$ dpkg -s iproute可见我老土多年,还在 ifconfig 和 route 中,趁早学习下新思维 -,-b 这个包里面有
Package: iproute
Status: install ok installed
Priority: important
Section: net
Installed-Size: 920
Maintainer: Debian iproute maintainers
Architecture: i386
Version: 20080725-2
Provides: arpd
Depends: libc6 (>= 2.7-1), libdb4.6
Recommends: libatm1
Suggests: iproute-doc
Conflicts: arpd
Conffiles:
/etc/iproute2/rt_dsfield da0ef3e6e9880e6ee4d64782cb4a5fcf
/etc/iproute2/ematch_map 0b9befbbbee4b415319b8070f18b9b88
/etc/iproute2/rt_scopes 6298b8df09e9bda23ea7da49021ca457
/etc/iproute2/rt_protos 83da07a831e71eb4f6dfaec3d27de345
/etc/iproute2/rt_tables a1313318d6778fe6b8c680248ef5a463
/etc/iproute2/rt_realms 7137bdf40e8d58c87ac7e3bba503767f
Description: networking and traffic control tools
The iproute suite, also known as iproute2, is a collection of
utilities for networking and traffic control.
.
These tools communicate with the Linux kernel via the (rt)netlink
interface, providing advanced features not available through the
legacy net-tools commands 'ifconfig' and 'route'.
Homepage: http://www.linux-foundation.org/en/Net:Iproute2
/usr/lib/tc/experimental.dist命令很多,一个一个来。首先是 routef 和 routel,一个 flush route table,一个列出路由表,更基本的命令是 iproute2,这个后面看。和 route 列出来的有什么不一样呢?
/usr/lib/tc/normal.dist
/usr/lib/tc/paretonormal.dist
/usr/lib/tc/pareto.dist
/usr/lib/tc/q_atm.so
/usr/bin/routef
/usr/bin/routel
/usr/bin/nstat
/usr/bin/lnstat
/usr/share/man/man3/libnetlink.3.gz
/usr/share/man/man8/tc.8.gz
/usr/share/man/man8/tc-cbq-details.8.gz
/usr/share/man/man8/tc-sfq.8.gz
/usr/share/man/man8/routel.8.gz
/usr/share/man/man8/ss.8.gz
/usr/share/man/man8/rtmon.8.gz
/usr/share/man/man8/tc-red.8.gz
/usr/share/man/man8/arpd.8.gz
/usr/share/man/man8/tc-htb.8.gz
/usr/share/man/man8/tc-tbf.8.gz
/usr/share/man/man8/lnstat.8.gz
/usr/share/man/man8/ip.8.gz
/usr/share/man/man8/tc-cbq.8.gz
/usr/share/man/man8/tc-bfifo.8.gz
/usr/share/man/man8/tc-pfifo.8.gz
/usr/share/man/man8/tc-prio.8.gz
/usr/share/man/man8/tc-pfifo_fast.8.gz
/usr/share/man/man8/rtacct.8.gz
/usr/share/doc/iproute/README.Debian
/usr/share/doc/iproute/copyright
/usr/share/doc/iproute/changelog.Debian.gz
/usr/sbin/arpd
/bin/ip
/etc/iproute2/rt_dsfield
/etc/iproute2/ematch_map
/etc/iproute2/rt_scopes
/etc/iproute2/rt_protos
/etc/iproute2/rt_tables
/etc/iproute2/rt_realms
/sbin/rtacct
/sbin/rtmon
/sbin/ss
/sbin/tc
/usr/bin/rtstat
/usr/bin/ctstat
