Linux Network Commands – A Complete List With Examples and Explanations

In today’s interconnected world, network management and troubleshooting have become crucial for maintaining efficient communication and ensuring the smooth operation of various services. Linux, a widely used operating system, offers a wealth of powerful network commands and tools that allow administrators and users to monitor, diagnose, and manage their network connections effectively.

This article provides an overview of some essential Linux network commands, covering their usage, syntax, and examples to help you better understand and utilize these versatile tools in your daily tasks or troubleshooting endeavors.

Linux Network Commands List

Linux network commands are essential tools for administrators and users to inspect, analyze, maintain, and troubleshoot networks connected to their systems. Here is a list of the fundamental Linux networking commands, followed by a brief description of each.

1. ifconfig – Configure and display network interface parameters.
2. ip – A versatile tool for managing IP addresses and routing.
3. traceroute – Display the path packets take to reach a network host.
4. tracepath – Similar to traceroute, but without requiring root privileges.
5. ping – Test network connectivity between hosts.
6. netstat – Display network connections, routing tables, and interface statistics.
7. lsof – List open files, including network connections, on a system.
8. ss – A modern replacement for netstat, display socket statistics.
9. nmap – Perform network scanning and security auditing.
10. iperf – Test network performance by measuring bandwidth and other parameters.
11. ethtool – Display and modify Ethernet card settings.
12. dig – Perform DNS queries and obtain information about DNS records.
13. nslookup – Query DNS servers for domain name or IP address information.
14. route – Show and manipulate the IP routing table.
15. host – Perform DNS lookups and display domain name or IP address information.
16. tshark – A command-line version of Wireshark for capturing and analyzing network traffic.
17. nc (netcat) – A versatile tool for reading and writing data across network connections.
18. nethogs – Display real-time bandwidth usage per process.
19. nmcli – Manage NetworkManager connections and settings via the command line.
20. arp – View and modify the kernel’s ARP table for IP-to-MAC address mappings.
21. iwconfig – Configure and display wireless network interface settings.
22. hostname – View and set the system’s hostname.
23. curl and wget – Download files from the internet using the command line.
24. mtr – A combination of ping and traceroute for continuous network diagnostics.
25. whois – Obtain detailed information about a website, including registration details.
26. ifplugstatus – Check if a cable is plugged into a network interface.
27. iftop – Monitor network traffic and bandwidth usage in real-time.
28. tcpdump – Capture and analyze network traffic for troubleshooting purposes.

These Linux network commands offer a wide range of options and functionalities, equipping you with a comprehensive toolkit to effectively manage and troubleshoot networks in Linux environments.

Linux Networking Commands Explained

Now, we’ll delve deeper into each of the commands with detailed explanation of their usage and clear examples.

1. ifconfig command

The ifconfig command is a tool you can use to configure network interfaces through the command line. It’s often used when a system starts up to set up these interfaces. You can use this command to give an IP address to a network interface, turn it on or off, and check various details like IP address, MAC address, and Maximum Transmission Unit (MTU) size.

Here’s how you can use ifconfig to see the status of all active network interfaces:

$ ifconfig

This will display information like this:

enp1s0    Link encap:Ethernet  HWaddr 28:d2:44:eb:bd:98  
          inet addr:192.168.0.103  Bcast:192.168.0.255  Mask:255.255.255.0
          ...
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          ...

To see all network interfaces, whether they’re active or not, use the -a flag:

$ ifconfig -a

If you want to assign an IP address to a network interface, run this command:

$ sudo ifconfig eth0 192.168.56.5 netmask 255.255.255.0

To turn on a network interface, use this command:

$ sudo ifconfig up eth0

And to turn it off, type this:

$ sudo ifconfig down eth0

Keep in mind that while ifconfig is a helpful tool, it’s now considered obsolete, and it’s been replaced by the ip command, which we’ll explain next.

2. ip command

The ip command is a versatile tool used for network interface configuration, replacing the older ifconfig command. It provides more features and is part of the iproute2 package. You can use the ip command to manage network interfaces, IP addresses, routing tables, and more.

