ndc iptables ip命令積累ing
阿新 • • 發佈:2019-01-31
1. adb shell ip route list ip route list //開啟WIFI連線熱點的資訊 default via 192.168.235.4 dev wlan0 metric 323 192.168.235.0/24 dev wlan0 proto kernel scope link src 192.168.235.139 metric 323 adb shell ndc interface getcfg wlan0 213 0 00:08:22:f0:c2:fc 192.168.235.87 24 up broadcast running multicast //開啟WIIF
2. adb shell ndc monitor [Connected to Netd] ===============================開啟WIFI↓============================= 600 Iface linkstate wlan%d down 600 Iface added wlan0 600 Iface linkstate wlan0 down 600 Iface added p2p0 600 Iface linkstate p2p0 down 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface linkstate p2p0 up 616 Route updated fe80::/64 dev p2p0 600 Iface linkstate p2p0 up 614 Address updated fe80::8:22ff:fee8:f187/64 p2p0 196 253 1 600 Iface linkstate p2p0 up 600 Iface linkstate p2p0 up 616 Route removed fe80::/64 dev p2p0 614 Address removed fe80::8:22ff:fee8:f187/64 p2p0 196 253 1 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 up 600 Iface linkstate wlan0 up 600 Iface linkstate wlan0 up 600 Iface linkstate wlan0 up 616 Route updated fe80::/64 dev wlan0 614 Address updated fe80::208:22ff:fee8:f187/64 wlan0 196 253 1 614 Address updated fe80::208:22ff:fee8:f187/64 wlan0 128 253 1 614 Address updated 192.168.235.178/24 wlan0 128 0 1 614 Address removed FE80::22/64 wlan0 01 01 -1 600 Iface linkstate wlan0 up 613 IfaceClass idle 1 267531533214684 613 IfaceClass active 1 267532932888607 0 613 IfaceClass idle 1 267547972768762 613 IfaceClass active 1 267557108031301 10116 ===============================開啟WIFI↑============================= ===============================關閉WIFI↓============================= 616 Route removed fe80::/64 dev wlan0 614 Address removed fe80::208:22ff:fee8:f187/64 wlan0 128 253 1 600 Iface linkstate p2p0 down 600 Iface linkstate wlan0 up 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface linkstate wlan0 down 600 Iface removed p2p0 600 Iface removed wlan0 ===============================關閉WIFI↑============================= ===============================開啟WIFI便攜熱熱點↓============================= 600 Iface linkstate wlan%d down 600 Iface added wlan0 600 Iface linkstate wlan0 down 600 Iface added ap0 600 Iface linkstate ap0 down 600 Iface linkstate wlan0 down 600 Iface linkstate ap0 up 616 Route updated fe80::/64 dev ap0 600 Iface linkstate ap0 up 614 Address updated fe80::8:22ff:febc:e88a/64 ap0 196 253 1 614 Address updated 192.168.43.1/24 ap0 128 0 1 614 Address updated fe80::8:22ff:febc:e88a/64 ap0 128 253 1 614 Address removed FE80::22/64 ap0 01 01 -1 ===============================開啟WIFI便攜熱熱點↑============================= ===============================關閉WIFI便攜熱熱點↓============================= 614 Address removed 192.168.43.1/24 ap0 128 0 1 600 Iface linkstate ap0 down 616 Route removed fe80::/64 dev ap0 614 Address removed fe80::8:22ff:febc:e88a/64 ap0 128 253 1 600 Iface removed ap0 600 Iface added p2p0 600 Iface linkstate p2p0 down 600 Iface linkstate wlan0 down 600 Iface removed p2p0 600 Iface removed wlan0 ===============================關閉WIFI便攜熱熱點↑=============================
3.
