Guia de redes
Short Description
Download Guia de redes...
Description
Instituto Superior de Ciências do Trabalho e da Empresa
SISTEMAS DE COMUNICAÇÃO INTEGRADOS
UIÃO Levantamento Parcial da Rede Informática do ISCTE
Docente: Professor Doutor Miguel Dias
Discente: João Nascimento
Lisboa, 11 de Abril de 2001
Sistemas de Comunicação Integrados
Guião
ÍNDICE I. Introdução ............................................ ................................................................... .............................................. .............................................. ................................1 .........1 II. Aplicação dos Comandos (Dos) ........................................... .................................................................. ............................................2 .....................2 ANEXO I - Comandos Utilizados (Dos) ........................................... .................................................................. ..................................21 ...........21 1. ARP (Address Resolution Protocol) ........................................................ .............................................. 22 2. Ping........................................................................................................................................................22 3. Route......................................................................................................................................................23 4. FTP (File Transfer Protocol)..................................................................................................................25 5. TELNET (File Transfer Protocol)..........................................................................................................25 6. IPCONFIG.............................................................................................................................................26 7. TRACERT ........................................................ ............................................................ .........................26 ......................... 26 8. NETSTAT..............................................................................................................................................27 9. Nslookup................................................................................................................................................27
ANEXO II - Comandos Utilizados (Unix) ............................................ ................................................................... ..............................29 .......29 FTP .............................................................. .............................................................. ................................ 30 TRACEROUTE.........................................................................................................................................39 ARP............................................................................................................................................................43 NSLOOKUP(1C).......................................................................................................................................46 PING..........................................................................................................................................................50 NVRAM ..................................................... ............................................................ ................................... 54 IFCONFIG.................................................................................................................................................55 NETSTAT..................................................................................................................................................57 TELNET ..................................................... ............................................................ ................................... 59
ANEXO III .......................................... ............................................................... ........................................... ........................................... .......................................69 ..................69 ANEXO IV ......................................... ................................................................ ............................................. ............................................ ......................................99 ................99 ANEXO V .......................................... ................................................................. ............................................. ............................................ ....................................108 ..............108
Mestrado em Gestão de Sistemas de Informação
2000/2001
i
Sistemas de Comunicação Integrados
Guião
I. Introdução Este trabalho é o resultado da realização, passo a passo, do Guião proposto para o levantamento parcial da rede informática do ISCTE. Após um breve momento de familiarização com os comandos próprios para conseguir realizar as tarefas incluídas no guião, deu-se início aos trabalhos. A rede do ISCTE encontra-se baseada na família de protocolos TCP/IP, apesar de ligar equipamentos informáticos utilizando pelo menos os sistemas operativos UNIX, Windows NT e LINUX. Por este motivo foram utilizados os comandos: Ao nível do MS-Dos: ftp, telnet, Ping, tracert, arp, ipconfig, netstat, nslookup e route. Qualquer informação mais detalhada sobre qualquer um destes comandos, pode ser encontrada no Anexo I – Comandos Utilizados (MS-Dos). A nível do UNIX: Ping, traceroute, arp, nvram, ifconfig e netstat. Qualquer informação mais detalhada sobre qualquer um destes comandos, pode ser encontrada no Anexo II – Comandos Utilizados (Unix). Dado que o sistema operativo não disponibiliza informação em português, não foi possível realizar a tradução do texto em tempo útil, pelo que a Lista de comandos Unix encontra-se em Inglês. Os comandos utilizados em UNIX são idênticos aos utilizados em Dos, existindo as seguintes correspondências:
Comando em DOS ARP Ping Route FTP telnet IPConfig Tracert Netstat nslookup
Comando em UNIX arp ping ftp telnet ifconfig traceroute netstat nslookup
Mestrado em Gestão de Sistemas de Informação
2000/2001
Diferenças -
1
Sistemas de Comunicação Integrados
Guião
II. Aplicação dos Comandos (Dos) Questão 5. A pergunta 5 do guião pretende que, a partir do Dos, se faça a caracterização do computador onde o trabalho foi desenvolvido.
a) começando pela camada física, esta alínea pede explicitamente o endereço ETHERNET do computador. Este endereço, também conhecido por MAC Address (Medium Access Control Address – Endereço de Controlo de Acesso ao Meio), encontra-se definido ao nível físico do protocolo TCP/IP, sendo atribuído à placa de rede instalada no computador pelo fabricante da mesma. Este código é único no mundo, não existindo duas placas com Endereços MAC iguais. Para obter esta identificação a partir do MSDOS é necessário utilizado o comando IPCONFIG com a opção /ALL. Para poder responder a esta pergunta foi executado o comando: C:>IPCONFIG /ALL O resultado do comando foi: Windows NT IP Configuration
Host Name . . . . . . . . . : i0s05-14.students.iscte.pt DNS Servers . . . . . . . . : 10.10.10.2 193.136.188.1 Node Type . . . . . . . . . : Broadcast NetBIOS Scope ID. . . . . . : IP Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS Resolution Uses DNS : No Ethernet adapter RTL81391: Description . . . . . . . . : Realtek 8139-series PCI NIC
Physical Address. . . . . . : 00-4F-4E-00-0C-92 DHCP Enabled. . . . . . . . : Yes
IP Address. . . . . . . . . : 10.10.10.112 Subnet Mask . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . : 10.10.10.254 DHCP Server . . . . . . . . : 10.10.10.2 Lease Obtained. . . . . . . : Quarta-feira, 28 de Março de 2001 13:24:01 Lease Expires . . . . . . . : Quinta-feira, 29 de Março de 2001 09:24:01
Através deste quadro é possível dizer que o Endereço ETHERNET da placa de rede instalada no computador é 00-4F-4E-00-0C-92. Este valor é dado pela rubrica Physical Address.
b) Passando agora para um nível acima na pilha de protocolos TCP/IP, são pedidas informações da camada de rede. Em primeiro lugar o Número IP. Este número que é atribuído a um computador da rede, pelo administrador do sistema, ou pelo serviço DHCP identifica numericamente o computador perante a rede. É constituído por quatro segmentos de 8 bits cada, prefazendo 32 bits de informação. Ao serem traduzidos para base decimal, são apresentados num intervalo de 0 a 255. Mestrado em Gestão de Sistemas de Informação
2000/2001
2
Sistemas de Comunicação Integrados
Guião
O comando utilizado a nível do MS-DOS, para saber o endereço IP do computador é o mesmo que foi utilizado no ponto anterior (IPConfig /ALL). Através do resultado anteriormente, é possível obter o número pretendido no campo IP Address. Neste campo pode observar-se o número: 10.10.10.112. Pode então concluir-se que foi adoptado um número para redes privadas, dado que o endereço começa por 10. Este número é o resultado da conversão do código 00001010.00001010.00001010.01110000 em binário (código efectivamente tratado pelo computador) para o sistema decimal. De seguida é solicitada a Máscara de Rede. Esta configuração permite estabelecer subredes, estabelecendo divisões lógicas no interior de uma rede. O comando IPConfig /ALL também permite, neste ambiente (MS-DOS), saber a Máscara da Rede a que o computador está ligado. Através do campo Subnet Mask, no quadro anterior, obtém-se 255.255.255.0. É, portanto, uma rede tipo C, dado que apenas dispõe de 8 bits (último segmento a zero) dedicados a hosts (computadores) e os restantes (primeiros três segmentos a 255 – que em linguagem binário corresponde a 11111111) são utilizados para identificar a rede. Na sub-rede identificada, podem ser atribuídos endereços de IP entre 10.10.10.1 até ao 10.10.10.254. Isto porque a Máscara de Sub-rede é 255.255.255.0, o que quer dizer que os primeiros octetos (10.10.10) são fixos para os hosts que queiram pertencer à sub-rede e o último segmento pode variar. Como a composição de cada octeto tem um comprimento de 8 bits (8 dígitos binários), podem ser atribuídos número de 00000000 até 11111111. Em decimal 0 a 255. No entanto o 0 (em binário - 00000000) é atribuído à rede (10.10.10.0) e o 255 (em binário – 11111111) é o endereço broadcast (10.10.10.255), ou seja o endereço comum a todos os computadores (ao ser lançado na rede uma mensagem para este endereço todos os computadores farão a sua leitura). O nome DNS (Domain Name Server – Servidor de Nomes dos Domínios) do computador actual, é o nome pelo qual ele é conhecido na rede, em alternativa ao endereço de IP a ao MAC Address. Por uma questão de facilidade para os humanos em decorar nomes e não números criou-se este conceito. Esta identificação pode ser obtida também pelo comando anterior IPConfig /ALL. No campo Host Name, é possível ler i0s05-14.students.iscte.pt, que é, no fundo, o nome que está associado ao Endereço de IP 10.10.10.112. O número do router por defeito, ou seja, a identificação na rede do dispositivo a quem é entregue toda a informação enviada pelo computador actual para a rede, é também obtido no resultado do comando IPConfig /All. Este comando, devido à opção /ALL, devolve um grupo importante de informação. No campo Default Gateway, pode ler-se o que se pretende neste ponto, ou seja: 10.10.10.254. Este é o endereço responsável por reencaminhar correctamente a informação que sai do computador onde decorre a execução deste guião.