/usr/share/man/man8/ctstat.8.gz
/usr/share/man/man8/routef.8.gz
/usr/share/man/man8/nstat.8.gz
/usr/share/man/man8/rtstat.8.gz
/sbin/ip
$ routel嗯,可见 routel 把一些没有使用的设备对应的 route 也列出来了,看起来好懂点。routef 清理所有的路由信息,这真是好用啊,最讨厌一条一条的删掉了 -,-b
target gateway source proto scope dev tbl
10.20.2.65 10.20.2.1 ath0
10.20.2.0/ 24 10.20.2.115 kernel link ath0
default 10.20.2.1 ath0
127.255.255.255 broadcast 127.0.0.1 kernel link lo local
10.20.2.255 broadcast 10.20.2.115 kernel link ath0 local
10.20.2.0 broadcast 10.20.2.115 kernel link ath0 local
10.20.2.115 local 10.20.2.115 kernel host eth0 local
10.20.2.115 local 10.20.2.115 kernel host ath0 local
127.0.0.0 broadcast 127.0.0.1 kernel link lo local
127.0.0.1 local 127.0.0.1 kernel host lo local
127.0.0.0/ 8 local 127.0.0.1 kernel host lo local
default unreachable none lo unspec
::1 :: none lo local
default unreachable none lo unspec
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.20.2.65 10.20.2.1 255.255.255.255 UGH 0 0 0 ath0
10.20.2.0 0.0.0.0 255.255.255.0 U 0 0 0 ath0
0.0.0.0 10.20.2.1 0.0.0.0 UG 0 0 0 ath0
nstat 和 rtacct 是网络统计信息,如
$ nstat我们可以看到很多 TCP/IP、ICMP、UDP 等统计信息,类似还有 lnstat(rtstat、ctstat),似乎就是依据不同协议列的统计信息?来源于 /proc/net/stat/。
#kernel
IpInReceives 80601 0.0
IpInHdrErrors 2 0.0
IpInAddrErrors 154 0.0
IpInDelivers 80444 0.0
IpOutRequests 53006 0.0
IpOutNoRoutes 163 0.0
IpFragOKs 65 0.0
IpFragCreates 136 0.0
IcmpInErrors 137 0.0
IcmpInTimeExcds 31 0.0
IcmpInParmProbs 87 0.0
IcmpInEchos 15 0.0
IcmpInEchoReps 1 0.0
IcmpInTimestamps 3 0.0
IcmpOutErrors 89 0.0
IcmpOutTimeExcds 86 0.0
IcmpOutEchoReps 3 0.0
IcmpMsgInType0 3 0.0
IcmpMsgInType3 31 0.0
IcmpMsgInType5 15 0.0
IcmpMsgInType8 1 0.0
IcmpMsgInType11 87 0.0
IcmpMsgOutType3 86 0.0
IcmpMsgOutType8 3 0.0
TcpActiveOpens 423 0.0
TcpPassiveOpens 8 0.0
TcpAttemptFails 14 0.0
TcpEstabResets 25 0.0
TcpInSegs 62239 0.0
TcpOutSegs 50769 0.0
TcpRetransSegs 448 0.0
TcpOutRsts 269 0.0
UdpInDatagrams 1513 0.0
UdpNoPorts 80 0.0
UdpOutDatagrams 1802 0.0
Ip6InReceives 18 0.0
Ip6InDelivers 18 0.0
Ip6OutRequests 24 0.0
Ip6OutNoRoutes 1 0.0
Ip6InMcastPkts 18 0.0
Ip6OutMcastPkts 28 0.0
Icmp6InMsgs 1 0.0
Icmp6OutMsgs 7 0.0
Icmp6InRouterAdvertisements 1 0.0
Icmp6OutRouterSolicits 1 0.0
Icmp6OutNeighborSolicits 2 0.0
Icmp6OutMLDv2Reports 4 0.0
Icmp6InType134 1 0.0
Icmp6OutType133 1 0.0
Icmp6OutType135 2 0.0
Icmp6OutType143 4 0.0
Udp6InDatagrams 17 0.0
Udp6OutDatagrams 17 0.0