adb shell ndc interface list
adb shell ndc interface list
110 0 ip6tnl0
110 0 ccmni6
110 0 ccmni7
110 0 ccmni5
110 0 ccmni0
110 0 ccmni1
110 0 ccmni3
110 0 ccmni4
110 0 ccmni2
110 0 tunl0
110 0 sit0
110 0 ifb0
110 0 ifb1
110 0 lo
【110 0 wlan0】 //開啟才出現
【110 0 ap0】【110 0 wlan0】 //開啟熱點才出現
200 0 Interface list completed
4. adb shell ndc interface getcfg wlan0 adb shell ndc interface getcfg wlan0 213 0 00:00:00:00:00:00 0.0.0.0 0 down //未開啟WIIF 213 0 00:08:22:f0:c2:fc 192.168.235.87 24 up broadcast running multicast //開啟WIIF
5.iptables -t raw -L
【iptables 內部的表Table 鏈Chain 規則Rule】
【規則Rule的執行規則 1.檢查是否滿足條件Condition 2.滿足條件 執行Target 3.不滿足執行下一條Rule】
【預設定義的Target 1.ACCEPT 接收資料 2.DROP 丟棄資料包 3.RETURN 返回到Chain 略過後續Rule 4.QUEUE 資料返回到使用者空間】
iptables預設含有四張表 filter(預設) nat(網路地址轉換) mangle(修改包的資訊) raw(iptables高階操作)
iptables -t raw -L 【raw表的內容】
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
bw_raw_PREROUTING all -- anywhere anywhere
idletimer_raw_PREROUTING all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain bw_raw_PREROUTING (1 references)
target prot opt source destination
all -- anywhere anywhere owner socket exists
Chain idletimer_raw_PREROUTING (1 references)
target prot opt source destination
-----------------------------------------------------------------------------------
iptables -t filter -L 【filter 預設表】
Chain INPUT (policy ACCEPT) 【filter.INPUT 是處理目標位本機的資料包】
target prot opt source destination
bw_INPUT all -- anywhere anywhere
firewall all -- anywhere anywhere
fw_INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)【filter.FORWARD 處理需要本機轉發的資料包】
target prot opt source destination
oem_fwd all -- anywhere anywhere
fw_FORWARD all -- anywhere anywhere
bw_FORWARD all -- anywhere anywhere
natctrl_FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)【filter.OUTPUT 是處理本機器產生的資料包】
target prot opt source destination
huawei_firewall all -- anywhere anywhere
oem_out all -- anywhere anywhere
firewall all -- anywhere anywhere
fw_OUTPUT all -- anywhere anywhere
st_OUTPUT all -- anywhere anywhere
bw_OUTPUT all -- anywhere anywhere
Chain bw_FORWARD (1 references)
target prot opt source destination
Chain bw_INPUT (1 references)
target prot opt source destination 【當輸入輸出的資料超過2097152位元組 會從Kernel發出報警事件】
all -- anywhere anywhere ! quota globalAlert: 2097152 bytes
all -- anywhere anywhere owner socket exists
Chain bw_OUTPUT (1 references)
target prot opt source destination
all -- anywhere anywhere ! quota globalAlert: 2097152 bytes
all -- anywhere anywhere owner socket exists
Chain bw_costly_shared (0 references)
target prot opt source destination
bw_penalty_box all -- anywhere anywhere
Chain bw_happy_box (0 references)
target prot opt source destination
Chain bw_penalty_box (1 references)
target prot opt source destination
Chain firewall (2 references)
target prot opt source destination
mobile all -- anywhere anywhere
mobile all -- anywhere anywhere
mobile all -- anywhere anywhere
mobile all -- anywhere anywhere
mobile all -- anywhere anywhere
wifi all -- anywhere anywhere
Chain fw_FORWARD (1 references)
target prot opt source destination
Chain fw_INPUT (1 references)
target prot opt source destination
fw_standby all -- anywhere anywhere
Chain fw_OUTPUT (1 references)
