网络属性及相关配置常用命令-下篇
nmcli
nmcli con
nmcli dev show ens160
nmcli con mod ens160 +ipv4.address 10.0.0.119/24 #同一设备新增一条配置+ipv4.address
nmcli con down ens160;nmcli con reload;nmcli con up ens160
ip a |grep 'inet 1'
nmcli con mod ens160 -ipv4.addresses 10.0.0.119/24#同一设备删除一条配置+ipv4.address
nmcli con down ens160;nmcli con reload;nmcli con up ens160
ip a |grep 'inet 1'
#新增一张网卡
ip a|grep mtu
nmcli con add con-name ens224 type ethernet ifname ens224
ip a s ens224
ls /etc/NetworkManager/system-connections
rm -rf /etc/NetworkManager/system-connections/con-*
nmcli con downens224;nmcli con reload;nmcli con up ens224
nmcli con add con-name ens224 ipv4.addresses 10.0.0.200/16 ipv4.gateway 10.0.0.2 ipv4.dns 10.0.0.2 ipv4.method manual type ethernet ifname ens224 #基本都是去配置文件中修改
ip a s ens224
cat /etc/NetworkManager/system-connections/ens224.nmconnection
网卡绑定
openEuler
ip a s
nmcli con
nmcli dev
#定制网卡配置
cat > /etc/sysconfig/network-scripts/ifcfg-bond0 <<-eof
NAME=bond0
TYPE=bond
DEVICE=bond0
BOOTPROTO=none
IPADDR=192.168.8.122
PREFIX=24
BONDING_OPTS="mode=1 miimon=100 fail_over_mac=1"
eof
cat > /etc/sysconfig/network-scripts/ifcfg-ens224 <<-eof
NAME=ens224
DEVICE=ens224
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
ONBOOT=yes
eof
cat > /etc/sysconfig/network-scripts/ifcfg-ens256 <<-eof
NAME=ens256
DEVICE=ens256
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
ONBOOT=yes
eof
ls /etc/sysconfig/network-scripts
systemctl restart NetworkManager
nmcli con reload
ip a
nmcli con
nmcli dev
cat /proc/net/bonding/bond0
#异常测试
ping 192.168.8.122
ip link set ens224 down
cat /proc/net/bonding/bond0
#删除绑定网卡
nmcli con down bond0
nmcli dev
rm -rf /etc/sysconfig/network-scripts/ifcfg-{bond0,ens224,ens256}
systemctl restart NetworkManager
nmcli con reload
rocky9
ip a
nmcli con
nmcli dev
nmcli con add type bond con-name bond0 ifname bond0 bond.options "mode=active-backup,miimon=1000"
nmcli con add type ethernet slave-type bond con-name bond0-port1 ifname ens224 master bond0
nmcli con add type ethernet slave-type bond con-name bond0-port2 ifname ens256 master bond0
nmcli connection modify bond0 ipv4.addresses '192.168.8.123/24' ipv4.gateway '192.168.8.2' ipv4.method manual
nmcli con up bond0
nmcli con up bond0-port1
nmcli con up bond0-port2
ls /etc/NetworkManager/system-connections
nmcli con
nmcli dev
ip a
cat /proc/net/bonding/bond0
#异常测试
ping 192.168.8.123
ip link set ens224 down
cat /proc/net/bonding/bond0
#清理环境
nmcli con delete bond0
nmcli con delete bond0-port1
nmcli con delete bond0-port2
ubuntu
ip a
nmcli con
nmcli dev
vim /etc/netplan/bond0.yaml
network:
ethernets:
ens37:
addresses: []
dhcp4: false
ens38:
addresses: []
dhcp4: false
version: 2
bonds:
bond0:
addresses: [192.168.8.124/24]
interfaces: [ens37,ens38]
parameters:
mode: balance-rr
netplan apply
nmcli dev
nmcli con
cat /proc/net/bonding/bond0
#异常测试
ping 192.168.8.124
ip link set ens37 down
cat /proc/net/bonding/bond0
rm -f /etc/netplan/bond0.yaml
netplan apply
网络组
openEuler/rocky9/ubuntu
#环境准备
nmcli con up team0
yum install -y teamd NetworkManager-team
systemctl restart NetworkManager