Here’s how you can use the ip command to display the status of all network interfaces:

$ ip addr show

This will display information similar to this:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 28:d2:44:eb:bd:98 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.103/24 brd 192.168.0.255 scope global enp1s0
       valid_lft forever preferred_lft forever
    inet6 fe80::8f0c:7825:8057:5eec/64 scope link 
       valid_lft forever preferred_lft forever

To add an IP address to a network interface, run this command:

$ sudo ip addr add 192.168.56.5/24 dev eth0

To remove an IP address from a network interface, use this command:

$ sudo ip addr del 192.168.56.5/24 dev eth0

To activate a network interface, use this command:

$ sudo ip link set eth0 up

And to deactivate a network interface, type this:

$ sudo ip link set eth0 down

The ip command can also be used to manage routing tables. To display the routing table, use this command:

$ ip route show

These are just a few examples of what you can do with the ip command. It offers many more features for advanced network management and configuration.

3. traceroute command

Traceroute is a useful network diagnostic tool that displays the path that data packets take to reach a specific destination on the internet. By showing the route and time taken at each hop, it helps you identify network issues or routing problems.

If you want to deny a reverse DNS lookup, then add -n in the command syntax.

Typically, the traceroute command sends UDP packets, but it can also send TCP or ICMP packets.

To use traceroute with the default UDP packets, simply type the command followed by the destination (domain name or IP address):

$ traceroute example.com

Or, for an IP address:

$ traceroute 93.184.216.34

If you want to use ICMP packets instead, you can do so with the following command:

$ sudo traceroute -I example.com

To send TCP packets, use this command:

$ sudo traceroute -T example.com

The output will show a list of hops the packet takes to reach the destination, along with the time taken at each hop.

4. tracepath command

Tracepath is similar to traceroute but doesn’t require root privileges. It helps you find the network path to a destination, and it can also detect the Maximum Transmission Unit (MTU) size along the path.

To use tracepath, type the command followed by the destination (domain name or IP address):

$ tracepath example.com

Or, for an IP address:

$ tracepath 93.184.216.34

The output will show a list of hops the packet takes to reach the destination, along with the time taken at each hop and the MTU size.

5. ping command

Ping is a simple but powerful network tool that helps you check the connectivity between your computer and a remote host (such as a website, server, or another computer). It sends small data packets called “echo requests” to the target host, which then responds with “echo replies.” By doing this, you can determine whether the host is reachable and measure the round-trip time it takes for the packets to travel.

To use the ping command, type ping followed by the destination (domain name or IP address):

$ ping example.com

Or, for an IP address:

$ ping 93.184.216.34

A successful ping shows that there is a connection to the destination.

You can limit the number of packets sent by adding the -c option to the ping command, followed by the number of packets you want to send:

ping -c <number> <destination>

For example:

$ ping -c 5 example.com

The ping command is used to measure the average response time. If there is no response, it may indicate one or more of the following network issues:

1. A physical problem causing network loss.
2. An incorrect or dysfunctional destination address.
3. The ping request is being blocked by the target.
4. An issue with the routing table.

Note: The response time of the ping command depends on your system’s connection and the server’s location. If your connection is weak, you may experience a delay in the response.

6. netstat command

The netstat command in Linux is used for displaying network statistics. It provides various details about different network interfaces, including open sockets, routing tables, and connection information.

To use the netstat command, simply type:

$ netstat

The output will display a list of all the open sockets.

There are several variations of the netstat command that you can use for specific purposes:

1. To display the programs associated with open sockets, use the following command:

$ netstat -p

2. To get detailed statistics of all the ports, use this command:

$ netstat -s

3. To obtain information related to the routing table, use the following command:

$ netstat -r

These are just a few examples of the different ways you can use the netstat command to gather network statistics and information.

7. lsof command

The lsof command in Linux is a versatile utility for listing open files, including network sockets. It provides valuable information about the resources being used by various processes, which can be crucial when diagnosing network or system issues.