Mestrado em Gestão de Sistemas de Informação
2000/2001
3
Sistemas de Comunicação Integrados
Guião
Por fim, nesta questão é ainda solicitada informação adicional sobre o router por defeito. Neste caso o Nome, em vez do Endereço IP. Para se obter esta informação, o comando utilizado até aqui não basta. É necessário utilizar um outro – nslookup. Este permite traduzir (resolver) um determinado endereço IP para o Nome respectivo. De facto, ao executar este comando com um endereço IP é solicitado ao DNS Server (também visível através do comando IPConfig /all, como sendo 10.10.10.2 ou 193.136.188.1) o nome correspondente. Neste caso, para responder à questão foi necessário executar o comando: nslookup 10.10.10.254 , tendo-se obtido o seguinte resultado: nslookup 10.10.10.254 Server: socrates.students.iscte.pt Address: 10.10.10.2 Name: fwi.students.iscte.pt Address: 10.10.10.254
Isto permite dizer que o nome do Router por defeito é fwi.students.iscte.pt.
Questão 6. A pergunta 6 do guião pretende que se faça a caracterização do Servidor de Nomes de Domínio. Este é o elemento da rede que armazena uma tabela que relaciona o Endereço de IP dos computadores e o seu nome agradável ao utilizador. Este elemento é o responsável por determinar a localização do computador de destino de uma mensagem e de a encaminhar para ele através da rede. Para responder à questão colocada sobre o Nome do Servidor de Nomes de Domínio, existem, pelo menos, duas formas: utilizando o nslookup sobre um qualquer Endereço IP da rede, ou utilizar o comando nslookup sobre o endereço IP determinado através do IPConfig /all. No primeiro caso, basta olhar para o resultado do último comando executado anteriormente e retirar a primeira indicação de Server:. A segunda forma seria executar o comando nslookup 10.10.10.2 nslookup 10.10.10.2 Server: socrates.students.iscte.pt Address: 10.10.10.2 Name: socrates.students.iscte.pt Address: 10.10.10.2
Seja como for, o resultado obtido é o mesmo: socrates.students.iscte.pt
Mestrado em Gestão de Sistemas de Informação
2000/2001
4
Sistemas de Comunicação Integrados
Guião
A segunda questão colocada neste ponto do guião pretende que se proceda à identificação do Endereço IP do Servidor de Nomes de Domínio. Esta informação foi obtida anteriormente com o comando IPConfig /All, no campo DNS Servers como sendo 10.10.10.2. Ainda é possível observar que o Endereço de IP do Servidor de DNS Secundário é 193.136.188.1 . Fazendo o nslookup a este endereço, fica-se a saber que tem o nome iscte.iscte.pt.
Questão 7. A pergunta 7 do guião pretende que se identifique o endereço Ethernet do router por defeito, ou seja, pretende-se saber qual o endereço físico da placa de rede instalada no Router por defeito (e pela qual ele comunica). Para se obter a resposta a esta questão tem de se seguir um conjunto de passos: 1º realizar o Ping ao endereço IP (conhecido através do campo Default Gateway, do comando IPConfig /all, como sendo 10.10.10.254) desse elemento da rede, por forma a que os seus dados sejam armazenados na ARP Table e, posteriormente, através do comando arp –a, obter todos os dados dessa tabela (que agora incluem o do router por defeito. Os passos foram realizados e deram estes resultados: Ping 10.10.10.254 Pinging 10.10.10.254 with 32 bytes of data: Reply from 10.10.10.254: bytes=32 time route PRINT
d) Resultado Encaminhamentos activos: Endereço de rede Máscara Endereço de porta de ligação Interface 0.0.0.0 0.0.0.0 192.9.200.201 192.9.200.200 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 192.9.200.0 255.255.255.0 192.9.200.200 192.9.200.200 192.9.200.200 255.255.255.255 127.0.0.1 127.0.0.1 192.9.200.255 255.255.255.255 192.9.200.200 192.9.200.200 224.0.0.0 224.0.0.0 192.9.200.200 192.9.200.200 255.255.255.255 255.255.255.255 192.9.200.200 0.0.0.0
Mestrado em Gestão de Sistemas de Informação
2000/2001
24
Métrica 1 1 1 1 1 1 1
Sistemas de Comunicação Integrados
Guião
4. FTP (File Transfer Protocol) a) Função
Estabelece uma ligação de um computador (onde se executa o comando) a outro (remoto), para transferencia de ficheiros entre ambos.
b) Sintaxe do comando FTP [endere ço IP | Nome DNS]
c) Opções
Endereço IP Nome DNS
Número de identifica ção da m áquina a que se pretende ligar. Nome pelo qual o computador é conhecido na rede.
d) Resultado Entrada em modo comando, para executar ordens próprias do interpretador do FTP: ! delete literal prompt send ? debug ls put status append dir mdelete pwd trace ascii disconnect mdir quit type bell get mget quote user binary glob mkdir recv verbose bye hash mls remotehelp cd help mput rename close lcd open rmdir
5. TELNET (File Transfer Protocol) a) Função
Estabelece uma ligação de um computador (onde se executa o comando) a outro (remoto), para execução de comandos de modo a comandar a máquina à distância.
b) Sintaxe do comando TELNET [endere ço IP| Nome DNS]
c) Opções
Endereço IP Nome DNS
Número de identifica ção da m áquina a que se pretende ligar. é Nome pelo qual o computador conhecido na rede.
d) Resultado Entrada em modo comando na máquina de endereço IP especificado, para executar ordens como se estivesse sentado em frente ela.
Mestrado em Gestão de Sistemas de Informação
2000/2001
25
Sistemas de Comunicação Integrados
Guião
6. IPCONFIG a) Função
Configuração IP do Windows 98.
b) Sintaxe do comando TELNET [endere ço IP| Nome DNS]
c) Opções /All
/Batch [fich] /renew_all /release_all /renew N /release N
Mostra informa ções detalhadas. Escreve num ficheiro ou ./WINIPCFG.OUT Renova todas as placas. Liberta todas as placas. Renova a placa N. Liberta a placa N.
em
d) Resultado Configuração IP do Windows 98 0 Ethernet adapter : Endereço IP. . . . . . . . . : 0.0.0.0 Máscara de sub-rede . . . . . . : 0.0.0.0 Porta de ligação predefinida. . : 1 Ethernet adapter : Endereço IP. . . . . . . . . : 192.9.200.200 Máscara de sub-rede . . . . . . : 255.255.255.0 Porta de ligação predefinida. . : 192.9.200.201
7. TRACERT a) Função
Faz o rasteio dos nós percorridos para chegar ao contacto com um computador definido.
b) Sintaxe do comando tracert [-d] [-h m áximo_saltos] [-j lista_anfitriões] [-w tempo de espera] nome_destino
c) Opções Não resolver endereços para nomes de anfitriões. -d -h máximo_de_saltos N.º máximo de saltos para procurar o destino.
-j lista_anfitriões -w tempo de espera
Encaminhamento de origem lato pela lista de anfitriões. Aguardar 'tempo de espera' milisegundos por cada resposta.
d) Resultado A rastear o encaminhamento para NOGUEIRO [192.9.200.151] até um máximo de 30 saltos:
Mestrado em Gestão de Sistemas de Informação
2000/2001
26
Sistemas de Comunicação Integrados
Guião
1 1 ms. $1 . Use the '\' character to prevent special treatment of the '$', '[', ']', and ',' characters. ntrans [ inchars [ outchars ] ] Set or unset the filename character translation mechanism. If no arguments are specified, the filename character translation mechanism is unset. If arguments are specified, characters in remote filenames are translated during mput commands and put commands issued without a specified remote target filename. If arguments are specified, characters in local filenames are translated during mget commands and get commands issued without a specified local target filename. This command is useful when connecting to a non-UNIX remote computer with different file naming conventions or practices. Characters in a filename matching a character in inchars are replaced with the corresponding character in outchars. If the character's position in inchars is longer than the length of outchars, the character is deleted from the file name. open host [ port ] Establish a connection to the specified host FTP server. An optional port number may be supplied, in which case, ftp will attempt to contact an FTP server at that port. If the auto-login option is on (default), ftp will also attempt to automatically log the user in to the FTP server (see below). prompt Toggle interactive prompting. Interactive prompting occurs during multiple file transfers to allow the user to selectively retrieve or store files. If prompting is turned off (default is on), any mget or mput will transfer all files, and any mdelete will delete all files. proxy ftp-command Execute an ftp command on a secondary control connection. This command allows simultaneous connection to two remote ftp servers for transferring files between the two servers. The first proxy command should be an open, to establish the secondary control connection. Enter the command "proxy ?" to see other ftp commands executable on the secondary connection. The following commands behave differently when prefaced by proxy: open will not define new macros during the auto-login process, close will not erase existing macro definitions, get and mget transfer files from the host on the primary control connection to the host on the secondary control connection, and put, mput, and append transfer files from the host on the secondary control connection to the host on the primary control connection. Third party file transfers depend upon support of the ftp protocol PASV command by the server on the secondary control connection.
