Day36-Linux网络管理6
nmcli nmcli管理NetworkManager命令工具(尽量不用)可以C8用
链接: https://www.cnblogs.com/djlsunshine/p/9733182.html
1. 查看网卡信息
# nmcli connection
# nmcli con show
[root@oldboy ~]# nmcli c
NAME UUID TYPE DEVICE
eth0 1041af38-d44e-4eaf-ab26-e4060257eda4 ethernet eth0
eth1 fe21851d-8c31-43c3-ac1b-9f35a8354f17 ethernet eth1
eth0 a8f8de70-844c-4571-a705-be74bd8089b6 ethernet --
eth1 cf363dd6-05ce-37d3-8caa-242f64883a8f ethernet --
显示具体的网络接口信息
# nmcli connection show eth0
# nmcli c show eth0
显示所有设配状态
# nmcli device status
[root@oldboy ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth0
eth1 ethernet connected eth1
lo loopback unmanaged --
2. 网络接口的启用与停用:
停用:
# nmcli c down eth0
启用:
# nmcli c up eth0
给eth0添加一个IP(IPADDR)
# nmcli c modify eth0 ipv4.addresses 10.0.0.100/24
[root@oldboy ~]# nmcli c modify eth0 ipv4.addresses 10.0.0.100/24
[root@oldboy ~]# grep -i ipadd /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=10.0.0.100
修改配置文件执行生效
# systemctl restart network
ifdown eth0 && ifup eth0
# nmcli c reload ##不生效
3. 添加DNS(如果存在就是修改)
# nmcli c modify eth0 ipv4.dns 114.114.114.114
添加第二个DNS(+ipv4.dns)
[root@oldboy ~]# nmcli c modify eth0 +ipv4.dns 7.7.7.7
[root@oldboy ~]# grep -i dns /etc/sysconfig/network-scripts/ifcfg-eth0
DNS1=114.114.114.114
DNS2=7.7.7.7
删除DNS
# nmcli connection modify eth0 -ipv4.dns 114.114.114.114
[root@oldboy ~]# grep -i dns /etc/sysconfig/network-scripts/ifcfg-eth0
DNS1=114.114.114.114
4. 添加一个网关(GATEWAY)
# nmcli c modify eth0 ipv4.gateway 10.0.0.253
附:nmcli操作 介绍 https://zhuanlan.zhihu.com/p/52731316
查看device列表
nmcli d
查看所有device详细信息
nmcli d show
查看指定device的详细信息
nmcli d show eth0
激活网卡
nmcli d connect eth0
关闭无线网络(NM默认启用无线网络)
nmcli r all off
查看NM托管状态
nmcli n
开启NM托管
nmcli n on
关闭NM托管(谨慎执行)
nmcli n off
监听事件
nmcli m
查看NM本身状态
nmcli
检测NM是否在线可用
nm-online
建议:C6-C7 NetworkManager关闭,C8:需要开启。
重点:C7开启NetworkManager带来的问题
网卡故障:
Connection ‘ens33’ is not available on device ens33 because device is strictly unmanaged
链接: https://www.cnblogs.com/yadongliang/p/14124031.html
centos7不能启动网卡报No suitable device found for this connection错误
链接: https://blog.csdn.net/u010719917/article/details/78129772
5. 查看网络状态 *****
5.1 netstat(ss)(ESTABLISHED 建立连接的状态,数量即表示网络连接数)
-l 监听状态
-n 以数字显示
-t tcp协议
-u udp协议
-p 显示进程名
-a 所有状态
-r 显示路由
netstat -lntup #查看端口
netstat -rn #查看路由
netstat -an #查看所有接口和网络状态
5.2 ss(同netstat)
-x unix sock相关
-e 扩展的信息
-s 显示Sockets摘要
-r 解析服务名称
-m 显示内存情况
[root@oldboy ~]# netstat -an|grep ^tcp
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 52 10.0.0.129:22 10.0.0.1:50672 ESTABLISHED
tcp6 0 0 :::22 :::* LISTEN
协议 接收 发送 本地IP及端口 远程IP和端口 状态
5.3 必考面试题:已知一个服务端口号,查是什么服务。
lsof -i :22
netstat -lntup|grep 22
[root@oldboy ~]# lsof -i :22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1506 root 3u IPv4 24002 0t0 TCP *:ssh (LISTEN)
sshd 1506 root 4u IPv6 24004 0t0 TCP *:ssh (LISTEN)
sshd 1779 root 3u IPv4 25072 0t0 TCP oldboy:ssh->10.0.0.1:52409 (ESTABLISHED)
sshd 1783 root 3u IPv4 25106 0t0 TCP oldboy:ssh->10.0.0.1:52410 (ESTABLISHED)
[root@oldboy ~]# netstat -lntup|grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1506/sshd
tcp6 0 0 :::22 :::* LISTEN 1506/sshd
5.4 必考面试题:统计访问服务器IP的ESTABLISHED连接数最多的IP?
