netstat命令 + 黑洞路由

最新推荐文章于 2023-12-08 14:19:58 发布

朱白衣，

最新推荐文章于 2023-12-08 14:19:58 发布

阅读量452

点赞数 1

分类专栏：计算机网络 linux 文章标签： linux

本文链接：https://blog.csdn.net/qq_34936901/article/details/112375412

版权

计算机网络同时被 2 个专栏收录

8 篇文章 0 订阅

订阅专栏

linux

6 篇文章 0 订阅

订阅专栏

netstat命令

netstat命令用于显示与IP、TCP、UDP和ICMP协议相关的统计数据，一般用于检验本机各端口的网络连接情况。netstat是在内核中访问网络及相关信息的程序，它能提供TCP连接，TCP和UDP监听，进程内存管理的相关报告。

[root@localhost etc]# netstat  --help
usage: netstat [-vWeenNcCF] [<Af>] -r         netstat {-V|--version|-h|--help}
       netstat [-vWnNcaeol] [<Socket> ...]
       netstat { [-vWeenNac] -I[<Iface>] | [-veenNac] -i | [-cnNe] -M | -s [-6tuw] } [delay]

        -r, --route              display routing table
        -I, --interfaces=<Iface> display interface table for <Iface>
        -i, --interfaces         display interface table
        -g, --groups             display multicast group memberships
        -s, --statistics         display networking statistics (like SNMP)
        -M, --masquerade         display masqueraded connections

        -v, --verbose            be verbose
        -W, --wide               don't truncate IP addresses
        -n, --numeric            don't resolve names
        --numeric-hosts          don't resolve host names
        --numeric-ports          don't resolve port names
        --numeric-users          don't resolve user names
        -N, --symbolic           resolve hardware names
        -e, --extend             display other/more information
        -p, --programs           display PID/Program name for sockets
        -o, --timers             display timers
        -c, --continuous         continuous listing

        -l, --listening          display listening server sockets
        -a, --all                display all sockets (default: connected)
        -F, --fib                display Forwarding Information Base (default)
        -C, --cache              display routing cache instead of FIB
        -Z, --context            display SELinux security context for sockets

  <Socket>={-t|--tcp} {-u|--udp} {-U|--udplite} {-S|--sctp} {-w|--raw}
           {-x|--unix} --ax25 --ipx --netrom
  <AF>=Use '-6|-4' or '-A <af>' or '--<af>'; default: inet
  List of possible address families (which support routing):
    inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) 
    netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) 
    x25 (CCITT X.25) 
[root@localhost etc]#

[root@localhost etc]# netstat  -r      /查看本机路由表
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
default         _gateway        0.0.0.0         UG        0 0          0 ens33
public1.114dns. 0.0.0.0         255.255.255.255 UH        0 0          0 *
192.168.25.0    0.0.0.0         255.255.255.0   U         0 0          0 ens33
192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0 virbr0

常用操作符

netstat -tulnp

[root@localhost etc]# netstat -tulnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:4330          0.0.0.0:*               LISTEN      3365/pmlogger       
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/systemd           
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      2604/dnsmasq        
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1070/sshd           
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      1064/cupsd          
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      5582/sshd: root@pts 
tcp        0      0 127.0.0.1:44321         0.0.0.0:*               LISTEN      2592/pmcd           
tcp6       0      0 ::1:4330                :::*                    LISTEN      3365/pmlogger       
tcp6       0      0 :::111                  :::*                    LISTEN      1/systemd           
tcp6       0      0 :::22                   :::*                    LISTEN      1070/sshd           
tcp6       0      0 ::1:631                 :::*                    LISTEN      1064/cupsd          
tcp6       0      0 ::1:6010                :::*                    LISTEN      5582/sshd: root@pts 
tcp6       0      0 ::1:44321               :::*                    LISTEN      2592/pmcd           
udp        0      0 192.168.122.1:53        0.0.0.0:*                           2604/dnsmasq        
udp        0      0 0.0.0.0:67              0.0.0.0:*                           2604/dnsmasq        
udp        0      0 0.0.0.0:111             0.0.0.0:*                           1/systemd           
udp        0      0 0.0.0.0:39556           0.0.0.0:*                           1042/avahi-daemon:  
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           1042/avahi-daemon:  
udp        0      0 127.0.0.1:323           0.0.0.0:*                           1089/chronyd        
udp6       0      0 :::111                  :::*                                1/systemd           
udp6       0      0 :::50393                :::*                                1042/avahi-daemon:  
udp6       0      0 :::5353                 :::*                                1042/avahi-daemon:  
udp6       0      0 ::1:323                 :::*                                1089/chronyd        
[root@localhost etc]# ^C

