Zum Inhalt

Linux Network Commands Cheat Sheet

generieren

Überblick

Linux-Netzwerkbefehle bieten umfassende Tools für Netzwerkkonfiguration, Fehlersuche, Überwachung und Sicherheitsanalyse. Dieser Leitfaden umfasst wesentliche Netzwerkprogramme für Konnektivitätstests, Schnittstellenmanagement, Verkehrsanalysen und Netzwerkdiagnostik, die jeder IT-Experte meistern muss.

ZEIT Warning: Netzwerkbefehle können die Systemkonnektivität und Sicherheit beeinträchtigen. Testen Sie Netzwerkänderungen in sicheren Umgebungen und pflegen Sie Backup-Zugang Methoden.

Netzwerk Connectivity Testing

Grundbindung

```bash

Test basic connectivity

ping hostname ping -c 4 hostname # Send 4 packets only ping -i 2 hostname # 2-second intervals ping -s 1000 hostname # Large packet size

IPv6 ping

ping6 hostname ping6 -c 4 ::1 # IPv6 localhost

Continuous ping with statistics

ping -c 100 hostname|tail -2 # Show summary only ```_

Advanced Connectivity Testing

```bash

Trace network path

traceroute hostname traceroute -n hostname # No DNS resolution traceroute -p 80 hostname # Use port 80 traceroute -m 15 hostname # Max 15 hops

IPv6 traceroute

traceroute6 hostname

MTU discovery

ping -M do -s 1472 hostname # Test MTU size tracepath hostname # Path MTU discovery ```_

Hafen- und Servicetests

```bash

Test specific ports

telnet hostname 80 telnet hostname 22

Netcat for port testing

nc -zv hostname 80 # Test port 80 nc -zv hostname 20-25 # Test port range nc -u hostname 53 # Test UDP port

Test multiple ports

nmap -p 80,443,22 hostname nmap -p 1-1000 hostname # Scan port range ```_

DNS-Resolution und Test

Grundlegende DNS Abfragen

```bash

Lookup IP address

nslookup hostname nslookup hostname dns-server

Reverse DNS lookup

nslookup IP_address

Dig command (preferred)

dig hostname dig @dns-server hostname dig hostname MX # Mail exchange records dig hostname NS # Name server records dig hostname TXT # Text records ```_

Erweiterte DNS Operationen

```bash

Detailed DNS information

dig +trace hostname # Trace DNS resolution path dig +short hostname # Short output dig +noall +answer hostname # Answer section only

Reverse DNS with dig

dig -x IP_address

DNS cache operations

systemctl flush-dns # Flush DNS cache (systemd) sudo systemd-resolve --flush-caches

Check DNS configuration

cat /etc/resolv.conf systemd-resolve --status ```_

DNS Fehlerbehebung

```bash

Test different DNS servers

dig @8.8.8.8 hostname dig @1.1.1.1 hostname dig @208.67.222.222 hostname # OpenDNS

DNS performance testing

dig hostname|grep "Query time" time nslookup hostname

Check DNS propagation

dig +trace hostname @8.8.8.8 ```_

Netzwerkschnittstellenmanagement

Schnittstelleninformationen

```bash

Show all interfaces

ip addr show ip a # Short form ifconfig # Traditional command

Show specific interface

ip addr show eth0 ifconfig eth0

Show interface statistics

ip -s link show cat /proc/net/dev ```_

Schnittstellenkonfiguration

```bash

Bring interface up/down

ip link set eth0 up ip link set eth0 down ifconfig eth0 up ifconfig eth0 down

Assign IP address

ip addr add 192.168.1.100/24 dev eth0 ifconfig eth0 192.168.1.100 netmask 255.255.255.0

Remove IP address

ip addr del 192.168.1.100/24 dev eth0

Change MAC address

ip link set dev eth0 address 00:11:22:33:44:55 ifconfig eth0 hw ether 00:11:22:33:44:55 ```_

