10 KiB
Executable File
10 KiB
Executable File
Table of Contents
Linux Netzwerk
Interface
Jedes Interface hat einen eigenen Namen welches konfiguriert werden muss
en*: Physisches Ethernet Interfacewl*: Physisches WLAN Interfaceww*: Physiche WWAN Interace (Cellphone Card, Network Address)eth*: Virtuelles Interface (VMs, Cloud Instanzen)vir*: VirtualBox
route shows used Interface.
Get hostname
hostname
Get public IP address
IPv4:
dig TXT +short o-o.myaddr.l.google.com @ns1.google.com
or
host myip.opendns.com resolver1.opendns.com
IPv6:
dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com
Ports
List of reserved port numbers
less /etc/services
All open/listening ports
Solution 1
sudo lsof -i -P -n | grep LISTEN
Shows the following columns:
| Column | Description |
|---|---|
| COMMAND | The name of the command or executable associated with the process. |
| PID | The process ID of the listening process. |
| USER | The user who owns the process. |
| FD | The file descriptor associated with this process (4u indicates it's an open file/socket). |
| TYPE | The type of file, usually STREAM for TCP or DGRAM for UDP. |
| DEVICE | Internal device number (used by the operating system, not directly meaningful to users). |
| SIZE/OFF | The size or offset (not meaningful for listening sockets, so it's 0). |
| NODE | The protocol being used. |
| NAME | The address and port being listened to in the format : or *:. |
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE
systemd-r 669 systemd-resolve 13u IPv4 22780 0t0 TCP 127.0.0.53:53 (LISTEN)
named 745 bind 56u IPv4 23775 0t0 TCP 127.0.0.1:953 (LISTEN)
named 745 bind 63u IPv4 24658 0t0 TCP 194.13.82.60:53 (LISTEN)
named 745 bind 64u IPv4 24659 0t0 TCP 194.13.82.60:53 (LISTEN)
named 745 bind 65u IPv4 24660 0t0 TCP 194.13.82.60:53 (LISTEN)
named 745 bind 68u IPv4 24661 0t0 TCP 194.13.82.60:53 (LISTEN)
[...]
sshd 857 root 3u IPv4 26786 0t0 TCP *:22 (LISTEN)
sshd 857 root 4u IPv6 26788 0t0 TCP *:22 (LISTEN)
docker-pr 1243 root 4u IPv4 25440 0t0 TCP *:3307 (LISTEN)
docker-pr 1250 root 4u IPv4 28091 0t0 TCP *:9823 (LISTEN)
docker-pr 1252 root 4u IPv4 24336 0t0 TCP *:80 (LISTEN)
docker-pr 1253 root 4u IPv4 28820 0t0 TCP *:9877 (LISTEN)
docker-pr 1292 root 4u IPv6 28094 0t0 TCP *:9823 (LISTEN)
docker-pr 1294 root 4u IPv6 28102 0t0 TCP *:9877 (LISTEN)
docker-pr 1299 root 4u IPv6 28827 0t0 TCP *:3307 (LISTEN)
docker-pr 1300 root 4u IPv6 24339 0t0 TCP *:80 (LISTEN)
docker-pr 1316 root 4u IPv4 29795 0t0 TCP *:81 (LISTEN)
docker-pr 1353 root 4u IPv6 29805 0t0 TCP *:81 (LISTEN)
docker-pr 1390 root 4u IPv4 25492 0t0 TCP *:443 (LISTEN)
docker-pr 1414 root 4u IPv6 29815 0t0 TCP *:443 (LISTEN)
docker-pr 619804 root 4u IPv4 69012855 0t0 TCP *:8888 (LISTEN)
docker-pr 619813 root 4u IPv6 69010893 0t0 TCP *:8888 (LISTEN)
sshd 1330510 rogrut 10u IPv6 82082832 0t0 TCP [::1]:6010 (LISTEN)
sshd 1330510 rogrut 11u IPv4 82082833 0t0 TCP 127.0.0.1:6010 (LISTEN)
docker-pr 1343733 root 4u IPv4 82190331 0t0 TCP *:2222 (LISTEN)
docker-pr 1343740 root 4u IPv6 82188025 0t0 TCP *:2222 (LISTEN)
docker-pr 1343747 root 4u IPv4 82188950 0t0 TCP *:3000 (LISTEN)
docker-pr 1343754 root 4u IPv6 82185088 0t0 TCP *:3000 (LISTEN)
docker-pr 2890708 root 4u IPv4 46563836 0t0 TCP *:8806 (LISTEN)
docker-pr 2890715 root 4u IPv6 46564648 0t0 TCP *:8806 (LISTEN)
Solution 2
sudo netstat -tulpn | grep LISTEN
-t select all TCP ports
-u select all UDP ports
-l show listening server sockets (open TCP and UDP ports in listing state)
-p Display PID/Program name for sockets. In other words, this option tells who opened the TCP or UDP port. For example, on my system, Nginx opened TCP port 80/443, so I will /usr/sbin/nginx or its PID.