Usage of the lsof command can be tailored to display specific types of open files, such as network connections, by applying appropriate options and filters.

To display all open network connections, execute the following command:

$ lsof -i

The output will show a list of processes, their associated PIDs, users, file descriptors, and other details related to the network connections.

To filter the results by a specific protocol (e.g., TCP or UDP), use the following command:

$ lsof -i tcp

or

$ lsof -i udp

To list open files for a specific port number, use the following command:

$ lsof -i :<port_number>

Replace <port_number> with the desired port number (e.g., 80).

To list all open files for a specific process by its PID, use the following command:

$ lsof -p <PID>

Replace <PID> with the process ID you want to inspect.

In summary, the lsof command is a powerful tool for listing open files, including network sockets, on a Linux system. By employing this command with various options and filters, users can gain insights into the resources used by different processes, facilitating efficient system and network troubleshooting.

8. ss command

The ss command in Linux is a modern replacement for the netstat command, offering a faster and more informative alternative.

The improved performance of the ss command is due to its ability to fetch all the information directly from the kernel userspace.

To use the ss command, simply type:

$ ss

This command provides information about all TCP, UDP, and UNIX socket connections.

To display specific socket types, such as TCP, UDP, or UNIX sockets, use the -t, -u, or -x options, respectively. You can combine these with a to show both connected and listening sockets:

$ ss -ta
$ ss -ua
$ ss -xa

To display only the listening sockets for TCP, UDP, or UNIX sockets, combine the respective options with l:

$ ss -lt
$ ss -lu
$ ss -lx

To list all the established TCP sockets for IPv4, use the following command:

$ ss -t4 state established

To list all closed TCP sockets, use this command:

$ ss -t4 state closed

To display a list of all connected ports for a specific IP address, use the following command (replace XXX.XXX.XXX.XXX with the actual IP address):

$ ss dst XXX.XXX.XXX.XXX

These are just a few examples of how you can use the ss command to gather detailed information about network sockets and connections.

9. nmap command

The nmap command in Linux is a robust and versatile network scanner, widely used for network discovery, security auditing, and vulnerability assessment. By scanning hosts, networks, and services, it provides detailed information about network topology and potential security risks.

Here are some examples of how to use the nmap command:

1. Basic host scan:

To perform a basic scan of a single host, use the following command:

$ nmap <target>

Replace <target> with the desired hostname or IP address.

2. Scanning multiple hosts:

To scan multiple hosts, either provide a range of IP addresses or separate each target with a space:

$ nmap 192.168.1.1-10

or

$ nmap 192.168.1.1 192.168.1.2 192.168.1.3

3. Scanning a specific port or range of ports:

To scan specific ports or a range of ports, use the -p option:

$ nmap -p 80,443 <target>

or

$ nmap -p 1-1024 <target>

4. Scanning for a specific service version:

To identify the version of a particular service running on a host, use the -sV option:

$ nmap -sV -p <port> <target>

Replace <port> with the desired port number.

5. OS detection:

To detect the operating system of a target host, use the -O option:

$ nmap -O <target>

6. Stealth scan:

To perform a stealthier scan using the SYN flag, which is less likely to be detected by intrusion detection systems, use the -sS option:

$ nmap -sS <target>

Keep in mind that using nmap requires a proper understanding of network scanning techniques and their potential impact on target systems. Always ensure that you have the necessary permissions before scanning any network or system.

In conclusion, the nmap command is a powerful network scanning tool that offers a wide range of functionality for network discovery, security auditing, and vulnerability assessment. By mastering the various options and techniques available with nmap, users can effectively analyze and maintain network performance and security.

10. iperf command

iperf is a powerful network performance measurement tool used to test the bandwidth and quality of network connections. It can help determine the maximum achievable bandwidth on IP networks and diagnose potential network bottlenecks.

To perform a simple bandwidth test, you will need to run iperf on both the server and client sides. On the server side, use the following command:

$ iperf -s

On the client side, use the following command:

$ iperf -c <server_ip_address>

Replace <server_ip_address> with the IP address of the server running iperf.

