11:11:23
|
#reboot && exit
Connection to 192.168.0.254 closed by remote host. Connection to 192.168.0.254 closed. |
| /l3/users/13-02-2012/NT-Lnet/debian1.net.nt/root :1 :2 :3 :4 :5 :6 :7 :8 :9 :10 :11 :12 :13 :14 :15 :16 :17 :18 |
|
|
#ifconfig re2
re2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:02:01
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
|
|
#ifconfig re1
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:01:01
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
|
|
#vim /etc/rc.conf
|
|
#ifconfig re2
re2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:02:01
inet 192.168.168.1 netmask 0xffffff00 broadcast 192.168.168.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
|
|
#netstat -r
Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.0.1 UGS 0 326 re1 localhost localhost UH 0 0 lo0 192.168.0.0 link#2 UC 0 0 re1 192.168.0.1 00:16:3e:00:02:02 UHLW 2 0 re1 1186 192.168.168.0 link#3 UC 0 0 re2 Internet6: Destination Gateway Flags Netif Expire localhost.net.nt localhost.net.nt UHL lo0 fe80::%lo0 fe80::1%lo0 U lo0 fe80::1%lo0 link#5 UHL lo0 ff01:5:: fe80::1%lo0 UC lo0 ff02::%lo0 fe80::1%lo0 UC lo0 |
|
#netstat -r -f inet -n
Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.0.1 UGS 0 361 re1 127.0.0.1 127.0.0.1 UH 0 0 lo0 192.168.0.0/24 link#2 UC 0 0 re1 192.168.0.1 00:16:3e:00:02:02 UHLW 2 0 re1 1180 192.168.168.0/24 link#3 UC 0 0 re2 |
|
#ping 192.168.168.5
PING 192.168.168.5 (192.168.168.5): 56 data bytes 64 bytes from 192.168.168.5: icmp_seq=0 ttl=64 time=3.001 ms 64 bytes from 192.168.168.5: icmp_seq=1 ttl=64 time=1.351 ms ^C --- 192.168.168.5 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 1.351/2.176/3.001/0.825 ms |
|
#trafshow
|
|
#reboot && exit
Connection to 192.168.0.254 closed by remote host. Connection to 192.168.0.254 closed. |
|
#eth0 0:16:3e:0:0:1 192.168.13.1 Ethernet
|
|
#trafshow -i eth0
|
|
#eth0 0:16:3e:0:0:1 192.168.13.1 Ethernet
|
|
#trafshow -n
|
|
#ifconfig
re0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:00:01
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:01:01
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
re2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:02:01
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
|
|
#vim /etc/rc.conf
|
|
#eth0 0:16:3e:0:0:1 192.168.13.1 Ethernet
Usage: trafshow [-vpnb] [-a len] [-c conf] [-i ifname] [-s str] [-u port] [-R refresh] [-P purge] [-F file | expr] Where: -v Print version number, compile-time definitions, and exit -p Don't put the interface(s) into promiscuous mode -n Don't convert numeric values to names -b To place a backflow near to the main stream -a len To aggregate IP addresses using the prefix length -c conf Color config file instead of default /etc/trafshow -i ifname Network interface name; all by default -s str To search & follow for string in the list show -u port UDP port number to listen for Cisco Netflow; default 9995 -R refresh Set the refresh-period of data show to seconds; default 2 sec -P purge Set the expired data purge-period to seconds; default 10 sec -F file Use file as input for the filter expression expr Filter expression; see tcpdump(1) for syntax |
|
#/etc/netstart
devd already running? (pid=752).
Setting hostuuid: a675e116-d753-774a-e67e-2adb8a64c1d9.
Setting hostid: 0x4f43d0e9.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:01:01
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
re2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:02:01
inet 192.168.168.1 netmask 0xffffff00 broadcast 192.168.168.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
add net default: gateway 192.168.0.1
Additional routing options: IP gateway=YES.
|
|
#trafshow -R 1
|
|
#vim /etc/rc.conf
|
|
#gateway_enable="YES"
re0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:00:01
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:01:01
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
...
