arp
[-vn] [-H type] [-i if] -a [hostname]
arp
[-v] [-i if] -d hostname [pub]
arp
[-v] [-H type] [-i if] -s hostname hw_addr [temp]
arp
[-v] [-H type] [-i if] -s hostname hw_addr [netmask nm] pub
arp
[-v] [-H type] [-i if] -Ds hostname ifa [netmask nm] pub
arp
[-vnD] [-H type] [-i if] -f filename
The arp command is used to maintain the kernel's address resolution protocol (ARP) cache. You can add, delete, or display an entry in the ARP cache. For this command, hostname may either be a symbolic hostname or an IP address.
Example: To obtain network address information (hardware type, ethernet address, address class, or interface device) for the host fenris, use
arp fenris
-v, --verbose | Display a verbose operation. |
-n, --numeric | Use numeric rather than symbolic IP addresses. |
-Htype, --hw-typetype | Specify type of entry (ether, arcnet, pronet, ax25, netrom) to be checked. |
-a[hostname], --display[hostname] | Display entries of the specified host only. |
-dhostname, --deletehostname | Remove all entries for the specified host. |
-D, --use-device | Use the interface ifa's hardware address. |
-i If, --device If | Specify an interface for dumping. |
-shostname hw_addr, --sethostname | Specify a new ARP address hostname-to-hardware-address-class mapping entry. |
-ffilename, --filefilename | Specify a filename (frequently /etc/ ethers) containing address mappings. The file format is a hostname, the associated hardware address, and optional pub, temp, and netmask flags delimited by whitespace. |
bootpd
[ -i -s -t timeout -d level -c chdir-path ] [
bootptab
[ dumpfile ] ]
bootpgw
[ -i -s -t timeout -d level ] server
The bootpd daemon is the Internet bootstrap protocol (BOOTP) server, which allows computers to get network and boot information via a network interface. Bootpgw is a gateway used to forward requests between clients on one subnet and a BOOTP server.
Normally, one host on the network runs bootp in "inetd mode."
Example: To invoke bootp via inetd, include the following lines in
inetd.conf:
bootps dgram udp wait root /etc/bootpd bootpd bootptab
bootps dgram udp wait root /etc/bootpgw bootpgw server
When invoking bootp in inetd mode, set a timeout using the -t option on the command line (10 minutes is a good timeout value). You can also invoke bootpd and bootpgw from the command line or a shell script. |
Invoke bootp from a shell script at startup time when it has a large configuration database (and thus loads slowly). |
-t timeout | Specify a timeout value in minutes. |
-d debug-level | Specify a debug level (higher == more information). |
-c chdir-path | Specify the current directory used by bootpd when checking the existence and size of client boot files. |
-i | Force bootpd and bootpgw to run in inetd mode. |
-s | Force bootpd and bootpgw to run in standalone mode. |
bootptab | Specify a configuration database of known clients. |
dumpfile | Specify a file into which bootpd will dump its internal database up receiving a SIGUSR1 flag. |
server | Specify a server to forward all BOOTREQUEST packets to. |
bootptest
[ -f bootfile ] [ -h ] [ -m magic_number ] server-name [template-file]
This command is used to test the bootp daemon. It sends bootp requests to the specified host at one-second intervals until a response is received or 10 requests have gone unanswered.
Example: Assuming that the bootp server is running on the server fenris, test bootp with the following command:
testbootp fenris
-fbootfile | Specify a bootfile for use in the request. |
-h | Tells bootp to use the ethernet (hardware) address to identify the client. |
-m | Specify a magic number to initialize the first word of the vendor options field. |
template-file | File used in initializing the options of the request packet. |
dip
[-v] [-m mtu] [-p proto] scriptfile
dip
t [-v]
dip
i [-a] [-v]
diplogin
[username]
diplogini
dip
[-v] -k [-l tty_line]
This program handles the connections needed for dialup IP links (e.g., SLIP, PPP).