You can customize the test duration, bandwidth, and other parameters using various options, as detailed in the iperf documentation.

11. ethtool command

ethtool is a command-line utility that enables users to query and control network device driver and hardware settings. It is particularly useful for configuring Ethernet devices, displaying network driver information, and troubleshooting network performance issues.

To display information about a network interface, use the following command:

$ ethtool <network_interface>

Replace <network_interface> with the desired network interface name (e.g., eth0).

To change the speed and duplex settings of a network interface, use the following command:

$ ethtool -s <network_interface> speed <speed> duplex <duplex>

Replace <speed> and <duplex> with the desired values.

For a complete list of options and their descriptions, consult the ethtool manual page by typing man ethtool.

12. dig command

The dig command in Linux stands for “Domain Information Groper.” This command is used for DNS lookups, querying DNS name servers, and troubleshooting DNS-related issues.

Dig is mainly used to verify DNS mappings, MX records, host addresses, and all other DNS records to better understand the DNS topology. It is an improved version of the nslookup command.

To use the dig command, simply type:

$ dig <domainName>

For example:

$ dig example.com

By default, the dig command outputs the A records. If you want to search specifically for MX or NS records, use the following syntax:

$ dig example.com MX

To retrieve all types of records at once, use the keyword ANY:

$ dig google.com ANY

The dig command performs queries on the servers listed in the /etc/resolv.conf file.

Of course, these are just some of the ways you can use the dig command to gather detailed information about domain names, DNS records, and network topologies.

13. nslookup command

The nslookup command in Linux is a network administration tool used for querying Domain Name System (DNS) servers to obtain domain name or IP address mappings, as well as other DNS records.

While the dig command is a more modern tool for DNS lookups, nslookup is still widely used and available on many systems.

To use the nslookup command, simply type:

$ nslookup <domainName>

For example:

$ nslookup google.com

This command will return the default A records associated with the domain name. If you want to search specifically for MX or NS records, you can specify the record type as follows:

$ nslookup -query=MX google.com

Or, for NS records:

$ nslookup -query=NS google.com

To perform a reverse DNS lookup (i.e., finding the domain name associated with an IP address), use the following syntax:

$ nslookup <IPAddress>

For example:

$ nslookup 8.8.8.8

This can be done with any online website.

14. route command

The route command in Linux is a network administration tool used for displaying and modifying the IP routing table on your system. This command allows you to manage how network traffic is routed between different network interfaces and remote networks.

To display the current routing table, simply type:

$ route

Or, for a more detailed view, use:

$ route -n

The -n option displays the routing table with IP addresses instead of hostnames, which can be more useful for troubleshooting purposes.

To add a new route, use the following syntax:

$ sudo route add -net <network_address> netmask <netmask> gw <gateway>

For example, to add a route for the network 192.168.1.0 with a netmask of 255.255.255.0 and a gateway of 192.168.1.1, you would enter:

$ sudo route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

To delete a route, use the following syntax:

$ sudo route del -net <network_address> netmask <netmask> gw <gateway>

For example, to remove the route previously added:

$ sudo route del -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

These are just a few examples of how you can use the route command to manage the IP routing table on your Linux system. It’s important to note that the route command is considered deprecated, and the modern replacement is the ip route command, which is part of the iproute2 package.

15. host command

The host command is like your go-to tool when you need to figure out the domain name associated with an IP address or find the IP address behind a specific domain name. It can also help you fetch other DNS-related info too.

Here’s how you’d use the host command with some examples:

host google.com
host 149.77.21.18

Easy-peasy, right? Now, let’s say you want to get more info about DNS resource records, like SOA, NS, A, PTR, CNAME, MX, or SRV. You can do this by combining the host command with the -t option. The syntax looks like this:

host -t <resourceName>

Just replace <resourceName> with the specific DNS record type you’re interested in, and you’re good to go.

The host command is a super handy tool in your Linux toolbox, especially for working with domain names, IP addresses, and DNS queries.