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:16:4e:00:02:01
inet 192.168.168.1 netmask 0xffffff00 broadcast 192.168.168.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
|
|
#exit
exit Connection to 192.168.0.254 closed. |
|
#eth0 0:16:3e:0:0:1 192.168.13.1 Ethernet
|
|
#iptraf
bash: iptraf: команда не найдена |
|
#apt-get install iptraf
Чтение списков пакетов... Готово Построение дерева зависимостей Чтение информации о состоянии... Готово НОВЫЕ пакеты, которые будут установлены: iptraf обновлено 0, установлено 1 новых пакетов, для удаления отмечено 0 пакетов, и 0 пакетов не обновлено. Необходимо скачать 165 kБ архивов. После данной операции, объём занятого дискового пространства возрастёт на 741 kB. Получено:1 http://ftp.ua.debian.org/debian/ squeeze/main iptraf i386 3.0.0-7 [165 kB] Получено 165 kБ за 0с (826 kБ/c) Выбор ранее не выбранного пакета iptraf. (Чтение базы данных ... на данный момент установлено 29475 файлов и каталогов.) Распаковывается пакет iptraf (из файла .../iptraf_3.0.0-7_i386.deb)... Обрабатываются триггеры для man-db ... Настраивается пакет iptraf (3.0.0-7) ... |
|
#iptraf
IPTraf + TCP Connections (Source Host:Port) ---------- Packets --- Bytes Flags Iface + |+192.168.13.1:22 > 28 12448 -PA- eth0 | |+192.168.13.253:3260 > 28 1456 --A- eth0 | |+192.168.13.1:22 > 28 12448 -PA- eth0 | |+192.168.13.253:1471 > 28 1456 --A- eth0 | |+192.168.13.1:22 > 28 12448 -PA- eth0 | |+192.168.13.253:1486 > 28 1456 --A- eth0 | |+192.168.13.1:22 > 29 12484 -PA- eth0 | |+192.168.13.253:47187 > 28 1456 --A- eth0 | ... |+192.168.13.1:60244 = 1 60 S--- eth0 | |+91.205.16.235:18030 = 1 46 RESET eth0 | + TCP: 6 entries ------------------------------------------------ Active -+ +------------------------------------------------------------------------------+ | UDP (52 bytes) from 192.168.13.1:52764 to 192.168.13.253:53 on eth0 | | UDP (467 bytes) from 192.168.13.253:53 to 192.168.13.1:52764 on eth0 | | | + Top -------------------------------------------------------------------------+ Pkts captured (all interfaces): 242 | Computing Up/Dn/PgUp/PgDn-scroll M-more TCP info W-chg actv win S-sort TCP X-exit |
|
#tcpdump src 192.168.13.1 and dst 192.168.13.253
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 12:18:22.349265 IP debian1.net.nt.ssh > 192.168.13.253.47187: Flags [P.], seq 2260842105:2260842297, ack 653414781, win 552, options [nop,nop,TS val 2228962 ecr 9317421], length 192 12:18:22.350664 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [P.], seq 818073831:818074023, ack 174579536, win 341, options [nop,nop,TS val 2228962 ecr 1085793], length 192 12:18:22.352260 IP debian1.net.nt.ssh > 192.168.13.253.1471: Flags [P.], seq 2892435568:2892435760, ack 1206447934, win 341, options [nop,nop,TS val 2228962 ecr 1078840], length 192 12:18:22.352519 IP debian1.net.nt.ssh > 192.168.13.253.3260: Flags [P.], seq 1751363091:1751363283, ack 3419865931, win 341, options [nop,nop,TS val 2228962 ecr 10002967], length 192 12:18:22.355442 IP debian1.net.nt.59378 > 192.168.13.253.domain: 39927+ PTR? 