Example: To allow the user testdip to login using dialup IP protocol, set diplogin as the default shell in their /etc/passwd file entry:
testdip:x:501:Dialup IP User:/home/testdip:/usr/sbin/diplogin
-v | This mode interprets the specified scriptfile to dial out and open an IP connection. |
-t | Run dip interactively. |
-i | Dial in mode. Handle incoming connections. |
-a | Prompt for user name and password. |
-k | Kill the dip process that has locked the specified tty device. |
-ltty_line | Use with -k option. Specify the line to be killed. |
-m | Specify the maximum transfer unit (MTU). |
In general, smaller MTU blocks work better. |
-pproto | Specify the line protocol (options are SLIP, CLSIP, PPP, TERM). |
-t | Run in test mode. |
-v | Display a verbose operation. |
Modes of Operation
Dip has three modes of operation:
Mode | How to invoke |
Interactive | (-t option) Set up an outgoing IP connection interactively. |
Dialout | (-t with scriptfile specified) Setup a connection automatically. |
Dialin | Specify dip as the login shell in /etc/passwd. |
In interactive mode, the following commands apply:
label: | Define a label. |
beep[times] | Beep on user's terminal the specified number of times. |
bootp[howmany [howlong]] | Use BOOTP protocol to retrieve local and remote IP addresses. |
break | Send a BREAK. |
chatkeykeyword [code] | Add to dip's collection of modem response words. |
config [interface|routing] [pre|up|down|post] {arguments...} | Store interface configuration parameters. |
databits 7|8 | Set the number of data bits. |
dec$variable [decrement-value|$variable] | Decrement a variable. The default decrement-value is 1. |
default | Tell DIP to set up the default route to the remote host to which it made a connection. |
dialphonenumber [timeout] | Dials the specified phone number. |
echo on|off | Enable or disable the display of modem commands. |
exit [exit-status] | Exit script leaving established [C]SLIP connection intact and dip running. |
flush | Flush input on the terminal. |
get $variable [value | ask | remote [timeout_value | $variable]] | Get or ask for the value of a variable. |
gotolabel | Transfer control to the indicated label in the chat script. |
help | Print list of commands. |
if expr goto label | Conditional branch. expr is of the form: $variable op constant where op is one of: == != < > <= >=. |
inc $variable [increment-value|$variable] | Increment a variable. The default increment-value is 1. |
initinit-string | Set the initialization string (sent to the modem before dialing) to the indicated string (default ATE0 Q0 V1 X1). |
mode SLIP|CSLIP|PPP|TERM | Set the line protocol (default SLIP). |
modemmodem-name | Set the type of modem. Currently, only HAYES is valid. |
netmask xxx.xxx.xxx.xxx | Specify a netmask to be used. |
parity E|O|N | Set the type of parity. |
password | Prompt for a password and send it. |
proxyarp | Request Proxy ARP to be set. |
print $variable | Display the contents of some variable. |
psendcommand[arguments] | Send the output of command to the serial driver, optionally passing arguments to command. |
porttty_name | Set the name of the terminal port to use. (The path /dev/ is assumed.) |
quit | Exit with nonzero exit status. |
reset | Reset the modem. (Sends "+++" then "ATZ".) |
securidffixedpart | Store the fixed part of the SecureID password. |
securid | Prompt for the variable part of the password generated by the ACE System SecureID card. |
sendtext-string | Send a string to the serial driver. |
shellcommand[parameters] | Execute command through the default shell with parameters as the command line arguments. |
skey [timeout| $variable] | Tell dip to look for an S/Key challenge from the remote terminal server. dip then prompts the user for the secret password, generates the response, and sends it to the remote host. Timeout sets how long dip waits to see the challenge. |
sleeptime-in-secs | Wait for the specified length of time. |
speedbits-per-sec | Set port speed (default 38400). |
stopbits 1|2 | Set the number of stop bits. |
term | Enter a terminal mode. |
timeouttime-in-sec | Set timeout. |
waittext[timeout_value | $variable] | Wait for some string to arrive. |
Special Variables
$errlvl | Holds the result of the previous command. |
$locip | IP number of local host in dotted quad notation. |
$local | Fully qualified local host name. |
$rmtip | IP number of remote host in dotted quad notation. |
$remote | Fully qualified remote host name. |
$mtu | Maximum transfer unit (maximum number of bytes transferred at once). |
$modem | Modem type (at present the only valid value is HAYES). |
$port | The name of the terminal port to use. |
$speed | Transfer rate between the local host and the modem, in bits/sec. |
hostname
[NAME]
This command displays or sets the hostname of the local machine.
