Appearance
Linux Network Commands Cheat Sheet
Overview
Linux network commands provide comprehensive tools for network configuration, troubleshooting, monitoring, and security analysis. This guide covers essential networking utilities for connectivity testing, interface management, traffic analysis, and network diagnostics that every IT professional needs to master.
⚠️ Warning: Network commands can affect system connectivity and security. Test network changes in safe environments and maintain backup access methods.
Network Connectivity Testing
Basic Connectivity
bash
# Test basic connectivity
ping hostname
ping -c 4 hostname # Send 4 packets only
ping -i 2 hostname # 2-second intervals
ping -s 1000 hostname # Large packet size
# IPv6 ping
ping6 hostname
ping6 -c 4 ::1 # IPv6 localhost
# Continuous ping with statistics
ping -c 100 hostname | tail -2 # Show summary onlyAdvanced Connectivity Testing
bash
# Trace network path
traceroute hostname
traceroute -n hostname # No DNS resolution
traceroute -p 80 hostname # Use port 80
traceroute -m 15 hostname # Max 15 hops
# IPv6 traceroute
traceroute6 hostname
# MTU discovery
ping -M do -s 1472 hostname # Test MTU size
tracepath hostname # Path MTU discoveryPort and Service Testing
bash
# Test specific ports
telnet hostname 80
telnet hostname 22
# Netcat for port testing
nc -zv hostname 80 # Test port 80
nc -zv hostname 20-25 # Test port range
nc -u hostname 53 # Test UDP port
# Test multiple ports
nmap -p 80,443,22 hostname
nmap -p 1-1000 hostname # Scan port rangeDNS Resolution and Testing
Basic DNS Queries
bash
# Lookup IP address
nslookup hostname
nslookup hostname dns-server
# Reverse DNS lookup
nslookup IP_address
# Dig command (preferred)
dig hostname
dig @dns-server hostname
dig hostname MX # Mail exchange records
dig hostname NS # Name server records
dig hostname TXT # Text recordsAdvanced DNS Operations
bash
# Detailed DNS information
dig +trace hostname # Trace DNS resolution path
dig +short hostname # Short output
dig +noall +answer hostname # Answer section only
# Reverse DNS with dig
dig -x IP_address
# DNS cache operations
systemctl flush-dns # Flush DNS cache (systemd)
sudo systemd-resolve --flush-caches
# Check DNS configuration
cat /etc/resolv.conf
systemd-resolve --statusDNS Troubleshooting
bash
# Test different DNS servers
dig @8.8.8.8 hostname
dig @1.1.1.1 hostname
dig @208.67.222.222 hostname # OpenDNS
# DNS performance testing
dig hostname | grep "Query time"
time nslookup hostname
# Check DNS propagation
dig +trace hostname @8.8.8.8Network Interface Management
Interface Information
bash
# Show all interfaces
ip addr show
ip a # Short form
ifconfig # Traditional command
# Show specific interface
ip addr show eth0
ifconfig eth0
# Show interface statistics
ip -s link show
cat /proc/net/devInterface Configuration
bash
# Bring interface up/down
ip link set eth0 up
ip link set eth0 down
ifconfig eth0 up
ifconfig eth0 down
# Assign IP address
ip addr add 192.168.1.100/24 dev eth0
ifconfig eth0 192.168.1.100 netmask 255.255.255.0
# Remove IP address
ip addr del 192.168.1.100/24 dev eth0
# Change MAC address
ip link set dev eth0 address 00:11:22:33:44:55
ifconfig eth0 hw ether 00:11:22:33:44:55Wireless Interface Management
bash
# Wireless interface info
iwconfig
iw dev wlan0 info
# Scan for wireless networks
iwlist wlan0 scan
iw dev wlan0 scan
# Connect to wireless network
iwconfig wlan0 essid "NetworkName"
iwconfig wlan0 key s:password
# Wireless signal strength
iwconfig wlan0 | grep Signal
watch -n 1 iwconfig wlan0Routing and Network Tables
Routing Table Management
bash
# Show routing table
ip route show
route -n # Traditional command
netstat -rn
# Add route
ip route add 192.168.2.0/24 via 192.168.1.1
route add -net 192.168.2.0/24 gw 192.168.1.1
# Delete route
ip route del 192.168.2.0/24
route del -net 192.168.2.0/24
# Default gateway
ip route add default via 192.168.1.1
route add default gw 192.168.1.1ARP Table Management
bash
# Show ARP table
ip neigh show
arp -a
# Add ARP entry
ip neigh add 192.168.1.100 lladdr 00:11:22:33:44:55 dev eth0
arp -s 192.168.1.100 00:11:22:33:44:55
# Delete ARP entry
ip neigh del 192.168.1.100 dev eth0
arp -d 192.168.1.100
# Clear ARP cache
ip neigh flush allNetwork Connections and Ports
Active Connections
bash
# Show all connections
ss -tuln # TCP/UDP listening ports
ss -tulpn # Include process names
netstat -tuln # Traditional command
netstat -tulpn
# Show established connections
ss -t state established
netstat -t | grep ESTABLISHED
# Show connections by process
ss -p
lsof -i # List open network filesPort-specific Information
bash
# Show what's using a specific port
ss -tulpn | grep :80
netstat -tulpn | grep :80
lsof -i :80
# Show all ports used by a process
ss -p | grep process_name
lsof -p PID
# Show network files by user
lsof -i -u usernameNetwork Statistics
bash
# Network interface statistics
ss -i # Interface info
