Linux networking commands

                      
Networking:

# ethtool eth0                                           # Show the ethernet status (replaces mii-diag)
# ethtool -s eth0 speed 100 duplex full # Force 100Mbit Full duplex
# ethtool -s eth0 autoneg off # Disable auto negotiation
# ethtool -p eth1                                      # Blink the ethernet led - very useful when supported
# ip link show                                           # Display all interfaces on Linux (similar to ifconfig)
# ip link set eth0 up                                # Bring device up (or down). Same as "ifconfig eth0 up"
# ip addr show                                        # Display all IP addresses on Linux (similar to ifconfig)
# ip neigh show                                      # Similar to arp -a

Ports in use:
Listening open ports:

# netstat -an | grep LISTEN
# lsof -i                                         # List all Internet connections
# socklist                                     # Display list of open sockets
# netstat -anp --udp --tcp | grep LISTEN 
# netstat -tup                              # List active connections to/from system
# netstat -tupl                             # List listening ports from system

Firewall
Check if a firewall is running (typical configuration only):

# iptables -L -n -v                                 # For status Open the iptables firewall
# iptables -P INPUT       ACCEPT     # Open everything
# iptables -P FORWARD     ACCEPT
# iptables -P OUTPUT      ACCEPT
# iptables -Z                                         # Zero the packet and byte counters in all chains
# iptables -F                                         # Flush all chains
# iptables -X                                         # Delete all chains

IP Forward for routing
Check and then enable IP forward with :
# cat /proc/sys/net/ipv4/ip_forward  # Check IP forward 0=off, 1=on
# echo 1 > /proc/sys/net/ipv4/ip_forward
or edit /etc/sysctl.conf with:
net.ipv4.ip_forward = 1

Network Address Translation

# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE    # to activate NAT
# iptables -t nat -A PREROUTING -p tcp -d 78.31.70.238 --dport 20022 -j DNAT \
--to 192.168.16.44:22           # Port forward 20022 to internal IP port ssh
# iptables -t nat -A PREROUTING -p tcp -d 78.31.70.238 --dport 993:995 -j DNAT \
--to 192.168.16.254:993-995     # Port forward of range 993-995
# ip route flush cache
# iptables -L -t nat            # Check NAT status

DNS
The DNS entries are valid for all interfaces and are stored in /etc/resolv.conf. The domain to which the host belongs is also stored in this file. A minimal configuration is:

nameserver 66.63.128.84
search cipi.net intern.lab
domain cipi.org
Check the system domain name with:
# hostname -d                # Same as dnsdomainname

DHCP

# dhcpcd -n eth0           # Trigger a renew (does not always work)
# dhcpcd -k eth0           # release and shutdown
The lease with the full information is stored in:
/var/lib/dhcpcd/dhcpcd-eth0.info



Comments