IT-Wissen/linux/linux-netzwerk.md

---
gitea: none
include_toc: true
---
# Linux Netzwerk

## Interface

Jedes Interface hat einen eigenen Namen welches konfiguriert werden muss

  - `en*`: Physisches Ethernet Interface
  - `wl*`: Physisches WLAN Interface
  - `ww*`: Physiche WWAN Interace (Cellphone Card, Network Address)
  - `eth*`: Virtuelles Interface (VMs, Cloud Instanzen)
  - `vir*`: VirtualBox

`route` shows used Interface.

## Get hostname

```
hostname
```

## Get public IP address

IPv4:

```
dig TXT +short o-o.myaddr.l.google.com @ns1.google.com
or
host myip.opendns.com resolver1.opendns.com
```

IPv6:

```
dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com
```

---

## Ports

### List of reserved port numbers

`less /etc/services`

### All open/listening ports

#### Solution 1

`sudo lsof -i -P -n | grep LISTEN`

Shows the following columns:

| Column | Description |
| --- | --- |
| COMMAND | The name of the command or executable associated with the process. |
| PID | The process ID of the listening process. |
| USER | The user who owns the process. |
| FD | The file descriptor associated with this process (4u indicates it's an open file/socket). |
| TYPE | The type of file, usually STREAM for TCP or DGRAM for UDP. |
| DEVICE | Internal device number (used by the operating system, not directly meaningful to users). |
| SIZE/OFF | The size or offset (not meaningful for listening sockets, so it's 0). |
| NODE | The protocol being used. |
| NAME | The address and port being listened to in the format <IP>:<PORT> or *:<PORT>. |

```
COMMAND       PID            USER    FD  TYPE   DEVICE     SIZE/OFF NODE
systemd-r     669 systemd-resolve   13u  IPv4    22780      0t0  TCP 127.0.0.53:53 (LISTEN)
named         745            bind   56u  IPv4    23775      0t0  TCP 127.0.0.1:953 (LISTEN)
named         745            bind   63u  IPv4    24658      0t0  TCP 194.13.82.60:53 (LISTEN)
named         745            bind   64u  IPv4    24659      0t0  TCP 194.13.82.60:53 (LISTEN)
named         745            bind   65u  IPv4    24660      0t0  TCP 194.13.82.60:53 (LISTEN)
named         745            bind   68u  IPv4    24661      0t0  TCP 194.13.82.60:53 (LISTEN)
[...]
sshd          857            root    3u  IPv4    26786      0t0  TCP *:22 (LISTEN)
sshd          857            root    4u  IPv6    26788      0t0  TCP *:22 (LISTEN)
docker-pr    1243            root    4u  IPv4    25440      0t0  TCP *:3307 (LISTEN)
docker-pr    1250            root    4u  IPv4    28091      0t0  TCP *:9823 (LISTEN)
docker-pr    1252            root    4u  IPv4    24336      0t0  TCP *:80 (LISTEN)
docker-pr    1253            root    4u  IPv4    28820      0t0  TCP *:9877 (LISTEN)
docker-pr    1292            root    4u  IPv6    28094      0t0  TCP *:9823 (LISTEN)
docker-pr    1294            root    4u  IPv6    28102      0t0  TCP *:9877 (LISTEN)
docker-pr    1299            root    4u  IPv6    28827      0t0  TCP *:3307 (LISTEN)
docker-pr    1300            root    4u  IPv6    24339      0t0  TCP *:80 (LISTEN)
docker-pr    1316            root    4u  IPv4    29795      0t0  TCP *:81 (LISTEN)
docker-pr    1353            root    4u  IPv6    29805      0t0  TCP *:81 (LISTEN)
docker-pr    1390            root    4u  IPv4    25492      0t0  TCP *:443 (LISTEN)
docker-pr    1414            root    4u  IPv6    29815      0t0  TCP *:443 (LISTEN)
docker-pr  619804            root    4u  IPv4 69012855      0t0  TCP *:8888 (LISTEN)
docker-pr  619813            root    4u  IPv6 69010893      0t0  TCP *:8888 (LISTEN)
sshd      1330510          rogrut   10u  IPv6 82082832      0t0  TCP [::1]:6010 (LISTEN)
sshd      1330510          rogrut   11u  IPv4 82082833      0t0  TCP 127.0.0.1:6010 (LISTEN)
docker-pr 1343733            root    4u  IPv4 82190331      0t0  TCP *:2222 (LISTEN)
docker-pr 1343740            root    4u  IPv6 82188025      0t0  TCP *:2222 (LISTEN)
docker-pr 1343747            root    4u  IPv4 82188950      0t0  TCP *:3000 (LISTEN)
docker-pr 1343754            root    4u  IPv6 82185088      0t0  TCP *:3000 (LISTEN)
docker-pr 2890708            root    4u  IPv4 46563836      0t0  TCP *:8806 (LISTEN)
docker-pr 2890715            root    4u  IPv6 46564648      0t0  TCP *:8806 (LISTEN)
```

