Day 6 : Mastering Linux Networking [ 10-Day Shell Scripting Challenge ]
Hi Amigos ! Welcome to the 6th day of our Shell Scripting Challenge. In this blog post, we are going to explore Linux networking concepts along with scripting to automate tasks
What is Networking ? The ability of a Linux system to communicate and exchange data with other systems over a network. This involves various protocols, configuration settings, and tools that enable networking functionality. Examples
| 1 | Configuring Network Interfaces : Allows users to configure network interfaces, such as Ethernet cards or Wi-Fi adapters, to connect to a network. This involves assigning IP addresses, netmasks, gateway addresses, and DNS servers
| 2 | Managing Firewall Rules : Administrators can use tools like iptables or firewalld to configure firewall rules. For example, to open port 80 (HTTP) for incoming traffic using iptables
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPTLet’s see few important commands
ifconfig : This command is used to configure network interfaces and display their current settings
ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9001
inet 172.31.15.197 netmask 255.255.240.0 broadcast 172.31.15.255
inet6 fe80::88e:dbff:fe8f:5f89 prefixlen 64 scopeid 0x20<link>
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 6553ping : This command is used to send ICMP echo requests to a specified network host to check if it’s reachable and measure the round-trip time
ping google.com
PING google.com (142.250.66.14) 56(84) bytes of data.
64 bytes from bom07s35-in-f14.1e100.net (142.250.66.14): icmp_seq=1 ttl=110 time=1.71 ms
64 bytes from bom07s35-in-f14.1e100.net (142.250.66.14): icmp_seq=2 ttl=110 time=1.81 ms
64 bytes from bom07s35-in-f14.1e100.net (142.250.66.14): icmp_seq=3 ttl=110 time=1.78 ms
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 1.706/1.767/1.813/0.044 msnetstat : This command displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 544 ip-172-31-15-197.ap:ssh 223.178.83.107:32136 ESTABLISHED
tcp 0 0 ip-172-31-15-197.ap:ssh 183.81.169.238:49179 SYN_RECV
tcp 0 0 ip-172-31-15-197.ap:ssh 59.22.201.194:4444 SYN_RECV
tcp6 0 0 [::]:ssh [::]:* LISTENnslookup : This command is used to query DNS servers to obtain domain name or IP address mapping or other DNS records
nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: google.com
Address: 142.250.192.78
Name: google.com
Address: 2404:6800:4009:81f::200eroute : This command is used to view and manipulate the IP routing table.
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.0.1 0.0.0.0 UG 100 0 0 eth0
172.31.0.0 0.0.0.0 255.255.240.0 U 100 0 0 eth0
172.31.0.1 0.0.0.0 255.255.255.255 UH 100 0 0 eth0
172.31.0.2 0.0.0.0 255.255.255.255 UH 100 0 0 eth0Let’s see an example for checking port availability, service details, checking IP, and managing the firewall
#!/bin/bash
# Function to check port availability
check_port() {
read -p "Enter the port number to check: " port
nc -zv localhost $port
}
# Function to list service details
list_service_details() {
read -p "Enter the service name: " service
systemctl status $service
}
# Function to check IP address availability
check_ip() {
read -p "Enter the IP address to check: " ip
ping -c 1 $ip
}
# Function to manage firewall rules
manage_firewall() {
read -p "Enter 'open' to open a port or 'allow' to allow an IP address: " action
if [ "$action" == "open" ]; then
read -p "Enter the port number to open: " port
sudo iptables -A INPUT -p tcp --dport $port -j ACCEPT
echo "Port $port opened."
elif [ "$action" == "allow" ]; then
read -p "Enter the IP address to allow: " ip
sudo iptables -A INPUT -s $ip -j ACCEPT
echo "IP address $ip allowed."
else
echo "Invalid action."
fi
}
# Main menu
while true; do
echo "Choose an option:"
echo "1. Check port availability"
echo "2. List service details"
echo "3. Check IP address availability"
echo "4. Manage firewall"
echo "5. Exit"
read -p "Enter your choice: " choice
case $choice in
1) check_port ;;
2) list_service_details ;;
3) check_ip ;;
4) manage_firewall ;;
5) exit ;;
*) echo "Invalid option";;
esac
doneOutput :
Choose an option:
1. Check port availability
2. List service details
3. Check IP address availability
4. Manage firewall
5. Exit
# Option 1
Enter your choice: 1
Enter the port number to check: 80
Connection to localhost (127.0.0.1) 80 port [tcp/http] succeeded!
Choose an option:
1. Check port availability
2. List service details
3. Check IP address availability
4. Manage firewall
5. Exit
# Option 2
Enter your choice: 2
Enter the service name: apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2024-04-10 17:22:13 UTC; 1min 10s ago
Docs: https://httpd.apache.org/docs/2.4/
Main PID: 2640 (apache2)
Tasks: 55 (limit: 1121)
Memory: 4.9M
CPU: 34ms
CGroup: /system.slice/apache2.service
├─2640 /usr/sbin/apache2 -k start
├─2642 /usr/sbin/apache2 -k start
└─2643 /usr/sbin/apache2 -k start
Apr 10 17:22:13 ip-172-31-15-197 systemd[1]: Starting The Apache HTTP Server...
Apr 10 17:22:13 ip-172-31-15-197 systemd[1]: Started The Apache HTTP Server.
# Option 3
Enter your choice: 3
Enter the IP address to check: 112.
ping: 112.: Temporary failure in name resolution
Choose an option:
1. Check port availability
2. List service details
3. Check IP address availability
4. Manage firewall
5. Exit
# Option 4
Enter your choice: 4
Enter 'open' to open a port or 'allow' to allow an IP address: allow
Enter the IP address to allow: 11
IP address 11 allowed.
Choose an option:
1. Check port availability
2. List service details
3. Check IP address availability
4. Manage firewall
5. Exit
# Invalid
Enter your choice: open
Invalid option
Choose an option:
1. Check port availability
2. List service details
3. Check IP address availability
4. Manage firewall
5. Exit
# Option 4
Enter your choice: 4
Enter 'open' to open a port or 'allow' to allow an IP address: open
Enter the port number to open: 32
Port 32 opened.
Choose an option:
1. Check port availability
2. List service details
3. Check IP address availability
4. Manage firewall
5. Exit
# Option 5
Enter your choice: 5That’s a wrap! Thanks for reading. Loads of love to you and your family ❤️