16. tshark command

tshark is a command-line network protocol analyzer, similar to Wireshark but without a graphical interface. It allows users to capture and analyze network traffic in real-time or from previously saved capture files.

To capture network traffic on a specific interface, use the following command:

$ tshark -i <network_interface>

Replace <network_interface> with the desired network interface name (e.g., eth0).

To read from a previously saved capture file, use the following command:

$ tshark -r <capture_file>

Replace <capture_file> with the path to the saved capture file.

For more information about available options and filters, consult the tshark manual page by typing man tshark.

17. nc (netcat) command

nc (netcat) is a versatile networking tool that can read and write data across network connections using TCP or UDP protocols. Due to its flexibility in performing various network-related tasks, such as port scanning, file transfers, and creating backdoors, it is often referred to as the “Swiss Army knife” of networking.

To create a simple TCP server listening on a specific port, use the following command:

$ nc -l <port>

Replace <port> with the desired port number.

To connect to a remote server using TCP, use the following command:

$ nc <remote_ip_address> <port>

Replace <remote_ip_address> with the IP address of the remote server and <port> with the desired port number.

For more information about available options and use cases, consult the nc manual page by typing man nc.

18. nethogs command

`nethogs` is a handy network monitoring tool that displays real-time bandwidth usage per process. It is useful for identifying which processes are consuming the most network bandwidth.

To run nethogs, simply type the following command:

$ sudo nethogs <network_interface>

Replace <network_interface> with the desired network interface name (e.g., eth0).

You can use various options to customize the output, such as sorting by sent or received traffic, as detailed in the nethogs documentation.

19. nmcli command

nmcli is a command-line client for managing NetworkManager, the default network management service in many Linux distributions. It allows users to view, configure, and control network connections and settings.

To display a list of available network connections, use the following command:

$ nmcli connection show

To bring up (activate) or bring down (deactivate) a network connection, use the following commands:

$ nmcli connection up <connection_name>
$ nmcli connection down <connection_name>

Replace <connection_name> with the name of the network connection you want to activate or deactivate.

For more information about available options and usage scenarios, consult the nmcli manual page by typing man nmcli.

20. arp command

The arp command in Linux stands for Address Resolution Protocol, which is utilized to view and modify the contents of the kernel’s ARP table. This command plays a crucial role in managing the relationship between IP addresses and their corresponding MAC addresses.

Here’s the basic syntax for the arp command:

arp

All systems maintain an ARP Lookup table, which contains a list of IP addresses and their associated MAC addresses. When attempting to connect to a destination using an IP address, the router checks the MAC address in this table. If the MAC address is already cached, the table will not be used.

By default, the arp command displays hostnames. If you prefer to display IP addresses instead, you can use the following command:

$ arp -n

It is also possible to delete entries from the ARP table, as demonstrated below:

$ arp -d HWADDR

Simply replace HWADDR with the hardware address (MAC address) that you want to delete from the ARP table.

In summary, the arp command is an essential tool for managing the ARP Lookup table in Linux, enabling users to view and manipulate the associations between IP addresses and their corresponding MAC addresses. By using this command, you can ensure the efficient operation of your network and improve overall connectivity.

21. iwconfig command

The iwconfig command in Linux is a valuable tool for configuring wireless network interfaces. It enables users to set and view essential Wi-Fi details, such as the Service Set Identifier (SSID) and encryption settings. To gain a deeper understanding of the iwconfig command, consult the corresponding man page. This can be done by simply executing the following command in the terminal:

man iwconfig

Here is the syntax for the iwconfig command:

iwconfig

When executed, the command will display the current configuration of wireless network interfaces on the system. The output will include information about the SSID, encryption settings, signal strength, and other related parameters.

In addition to simply viewing the configuration, iwconfig can also be used to modify settings for wireless interfaces. For example, to change the SSID for a specific interface, you can use the following command:

iwconfig <interface> essid <SSID>

Replace <interface> with the name of the wireless network interface (e.g., wlan0), and <SSID> with the desired SSID.