Example: To display the host name of the local machine, use
hostname
--help | Display help information. |
--version | Display version information. |
gated
[ -c ] [ -C ] [ -n ] [ -N ] [ -t trace_options ] [ -f config_file ] [ trace_file ]
Gated is a routing service that handles a variety of routing protocols. It may be configured to some or all of the protocols that it is capable of handling.
Example: It's a good idea to invoke this command via gdc. But to invoke from the command line as a background process (&), type
gated &
-c | Tell gated to parse the configuration file, report any syntax errors, and exit. |
-C | Tell gated to parse the configuration file for syntax errors. |
-n | Prohibit gated from modifying the kernel forwarding table. |
-N | Tell gated not to run as a daemon. |
-ttrace_options | Allow the user to specify a comma-separated list of trace options on the command line. |
-fconfig_file | Specify a nondefault configuration file. |
gdc
[ -q ] [ -n ] [ -c coresize ] [ -f filesize ] [ -m datasize ] [ -s stacksize ] [ -t seconds ] command
This command is the gated controller, a user interface for controlling the gated routing daemon. You can use it to stop, start, signal, maintain configuration files, and generate or maintain core dumps.
Example: To invoke gated and send all output to the system log, use
gdc -q start
In order for these controls to take effect, you must start gated with gdc. |
-n | Do not check the kernel forwarding table. |
-q | Quiet operation. Log any output to the system log. |
-tseconds | Allow the user to specify how long gdc will wait for gated to complete startup, shutdown, and other operations. |
-ccoresize | Specify an upper limit on the size of core dumps that may be generated by gated. Typically used to up the system default when it is too small to be useful. |
-ffilesize | Specify a maximum file size that a gated started with gdc can produce. |
-mdatasize | Specify an upper limit on the size of the data segment of a gated started with gdc. |
-sstacksize | Specify the maximum size of a stack of a gated started by gdc. |
The following actions may be specified at the command line:
checkconf | Check /etc/gated.conf for syntax errors. |
checknew | Check /etc/gated.conf+ for syntax errors. |
newconf | Replace /etc/gated.conf with /etc/gated.conf+. |
backout | Move the old configuration file (/etc/gated.conf-) back into place as the current active gated.conf. Also rotates the current /etc/gated.conf to /etc/gated.conf+. |
BACKOUT | Same as backout, but will overwrite any existing /etc/ gated.conf+. |
modeconf | Set all configuration files to mode 664, owner=root, group=gdmaint. |
createconf | If /etc/gated.conf+ does not exist, create a zero length file with the file mode set to 664, owner=root, group=gdmaint. |
running | Test to see if gated is currently running. |
start | Start gated. |
stop | Stop gated. |
restart | Stop and restart gated. |
rmcore | Delete any gated core dump file. |
rmdump | Delete any gated state dump file. |
rmparse | Delete any parse error file generated by checkconf or checknew. |
ifconfig
[interface]
ifconfig
interface [aftype] options | address
This command is used to configure network interfaces resident in the kernel. With no arguments, it displays the status of the currently resident interfaces. When only a single interface is specified (with no other options), it displays the status of that interface only.
