--- gitea: none include_toc: true --- # Linux Netzwerk ## Interface Jedes Interface hat einen eigenen Namen welches konfiguriert werden muss - `en*`: Physisches Ethernet Interface - `wl*`: Physisches WLAN Interface - `ww*`: Physiche WWAN Interace (Cellphone Card, Network Address) - `eth*`: Virtuelles Interface (VMs, Cloud Instanzen) - `vir*`: VirtualBox `route` shows used Interface. ## Get hostname ``` hostname ``` ## Get public IP address IPv4: ``` dig TXT +short o-o.myaddr.l.google.com @ns1.google.com or host myip.opendns.com resolver1.opendns.com ``` IPv6: ``` dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com ``` --- ## Ports ### List of reserved port numbers `less /etc/services` ### All open/listening ports #### Solution 1 `sudo lsof -i -P -n | grep LISTEN` Shows the following columns: | Column | Description | | --- | --- | | COMMAND | The name of the command or executable associated with the process. | | PID | The process ID of the listening process. | | USER | The user who owns the process. | | FD | The file descriptor associated with this process (4u indicates it's an open file/socket). | | TYPE | The type of file, usually STREAM for TCP or DGRAM for UDP. | | DEVICE | Internal device number (used by the operating system, not directly meaningful to users). | | SIZE/OFF | The size or offset (not meaningful for listening sockets, so it's 0). | | NODE | The protocol being used. | | NAME | The address and port being listened to in the format : or *:. | ``` COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE systemd-r 669 systemd-resolve 13u IPv4 22780 0t0 TCP 127.0.0.53:53 (LISTEN) named 745 bind 56u IPv4 23775 0t0 TCP 127.0.0.1:953 (LISTEN) named 745 bind 63u IPv4 24658 0t0 TCP 194.13.82.60:53 (LISTEN) named 745 bind 64u IPv4 24659 0t0 TCP 194.13.82.60:53 (LISTEN) named 745 bind 65u IPv4 24660 0t0 TCP 194.13.82.60:53 (LISTEN) named 745 bind 68u IPv4 24661 0t0 TCP 194.13.82.60:53 (LISTEN) [...] sshd 857 root 3u IPv4 26786 0t0 TCP *:22 (LISTEN) sshd 857 root 4u IPv6 26788 0t0 TCP *:22 (LISTEN) docker-pr 1243 root 4u IPv4 25440 0t0 TCP *:3307 (LISTEN) docker-pr 1250 root 4u IPv4 28091 0t0 TCP *:9823 (LISTEN) docker-pr 1252 root 4u IPv4 24336 0t0 TCP *:80 (LISTEN) docker-pr 1253 root 4u IPv4 28820 0t0 TCP *:9877 (LISTEN) docker-pr 1292 root 4u IPv6 28094 0t0 TCP *:9823 (LISTEN) docker-pr 1294 root 4u IPv6 28102 0t0 TCP *:9877 (LISTEN) docker-pr 1299 root 4u IPv6 28827 0t0 TCP *:3307 (LISTEN) docker-pr 1300 root 4u IPv6 24339 0t0 TCP *:80 (LISTEN) docker-pr 1316 root 4u IPv4 29795 0t0 TCP *:81 (LISTEN) docker-pr 1353 root 4u IPv6 29805 0t0 TCP *:81 (LISTEN) docker-pr 1390 root 4u IPv4 25492 0t0 TCP *:443 (LISTEN) docker-pr 1414 root 4u IPv6 29815 0t0 TCP *:443 (LISTEN) docker-pr 619804 root 4u IPv4 69012855 0t0 TCP *:8888 (LISTEN) docker-pr 619813 root 4u IPv6 69010893 0t0 TCP *:8888 (LISTEN) sshd 1330510 rogrut 10u IPv6 82082832 0t0 TCP [::1]:6010 (LISTEN) sshd 1330510 rogrut 11u IPv4 82082833 0t0 TCP 127.0.0.1:6010 (LISTEN) docker-pr 1343733 root 4u IPv4 82190331 0t0 TCP *:2222 (LISTEN) docker-pr 1343740 root 4u IPv6 82188025 0t0 TCP *:2222 (LISTEN) docker-pr 1343747 root 4u IPv4 82188950 0t0 TCP *:3000 (LISTEN) docker-pr 1343754 root 4u IPv6 82185088 0t0 TCP *:3000 (LISTEN) docker-pr 2890708 root 4u IPv4 46563836 0t0 TCP *:8806 (LISTEN) docker-pr 2890715 root 4u IPv6 46564648 0t0 TCP *:8806 (LISTEN) ``` #### Solution 2 `sudo netstat -tulpn | grep LISTEN` ``` -t select all TCP ports -u select all UDP ports -l show listening server sockets (open TCP and UDP ports in listing state) -p Display PID/Program name for sockets. In other words, this option tells who opened the TCP or UDP port. For example, on my system, Nginx opened TCP port 80/443, so I will /usr/sbin/nginx or its PID. -n Don’t resolve name (avoid dns lookup, this speed up the netstat on busy Linux/Unix servers) ``` Sortiert zuerst IPv4 danach IPv6 | Column | Example Value | Description | | --- | --- | --- | | Proto | tcp | The protocol in use, e.g., tcp (Transmission Control Protocol) or udp (User Datagram Protocol). | | Recv-Q | 0 | The receive queue size: The number of bytes waiting to be read by the application. Usually 0. | | Send-Q | 0 | The send queue size: The number of bytes waiting to be acknowledged by the remote host. Usually 0. | | Local Address | 0.0.0.0:81 | The local address and port the process is bound to:
- 0.0.0.0 means the process listens on all IPv4 interfaces.