Similarly, the iwconfig command can be used to configure other wireless settings, such as the mode of operation, frequency, and encryption keys. To set the mode of operation for a specific interface, use the following command:

iwconfig <interface> mode <mode>

Replace <mode> with the desired mode, such as “Managed” or “Ad-hoc.”

In conclusion, the iwconfig command in Linux is a powerful tool for managing wireless network interfaces, providing users with the ability to view and configure crucial Wi-Fi settings. By utilizing this command, you can ensure optimal performance and security for your wireless connections.

22. hostname command

The hostname command in Linux is a straightforward utility for viewing and setting the hostname of a system. The hostname is a label that identifies a specific computer within a network and is used for various networking tasks.

Here is the syntax for the hostname command:

hostname

When executed, the command will display the current hostname of the system.

To modify the hostname, use the following syntax:

sudo hostname <newName>

Replace <newName> with the desired hostname. However, it is important to note that the hostname set using this command is not permanent. Upon reboot, the system will revert to the hostname specified in the relevant configuration file.

To permanently change the hostname, you must modify the appropriate configuration file on the server and then reboot the system.

For Ubuntu, edit the /etc/hostname file:

sudo nano /etc/hostname

For Red Hat Enterprise Linux (RHEL) and related distributions, edit the /etc/sysconfig/network file:

sudo nano /etc/sysconfig/network

Update the hostname in the corresponding file and save your changes. Once completed, reboot the system for the changes to take effect.

In summary, the hostname command in Linux allows users to view and set the hostname of a system. While the command can temporarily change the hostname, a permanent change requires modifying the appropriate configuration file and rebooting the system. This ensures the new hostname is consistently used across network communications and system processes.

23. curl & wget command

The curl and wget commands in Linux are both utilized for downloading files from the internet via the command-line interface (CLI). These commands offer a convenient way to fetch files, web pages, or other resources directly from a specified URL.

a) Curl

The curl command must be used in conjunction with the -O option to download a file. The syntax for the curl command is as follows:

curl -O <fileLink>

Replace <fileLink> with the URL of the file you wish to download. Here is an example of using the curl command to download a file:

curl -O https://example.com/path/to/file

b) Wget

The wget command, on the other hand, does not require any additional options to download a file. Simply provide the URL of the file as an argument. The syntax for the wget command is:

wget <fileLink>

Replace <fileLink> with the URL of the file you wish to download. Here is an example of using the wget command to download a file:

wget https://example.com/path/to/file

In summary, both curl and wget are powerful tools in Linux for downloading files from the internet through the command-line interface. While the curl command requires the -O option to download files, the wget command can be used directly with the URL. Utilize these commands to efficiently fetch files and resources from the web within your Linux environment.

24. mtr command

The mtr command in Linux is a versatile tool that combines the functionalities of the ping and traceroute commands. It continuously displays information about the packets sent, along with the round-trip time (RTT) for each hop in the network path. The mtr command is particularly useful for diagnosing network issues.

Here is the syntax for the mtr command:

mtr <path>

Replace <path> with the destination hostname or IP address. Here is an example of using the mtr command:

$ mtr google.com

This command will provide real-time information about the network path between the source system and the specified destination.

The mtr command can also be used with the --report option, which sends a fixed number of packets (10 by default) to each hop discovered along the route. This option generates a summary report that can be useful for analyzing network performance or identifying potential issues.

The syntax for using the mtr command with the --report option is as follows:

$ mtr --report <path>

Replace <path> with the destination hostname or IP address.

In conclusion, the mtr command in Linux is a powerful diagnostic tool that merges the capabilities of the ping and traceroute commands. By utilizing this command, you can gain valuable insights into network performance, monitor packet transmission, and troubleshoot potential issues within the network path.

25. whois command

The whois command in Linux is a valuable utility for retrieving comprehensive information about a website, including details about domain registration, ownership, and administrative contacts. By utilizing this command, you can gain insight into the background and administrative aspects of a particular website or domain.