企业面试题或案例:查看网络连接按访问IP计算访问次数。*****
1)nginx web日志找出来每个IP的次数计数。
2)去重计数。
10.0.0.2
10.0.0.4
10.0.0.2
10.0.0.3
10.0.0.4
3)找每个ip地址对应的网络连接数和ip地址
方法1:
[root@oldboy ~]# awk -F "[ :]+" '/ESTAB/{print $(NF-3)}' netstat.log|sort|uniq -c|sort -rn|head
4 118.242.18.177
3 123.6.8.223
3 114.250.252.127
2 123.244.104.42
2 121.204.108.160
1 59.53.166.165
1 58.45.107.189
1 42.95.73.152
1 42.196.246.180
1 36.46.160.100
方法2:
[root@oldboy ~]# awk -F "[ :]+" '/ESTAB/{print $(NF-3)}' netstat.log|awk '{++S[$1]}END{for(k in S) print S[k],k}'|sort -rn|head
4 118.242.18.177
3 123.6.8.223
3 114.250.252.127
2 123.244.104.42
2 121.204.108.160
1 59.53.166.165
1 58.45.107.189
1 42.95.73.152
1 42.196.246.180
1 36.46.160.100
当连接数大于100时,有可能是网络攻击或者网络爬虫,通过防火墙封掉非法IP
awk数组原理:
待处理的数据
14.157.228.55
114.250.252.127
14.157.228.55
183.232.118.16
116.248.63.47
116.248.63.47
114.250.252.127
14.157.228.55
1)记住框架:
awk '{定义和计算}END{输出展示}' netstat.log
处理细节:
只要有相同的$1,计数加1,如果是不同的$1,就为不同的$1重新计数。
实现:{定义和计算}
$1 S[$1]
14.157.228.55 #++S[$1]=S[$1]+1=1
114.250.252.127 #++S[$1]=S[$1]+1=1
14.157.228.55 #++S[$1]=S[$1]+1=2
183.232.118.16 #++S[$1]=S[$1]+1=1
116.248.63.47 #++S[$1]=S[$1]+1=1
116.248.63.47 #++S[$1]=S[$1]+1=2
114.250.252.127 #++S[$1]=S[$1]+1=2
14.157.228.55 #++S[$1]=S[$1]+1=3
输出结果:{输出展示}
$1 S[$1]
183.232.118.16 1
116.248.63.47 2
114.250.252.127 2
14.157.228.55 3
命令实现:
awk '{S[$1]=S[$1]+1}END{for(k in S) print S[k],k}' oldboy.log
awk '{++S[$1]}END{for(k in S) print S[k],k}' oldboy.log
[root@oldboy ~]# awk '{++S[$1]}END{for(k in S) print k,S[k]}' oldboy.log|sort -n -k2
183.232.118.16 1
114.250.252.127 2
116.248.63.47 2
14.157.228.55 3
[root@oldboy ~]# awk '{S[$1]=S[$1]+1}END{for(k in S) print S[k],k}' oldboy.log
2 116.248.63.47
1 183.232.118.16
3 14.157.228.55
2 114.250.252.127
获取每个连接状态的数量
[root@oldboy ~]# awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' netstat.log|sort -rn -k1
TIME_WAIT 105
SYN_RECV 5
LISTEN 5
LAST_ACK 3
FIN_WAIT2 55
FIN_WAIT1 7
ESTABLISHED 101
CLOSING 1
获取每个IP不同连接状态的连接数
[root@oldboy ~]# awk -F "[ :]+" '/^tcp/ {print $(NF-1)"|"$(NF-3)}' netstat.log|awk '{++S[$1]}END{for(a in S) print S[a],a}'|sort|uniq -c|sort -rn|head
1 4 TIME_WAIT|223.4.9.70
1 4 TIME_WAIT|220.191.224.154
1 4 TIME_WAIT|114.250.252.127
1 4 LISTEN|0.0.0.0
1 4 ESTABLISHED|118.242.18.177
1 3 ESTABLISHED|123.6.8.223
1 3 ESTABLISHED|114.250.252.127
1 2 TIME_WAIT|58.247.119.17
1 2 TIME_WAIT|27.153.211.29
1 2 TIME_WAIT|221.179.140.171
课堂练习:
分析apache日志,按访问Ip计数。
测试文件,77期群里,access_2010-12-8.log
[root@oldboy ~]# awk '{++S[$1]}END{for(k in S) print S[k],k}' access_2010-12-8.log|sort -rn|head
9 59.33.26.105
8 124.115.4.18
3 123.122.65.226
6. 企业面试题:用shell处理以下内容
1、按单词出现频率降序排序!
2、按字母出现频率降序排序!
the squid project provides a number of resources to assist users design,implement and support squid installations. Please browse the documentation and support sections for more infomation
来源:链接: https://blog.51cto.com/oldboy/1687026
答案:链接: https://blog.51cto.com/oldboy/1686891
方法1:
[root@oldboy ~]# tr ",." " "<oldgirl.log|xargs -n 1|awk '{++S[$1]}END{for(k in S) print S[k],k}'|sort -rn|head
2 the
2 support
2 squid
2 and
1 users
1 to
1 sections
1 resources
1 provides
1 project
方法2:
[root@oldboy ~]# tr ",." " "<oldgirl.log|xargs -n 1|sort|uniq -c|sort -rn|head
2 the
2 support
2 squid
2 and
1 users
1 to
1 sections
1 resources
1 provides
1 project
方法3:
[root@oldboy ~]# tr ",." " "<oldgirl.log|awk '{for(i=1;i<=NF;i++) ++S[$i]}END{for(k in S) print S[k],k }'|sort -rn|head
2 the
2 support
2 squid
2 and
1 users
1 to
1 sections
1 resources
1 provides
1 project
方法3:原理:
the squid project provides a number of
awk '{for(i=1;i<=$NF;i++) ++S[$i]}END{}'
i=1;++S[$1]
$1 S[$1]
the 1
squid 1
project 1
provides 1