Mestrado em Gestão de Sistemas de Informação
2000/2001
34
Sistemas de Comunicação Integrados
Guião
put local-file [ remote-file ] Store a local file on the remote machine. If remote-file is left unspecified, the local file name is used after processing according to any ntrans or nmap settings in naming the remote file. File transfer uses the current settings for type, format, mode, and structure. pwd
Print the name of the current working directory on the remote machine.
quit A synonym for bye. quote arg1 arg2 ... The arguments specified are sent, verbatim, to the remote FTP server. recv remote-file [ local-file ] A synonym for get. reget remote-file [ local-file ] Reget acts like get, except that if local-file exists and is smaller than remote-file, local-file is presumed to be a partially transferred copy of remote-file and the transfer is continued from the apparent point of failure. This command is useful when transferring very large files over networks that are prone to dropping connections. remotehelp [ command-name ] Request help from the remote FTP server. If a command-name is specified it is supplied to the server as well. remotestatus [ file-name ] With no arguments, show status of remote machine. If file-name is specified, show status of file-name on remote machine. rename [ from ] [ to ] Rename the file from on the remote machine, to the file to. reset Clear reply queue. This command re-synchronizes command/reply sequencing with the remote ftp server. Resynchronization may be necessary following a violation of the ftp protocol by the remote server. restart marker Restart the immediately following get or put at the indicated marker. On UNIX systems, marker is usually a byte offset into the file. rmdir directory-name Delete a directory on the remote machine. runique Toggle storing of files on the local system with unique filenames. If a file already exists with a name equal to the target local filename for a get or mget command, a ".1" is appended to the name. If the resulting name matches another existing file, a ".2" is appended to the original name. If this process continues up to ".99", an error message is printed, and the transfer does not take place. The generated unique filename will be reported. Note that
Mestrado em Gestão de Sistemas de Informação
2000/2001
35
Sistemas de Comunicação Integrados
Guião
runique will not affect local files generated from a shell command (see below). The default value is off. send local-file [ remote-file ] A synonym for put. sendport Toggle the use of PORT commands. By default, ftp will attempt to use a PORT command when establishing a connection for each data transfer. The use of PORT commands can prevent delays when performing multiple file transfers. If the PORT command fails, ftp will use the default data port. When the use of PORT commands is disabled, no attempt will be made to use PORT commands for each data transfer. This is useful for certain FTP implementations which do ignore PORT commands but, incorrectly, indicate they've been accepted. site arg1 arg2 ... The arguments specified are sent, verbatim, to the remote FTP server as a SITE command. size file-name Return size of file-name on remote machine. status Show the current status of ftp. struct [ struct-name ] Set the file transfer structure to struct-name. structure is used.
By default "stream"
sunique Toggle storing of files on remote machine under unique file names. Remote ftp server must support ftp protocol STOU command for successful completion. The remote server will report unique name. Default value is off. system Show the type of operating system running on the remote machine. tenex Set the file transfer type to that needed to talk to TENEX machines. trace Toggle packet tracing. type [ type-name ] Set the file transfer type to type-name. If no type is specified, the current type is printed. The default type is network ASCII. umask [ newmask ] Set the default umask on the remote server to newmask. is omitted, the current umask is printed.
If newmask
user user-name [ password ] [ account ] Identify yourself to the remote FTP server. If the password is not specified and the server requires it, ftp will prompt the user for it (after disabling local echo). If an account field is not specified, and the FTP server requires it, the user will be prompted for it. If an account field is specified, an account command will
Mestrado em Gestão de Sistemas de Informação
2000/2001
36
Sistemas de Comunicação Integrados
Guião
be relayed to the remote server after the login sequence is completed if the remote server did not require it for logging in. Unless ftp is invoked with "auto-login" disabled, this process is done automatically on initial connection to the FTP server. verbose Toggle server when a of the
verbose mode. In verbose mode, all responses from the FTP are displayed to the user. In addition, if verbose is on, file transfer completes, statistics regarding the efficiency transfer are reported. By default, verbose is on.
? [ command ] A synonym for help. Command arguments which have embedded spaces may be quoted with quote (") marks. ABORTING A FILE TRANSFER To abort a file transfer, use the terminal interrupt key (usually CtrlC). Sending transfers will be immediately halted. Receiving transfers will be halted by sending a ftp protocol ABOR command to the remote server, and discarding any further data received. The speed at which this is accomplished depends upon the remote server's support for ABOR processing. If the remote server does not support the ABOR command, an "ftp>" prompt will not appear until the remote server has completed sending the requested file. The terminal interrupt key sequence will be ignored when ftp has completed any local processing and is awaiting a reply from the remote server. A long delay in this mode may result from the ABOR processing described above, or from unexpected behavior by the remote server, including violations of the ftp protocol. If the delay results from unexpected remote server behavior, the local ftp program must be killed by hand. FILE NAMING CONVENTIONS Files specified as arguments to ftp commands are processed according to the following rules. 1)
If the file name "-" is specified, the stdin (for reading) or stdout (for writing) is used.
2)
If the first character of the file name is "|", the remainder of the argument is interpreted as a shell command. Ftp then forks a shell, using popen(3) with the argument supplied, and reads (writes) from the stdout (stdin). If the shell command includes spaces, the argument must be quoted; e.g., ""| ls -lt"". A particularly useful example of this mechanism is: "dir |more".
3)
Failing the above checks, if ‘‘globbing'' is enabled, names are expanded according to the rules used in the the glob command. If the ftp command expects a single (e.g., put), only the first filename generated by the operation is used.
4)
For mget commands and get commands with unspecified local file names, the local filename is the remote filename, which may be altered by a case, ntrans, or nmap setting. The resulting filename may then be altered if runique is on.
5)
For mput commands and put commands with unspecified remote file
Mestrado em Gestão de Sistemas de Informação
2000/2001
local file csh(1); c.f. local file "globbing"
37
Sistemas de Comunicação Integrados
Guião
names, the remote filename is the local filename, which may be altered by a ntrans or nmap setting. The resulting filename may then be altered by the remote server if sunique is on. FILE TRANSFER PARAMETERS The FTP specification specifies many parameters which may affect a file transfer. The type may be one of "ascii", "image" (binary), "ebcdic", and "local byte size" (for PDP-10's and PDP-20's mostly). Ftp supports the ascii and image types of file transfer, plus local byte size 8 for tenex mode transfers. Ftp supports only the default values for the remaining file transfer parameters: mode, form, and struct. OPTIONS Options may be specified at the shell command line. Several options can be enabled or disabled with ftp commands. The -v (verbose on) option forces ftp to show all responses from the remote server, as well as report on data transfer statistics. The -n option restrains ftp from attempting "auto-login" upon initial connection. If auto-login is enabled, ftp will check the .netrc file (see below) in the user's home directory for an entry describing an account on the remote machine. If no entry exists, ftp will prompt for the remote machine login name (default is the user identity on the local machine), and, if necessary, prompt for a password and an account with which to login. The -i option turns off interactive prompting during multiple file transfers. The -d option enables debugging. The -g option disables file name globbing. THE .netrc FILE The .netrc file contains login and initialization information used by the auto-login process. It resides in the user's home directory. The following tokens are recognized; they may be separated by spaces, tabs, or new-lines: machine name Identify a remote machine name. The auto-login process searches the .netrc file for a machine token that matches the remote machine specified on the ftp command line or as an open command argument. Once a match is made, the subsequent .netrc tokens are processed, stopping when the end of file is reached or another machine or a default token is encountered. default This is the same as machine name except that default matches any name. There can be only one default token, and it must be after all machine tokens. This is normally used as: default login anonymous password user@site thereby giving the user automatic anonymous ftp login to machines not specified in .netrc. This can be overridden by using the -n flag to disable auto-login. login name Identify a user on the remote machine.
Mestrado em Gestão de Sistemas de Informação
2000/2001
If this token is present,
38
Sistemas de Comunicação Integrados
Guião
the auto-login process will initiate a login using the specified name. password string Supply a password. If this token is present, the auto-login process will supply the specified string if the remote server requires a password as part of the login process. Note that if this token is present in the .netrc file for any user other than anonymous, ftp will abort the auto-login process if the .netrc is accessible by anyone besides the user (see below for the proper protection mode.) account string Supply an additional account password. If this token is present, the auto-login process will supply the specified string if the remote server requires an additional account password, or the autologin process will initiate an ACCT command if it does not. Note that if this token is present in the .netrc file, ftp will abort the auto-login process if the .netrc is accessible by anyone besides the user (see below for the proper protection mode.) macdef name Define a macro. This token functions like the ftp macdef command functions. A macro is defined with the specified name; its contents begin with the next .netrc line and continue until a null line (consecutive new-line characters) is encountered. If a macro named init is defined, it is automatically executed as the last step in the auto-login process. The error message Error: .netrc file is readable by others. means the file is ignored by ftp because the file's password and/or account information is unprotected. Use chmod go-rwx .netrc to protect the file. SEE ALSO ftpd(1M) BUGS Correct execution of many commands depends upon proper behavior by the remote server. An error in the treatment of carriage returns in the 4.2BSD UNIX asciimode transfer code has been corrected. This correction may result in incorrect transfers of binary files to and from 4.2BSD servers using the ascii type. Avoid this problem by using the binary image type.