- :81 is the port number being listened on. | | Foreign Address | 0.0.0.0:* | The remote address and port the socket is connected to:
- 0.0.0.0:* indicates no remote connection yet (listening state). | | State | LISTEN | The connection state. LISTEN means the process is waiting for incoming connections. | | PID/Program name | 1316/docker-proxy | The process ID (PID) and program name of the process handling this connection:
- 1316 is the unique process ID.
- docker-proxy is the name of the program managing the socket. | ``` Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 1316/docker-proxy tcp 0 0 0.0.0.0:9877 0.0.0.0:* LISTEN 1253/docker-proxy tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 669/systemd-resolve tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 857/sshd: /usr/sbin tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 1343747/docker-prox tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 619804/docker-proxy tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1330510/sshd: rogru tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1390/docker-proxy tcp 0 0 0.0.0.0:9823 0.0.0.0:* LISTEN 1250/docker-proxy tcp 0 0 0.0.0.0:8806 0.0.0.0:* LISTEN 2890708/docker-prox tcp 0 0 0.0.0.0:3307 0.0.0.0:* LISTEN 1243/docker-proxy tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 1343733/docker-prox tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1252/docker-proxy tcp6 0 0 :::81 :::* LISTEN 1353/docker-proxy tcp6 0 0 :::9877 :::* LISTEN 1294/docker-proxy tcp6 0 0 ::1:53 :::* LISTEN 745/named [...] ``` ### Specific port `sudo lsof -i:8805` ``` docker-pr 3613260 root 4u IPv4 424274374 0t0 TCP *:8805 (LISTEN) docker-pr 3613267 root 4u IPv6 424276198 0t0 TCP *:8805 (LISTEN) ``` ### In a bash script Testing if a port is open from a bash script One can use the `/dev/tcp/{HostName}_OR_{IPAddrress}>/{port}` syntax to check if a TCP port is open on a Linux or Unix machine when using Bash. In other words, the following is Bash specific feature. Let us see if TCP port `20` is open on `localhost` and `192.168.2.20`: ```shell (echo >/dev/tcp/localhost/23) &>/dev/null && echo "open" || echo "close" (echo >/dev/tcp/192.168.2.20/22) &>/dev/null && echo "open" || echo "close" ``` Now we can build some logic as follows: ```shell #!/bin/bash dest_box="aws-prod-server-42" echo "Testing the ssh connectivity ... " if ! (echo >/dev/tcp/$dest_box/22) &>/dev/null then echo "$0 cannot connect to the $dest_box. Check your vpn connectivity." else echo "Running the ansible playboook ..." ansible-playbook -i hosts --ask-vault-pass --extra-vars '@cluster.data.yml' main.yaml fi ``` ## Network configuration with nmcli ### Show available wifi ```shell nmcli device wifi list ``` ### show network interfaces on computer ```shell ip link show # or nmcli device ``` ### show interface information Shows table with local IP, Gateway IP, DNS IP, network name etc. ``` nmcli con show NAME UUID TYPE DEVICE RR_Net 9a0bf331-2197-478e-aaef-8bdb0da7daef wifi wlp1s0 ``` ``` nmcli dev show ``` For hardware info: ``` lshw -C network ```