13 Linux tor konfigurasiýasy we näsazlyklary düzetmek buýruklary


Kompýuterler biri-biri bilen maglumat ýa-da çeşmeler alyşmak üçin tora birikdirilýär. Iki ýa-da has köp kompýuter kompýuter tory diýilýän tor mediasy arkaly birikdirilýär. Kompýuter toruny emele getirmek üçin bir topar tor enjamlary ýa-da metbugat bar.

Linux operasiýa ulgamy bilen ýüklenen kompýuter, köp adamly we köp ulanyjy häsiýetleri boýunça kiçi ýa-da uly tor bolsun, toruň bir bölegi bolup biler. Ulgamy we ulgamy goldamak we işlemek Ulgam/Tor Dolandyryjysynyň işi.

[Şeýle hem halamagyňyz mümkin: Sysadmin üçin 22 Linux Networking Commands]

Bu makalada, Linux-da ýygy-ýygydan ulanylýan tor konfigurasiýasyny we näsazlyklary düzetmek buýruklaryny gözden geçirmekçi.

1. ifconfig buýrugy

ifconfig (interfeýs konfiguratory) buýrugy interfeýsi başlamak, IP adresi interfeýs bellemek we isleg boýunça interfeýsi işletmek ýa-da öçürmek üçin ulanylýar.

Bu buýruk bilen interfeýsde bellenen IP adresi we enjam/MAC salgysyny, şeýle hem MTU (Maksimum geçiriş bölümi) ululygyny görüp bilersiňiz.

# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0C:29:28:FD:4C
          inet addr:192.168.50.2  Bcast:192.168.50.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe28:fd4c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6093 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4824 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:6125302 (5.8 MiB)  TX bytes:536966 (524.3 KiB)
          Interrupt:18 Base address:0x2000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:480 (480.0 b)  TX bytes:480 (480.0 b)

interfeýs (et0) buýrugy bilen ifconfig diňe IP adresi, MAC salgysy we ş.m. ýaly anyk interfeýs jikme-jikliklerini görkezýär, -a opsiýasy bilen, elýeterli bolsa interfeýs maglumatlarynyň hemmesini görkezer.

# ifconfig eth0

eth0      Link encap:Ethernet  HWaddr 00:0C:29:28:FD:4C
          inet addr:192.168.50.2  Bcast:192.168.50.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe28:fd4c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6119 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4841 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:6127464 (5.8 MiB)  TX bytes:539648 (527.0 KiB)
          Interrupt:18 Base address:0x2000

Uçuşdaky interfeýsde IP adresi we şlýuz bellemek. Ulgam täzeden açylan ýagdaýynda sazlama aýrylar.

# ifconfig eth0 192.168.50.5 netmask 255.255.255.0

Belli bir interfeýsi işletmek ýa-da öçürmek üçin mysal buýrugyny aşakdaky ýaly ulanýarys.

# ifup eth0
# ifdown eth0

Adaty MTU ululygy 1500. Aşakdaky buýruk bilen zerur MTU ululygyny düzüp bileris. XXXX ululygy bilen çalyşyň.

# ifconfig eth0 mtu XXXX

Tor interfeýsi diňe şol NIC-e degişli paketleri aldy. Interfeýsi aç-açan tertipde goýsaňyz, ähli paketleri alar. Paketleri ele almak we soňrak derňemek gaty peýdaly. Munuň üçin superuser girişini talap edip bilersiňiz.

# ifconfig eth0 - promisc

Täzelenme: ifconfig buýrugy häzirki zaman Linux paýlanyşlarynyň köpüsinde IP buýrugy bilen çalşyrylýar.

2. Ping buýrugy

Ping (Packet INternet Groper) buýrugy, iki düwüniň arasyndaky baglanyşygy barlamagyň iň oňat usulydyr. Areaerli meýdan tory (LAN) ýa-da giň meýdan tory (WAN) bolsun.

Ping beýleki enjamlar bilen habarlaşmak üçin ICMP (Internet Control Message Protocol) ulanýar. Aşakdaky buýruklary ulanyp, host adyny ýa-da ip adresini goýup bilersiňiz.

# ping 4.2.2.2

PING 4.2.2.2 (4.2.2.2) 56(84) bytes of data.
64 bytes from 4.2.2.2: icmp_seq=1 ttl=44 time=203 ms
64 bytes from 4.2.2.2: icmp_seq=2 ttl=44 time=201 ms
64 bytes from 4.2.2.2: icmp_seq=3 ttl=44 time=201 ms

OR

# ping linux-console.net

PING linux-console.net (50.116.66.136) 56(84) bytes of data.
64 bytes from 50.116.66.136: icmp_seq=1 ttl=47 time=284 ms
64 bytes from 50.116.66.136: icmp_seq=2 ttl=47 time=287 ms
64 bytes from 50.116.66.136: icmp_seq=3 ttl=47 time=285 ms

Linux ping buýrugynda kesilýänçä ýerine ýetiriň. -c opsiýasy bilen N sany haýyşdan soň çykyş (üstünlik ýa-da ýalňyşlyk jogap).

