Quick Answer:
ip addr showshows your IP.ss -tlnpshows listening ports.dig example.comlooks up DNS.ping -c 4 1.1.1.1tests connectivity.traceroute example.comshows the path.curl -I example.comchecks HTTP.
IP Configuration
# Show all interfaces and IPs
ip addr show
ip a # Short form
# Show specific interface
ip addr show eth0
# Quick IP list
hostname -I
# Show public IP
curl -s ifconfig.me
curl -s icanhazip.com
curl -s ipinfo.io/ip
# Add IP to interface
ip addr add 192.168.1.100/24 dev eth0
# Remove IP
ip addr del 192.168.1.100/24 dev eth0
# Bring interface up/down
ip link set eth0 up
ip link set eth0 down
# Show link status
ip link show
# Show MAC address
ip link show eth0 | grep etherRouting
# Show routing table
ip route show
ip route # Short form
# Default gateway
ip route show default
# Add route
ip route add 10.0.0.0/24 via 192.168.1.1 dev eth0
# Delete route
ip route del 10.0.0.0/24
# Add default gateway
ip route add default via 192.168.1.1
# Trace route to host
traceroute example.com
traceroute -n example.com # No DNS resolution (faster)
# Better traceroute (requires install)
mtr example.com
mtr -n example.com # No DNS
mtr -r -c 10 example.com # Report mode, 10 pingsDNS Lookups
dig (Recommended)
# Basic lookup (A record)
dig example.com
# Short answer only
dig +short example.com
# Specific record type
dig example.com MX # Mail servers
dig example.com NS # Name servers
dig example.com TXT # TXT records
dig example.com AAAA # IPv6
dig example.com CNAME # Canonical name
dig example.com SOA # Start of authority
dig example.com ANY
# Note: Most public resolvers return incomplete results for ANY queries (RFC 8482) # All records
# Use specific DNS server
dig @1.1.1.1 example.com
dig @8.8.8.8 example.com
# Reverse DNS lookup
dig -x 1.2.3.4
# Trace DNS resolution path
dig +trace example.com
# Check all records (concise)
dig +short example.com ANYnslookup
# Basic lookup
nslookup example.com
# Use specific DNS server
nslookup example.com 1.1.1.1
# Reverse lookup
nslookup 1.2.3.4
# Specific record type
nslookup -type=MX example.com
nslookup -type=TXT example.comhost
# Simple lookup
host example.com
# Reverse lookup
host 1.2.3.4
# Specific record
host -t MX example.comPort and Connection Checking
ss (Modern, Replaces netstat)
# Listening TCP ports
ss -tlnp
# Listening UDP ports
ss -ulnp
# All connections (established + listening)
ss -tunap
# Connections to specific port
ss -tnp state established '( dport = :443 )'
# Count connections per state
ss -s
# Connections from specific IP
ss -tnp | grep 10.0.0.5
# Show timers
ss -tnpo| Flag | Meaning |
|---|---|
-t |
TCP |
-u |
UDP |
-l |
Listening only |
-n |
Numeric (no DNS resolution) |
-p |
Show process name |
-a |
All (listening + established) |
-s |
Summary statistics |
netstat (Legacy)
# Listening ports
netstat -tlnp
# All connections
netstat -tunap
# Routing table
netstat -rnTesting Ports
# Test if port is open (netcat)
nc -zv example.com 443
nc -zv -w 3 example.com 80 # With 3s timeout
# Test with curl
curl -v telnet://example.com:3306
# Scan port range (nmap)
nmap -p 80,443,8080 example.com
nmap -p 1-1000 example.com
nmap -sV example.com # Detect service versionsConnectivity Testing
# Ping
ping example.com
ping -c 4 example.com # 4 pings only
ping -i 0.2 example.com # Fast ping (0.2s interval)
ping -s 1472 example.com # Specific packet size (MTU test)
# Ping with timestamp
ping -D example.com
# Check if host is up without ping (TCP)
nc -zv -w 2 example.com 80
# Test HTTP connectivity
curl -sI https://example.com
curl -s -o /dev/null -w "%{http_code}" https://example.comPacket Capture (tcpdump)
# Capture all traffic on interface
tcpdump -i eth0
# Capture specific port
tcpdump -i eth0 port 80
tcpdump -i eth0 port 443
# Capture specific host
tcpdump -i eth0 host 10.0.0.5
# Capture with readable output
tcpdump -i eth0 -A port 80 # ASCII
tcpdump -i eth0 -X port 80 # Hex + ASCII
# Save to file (for Wireshark)
tcpdump -i eth0 -w capture.pcap
# Read from file
tcpdump -r capture.pcap
# Common filters
tcpdump -i eth0 src 10.0.0.5 # From specific source
tcpdump -i eth0 dst port 443 # To specific port
tcpdump -i eth0 'tcp[tcpflags] & tcp-syn != 0' # SYN packets only
tcpdump -i eth0 icmp # Ping packets only
# Limit capture
tcpdump -i eth0 -c 100 port 80 # Stop after 100 packets
# Don't resolve hostnames (faster)
tcpdump -i eth0 -nn port 80ARP and Neighbors
# Show ARP table (IP to MAC mapping)
ip neigh show
arp -a
# Find all devices on local network
arp-scan --localnet
# Or with nmap:
nmap -sn 192.168.1.0/24
# Clear ARP cache
ip neigh flush allBandwidth and Speed
# Test bandwidth between two machines (install iperf3 on both)
# Server:
iperf3 -s
# Client:
iperf3 -c server-ip
# With specific duration and parallel streams
iperf3 -c server-ip -t 30 -P 4
# Quick download speed test
curl -o /dev/null -w "Speed: %{speed_download} bytes/s\n" https://speed.cloudflare.com/__down?bytes=100000000
# Monitor bandwidth per interface
vnstat -l -i eth0 # Live
vnstat -d # Daily summaryFirewall Quick Reference
# UFW (simple)
ufw status
ufw allow 22/tcp
ufw allow 80/tcp
sudo ufw allow 443/tcp
ufw deny 3306
ufw enable
# iptables (advanced)
iptables -L -n # List rules
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -j DROP
# nftables (modern replacement)
nft list rulesetWireless
# Show wireless interfaces
iw dev
# Scan for networks
nmcli device wifi list
iwlist wlan0 scan | grep ESSID
# Connect to WiFi
nmcli device wifi connect "NetworkName" password "password"
# Show WiFi signal strength
iwconfig wlan0
watch -n 1 "iwconfig wlan0 | grep Signal"Quick Diagnostics Script
#!/bin/bash
echo "=== Network Diagnostics ==="
echo ""
echo "IP Addresses:"
ip -4 addr show | grep inet | grep -v 127.0.0.1
echo ""
echo "Default Gateway:"
ip route show default
echo ""
echo "DNS Servers:"
cat /etc/resolv.conf | grep nameserver
echo ""
echo "Ping Test:"
ping -c 2 1.1.1.1 2>&1 | tail -1
echo ""
echo "DNS Test:"
dig +short google.com
echo ""
echo "Listening Ports:"
ss -tlnp | grep -v "127.0.0" | head -10
echo ""
echo "Public IP:"
curl -s ifconfig.me