253.13.168.192.in-addr.arpa. (45) 12:18:22.388313 IP debian1.net.nt.ssh > 192.168.13.253.3260: Flags [P.], seq 192:1072, ack 1, win 341, options [nop,nop,TS val 2228971 ecr 10003221], length 880 12:18:22.389489 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [.], seq 192:1640, ack 1, win 341, options [nop,nop,TS val 2228972 ecr 1086047], length 1448 12:18:22.389720 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [.], seq 1640:3088, ack 1, win 341, options [nop,nop,TS val 2228972 ecr 1086047], length 1448 ... 12:18:23.448860 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [.], seq 346664:348112, ack 481, win 341, options [nop,nop,TS val 2229237 ecr 1086156], length 1448 12:18:23.449321 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [P.], seq 348112:349360, ack 481, win 341, options [nop,nop,TS val 2229237 ecr 1086156], length 1248 12:18:23.450018 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [.], seq 349360:350808, ack 481, win 341, options [nop,nop,TS val 2229237 ecr 1086157], length 1448 12:18:23.450262 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [.], seq 350808:352256, ack 481, win 341, options [nop,nop,TS val 2229237 ecr 1086157], length 1448 12:18:23.450983 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [P.], seq 352256:353504, ack 481, win 341, options [nop,nop,TS val 2229237 ecr 1086157], length 1248 12:18:23.451310 IP debian1.net.nt.ssh > 192.168.13.253.1471: Flags [P.], seq 356608:357856, ack 481, win 341, options [nop,nop,TS val 2229237 ecr 1079201], length 1248 12:18:23.452141 IP debian1.net.nt.ssh > 192.168.13.253.1471: Flags [.], seq 357856:359304, ack 481, win 341, options [nop,nop,TS val 2229237 ecr 1079201], length 1448^C 593 packets captured 1516 packets received by filter 893 packets dropped by kernel |
|
#^C
^C ^C^C ^C |
|
#tcpdump src 192.168.13.1 and dst 192.168.13.253 -w file1
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes ^C7 packets captured 7 packets received by filter 0 packets dropped by kernel |
|
#vim file1
|
|
#Oý¹VP^Záª<94>´6á<9c>vÞ<80>[^^Lû<9f>¤"<82><8e>÷<95>¬Á¸¥ó<93>3z¯^B^KÌ<9a>0^P0«ù<8dd
reading from file file1, link-type EN10MB (Ethernet) 12:18:37.220724 IP debian1.net.nt.ssh > 192.168.13.253.47187: Flags [.], seq 2263263113:2263264561, ack 653417901, win 552, options [nop,nop,TS val 2232680 ecr 9333322], length 1448 12:18:37.221312 IP debian1.net.nt.ssh > 192.168.13.253.47187: Flags [P.], seq 1448:2128, ack 1, win 552, options [nop,nop,TS val 2232680 ecr 9333322], length 680 12:18:37.221931 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [.], seq 820496935:820498383, ack 174582896, win 341, options [nop,nop,TS val 2232680 ecr 1087383], length 1448 12:18:37.222214 IP debian1.net.nt.ssh > 192.168.13.253.1486: Flags [P.], seq 1448:2128, ack 1, win 341, options [nop,nop,TS val 2232680 ecr 1087383], length 680 12:18:37.223260 IP debian1.net.nt.ssh > 192.168.13.253.1471: Flags [.], seq 2894858624:2894860072, ack 1206451294, win 341, options [nop,nop,TS val 2232680 ecr 1080430], length 1448 12:18:37.223679 IP debian1.net.nt.ssh > 192.168.13.253.1471: Flags [P.], seq 1448:2128, ack 1, win 341, options [nop,nop,TS val 2232680 ecr 1080430], length 680 12:18:37.224304 IP debian1.net.nt.ssh > 192.168.13.253.3260: Flags [P.], seq 1751465443:1751465571, ack 3419866075, win 341, options [nop,nop,TS val 2232680 ecr 10004557], length 128 |
