10 Linux Networking Commands Every Beginner Should Know
As a beginner learning Linux, networking commands are some of the first tools you‘ll need in your arsenal. Whether you‘re a developer, system administrator, or cybersecurity professional, the ability to examine and control your network is crucial.
While Linux has a robust collection of networking utilities, mastering a core set of commands will allow you to handle most common tasks with ease. In this guide, we‘ll walk through 10 essential networking commands every Linux user should know.
1. ip command
The ip command is a powerful tool for examining and configuring network interfaces and routing. To display information about your network interfaces, use:
ip addr showThis will list all interfaces along with their IP addresses, MAC addresses, MTU, and other properties.
To assign an IP address to an interface, use a command like:
sudo ip addr add 192.168.1.10/24 dev eth0This assigns the IP address 192.168.1.10 with a /24 subnet mask to the eth0 interface. The ip command can also show the routing table with:
ip route showAnd enable or disable an interface using:
sudo ip link set eth0 up
sudo ip link set eth0 down 2. ping command
The classic ping utility tests connectivity to a remote host by sending ICMP echo requests and measuring the response time. The basic syntax is:
ping hostnameWhere hostname can be a domain name or IP address. Ping will send packets continuously until you stop it with Ctrl-C.
You can specify the number of packets to send with the -c option:
ping -c 5 google.comThis sends 5 pings to google.com. The -s option sets the packet size in bytes:
ping -s 100 hostPing is useful for quickly checking if a host is reachable and measuring latency. If ping fails, it indicates a network connectivity issue that you can troubleshoot further.
3. traceroute command
The traceroute command traces the network path from your machine to a remote host, showing all the routing hops along the way. To use it type:
traceroute hostname Traceroute will print the IP address and latency of each hop as the packets make their way to the destination. This lets you see the routing path and identify slow points or failures. The Windows equivalent is tracert.
4. ss command
The ss utility is used to investigate network connections and sockets. Compared to the older netstat command, ss is faster and provides more detailed information.
To list all connections, use:
ss -ta The -t option selects TCP connections, while -a shows both listening and non-listening sockets.
You can filter results by various criteria. To show only listening sockets:
ss -ltTo show sockets for a specific port:
ss -at ‘( dport = :22 )‘This displays all TCP connections on port 22 (ssh).
Mastering ss allows you to monitor your network services and identify active connections.
5. iptables command
The iptables utility is used to configure firewall rules and policies on Linux machines. It lets you filter inbound and outbound traffic based on criteria like source IP, destination port, protocol, etc.
To list the current firewall rules, use:
sudo iptables -L -nThe -L lists rules, while -n skips name lookups for faster output.
To block all traffic from an IP address:
sudo iptables -A INPUT -s 1.2.3.4 -j DROP This appends a rule to the INPUT chain to drop all packets from 1.2.3.4.
To allow inbound ssh access:
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPTIptables has a vast collection of features for crafting precise security policies. All Linux users should understand the basics of iptables for locking down open ports and controlling access to services.
6. tcpdump command
Tcpdump is a powerful packet analyzer that lets you capture and examine traffic on a network interface. It‘s useful for debugging network issues and investigating security incidents.
To capture packets on an interface, use:
sudo tcpdump -i eth0This captures all traffic on the eth0 interface and prints decoded packet details to the screen.
You can filter packets with expressions. To capture only TCP traffic to port 443:
sudo tcpdump -i eth0 tcp port 443To save the raw packets to a file instead of printing:
sudo tcpdump -i eth0 -w capture.pcapThe captured packets can be analyzed later with tools like Wireshark. By selectively capturing and examining traffic, tcpdump allows you to diagnose tricky connectivity problems and detect anomalous activity.
7. nmap command
Nmap is a popular open source tool for network discovery and security auditing. It can scan a network to identify live hosts, ports, services, operating systems, and potential vulnerabilities.
To scan a host and list open ports:
nmap hostname To scan a subnet and probe for OS details:
nmap -sV -O 192.168.1.0/24The -sV probes open ports to determine service/version info, while -O enables OS detection.
Nmap has dozens of options for customizing scans, evading firewalls, scripting, and generating reports. It‘s an indispensable tool for network admins and security professionals.
8. curl command
Curl is a versatile command line tool for sending and receiving data across the network. It supports a wide range protocols including HTTP, FTP, IMAP and many more.
To fetch a web page and print the HTML source:
curl http://example.comTo download a file:
curl -o file.zip ftp://example.com/file.zipThe -o option specifies the output filename.
Curl has many options for setting request headers, using authentication, handling cookies, limiting bandwidth, and more. It‘s a handy tool for interacting with web services, debugging apps, and downloading content.
9. wget command
Wget is another useful program for retrieving files from the web via HTTP, HTTPS or FTP. Compared to curl, it has better support for large file downloads, background downloads, and recursive downloading.
To download a single file:
wget http://example.com/file.tar.gz To download an entire website recursively:
wget -r http://example.comThe -r option enables recursive retrieval, downloading all linked pages and resources.
Like curl, wget supports many options for fine-tuning transfers. It‘s a great choice for mirroring websites or selectively retrieving content.
10. scp and rsync commands
The scp and rsync utilities allow you to securely copy files between hosts on a network.
To copy a file to a remote server with scp:
scp file.txt user@remotehost:/path/To copy a directory from a remote server:
scp -r user@remotehost:/path/to/dir/ ./The -r option copies directories recursively.
Rsync is more efficient than scp when synchronizing directories between hosts, as it only copies the differences. To sync a directory to a remote host:
rsync -av ./dir/ user@remotehost:/path/to/dir/The -a option preserves file ownership and permissions, while -v enables verbose output.
Scp and rsync are invaluable for securely transferring data between machines. They‘re commonly used for deploying code, migrating servers, and keeping backups in sync.
Conclusion
These 10 commands cover many of the most important aspects of Linux networking. Of course, each utility has far more features and use cases than can be covered here. Consult the man pages and online resources to dive deeper into each one.
Mastering these networking commands will enable you to efficiently manage and monitor Linux systems across the network. With practice, you‘ll be able to quickly diagnose issues, ensure security, and automate tasks.
To further develop your Linux networking skills, I recommend experimenting with tools like netcat, socat, and iptraf. As you advance, look into utilities like tcpflow, mtr, nethogs, and bmon. Building your networking toolkit will pay dividends throughout your Linux journey.