Linux Network Control Notes;

Opensource-based operating systems have many tools and command groups that can help to solve a problem. Installing and running these tools are very simple. We don't need to look for any license either :) You can get more detailed information by doing a small search on the web about the commands written below. It's open source, after all. Commands that I search and use over time when I need them. If you are dealing with the network, I think it is useful to know the settings and usage of an open-source operating system that can be made related to the network. The commands below are valid for Redhat and Centos.

We can see the Ethernet card installed in the system as follows;

/dev/eth0

/dev/eth1

/dev/eth2

Assigning IP address to Network Interface:

#/sbin/ifconfig eth0 192.168.1.5 netmask 255.255.255.0 

To set IP address persistently, The parameters in the ifcfg-ethx file must be changed.

DEVICE=eth0
ONBOOT=yes 
BOOTPROTO=static 
IPADD=192.168.1.10 
NETMASK=255.255.255.0 
TYPE=Ethernet 
HWADDR=mac 
GATEWAY=192.168.1.1

To Assign Secondary IP:

The first method involves creating a sub-interface configuration file and populating network information.

The network interface I’ll assign a secondary IPv4 address is Eth0. This interface configuration file is located inside the /etc/sysconfig/network-scripts directory

#cat /etc/sysconfig/network-scripts/ifcfg-eth0

Let’s create a sub-interface configuration file.

#sudo vim /etc/sysconfig/network-scripts/ifcfg-eth0:1

DEVICE=eth0:1 
ONBOOT=yes 
BOOTPROTO=static 
IPADD=192.168.1.11 
NETMASK=255.255.255.0 
TYPE=Ethernet 
HWADDR=mac 
GATEWAY=192.168.1.1 

Reboot your server to confirm the secondary IP address.

Note: to be able to assign the secondary IP, The option during kernel compilation must be : CONFIG_IP_ALIAS=y (Enabled by default in Redhat)

#/sbin/ifdown eth0 disable for ethernet 

#/sbin/ifup eth0   activate for ethernet 

ROUTING:

Seeing for route table

# route -e

#netstat -rn

Adding route;

#route add -host 192.168.10.10 dev eth0 
#route del -net 120.30.0.0 netmask 255.255.0.0 gw 10.10.1.1 eth0 
#route add default gw 20.20.20.1 dev eth1 

To permanently configure static routes, you can configure them by creating a route-interface file in the /etc/sysconfig/network-scripts/ directory for the interface. For example, static routes for the Eth0 interface would be stored in the /etc/sysconfig/network-scripts/route-eth0 file.

Any changes that you make to a route-interface file do not take effect until you restart either the network service or the interface.

arp -na: to see arp table

ip neighbor show: to see arp table

netstat -i: shows what the application level activities are.

netstat -rn: to see route table

netstat -na | head or less:

netstat -an | grep LISTEN: for grepping listening port

nslookup: using like windows

dig: gives detailed info for the domain . for reverse request #dig -x ip_adresi

/etc/hosts IP hostname information can be written into /etc/hosts

/etc/resolv.conf This file keeps Domain names

Note: If we do not want the DNS addresses that we have manually entered in the /etc/resolv.conf file to change when our DHCP client is started, we can try to change the attribute of the file with chattr.

 #chattr -a /etc/resolv.conf 

***to block ping ICMP request to Linux Systems

#echo 0 > /proc/sys/net/ipv4/conf/eth0/accept_redirects  

In addition, there are more than one parameter in this extension, all of them can be changed, the echo command provides this.

TCPDUMP:

Used as a troubleshooting tool. The important thing is to get the port as promisc mode so we can see all the packets. Therefore, it is necessary to see the packets that are not targeted.

# ifconfig eth0 promisc for enabling

# ifconfig eth0 -promisc: for disabling

To see it without any filters, just type tcpdump. But writing only the traffic we are interested in would be good, as it will contain too much information.

#tcpdump -i eth0 : Only to see traffic coming to ethernet0.

#tcpdump -i -n eth0: for resolving domain.

#tcpdump -i -n eth0 -w record.pcap: for recording to a file.

#tcpdump -i -n eth0 -r record.pcap: to read from terminal .

#tcpdump -i -n eth0 -c 100 -r record.pcap: For a certain number of package readings.

#tcpdump src|dst host 192.168.1.1: Only deals with a specific IP

#tcpdump port 80: for listening port that wanted

TOOLS:

Nc(NetCat): is a networking utility used for reading or writing from TCP and UDP sockets using an easy interface. #nc -l 8080 &

Nmap: Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.

#nmap -O 217.78.106.5 (detecting for operating systems)

Hping: It is a tool used for server and firewall testing.