target prot opt source destination
fw_standby all -- anywhere anywhere
Chain fw_dozable (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere owner UID match 0-9999
DROP all -- anywhere anywhere
Chain fw_standby (2 references)
target prot opt source destination
Chain huawei_firewall (1 references)
target prot opt source destination
wifi_reject_list all -- anywhere anywhere
wifi_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
mobile_reject_list all -- anywhere anywhere
Chain mobile (5 references)
target prot opt source destination
Chain mobile_reject_list (22 references)
target prot opt source destination
Chain natctrl_FORWARD (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain natctrl_tether_counters (0 references)
target prot opt source destination
Chain oem_fwd (1 references)
target prot opt source destination
Chain oem_out (1 references)
target prot opt source destination
Chain st_OUTPUT (1 references)
target prot opt source destination
Chain st_clear_caught (2 references)
target prot opt source destination
Chain st_clear_detect (0 references)
target prot opt source destination
REJECT all -- anywhere anywhere connmark match 0x2000000/0x2000000 reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere connmark match 0x1000000/0x1000000
CONNMARK tcp -- anywhere anywhere u32 "0x0>>0x16&[email protected]>>0x1a&[email protected]&0xffff0000=0x16030000&&0x0>>0x16&[email protected]>>0x1a&[email protected]&0xff0000=0x10000" CONNMARK or 0x1000000
CONNMARK udp -- anywhere anywhere u32 "0x0>>0x16&[email protected]&0xffff0000=0x16fe0000&&0x0>>0x16&[email protected]&0xff0000=0x10000" CONNMARK or 0x1000000
RETURN all -- anywhere anywhere connmark match 0x1000000/0x1000000
st_clear_caught tcp -- anywhere anywhere state ESTABLISHED u32 "0x0>>0x16&[email protected]>>0x1a&[email protected]&0x0=0x0"
st_clear_caught udp -- anywhere anywhere
Chain st_penalty_log (0 references)
target prot opt source destination
CONNMARK all -- anywhere anywhere CONNMARK or 0x1000000
NFLOG all -- anywhere anywhere
Chain st_penalty_reject (0 references)
target prot opt source destination
CONNMARK all -- anywhere anywhere CONNMARK or 0x2000000
NFLOG all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain wifi (1 references)
target prot opt source destination
Chain wifi_reject_list (2 references)
target prot opt source destination
-----------------------------------------------------------------------------------
iptables -t nat -L 【nat 網路地址轉換表】
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
oem_nat_pre all -- anywhere anywhere
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
natctrl_nat_POSTROUTING all -- anywhere anywhere
dualon_nat_POSTROUTING all -- anywhere anywhere
Chain dualon_nat_POSTROUTING (1 references)
target prot opt source destination
Chain natctrl_nat_POSTROUTING (1 references)
target prot opt source destination
Chain oem_nat_pre (1 references)
target prot opt source destination
-----------------------------------------------------------------------------------
iptables -t mangle -L 【mangle 修改包的資訊】
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
MARK all -- anywhere anywhere MARK set 0x30063
Chain FORWARD (policy ACCEPT)
target prot opt source destination