|
#tcpdump src 192.168.13.1 and dst 192.168.13.253 -w file1
^C |
|
#ipfw list
65535 allow ip from any to any |
|
#ping 192.168.16.1
PING 192.168.16.1 (192.168.16.1): 56 data bytes ^C --- 192.168.16.1 ping statistics --- 2 packets transmitted, 0 packets received, 100.0% packet loss |
|
#^C
|
|
#netstat -l
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost.localdom:smtp *:* LISTEN tcp 0 0 *:38475 *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 ::1%3216620920:smtp [::]:* LISTEN udp 0 0 *:980 *:* udp 0 0 *:sunrpc *:* udp 0 0 *:36782 *:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 3352 /var/run/acpid.socket |
|
#ssh root@192.168.168.5
The authenticity of host '192.168.168.5 (192.168.168.5)' can't be established. DSA key fingerprint is 72:80:11:55:1d:55:f4:87:60:7f:15:2c:39:93:38:79. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.168.5' (DSA) to the list of known hosts. root@192.168.168.5's password: Linux debian3 2.6.32-5-686 #1 SMP Fri Sep 9 20:51:05 UTC 2011 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Tue Feb 14 10:14:40 2012 from 192.168.13.253 l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid |
|
#netstat -ln
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:38475 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN udp 0 0 0.0.0.0:980 0.0.0.0:* udp 0 0 0.0.0.0:111 0.0.0.0:* udp 0 0 0.0.0.0:36782 0.0.0.0:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 3352 /var/run/acpid.socket |
|
#netstat -lp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:ssh *:* LISTEN 1096/sshd tcp 0 0 localhost.localdom:smtp *:* LISTEN 1272/exim4 tcp 0 0 *:38475 *:* LISTEN 804/rpc.statd tcp 0 0 *:sunrpc *:* LISTEN 792/portmap tcp6 0 0 [::]:ssh [::]:* LISTEN 1096/sshd tcp6 0 0 ::1%3215598200:smtp [::]:* LISTEN 1272/exim4 udp 0 0 *:980 *:* 804/rpc.statd udp 0 0 *:sunrpc *:* 792/portmap udp 0 0 *:36782 *:* 804/rpc.statd Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 3352 972/acpid /var/run/acpid.socket |
|
#route
usage: route [-dnqtv] command [[modifiers] args] |
|
#route add -net 192.168.16.0/24 192.168.168.5
add net 192.168.16.0: gateway 192.168.168.5 |
|
#ping 192.168.16.1
PING 192.168.16.1 (192.168.16.1): 56 data bytes 92 bytes from 192.168.168.5: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 058d 0 0000 3f 01 3cc9 192.168.168.1 192.168.16.1 92 bytes from 192.168.168.5: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 0590 0 0000 3f 01 3cc6 192.168.168.1 192.168.16.1 92 bytes from 192.168.168.5: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 0596 0 0000 3f 01 3cc0 192.168.168.1 192.168.16.1 ... 4 5 00 5400 059e 0 0000 3f 01 3cb8 192.168.168.1 192.168.16.1 92 bytes from 192.168.168.5: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 05a4 0 0000 3f 01 3cb2 192.168.168.1 192.168.16.1 92 bytes from 192.168.168.5: Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 05ab 0 0000 3f 01 3cab 192.168.168.1 192.168.16.1 ^C --- 192.168.16.1 ping statistics --- 13 packets transmitted, 0 packets received, 100.0% packet loss |