#### Solution 2

`sudo netstat -tulpn | grep LISTEN`

```
-t  select all TCP ports
-u  select all UDP ports
-l  show listening server sockets (open TCP and UDP ports in listing state)
-p  Display PID/Program name for sockets. In other words, this option tells who opened the TCP or UDP port. For example, on my system, Nginx opened TCP port 80/443, so I will /usr/sbin/nginx or its PID.
-n  Don’t resolve name (avoid dns lookup, this speed up the netstat on busy Linux/Unix servers)
```

Sortiert zuerst IPv4 danach IPv6

| Column | Example Value | Description |
| --- | --- | --- |
| Proto | tcp | The protocol in use, e.g., tcp (Transmission Control Protocol) or udp (User Datagram Protocol). |
| Recv-Q | 0 | The receive queue size: The number of bytes waiting to be read by the application. Usually 0. |
| Send-Q | 0 | The send queue size: The number of bytes waiting to be acknowledged by the remote host. Usually 0. |
| Local Address | 0.0.0.0:81 | The local address and port the process is bound to:<br/>- 0.0.0.0 means the process listens on all IPv4 interfaces.<br/>- :81 is the port number being listened on. |
| Foreign Address | 0.0.0.0:* | The remote address and port the socket is connected to:<br/>- 0.0.0.0:* indicates no remote connection yet (listening state). |
| State | LISTEN | The connection state. LISTEN means the process is waiting for incoming connections. |
| PID/Program name | 1316/docker-proxy | The process ID (PID) and program name of the process handling this connection:<br/>- 1316 is the unique process ID.<br/>- docker-proxy is the name of the program managing the socket. |

```
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:81              0.0.0.0:*               LISTEN      1316/docker-proxy
tcp        0      0 0.0.0.0:9877            0.0.0.0:*               LISTEN      1253/docker-proxy
tcp        0      0 194.13.82.60:53         0.0.0.0:*               LISTEN      745/named
tcp        0      0 194.13.82.60:53         0.0.0.0:*               LISTEN      745/named
tcp        0      0 194.13.82.60:53         0.0.0.0:*               LISTEN      745/named
tcp        0      0 194.13.82.60:53         0.0.0.0:*               LISTEN      745/named
tcp        0      0 194.13.82.60:53         0.0.0.0:*               LISTEN      745/named
tcp        0      0 194.13.82.60:53         0.0.0.0:*               LISTEN      745/named
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      669/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      857/sshd: /usr/sbin
tcp        0      0 0.0.0.0:3000            0.0.0.0:*               LISTEN      1343747/docker-prox
tcp        0      0 0.0.0.0:8888            0.0.0.0:*               LISTEN      619804/docker-proxy
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      745/named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      745/named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      745/named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      745/named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      745/named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      745/named
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      1330510/sshd: rogru
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1390/docker-proxy
tcp        0      0 0.0.0.0:9823            0.0.0.0:*               LISTEN      1250/docker-proxy
tcp        0      0 0.0.0.0:8806            0.0.0.0:*               LISTEN      2890708/docker-prox
tcp        0      0 0.0.0.0:3307            0.0.0.0:*               LISTEN      1243/docker-proxy
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      1343733/docker-prox
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1252/docker-proxy
tcp6       0      0 :::81                   :::*                    LISTEN      1353/docker-proxy
tcp6       0      0 :::9877                 :::*                    LISTEN      1294/docker-proxy
tcp6       0      0 ::1:53                  :::*                    LISTEN      745/named
[...]
```

### Specific port

`sudo lsof -i:8805`

```
docker-pr 3613260 root    4u  IPv4 424274374      0t0  TCP *:8805 (LISTEN)
docker-pr 3613267 root    4u  IPv6 424276198      0t0  TCP *:8805 (LISTEN)
```

### In a bash script

Testing if a port is open from a bash script

One can use the `/dev/tcp/{HostName}_OR_{IPAddrress}>/{port}` syntax to check if a TCP port is open on a Linux or Unix machine when using Bash. In other words, the following is Bash specific feature. Let us see if TCP port `20` is open on `localhost` and `192.168.2.20`:

```shell
(echo >/dev/tcp/localhost/23) &>/dev/null && echo "open" || echo "close"
(echo >/dev/tcp/192.168.2.20/22) &>/dev/null && echo "open" || echo "close"
```

Now we can build some logic as follows:

```shell
#!/bin/bash
dest_box="aws-prod-server-42"
echo "Testing the ssh connectivity ... "
if ! (echo >/dev/tcp/$dest_box/22) &>/dev/null
then
    echo "$0 cannot connect to the $dest_box. Check your vpn connectivity."
else
    echo "Running the ansible playboook ..."
    ansible-playbook -i hosts --ask-vault-pass --extra-vars '@cluster.data.yml' main.yaml
fi
```

## Network configuration with nmcli

### Show available wifi

```shell
nmcli device wifi list
```

### show network interfaces on computer

```shell
ip link show
# or 
nmcli device
```

### show interface information

Shows table with local IP, Gateway IP, DNS IP, network name etc.

```
nmcli con show

NAME    UUID                                  TYPE  DEVICE 
RR_Net  9a0bf331-2197-478e-aaef-8bdb0da7daef  wifi  wlp1s0
```

```
nmcli dev show
```

For hardware info: 

```
lshw -C network
```