natctrl_mangle_FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
bw_mangle_POSTROUTING all -- anywhere anywhere
idletimer_mangle_POSTROUTING all -- anywhere anywhere
fw_mangle_POSTROUTING all -- anywhere anywhere
Chain CONNMARK1 (0 references)
target prot opt source destination
MARK all -- anywhere anywhere MARK set 0x5a
CONNMARK all -- anywhere anywhere CONNMARK save
Chain CONNMARK2 (0 references)
target prot opt source destination
MARK all -- anywhere anywhere MARK set 0x5b
CONNMARK all -- anywhere anywhere CONNMARK save
Chain bw_mangle_POSTROUTING (1 references)
target prot opt source destination
all -- anywhere anywhere owner socket exists
Chain dualon_mangle_OUTPUT (0 references)
target prot opt source destination
Chain fw_mangle_POSTROUTING (1 references)
target prot opt source destination
Chain idletimer_mangle_POSTROUTING (1 references)
target prot opt source destination
Chain natctrl_mangle_FORWARD (1 references)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN/SYN TCPMSS clamp to PMTU
6.iptables -t nat -A POSTROUTING -s 192.169.1.0/24 -o eth0 -j SNAT --to 1.2.3.4
【往nat表新增過濾資料】POSTROUTING路由後
更改來自 192.169.1.0/24的資料包的源IP地址為 1.2.3.4
iptables -t nat -A POSTROUTING -s 192.169.1.0/24 -o eth0 -j SNAT --to 1.2.3.4
更改來自 192.169.1.0/24的資料包的目的IP地址為 5.6.7.8
iptables -t nat -A PREROUTING -s 192.169.1.0/24 -i eth0 -j DNAT --to 5.6.7.8
adb shell
iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
oem_nat_pre all -- anywhere anywhere
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
natctrl_nat_POSTROUTING all -- anywhere anywhere
dualon_nat_POSTROUTING all -- anywhere anywhere
Chain dualon_nat_POSTROUTING (1 references)
target prot opt source destination
Chain natctrl_nat_POSTROUTING (1 references)
target prot opt source destination
Chain oem_nat_pre (1 references)
target prot opt source destination
------------------------------------------------------------------
130|[email protected]:/ # iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
oem_nat_pre all -- anywhere anywhere
DNAT all -- 192.169.1.0/24 anywhere to:5.6.7.8【新增的Rule】
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
natctrl_nat_POSTROUTING all -- anywhere anywhere
dualon_nat_POSTROUTING all -- anywhere anywhere
SNAT all -- 192.169.1.0/24 anywhere to:1.2.3.4 【新增的Rule】
Chain dualon_nat_POSTROUTING (1 references)
target prot opt source destination
Chain natctrl_nat_POSTROUTING (1 references)
target prot opt source destination
Chain oem_nat_pre (1 references)
target prot opt source destination
7.adb shell | cat /proc/net/dev
cat /proc/net/dev
cat /proc/net/dev
介面名: 接受的資料 傳送的資料
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
ccmni5: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ccmni0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ccmni6: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ccmni1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
wlan0: 112153 375 0 0 0 0 0 0 71800 267 0 0 0 0 0 0
p2p0: 0 0 0 0 0 0 0 0 168 2 0 0 0 0 0 0
ifb0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ccmni7: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ccmni2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ip6tnl0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ifb1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ccmni3: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
