Show information about connections
lsof
lsof -i -P -n -sTCP:LISTEN
iselect IPv[46] files.Pno port names.nno host names.sTCP:LISTENselect protocol and state(s) by name.
ss
ss -n -A inet -E -H
ndon't resolve service namesrresolve host namestdisplay only TCP socketsadisplay all socketsudisplay only UDP socketsldisplay listening socketspshow process using socketishow internal TCP informationEcontinually display sockets as they are destroyed4display only IP version 4 socketsKforcibly close sockets, display what was closedHSuppress header lineOsocket's data printed on a single lineAQUERY. Some queries areinet,tcpFFilter. Some filters areestablished,syn-sent,time-wait,listening
netstat
sudo netstat -tulnp
tshow TCP ports.ushow UDP ports.lshow only listening ports.nshow numerical addresses instead of resolving hosts.pshow the PID and name of the listener’s process. This information is shown only if you run the command as root or sudo user.
Capture traffic
Set up a network configuration
You need IP, Mask, Gateway, Route and DNS.
ifupdown
/etc/network/interfaces
---
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
allow-hotplug eth1
iface eth1 inet static
address 192.168.11.100/24
gateway 192.168.11.1
dns-domain example.com
dns-nameservers 192.168.11.1 9.9.9.9
pre-up echo "nameserver 192.168.11.1\nnameserver 9.9.9.9" > /etc/resolv.conf
## Subinterface
auto eth1:1
iface eth1:1 inet static
address 192.168.11.101/24
## Vlan
allow-hotplug eth2 eth2.10
iface eth2 inet static
address 10.0.0.23/24
gateway 10.0.0.1
scope link
up ifup eth2.10
iface eth2.10 inet dhcp
hostname server.example.com
metric 100
scope host
/etc/resolv.conf
---
nameserver 192.168.11.1
domain example.com
NetworkManager
Show connections
nmcli connection show
Disconnect
nmcli connection down enp3s0
Connect
nmcli connection up wlp3s0
Add a new connection
nmcli connection add type ethernet con-name Work ifname enp0s3
nmcli con -a con-name Home ## Will ask for any missing parameters
Delete a connection
nmcli con delete enp3s0.50
Change the name of a connection
nmcli con mod enp3s0 con-name Home
Details of a connection
nmcli con show enp3s0
Static connection
nmcli con add con-name static ifname enp3s0 ip4 192.168.1.50/24 gw4 192.168.1.1
nmcli con add con-name static ifname enp3s0 ipv4.method manual ip4 192.168.1.50/24 gw4 192.168.1.1 ipv4.dns "8.8.8.8 1.1.1.1" connection.autoconnect no connection.permissions user:user,yu
Add a route
nmcli c mod eth0 ipv4.routes "0.0.0.0/0 192.168.0.1"
Bridge for vlan. (use vlans in QEMU)
nmcli connection add type bridge con-name Bridge0 ifname br0 ip4 192.168.0.2/24
nmcli connection add type vlan con-name V20 ifname enp3s0.20 dev enp3s0 id 20 master br0 slave-type bridge
## Firewall
sudo iptables -A FORWARD -p udp -i br0 -o br0 --sport 67:68 --dport 67:68 -j ACCEPT
sudo iptables -A FORWARD -p icmp -i br0 -o br0 -j ACCEPT
Wifi
Scan networks.
nmcli device wifi list
Connect to network
nmcli --ask device wifi connect "myssid"
iproute2
Show connections
ip link
ip l
ip link show eno1
ip -brief link
ip address
ip a
ip a s eno1
ip -brief address
Show routes
ip route
Show neighbors (ARP)
ip neighbour
ip neigh show
Add an IP address
ip addr add <ip/mask> dev <interface>
ip addr add 192.168.0.123/28 dev eno1
Add a route
ip route add <network> via <ip> dev <interface>
ip route add 172.16.34.0/23 via <ip> dev <interface>
Add a default route
ip route add default via <ip> dev <interface>
ip route add default via 192.168.0.1 dev eno1
Set an interface up/down
ip link set <interface> <up/down>
ip link set eno1 up
Remove an IP address
ip addr del <ip/mask> dev <interface> metric <metric>
ip addr del 192.168.0.123/28 dev eno1
Remove a route
ip route del default via <ip> dev <interface>
ip route del default via 192.168.0.1 dev eno1
netplan
The directory should be at /etc/netplan.