TRACEROUTE NAME traceroute - print the route packets take to a network host SYNOPSIS /usr/etc/traceroute [ -g addr ] [ -l ] [ -m max_ttl ] [ -n ] [ -p port ] [ -q nqueries ] [ -r ] [ -s src_addr ] [ -t tos ] [ -w waittime ] host [ datalen ] DESCRIPTION
Mestrado em Gestão de Sistemas de Informação
2000/2001
39
Sistemas de Comunicação Integrados
Guião
The Internet is a large and complex aggregation of network hardware, connected by gateways. Tracking the route your packets follow (or finding the miscreant gateway that's discarding your packets) can be difficult. traceroute utilizes the IP protocol ‘‘time-to-live'' (TTL) field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host. The only mandatory parameter is the destination host name or IP address. The default probe datagram length is 40 bytes, but this may be increased by specifying the additional length (in bytes) after the destination host name. The options are: -g
Enable the IP LSRR (Loose Source Record Route) option in addition to the TTL tests. This is useful for asking how somebody else, at addr, (either an IP address or a hostname) reaches a particular target.
-l
Print the value of the TTL field in each received packet (this can be used to help detect asymmetric routing).
-m
Set the maximum time-to-live (maximum number of hops) used in outgoing probe packets. The default is 30 hops.
-n
Print hop addresses numerically rather than symbolically and numerically (saves a nameserver address-to-name lookup for each gateway found on the path).
-p
Set the base UDP port number used in probes (default is 33434). traceroute hopes that nothing is listening on UDP ports base to base+nhops-1 at the destination host (so an ICMP PORT_UNREACHABLE message will be returned to terminate the route tracing). If something is listening on a port in the default range, this option can be used to pick an unused port range.
-q
Set the number of probe packets to send. The default is 3 packets.
-r
Bypass the normal routing tables and send directly to a host on an attached network. If the host is not on a directly attached network, an error is returned. This option can be used to ping a local host through an interface that has no route through it (for example, after the interface was dropped by routed(1M)).
-s
Use the following IP address (which must be given as a number, not a hostname) as the source address in outgoing probe packets. On hosts with more than one IP address, this option can be used to force the source address to be something other than the IP address of the interface the probe packet is sent on. If the IP address is not one of this machine's interface addresses, an error is returned and nothing is sent.
-t
Set the type-of-service (TOS) in probe packets to the following value (default zero). The value must be a decimal integer in the range 0 to 255. This option can be used to see if different typesof-service result in different paths. Not all values of TOS are legal or meaningful: see the IP RFC for definitions. Useful values are probably -t 16 (low delay) and -t 8 (high throughput).
-v
Verbose output. Received ICMP packets other than TIME_EXCEEDED and PORT_UNREACHABLEs are listed.
Mestrado em Gestão de Sistemas de Informação
2000/2001
40
Sistemas de Comunicação Integrados
-w
Guião
Set the time (in seconds) to wait for a response to a probe (default is 3 seconds).
This program attempts to trace the route an IP packet would follow to some Internet host by launching UDP probe packets with a small TTL then, listening for an ICMP TIME_EXCEEDED reply from a gateway. The probes begin with a TTL of one and increase by one until an ICMP PORT_UNREACHABLE message is received, which means we got to ‘‘host'' or hit the maximum (which defaults to 30 hops but can be changed with the -m flag). Three probes (changed with -q flag) are sent at each TTL setting and a line is printed showing the TTL, address of the gateway and round trip time of each probe. If the probe answers come from different gateways, the address of each responding system will be printed. If there is no response within a 3-second timeout interval (changed with the -w flag), a ‘‘*'' is printed for that probe. So that the destination host will not process the UDP probe packets, the destination port is set to an unlikely value. If someone on the destination is using that value, it can be changed with the -p flag. A sample use and output might be: % traceroute nis.nsf.net. traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 56 byte packet 1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms 6 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms 8 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms 9 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms 10 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms 11 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms Notice that lines 2 and 3 are the same because of a buggy kernel on the second hop system - lbl-csam.arpa - that forwards packets with a zero TTL (a bug in the distributed version of 4.3BSD). You have to guess what path the packets are taking cross-country since the NSFNet (129.140) doesn't supply address-to-name translations for its NSSes. A more interesting example is: % traceroute allspice.lcs.mit.edu. traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms 6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms 8 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms 9 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms 10 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms 11 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms 12 * * * 13 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms 14 * * * 15 * * *
Mestrado em Gestão de Sistemas de Informação
2000/2001
41
Sistemas de Comunicação Integrados
Guião
16 * * * 17 * * * 18 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms Notice that the gateways 12, 14, 15, 16 and 17 hops away either don't send ICMP TIME_EXCEEDED messages or send them with a TTL too small to reach us. 14 - 17 are running the MIT C Gateway code that doesn't send TIME_EXCEEDEDs. The silent gateway 12 in the above example may be the result of a bug in the 4.[23]BSD network code (and its derivatives): 4.x (x > filename] Connects with the finger server on the current host. The current host is defined when a previous lookup for a host was successful and returned address information (see the set querytype=A command). Name is optional. > and >> can be used to redirect output in the usual manner.
ls [option] domain [> filename] ls [option] domain [>> filename] List the information available for domain, optionally creating or appending to filename. The default output contains host names and their Internet addresses. Option can be one of the following: -t querytype lists all records of the specified type (see querytype below). -a
lists aliases of hosts in the domain. synonym for -t
-d
lists all records for the domain.
-h
lists CPU and operating system information for the domain. synonym for -t HINFO.
-s
lists well-known services of hosts in the domain. -t WKS.
synonym for -t
CNAME.
ANY.
synonym for
When output is directed to a file, hash marks are printed for every 50 records received from the server. view filename Sorts and lists the output of previous ls command(s) with more(1). help ?
Prints a brief summary of commands.
exit Exits the program.
set keyword[=value] keyword[=value] This command is used to change state information that affects the lookups. Valid keywords are: all
Prints the the current values of the frequently-used frequently-used options to set. Information about the current default server and host is also printed.
class=value
Mestrado em Gestão de Sistemas de Informação
2000/2001
47
Sistemas de Comunicação Integrados
Guião
Change the query class to one of: IN
the Internet class.
CHAOS
the Chaos class.
HESIOD
the MIT Athena Hesiod class.
ANY
wildcard (any of the above).
The class specifies the protocol group of the information. (Default = IN, abbreviation = cl) [no]debug Turn debugging mode on. A lot more information is printed about the packet sent to the server and the resulting answer. (Default = nodebug, abbreviation = [no]deb) [no]d2 Turn exhaustive debugging mode on. every packet are printed. (Default = nod2)
Essentially all fields of
domain=name Change the default domain name to name. The default domain name is appended to a lookup request depending on the state of the defname and search options. The domain search list contains the parents of the default domain if it has at least two components in its name. For example, if the default domain is CC.Berkeley.EDU, the search list is CC.Berkeley.EDU and Berkeley.EDU. Berkeley.EDU . Use the set srchlist command to specify a different list. Use the set all command to display the list. (Default = value from hostname, /usr/etc/resolv.conf /usr/etc/resolv.conf or LOCALDOMAIN, LOCALDOMAIN, abbreviation = do) srchlist=name1/name2/... Change the default domain name to name1 and the domain search list to name1, name2, etc. A maximum of 6 names separated by slashes (/) can be specified. For example, set srchlist=lcs.MIT.EDU/ai.MIT.EDU/MIT.EDU sets the domain to lcs.MIT.EDU and the search list to the three names. This command overrides the default domain name and search list of the set domain command. Use the set all command to display the list. (Default = value based on hostname, /usr/etc/resolv.conf or LOCALDOMAIN, LOCALDOMAIN, abbreviation = srchl) [no]defname If set, append the default domain name to a single-component lookup request (i.e., one that does not contain a period). (Default = defname, abbreviation = [no]def) [no]search If the lookup request contains at least one period but doesn't end with a trailing period, append the domain names in the domain search list to the request until an answer is received. (Default = search, abbreviation = [no]sea) port=value Change the default TCP/UDP name server port to value. (Default = 53, abbreviation = po)
Mestrado em Gestão de Sistemas de Informação
2000/2001
48
Sistemas de Comunicação Integrados
Guião
querytype=value type=value Change the type of information query to one of: A
the host's Internet address.
CNAME
the canonical name for an alias.
HINFO
the host CPU and operating system type.
MINFO
the mailbox or mail list information.
MX
the mail exchanger.
NS
the name server for the named zone.
PTR
the host name if the query is an Internet address, otherwise the pointer to other information.
SOA
the domain's ‘‘start-of-authority'' information.
TXT
the text information.
UINFO
the user information.
WKS
the supported well-known services.
