Linux网络管理 一直觉得Linux网络管理相关的命令繁杂,今天就试着整理一下吧。
网络是块大内容,这里仅把Linux网络相关的命令做整理,网络相关的知识暂不作整理。
一、查网络基本配置 1.1 查ip 有多种方式查系统的 IP 地址
1 2 3 4 ip address ifconfig ifconfig 网卡名 hostname -I
可简写成 ip a,ip addr 等
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 [root@centos7 ~]# ip address 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link /ether 00:0c:29:bc:5e:c7 brd ff:ff:ff:ff:ff:ff inet 192.168.10.10/24 brd 192.168.10.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::6e66:1e1e:5c59:86dc/64 scope link noprefixroute valid_lft forever preferred_lft forever [root@centos7 ~]# [root@centos7 ~]# ifconfig ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.10.10 netmask 255.255.255.0 broadcast 192.168.10.255 inet6 fe80::6e66:1e1e:5c59:86dc prefixlen 64 scopeid 0x20<link > ether 00:0c:29:bc:5e:c7 txqueuelen 1000 (Ethernet) RX packets 193591 bytes 53716386 (51.2 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 309342 bytes 221017197 (210.7 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 20 bytes 4414 (4.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 20 bytes 4414 (4.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@centos7 ~]# [root@centos7 ~]# hostname -I 192.168.10.10 [root@centos7 ~]# [root@centos7 ~]# ifconfig ens33 ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.10.10 netmask 255.255.255.0 broadcast 192.168.10.255 inet6 fe80::f1b0:3c25:52f9:4811 prefixlen 64 scopeid 0x20<link > ether 00:0c:29:bc:5e:c7 txqueuelen 1000 (Ethernet) RX packets 201105 bytes 60075622 (57.2 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 313473 bytes 221592583 (211.3 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@centos7 ~]#
1.2 查路由及网关 1 2 3 4 ip route ip route show route -n netstat -rn
可简写成 ip r 等。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 [root@centos7 ~]# ip route default via 192.168.10.2 dev ens33 proto static metric 100 192.168.10.0/24 dev ens33 proto kernel scope link src 192.168.10.10 metric 100 [root@centos7 ~]# [root@centos7 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.10.2 0.0.0.0 UG 100 0 0 ens33 192.168.10.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@centos7 ~]# [root@centos7 ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.10.2 0.0.0.0 UG 0 0 0 ens33 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33 [root@centos7 ~]#
1.3 查DNS服务器 1 2 3 4 5 [root@centos7 ~]# cat /etc/resolv.conf search server.templaate nameserver 1.1.1.1 [root@centos7 ~]#
Ubuntu 下也可以使用
1 2 3 4 5 6 7 8 9 10 root@ubuntu24server:~# resolvectl status Global Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: stub Link 2 (ens33) Current Scopes: DNS Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported DNS Servers: 1.1.1.1 8.8.8.8 root@ubuntu24server:~#
二、NetworkManager(redhat) NetworkManager 是 Redhat 系Linux 的网络管理守护进程,负责监控和配置系统网络。
配置文件在 /etc/sysconfig/network-scripts 下,同时衍生出 nmcli、nmtui 两种工具来对网络进行配置。
其中,nmcli 是命令行工具,nmtui 是文本图形化工具。本质都是对配置文件的修改。
2.1 nmcli 1 2 3 [root@centos7 ~]# nmcli agent connection device general help monitor networking radio [root@centos7 ~]# nmcli
可以看到主要配置就两块内容,
device 网卡设备相关的配置
connection 逻辑地址相关的配置
2.1.1 device 1 2 nmcli device status nmcli device show