# ping -c 5 linux-console.net

PING linux-console.net (50.116.66.136) 56(84) bytes of data.
64 bytes from 50.116.66.136: icmp_seq=1 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=2 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=3 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=4 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=5 ttl=47 time=285 ms

--- linux-console.net ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4295ms
rtt min/avg/max/mdev = 285.062/285.324/285.406/0.599 ms

3. Traceroute buýrugy

traceroute, barmaly ýerine ýetmek üçin alnan hoplaryň sanyny görkezýän torda näsazlyklary düzetmek üçin peýdalydyr. Aşakda global DNS serwer IP adresine barýan ýoly yzarlaýarys we barmaly ýerine ýetip bilmek hem şol paketiň barýan ýoluny görkezýär.

# traceroute 4.2.2.2

traceroute to 4.2.2.2 (4.2.2.2), 30 hops max, 60 byte packets
 1  192.168.50.1 (192.168.50.1)  0.217 ms  0.624 ms  0.133 ms
 2  227.18.106.27.mysipl.com (27.106.18.227)  2.343 ms  1.910 ms  1.799 ms
 3  221-231-119-111.mysipl.com (111.119.231.221)  4.334 ms  4.001 ms  5.619 ms
 4  10.0.0.5 (10.0.0.5)  5.386 ms  6.490 ms  6.224 ms
 5  gi0-0-0.dgw1.bom2.pacific.net.in (203.123.129.25)  7.798 ms  7.614 ms  7.378 ms
 6  115.113.165.49.static-mumbai.vsnl.net.in (115.113.165.49)  10.852 ms  5.389 ms  4.322 ms
 7  ix-0-100.tcore1.MLV-Mumbai.as6453.net (180.87.38.5)  5.836 ms  5.590 ms  5.503 ms
 8  if-9-5.tcore1.WYN-Marseille.as6453.net (80.231.217.17)  216.909 ms  198.864 ms  201.737 ms
 9  if-2-2.tcore2.WYN-Marseille.as6453.net (80.231.217.2)  203.305 ms  203.141 ms  202.888 ms
10  if-5-2.tcore1.WV6-Madrid.as6453.net (80.231.200.6)  200.552 ms  202.463 ms  202.222 ms
11  if-8-2.tcore2.SV8-Highbridge.as6453.net (80.231.91.26)  205.446 ms  215.885 ms  202.867 ms
12  if-2-2.tcore1.SV8-Highbridge.as6453.net (80.231.139.2)  202.675 ms  201.540 ms  203.972 ms
13  if-6-2.tcore1.NJY-Newark.as6453.net (80.231.138.18)  203.732 ms  203.496 ms  202.951 ms
14  if-2-2.tcore2.NJY-Newark.as6453.net (66.198.70.2)  203.858 ms  203.373 ms  203.208 ms
15  66.198.111.26 (66.198.111.26)  201.093 ms 63.243.128.25 (63.243.128.25)  206.597 ms 66.198.111.26 (66.198.111.26)  204.178 ms
16  ae9.edge1.NewYork.Level3.net (4.68.62.185)  205.960 ms  205.740 ms  205.487 ms
17  vlan51.ebr1.NewYork2.Level3.net (4.69.138.222)  203.867 ms vlan52.ebr2.NewYork2.Level3.net (4.69.138.254)  202.850 ms vlan51.ebr1.NewYork2.Level3.net (4.69.138.222)  202.351 ms
18  ae-6-6.ebr2.NewYork1.Level3.net (4.69.141.21)  201.771 ms  201.185 ms  201.120 ms
19  ae-81-81.csw3.NewYork1.Level3.net (4.69.134.74)  202.407 ms  201.479 ms ae-92-92.csw4.NewYork1.Level3.net (4.69.148.46)  208.145 ms
20  ae-2-70.edge2.NewYork1.Level3.net (4.69.155.80)  200.572 ms ae-4-90.edge2.NewYork1.Level3.net (4.69.155.208)  200.402 ms ae-1-60.edge2.NewYork1.Level3.net (4.69.155.16)  203.573 ms
21  b.resolvers.Level3.net (4.2.2.2)  199.725 ms  199.190 ms  202.488 ms

4. Netstat buýrugy

Netstat (Network Statistic) buýrugy, baglanyşyk maglumatlary, marşrut tablisasy maglumatlary we ş.m. görkezýär.

# netstat -r

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.50.0    *               255.255.255.0   U         0 0          0 eth0
link-local      *               255.255.0.0     U         0 0          0 eth0
default         192.168.50.1    0.0.0.0         UG        0 0          0 eth0

Netstat buýrugynyň has köp mysallary üçin Linux-daky 20 Netstat buýruk mysallary baradaky öňki makalamyzy okaň.

