tcpdump

• man page 看例子
• pcap-savefile
• A Quick and Practical Reference for tcpdump

wireshark

non-root user

• Wireshark setup Linux for nonroot user

sudo usermod -a -G wireshark $USER

filter

• filtering out protocol, sequence number, and ack using tshark
• set a filter of packet length in wireshark

frame.len

• Can we use No in the filter expression?

frame.number

time display format

• https://www.wireshark.org/docs/wsug_html_chunked/ChWorkTimeFormatsSection.html

tcpreplay

• https://tcpreplay.appneta.com/wiki/howto.html
• http://tcpreplay.synfin.net/wiki/manual

ss

《篡权的ss》-linux命令五分钟系列之三十一

$ ss -s
Total: 295 (kernel 312)
TCP:   48 (estab 1, closed 31, orphaned 0, synrecv 0, timewait 0/0), ports 13

Transport Total     IP        IPv6
*         312       -         -
RAW       0         0         0
UDP       2         2         0
TCP       17        12        5
INET      19        14        5
FRAG      0         0         0

$ ss -l
Recv-Q Send-Q           Local Address:Port               Peer Address:Port
0      128                         :::webcache                      :::*
0      128                         :::http                         :::*
0      128                         :::snapenetio                      :::*
0      128                          *:snapenetio                       *:*
0      50                           *:8531                          *:*
0      9                           :::ftp                          :::*
0      9                            *:ftp                           *:*
0      128                          *:ddi-tcp-1                       *:*
0      100                        ::1:smtp                         :::*
0      100                  127.0.0.1:smtp                          *:*
0      128                          *:8541                          *:*
0      128                  127.0.0.1:entextxid                       *:*
0      50                           *:12421                         *:*
0      10                           *:amqp                          *:*
0      128                          *:12521                         *:*
0      50                           *:mysql                         *:*

# sockets
$ ss -l
# TCP sockets
$ ss -ta
# UDP sockets
$ ss -ua
# RAW sockets
$ ss -wa
# UNIX sockets
$ ss -xa

• ss command: Display Linux TCP / UDP Network/Socket Information

ip

• 试试Linux下的ip命令，ifconfig已经过时了

sar 监控

• Linux Tools Quick Tutorial / sar 找出系统瓶颈的利器
• 手把手教你用Sar诊断问题
• 《sar访谈》-linux命令五分钟系列之二十九
• Generate CPU, Memory & I/O report using SAR command
• Howto install sar & ksar system activity info in centos and Fedora
• centos 下安装监控工具 sar,iostat

traceroute

• [转]Traceroute网络排障实用指南（1）
• [转]Traceroute网络排障实用指南（2）
• 从Traceroute看网络问题

DHCP

• What is DHCP and how to configure DHCP server in Linux

References

• ping tracert 用法

monitor 监控

• 3 个简单、优秀的 Linux 网络监视器: iftop nethogs vnstat

bmon

• bmon：Linux 下一个强大的网络带宽监视和调试工具

nmap

• 用 NMAP 探测操作系统

ethtool

• https://linuxhint.com/ethtool_commands_examples/
• Linux LAN card: Find out full duplex / half speed or mode
• Get maximum bandwidth of a Network Adapter

iperf

• 10Gbps network bandwidth test – Iperf tutorial

telnet

login without typing username and password

• remote telnet without password

#!/usr/bin/expect

spawn "telnet" "the.host.machine"

expect "Login:"
send "youruser\r"
expect "Password:"
send "yourpassword\r"
expect "Login successful"
interact

• How to automate telnet session using Expect?
• How to automate telnet session using Expect?
• https://github.com/aguther/example-telnet-expect/blob/master/telnet.sh
• expect script to telnet into a router

netcat

• How To Use Netcat to Establish and Test TCP and UDP Connections on a VPS
• Why is “nc -l xxxx” not opening a port?
• How to Simulate a TCP/UDP Client Using Netcat
• Three ways to check whether a port is open on remote Linux system?
• How to Check Remote Ports are Reachable Using ‘nc’ Command
• How to Use Netcat Commands: Examples and Cheat Sheets

nmap

• https://nmap.org/book/man.html