Here is the syntax for the whois command:

whois <websiteName>

Replace <websiteName> with the domain name for which you would like to obtain information. Here is an example of using the whois command:

hois example.com

The output of the whois command will typically include the domain’s registration and expiration dates, the domain registrar, the registrant’s contact information, and administrative and technical contacts. Additionally, it may display details about the domain’s name servers, status, and other pertinent information.

In summary, the whois command in Linux serves as a valuable resource for gathering in-depth information about a website or domain, enabling users to access registration details, ownership data, and various other administrative elements.

26. ifplugstatus command

The ifplugstatus command in Linux allows users to verify whether a cable is connected to a network interface. Although this command is not directly available on Ubuntu, it can be installed using the following command:

sudo apt-get install ifplugd

To utilize the ifplugstatus command, simply execute it without any additional arguments:

ifplugstatus

The resulting output will indicate the connection status of each network interface. If the output displays “link beat detected,” it signifies that a cable is connected to the respective interface.

In conclusion, the ifplugstatus command is a useful tool for determining the physical connection status of network interfaces in Linux systems. By employing this command, users can quickly assess whether a cable is connected to a network interface, thereby facilitating efficient network troubleshooting and maintenance.

27. iftop command

The iftop command in Linux is a valuable utility for monitoring network traffic. It provides real-time information about network usage, allowing users to analyze bandwidth and identify potential bottlenecks.

To install iftop on your system, first, download the source code using the following command:

$ wget http://www.ex-parrot.com/pdw/iftop/download/iftop-0.17.tar.gz

This command will download a compressed archive. Extract its contents with the following command:

$ tar zxvf iftop-0.17.tar.gz

Next, navigate to the extracted directory, compile the source code, and install the iftop utility using the following commands:

$ cd iftop-0.17
$ ./configure
$ make
$ make install

To run iftop, execute the following command as a root user, specifying the network interface you wish to monitor:

$ sudo iftop -i <interface>

Replace <interface> with the desired network interface (e.g., eth0).

To display port information, use the -P option in the command:

$ sudo iftop -P

By default, iftop displays data in bits. To display the data in bytes, use the -B option:

$ iftop -B

In summary, the iftop command in Linux is a powerful tool for monitoring network traffic in real-time. By utilizing this utility, users can gain insights into their network usage, analyze bandwidth consumption, and troubleshoot potential network issues.

28. tcpdump command

The tcpdump command in Linux is a widely utilized tool for network analysis among various Linux networking commands. It captures and displays network traffic passing through a specified network interface, providing essential information for troubleshooting network issues.

Here is the basic syntax for the tcpdump command:

$ tcpdump -i <network_device>

Replace <network_device> with the desired network interface (e.g., eth0).

To filter the captured traffic by protocol (e.g., TCP, UDP, ICMP), specify the protocol in the command:

$ tcpdump -i <network_device> tcp

To filter by port number, use the following command:

$ tcpdump -i <network_device> port 80

Since tcpdump continues capturing and displaying packets until interrupted, you can limit the number of captured events to control the duration of execution:

$ tcpdump -c 20 -i <network_device>

Filter the captured traffic by source or destination IP address using the src or dst tags:

$ tcpdump -c 20 -i <network_device> src XXX.XXX.XXX.XXX

You can save the captured network traffic to a file for later analysis using the -w option:

a) Save to a file:

$ tcpdump -w /path/to/file -i <network_device>

b) Read from a saved file:

$ tcpdump -r /path/to/file

In conclusion, the tcpdump command is an indispensable tool for network analysis and troubleshooting in Linux. By employing this command, users can capture, filter, and analyze network traffic, enabling them to identify and resolve network-related issues efficiently.

Conclusion

Linux provides a comprehensive set of network commands that can be indispensable for monitoring, troubleshooting, and managing network connections. By becoming familiar with these commands and their various options, you can gain greater control over your network environment and address issues more efficiently.

The examples and explanations provided in this article serve as a starting point for exploring the wide range of network commands available in Linux. As you continue to practice and delve deeper into the subject, you will undoubtedly discover even more powerful features and techniques that can help you optimize your network performance and enhance your overall experience with Linux.