Chapter 5: Network Apply 5.1 Common Network Commands In the Red Hat Linux 7.1 system, it provides a network-related tool. Mastering these tools are necessary: Class: Setting tool 1.netconf: NetConf is provided by Red Hat Linux Part of LinuxConf is mainly used to set parameters related to the network. It can run under consLle (text menu) or run in X-WINDOW (graphical interface). In front, we introduced some of NetConf's applications, and its use is relatively simple, as long as you know the English above, so there is no more to say it here. BTW, if you set up x-window, use NetConf with the graphical interface, it will be more beautiful. 2. Ifconfig ifconfig is the most commonly used tool for displaying and setting up network devices. Where "if" is an abbreviation of "interface". It can be used to device network card status, or display the current settings. Below we will simply explain the common command combination: 1) Set the IP address of the first block to 192.168.0.1: ifconfig eth0 192.168.0.1 (Format: ifconfig network device name IP address) 2) Temporarily close or enable NIC: Close The first network card: ifconfig eth0 Down enables the first network card: ifconfig eth0 up 3) Set the subnet mask of the first network card to 255.255.255.0: ifconfig eth0 Netmask 255.255.255.0 (Format: ifconfig network device name Netmask Net mask) We can also set IP addresses and subnet masks at the same time: ifconfig eth0 192.168.0.1 Netmask 255.255.255.0 4) Set the broadcast address of the first network card to 192.168.0.255: ifconfig eth0 -Broadcast 192.168.0.255 5) Set the first block to the non-receiving data packet: ifconifg eth0 allMulti If you want to receive it, use the command: ifconfig eth0 -allmulti 6) View the status of the first network card: ifconfig eth0 If you want to see all NIC status If you use the ifconfig command without parameters directly. The status information of ifconfig output is very useful. Here, we will make a brief explanation: There are several status comparison: ?? UP / DOWN: The network card is started, if it is Down, then it is certainly unused; ?? RX The number of ErrorS packages in Packets If you have a problem when you receive a problem; ?? The number of ErrorS packets in tx packets If you have a problem when you send it, you have a problem when you send it; 3.Route route command is used to view and set up Linux system routing information to implement communication with other networks. To achieve network communication between two different subnets, you need a gateway that connects two network routers or at the same time in two networks. In the Linux system, we usually set the route to address the following questions: This Linux machine has a gateway in a local area network, which allows your machine to access the Internet, then we need to set the IP address of this machine to The default route for the Linux machine.
1) Add a default route: Route Add 0.0.0.0 GW Gateway Address 2) Delete a default route: Route del 0.0.0.0 GW Gateway Address 3) Show current routing table ROUTE second Class: Diagnostic Tool 1.ping ping is a The most commonly used detection can be able to establish a network communication connection with the remote machine. It is implemented by Internet Control Packet Protocol ICMP. Some hosts are now filtered to ICMP. In this particular case, it is possible to make some host ping not pass, but can establish a network connection. This is a special case, which is described here. Similarly, all optional parameters of the ping command are not listed in the example, but through example, some commonly used combinations are needed, and they need to know more detailed, and can be obtained from the online training for www.linuxaid.com.cn website. . 1) Detection is normal: ping 192.168.0.1 ping www.linuxaid.com.cn That is, we can specify the machine with an IP address or domain name. 2) Specifying the number of ping responses is 4: Under Linux, if you do not specify the number of responses, the ping command will continue to send ICMP information to the remote machine. We can define the -c parameter: ping -c 4 192.168.0.1 3) Ping through a specific network card: Sometimes we need to detect a block (multiple blocks in the system) can ping the farm machine. We need to indicate when executing the ping command: ping -i eth0 192.168.0.1 2.traceroute If you don't ping universal machine, I want to know where it is, or you want to know your information to the remote machine. Which routers can use the traceroute command. As the name suggests: Trace is tracking, Route is routed, that is, tracking routes. Using this command is very simple: Traceroute Remote Host IP Address or Domain Name This command is similar: 1 Rouler (gateway) IP address access required time 1 Access required time 2 Access required time 3 2 Rouler (gateway) IP address Accessing time 1 Accessing time 2 Accessing time 3 ......... 1) The most advanced number representative "After the first few"; 2) The IP address of the router (gateway) is the IP address of "The station"; 3) Accessing time 1, 2, 3 refers to the time required to access this router (gateway). 3.NetStat In the Linux system, it provides a tool that views a powerful viewing network status: NetStat. It allows you to know the network of Linux systems.
