:${PORT} | ||
Line 39: | Line 40: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
− | + | =[[OpenSSL]]= | |
− | |||
− | |||
− | |||
− | |||
See the [[OpenSSL]] page | See the [[OpenSSL]] page | ||
− | + | =Interfaces= | |
;ifconfig -a | ;ifconfig -a | ||
:Show all network interfaces | :Show all network interfaces | ||
− | ;ifconfig <interface> < | + | ;ifconfig <interface> <ipaddress> |
:Assign <ipaddress> to <interface> | :Assign <ipaddress> to <interface> | ||
+ | |||
+ | ;ip -a address | ||
+ | ;ip -a -6 address | ||
+ | :Show all IP adresses | ||
+ | |||
+ | :Show all IPv4 addresses | ||
+ | |||
+ | ;ip -6 addr add <ipv6address>/<prefixlength> dev <interface> | ||
+ | :Add an IPv6 address to <interface> | ||
;mii-tool <interface> | ;mii-tool <interface> | ||
Line 60: | Line 66: | ||
apt-get purge network-manager | apt-get purge network-manager | ||
vi /etc/network/interfaces | vi /etc/network/interfaces | ||
− | auto <interface> | + | auto <interface> # Boot process waits until the interface is up or a time-out (5 minutes) |
+ | allow-hotplug <interface> # Boot process does not wait for the interface. | ||
iface <interface> inet dhcp | iface <interface> inet dhcp | ||
wpa-ssid <ssid> | wpa-ssid <ssid> | ||
wpa-psk <password> | wpa-psk <password> | ||
− | # To have ipv6 autoconfigured (by radvd) and add own | + | # To have ipv6 autoconfigured (by radvd) and add own address |
iface <interface> inet6 static | iface <interface> inet6 static | ||
− | + | address unique:local:address:prefix:your:own:host:address | |
− | + | autoconf 1 | |
− | + | netmask 64 | |
+ | # Add another address to <interface>(work for IPv4 addresses too | ||
+ | iface <interface> inet6 static | ||
+ | address unique:local:address:prefix:your:own:host:address | ||
+ | netmask 64 | ||
+ | |||
+ | # To have ipv6 autoconfigured (by radvd) and query a dhcp-server | ||
+ | iface <interface> inet6 dhcp | ||
+ | autoconf 1 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
− | + | ;Disable an interface completely (even not shown by ifconfig) | |
− | + | :vi /etc/modprobe.d/blackllst.conf | |
+ | :Put in the driver for your interface like: <code>blacklist ath9k</code> | ||
+ | |||
+ | =Wireless= | ||
+ | ;iwscan <interface> scanning | ||
+ | :Show available accesspoints | ||
+ | ;iwconfig <interface> | ||
+ | :Show details of the wireless connection | ||
− | + | =Routing= | |
;route add -net default gw <IPaddress> | ;route add -net default gw <IPaddress> | ||
:Add a default route using <IPaddress> as gateway | :Add a default route using <IPaddress> as gateway | ||
− | + | =Tunneling= | |
;<code>ssh -L 8080:remotehost:3006 proxy</code> | ;<code>ssh -L 8080:remotehost:3006 proxy</code> | ||
:Login over ssh to proxy and there connect to remotehost port 3006. Connect local port 8080 to the remote connection. | :Login over ssh to proxy and there connect to remotehost port 3006. Connect local port 8080 to the remote connection. | ||
Line 86: | Line 108: | ||
:Using <code>-nNT</code> prevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active. | :Using <code>-nNT</code> prevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active. | ||
− | + | =Tracing= | |
For tracing traffic see [[Tcpdump]] | For tracing traffic see [[Tcpdump]] | ||
+ | |||
+ | =Other= | ||
+ | ;<code>wget <URL></code> | ||
+ | :Get the data from <URL> |
Latest revision as of 16:26, 11 February 2024
Check network connectivity
- netstat -nap
- Show port status (LISTEN, ESTABLISHED, .....) and the program that owns it. You need to be root to see the process information
nc -v -z <host> <port>
- Netcat: Tell me if we can open a connection to <host> on <port>. Without -z it works like telnet
nc -v -u -z <host> <port>
- Tell me if we can open a connection to <host> on a UDP <port>
curl -vvv -k --proxy1.0 <proxyIP>:<proxyPort> <Remote URL>
- Get the data from <remote URL> via <proxyIP> -k allows insecure SSL connections
curl -vvv telnet://<IP>:<port>
- Just test connectivity to a port
#!/bin/bash
PORT=$1
TARGETS="999.999.999.999
888.888.888.888
777.777.777.777
666.666.666.666
"
for TARGET in ${TARGETS}
do
curl http://${TARGET}:${PORT} --connect-timeout 1 > /dev/null 2>&1
if [ $? == 28 ] # 28 is the curl code for connection timeout
then
echo No connection to ${TARGET}:${PORT}
fi
done
OpenSSL
See the OpenSSL page
Interfaces
- ifconfig -a
- Show all network interfaces
- ifconfig <interface> <ipaddress>
- Assign <ipaddress> to <interface>
- ip -a address
- ip -a -6 address
- Show all IP adresses
- Show all IPv4 addresses
- ip -6 addr add <ipv6address>/<prefixlength> dev <interface>
- Add an IPv6 address to <interface>
- mii-tool <interface>
- Show interface link status (speed)
- The interfaces file
apt-get purge network-manager
vi /etc/network/interfaces
auto <interface> # Boot process waits until the interface is up or a time-out (5 minutes)
allow-hotplug <interface> # Boot process does not wait for the interface.
iface <interface> inet dhcp
wpa-ssid <ssid>
wpa-psk <password>
# To have ipv6 autoconfigured (by radvd) and add own address
iface <interface> inet6 static
address unique:local:address:prefix:your:own:host:address
autoconf 1
netmask 64
# Add another address to <interface>(work for IPv4 addresses too
iface <interface> inet6 static
address unique:local:address:prefix:your:own:host:address
netmask 64
# To have ipv6 autoconfigured (by radvd) and query a dhcp-server
iface <interface> inet6 dhcp
autoconf 1
- Disable an interface completely (even not shown by ifconfig)
- vi /etc/modprobe.d/blackllst.conf
- Put in the driver for your interface like:
blacklist ath9k
Wireless
- iwscan <interface> scanning
- Show available accesspoints
- iwconfig <interface>
- Show details of the wireless connection
Routing
- route add -net default gw <IPaddress>
- Add a default route using <IPaddress> as gateway
Tunneling
ssh -L 8080:remotehost:3006 proxy
- Login over ssh to proxy and there connect to remotehost port 3006. Connect local port 8080 to the remote connection.
- Now if you connect to port 8080 on your local server you are connected to port 3006 on the remotehost
- Using
-nNT
prevents that the ssh command opens a terminal on the proxy. The ssh command however must remain active.
Tracing
For tracing traffic see Tcpdump
Other
wget <URL>
- Get the data from <URL>