找出SSH程序运行的端口

netstat -ap | grep ssh

[root@localhost etc]#  netstat -ap | grep ssh
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN      1070/sshd           
tcp        0      0 localhos:x11-ssh-offset 0.0.0.0:*               LISTEN      5582/sshd: root@pts 
tcp        0      0 localhost.localdoma:ssh 192.168.25.1:55254      ESTABLISHED 5556/sshd: root [pr 
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      1070/sshd           
tcp6       0      0 localhos:x11-ssh-offset [::]:*                  LISTEN      5582/sshd: root@pts 
unix  2      [ ACC ]     STREAM     LISTENING     55581    3848/gnome-keyring-  /run/user/1000/keyring/ssh
unix  2      [ ACC ]     STREAM     LISTENING     73536    4528/gpg-agent       /run/user/0/gnupg/d.qedcazqwdmcnwdnzfb1p1cfh/S.gpg-agent.ssh
unix  2      [ ACC ]     STREAM     LISTENING     73683    4541/gpg-agent       /run/user/0/gnupg/d.858i8z48q33grx9ru7opfrjr/S.gpg-agent.ssh
unix  2      [ ACC ]     STREAM     LISTENING     71134    4509/gpg-agent       /run/user/0/gnupg/d.ws3npbnfsh9e1uqx1fae6jyr/S.gpg-agent.ssh
unix  2      [ ]         STREAM     CONNECTED     130925   5556/sshd: root [pr  
unix  2      [ ]         STREAM     CONNECTED     131925   5582/sshd: root@pts  
unix  2      [ ]         DGRAM                    131908   5556/sshd: root [pr  
unix  3      [ ]         STREAM     CONNECTED     131920   5556/sshd: root [pr  
unix  2      [ ]         STREAM     CONNECTED     130919   5556/sshd: root [pr  
unix  3      [ ]         STREAM     CONNECTED     131919   5582/sshd: root@pts  
unix  3      [ ]         STREAM     CONNECTED     29398    1070/sshd            
[root@localhost etc]#

netstat -pt

查看TCP建立完成的链接

[root@localhost etc]# netstat -pt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 localhost.localdoma:ssh 192.168.25.1:55254      ESTABLISHED 5556/sshd: root [pr 
[root@localhost etc]# ^C
[root@localhost etc]#

[root@localhost etc]# netstat -ptu
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 localhost.localdoma:ssh 192.168.25.1:55254      ESTABLISHED 5556/sshd: root [pr 
udp        0      0 localhost.locald:bootpc 192.168.25.254:bootps   ESTABLISHED 1051/NetworkManager 
[root@localhost etc]#

添加黑洞路由

ip route  add  blackhole 114.114.114.114/32

[root@localhost etc]# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
default         _gateway        0.0.0.0         UG        0 0          0 ens33
public1.114dns. 0.0.0.0         255.255.255.255 UH        0 0          0 *
192.168.25.0    0.0.0.0         255.255.255.0   U         0 0          0 ens33
192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0 virbr0
[root@localhost etc]#

[root@localhost etc]# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.086 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.837 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.082 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.086 ms
^C
--- 127.0.0.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 92ms
rtt min/avg/max/mdev = 0.082/0.272/0.837/0.326 ms
[root@localhost etc]# 
[root@localhost etc]# ping --help
ping: 不适用的选项 -- -
Usage: ping [-aAbBdDfhLnOqrRUvV64] [-c count] [-i interval] [-I interface]
            [-m mark] [-M pmtudisc_option] [-l preload] [-p pattern] [-Q tos]
            [-s packetsize] [-S sndbuf] [-t ttl] [-T timestamp_option]
            [-w deadline] [-W timeout] [hop1 ...] destination
Usage: ping -6 [-aAbBdDfhLnOqrRUvV] [-c count] [-i interval] [-I interface]
             [-l preload] [-m mark] [-M pmtudisc_option]
             [-N nodeinfo_option] [-p pattern] [-Q tclass] [-s packetsize]
             [-S sndbuf] [-t ttl] [-T timestamp_option] [-w deadline]
             [-W timeout] destination
[root@localhost etc]# ping -l 114.114.114.114
Usage: ping [-aAbBdDfhLnOqrRUvV64] [-c count] [-i interval] [-I interface]
            [-m mark] [-M pmtudisc_option] [-l preload] [-p pattern] [-Q tos]
            [-s packetsize] [-S sndbuf] [-t ttl] [-T timestamp_option]
            [-w deadline] [-W timeout] [hop1 ...] destination
Usage: ping -6 [-aAbBdDfhLnOqrRUvV] [-c count] [-i interval] [-I interface]
             [-l preload] [-m mark] [-M pmtudisc_option]
             [-N nodeinfo_option] [-p pattern] [-Q tclass] [-s packetsize]
             [-S sndbuf] [-t ttl] [-T timestamp_option] [-w deadline]
             [-W timeout] destination
[root@localhost etc]# ping 114.114.114.114
connect: 无效的参数
[root@localhost etc]#

朱白衣，

关注

1
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
netstat命令 + 黑洞路由

netstat命令 netstat命令用于显示与IP、TCP、UDP和ICMP协议相关的统计数据，一般用于检验本机各端口的网络连接情况。netstat是在内核中访问网络及相关信息的程序，它能提供TCP连接，TCP和UDP监听，进程内存管理的相关报告。[root@localhost etc]# netstat --helpusage: netstat [-vWeenNcCF] [<Af>] -r netstat {-V|--version|-h|--help}...
复制链接

扫一扫

专栏目录