Other types (ANY, AXFR, MB, MD, MF, NULL) are described in the RFC-1035 document. (Default = A, abbreviations = q, ty) [no]recurse Tell the name server to query other servers if it does not have the information. (Default = recurse, abbreviation = [no]rec) retry=number Set the number of retries to number. When a reply to a request is not received within a certain amount of time (changed with set timeout), the timeout period is doubled and the request is resent. The retry value controls how many times a request is resent before giving up. (Default = 4, abbreviation = ret) root=host Change the name of the root server to host. This affects the root command. (Default = ns.internic.net., abbreviation = ro) timeout=number Change the initial timeout interval for waiting for a reply to number seconds. Each retry doubles the timeout period. (Default = 5 seconds, abbreviation = ti) [no]vc Always use a virtual circuit when sending requests to the server. (Default = novc, abbreviation = [no]v) [no]ignoretc
Mestrado em Gestão de Sistemas de Informação
2000/2001
49
Sistemas de Comunicação Integrados
Guião
Ignore packet truncation errors. (Default = noignoretc, abbreviation = [no]ig) DIAGNOSTICS If the lookup request was not successful, an error message is printed. Possible errors are: Timed out The server did not respond to a request after a certain amount of time (changed with set timeout=value) and a certain number of retries (changed with set retry=value). No response from server No name server is running on the server machine. No records The server does not have resource records of the current query type for the host, although the host name is valid. The query type is specified with the set querytype command. Non-existent domain The host or domain name does not exist. Connection refused Network is unreachable The connection to the name or finger server could not be made at the current time. This error commonly occurs with ls and finger requests. Server failure The name server found an internal inconsistency in its database and could not return a valid answer. Refused The name server refused to service the request. Format error The name server found that the request packet was not in the proper format. It may indicate an error in nslookup.
FILES /usr/etc/resolv.conf $HOME/.nslookuprc /usr/bsd/nslookup.help ENVIRONMENT HOSTALIASES LOCALDOMAIN
initial domain name and name server addresses. user's initial options. summary of commands.
file containing host aliases. overrides default domain.
SEE ALSO resolver(3), resolver(4), named(1M), RFC-1034 ''Domain Names - Concepts and Facilities''
PING NAME ping - send ICMP ECHO_REQUEST packets to network hosts
Mestrado em Gestão de Sistemas de Informação
2000/2001
50
Sistemas de Comunicação Integrados
Guião
SYNOPSIS /usr/etc/ping [-dfnqrvRL] [-c count] [-s size] [-l preload] [-i interval] [-p pattern] [-T ttl] [-I addr] host DESCRIPTION Ping is a tool for network testing, measurement and management. It utilizes the ICMP protocol's ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (‘‘pings'') have an IP and ICMP header, followed by an 8-byte timestamp, and then an arbitrary number of ‘‘pad'' bytes used to fill out the packet. The host can be the name of a host or its Internet address. are:
The options
-c count Stop after sending (and receiving) count ECHO_RESPONSE packets. -d
Set the SO_DEBUG option on the socket being used.
-f
Flood ping. Outputs packets as fast as they come back or one hundred times per second, whichever is more. (The repetition rate can be adjusted with the -i option.) For every ECHO_REQUEST sent a period '.' is printed, while for ever ECHO_REPLY received a backspace is printed. This provides a rapid display of how many packets are being dropped. This can be extremely stressful on a network and should be used with caution.
-i interval Wait interval seconds between sending each packet. The default is to wait for one second between each packet, except when the -f option is used when the default is 0.01 second. -l preload Send preload packets as fast as possible before falling into the normal mode of behavior. -n
Numeric output only. No attempt will be made to lookup symbolic names for host addresses. Useful if your name server is flaky or for hosts not in the database.
-p pattern You may specify up to 16 ‘‘pad'' bytes to fill out the packet you send. This is useful for diagnosing data-dependent problems in a network. For example, ‘‘-p ff'' will cause the sent packet to be filled with all ones. -q
Quiet output. termination.
Nothing is displayed except the summary line on
-r
Bypass the normal routing tables and send directly to a host on an attached network. If the host is not on a directly-attached network, an error is returned. This option can be used to ping a local host through an interface that has no route through it (e.g., after the interface was dropped by routed(1M)).
-s size Send datagrams containing size bytes of data. The default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data. The maximum allowed value is 65468 bytes.
Mestrado em Gestão de Sistemas de Informação
2000/2001
51
Sistemas de Comunicação Integrados -v
Guião
Verbose output. ICMP packets other than ECHO RESPONSE that are received are listed.
-I interface Send multicast datagrams on the network interface specified by the interface's hostname or IP address. -L
When sending to a multicast destination address, don't loop the datagram back to ourselves.
-R
Record packet the IP ignore
Route. Includes the RECORD_ROUTE option in the ECHO_REQUEST and displays the route buffer on returned packets. Note that header is only large enough for six such routes. Many hosts or discard this option.
-T ttl Changes the default time-to-live for datagrams sent to a multicast address. Ping should be used primarily for manual fault isolation. Because of the load it can impose on the network, it is unwise to use ping during normal operations or from automated scripts. When using ping for fault isolation, it should first be run on the local host, to verify that the local network interface is up and running. Then, hosts and gateways further and further away should be ‘‘pinged''. Ping continually sends one datagram per second, and prints one line of output for every ECHO_RESPONSE returned. On a trusted system with IP Security Options enabled, if the network idiom is not MONO, ping also prints a second line containing the hexadecimal representation of the IP security option in the ECHO_RESPONSE. If the -c count option is given, only that number of requests is sent. No output is produced if there is no response. Round-trip times and packet loss statistics are computed. If duplicate packets are received, they are not included in the packet loss calculation, although the round trip time of these packets is used in calculating the minimum/average/maximum round-trip time numbers. When the specified number of packets have been sent (and received) or if the program is terminated with an interrupt (SIGINT), a brief summary is displayed. When not using the -f (flood) option, the first interrupt, usually generated by control-C or DEL, causes ping to wait for its outstanding requests to return. It will wait no longer than the longest round trip time encountered by previous, successful pings. The second interrupt stops ping immediately. DETAILS An IP header without options in 20 bytes. An ICMP ECHO_REQUEST packet contains an additional 8 bytes worth of ICMP header followed by an arbitrary amount of data. When a packetsize is given, this indicated the size of this extra piece of data (the default is 56). Thus the amount of data received inside of an IP packet of type ICMP ECHO_REPLY will always be 8 bytes more than the requested data space (the ICMP header). If the data space is at least eight bytes large, ping uses the first eight bytes of this space to include a timestamp which it uses in the computation of round trip times. If less than eight bytes of pad are specified, no round trip times are given. DUPLICATE AND DAMAGED PACKETS Ping will report duplicate and damaged packets. Duplicate packets should never occur, and seem to be caused by inappropriate link-level
Mestrado em Gestão de Sistemas de Informação
2000/2001
52
Sistemas de Comunicação Integrados
Guião
retransmissions. Duplicates may occur in many situations and are rarely (if ever) a good sign, although the presence of low levels of duplicates may not always be cause for alarm. Damaged packets are obviously serious cause for alarm and often indicate broken hardware somewhere in the ping packet's path (in the network or in the hosts). TRYING DIFFERENT DATA PATTERNS The (inter)network layer should never treat packets differently depending on the data contained in the data portion. Unfortunately, data-dependent problems have been known to sneak into networks and remain undetected for long periods of time. In many cases the particular pattern that will have problems is something that doesn't have sufficient ‘‘transitions'', such as all ones or all zeros, or a pattern right at the edge, such as almost all zeros. It isn't necessarily enough to specify a data pattern of all zeros (for example) on the command line because the pattern that is of interest is at the data link level, and the relationship between what you type and what the controllers transmit can be complicated. This means that if you have a data-dependent problem you will probably have to do a lot of testing to find it. If you are lucky, you may manage to find a file that either can't be sent across your network or that takes much longer to transfer than other similar length files. You can then examine this file for repeated patterns that you can test using the -p option of ping. TTL DETAILS The TTL value of an IP packet represents the maximum number of IP routers that the packet can go through before being thrown away. In current practice you can expect each router in the Internet to decrement the TTL field by exactly one. The TCP/IP specification says that the TTL field for TCP packets should be set to 60, but many systems use smaller values (IRIX and 4.3BSD use 30, 4.2BSD used 15). The maximum possible value of this field is 255, and most Unix systems set the TTL field of ICMP ECHO_REQUEST packets to 255. This is why you will find you can ‘‘ping'' some hosts, but not reach them with telnet or ftp. In normal operation ping prints the ttl value from the packet it receives. When a remote system receives a ping packet, it can do one of three things with the TTL field in its response: +o Not change it; this is what Berkeley Unix systems did before the 4.3BSD-tahoe release. In this case the TTL value in the received packet will be 255 minus the number of routers in the round-trip path. +o Set it to 255; this is what IRIX and current Berkeley Unix systems do. In this case the TTL value in the received packet will be 255 minus the number of routers in the path from the remote system to the pinging host. +o Set it to some other value. Some machines use the same value for ICMP packets that they use for TCP packets, for example either 30 or 60. Others may use completely wild values. BUGS Many Hosts and Gateways ignore the RECORD_ROUTE option.
