1、iproute家族命令中常用的有:ip 和 ss 命令。
安装包名为:iproute-3.10.0-87.el7.x86_64
2、ip 命令
ip - show / manipulate routing, devices, policy routing and tunnels .查询/管理路由表、设备、策略路由等;
ip [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT := { link | address | route | netns }
OBJECT:
2.1 ip-address - protocol address management
ip [ OPTIONS ] address { COMMAND | help }
ip address { add | change | replace } IFADDR dev IFNAME [label LABEL] : 为接口IFNAME添加IP地址,一个接口可以添加多个地址
ip addr { show|list } [IFaceName] ##查看接口的IP地址信息
ip addr del IFADDR dev IFNAME
ip addr flush [IFNAME] ##清空接口上的IP地址
eg:
>>> ip addr add 10.10.10.10/24 dev ens193 ##为接口添加第一个IP地址
>>> ip addr list ens193
4: ens193: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:8a:11:66 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.10/24 scope global ens193
valid_lft forever preferred_lft forever
inet6 fe80::68d6:ac29:3a99:e0fd/64 scope link
valid_lft forever preferred_lft forever
>>> ip addr add 10.10.20.20/24 dev ens193 ##为接口添加第二个IP地址
>>> ip addr show ens193
4: ens193: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:8a:11:66 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.10/24 scope global ens193
valid_lft forever preferred_lft forever
inet 10.10.20.20/24 scope global ens193
valid_lft forever preferred_lft forever
inet6 fe80::68d6:ac29:3a99:e0fd/64 scope link
valid_lft forever preferred_lft forever
注意:ifconfg 命令无法查到第二个及以上的IP地址信息,可以通过给接口添加label标识解决:
>>>ip addr add 10.10.40.40/24 dev ens193 label ens193:4 ##给接口添加IP的同时添加标签
>>>ip addr del 10.10.30.30/24 dev ens193 ##删除接口ens193上的IP地址10.10.30.30/24
>>>ip addr flush ens161
>>> ip addr list ens161
2: ens161: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:8a:09:96 brd ff:ff:ff:ff:ff:ff
2.2 ip route
ip-route - routing table management : 管理路由表
ip route { add | del | change | append | replace } ROUTE
ip route { show|list } : 查看路由表
ip route flush : 清空路由表
ip route add: 添加路由
格式:ip route add TARGET/NETMASK via NEXTHOP dev IFACE [src IPADDR]
eg: >>> ip route add 172.16.100.0/24 via 10.10.10.250 dev ens193
ip route del : 删除路由表
格式:ip route del TARGET/NETMASK [via NEXTHOP ]
eg: >>>ip route del 172.16.100.0/24
>>>ip route flush 192.168/16 ##清空192.168/16 网段的路由
>>>ip route flush ##清空路由表
>>>ip route show ##查看路由表 ,route -n /netstat -rn
default via 192.168.0.1 dev ens33
192.168.0.0/24 dev ens33 proto kernel scope link src 192.168.0.130 metric 100
192.168.200.0/24 dev ens37 proto kernel scope link src 192.168.200.129 metric 101
2.3 ip link: Manage and display the state of all network interfaces
ip link: display the state of all network interfaces ;
ip link show dev IFACE : Display information only for device IFACE
ip -s link : Display interface statistics /显示接口数据统计
ip link set : Alter the status of the interface/改变接口状态
ip link set IFACE up : Bring IFACE online / 启用接口
ip link set IFACE down : Bring IFACE offline /禁用接口
ip link set IFACE mtu 9000 : Set the MTU on IFACE to 9000 /设置mtu值
ip link set IFACE promisc on :Enable promiscuous mode for IFACE /启用接口IFACE的混杂模式
3、ss命令: another utility to investigate sockets.
ss [options] [ FILTER ]
-t, --tcp:Display TCP sockets.
-u, --udp:Display UDP sockets.
-w, --raw:Display RAW sockets.
-n, --numeric:Do not try to resolve service names./数字显示结果
-a, --all:Display both listening and non-listening (for TCP this means established connections) sockets.
-l, --listening:Display only listening sockets (these are omitted by default).
-o, --options:Show timer information.
-e, --extended:Show detailed socket information
-m, --memory:Show socket memory usage.
-p, --processes:Show process using socket
[ state STATE-FILTER ] [ EXPRESSION ]
STATE-FILTER:
LISTEN : 监听
ESTABLISHED: 建立的连接
FIN_WAIT_1
FIN_WAIT_2
SYN_SENT
SYN_RECV
CLOSED
closing
all
......
常用查询组合:
ss -nultp
ss -tan
ss -uan
eg:>>>ss -nutp ##选出已建立的连接
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp ESTAB 0 64 10.233.49.250:22 10.14.5.169:49246 users:(("sshd",pid=1659,fd=3))
tcp ESTAB 0 0 10.233.49.250:22 10.14.5.169:60216 users:(("sshd",pid=1749,fd=3))
>>>ss -t state established ## 选出处于已建立的TCP连接
>>>ss -o state established '( dport = :ssh or sport = :ssh )' ##选出已建立的ssh 连接