|
#netstat -p
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 debian1.net.nt:ssh 192.168.13.253:1471 ESTABLISHED 1537/4 tcp 0 0 debian1.net.nt:ssh 192.168.13.253:3260 ESTABLISHED 1296/0 tcp 0 0 debian1.net.nt:ssh 192.168.13.253:1486 ESTABLISHED 1709/2 tcp 0 0 debian1.net.nt:ssh 192.168.13.253:47187 ESTABLISHED 1535/6 Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ] DGRAM 1876 249/udevd @/org/kernel/udev/udevd unix 7 [ ] DGRAM 3314 949/rsyslogd /dev/log unix 2 [ ] DGRAM 4750 1709/2 unix 2 [ ] DGRAM 4499 1535/6 unix 2 [ ] DGRAM 4408 1537/4 unix 2 [ ] DGRAM 3769 1296/0 unix 2 [ ] DGRAM 3348 972/acpid unix 3 [ ] DGRAM 1881 249/udevd unix 3 [ ] DGRAM 1880 249/udevd |
|
#netstat -nlp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1096/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1272/exim4 tcp 0 0 0.0.0.0:38475 0.0.0.0:* LISTEN 804/rpc.statd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 792/portmap tcp6 0 0 :::22 :::* LISTEN 1096/sshd tcp6 0 0 ::1:25 :::* LISTEN 1272/exim4 udp 0 0 0.0.0.0:980 0.0.0.0:* 804/rpc.statd udp 0 0 0.0.0.0:111 0.0.0.0:* 792/portmap udp 0 0 0.0.0.0:36782 0.0.0.0:* 804/rpc.statd Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 3352 972/acpid /var/run/acpid.socket |
|
#ssh root@192.168.168.5
root@192.168.168.5's password: Linux debian3 2.6.32-5-686 #1 SMP Fri Sep 9 20:51:05 UTC 2011 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Tue Feb 14 10:21:13 2012 from 192.168.168.1 l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid |
|
#cat /dev/urandom | nc -l -p 3000
ÿþ
ÿüØÿþ+ÿü;ÿþ]ÿüSÿþ{ÿüéÿþpÿüÿüÞÿþ§ÿüMÿþáÿþëÿþþÿþÿþMÿþ7ÿþ1ÿþMÿüÿþÒÿüØÿþ
ÿüÿügÿüÿþ´ÿüÿþ«ÿü]ÿþ|ÿþæÿüsÿüÿü_ÿþüÿþsÿþ.ÿüáÿü
ÿþ¥ÿüOÿüâÿûÿúPÿðÿþÿüÑÿüÿþ?ÿüsÿþÇÿþ5ÿü6ÿüÖÿüQÿþøÿüÿþÙÿþÿü5ÿüÜÿü/ÿþjÿþÿÿôÿýÿþ
ÿþtÿþhÿüÛÿþÆÿþøÿürÿü,ÿüãÿü8ÿüâÿþ1ÿüÄÿþÿþºÿü{ÿþyÿþÿüáÿþ(ÿþ ÿüÏÿügÿüÿüSÿüÆÿüÿüDÿüÿþ®ÿü×ÿüúÿü ÿþÏÿþéÿüUÿþÆÿü ÿüÃÿþÿüÿþvÿþ¿ÿþÿþ$ÿüÿüöÿþ ÿüóÿüÿü:ÿþÿþ¬ÿþÿþCÿüOÿüAÿÿüoÿüñÿü.ÿþ3ÿüYÿþôÿürÿüNÿþ}ÿþpÿþóÿþÿþOÿüFÿþûÿüOÿþnÿüÿü¹ÿþÿü³ÿü0ÿþÿþ6ÿüãÿþyÿü
ÿüêÿüÿþuÿýÿþÿüÿþÿþ7ÿüØÿþÿþ°ÿüMÿþÔÿüÜÿþÿþÛÿþ½ÿþ+ÿþµÿþùÿüÚÿþcÿþuÿüvÿþuÿüÔÿþþ¯ÿþÅÿüYÿüøÿþ(ÿüÍÿüSÿþÿþ}ÿüÕÿþáÿþÿúPÿðÿüZÿþÿü:ÿüùÿþÿÿþåÿþaÿüHÿþÆÿüöÿþÿüÿþÝÿüOÿþXÿüÙÿüÜÿüÖÿükÿûÿü¬ÿüÿþ%ÿüÚÿüÿÿþ,ÿþÿþLÿþÿþ8ÿüÇÿüµÿþÿÿü-ÿüBÿüÎÿþÿüQÿþhÿüÿþ2ÿþàÿüÝÿþRÿþ±ÿþÿþÿþGÿüpÿþÿþÿþ÷ÿþ¶ÿþ ÿþÿþÿü¯ÿþqÿþéÿþ9ÿüNÿþòÿü
ÿü<ÿüsÿüÿþÊÿþÿüõÿþÿüÿþÿþÿþÿþ³ÿükÿü¶ÿþËÿþÿüÝÿþ?ÿþÏÿüÿþÛÿþ)ÿüùÿþÿüÀÿþoÿþYÿþ~ÿþûÿþÿü¿ÿüÿüÜÿünÿüMÿü÷ÿügÿüºÿþÿÿüÿüÉÿüfÿüÿþÿüÿþÿüêÿüÂÿþÿüØÿü¿ÿü3ÿü£ÿüJÿþvÿþÿüÇÿüÿþ×ÿþ ÿüÿü<ÿýÿü6ÿü3ÿþ+ÿüÿüÿürÿüÄÿüÇÿþ(ÿþ ÿüÿü]ÿüÿüëÿüÁÿþÿþÆÿüDÿüÕÿüPÿþÿüÔÿþKÿþ@ÿüXÿüÿüCÿþ:ÿüÃÿþÈÿýÿþ¼ÿü¥ÿüÓÿüßÿü?ÿüaÿüÿüÃÿþ.ÿüÿû!ÿüýÿþÿþôÿÿ
ÿþ«ÿþCÿülÿü´ÿþêÿþ9ÿþÔÿþTÿü
ÿþgÿüÿþ?ÿüÿüúÿþêÿüÿü¹ÿþÿüxÿýÿüaÿþ
ÿüèÿü®ÿüoÿü9ÿüTÿþ
ÿþÜÿüYÿücÿþ ÿþqÿüóÿü¬ÿüÿýÿüùÿüDÿþ·ÿþ2ÿþÿü?ÿüÿþ+ÿü=ÿüXÿþÈÿü¥ÿþüÿþÿþµÿþÿü_ÿþÿü|ÿüÿþxÿþèÿþ_ÿþVÿþãÿü.ÿþ|ÿþsÿþJÿþFÿÿ
B
ÿðÿüÞÿþ;ÿþÿü}ÿü\ÿþtÿüÿþUÿþþÿþrÿüûÿü.ÿüÌÿü7ÿþõÿþÿü