sit0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
lo: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ccmni4: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
tunl0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
相關推薦
ndc iptables ip命令積累ing
1. adb shell ip route list ip route list //開啟WIFI連線熱點的資訊 default via 192.168.235.4 dev wlan0 metric 323 192.168.235.0/24 dev wla
iptables 常用命令
iptables 源地址 eth pos port dport lin 0.10 mtu iptables service iptables save \\保存 iptables -F \\清空所有規則 iptables -F -t nat \\清空nat表
vim 命令積累
光標位置 命令 一個 選中 vim cnblogs 中一 冒號 .cn vim命令yy :復制光標所在的一行4yy :復制所在行開始向下的4行 p :粘貼dd :剪切 光標所在的這一行2dd :剪切 光標所在行向下 2行dw:剪切一個單詞 D:當前行的光標後的內
iptables簡單命令與應用
iptables 簡單命令 應用 配置文件目錄bash> vim /etc/sysconfig/iptablesWEB服務器,開啟80端口.bash> iptables -A INPUT -p tcp --dport 80 -j ACCEPT郵件服務器,開啟一組端口.bash>
adb命令積累(持續更新)
pct 執行 png 設備 span splay 選項 install stx 1、查看連接設備 adb devices 2、清除數據 adb shell pm clear com.wuba 3、安裝apk adb install 路徑 如何確定待測APP的包名: adb
linux-ip命令雜記
linux ip命令 配置網絡 雜記11.3 ip命令 11.3.1 ip 查看ip是由哪個rpm生成的 [root@localhost ~]# rpm -qf `which ip` iproute-2.6.32-32.el6_5.i686 查看iproute生成的文件 [root@localhost ~]#
Linux iptables常用命令
原文地址:https://www.cnblogs.com/ilinuxer/p/6364064.html 目錄 0.安裝ipatbles.service 1. 基本操作 檢視 IPTABLES 版本 檢視當前 IPTABLES 規則 檢視幫助 2. iptabl
第11課--11_04_Linux網絡配置之四 ifconfig及ip命令詳解
config linux 在線 自動分配 隨機 隨機生成 內核的功能 conf 而不是 一、備用DNS,主DNS是最快的。當主DNS不在線時才用備用DNS。而不是主DNS解析不出來的時候就。主的解析不出來,備用 的肯定也解析不出來,都是國際聯網的。二、DHCP(dynami
命令積累——11.18打卡
1. cat /proc/version ####### 顯示發行版本 2.ls -trF | grep -v \/ | tail -n 1 &nb
CentOs7無法使用ifconfig命令,只能用ip命令檢視及設定ip地址
ip [選項] 操作物件{link|addr|route...} # ip link show &n
Linux iptables常用命令的使用
為什麼會有本文 因為最近幫一個朋友佈署一個上網梯子,他那邊本來用的是v2ray,但是他想用ssr,但是安裝配置ssr過程中出了很多問題,比如linux核心版本4.9有點老,不支援bbr加速、無法連線socket、啟動了連線不上等一系列問題,趁著有時間,就幫他看看,幫他升級了核心,改的防火牆…… 在修改防火牆的
shell命令積累
1、ulimit 檢視資源大小限制(如core、stack、pipe等) ulimit -a 2、sysctl 核心執行時引數配置 如修改core檔案生成路徑名稱:
ip命令介紹
1、ip:show/manipulate routing, devices, policy routing and tunnels 1)說明:ifconfig命令已經廢棄。其功能可通過下文介紹的ip addr、ip link和ip -s link等命令代替。 2)常用語法:ip [
adb命令積累(遲到的更新)
15、檢視網路連線狀態 adb shell dumpsys wifi |grep "Wi-Fi is " 結果有兩種,如下, 連線WiFi狀態 Wi-Fi is enabled 未連線WiFi狀態 Wi-Fi is disabled
Android之——iptables常用命令
轉載:http://blog.csdn.net/l1028386804/article/details/47356011 iptables常用命令 常用命令列表: 命令 -A, --append 範例 iptables -A INPUT ... 說明 新增規則到某個
大資料技術相關啟動命令彙總ING...
目錄啟動命令 1. hadoop 2. zookeeper 3. hive 4. hbase 5. storm 6. kafka 1.hadoop啟動命令 格式化HDFS $ hdfs namenode -fo
ubantu命令積累
1. wget 網站檔案下載 wget -c <website> #從網址website下載檔案 -c 為了支援斷點傳輸 2.dpkg軟體安裝 sudo apt-get -f install 自動安裝依賴 dpkg (
linux命令總結之ip命令
Linux的ip命令和ifconfig類似,但前者功能更強大,並旨在取代後者。使用ip命令,只需一個命令,你就能很輕鬆地執行一些網路管理任務。ifconfig是net-tools中已被廢棄使用的一個命令,許多年前就已經沒有維護了。iproute2套件裡提供了許多增強功能的命令,ip命令即是其中之一。
Linux ip命令詳解
ip 是個命令, ip 命令的功能很多!基本上它整合了 ifconfig 與 route 這兩個命令,不過ip 的功能更強大! 如果您有興趣的話,請自行 vi /sbin/ifup 就知道整個 ifup 就是利用 ip 這個命令來實現的。下面介紹一下使用方法 [[ema
三、Linux/UNIX操作命令積累【gzip、jar、tar、find、crontab】
在使用Linux/UNIX下,經常會使用文字介面去設定系統或作業系統,作者本人在工作的過程也在不斷接觸這方面的命令,所以為此特醞釀、準備、開始了本文的編寫。本文主要記錄自己平時遇到的一