Example: To display the status of the network interfaces:
ifconfig
This command can provide information handy in debugging network problems. |
interface | Display the driver name of the interface. |
up | Activate the specified interface. |
down | Deactivate the specified interface. |
[-]arp | Enable or disable the use of the ARP protocol on this interface. |
[-]promisc | Activate or deactivate the promiscuous mode of this interface. When activated, all packets on the network will be received. |
[-]allmulti | Activate or deactivate all-multicast mode. When active, all multicast packets on the network will be received. |
metricN | Specify an interface metric of N. |
mtuN | Specify a MTU for an interface. |
netmaskaddr | Set the IP network mask for an interface. |
add addr/prefixlen | Add an IPv6 address to an interface. |
del addr/prefixlen | Remove an IPv6 address from an interface. |
tunnel aa.bb.cc.dd | Create a new SIT (IPv6-in-IPv4) device, tunnelling to the given destination. |
irqaddr | Specify the interrupt request used by this device. |
io_addraddr | Specify a start address in I/O space for this device. |
mem_startaddr | Specify a start address for shared memory used by this device. |
mediatype | Set the physical port or medium type to be used by the device (10base2, 10baseT, AUI). |
[-]broadcast[addr] | If the address argument is given, set the protocol broadcast address for this interface. Otherwise, set or clear the IFF_BROADCAST flag for the interface. |
[-]pointopoint[addr] | Enable the point-to-point mode of an interface. |
hwclass address | Specify the hardware address of the interface, assuming the device driver supports this operation. |
multicast | Set the multicast flag on the interface. Normally this is done without help from the user. |
address | Specify the IP address to be assigned to this interface. |
txqueuelen length | Specify the length of the transmit queue of the device. |
/usr/sbin/in.identd
[-i|-w|-b] [-t<seconds>] [-u<uid>] [-g<gid>] [-p<port>] [-a<address>] [-c<charset>] [-C[<key- file>]] [-o] [-e] [-l] [-V] [-m] [-N] [-d] [-F<format>] [kernelfile [kmemfile]]
This program is an implementation of the TCP/IP IDENT user identification protocol. It looks up TCP/IP connections and returns the user name of the process that owns the connection.
Example: Typically, this command is started automatically by inetd. To start identd with inetd, add the following entry to your /etc/inetd.conf file
auth stream tcp nowait nobody /usr/sbin/in.identd in.identd -l -e
Modes of Operation
-i | Use when starting with nowait option in /etc/inetd.conf. Starts one identd daemon for each connection request. |
-w | Use when starting from inetd with the wait option in the /etc/inetd.conf file. |
-b | Use when running the daemon from the command line. |
Options
-t<seconds> | Specify the timeout (the length of time a server started with the -w option will wait before dying) in seconds. | |
-u<uid> | Specify the user id that ident will switch to after binding itself to the TCP/IP port (-b mode only). | |
-u<uid> | Specify the group id that ident will switch to after binding itself to the TCP/IP port (-b mode only). | |
-p<port> | Specify an alternative port to bind to when using -b mode. (Default is 113.) | |
-a<address> | Specify the local address to bind the socket to when using -b mode. | |
-V | Display version information. | |
-l | Tell identd to use the system logging daemon. | |
-o | When used, identd will not reveal the type of its operating system. | |
-d | Return UNKNOWN-ERROR rather than NO-USER or INVALID-PORT errors. | |
-c<charset> | Add the optional character set designator to the reply generated. | |
-C[<keyfile>] | Tell identd to return DES-encrypted tokens rather than user names. | |
-n | Tell identd to return numbers rather than user names. | |
-N | Tell identd to check for a .noident file in each home directory that it is about to return a user name for. | |
-m | Allow multiple requests to be processed each session. | |
-d | Debug mode. Not normally used as it creates some security problems. | |
-F | Format output according to the following: | |
| %u | print user name |
| %U | print user number |
| %g | print (primary) group name |
| %G | print (primary) group number |
| %l | print list of all groups by name |
| %L | print list of all groups by number |
| %p | print process ID of running process |
| %c | print command name |
| %C | print command and arguments |
| %e | print the environment |
netstat
[-venaoc] [--tcp|-t] [--udp|-u] [--raw|-w] [--unix|-u] [--inet|--ip] [--ax25] [--ipx] [--netrom]
netstat
[-veenc] [--inet] [--ipx] [--netrom] [--ddp] [--ax25] {--route|-r}
netstat
[-veenac] {--interfaces|-i} [iface]
netstat
[-enc] {--masquerade|-M}
netstat
[-cn] {--netlink|-N}
netstat
{-V|--version} {-h|--help}
This command displays information (network connections, routing tables, interface statistics, masquerade connections, and netlink messages) about the local network.