1) Statistics each network device transmission, receive the data package: Use the command: netstat -i this command will output a table, including: ifce: Network interface name MTU: Maximum Transmission Unit RX-OK: How much is successful Package RX-ERR: How many error packages are received in the received package RX-DRP: How many packages are lost when receiving, how many collision packs TX-OK have received TX-ERR : How many error packages in the sending package TX-DRP: TX-OVR: TX-OVR: TX-OVR: Total a total of collision packs 2) Display network statistics use command: NetStat -s uses this command, Communication information in the form of IP, ICMP, TCP, UDP, TcPext will be statistically statistically in the form of a summary. 3) Display the network connection of the TCP transfer protocol: Use the command: NetStat -t output is also a table, including: local address: local address, format is an IP address: port number Foreign Address: Remote address, format Also IP address: port number state: connection status, including listen, established, time_wait, etc. 4) Only network connection using UDP: Use the command: NetStat -t output format is the same. 5) Display the routing table: Use the command: NetStat -r The output of this command is the same as the Route command. 5.2 Network Profile In Red Hat Linux 7.1, there are some files for storing network configuration: 1. (Tetc/Hosts) is stored in this file, a list of IP addresses and hostnames, if you point out some in this list The IP address of the station is not necessary to perform DNS analysis when accessing the host. 2./etc/host.conf This file is used to specify the order of the domain name resolution method, such as: ORDER HOSTS, BIND which description, first parse by / etc / hosts file, if there is no corresponding host name and IP address in this file The correspondence is parsed by the domain name server BIND. 3./etc/resolv.conf stores the IP address of the domain name server in this file. 4./etc/protocols Red Hat Linux 7.1 The system uses this file to identify this host, and the user should not modify the file by the mapping between the protocol and the protocol number. 5./etc/services This user is used to define an existing network service, and users do not need to modify it, which is usually maintained by programs that install the network service. This file includes a network service name, network port number, and useful protocol type, where there is a slash between the network port number and the protocol type used, and some service alias can be added to the final setting of the line. 5./etc/xinetd.d Directory There is a super service outd in the Linux system, most of the network services are started by it, such as Chargen, Echo, Finger, Talk, Telnet, Wu-ftpd, etc. The version between 7.0 It is configured in /etc/inetd.conf, after Red Hat 7.0, it changes to a xinetd.d directory.
In the xinetd.d directory, each service has a corresponding profile. We use Telnet as an example to explain the meaning of each configuration line: Service telnet {socket_type = stream wait = no user = root server = / usr / sbin /in.telnetd log_on_failure = Userid disable = yes} The first line describes the configuration to set the Telnet service. The second line shows that the Socket connection type is stream, which is the third line of TCP. It means that the startup completion of the fourth line is referring to the fifth line of the root user started the service process. Means that the service process is / usr / sbin / In.Telnetd six lines, it is used to do some error logs, refers to the disabled Telnet, if an open is required to change the configuration to: disable = no modified the XINETD configuration, you need to restart xinetd to take effect, There are two ways to implement: 1) Perform the following command: /etc/rc.d/init.d/xinetd Restart 2) Perform the following command: KILLALL-HUP XINETD 5.3 Network Service Access Limits Enhanced Network in Red Hat Linux 7.1 Safety prevention, if you are installed, the security level is not at the lowest level, then all access outside the unit may be rejected. This is because some default IPChains settings are made in Red Hat 7.1, which is a Linux built-in firewall mechanism that can use some rules to allow or disable access. Its rules are stored in the / etc / sysconfig / ipchains file, if you want it to temporarily do not take effect, then you can run /etc/rc.d/init.d/ipchains stop, then all rules are canceled, all Network access will be allowed. You can run /etc/rc.d/init.d/ipchains status to know the restrictions on network access. With regard to this knowledge, this article is limited to the space unable to introduce, interested readers can refer to the "Linux firewall" book. 5.4 Web Server is most suitable for server-only Apache, Red Hat Linux 7.1 integrates Apache 1.3.19 in Red Hat Linux 7.1, and you will automatically complete the installation of Apache servers as long as you select a web server during installation. By default, WWW services have been launched. If you don't have a web server package when you install, there is no relationship, you only need to perform the following command: 1) put the Red Hat Linux 7.1 Install the first place in the CD drive, then execute the following command: # mount / MNT / CDROM 2) Go to Apache Installation File Where: # cd / mnt / cdrom / redhat / rpms 3) Complete the installation using RPM: # rpm -ivh apache-1.3.19-5.i386.rpm now, you have Have a Linux-based web server, its configuration file is in the / etc / httpd / conf directory, you can make a corresponding modification as needed, after modifying: /etc/rc.d/init.d/httpd Restart I.e. The main directory of the web service is in the / var / www / html directory, you can update your web page to here.
