名前解決順序

[root@localhost ~]# cat /etc/host.conf
order hosts,bind
[root@localhost ~]#

[root@localhost ~]# more /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry ‘[NOTFOUND=return]’ means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#       nisplus or nis+         Use NIS+ (NIS version 3)
#       nis or yp               Use NIS (NIS version 2), also called YP
#       dns                     Use DNS (Domain Name Service)
#       files                   Use the local files
#       db                      Use the local database (.db) files
#       compat                  Use NIS on compat mode
#       hesiod                  Use Hesiod for user lookups
#       [NOTFOUND=return]       Stop searching if not found so far
#

# To use db, put the “db” in front of “files” for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
hosts:      files dns

名前解決

[root@localhost ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
nameserver 192.168.1.1
search localdomain
[root@localhost ~]#

 

[root@localhost ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
[root@localhost ~]#

 

ホスト名,ホスト名,GW,使用/不使用

[root@localhost ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=localhost.localdomain
GATEWAY=192.168.1.1
[root@localhost ~]#

 

IPアドレスの設定

(以下:DHCPの場合)

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# ADMtek NC100 Network Everywhere Fast Ethernet 10/100
DEVICE=eth0
BOOTPROTO=dhcp
HWADDR=00:90:CC:E0:0C:C5
ONBOOT=yes
[root@localhost ~]#

(以下:IP指定の場合)

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# ADMtek NC100 Network Everywhere Fast Ethernet 10/100
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:90:CC:E0:0C:C5
BROADCAST=192.168.1.255
IPADDR=192.168.1.10
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
[root@localhost ~]#

※ NETWORK,BROADCASTなどは記入しなくても良い場合は多い。

 

コマンド色々:

hostコマンド

[root@localhost ~]# host yahoo.co.jp
yahoo.co.jp has address 203.216.227.176
yahoo.co.jp has address 124.83.139.192
yahoo.co.jp mail is handled by 10 mx5.mail.yahoo.co.jp.
yahoo.co.jp mail is handled by 10 mx1.mail.yahoo.co.jp.
yahoo.co.jp mail is handled by 10 mx2.mail.yahoo.co.jp.
yahoo.co.jp mail is handled by 10 mx3.mail.yahoo.co.jp.
[root@localhost ~]#

[root@localhost ~]# host 203.216.227.176
176.227.216.203.in-addr.arpa domain name pointer f1.top.vip.tnz.yahoo.co.jp.
[root@localhost ~]#

netstatコマンド

[root@localhost ~]# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 *:838                       *:*                         LISTEN
tcp        0      0 *:mysql                     *:*                         LISTEN
tcp        0      0 *:sunrpc                    *:*                         LISTEN
tcp        1      0 192.168.11.4:46259          ftp4.ncnu.edu.tw:http       CLOSE_WAIT
tcp        1      0 192.168.11.4:46262          ftp4.ncnu.edu.tw:http       CLOSE_WAIT
tcp        1      0 192.168.11.4:40359          centos.at.multacom.com:http CLOSE_WAIT
tcp        1      0 192.168.11.4:40363          centos.at.multacom.com:http CLOSE_WAIT
tcp        1      0 192.168.11.4:40361          centos.at.multacom.com:http CLOSE_WAIT
tcp        1      0 192.168.11.4:40365          centos.at.multacom.com:http CLOSE_WAIT
tcp        0      0 *:webcache                  *:*                         LISTEN
tcp        0      0 *:http                      *:*                         LISTEN
tcp        0      0 *:ssh                       *:*                         LISTEN
tcp        0    132 ::ffff:192.168.11.4:ssh     ::ffff:192.1:carrius-rshell ESTABLISHED
[root@localhost ~]#

-a 全てのソケット
-c 1秒毎リアルタイム表示
-i ネットワークインターフェース状況
-n アドレス,ポートを数値で表示
-p PIDとプロセス名も表示する
-r ルーティングテーブル表示
-t TCPポートのみ表示

routeコマンド

Destination → 宛先   Gateway→GWのアドレス   Genmask→宛先のSubnet(ホストは255.255.255.255 GWは0.0.0.0)

Flags→経路状態(U:有効, H:宛先はホスト, G: GW, !:経路無効)  Metric→距離(HOP) Ref→ルートの参照数,

Use→経路参照回数  Iface→ネットワークインターフェース

[root@localhost ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.11.0    *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         air.setup       0.0.0.0         UG    0      0        0 eth0
[root@localhost ~]#

route add で追加

route del  で削除

 

LinuxをRouterとして扱うような場合は,異なるネットワークのパケットを転送する必要がるのでip fowardを1に設定する。

0=パケット転送拒否 1=パケット転送許可

[root@localhost ~]# cat /proc/sys/net/ipv4/ip_forward
0
[root@localhost ~]#

TCPDUMP

-i インターフェース

-s バイト数

-X 16進とASCII文字で表示

-n アドレスを名前変換しないで表示

port ポート番号指定

proto プロトコルを指定

[root@localhost ~]# tcpdump -X -i eth0 port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
01:09:10.196603 IP 192.168.11.2.gxtelmd > 192.168.11.4.http: S 3053066467:3053066467(0) win 16384 <mss 1460,
        0x0000:  4500 0030 601c 4000 8006 0355 c0a8 0b02  E..0`.@….U….
        0x0010:  c0a8 0b04 0934 0050 b5fa 18e3 0000 0000  …..4.P……..
        0x0020:  7002 4000 d366 0000 0204 05b4 0101 0402  p.@..f……….
01:09:10.239801 IP 192.168.11.4.http > 192.168.11.2.gxtelmd: S 2904952068:2904952068(0) ack 3053066468 win 5p,nop,sackOK>

 

tcpdump.jpg

Comments are closed.

Post Navigation