Example: To display information about the network status, type
netstat
The folllowing is an example of the display information you get upon typing netstat:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 odin:1051 fenris:telnet ESTABLISHED
udp 0 0 odin:netbios-dgm *:*
udp 0 0 odin:netbios-ns *:*
udp 0 0 odin:domain *:*
udp 0 0 localhost:domain *:*
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] STREAM 115034 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 115033
unix 2 [ ] STREAM 114985 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 114983
unix 2 [ ] STREAM 114448 /dev/log
unix 2 [ ] STREAM CONNECTED 114447
unix 2 [ ] STREAM 113290 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 113288
unix 2 [ ] STREAM 59282 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 59281
unix 2 [ ] STREAM 59277 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 59276
unix 2 [ ] STREAM 59235 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 59234
unix 2 [ ] STREAM 59196 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 59142
unix 2 [ ] STREAM 1886 /dev/log
unix 2 [ ] STREAM CONNECTED 1885
unix 1 [ ] STREAM 1646
unix 2 [ ] STREAM 1566 /dev/log
unix 2 [ ] STREAM CONNECTED 1565
unix 2 [ ] STREAM 1521 /dev/log
unix 2 [ ] STREAM CONNECTED 1520
unix 2 [ ] STREAM 1465 /dev/log
unix 2 [ ] STREAM CONNECTED 1464
unix 2 [ ] STREAM 1252 /dev/log
unix 2 [ ] STREAM CONNECTED 1251
Example: To see whether your routing table contains a route to the network 192.249.100 (r prints routing table information, n is the numeric option), type
netstat -nr | grep '192.168.100
Use -M in conjunction with -e option for sequence numbering and deltas caused by data rewrites on ftp sessions. |
Modes
-r, --route | Display kernel routing tables. |
-i, --interface iface | Display all (or only the specified) network interfaces. |
-M, --masquerade | Display a list of all masqueraded sessions. |
-N, --netlink | Get information about creation or deletion of interfaces or routes. |
Options
-v, --verbose | Display verbose operation. |
-n, --numeric | Display numeric addresses rather than attempting to resolve them into symbolic host, port, or user names. |
-A, --af family | Set the address families as a comma-separated list of keywords (inet, UNIX, ipx, ax25, netrom, ddp). |
-c, --continous | Update the display every second until interrupted. |
Output Description
*Active internet connections (TCP, UDP, RAW)
Proto | Display the protocol (tcp, udp, raw) used by the socket. |
Recv-Q | Display the count of bytes not copied by the user program connected to this socket. |
Send-Q | Display the count of bytes not acknowledged by the remote host. |
Local Address | Display the local address (hostname) and port number of the socket. |
Foreign Address | Display the remote address (hostname) and port number of the socket. |
State | Display the state of the socket. |
ESTABLISHED | Inform that the socket has an established connection. |
SYN_SENT | Inform that the socket is actively attempting to establish a connection. |
SYN_RECV | Inform that the connection is being initialized. |
FIN_WAIT1 | Inform that the socket is closed and that the connection is shutting down. |
FIN_WAIT2 | Inform that connection is closed and that the socket is waiting for a shutdown from the remote end. |
TIME_WAIT | Inform that the socket is waiting after close for remote shutdown retransmission. |
CLOSED | Inform that the socket is not being used. |
CLOSE_WAIT | Inform that the remote end has shut down, waiting for the socket to close. |
LAST_ACK | Inform that the remote end has shut down and that the socket is closed. Waiting for acknowledgment. |
LISTEN | Inform that the socket is listening for incoming connections. |
CLOSING | Inform that both sockets are shut down, but that data still has not been sent. |
UNKNOWN | Inform that the state of the socket is unknown. |
User | Display the name or the UID of the owner of the socket. |
Proto | Display the protocol (usually UNIX) used by the socket. |
RefCnt | Display the reference count (i.e., attached processes via this socket). |
Flags | Inform that the flags displayed are SO_ACCEPTON (displayed as ACC), SO_WAITDATA (W) or SO_NOSPACE (N). |
Type | Inform that there are several types of socket access |
SOCK_DGRAM | Used in Datagram (connectionless) mode. |
SOCK_STREAM | A stream (connection) socket. |
SOCK_RAW | Raw socket. |
SOCK_RDM | Reliably delivered messages. |
SOCK_SEQPACKET | A sequential packet socket. |
SOCK_PACKET | RAW interface access socket. |