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 [root@centos7 ~]# nmcli device status DEVICE TYPE STATE CONNECTION ens33 ethernet connected ens33 lo loopback unmanaged -- [root@centos7 ~]# nmcli device connect delete disconnect help lldp modify monitor reapply set show status wifi [root@centos7 ~]# nmcli device show GENERAL.DEVICE: ens33 GENERAL.TYPE: ethernet GENERAL.HWADDR: 00:0C:29:BC:5E:C7 GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: ens33 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/12 WIRED-PROPERTIES.CARRIER: on IP4.ADDRESS[1]: 192.168.10.10/24 IP4.GATEWAY: 192.168.10.2 IP4.ROUTE[1]: dst = 192.168.10.0/24, nh = 0.0.0.0, mt = 100 IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192.168.10.2, mt = 100 IP4.DNS[1]: 1.1.1.1 IP6.ADDRESS[1]: fe80::6e66:1e1e:5c59:86dc/64 IP6.GATEWAY: -- IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100 IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255 GENERAL.DEVICE: lo GENERAL.TYPE: loopback GENERAL.HWADDR: 00:00:00:00:00:00 GENERAL.MTU: 65536 GENERAL.STATE: 10 (unmanaged) GENERAL.CONNECTION: -- GENERAL.CON-PATH: -- IP4.ADDRESS[1]: 127.0.0.1/8 IP4.GATEWAY: -- IP6.ADDRESS[1]: ::1/128 IP6.GATEWAY: -- [root@centos7 ~]#
2.1.2 connection 1 2 3 [root@centos7 ~]# nmcli connection add clone delete down edit export help import load modify monitor reload show up [root@centos7 ~]# nmcli connection
connection 可简写为 con ,主要的子选项
增,add
删,delete
改,modify
查,show
开,up
关,down
创建一个连接,命名为 zhuzhuxia ,常见的一些静态配置。
1 nmcli connection add con-name 连接名 type 连接类型 ipv4.method 方法 ipv4.addresses ip地址1,ip地址2 ipv4.gateway 网关 ipv4.dns dns1,dns2 ifname 网卡
1 2 3 [root@centos7 ~]# nmcli connection add con-name zhuzhuxia type ethernet ipv4.method manual ipv4.addresses 192.168.10.10/24,192.168.10.109/24 ipv4.gateway 192.168.10.2 ipv4.dns 1.1.1.1,8.8.8.8 ifname ens33 autoconnect yes Connection 'zhuzhuxia' (74ffd674-2ca3-478d-a5dd-d8d7803d0e50) successfully added. [root@centos7 ~]#
启用连接
1 nmcli connection up 连接名称
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 [root@centos7 ~]# nmcli connection up ens33 filename help id path uuid zhuzhuxia [root@centos7 ~]# nmcli connection up zhuzhuxia Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/18) [root@centos7 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link /ether 00:0c:29:bc:5e:c7 brd ff:ff:ff:ff:ff:ff inet 192.168.10.10/24 brd 192.168.10.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.10.109/24 brd 192.168.10.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::f1b0:3c25:52f9:4811/64 scope link noprefixroute valid_lft forever preferred_lft forever [root@centos7 ~]#
修改一个连接的配置,已经激活的连接需要重新 down –> up。 reload 不会生效。
1 nmcli connection modify 连接名 配置项 参数
1 [root@centos7 ~]# nmcli connection modify zhuzhuxia ipv4.addresses 192.168.10.10/24,192.168.10.11nmcli connection up 连接名
2.2 nmtui 没什么可说的,easy。可视化页面配置即可。
2.3 配置文件 直接修改 /etc/sysconfig/network-scripts 下的配置文件即可。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 [root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33 TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="none" DEFROUTE="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="ens33" UUID="e10728d1-4a6e-4233-9aca-c44c04268b5d" DEVICE="ens33" ONBOOT="yes" IPADDR="192.168.10.10" PREFIX="24" GATEWAY="192.168.10.2" DNS1="1.1.1.1" IPV6_PRIVACY="no" [root@centos7 ~]#
IPADDR ip地址PREFIX 子网掩码GATEWAY 网关DNS1 DNS服务器BOOTPROTO dhcp、static、noneONBOOT 开机自启
修改配置后需要重启网络
1 2 [root@centos7 ~]# systemctl restart network [root@centos7 ~]#
三、netplan(ubuntu) 从 17.10 版本开始,引入 netplan 作为网络配置工具,底层使用 systemd-networkd 或 Network-Manager。netplan 使用yaml 配置文件来管理网络。配置文件在 /etc/netplan 下。
ubuntu 分为 Serevr 服务器版本、Desktop 桌面版本。