Funkschnittstellenmanagement

```bash

Wireless interface info

iwconfig iw dev wlan0 info

Scan for wireless networks

iwlist wlan0 scan iw dev wlan0 scan

Connect to wireless network

iwconfig wlan0 essid "NetworkName" iwconfig wlan0 key s:password

Wireless signal strength

iwconfig wlan0|grep Signal watch -n 1 iwconfig wlan0 ```_

Routing und Netzwerktabellen

Routing Table Management

```bash

Show routing table

ip route show route -n # Traditional command netstat -rn

Add route

ip route add 192.168.2.0/24 via 192.168.1.1 route add -net 192.168.2.0/24 gw 192.168.1.1

Delete route

ip route del 192.168.2.0/24 route del -net 192.168.2.0/24

Default gateway

ip route add default via 192.168.1.1 route add default gw 192.168.1.1 ```_

ARP Tabelle Management

```bash

Show ARP table

ip neigh show arp -a

Add ARP entry

ip neigh add 192.168.1.100 lladdr 00:11:22:33:44:55 dev eth0 arp -s 192.168.1.100 00:11:22:33:44:55

Delete ARP entry

ip neigh del 192.168.1.100 dev eth0 arp -d 192.168.1.100

Clear ARP cache

ip neigh flush all ```_

Netzwerkverbindungen und Ports

Aktive Verbindungen

```bash

Show all connections

ss -tuln # TCP/UDP listening ports ss -tulpn # Include process names netstat -tuln # Traditional command netstat -tulpn

Show established connections

ss -t state established netstat -t|grep ESTABLISHED

Show connections by process

ss -p lsof -i # List open network files ```_

Portspezifisch Informationen

```bash

Show what's using a specific port

ss -tulpn|grep :80 netstat -tulpn|grep :80 lsof -i :80

Show all ports used by a process

ss -p|grep process_name lsof -p PID

Show network files by user

lsof -i -u username ```_

Netzwerkstatistik

```bash

Network interface statistics

ss -i # Interface info netstat -i # Interface statistics cat /proc/net/dev

Protocol statistics

ss -s # Socket statistics netstat -s # Protocol statistics cat /proc/net/snmp ```_

Netzwerküberwachung und -analyse

Echtzeit-Netzwerküberwachung

```bash

Monitor network traffic

iftop # Interface traffic iftop -i eth0 # Specific interface nethogs # Per-process bandwidth nload # Network load monitor

Bandwidth monitoring

vnstat # Network statistics vnstat -i eth0 # Specific interface vnstat -d # Daily statistics ```_

Paketerfassung und -analyse

```bash

Capture packets with tcpdump

tcpdump -i eth0 # Capture on eth0 tcpdump -i any # Capture on all interfaces tcpdump -w capture.pcap # Write to file tcpdump -r capture.pcap # Read from file

Filter packets

tcpdump host 192.168.1.100 tcpdump port 80 tcpdump tcp and port 22 tcpdump -n icmp # ICMP packets only

Wireshark command line

tshark -i eth0 # Live capture tshark -r capture.pcap # Read file tshark -i eth0 -f "port 80" # Capture filter ```_

Netzwerkleistungstests

```bash

Bandwidth testing with iperf

iperf3 -s # Server mode iperf3 -c server_ip # Client mode iperf3 -c server_ip -t 30 # 30-second test iperf3 -c server_ip -u # UDP test

HTTP performance testing

curl -w "@curl-format.txt" -o /dev/null -s http://example.com wget --spider -S http://example.com ```_

Netzwerksicherheit und Scanning

Port Scanning

```bash

Nmap basic scans

nmap hostname # Basic scan nmap -sS hostname # SYN scan nmap -sU hostname # UDP scan nmap -sV hostname # Version detection

Nmap advanced options

nmap -A hostname # Aggressive scan nmap -O hostname # OS detection nmap -p 1-65535 hostname # Full port scan nmap --top-ports 1000 hostname # Top 1000 ports ```_