ÿþøÿþÿþPÿþ9ÿþGÿþéÿüÂÿüÿüºÿüÿþÖÿü¨ÿþ;ÿüªÿüIÿþaÿþ_ÿü=ÿüÊÿþéÿü¸ÿþÖÿüiÿþ]ÿþHÿþÿüEÿüÉÿþ¦ÿüËÿþ}ÿþrÿþ)ÿüêÿþÿþhÿümÿþ<ÿþUÿþxÿþÙÿþÿþÿþ\ÿü2ÿþ]ÿü°ÿþiÿüÿüæÿüÿþüÿü»ÿþ»ÿü!ÿüXÿüéÿþ`ÿþ_ÿþ²ÿþ|ÿü¾ÿþ'ÿü&ÿþÿþÿûÿûÿúPÿðÿþëÿþoÿü÷ÿüÊÿþÜÿü´ÿü
ÿüÿü4ÿü@ÿþðÿþþÿþ
ÿþ ÿüÿþlÿüDÿþdÿþ©ÿüØÿþÿüÍÿþIÿþöÿû'ÿü_ÿüÿüÿþ,ÿþÿþ ÿüØÿþÌÿüÿüUÿüÇÿüÝÿþFÿþ]ÿþ(ÿüªÿû ÿüÜÿþ×ÿüåÿüÐÿþÿüîÿþkÿünÿü¡ÿüîÿüþÿþÿþÿþýÿþFÿþÔÿü[ÿüèÿüÿünÿþ,ÿücÿüoÿü´ÿü
ÿþÿüêÿüÿþcÿþkÿûÿþëÿþÎÿþ
ÿþ¦ÿþÿü1ÿþÿüÛÿü^C
|
|
#ping 192.168.16.16
PING 192.168.16.16 (192.168.16.16): 56 data bytes 64 bytes from 192.168.16.16: icmp_seq=0 ttl=64 time=1.619 ms 64 bytes from 192.168.16.16: icmp_seq=1 ttl=64 time=2.292 ms ^C --- 192.168.16.16 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 1.619/1.955/2.292/0.337 ms |
|
#vim /etc/rc.conf
|
|
#ssh root@192.168.168.1
Password:
Last login: Tue Feb 14 12:20:05 2012 from 192.168.64.1
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 7.4-RELEASE (GENERIC) #1: Sun Feb 12 15:17:17 EET 2012
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.
...
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
Removing stale pidfile
|
|
#ping ya.ru
PING ya.ru (77.88.21.3): 56 data bytes 64 bytes from 77.88.21.3: icmp_seq=0 ttl=55 time=24.834 ms 64 bytes from 77.88.21.3: icmp_seq=1 ttl=55 time=24.745 ms 64 bytes from 77.88.21.3: icmp_seq=2 ttl=55 time=24.936 ms 64 bytes from 77.88.21.3: icmp_seq=3 ttl=55 time=30.628 ms 64 bytes from 77.88.21.3: icmp_seq=4 ttl=55 time=25.042 ms 64 bytes from 77.88.21.3: icmp_seq=5 ttl=55 time=24.790 ms 64 bytes from 77.88.21.3: icmp_seq=6 ttl=55 time=25.908 ms 64 bytes from 77.88.21.3: icmp_seq=7 ttl=55 time=24.521 ms 64 bytes from 77.88.21.3: icmp_seq=8 ttl=55 time=25.622 ms ... 64 bytes from 77.88.21.3: icmp_seq=59 ttl=55 time=25.510 ms 64 bytes from 77.88.21.3: icmp_seq=60 ttl=55 time=26.334 ms 64 bytes from 77.88.21.3: icmp_seq=61 ttl=55 time=25.477 ms 64 bytes from 77.88.21.3: icmp_seq=62 ttl=55 time=26.596 ms 64 bytes from 77.88.21.3: icmp_seq=63 ttl=55 time=25.396 ms 64 bytes from 77.88.21.3: icmp_seq=64 ttl=55 time=24.954 ms ^C --- ya.ru ping statistics --- 65 packets transmitted, 65 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 24.479/27.985/76.271/6.614 ms |
|
#ssh 192.168.168.5
The authenticity of host '192.168.168.5 (192.168.168.5)' can't be established. RSA key fingerprint is 3e:c3:8c:6f:e8:92:5b:31:dd:04:d2:51:48:57:c9:99. Are you sure you want to continue connecting (yes/no)? y Please type 'yes' or 'no': yes Warning: Permanently added '192.168.168.5' (RSA) to the list of known hosts. root@192.168.168.5's password: Linux debian3 2.6.32-5-686 #1 SMP Fri Sep 9 20:51:05 UTC 2011 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Tue Feb 14 11:43:17 2012 from 192.168.13.253 l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid |
|
#^C
ping 192 |
|
#ping ya.ru -f
usage: ping [-AaDdfnoQqRrv] [-c count] [-G sweepmaxsize] [-g sweepminsize]
[-h sweepincrsize] [-i wait] [-l preload] [-M mask | time] [-m ttl]
[-P policy] [-p pattern] [-S src_addr] [-s packetsize] [-t timeout]
[-W waittime] [-z tos] host
ping [-AaDdfLnoQqRrv] [-c count] [-I iface] [-i wait] [-l preload]