总之 netplan 可以生成配置文件,交给底层服务,实现大一统。
3.1 配置文件 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 root@ubuntu24server:~# cat /etc/netplan/50-cloud-init.yaml network: version: 2 ethernets: ens33: addresses: - "192.168.10.20/24" nameservers: addresses: - 1.1.1.1 - 8.8.8.8 search: [] routes: - to: "default" via: "192.168.10.2" root@ubuntu24server:~#
静态ip较完整的配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 network: version: 2 renderer: networkd ethernets: ens33: dhcp4: no addresses: [192.168 .92 .200 /24 ] routes: - to: default via: 192.168 .92 .2 nameservers: addresses: - 8.8 .8 .8 - 114.114 .114 .114 optional: true
3.2 启用
调试,如果有问题120秒后会回退。
1 2 3 4 5 6 7 8 9 root@ubuntu24server:~# netplan try Do you want to keep these settings? Press ENTER before the timeout to accept the new configuration Changes will revert in 115 seconds
直接应用
四、其它网络相关的命令 4.1 ping
-c 发几次包,Linux默认一直发。windwos 不可用-4 强制使用 ipv4-6 强制使用 ipv6-t 在windows 上一直发送
4.2ip 命令 ifconfig 已经标记为过时,已经被 ip 命令取代。
查看网络信息
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 [root@centos7 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link /ether 00:0c:29:bc:5e:c7 brd ff:ff:ff:ff:ff:ff inet 192.168.10.10/24 brd 192.168.10.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.10.111/24 brd 192.168.10.255 scope global secondary noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.10.112/24 brd 192.168.10.255 scope global secondary ens33:1 valid_lft forever preferred_lft forever inet6 fe80::f1b0:3c25:52f9:4811/64 scope link noprefixroute valid_lft forever preferred_lft forever [root@centos7 ~]#
启停网卡
1 2 ip link set 网卡 up ip link set 网卡 down
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 [root@centos7 ~]# ip addr show lo 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever [root@centos7 ~]# [root@centos7 ~]# ip link set lo down [root@centos7 ~]# ip addr show lo 1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever [root@centos7 ~]# [root@centos7 ~]# ip link set lo up [root@centos7 ~]# ip addr show lo 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever [root@centos7 ~]#
设置临时 ip 地址,重启就会失效
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 [root@centos7 ~]# ip addr show lo 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever [root@centos7 ~]# [root@centos7 ~]# ip addr add 10.0.0.10/24 dev lo [root@centos7 ~]# [root@centos7 ~]# ip addr show lo 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 10.0.0.10/24 scope global lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever [root@centos7 ~]#
4.3 连接状态-netstat - ss 用于查看网络连接的命令。
-l 显示监听的端口-a 显示所有状态的端口t 显示TCP 的连接u 显示UDP 的连接p 显示进程的名称n 不对端口号进行解释,显示数字端口号
1 2 3 4 5 6 7 8 9 10 11 [root@centos7 ~]# netstat -antp | head Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 688/rpcbind tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 942/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1064/master tcp 0 36 192.168.10.10:22 192.168.10.1:3140 ESTABLISHED 1194/sshd: root@pts tcp6 0 0 :::111 :::* LISTEN 688/rpcbind tcp6 0 0 :::22 :::* LISTEN 942/sshd tcp6 0 0 ::1:25 :::* LISTEN 1064/master [root@centos7 ~]#
ss 占用内存更小,用法一样,显示不如 netstat 友好。
1 2 3 4 5 6 7 8 9 10 [root@centos7 ~]# ss -antp | head State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:111 *:* users :(("rpcbind",pid=688 ,fd=8 )) LISTEN 0 128 *:22 *:* users :(("sshd",pid=942 ,fd=3 )) LISTEN 0 100 127.0.0.1:25 *:* users :(("master",pid=1064 ,fd=13 )) ESTAB 0 0 192.168.10.10:22 192.168.10.1:3140 users :(("sshd",pid=1194 ,fd=3 )) LISTEN 0 128 [::]:111 [::]:* users :(("rpcbind",pid=688 ,fd=11 )) LISTEN 0 128 [::]:22 [::]:* users :(("sshd",pid=942 ,fd=4 )) LISTEN 0 100 [::1]:25 [::]:* users :(("master",pid=1064 ,fd=14 )) [root@centos7 ~]#
