Linux网络基础

• ip addr命令：查看网口信息
• ifconfig命令：查看网口信息，CentOS 7默认未安装，可通过yum install -y net-tool安装。
• ifconfig -a：查看所有网口信息，包括下线网口。
• ifdown 网卡：禁用该网卡
• ifup 网卡：启用该网卡。单独重启一块网卡可用ifdown/ifup命令，重启所有网卡及网络服务可用systemctl restart network.service，ip addr/ifconfig可查询状态。

重启网卡与网络服务
[root@localhost ~]# ifdown eno16777736 && ifup eno16777736
重启整个网络服务：
[root@localhost ~]# systemctl restart network.service
设置虚拟网卡并添加IP
    
    
     
cp ifcfg-em1 ifcfg-em1:0
    
     
vim ifcfg-em1:0
    
修改内容如下：

HWADDR=00:0C:29:CA:10:BBBOOTPROTO=staticDEFROUTE=yesPEERDNS=yesPEERROUTES=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_PEERDNS=yesIPV6_PEERROUTES=yesIPV6_FAILURE_FATAL=noNAME=em1:0UUID=8fa73c35-53a7-432b-a659-752a2930ee49ONBOOT=yesIPADDR=192.168.254.150NETMASK=255.255.255.0

查看网口状态
    
    
     
mii-tool eno16777736：查看网口连接状态
    
     
ethtool eno16777736：查看网口详细信息
    
[root@localhost network-scripts]# mii-tool eno16777736

eno16777736: negotiated 1000baseT-FD flow-control, link ok

[root@localhost network-scripts]# ethtool eno16777736Settings for eno16777736:Supported ports: [ TP ]Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/FullSupported pause frame use: NoSupports auto-negotiation: YesAdvertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/FullAdvertised pause frame use: NoAdvertised auto-negotiation: YesSpeed: 1000Mb/sDuplex: FullPort: Twisted PairPHYAD: 0Transceiver: internalAuto-negotiation: onMDI-X: off (auto)Supports Wake-on: dWake-on: dCurrent message level: 0x00000007 (7) drv probe linkLink detected: yes

更改主机名
    
    
     
查看当前主机名：
    
     
[root@localhost ~]# hostname
    

localhost.localdomain

[root@localhost ~]# hostnamectl set-hostname llll[root@localhost ~]# hostnamelll[root@localhost ~]# cat /etc/hostnamelll

DNS配置文件
    
    
     
/etc/hosts：静态域名解析配置文件，仅在本机生效
    
Linux防火墙（netfilter/firewalld）
    
    
     
CentOS 7默认使用firewalld，可先禁用并关闭firewalld：
    
     
[root@localhost ~]# systemctl disable firewalld && systemctl stop firewalld
    
     
安装netfilter：
    
     
[root@localhost ~]# yum install -y iptables-services
    
     
启用并启动iptables：
    
     
[root@localhost ~]# systemctl enable iptables && systemctl start iptables
    
查看iptables规则：
[root@localhost ~]# iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)pkts bytes target prot opt in out source destination29 2044 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 161 17185 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)pkts bytes target prot opt in out source destination0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 58 packets, 7996 bytes)pkts bytes target prot opt in out source destination

    
    
     
iptables规则存储在/etc/sysconfig/iptables中
    
     
iptables -F：清空当前规则，不会删除存储在文件中的规则
    
     
systemctl iptables restart：重启iptables服务
    
     
iptables -Z：清空规则计数器
    
     
iptables -t table：指定表，默认为filter
    
     
iptables -A：添加规则，规则会追加至文件末尾
    
     
iptables -I：插入规则，规则会插入至开头
    
     
iptables -D：删除规则（需指定规则编号）
    
     
iptables -P：修改默认规则（接受、拒绝、抛弃），不建议随意修改
    
    
    
     
    
     
        
      
        
              
      
    
     
    
     
    
转载自:https://my.oschina.net/u/3731306/blog/1854609