netstat -i # Interface statistics
cat /proc/net/dev
# Protocol statistics
ss -s # Socket statistics
netstat -s # Protocol statistics
cat /proc/net/snmpNetwork Monitoring and Analysis
Real-time Network Monitoring
bash
# Monitor network traffic
iftop # Interface traffic
iftop -i eth0 # Specific interface
nethogs # Per-process bandwidth
nload # Network load monitor
# Bandwidth monitoring
vnstat # Network statistics
vnstat -i eth0 # Specific interface
vnstat -d # Daily statisticsPacket Capture and Analysis
bash
# Capture packets with tcpdump
tcpdump -i eth0 # Capture on eth0
tcpdump -i any # Capture on all interfaces
tcpdump -w capture.pcap # Write to file
tcpdump -r capture.pcap # Read from file
# Filter packets
tcpdump host 192.168.1.100
tcpdump port 80
tcpdump tcp and port 22
tcpdump -n icmp # ICMP packets only
# Wireshark command line
tshark -i eth0 # Live capture
tshark -r capture.pcap # Read file
tshark -i eth0 -f "port 80" # Capture filterNetwork Performance Testing
bash
# Bandwidth testing with iperf
iperf3 -s # Server mode
iperf3 -c server_ip # Client mode
iperf3 -c server_ip -t 30 # 30-second test
iperf3 -c server_ip -u # UDP test
# HTTP performance testing
curl -w "@curl-format.txt" -o /dev/null -s http://example.com
wget --spider -S http://example.comNetwork Security and Scanning
Port Scanning
bash
# Nmap basic scans
nmap hostname # Basic scan
nmap -sS hostname # SYN scan
nmap -sU hostname # UDP scan
nmap -sV hostname # Version detection
# Nmap advanced options
nmap -A hostname # Aggressive scan
nmap -O hostname # OS detection
nmap -p 1-65535 hostname # Full port scan
nmap --top-ports 1000 hostname # Top 1000 portsNetwork Security Monitoring
bash
# Monitor failed connections
tail -f /var/log/auth.log | grep "Failed"
journalctl -f -u ssh
# Check for suspicious connections
ss -tulpn | grep LISTEN
netstat -tulpn | grep LISTEN
# Monitor network traffic patterns
tcpdump -c 100 -i eth0 | awk '{print $3}' | sort | uniq -cFirewall and Traffic Control
Iptables Basics
bash
# List current rules
iptables -L
iptables -L -n -v # Verbose with numbers
# Basic rules
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -j DROP # Drop all other input
# Save and restore rules
iptables-save > /etc/iptables/rules.v4
iptables-restore < /etc/iptables/rules.v4UFW (Uncomplicated Firewall)
bash
# UFW basic operations
ufw status
ufw enable
ufw disable
# Allow/deny rules
ufw allow 22
ufw allow ssh
ufw deny 23
ufw allow from 192.168.1.0/24
# Delete rules
ufw delete allow 22
ufw --numbered status
ufw delete 1Traffic Control
bash
# Show traffic control rules
tc qdisc show
tc class show dev eth0
# Bandwidth limiting
tc qdisc add dev eth0 root tbf rate 1mbit burst 32kbit latency 400ms
# Remove traffic control
tc qdisc del dev eth0 rootNetwork File Systems and Services
NFS (Network File System)
bash
# Show NFS exports
showmount -e nfs_server
exportfs -v # Local exports
# Mount NFS share
mount -t nfs nfs_server:/path /mnt/nfs
mount -t nfs4 nfs_server:/path /mnt/nfs4
# NFS statistics
nfsstat
nfsstat -c # Client stats
nfsstat -s # Server statsSSH and Remote Access
bash
# SSH with options
ssh -p 2222 user@hostname # Custom port
ssh -i keyfile user@hostname # Private key
ssh -L 8080:localhost:80 user@hostname # Local port forwarding
ssh -R 8080:localhost:80 user@hostname # Remote port forwarding
# SCP file transfer
scp file user@hostname:/path/
scp -r directory user@hostname:/path/
scp -P 2222 file user@hostname:/path/ # Custom port
# SFTP operations
sftp user@hostname
sftp -P 2222 user@hostname # Custom portNetwork Troubleshooting
Common Network Issues
bash
# Check network connectivity layers
ping 127.0.0.1 # Loopback test
ping gateway_ip # Gateway connectivity
ping 8.8.8.8 # Internet connectivity
nslookup google.com # DNS resolution
# Check network configuration
ip addr show # IP configuration
ip route show # Routing table
cat /etc/resolv.conf # DNS configurationPerformance Troubleshooting
bash
# Check for packet loss
ping -c 100 hostname | grep "packet loss"
# Check network latency
ping -c 10 hostname | tail -1
# Check bandwidth utilization
iftop -i eth0
nload eth0
# Check for network errors
ip -s link show eth0
cat /proc/net/dev | grep eth0Advanced Diagnostics
bash
# MTU path discovery
tracepath hostname
# Check for duplicate IP addresses
arping -D -I eth0 192.168.1.100
# Network socket debugging
ss -tulpn | grep LISTEN
lsof -i | grep LISTEN
# Check network hardware
ethtool eth0 # Ethernet tool
mii-tool eth0 # Media-independent interface toolResources
- Linux Network Administration Guide
- TCP/IP Network Administration
- Wireshark User Guide
- Nmap Network Scanning
- Linux Networking Cookbook
This cheat sheet provides comprehensive network commands for Linux systems. Always ensure you have proper authorization before performing network scans or modifications in production environments.