Linux Network Commands Cheat Sheet
"Clase de la hoja" id="copy-btn" class="copy-btn" onclick="copyAllCommands()" Copiar todos los comandos id="pdf-btn" class="pdf-btn" onclick="generatePDF()" Generar PDF seleccionado/button ■/div titulada
Sinopsis
Los comandos de red de Linux proporcionan herramientas integrales para configuración de red, solución de problemas, monitoreo y análisis de seguridad. Esta guía cubre los servicios esenciales de redes para pruebas de conectividad, gestión de interfaces, análisis de tráfico y diagnóstico de red que cada profesional de TI necesita dominar.
NOVEDAD Advertencia: Los comandos de red pueden afectar la conectividad del sistema y la seguridad. Probar cambios de red en entornos seguros y mantener métodos de acceso de copia de seguridad.
Pruebas de conectividad de red
Conectividad básica
# Test basic connectivity
ping hostname
ping -c 4 hostname # Send 4 packets only
ping -i 2 hostname # 2-second intervals
ping -s 1000 hostname # Large packet size
# IPv6 ping
ping6 hostname
ping6 -c 4 ::1 # IPv6 localhost
# Continuous ping with statistics
ping -c 100 hostname|tail -2 # Show summary only
Pruebas avanzadas de conectividad
# Trace network path
traceroute hostname
traceroute -n hostname # No DNS resolution
traceroute -p 80 hostname # Use port 80
traceroute -m 15 hostname # Max 15 hops
# IPv6 traceroute
traceroute6 hostname
# MTU discovery
ping -M do -s 1472 hostname # Test MTU size
tracepath hostname # Path MTU discovery
Pruebas de Puerto y Servicio
# Test specific ports
telnet hostname 80
telnet hostname 22
# Netcat for port testing
nc -zv hostname 80 # Test port 80
nc -zv hostname 20-25 # Test port range
nc -u hostname 53 # Test UDP port
# Test multiple ports
nmap -p 80,443,22 hostname
nmap -p 1-1000 hostname # Scan port range
DNS Resolución y Pruebas
Basic DNS Consultas
# Lookup IP address
nslookup hostname
nslookup hostname dns-server
# Reverse DNS lookup
nslookup IP_address
# Dig command (preferred)
dig hostname
dig @dns-server hostname
dig hostname MX # Mail exchange records
dig hostname NS # Name server records
dig hostname TXT # Text records
Advanced DNS Operaciones
# Detailed DNS information
dig +trace hostname # Trace DNS resolution path
dig +short hostname # Short output
dig +noall +answer hostname # Answer section only
# Reverse DNS with dig
dig -x IP_address
# DNS cache operations
systemctl flush-dns # Flush DNS cache (systemd)
sudo systemd-resolve --flush-caches
# Check DNS configuration
cat /etc/resolv.conf
systemd-resolve --status
DNS Solución de problemas
# Test different DNS servers
dig @8.8.8.8 hostname
dig @1.1.1.1 hostname
dig @208.67.222.222 hostname # OpenDNS
# DNS performance testing
dig hostname|grep "Query time"
time nslookup hostname
# Check DNS propagation
dig +trace hostname @8.8.8.8
Network Interface Management
Interface Information
# Show all interfaces
ip addr show
ip a # Short form
ifconfig # Traditional command
# Show specific interface
ip addr show eth0
ifconfig eth0
# Show interface statistics
ip -s link show
cat /proc/net/dev
Configuración de interfaz
# Bring interface up/down
ip link set eth0 up
ip link set eth0 down
ifconfig eth0 up
ifconfig eth0 down
# Assign IP address
ip addr add 192.168.1.100/24 dev eth0
ifconfig eth0 192.168.1.100 netmask 255.255.255.0
# Remove IP address
ip addr del 192.168.1.100/24 dev eth0