[-M mask | time] [-m ttl] [-P policy] [-p pattern] [-S src_addr]
[-s packetsize] [-T ttl] [-t timeout] [-W waittime]
[-z tos] mcast-group
|
|
#ping -f ya.ru
PING ya.ru (213.180.204.3): 56 data bytes .........................................^C. --- ya.ru ping statistics --- 2459 packets transmitted, 2417 packets received, 1.7% packet loss round-trip min/avg/max/stddev = 24.594/60.163/258.167/40.838 ms |
|
#ping -f -s 1024 ya.ru
PING ya.ru (213.180.193.3): 1024 data bytes .............^C --- ya.ru ping statistics --- 1108 packets transmitted, 1095 packets received, 1.2% packet loss round-trip min/avg/max/stddev = 24.126/34.959/128.241/7.558 ms |
|
#ping -f -s 10240 ya.ru
PING ya.ru (93.158.134.203): 10240 data bytes .................................^C. --- ya.ru ping statistics --- 864 packets transmitted, 830 packets received, 3.9% packet loss round-trip min/avg/max/stddev = 38.660/102.242/482.561/57.440 ms |
|
#ping -i 10 ya.ru
PING ya.ru (93.158.134.3): 56 data bytes 64 bytes from 93.158.134.3: icmp_seq=0 ttl=56 time=24.487 ms 64 bytes from 93.158.134.3: icmp_seq=1 ttl=56 time=24.923 ms 64 bytes from 93.158.134.3: icmp_seq=2 ttl=56 time=25.726 ms ^C --- ya.ru ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 24.487/25.045/25.726/0.513 ms |
|
#ssh 192.168.168.5
root@192.168.168.5's password: Linux debian3 2.6.32-5-686 #1 SMP Fri Sep 9 20:51:05 UTC 2011 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Tue Feb 14 12:26:19 2012 from 192.168.64.1 l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid |
|
#^C
|
|
#ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. ^C --- 8.8.8.8 ping statistics --- 7 packets transmitted, 0 received, 100% packet loss, time 6004ms |
|
#ping 8.8.8.8 -v
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. ^C --- 8.8.8.8 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1007ms |
|
#ping -i 10 -c 4 ya.ru
PING ya.ru (87.250.251.3): 56 data bytes 64 bytes from 87.250.251.3: icmp_seq=0 ttl=56 time=27.724 ms 64 bytes from 87.250.251.3: icmp_seq=1 ttl=56 time=25.297 ms 64 bytes from 87.250.251.3: icmp_seq=2 ttl=56 time=25.446 ms 64 bytes from 87.250.251.3: icmp_seq=3 ttl=56 time=25.325 ms --- ya.ru ping statistics --- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 25.297/25.948/27.724/1.027 ms |
|
#ping 8.8.8.8 -vv
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. ^C --- 8.8.8.8 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4017ms |
|
#ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. Write failed: Broken pipe |
|
#ping -I 192.168.168.1 ya.ru
ping: -I, -L, -T flags cannot be used with unicast destination |
|
#man ping
|
|
#ping -I re2 ya.ru
ping: invalid multicast interface: `re2' |
|
#ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. ^C --- 8.8.8.8 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4003ms |
|
#ping ya.ru
PING ya.ru (87.250.250.3) 56(84) bytes of data. ^C --- ya.ru ping statistics --- 4 packets transmitted, 0 received, 100% packet loss, time 3000ms |
|
#exit
exit Connection to 192.168.168.1 closed. |
|
#ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. ^C --- 8.8.8.8 ping statistics --- 9 packets transmitted, 0 received, 100% packet loss, time 8001ms |
|
#Write failed: Broken pipe
|
|
#ping ya.ru
PING ya.ru (213.180.204.3) 56(84) bytes of data. ^C --- ya.ru ping statistics --- 9 packets transmitted, 0 received, 100% packet loss, time 8002ms |
|
#exit
exit Connection to 192.168.168.5 closed. |
|
#ssh 192.168.168.5
root@192.168.168.5's password: Linux debian3 2.6.32-5-686 #1 SMP Fri Sep 9 20:51:05 UTC 2011 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Tue Feb 14 12:44:47 2012 from 192.168.168.1 l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid l3-agent is already running: pid=1362; pidfile=/root/.lilalo/l3-agent.pid |
|
#ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=47 time=51.4 ms 64 bytes from 8.8.8.8: icmp_req=2 ttl=47 time=50.5 ms 64 bytes from 8.8.8.8: icmp_req=3 ttl=47 time=43.9 ms 64 bytes from 8.8.8.8: icmp_req=4 ttl=47 time=44.1 ms 64 bytes from 8.8.8.8: icmp_req=5 ttl=47 time=111 ms 64 bytes from 8.8.8.8: icmp_req=6 ttl=47 time=44.1 ms 64 bytes from 8.8.8.8: icmp_req=7 ttl=47 time=44.0 ms 64 bytes from 8.8.8.8: icmp_req=8 ttl=47 time=187 ms 64 bytes from 8.8.8.8: icmp_req=9 ttl=47 time=43.8 ms 64 bytes from 8.8.8.8: icmp_req=10 ttl=47 time=44.0 ms 64 bytes from 8.8.8.8: icmp_req=11 ttl=47 time=43.9 ms ^C --- 8.8.8.8 ping statistics --- 11 packets transmitted, 11 received, 0% packet loss, time 10014ms rtt min/avg/max/mdev = 43.848/64.491/187.517/43.350 ms |
|
#man app
|
|
#apt-get install iptraf
Чтение списков пакетов... Готово Построение дерева зависимостей Чтение информации о состоянии... Готово НОВЫЕ пакеты, которые будут установлены: iptraf обновлено 0, установлено 1 новых пакетов, для удаления отмечено 0 пакетов, и 0 пакетов не обновлено. Необходимо скачать 165 kБ архивов. После данной операции, объём занятого дискового пространства возрастёт на 741 kB. Получено:1 http://ftp.ua.debian.org/debian/ squeeze/main iptraf i386 3.0.0-7 [165 kB] Получено 165 kБ за 2с (61,9 kБ/c) Выбор ранее не выбранного пакета iptraf. (Чтение базы данных ... на данный момент установлено 29426 файлов и каталогов.) Распаковывается пакет iptraf (из файла .../iptraf_3.0.0-7_i386.deb)... Обрабатываются триггеры для man-db ... Настраивается пакет iptraf (3.0.0-7) ... |
|
#apt-get install tcpdump
Чтение списков пакетов... Готово Построение дерева зависимостей Чтение информации о состоянии... Готово НОВЫЕ пакеты, которые будут установлены: tcpdump обновлено 0, установлено 1 новых пакетов, для удаления отмечено 0 пакетов, и 0 пакетов не обновлено. Необходимо скачать 376 kБ архивов. После данной операции, объём занятого дискового пространства возрастёт на 901 kB. Получено:1 http://ftp.ua.debian.org/debian/ squeeze/main tcpdump i386 4.1.1-1 [376 kB] Получено 376 kБ за 2с (151 kБ/c) Выбор ранее не выбранного пакета tcpdump. (Чтение базы данных ... на данный момент установлено 29500 файлов и каталогов.) Распаковывается пакет tcpdump (из файла .../tcpdump_4.1.1-1_i386.deb)... Обрабатываются триггеры для man- |