Mestrado em Gestão de Sistemas de Informação
2000/2001
53
Sistemas de Comunicação Integrados
Guião
The maximum IP header length is too small for options like RECORD_ROUTE to be completely useful. There's not much that can be done about this, however. Flood pinging is not recommended in general, and flood pinging the broadcast address should only be done under very controlled conditions. The record-route option does not work with hosts using network code derived from 4.3BSD. SEE ALSO netstat(1), ifconfig(1M), routed(1M)
NVRAM NAME nvram, sgikopt - get or set non-volatile RAM variable(s) SYNOPSIS nvram [-v] [name [value]] sgikopt [name...] DESCRIPTION Nvram may be used to set or print the values of non-volatile RAM variables. If name is specified, nvram prints the corresponding value. If value is specified and name is defined in non-volatile RAM, nvram replaces name's definition string with value. The -v option causes nvram to print a line of the form name=value after getting or setting the named variable. When invoked with no arguments, all known variables are displayed in the name=value form. If invoked as sgikopt, more than one name may be given. Names that do not match known variables are ignored. The exit status is 1 if any arguments don't match, and 0 otherwise. NOTES Non-volatile RAM contains a small set of well-known strings at fixed offsets. Nvram may not be used to define new variables. Only the super-user may set variables. The term "Non-volatile RAM" is somewhat misleading, because some variables are placed only in volatile RAM, and will be reset on power-up. Different models have different mixes of volatile and non-volatile variables. DIAGNOSTICS If an attempt to get or set a variable fails for any reason, nvram prints an appropriate message on standard error and exits with non-zero status. Not all machines support the ability to change the contents of nonvolatile memory with the nvram command. To change the contents of nonvolatile memory on those machines you must use the PROM monitor setenv command. SEE ALSO sgikopt(2), syssgi(2), prom(1m)
Mestrado em Gestão de Sistemas de Informação
2000/2001
54
Sistemas de Comunicação Integrados
Guião
IFCONFIG NAME ifconfig - configure network interface parameters SYNOPSIS /usr/etc/ifconfig interface address_family [ address [ dest_address ] ] [ parameters ] /usr/etc/ifconfig interface [ protocol_family ] DESCRIPTION Ifconfig is used to assign an address to a network interface and/or configure network interface parameters. Ifconfig is invoked at boot time from /etc/init.d/network to define the network address of each interface present on a machine; you may also use it once the system is up to redefine an interface's address or other operating parameters. The interface parameter is a string of the form ‘‘name unit'', e.g., ‘‘enp0''. (The -i option to netstat(1) displays the interfaces on the machine.) Since an interface may receive transmissions in differing protocols, each of which may require separate naming schemes, it is necessary to specify the address_family, which may change the interpretation of the remaining parameters. Currently, just the ‘‘inet'' address family is supported. For the Internet family, the address is either an Internet address expressed in the Internet standard ‘‘dot notation'' (see inet(3N)), or a host name present in the hosts(4) file, /etc/hosts. (Other hosts databases, such as named and NIS, are ignored.) Only the super-user may modify the configuration of a network interface. The following parameters may be set with ifconfig: up
Mark an interface ‘‘up''. This may be used to enable an interface after an ‘‘ifconfig down.'' It happens automatically when setting the first address on an interface. If the interface was reset when previously marked down, the hardware will be re-initialized.
down
Mark an interface ‘‘down''. When an interface is marked ‘‘down'', the system will not attempt to transmit messages through that interface. If possible, the interface will be reset to disable reception as well. This action does not automatically disable routes using the interface.
arp
Enable the use of the Address Resolution Protocol in mapping between network level addresses and link level addresses (default). This is currently implemented for mapping between Internet addresses and 10Mb/s Ethernet addresses.
-arp
Disable the use of the Address Resolution Protocol.
alias addr
Establish an additional network address for this interface. This can be useful in permitting a single physical interface to accept packets addressed to several different addresses such as when one is changing network numbers, and one wishes to accept packets addressed to the old interface. The 'broadcast' and 'netmask' options may be used in conjunction with the 'alias' option. When using
Mestrado em Gestão de Sistemas de Informação
2000/2001
55
Sistemas de Comunicação Integrados
Guião
aliases one may have to change the configuration of routed especially if aliases are on different networks than the primary address. Aliases are added as host entries in the routing tables for routed. See (routed(1m)) for more information on this. -alias|delete addr Deletes a previously added alias. metric n
Set the routing metric of the The routing metric is used by (routed(1m)). Higher metrics route less favorable; metrics to the destination network or
interface to n, default 0. the routing protocol have the effect of making a are counted as addition hops host.
netmask mask
Specify how much of the address to reserve for subdividing networks into sub-networks. The mask includes the network part of the local address and the subnet part, which is taken from the host field of the address. The mask can be specified as a single hexadecimal number with a leading 0x, with a dot-notation Internet address, or with a pseudo-network name listed in the network table networks(4). The mask contains 1's for the bit positions in the 32-bit address which are to be used for the network and subnet parts, and 0's for the host part. The mask should contain at least the standard network portion, and the subnet field should be contiguous with the network portion.
broadcast addr Specify the address to use to represent broadcasts to the network. The default broadcast address is the address with a host part of all 1's. dest_addr
Specify the address of the correspondent on the other end of a point-to-point link.
debug
Enable driver-dependent debugging code; usually, this turns on extra console error logging.
-debug
Disable driver-dependent debugging code.
Ifconfig displays the current configuration for a network interface when no optional parameters are supplied. If a protocol family is specified, ifconfig will report only the details specific to that protocol family. NOTE Network interfaces on the IRIS-4D can only receive and not send packets that use ‘‘trailer'' link-level encapsulation. Therefore, ifconfig does not accept the trailers parameter. DIAGNOSTICS Messages indicating the specified interface does not exist, the requested address is unknown, or the user is not privileged and tried to alter an interface's configuration. FILES /etc/hosts host-address database /etc/config/ifconfig-?.options site-specific options (1 file per interface)
Mestrado em Gestão de Sistemas de Informação
2000/2001
56
Sistemas de Comunicação Integrados
Guião
SEE ALSO netstat(1), network(1M)
NETSTAT NAME netstat - show network status SYNOPSIS netstat netstat netstat netstat netstat
[ -Aanu ] [ -f address_family ] [ system ] [ core ] [ -imnqrsM ] [ -f address_family ] [ system ] [ core ] [ -n ] [ -I interface ] interval [ system ] [ core ] -C [ -n ] [ interval ] [ system ] [ -p protocol ] [ system ] [ core ]
DESCRIPTION The netstat command symbolically displays the contents of various network-related data structures. There are a number of output formats, depending on the options for the information presented. The first form of the command displays a list of active sockets for each protocol. The second form presents the contents of one of the other network data structures according to the option selected. Using the third form, with an interval specified, netstat will continuously display the information regarding packet traffic on the configured network interfaces. The fourth form displays statistics about the named protocol. The options have the following meaning: -A
With the default display, show the address of any protocol control blocks associated with sockets; used for debugging.
-a
With the default display, show the state of all sockets; normally sockets used by server processes are not shown.
-l
With the default display, on systems supporting IP security options, show the mandatory and discretionary access control attributes associated with sockets. These consist of a mandatory access control label, printed at the beginning of each line, and a socket uid and acl, printed at the end of each line. (For AF_INET sockets only, a second mandatory access control label, SndLabel, is also shown. SndLabel is a copy of the label in the u_area.) On systems not supporting IP security options, -l is silently ignored.
-C
Display the contents of several of the other formats in dynamic "full-screen" forms. Many of the values can be displayed as simple totals (r or "reset"), changes during the previous interval (d or "delta"), or changes since a fix moment (z or "zero").
-i
Show the state of interfaces which have been auto-configured (interfaces statically configured into a system, but not located at boot time are not shown). When -a is also present, show all addresses (unicast, multicast and link-level) associated with each interface.
-iq
Show the information for -i with the number of packets currently in the output queue, the queue size, and the number of dropped packets due to a full queue.
-I interface Show information only about this interface; used with an interval as
Mestrado em Gestão de Sistemas de Informação
2000/2001
57
Sistemas de Comunicação Integrados
Guião
described below. -m
Show statistics recorded by the memory management routines (the network manages a private pool of memory buffers).
-n
Show network addresses as numbers (normally netstat interprets addresses and attempts to display them symbolically). This option may be used with any of the display formats.
-p protocol Show statistics about protocol, which is either a well-known name for a protocol or an alias for it. Some protocol names and aliases are listed in the file /etc/protocols. A null response typically means that there are no interesting numbers to report. The program will complain if protocol is unknown or if there is no statistics routine for it. (This includes counting packets for the HELO routing protocol as unknown.) -s
Show per-protocol statistics.
-r
Show the routing tables. statistics instead.
-M
Show the kernel multicast routing tables. When -s is also present, show multicast routing statistics instead.
When -s is also present, show routing
-f address_family Limit statistics or address control block reports to those of the specified address family. The following address families are recognized: inet, for AF_INET, and unix, for AF_UNIX. (ns, for AF_NS is not currently supported.) -u
A synonym for -f unix.