# Change MAC address
ip link set dev eth0 address 00:11:22:33:44:55
ifconfig eth0 hw ether 00:11:22:33:44:55
Gestión de la interfaz inalámbrica
# Wireless interface info
iwconfig
iw dev wlan0 info
# Scan for wireless networks
iwlist wlan0 scan
iw dev wlan0 scan
# Connect to wireless network
iwconfig wlan0 essid "NetworkName"
iwconfig wlan0 key s:password
# Wireless signal strength
iwconfig wlan0|grep Signal
watch -n 1 iwconfig wlan0
Mesas de Routing y Network
Gestión de la mesa de rotación
# Show routing table
ip route show
route -n # Traditional command
netstat -rn
# Add route
ip route add 192.168.2.0/24 via 192.168.1.1
route add -net 192.168.2.0/24 gw 192.168.1.1
# Delete route
ip route del 192.168.2.0/24
route del -net 192.168.2.0/24
# Default gateway
ip route add default via 192.168.1.1
route add default gw 192.168.1.1
ARP Gestión de cuadros
# Show ARP table
ip neigh show
arp -a
# Add ARP entry
ip neigh add 192.168.1.100 lladdr 00:11:22:33:44:55 dev eth0
arp -s 192.168.1.100 00:11:22:33:44:55
# Delete ARP entry
ip neigh del 192.168.1.100 dev eth0
arp -d 192.168.1.100
# Clear ARP cache
ip neigh flush all
Conexiones de red y puertos
Conexión activa
# Show all connections
ss -tuln # TCP/UDP listening ports
ss -tulpn # Include process names
netstat -tuln # Traditional command
netstat -tulpn
# Show established connections
ss -t state established
netstat -t|grep ESTABLISHED
# Show connections by process
ss -p
lsof -i # List open network files
Port-specific Información
# Show what's using a specific port
ss -tulpn|grep :80
netstat -tulpn|grep :80
lsof -i :80
# Show all ports used by a process
ss -p|grep process_name
lsof -p PID
# Show network files by user
lsof -i -u username
Estadísticas de red
# Network interface statistics
ss -i # Interface info
netstat -i # Interface statistics
cat /proc/net/dev
# Protocol statistics
ss -s # Socket statistics
netstat -s # Protocol statistics
cat /proc/net/snmp
Network Monitoring and Analysis
Monitoreo de redes en tiempo real
# Monitor network traffic
iftop # Interface traffic
iftop -i eth0 # Specific interface
nethogs # Per-process bandwidth
nload # Network load monitor
# Bandwidth monitoring
vnstat # Network statistics
vnstat -i eth0 # Specific interface
vnstat -d # Daily statistics
Captura y análisis de paquetes
# Capture packets with tcpdump
tcpdump -i eth0 # Capture on eth0
tcpdump -i any # Capture on all interfaces
tcpdump -w capture.pcap # Write to file
tcpdump -r capture.pcap # Read from file
# Filter packets
tcpdump host 192.168.1.100
tcpdump port 80
tcpdump tcp and port 22
tcpdump -n icmp # ICMP packets only
# Wireshark command line
tshark -i eth0 # Live capture
tshark -r capture.pcap # Read file
tshark -i eth0 -f "port 80" # Capture filter
Pruebas de rendimiento de red
# Bandwidth testing with iperf
iperf3 -s # Server mode
iperf3 -c server_ip # Client mode
iperf3 -c server_ip -t 30 # 30-second test
iperf3 -c server_ip -u # UDP test
# HTTP performance testing
curl -w "@curl-format.txt" -o /dev/null -s http://example.com
wget --spider -S http://example.com
Seguridad de la red y escaneado
Escaneo de puertos
# Nmap basic scans
nmap hostname # Basic scan
nmap -sS hostname # SYN scan
nmap -sU hostname # UDP scan
nmap -sV hostname # Version detection
# Nmap advanced options
nmap -A hostname # Aggressive scan