Apply the configuration
netplan generate
netplan --debug apply
Example:
network:
ethernets:
enp1s0:
addresses:
- 192.168.0.59/24
gateway4: 192.168.0.1
nameservers:
addresses:
- 8.8.8.8
- 1.1.1.1
search: []
version: 2
Bridge:
network:
ethernets:
enp1s0:
dhcp4: false
dhcp6: false
bridges:
br0:
interfaces: [enp1s0]
addresses: [192.168.0.59/24]
gateway4: 192.168.0.1
nameservers:
addresses: [8.8.8.8,1.1.1.1]
dhcp4: false
dhcp6: false
parameters:
forward-delay: 0
version: 2
systemd-networkd
Basic network with manual configuration:
/etc/systemd/network/eth0.network
---
[Match]
Name=eth0
[Network]
Address=192.168.122.45/24
Gateway=192.168.122.1
DNS=1.1.1.1
Basic network with mixed configuration:
/etc/systemd/network/enp1s0.network
---
[Match]
Name=enp1s0
[Network]
DHCP=yes
[DHCPv4]
RouteMetric=10
Restart the service to apply the changes:
systemctl restart systemd-networkd
Other parameters
Hostname
sudo hostnamectl set-hostname computer.domain.local
Timezone
sudo timedatectl set-timezone Europe/Paris
VLANs
Manual vlan
sudo ip link add link enp3s0 name enp3s0.20 type vlan id 20
sudo ip addr add 192.168.0.2/24 brd 192.168.0.255 dev enp3s0.20
sudo ip link set dev enp3s0.20 up
Remove.
sudo ip link set dev enp3s0.20 down
sudo ip link delete enp3s0.20
VLAN with NetworkManager
nmcli con add con-name enp3s0.50 type vlan vlan.id 50 vlan.parent enp3s0 ipv4.method manual ipv4.addresses 10.0.0.5/24 ipv4.gateway 10.0.0.1 connection.autoconnect no
VLANs with systemctl
/etc/systemd/network/eno1.network
[Match]
Name=eno1
[Network]
VLAN=eno1.10
VLAN=eno1.11
DNS=192.168.100.101
DNS=192.168.100.102
/etc/systemd/network/eno1.10.netdev
[NetDev]
Name=eno1.10
Kind=vlan
[VLAN]
Id=10
/etc/systemd/network/eno1.10.network
[Match]
Name=eno1.10
[Network]
Address=192.168.1.14/24
Address=192.168.1.24/24
[Route]
Gateway=192.168.1.1
Table=10
[RoutingPolicyRule]
From=192.168.1.0/24
Table=10
/etc/systemd/network/eno1.11.netdev
[NetDev]
Name=eno1.11
Kind=vlan
[VLAN]
Id=11
/etc/systemd/network/eno1.11.network
[Match]
Name=eth0.11
[Network]
Address=192.168.100.54/24
[Route]
Gateway=192.168.100.1
Table=11
[RoutingPolicyRule]
From=192.168.100.0/24
Table=11
Rename network adapter with udev rules
Find the MAC address 00:00:00:00:00:44
ip l
3: enp5s0f3u1u2u1: [...]
link/ether 00:00:00:00:00:44 [...]
Ad a udev rule
/etc/udev/rules.d/70-net.rules
---
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:00:00:00:00:44", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="enpusb0"
You can also add the driver
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="ax88179_178a", ATTR{address}=="00:00:00:00:00:44", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="enpusb0"
Check the result. There is no need to reboot if you can unplug it.
4: enpusb0: [...]
link/ether 00:00:00:00:00:44 [...]
altname enp5s0f3u1u2u1
Rename network adapter with systemd-networkd
/etc/systemd/network/10-ethusb0.link
---
[Match]
MACAddress=12:34:56:78:90:ab
[Link]
Description=USB to Ethernet Adapter
Name=ethusb0
Sources
- Debian manual Chapter 5 Network Setup
- https://www.cyberciti.biz/faq/howto-linux-rename-ethernet-devices-named-using-udev/
- https://paulgorman.org/technical/linux-iproute2-cheatsheet.html
- https://dustymabe.com/2020/03/05/network-teaming-using-networkmanager-keyfiles-on-fedora-coreos/
- ArchWiki's systemd-networkd
- https://developer.gnome.org/NetworkManager/stable/nmcli.html
- https://www.tecmint.com/configure-network-connections-using-nmcli-tool-in-linux/
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/networking_guide/sec-network_bridging_using_the_networkmanager_command_line_tool_nmcli
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/configuring-networking-with-nmcli_configuring-and-managing-networking