The arguments, system and core allow substitutes for the defaults ‘‘/unix'' and ‘‘/dev/kmem''. The default display, for active sockets, shows the local and remote addresses, send and receive queue sizes (in bytes), protocol, and the internal state of the protocol. Address formats are of the form ‘‘host.port'' or ‘‘network.port'' if a socket's address specifies a network but no specific host address. When known the host and network addresses are displayed symbolically according to the data bases /etc/hosts and /etc/networks, respectively. If a symbolic name for an address is unknown, or if the -n option is specified, the address is printed numerically, according to the address family. For more information regarding the Internet ‘‘dot format,'' refer to inet(3N). Unspecified, or ‘‘wildcard'', addresses and ports appear as ‘‘*''. The interface display provides a table of cumulative statistics regarding packets transferred, errors, and collisions. The network addresses of the interface and the maximum transmission unit (‘‘mtu'') are also displayed. The routing table display indicates the available routes and their status. Each route consists of a destination host or network and a gateway to use in forwarding packets. The flags field shows the state of the route (‘‘U'' if ‘‘up''), whether the route is to a gateway (‘‘G'') or a host (‘‘H''), whether the route was created dynamically by a redirect (‘‘D''), and whether the route has been modified by a redirect (‘‘M''). Direct routes are created for each interface attached to the local host;
Mestrado em Gestão de Sistemas de Informação
2000/2001
58
Sistemas de Comunicação Integrados
Guião
the gateway field for such entries shows the address of the outgoing interface. The MTU field shows the MTU value set with the route(1M) command for that route. The RTT and RTTvar fields show the estimated round-trip time (RTT) and the variance in RTT for routes with large amounts of TCP traffic. The RTT and RTTvar values are in seconds with a resolution of .125 seconds. The use field provides a count of the number of packets sent using that route. The interface entry indicates the network interface utilized for the route. When netstat is invoked with an interval argument, it displays a running count of statistics related to network interfaces. This display consists of a column for the primary interface (the first interface found during autoconfiguration) and a column summarizing information for all interfaces. The primary interface may be replaced with another interface with the -I option. The first line of each screen of information contains a summary since the system was last rebooted. Subsequent lines of output show values accumulated over the preceding interval. SEE ALSO hosts(4), networks(4), nfsstat(1M), protocols(4), services(4), smtstat(1) BUGS The notion of errors is ill-defined.
TELNET NAME telnet - User interface to the TELNET protocol SYNOPSIS telnet [-d] [-n tracefile] [-l user | -a] [-e escape-char] [host [port]] DESCRIPTION The telnet command is used to communicate with another host using the TELNET protocol. If telnet is invoked without the host argument, it enters command mode, indicated by its prompt (telnet>). In this mode, it accepts and executes the commands listed below. If it is invoked with arguments, it performs an open command (see below) with those arguments. Options: -d
Sets the initial value of the debug toggle to TRUE.
-n tracefile Opens tracefile for recording trace information. tracefile command below.
See the set
-l user When connecting to the remote system, if the remote system understands the ENVIRON option, then user will be sent to the remote system as the value for the variable USER. This option may also be used with the open command. -a
Auto-login. Same as specifying -l with your user name. option may also be used with the open command.
This
-e escape-char Sets the initial telnet escape character to escape-char. If escape-char is the null character (specified by "" or ''), then there will be no escape character.
Mestrado em Gestão de Sistemas de Informação
2000/2001
59
Sistemas de Comunicação Integrados
Guião
host
Indicates the official name, an alias, or the Internet address of a remote host.
port
Indicates a port number (address of an application). is not specified, the default telnet port is used.
If a number
Once a connection has been opened, telnet will attempt to enable the TELNET LINEMODE option. If this fails, then telnet will revert to one of two input modes: either "character at a time" or "old line by line" depending on what the remote system supports. When LINEMODE is enabled, character processing is done on the local system, under the control of the remote system. When input editing or character echoing is to be disabled, the remote system will relay that information. The remote system will also relay changes to any special characters that happen on the remote system, so that they can take effect on the local system. In "character at a time" mode, most text typed is immediately sent to the remote host for processing. In "old line by line" mode, all text is echoed locally, and (normally) only completed lines are sent to the remote host. The "local echo character" (initially "^E") may be used to turn off and on the local echo (this would mostly be used to enter passwords without the password being echoed). If the LINEMODE option is enabled, or if the localchars toggle is TRUE (the default for "old line by line"; see below), the user's quit, intr, and flush characters are trapped locally, and sent as TELNET protocol sequences to the remote side. If LINEMODE has ever been enabled, then the user's susp and eof are also sent as TELNET protocol sequences, and quit is sent as a TELNET ABORT instead of BREAK. There are options (see toggle autoflush and toggle autosynch below) which cause this action to flush subsequent output to the terminal (until the remote host acknowledges the TELNET sequence) and flush previous terminal input (in the case of quit and intr). While connected to a remote host, telnet command mode may be entered by typing the telnet "escape character" (initially "^]"). When in command mode, the normal terminal editing conventions are available. The following telnet commands are available. Only enough of each command to uniquely identify it need be typed (this is also true for arguments to the mode, set, toggle, unset, slc, environ, and display commands). close Close a TELNET session and return to command mode. display [ argument... ] Displays all, or some, of the set and toggle values (see below). mode type Type is one of several options, depending on the state of the TELNET session. The remote host is asked for permission to go into the requested mode. If the remote host is capable of entering that mode, the requested mode will be entered. character
Mestrado em Gestão de Sistemas de Informação
2000/2001
60
Sistemas de Comunicação Integrados
Guião
Disable the TELNET LINEMODE option, or, if the remote side does not understand the LINEMODE option, then enter "character at a time" mode. line Enable the TELNET LINEMODE option, or, if the remote side does not understand the LINEMODE option, then attempt to enter "old-line-by-line" mode. isig (-isig) Attempt to enable (disable) the TRAPSIG mode of the LINEMODE option. This requires that the LINEMODE option be enabled. edit (-edit) Attempt to enable (disable) the EDIT mode of the LINEMODE option. This requires that the LINEMODE option be enabled. softtabs (-softtabs) Attempt to enable (disable) the SOFT_TAB mode of the LINEMODE option. This requires that the LINEMODE option be enabled. litecho (-litecho) Attempt to enable (disable) the LIT_ECHO mode of the LINEMODE option. This requires that the LINEMODE option be enabled. ? Prints out help information for the mode command. open host [ [-l user | -a] [-]port ] Open a connection to the named host. If no port number is specified, telnet will attempt to contact a TELNET server at the default port. The host specification may be either a host name (see hosts(4)) or an Internet address specified in the "dot notation" (see inet(3N)). The -l option may be used to specify the user name to be passed to the remote system via the ENVIRON option. The -a option sends your user name to the remote system via the ENVIRON option. When connecting to a non-standard port, telnet omits any automatic initiation of TELNET options. When the port number is preceded by a minus sign, the initial option negotiation is done. After establishing a connection, the .telnetrc in the user's home directory is opened. Lines beginning with a # are comment lines. Blank lines are ignored. Lines that begin without whitespace are the start of a machine entry. The first thing on the line is the name of the machine that is being connected to. The rest of the line, and successive lines that begin with whitespace are assumed to be telnet commands and are processed as if they had been typed in manually to the telnet command prompt. quit Close any open TELNET session and exit telnet. An end of file (in command mode) will also close a session and exit. send arguments Sends one or more special character sequences to the remote host. The following are the arguments which may be specified
Mestrado em Gestão de Sistemas de Informação
2000/2001
61
Sistemas de Comunicação Integrados
Guião
(more than one argument may be specified at a time): abort Sends the TELNET ABORT (ABORT processes) sequence. ao Sends the TELNET AO (Abort Output) sequence, which should cause the remote system to flush all output from the remote system to the user's terminal. ayt Sends the TELNET AYT (Are You There) sequence, to which the remote system may or may not choose to respond. brk Sends the TELNET BRK (Break) sequence, which may have significance to the remote system. ec Sends the TELNET EC (Erase Character) sequence, which should cause the remote system to erase the last character entered. el Sends the TELNET EL (Erase Line) sequence, which should cause the remote system to erase the line currently being entered. eof Sends the TELNET EOF (End Of File) sequence. eor Sends the TELNET EOR (End of Record) sequence. escape Sends the current telnet escape character (initially "^]"). ga Sends the TELNET GA (Go Ahead) sequence, which likely has no significance to the remote system. getstatus If the remote side supports the TELNET STATUS command, getstatus will send the subnegotiation to request that the server send its current option status. ip Sends the TELNET IP (Interrupt Process) sequence, which should cause the remote system to abort the currently running process. nop Sends the TELNET NOP (No OPeration) sequence. susp Sends the TELNET SUSP (SUSPend process) sequence. synch Sends the TELNET SYNCH sequence.