ip a
nmcli con
nmcli dev
#创建网络组接口
#nmcli con add type team con-name CON-NAME ifname TEAM-NAME config 'CONFIG-JSON-STRING'
#创建port接口
#nmcli con add type team-slave con-name CON-PORT-NAME ifname CON-TEAM-NAME master TEAM-NAME
#创建网络组
nmcli con add type con-name team0 ifname team0 config '{"runner":{"name":"loadbalance"}}' ipv4.addresses 192.168.8.100/8 ipv4.method
nmcli con add con-name team0-ens224 type team-slave ifname ens224 master team0
nmcli con add con-name team0-ens256 type team-slave ifname ens256 master team0
ls /etc/sysconfig/network-scripts/
nmcli con reload;nmcli con
#启用网络组设备
nmcli con up team0
nmcli con up team0-ens224
nmcli con up team0-ens256
ip a
nmcli con
nmcli dev
teamdctl team0 state
#异常测试
ping 192.168.8.100
ip link set ens224 down
teamdctl team0 state
#删除
nmcli con down team0
nmcli con del team0
nmcli con del team0-ens224
nmcli con del team0-ens256
#修改配置文件实现
cat >/etc/sysconfig/network-scripts/ifcfg-team0<<-eof
DEVICE=team0
DEVICETYPE=Team
TEAM_CONFIG="{\"runner\":{\"name\":\"loadbalance\"}}"
BOOTPROTO=none
IPADDR=192.168.8.100
PREFIX=24
NAME=team0
ONBOOT=yes
eof
cat > /etc/sysconfig/network-scripts/ifcfg-team0-ens224 <<-eof
DEVICE=ens224
DEVICETYPE=TeamPort
TEAM_MASTER=team0
NAME=team0-ens224
ONBOOT=yes
eof
cat > /etc/sysconfig/network-scripts/ifcfg-team0-ens256 <<-eof
DEVICE=ens256
DEVICETYPE=TeamPort
TEAM_MASTER=team0
NAME=team0-ens256
ONBOOT=yes
eof
ls /etc/sysconfig/network-scripts
systemctl restart NetworkManager
nmcli con reload;nmcli con up team0
#环境清理
nmcli con down team0
nmcli con del team0
nmcli con del team0-ens224
nmcli con del team0-ens256
rocky9
#创建网络组
nmcli con add type team con-name team0 ifname team0 team.runner activebackup
nmcli con modify team0 team.link-watchers "name=ethtool delay-up=1000"
nmcli con add type ethernet slave-type team con-name team0-port1 ifname ens224 master team0
nmcli con add type ehternet slave-type team con-name team0-port2 ifname ens256 master team0
nmcli dev
nmcli con
nmcli con modify team0 ipv4.addresses '192.168.8.123/24' ipv4.gateway '192.168.8.2' ipv4.method manual
systemctl restart NetworkManager
nmcli con reload;nmcli con up team0
teamdctl team0 state
#异常测试等后续与openEuler相同
ubuntu
#创建网络组
nmcli con add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}' ipv4.addresses 192.168.8.124/24 ipv4.method manual ipv6.method disabled
nmcli con add con-name team0-ens37 type team-slave ifname ens37 master team0
nmcli con add con-name team0-ens38 type team-slave ifname ens38 master team0
netplan apply
nmcli con reload;nmcli con up team0
ls /etc/netplan/90-*
ip a s
nmcli con
nmcli dev
teamdctl team0 state
#异常测试等后续与openEuler相同
网桥(交换机)
网桥
#环境准备
#rocky
cat /etc/NetworkManager/system-connection/ens161.nmconnection
[connection]
id=ens161
type=ethernet
autoconnect-priority=-999
interface-name=ens161
[ethernet]
[ipv4]
address1=172.16.1.110/16
method=manual
systemctl restart NetworkManager
#openEuler
cat /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=172.16.1.114
PREFIX=16
systemctl restart NetworkManager
#ubuntu
rm -rf /etc/netplan/*
netplan apply