And if each user wants to have a home page,: 1) First build a public_html directory in your user's home directory: # cd # mkdir public_html 2) Then change the permissions of your user's home directory to Everyone can read # chmod 755 User Home Catalog 3) This allows you to use LocalHost / ~ User Name / "to access the homepage of each user. 5.5 FTP Server Integrates WU-FTP 2.6.1 as an FTP server in Red Hat Linux 7.1, as long as you have an FTP package, then your Linux server is an FTP server, if there is no installation at the time There is no relationship, just like installing Apache: 1) put the Red Hat Linux 7.1 Install the first place to the CD drive, then execute the following command: # mount / mnt / cdrom 2) Go to the WU-FTP installation file where the directory is located: # CD / MNT / CDROM / RedHat / RPMS 3) Complete the installation using RPM: # rpm -ivh wu-ftp-2.6.1-16.i386.rpm Since the FTP service is created by the Xinetd Super Server, therefore on the FTP server Configure the wu-ftpd file in the /etc/xinetd.d directory: Service ftp {socket_type = stream wait = no user = root server = / usr / sbin / in.ftpd server_args = -l -a log_on_success = DURATION Userid log_on_failure = Userid nice = 10 disable = no} Next, we introduce some management methods for the FTP server: 1. There are two ways to temporarily turn off the FTP service to make FTP service pause: 1) Execute them as root: # ftpshut now A Shutmsg file will be generated in the / etc directory, and the FTP server will not be able to use until you delete this file. 2) Modify the configuration file /etc/xinetd.d/wu-ftpd, change disable = no to disable = yes, then restart Xinetd. 2. There are two ways to use FTP services from using FTP services. You can prohibit a user from using FTP servers: 1) Write this user account name in / etc / ftpuser 2) Write a line configuration in / etc / ftpaccess: DENY-UID The user name is also disabled by a group of users from using the Deny-GID group name 3. There are many ways to log in to the FTP server, but I think the simplest and effective way is to write anonymous. Profile: / etc / ftpuser is already. 5.6 File Server We can also use the Red Hat Linux 7.1 Samba for the Windows Hosts in the LAN for the WINDOWS host. If the SMB server package is selected when installing the system, then the Samba service has ready after installation. However, in order to facilitate configuration, it is recommended to install SWAT, which provides a configuration tool for a web interface. Its installation package is the second CD /RedHat/rpms/samba-swat-2.0.7-36.i386.rpm.
After installation, it will create a new SWAT file in the xinetd.d directory, its content is: service swat {port = 901 Socket_type = stream wait = no_from = 127.0.0.1 server = / usr / sbin / swat log_on_failure = userid disable = YES} We see the value of disable is YES, that is, SWAT is now not enabled, so we need to change it to disable = no, then restart XINTED. In addition, because there is a sentence here: "ONLY_FROM = 127.0.0.1 Description can only use SWAT in this unit, and if you want to configure it in Windows, please email or delete this sentence. Below, we use the HOMES directory that you can access as an example, indicating that the SWAT setting method: 1) Open the IE browser, enter Linux hostname or IP and ": 901" on the address bar, for example: http: //192.168.0.1:901 2) If the connection is normal, a login prompt window will enter the username and password, here to use root as the username, enter the password of the root user, then click OK; 3) If Input error, the Samba configuration interface appears: Swat's Home; We can see in the SWAT interface, the top has 7 icons, namely: Home, Global Settings, Shars, Printers, Status, View (View), Password (Password) 4) First, we click the GlobalS icon, which will appear in the global setting page, where we set the following: ?? BaseOption à Workgroup: In some input working group names (such as the working group name in NetBIOS) ?? BaseOption à Netbios Name: Host name? SECURITYOPTION à Security: Select the security level, select "Share" ?? SecurityOption à hosts allow: Allowed host I usually write your network number, such as 192.168.0. ?? SecurityOption à hosts deny: If you don't let a machine use, you write it after the IP address modification, click the "Commit Changes" button (at 7 Some of the icons below), save the settings.