nslookup
[-option ] [host-to-find | -[server]]
The nslookup command is used to query Internet domain name servers. When invoked from the command line, it can be passed a host name and return the associated IP address (or vice versa) or to return information about a domain. It can also be used interactively, to return various combinations of information about hosts and domains.
State | One of the following: |
FREE | The socket is unallocated. |
LISTENING | Socket is listening for a connection request. |
CONNECTING | Socket is about to establish a connection. |
CONNECTED | The socket is connected. |
DISCONNECTING | The socket is disconnecting. |
(empty) | The socket is not connected to another one. |
UNKNOWN | This state should never happen. |
Path | Path name of the corresponding processes that are attached to the socket. |
Example: To use nslookup to find information about the server www.yahoo.com, use
nslookup www.yahoo.com
nslookup invokes interactively in two ways:
a. when invoked with no arguments
b. when the first argument is a hyphen and the second argument is the IP address or the host name of a name server.
To invoke nslookup noninteractively, just pass in the name or IP address of the host to be looked up. Optionally, you may specify a name server as the second argument.
If you use nslookup a good bit, set your favorite options in a .nslookuprc file in your home directory. |
Interactive Commands
host [server] | Look up information for the specified host using the optionally specified server. | |
server domain, lserver domain | Change the default server to domain; lserver uses the initial server to look up information about domain, while server uses the current default server. | |
root | Change the default server to the server for the root of the domain name space. | |
finger [name] [> filename], finger [name] [>> filename] | Connect with the finger server on the current host. | |
ls [option] domain [> filename] |
| |
ls [option] domain [>> filename] | List the information available for the specified domain, optionally creating or appending to filename. | |
-t querytype | List all records of the specified type (see querytype below): | |
| -a | List aliases of hosts in the domain. |
| -d | List all records for the domain. |
| -h | List CPU and operating system information for the domain. |
| -s | List well-known services of hosts in the domain. |
view filename | Sort and list the output of previous ls commands with more. | |
help, ? | Prints a brief summary of commands. | |
exit | Exit the program. | |
setkeyword [=value] | This command is used to change state information that affects the lookups. Valid keywords are as follows: |
all | Print current values. |
class=value | Change the query class to one of: |
IN | the Internet class |
CHAOS | the Chaos class |
HESIOD | the MIT Athena Hesiod class |
ANY | wildcard (any of the previuosly mentioned commands) |
[no] debug | Turn debugging mode on and off. |
[no] d2 | Turn exhaustive debugging mode on and off. |
domain=name | Specify a new default domain. |
srchlist=name1/ name2/... | Specify an ordered list of domains to be searched (maximum 6 domains). name1 becomes default domain. |
[no] defname | Append default domain name to a single component lookup request. |
[no] search | Append domain names in domain search list to the request until an answer is received. |
port=value | Change the default TCP/UDP name server port to value. |
querytype= valuetype=value | Change the type of information query to one of these: |
A | the host's Internet address. |
CNAME | the canonical name for an alias. |
HINFO | the host CPU and operating system type. |
MINFO | the mailbox or mail list information. |
MX | the mail exchanger. |
NS | the name server for the named zone. |
PTR | the host name if the query is an Internet address; otherwise, the pointer to other information. |
SOA | the domain's "start-of-authority" information. |
TXT | the text information. |
UINFO | the user information. |
WKS | the supported well-known services. |
[no] recurse | Tell the name server to query other servers if it does not have the information. |
retry=number | Specify the number of times to retry a request. |
root=host | Change the name of the root server to host. |
timeout=number | Specify the initial timeout interval in seconds. |
[no] vc | Always use a virtual circuit when sending requests to the server. |
[no] ignoretc | Ignore packet truncation errors. |
rmail user
This command interprets incoming mail received via uucp.