4.4 域名解析-nslookup 4.4.1 使用 nslookup 是一个DNS 解析的命令,用于把域名解析为 IP地址。
安装
1 yum install -y bind-utils
使用
直接查询
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 [root@centos7 ~]# nslookup bravexist.cn 1.1.1.1 Server: 1.1.1.1 Address: 1.1.1.1#53 Non-authoritative answer: Name: bravexist.cn Address: 104.21.67.121 Name: bravexist.cn Address: 172.67.221.229 Name: bravexist.cn Address: 2606:4700:3031::ac43:dde5 Name: bravexist.cn Address: 2606:4700:3035::6815:4379 [root@centos7 ~]#
交互式界面查询
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 [root@centos7 ~]# nslookup > bravexist.cn Server: 1.1.1.1 Address: 1.1.1.1#53 Non-authoritative answer: Name: bravexist.cn Address: 104.21.67.121 Name: bravexist.cn Address: 172.67.221.229 Name: bravexist.cn Address: 2606:4700:3031::ac43:dde5 Name: bravexist.cn Address: 2606:4700:3035::6815:4379 >
查询权威DNS服务器,默认都不是权威DNS服务器应答
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 [root@centos7 ~]# nslookup -type =ns bravexist.cn Server: 1.1.1.1 Address: 1.1.1.1#53 Non-authoritative answer: bravexist.cn nameserver = diva.ns.cloudflare.com. bravexist.cn nameserver = james.ns.cloudflare.com. Authoritative answers can be found from: [root@centos7 ~]# [root@centos7 ~]# nslookup bravexist.cn diva.ns.cloudflare.com. Server: diva.ns.cloudflare.com. Address: 173.245.58.97#53 Name: bravexist.cn Address: 104.21.67.121 Name: bravexist.cn Address: 172.67.221.229 Name: bravexist.cn Address: 2606:4700:3035::6815:4379 Name: bravexist.cn Address: 2606:4700:3031::ac43:dde5 [root@centos7 ~]#
4.4.2同类命令-dig-host
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 [root@centos7 ~]# dig bravexist.cn ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.16 <<>> bravexist.cn ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53809 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;bravexist.cn. IN A ;; ANSWER SECTION: bravexist.cn. 300 IN A 104.21.67.121 bravexist.cn. 300 IN A 172.67.221.229 ;; Query time: 346 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) ;; WHEN: Tue Oct 07 13:11:17 CST 2025 ;; MSG SIZE rcvd: 73 [root@centos7 ~]#
1 2 3 4 5 6 7 8 9 [root@centos7 ~]# host bravexist.cn bravexist.cn has address 104.21.67.121 bravexist.cn has address 172.67.221.229 bravexist.cn has IPv6 address 2606:4700:3031::ac43:dde5 bravexist.cn has IPv6 address 2606:4700:3035::6815:4379 bravexist.cn mail is handled by 1 mx1.larksuite.com. bravexist.cn mail is handled by 5 mx2.larksuite.com. bravexist.cn mail is handled by 10 mx3.larksuite.com. [root@centos7 ~]#
4.5路由追踪命令-traceroute 安装
1 yum install -y traceroute
使用
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 [root@centos7 ~]# traceroute bravexist.cn traceroute to bravexist.cn (104.21.67.121), 30 hops max, 60 byte packets 1 gateway (192.168.10.2) 0.081 ms 0.035 ms 0.086 ms 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * [root@centos7 ~]#
4.6 端口测试-telnet-nmap 4.6.1 安装 1 yum install nmap telnet -y
4.6.2 使用 telnet
telnet 因为是明文协议,早已经不安全,不推荐使用,但是起端口测试功能依旧很好用。
能进去说明端口开放,不能进去可能被防火墙等中间设备拦截了,无法证明是关闭的。
1 2 3 4 [root@centos7 ~]# telnet bravexist.cn 80 Trying 104.21.67.121... Connected to bravexist.cn. Escape character is '^]' .