TcpExtPruneCalled 6 0.0
TcpExtTW 67 0.0
TcpExtDelayedACKs 428 0.0
TcpExtDelayedACKLost 859 0.0
TcpExtTCPPrequeued 5 0.0
TcpExtTCPDirectCopyFromPrequeue 8 0.0
TcpExtTCPHPHits 54267 0.0
TcpExtTCPPureAcks 1930 0.0
TcpExtTCPHPAcks 1202 0.0
TcpExtTCPSackRecovery 2 0.0
TcpExtTCPLossUndo 33 0.0
TcpExtTCPLoss 2 0.0
TcpExtTCPRenoFailures 1 0.0
TcpExtTCPSackFailures 12 0.0
TcpExtTCPLossFailures 6 0.0
TcpExtTCPFastRetrans 2 0.0
TcpExtTCPSlowStartRetrans 43 0.0
TcpExtTCPTimeouts 212 0.0
TcpExtTCPRcvCollapsed 209 0.0
TcpExtTCPDSACKOldSent 799 0.0
TcpExtTCPDSACKOfoSent 12 0.0
TcpExtTCPDSACKRecv 4 0.0
TcpExtTCPAbortOnData 23 0.0
TcpExtTCPAbortOnClose 4 0.0
TcpExtTCPAbortOnTimeout 24 0.0
TcpExtTCPDSACKIgnoredOld 2 0.0
TcpExtTCPDSACKIgnoredNoUndo 2 0.0
IpExtInMcastPkts 164 0.0
IpExtOutMcastPkts 92 0.0
IpExtInBcastPkts 16499 0.0
arpd 是一个 user-space 的 arp daemon,用户可以通过控制它取代 kernel 的 ARP daemon。不知道对像 ARP 攻击的机器是不是可以免疫...
rtmon 是一个监视程序,通过指定一个 log 文件以及监听的内容,并可以用后面 ip 命令显示。命令就是 rtmon file path-to-ur-file list,这个 list 包括 link(eth0...)、address(设备地址) 和 route(路由表)。
ss 是一个 socket 的统计程序,嗯,不过似乎只有 TCP 连接?-a 显示所有的,嗯对发现监听的程序比较有用。
tc 是个很牛的东西,赞... 就是用于控制网络流量(Traffic control)的程序,分四种:shaping(输出流量控制)、scheduling(似乎是为了保证网络通信的带宽,每次传送足够多的数据)、policing(输入流量控制)、dropping(超过流量丢包)。操纵这些需要用三种 objects,qdisc(队列)、classes(每个 qdiscs 含有若干 classes,而每个 class 含有 qdiscs,kernel 根据 class 从 qdisc 里面 dequeue packet),filter(kernel 决定放入哪个 class)。qdisc 有两种,一种是 classless(因此不含有 class?),一种是 classful,当 packet 进入 classful qdisc 就会用 filter 分类(TC、服务类型或者 skb->priority)。对每个 object 使用 id(handler)来命名,tc 提供修改的接口。
另一个核心命令就是 ip 了,基本语法如下
ip [ OPTIONS ] OBJECT { COMMAND | help }这里可操纵的对象有 link(如 eth0)、addr(如 ipv4 地址)、addrlabel(给地址加的 label)、route(路由表)、rule(路由规则)、neigh(就是 ARP)、tunnel(tunnel over IP,那个什么 ipv6 over v4 是不是?)、maddr(多播地址)、mroute(多播路由)、monitor()、xfrm(IPSec 的 framework)。觉得这块比 ifconfig/route 复杂太多了,准备看完以下文档后再来讨论。
参考文档:Linux Advanced Routing and Traffic Control Howto。
2 条评论:
Hello, i think that i saw you visited my blog thus i got here to return the prefer?
.I'm attempting to to find things to improve my website!I suppose its ok to make use of a few of your concepts!!
Also visit my page ... cellulite treatment cream
Hi to all, how is the whole thing, I think every one is getting more from this website,
and your views are good in support of new visitors.
Feel free to visit my homepage: cellulite treatment cream
发表评论