Example: To handle mail for user somebody, type
rmail somebody
route
[-CFvnee]
route
[-v] [-A family] add [-net|-host] target [netmask Nm] [gw Gw] [metric N] [mss M] [window W] [irtt I] [reject] [mod] [dyn] [reinstate] [[dev] If]
route
[-v] [-A family] del [-net|-host] target [gw Gw] [netmask Nm] [metric N] [[dev] If]
route
[-V] [--version] [-h] [--help]
This command is used to display or manipulate the kernel's IP routing table. Typically, it is used to set up static routes to specific hosts after it has been configured with the ifconfig program.
Example: To display the current routing table, use
route
Example: To add a route to the local network to odin's routing table, use
route add -net 192.168.100.0 eth0
Output
The output of the kernel routing table is organized in the following columns:
Destination | Display the destination network or destination host. |
Gateway | Display the the gateway address or "*" if none set. |
Genmask | Display the netmask for the destination network. |
Flags | Display the possible flags, which are as follows: U (route is up) H (target is a host) G (use gateway) R (reinstate route for dynamic routing) D (dynamically installed by daemon or redirect) M (modified from routing daemon or rederict) ! (reject route) |
Metric | Display the distance to the target (usually presented in hops). |
Use | Display the count of lookups for the route. |
Iface | Display the interface to which packets for this route will be sent. |
MSS | Display the maximum Segment Size for TCP connections over this route. |
Window | Display the default window size for TCP connections over this route. |
irtt | Display the initial (RTT) round trip time. |
HH | Display the number of ARP entries and cached routes that refer to the hardware header cache for the cached route. |
Arp | Inform you whether or not the hardware address for the cached route is up to date. |
-v | Display verbose operation. |
-A family | Tell route to use the specified address family. |
-n | Use numeric addresses rather than attempting to resolve into host names. |
-e | Display the routing table in netstat format. |
-net | The target is a network. |
-host | The target is a host. |
-F | Display the kernel FIB routing table. |
-C | Display the kernel's route cache. |
del | Delete a route. |
add | Add a route. |
target | Display the IP address or hostname of the network destination or host. |
netmaskNm | Display the Net mask of the route to be added. |
gwGw | Route any IP packets for the target network/host through the specified gateway. |
metricM | Set the metric field in the routing table (used by routing daemons) to M. |
mssM | Specify the TCP maximum segment size (MSS) for connections over this route to M bytes. |
windowW | Set the TCP window size for connections over this route to W bytes. |
irttI | Set the initial round trip time (irtt) for TCP connections over this route to I milliseconds (1-12000). |
reject | Install a blocking route, which will force a route lookup to fail. |
mod, dyn, reinstate | Install a dynamic or modified route. |
devIf | Force the route to be associated with the specified device, as the kernel will otherwise try to determine the device on its own. |
Ifdev | "If" is the last option on the command line, so the word dev may be omitted, as it's the default. |
routed
[-d] [-g] [-q] [-s] [-t] [logfile]
Routed is the daemon used to manage the network routing tables. Routed listens on the udp socket for the route service for routing information packets and updates the internal routing tables.