nmap -O hostname # OS detection
nmap -p 1-65535 hostname # Full port scan
nmap --top-ports 1000 hostname # Top 1000 ports
Vigilancia de la seguridad de la red
# Monitor failed connections
tail -f /var/log/auth.log|grep "Failed"
journalctl -f -u ssh
# Check for suspicious connections
ss -tulpn|grep LISTEN
netstat -tulpn|grep LISTEN
# Monitor network traffic patterns
tcpdump -c 100 -i eth0|awk '\\\\{print $3\\\\}'|sort|uniq -c
Firewall y Control de Tráfico
Iptables Basics
# List current rules
iptables -L
iptables -L -n -v # Verbose with numbers
# Basic rules
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -j DROP # Drop all other input
# Save and restore rules
iptables-save > /etc/iptables/rules.v4
iptables-restore < /etc/iptables/rules.v4
UFW (Uncomplicated Firewall)
# UFW basic operations
ufw status
ufw enable
ufw disable
# Allow/deny rules
ufw allow 22
ufw allow ssh
ufw deny 23
ufw allow from 192.168.1.0/24
# Delete rules
ufw delete allow 22
ufw --numbered status
ufw delete 1
Control de tráfico
# Show traffic control rules
tc qdisc show
tc class show dev eth0
# Bandwidth limiting
tc qdisc add dev eth0 root tbf rate 1mbit burst 32kbit latency 400ms
# Remove traffic control
tc qdisc del dev eth0 root
Sistemas y servicios de archivos de red
NFS (sistema de archivos de red)
# Show NFS exports
showmount -e nfs_server
exportfs -v # Local exports
# Mount NFS share
mount -t nfs nfs_server:/path /mnt/nfs
mount -t nfs4 nfs_server:/path /mnt/nfs4
# NFS statistics
nfsstat
nfsstat -c # Client stats
nfsstat -s # Server stats
SSH y acceso remoto
# SSH with options
ssh -p 2222 user@hostname # Custom port
ssh -i keyfile user@hostname # Private key
ssh -L 8080:localhost:80 user@hostname # Local port forwarding
ssh -R 8080:localhost:80 user@hostname # Remote port forwarding
# SCP file transfer
scp file user@hostname:/path/
scp -r directory user@hostname:/path/
scp -P 2222 file user@hostname:/path/ # Custom port
# SFTP operations
sftp user@hostname
sftp -P 2222 user@hostname # Custom port
Solución de problemas de red
Cuestiones de red comunes
# Check network connectivity layers
ping 127.0.0.1 # Loopback test
ping gateway_ip # Gateway connectivity
ping 8.8.8.8 # Internet connectivity
nslookup google.com # DNS resolution
# Check network configuration
ip addr show # IP configuration
ip route show # Routing table
cat /etc/resolv.conf # DNS configuration
Solución de problemas de rendimiento
# Check for packet loss
ping -c 100 hostname|grep "packet loss"
# Check network latency
ping -c 10 hostname|tail -1
# Check bandwidth utilization
iftop -i eth0
nload eth0
# Check for network errors
ip -s link show eth0
cat /proc/net/dev|grep eth0
Diagnósticos avanzados
# MTU path discovery
tracepath hostname
# Check for duplicate IP addresses
arping -D -I eth0 192.168.1.100
# Network socket debugging
ss -tulpn|grep LISTEN
lsof -i|grep LISTEN
# Check network hardware
ethtool eth0 # Ethernet tool
mii-tool eth0 # Media-independent interface tool
Recursos
- Linux Network Administration Guide
- TCP/IP Network Administration
- Guía de usuario de Windows
- Nmap Network Scanning
- Linux Networking Cookbook
-...
*Esta hoja de trampa proporciona comandos de red integrales para sistemas Linux. Siempre asegúrese de tener una autorización adecuada antes de realizar escáneres de red o modificaciones en entornos de producción. *