-n Don’t resolve name (avoid dns lookup, this speed up the netstat on busy Linux/Unix servers)
Sortiert zuerst IPv4 danach IPv6
| Column | Example Value | Description |
|---|---|---|
| Proto | tcp | The protocol in use, e.g., tcp (Transmission Control Protocol) or udp (User Datagram Protocol). |
| Recv-Q | 0 | The receive queue size: The number of bytes waiting to be read by the application. Usually 0. |
| Send-Q | 0 | The send queue size: The number of bytes waiting to be acknowledged by the remote host. Usually 0. |
| Local Address | 0.0.0.0:81 | The local address and port the process is bound to: - 0.0.0.0 means the process listens on all IPv4 interfaces. - :81 is the port number being listened on. |
| Foreign Address | 0.0.0.0:* | The remote address and port the socket is connected to: - 0.0.0.0:* indicates no remote connection yet (listening state). |
| State | LISTEN | The connection state. LISTEN means the process is waiting for incoming connections. |
| PID/Program name | 1316/docker-proxy | The process ID (PID) and program name of the process handling this connection: - 1316 is the unique process ID. - docker-proxy is the name of the program managing the socket. |
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 1316/docker-proxy
tcp 0 0 0.0.0.0:9877 0.0.0.0:* LISTEN 1253/docker-proxy
tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named
tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named
tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named
tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named
tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named
tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 669/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 857/sshd: /usr/sbin
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 1343747/docker-prox
tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 619804/docker-proxy
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1330510/sshd: rogru
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1390/docker-proxy
tcp 0 0 0.0.0.0:9823 0.0.0.0:* LISTEN 1250/docker-proxy
tcp 0 0 0.0.0.0:8806 0.0.0.0:* LISTEN 2890708/docker-prox
tcp 0 0 0.0.0.0:3307 0.0.0.0:* LISTEN 1243/docker-proxy
tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 1343733/docker-prox
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1252/docker-proxy
tcp6 0 0 :::81 :::* LISTEN 1353/docker-proxy
tcp6 0 0 :::9877 :::* LISTEN 1294/docker-proxy
tcp6 0 0 ::1:53 :::* LISTEN 745/named
[...]
Specific port
sudo lsof -i:8805
docker-pr 3613260 root 4u IPv4 424274374 0t0 TCP *:8805 (LISTEN)
docker-pr 3613267 root 4u IPv6 424276198 0t0 TCP *:8805 (LISTEN)
In a bash script
Testing if a port is open from a bash script
One can use the /dev/tcp/{HostName}_OR_{IPAddrress}>/{port} syntax to check if a TCP port is open on a Linux or Unix machine when using Bash. In other words, the following is Bash specific feature. Let us see if TCP port 20 is open on localhost and 192.168.2.20:
(echo >/dev/tcp/localhost/23) &>/dev/null && echo "open" || echo "close"
(echo >/dev/tcp/192.168.2.20/22) &>/dev/null && echo "open" || echo "close"
Now we can build some logic as follows:
#!/bin/bash
dest_box="aws-prod-server-42"
echo "Testing the ssh connectivity ... "
if ! (echo >/dev/tcp/$dest_box/22) &>/dev/null
then
echo "$0 cannot connect to the $dest_box. Check your vpn connectivity."
else
echo "Running the ansible playboook ..."
ansible-playbook -i hosts --ask-vault-pass --extra-vars '@cluster.data.yml' main.yaml
fi
Network configuration with nmcli
Show available wifi
nmcli device wifi list
show network interfaces on computer
ip link show
# or
nmcli device
show interface information
Shows table with local IP, Gateway IP, DNS IP, network name etc.
nmcli con show
NAME UUID TYPE DEVICE
RR_Net 9a0bf331-2197-478e-aaef-8bdb0da7daef wifi wlp1s0
nmcli dev show
For hardware info:
lshw -C network