1 2 3 4 [root@centos7 ~]# telnet 192.168.10.10 Trying 192.168.10.10... telnet: connect to address 192.168.10.10: Connection refused [root@centos7 ~]#
nmap
nmap 是一款开源免费的软件,用于网络端口测试。这里只记录一下最基本的用法,详细用法有机会单独开一篇。
默认会探测常见的 1000个端口号。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 [root@centos7 ~]# nmap bravexist.cn Starting Nmap 6.40 ( http://nmap.org ) at 2025-10-07 13:44 CST Nmap scan report for bravexist.cn (104.21.67.121) Host is up (0.092s latency). Other addresses for bravexist.cn (not scanned): 172.67.221.229 Not shown: 994 filtered ports PORT STATE SERVICE 25/tcp open smtp 80/tcp open http 110/tcp open pop3 443/tcp open https 8080/tcp open http-proxy 8443/tcp open https-alt Nmap done : 1 IP address (1 host up) scanned in 107.73 seconds [root@centos7 ~]#
4.7 文件下载-wget-curl 4.7.1 wget 下载文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 [root@centos7 ~]# wget -O install.sh https://get.docker.com/ --2025-10-07 13:32:55-- https://get.docker.com/ Resolving get.docker.com (get.docker.com)... 13.249.126.19, 13.249.126.85, 13.249.126.92, ... Connecting to get.docker.com (get.docker.com)|13.249.126.19|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 21013 (21K) [text/plain] Saving to: ‘install.sh’ 100%[===================================================================================================================================================>] 21,013 --.-K/s in 0.01s 2025-10-07 13:32:56 (1.77 MB/s) - ‘install.sh’ saved [21013/21013] [root@centos7 ~]# ls install.sh install.sh [root@centos7 ~]#
4.7.2 curl curl 也非常常用,请求网页内容,获取HTTP响应报文。windows 中也可使用。
1 2 3 4 5 curl 链接 curl -v 链接 curl -I 链接 curl -vI 链接 curl -o 自定义文件路径 链接
-v 显示请求、响应详细信息-I 之查看响应头,不看响应内容-o 保存为文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 [root@centos7 ~]# curl baidu.com <html> <meta http-equiv="refresh" content="0;url=http://www.baidu.com/" > </html> [root@centos7 ~]# [root@centos7 ~]# curl -v baidu.com * About to connect() to baidu.com port 80 (#0) * Trying 220.181.7.203... * Connected to baidu.com (220.181.7.203) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: baidu.com > Accept: */* > < HTTP/1.1 200 OK < Content-Length: 81 < Content-Type: text/html < Server: bfe < Date: Tue, 07 Oct 2025 05:35:56 GMT < <html> <meta http-equiv="refresh" content="0;url=http://www.baidu.com/" > </html> * Connection [root@centos7 ~]# [root@centos7 ~]# [root@centos7 ~]# curl -I baidu.com HTTP/1.1 200 OK Content-Length: 81 Content-Type: text/html Server: bfe Date: Tue, 07 Oct 2025 05:36:07 GMT [root@centos7 ~]# [root@centos7 ~]# curl -vI baidu.com * About to connect() to baidu.com port 80 (#0) * Trying 39.156.70.37... * Connected to baidu.com (39.156.70.37) port 80 (#0) > HEAD / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: baidu.com > Accept: */* > < HTTP/1.1 200 OK HTTP/1.1 200 OK < Content-Length: 81 Content-Length: 81 < Content-Type: text/html Content-Type: text/html < Server: bfe Server: bfe < Date: Tue, 07 Oct 2025 05:36:54 GMT Date: Tue, 07 Oct 2025 05:36:54 GMT < * Connection [root@centos7 ~]# [root@centos7 ~]# curl -o baidu.html baidu.com % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 81 100 81 0 0 287 0 --:--:-- --:--:-- --:--:-- 288 [root@centos7 ~]# ls baidu.html -l -rw-r--r-- 1 root root 81 Oct 7 13:37 baidu.html [root@centos7 ~]#
五、封面图