Überwachung der Netzsicherheit

```bash

Monitor failed connections

tail -f /var/log/auth.log|grep "Failed" journalctl -f -u ssh

Check for suspicious connections

ss -tulpn|grep LISTEN netstat -tulpn|grep LISTEN

Monitor network traffic patterns

| tcpdump -c 100 -i eth0 | awk '\\{print $3\\}' | sort | uniq -c | ```_

Firewall und Traffic Control

Iptables Basics

```bash

List current rules

iptables -L iptables -L -n -v # Verbose with numbers

Basic rules

iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -j DROP # Drop all other input

Save and restore rules

iptables-save > /etc/iptables/rules.v4 iptables-restore < /etc/iptables/rules.v4 ```_

UFW (Unkomplizierte Firewall)

```bash

UFW basic operations

ufw status ufw enable ufw disable

Allow/deny rules

ufw allow 22 ufw allow ssh ufw deny 23 ufw allow from 192.168.1.0/24

Delete rules

ufw delete allow 22 ufw --numbered status ufw delete 1 ```_

Verkehrssteuerung

```bash

Show traffic control rules

tc qdisc show tc class show dev eth0

Bandwidth limiting

tc qdisc add dev eth0 root tbf rate 1mbit burst 32kbit latency 400ms

Remove traffic control

tc qdisc del dev eth0 root ```_

Netzwerk Dateisysteme und Dienste

NFS (Network File System)

```bash

Show NFS exports

showmount -e nfs_server exportfs -v # Local exports

Mount NFS share

mount -t nfs nfs_server:/path /mnt/nfs mount -t nfs4 nfs_server:/path /mnt/nfs4

NFS statistics

nfsstat nfsstat -c # Client stats nfsstat -s # Server stats ```_

SSH und Remote Access

```bash

SSH with options

ssh -p 2222 user@hostname # Custom port ssh -i keyfile user@hostname # Private key ssh -L 8080:localhost:80 user@hostname # Local port forwarding ssh -R 8080:localhost:80 user@hostname # Remote port forwarding

SCP file transfer

scp file user@hostname:/path/ scp -r directory user@hostname:/path/ scp -P 2222 file user@hostname:/path/ # Custom port

SFTP operations

sftp user@hostname sftp -P 2222 user@hostname # Custom port ```_

Netzwerk Fehlerbehebung

Gemeinsame Netzprobleme

```bash

Check network connectivity layers

ping 127.0.0.1 # Loopback test ping gateway_ip # Gateway connectivity ping 8.8.8.8 # Internet connectivity nslookup google.com # DNS resolution

Check network configuration

ip addr show # IP configuration ip route show # Routing table cat /etc/resolv.conf # DNS configuration ```_

Leistung Fehlerbehebung

```bash

Check for packet loss

ping -c 100 hostname|grep "packet loss"

Check network latency

ping -c 10 hostname|tail -1

Check bandwidth utilization

iftop -i eth0 nload eth0

Check for network errors

ip -s link show eth0 cat /proc/net/dev|grep eth0 ```_

Advanced Diagnostics

```bash

MTU path discovery

tracepath hostname

Check for duplicate IP addresses

arping -D -I eth0 192.168.1.100

Network socket debugging

ss -tulpn|grep LISTEN lsof -i|grep LISTEN

Check network hardware

ethtool eth0 # Ethernet tool mii-tool eth0 # Media-independent interface tool ```_

Ressourcen

  • [Linux Network Administration Guide](__LINK_5___
  • [TCP/IP Network Administration](LINK_5
  • [Wireshark Benutzerhandbuch](LINK_5
  • [Nmap Network Scanning](LINK_5
  • [Linux Networking Cookbook](__LINK_5___

--

*Dieses Cheatsheet bietet umfassende Netzwerkbefehle für Linux-Systeme. Stellen Sie immer sicher, dass Sie eine ordnungsgemäße Berechtigung haben, bevor Sie Netzwerkscans oder Modifikationen in Produktionsumgebungen durchführen. *