Linux Networking Commands

This cheatsheet provides essential Linux networking commands for system administrators and power users. Covering basic configuration, diagnostics, firewall management, network services, file transfers, and advanced operations, it's a comprehensive reference for network troubleshooting and setup.

Use the search bar to quickly find specific commands or browse through categories. The Command Combos section shows powerful command combinations for common tasks.

Basic Networking

ifconfig

Display network interfaces and their configuration

ip addr

Show IP addresses and network interfaces (modern)

ip link

Display and modify network interfaces

iwconfig

Display and configure wireless network interfaces

ping [host]

Test connectivity to a network host

ping -c 4 [host]

Ping host 4 times and exit

hostname

Show or set system hostname

netstat -tuln

Display active internet connections

ss -tuln

Display socket statistics (modern netstat)

route -n

Display IP routing table

ip route

Show and manipulate routing table (modern)

traceroute [host]

Trace packet route to network host

tracepath [host]

Trace path to a network host

Network Configuration

dhclient [interface]

Obtain IP address via DHCP

ip addr add [ip]/[mask] dev [interface]

Set IP address for interface

ip link set [interface] up/down

Enable/disable network interface

ip route add default via [gateway]

Add default gateway

nmcli device wifi connect [SSID]

Connect to WiFi network

nmcli con show

List network connections

nmtui

Network Manager text user interface

ethtool [interface]

Display or change Ethernet card settings

iwlist [interface] scan

Scan for wireless networks

resolvectl status

Show DNS resolver status (systemd)

Firewall Management

iptables -L

List all firewall rules

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Allow incoming SSH connections

iptables -A INPUT -j DROP

Drop all other incoming connections

ufw status

Check UFW firewall status

ufw allow 22/tcp

Allow SSH port in UFW

ufw enable

Enable UFW firewall

firewall-cmd --list-all

List all firewalld rules

firewall-cmd --add-port=80/tcp

Open port 80 in firewalld

firewall-cmd --reload

Reload firewall rules

nft list ruleset

List nftables rules

Network Diagnostics

mtr [host]

Network diagnostic tool combining ping and traceroute

dig [domain]

DNS lookup utility

nslookup [domain]

Query DNS for domain name or IP mapping

host [domain]

DNS lookup utility

whois [domain]

Query WHOIS records for domain information

nmap -sP 192.168.1.0/24

Scan network for active hosts

tcpdump -i [interface]

Capture network packets on interface

tcpdump -i [interface] port 80

Capture HTTP traffic

iperf -s

Run as server for bandwidth testing

iperf -c [server]

Test bandwidth to iperf server

nc -vz [host] [port]

Check if specific port is open

curl -I [url]

Show HTTP headers for a URL

curl -v [url]

Verbose HTTP request/response

Network Services

systemctl status sshd

Check SSH server status

systemctl restart networking

Restart networking service

systemctl status NetworkManager

Check NetworkManager status

journalctl -u NetworkManager

View NetworkManager logs

service network restart

Restart network service (older systems)

netstat -tulpn | grep LISTEN

Show listening ports with processes

ss -tulpn | grep LISTEN

Show listening ports with processes (modern)

lsof -i :80

Show process using port 80

ps aux | grep ssh

Show running SSH processes

systemctl restart dhcpd

Restart DHCP server

Network File Transfers

scp [file] [user]@[host]:[path]

Securely copy file to remote host

scp [user]@[host]:[file] [path]

Securely copy file from remote host

rsync -avz [dir] [user]@[host]:[path]

Sync directory to remote host

rsync -avz --delete [dir] [user]@[host]:[path]

Sync and delete extraneous files

sftp [user]@[host]

Secure FTP connection to remote host

wget [url]

Download file from web server

curl -O [url]

Download file from web server

curl -o [file] [url]

Download file with custom name

nc -l 1234 > file.txt

Receive file on port 1234

nc [host] 1234 < file.txt

Send file to host on port 1234

Advanced Networking

ip tunnel add [name] mode gre ...

Create GRE tunnel interface

ip link add [name] type bridge

Create network bridge

brctl show

Show bridge information

ip neigh

Show neighbor table (ARP cache)

ip -s link

Show interface statistics

ss -s

Show socket statistics summary

tc qdisc add dev [interface] ...

Configure traffic control

ip monitor

Monitor netlink messages

ethtool -S [interface]

Show interface driver statistics

ip ntable

Show neighbor table configuration

ipset list

List IP sets

modprobe [module]

Load network kernel module

Command Combos

ip -br addr | grep UP

Show only active interfaces

curl ifconfig.me

Show your public IP address

ss -tp | grep ssh

Show all SSH connections

ip addr | grep -w inet | grep -v 127.0.0.1

Show all non-localhost IP addresses

watch -n1 "ip -s link show [interface]"

Monitor interface statistics every second

for i in {1..10}; do ping -c1 -W1 [host]; done

Ping host 10 times with 1 second timeout

tcpdump -i [interface] -w capture.pcap port 80

Capture HTTP traffic to a file

dig +short mx [domain]

Show MX records for domain

nmap -sV -p 1-1000 [host]

Scan ports 1-1000 with version detection

netstat -an | grep ':80 ' | sort

Show and sort all connections on port 80

ip route get [ip] | head -1

Show route path to specific IP

arp -a | sort -k3

Sort ARP cache by hardware address

Features

Modern and legacy command alternatives
Organized by functional categories
Clear, concise command descriptions
Quick search functionality
Combination commands for complex tasks
Responsive design for all devices
Commands for different Linux distributions
Covers systemd and init.d service management