ip route del 10.0.0.0/24
ip route del default
#添加网桥
#ubuntu上
nmcli con add type bridge con-name br0 ifname br0
nmcli con up br0
nmcli con add type bridge-slave con-name br0-port0 ifname ens160 master br0
nmcli con add type bridge-slave con-name br0-port1 ifname ens192 master br0
nmcli con up br0-port0
nmcli con up br0-port1
nmcli con
nmcli dev show br0
nmcli dev show ens192
nmcli dev show ens160
bridge link show
ip link show master br0
#rocky上
ping 172.16.1.114
#openEuler
ping 172.16.1.110
#网桥移除,ubuntu上
nmcli con down br0
nmcli con del br0
nmcli con down br0-port0
nmcli con del br0-port0
nmcli con down br0-port1
nmcli con del br0-port1brctl
brctl
brctl addbr br0
brctl show
brctl stp br0 on
brctl show
brctl addif br0 ens33
brctl addif br0 ens37
brctl show
ip link set br0 up
ip link set ens33 up
ip link set ens37 up
nmcli dev show br0
nmcli con
#rocky
ping 172.16.1.114
#openEuler
ping 172.16.1.110
#删除网桥
ip link set br0 down
ip link set ens33 down
ip link set ens37 down
brctl delif br0 ens33
brctl delif br0 ens37
brctl delbr br0
fping
yum install fping
用ping替代
tcpdump
#抓包
ifconfig |grep flags
tcpdump -D
tcpdump
tcpdump -c 1
tcpdump -i ens160
#host监听特定主机
tcpdump host 10.0.0.100
tcpdump src host 10.0.0.13
tcpdump dst host 10.0.0.13
# port监听特定端口
tcpdump port 3000
tcpdump tcp
tcpdump tcp port 22 and src host 10.0.0.100
# 特定主机间监测
tcpdump ip host 10.0.0.12 and 10.0.0.13
tcpdump ip host 10.0.0.12 and ! 10.0.0.1
nmap
#网段扫描
yum/apt install nmap
#主机范围扫描
nmap 10.0.0.0/24
nmap 10.0.0.12/24
nmap 10.0.0.10-15
nmap 10.0.0.10 10.0.0.12 10.0.0.15 10.0.0.100
cat > host.txt <<-eof
nmap -i hosts.txt
#端口范围扫描
nmap -p22,80,3306 10.0.0.12
nmap -n -p 80 10.0.0.12
nmap -p 1024-65535 localhost
#加速扫描
nmap --min-parallelism 2000 10.0.0.12-15
nmap -p0 10.0.0.1-10
#其他扫描
nmap -O 10.0.0.12
nmap -A 10.0.0.12
nc
#监听
yum install nc
apt install netcat-openbsd
#监听本地端口
nc -vl 8888 #终端A
nc -vl 127.0.0.1 8888#终端B
nc -vl 8888#终端A
#文件传输实践
nc -l 8888 > received.txt
echo nihao > file.txt
nc 127.0.0.1 8888 < file.txt
nc -l 8888 > received.txt
cat received.txt
#传输目录实践
nc -l 8888|tar -xzvf -
mkdir file;cp /etc/fstab file/; cp ~/.bashrc file
ls file -a
tar -czvf - file|nc 127.0.0.1 8888
nc -l 8888|tar -xzvf -
ls -a file
#网络安全攻击
nc -l 8888 -e /bin/bash
nc -v 127.0.0.1 8888
nc -l 8888 -e /bin/bash
ls
ls attack
id attack
parallelism 2000 10.0.0.12-15
nmap -p0 10.0.0.1-10
#其他扫描
nmap -O 10.0.0.12
nmap -A 10.0.0.12
# nc
```bash
```bash
```bash
```powershell
#监听
yum install nc
apt install netcat-openbsd
#监听本地端口
nc -vl 8888 #终端A
nc -vl 127.0.0.1 8888#终端B
nc -vl 8888#终端A
#文件传输实践
nc -l 8888 > received.txt
echo nihao > file.txt
nc 127.0.0.1 8888 < file.txt
nc -l 8888 > received.txt
cat received.txt
#传输目录实践
nc -l 8888|tar -xzvf -
mkdir file;cp /etc/fstab file/; cp ~/.bashrc file
ls file -a
tar -czvf - file|nc 127.0.0.1 8888
nc -l 8888|tar -xzvf -
ls -a file
#网络安全攻击
nc -l 8888 -e /bin/bash
nc -v 127.0.0.1 8888
nc -l 8888 -e /bin/bash
ls
ls attack
id attack
原文地址:https://blog.csdn.net/m0_73940847/article/details/143875431
免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!