Täzelenme: Netstat buýrugy häzirki zaman Linux paýlanyşlarynyň köpüsinde ss (soket statistikasy) buýrugy bilen çalşyrylýar.

5. Gaz buýrugy

Dig (domen maglumaty groper) DNS bilen baglanyşykly maglumatlary A Recordazgy, CNAME, MX Record we ş.m. soramak Bu buýruk esasan DNS bilen baglanyşykly talaplary çözmek üçin ulanylýar.

# dig linux-console.net; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> linux-console.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

Dig buýrugynyň has köp mysallary üçin DNS talap etmek üçin 10 Linux Dig buýrugy baradaky makalany okaň.

6. Nslookup buýrugy

nslookup buýrugy DNS bilen baglanyşykly talaplary tapmak üçin hem ulanylýar. Aşakdaky mysallarda linux-console.net sahypasynyň A ýazgysy (IP adresi) görkezilýär.

# nslookup linux-console.net
Server:         4.2.2.2
Address:        4.2.2.2#53

Non-authoritative answer:
linux-console.net canonical name = linux-console.net.
Name:   linux-console.net
Address: 50.116.66.136

Has köp Nslookup buýrugy üçin 8 Linux Nslookup buýruk mysallary baradaky makalany okaň.

7. Commol buýrugy

marşrut buýrugy ip marşrut tablisasyny hem görkezýär we dolandyrýar. Linux-da deslapky marşrut tablisasyny görmek üçin aşakdaky buýrugy ýazyň.

# route

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.50.0    *               255.255.255.0   U     0      0        0 eth0
link-local      *               255.255.0.0     U     1002   0        0 eth0
default         192.168.50.1    0.0.0.0         UG    0      0        0 eth0

Aşakdaky buýruklar bilen marşrutlary we deslapky şlýuzy goşmak, pozmak.

# route add -net 10.10.10.0/24 gw 192.168.0.1
# route del -net 10.10.10.0/24 gw 192.168.0.1
# route add default gw 192.168.0.1

8. Host buýrugy

IPv4 ýa-da IPv6-da IP ýa-da IP-den at tapmak we DNS ýazgylaryny gözlemek üçin host buýrugy.

# host www.google.com

www.google.com has address 173.194.38.180
www.google.com has address 173.194.38.176
www.google.com has address 173.194.38.177
www.google.com has address 173.194.38.178
www.google.com has address 173.194.38.179
www.google.com has IPv6 address 2404:6800:4003:802::1014

-t ulanyp, DNS Resurs ýazgylaryny CNAME, NS, MX, SOA we ş.m. tapmak üçin opsiýa.

# host -t CNAME www.redhat.com

www.redhat.com is an alias for wildcard.redhat.com.edgekey.net.

9. Arp buýrugy

ARP (Salgy çözgüdi protokoly) ýadrosyň ARP tablisalarynyň mazmunyny görmek/goşmak üçin peýdalydyr. Adaty tablisany görmek üçin buýrugy ulanyň.

# arp -e

Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.50.1             ether   00:50:56:c0:00:08   C                     eth0

10. Ettool buýrugy

ettool mii-guralyň çalyşmagydyr. Tor interfeýs kartyňyzyň (NIC) tizligini we ikitaraplaýyn görnüşini görmekdir. Duplexi ETHTOOL_OPTS üýtgeýjisi bilen/etc/sysconfig/network-scripts/ifcfg-eth0-da hemişelik düzüp bilersiňiz.

# ethtool eth0

Settings for eth0:
        Current message level: 0x00000007 (7)
        Link detected: yes

11. Iwconfig buýrugy

Linux-daky iwconfig buýrugy simsiz ulgam interfeýsini düzmek üçin ulanylýar. SSID kanaly we şifrlemek ýaly esasy Wi-Fi jikme-jikliklerini görüp we sazlap bilersiňiz. Has giňişleýin bilmek üçin iwconfig-iň adam sahypasyna ýüz tutup bilersiňiz.

# iwconfig [interface]

12. Host ady buýrugy

Host ady torda kesgitlemekdir. Gutyňyzyň host adyny görmek üçin host ady buýrugyny ýerine ýetiriň. Host adyny hemişelik/etc/sysconfig/torda belläp bilersiňiz. Dogry host adyny belläniňizden soň gutyny täzeden açmaly.

# hostname 

linux-console.net

13. Nmcli we Nmtui gurallary

Nmtui gurallary tor sazlamalaryny düzmek üçin ulanylýar we tor enjamlaryny dolandyrmak, Linux ulgamlarynda tor birikmelerini döretmek, üýtgetmek, işjeňleşdirmek/öçürmek üçin ulanylýar.

# nmcli
# nmtui

Bu makala Linux/Unix ýaly operasiýa ulgamlarynda Linux Network dolandyryjylaryny gündelik ulanmak üçin peýdaly bolup biler. Eger sypdyran bolsak, teswir gutusy arkaly paýlaşyň.