Mestrado em Gestão de Sistemas de Informação
2000/2001
This sequence causes the
62
Sistemas de Comunicação Integrados
Guião
remote system to discard all previously typed (but not yet read) input. This sequence is sent as TCP urgent data (and may not work if the remote system is a 4.2 BSD system - if it doesn't work, a lower case "r" may be echoed on the terminal). ? Prints out help information for the send command.
set argument value unset arguments... The set command will set any one of a number of telnet variables to a specific value or to TRUE. The special value off turns off the function associated with the variable, this is equivalent to using the unset command. The unset command will disable or set to FALSE any of the specified functions. The values of variables may be interrogated with the display command. The variables which may be set or unset, but not toggled, are listed here. In addition, any of the variables for the toggle command may be explicitly set or unset using the set and unset commands. echo This is the value (initially "^E") which, when in "line by line" mode, toggles between doing local echoing of entered characters (for normal processing), and suppressing echoing of entered characters (for entering, say, a password). eof If telnet is operating in LINEMODE or "old line by line" mode, entering this character as the first character on a line will cause this character to be sent to the remote system. The initial value of the eof character is taken to be the terminal's eof character. erase If telnet is in localchars mode (see toggle localchars below), and if telnet is operating in "character at a time" mode, then when this character is typed, a TELNET EC sequence (see send ec above) is sent to the remote system. The initial value for the erase character is taken to be the terminal's erase character. escape This is the telnet escape character (initially "^[") which causes entry into telnet command mode (when connected to a remote system). flushoutput If telnet is in localchars mode (see toggle localchars below) and the flushoutput character is typed, a TELNET AO sequence (see send ao above) is sent to the remote host. The initial value for the flush character is taken to be the terminal's flush character. interrupt If telnet is in localchars mode (see toggle localchars below) and the interrupt character is typed, a TELNET IP
Mestrado em Gestão de Sistemas de Informação
2000/2001
63
Sistemas de Comunicação Integrados
Guião
sequence (see send ip above) is sent to the remote host. The initial value for the interrupt character is taken to be the terminal's intr character. kill If telnet is in localchars mode (see toggle localchars below), and if telnet is operating in "character at a time" mode, then when this character is typed, a TELNET EL sequence (see send el above) is sent to the remote system. The initial value for the kill character is taken to be the terminal's kill character. lnext If telnet is operating in LINEMODE or "old line by line" mode, then this character is taken to be the terminal's lnext character. The initial value for the lnext character is taken to be the terminal's lnext character. quit If telnet is in localchars mode (see toggle localchars below) and the quit character is typed, a TELNET BRK sequence (see send brk above) is sent to the remote host. The initial value for the quit character is taken to be the terminal's quit character. reprint If telnet is operating in LINEMODE or "old line by line" mode, then this character is taken to be the terminal's reprint character. The initial value for the reprint character is taken to be the terminal's reprint character. start If the TELNET TOGGLE-FLOW-CONTROL option has been enabled, then this character is taken to be the terminal's start character. The initial value for the kill character is taken to be the terminal's start character. stop If the TELNET TOGGLE-FLOW-CONTROL option has been enabled, then this character is taken to be the terminal's stop character. The initial value for the kill character is taken to be the terminal's stop character. susp If telnet is in localchars mode, or LINEMODE is enabled, and the suspend character is typed, a TELNET SUSP sequence (see send susp above) is sent to the remote host. The initial value for the suspend character is taken to be the terminal's suspend character. tracefile This is the file to which the output, caused by netdata or option tracing being TRUE, will be written. If it is set to '-', then tracing information will be written to standard output (the default). worderase If telnet is operating in LINEMODE or "old line by line" mode, then this character is taken to be the terminal's worderase character. The initial value for the worderase character is taken to be the terminal's worderase
Mestrado em Gestão de Sistemas de Informação
2000/2001
64
Sistemas de Comunicação Integrados
Guião
character. slc state The slc command (Set Local Characters) is used to set or change the state of the special characters when the TELNET LINEMODE option has been enabled. Special characters are characters that get mapped to TELNET commands sequences (like ip or quit) or line editing characters (like erase and kill). By default, the local special characters are exported. export Switch to the local defaults for the special characters. The local default characters are those of the local terminal at the time when telnet was started. import Switch to the remote defaults for the special characters. The remote default characters are those of the remote system at the time when the TELNET connection was established. check Verify the current settings for the current special characters. The remote side is requested to send all the current special character settings, and if there are any discrepancies with the local side, the local side will switch to the remote value. ? Prints out help information for the slc command. environ arguments... The environ command is used to manipulate the variables that my be sent through the ENVIRON option. The initial set of variables is taken from the user's environment with only the DISPLAY and PRINTER variables being exported by default. Valid arguments for the environ command are: define variable value Define the variable variable to have a value of value. Any variables defined by this command are automatically exported. The value may be enclosed in single or double quotes so that tabs and spaces may be included. undefine variable Remove variable from the list of environment variables. export variable Mark the variable variable to be exported to the remote side. unexport variable Mark the variable variable to not be exported unless explicitly asked for by the remote side.
Mestrado em Gestão de Sistemas de Informação
2000/2001
65
Sistemas de Comunicação Integrados
Guião
send variable Send the variable variable to the remote side. list List the current set of environment variables. Those marked with a **** will be sent automatically, other variables will only be sent if explicitly requested. ? Prints out help information for the environ command. ? Displays the legal set (unset) commands. toggle arguments... Toggle (between TRUE and FALSE) various flags that control how telnet responds to events. These flags may be set explicitly to TRUE or FALSE using the set and unset commands listed above. More than one argument may be specified. The state of these flags may be interrogated with the display command. Valid arguments are: autoflush If autoflush and localchars are both TRUE, then when the ao, intr, or quit characters are recognized (and transformed into TELNET sequences; see set above for details), telnet refuses to display any data on the user's terminal until the remote system acknowledges (via a TELNET TIMING MARK option) that it has processed those TELNET sequences. The initial value for this toggle is TRUE if the terminal user had not done an "stty noflsh", otherwise FALSE (see stty(1)). autosynch If autosynch and localchars are both TRUE, then when either the intr or quit characters is typed (see set above for descriptions of the intr and quit characters), the resulting TELNET sequence sent is followed by the TELNET SYNCH sequence. This procedure should cause the remote system to begin throwing away all previously typed input until both of the TELNET sequences have been read and acted upon. The initial value of this toggle is FALSE. binary Enable or disable the TELNET BINARY option on both input and output. inbinary Enable or disable the TELNET BINARY option on input. outbinary Enable or disable the TELNET BINARY option on output. crlf If this is TRUE, then carriage returns will be sent as . If this is FALSE, then carriage returns will be send as . The initial value for this toggle is FALSE. crmod
Mestrado em Gestão de Sistemas de Informação
2000/2001
66
Sistemas de Comunicação Integrados
Guião
Toggle carriage return mode. When this mode is enabled, most carriage return characters received from the remote host will be mapped into a carriage return followed by a line feed. This mode does not affect those characters typed by the user, only those received from the remote host. This mode is not very useful unless the remote host only sends carriage return, but never line feed. The initial value for this toggle is FALSE. debug Toggles socket level debugging (useful only to the superuser). The initial value for this toggle is FALSE. localchars If this is TRUE, then the flush, interrupt, quit, erase, and kill characters (see set above) are recognized locally, and transformed into (hopefully) appropriate TELNET control sequences (respectively ao, ip, brk, ec, and el; see send above). The initial value for this toggle is TRUE in "old line by line" mode, and FALSE in "character at a time" mode. When the LINEMODE option is enabled, the value of localchars is ignored, and assumed to always be TRUE. If LINEMODE has ever been enabled, then quit is sent as abort, and eofand suspend are sent as eofand susp, see send above). netdata Toggles the display of all network data (in hexadecimal format). The initial value for this toggle is FALSE. options Toggles the display of some internal telnet protocol processing (having to do with TELNET options). The initial value for this toggle is FALSE. prettydump When the netdata toggle is enabled, if prettydump is enabled the output from the netdata command will be formatted in a more user readable format. Spaces are put between each character in the output, and the beginning of any TELNET escape sequence is preceded by a '*' to aid in locating them. ? Displays the legal toggle commands. z
Suspend telnet. the csh(1).
This command only works when the user is using
! [ command ] Execute a single command in a subshell on the local system. If command is omitted, then an interactive subshell is invoked. status Show the current status of telnet. This includes the peer one is connected to, as well as the current mode. ? [ command ] Get help. With no arguments, telnet prints a help summary. If a command is specified, telnet will print the help information for just that command.
Mestrado em Gestão de Sistemas de Informação
2000/2001
67
Sistemas de Comunicação Integrados
Guião
ENVIRONMENT Telnet uses at least the HOME, SHELL, USER, DISPLAY, and TERM environment variables. Other environment variables may be propagated to the other side via the TELNET ENVIRON option. FILES ~/.telnetrc
user customized telnet startup values
NOTES On some remote systems, echo has to be turned off manually when in "old line by line" mode. In "old line by line" mode or LINEMODE the terminal's eof character is only recognized (and sent to the remote system) when it is the first character on a line.
Mestrado em Gestão de Sistemas de Informação
2000/2001
68
Sistemas de Comunicação Integrados
Guião
ANEXO III
Mestrado em Gestão de Sistemas de Informação
2000/2001
69
Sistemas de Comunicação Integrados
Guião
Pinging 10.10.10.0 with 32 bytes of data: Destination specified is invalid. Destination specified is invalid. Destination specified is invalid. Destination specified is invalid. Pinging students.students.iscte.pt [10.10.10.1] with 32 bytes of data: Reply from 10.10.10.1: bytes=32 time
View more...
Comments