Example: Routed is usually invoked at startup time via the script /etc/rc.d/init.d/routed, but the call is pretty simple, just type
routed
-d | Log additional debug information. |
-g | On internetwork routers, this flag is used to specify a possible route to the default destination. |
-s | This option forces routed to supply routing information regardless of whether or not it is acting as an internetwork router. |
-q | This is the inverse of the -s option. |
-t | Display all packets sent or received to standard output. |
/etc/gateways
Routed relies on the /etc/gateways file, each line of which is formatted as follows:
<net | host> name1 gateway name2 metric value <passive | active | external>
The net or host keyword indicates if the route is to a network or specific host.
net | Indicates that the route is to a network. |
host | Indicates the route is a specific host. |
name1 | Indicates the name of the destination network or host. |
name2 | Display the address of the gateway to which messages should be forwarded. |
value | Display a metric that indicates the hop count to the destination. |
< passive | active | external > | Indicates nature of the gateway. |
rusers
[-al] [host ]
Produces output similar to who for all machines on the local network.
Example: To get rusers information for all hosts on the network, use
rusers -a
-a | Display all machines responding even if no one is logged in. |
-l | It is an output long listing and includes user name, host name, tty, date & time logged in, idle time, and remote host (if applicable). |
tcpdchk
[-a] [-d] [-i inet_conf] [-v]
This command examines the tcp wrapper configuration and points out any potential problems it identifies. In some cases, it suggests fixes as well.
Example: To check the tcp wrapper configuration on the current host, use
tcpdchk
-a | Report access control rules that permit access without an explicit ALLOW keyword. |
-d | Examine hosts.allow and hosts.deny files in the current directory instead of the default ones. |
-iinet_conf | Use this option when tcpdchk is unable to find your inetd.conf or tlid.conf network configuration file. |
-v | Display the contents of each access control rule. |
tcpdmatch
[-d] [-i inet_conf] daemon client
tcpdmatch
[-d] [-i inet_conf] daemon[@server] [user@]client
This program offers predictions about how the tcp wrapper would offer a specific request for service.
Example: To predict how odin would react to a telnet request, use
tcpdmatch in.telnetd fenris
If you're having network service problems, this is not a bad diagnostic aid. |
-d | Examine hosts.allow and hosts.deny files in the current directory, instead of the default ones. |
-i inet_conf | Specify this option when tcpdmatch is unable to find your inetd.conf or tlid.conf network configuration file or when you suspect that the program uses the wrong one. |
traceroute
[ -dFInrvx ] [ -f first_ttl ] [ -g gateway ] [ -i iface ] [ -m max_ttl ] [ -p port ] [ -q nqueries ] [ -s src_addr ] [ -t tos ] [ -w waittime ] host [ packetlen ]
This command is used to print the route that packets take to the network host.
Example: To print the route a packet would take to the host www.themes.org, use
traceroute www.themes.org
-f | Set the initial time to live used in the first outgoing probe packet. |
-F | Set the "don't fragment" bit. |
-d | Enable socket level debugging. |
-g | Specify a loose source route gateway (8 maximum). |
-i | Specify a network interface to obtain the source IP address for outgoing probe packets. |
-I | Use ICMP ECHO instead of UDP datagrams. |
-m | Set the max time to live (max number of hops) used in outgoing probe packets. |
-n | Print hop addresses numerically rather than symbolically and numerically. |
-p | Set the base UDP port number used in probes. |
-r | Bypass the normal routing tables and send directly to a host on an attached network. |
-s | Use the following IP address as the source address in outgoing probe packets. |
-t | Set the type of service in probe packets to the following value (default zero) |
-v | Verbose output. |
-w | Set the time (in seconds) to wait for a response to a probe (default 5 sec.). |
-x | Toggle checksums. |