【Linux operation 56】Linux 系统验证端口连通性
linux 系统验证端口连通性
1、前提
Linux系统有时候需要测试某个端口的连通性,然而ping命令只能测试某个IP通不通,不能测试某端口的连通性。
因为ping命令是基于ICMP协议,是计算机网络中的网络层的协议,但是想要测试某个的连通性,需要用传输层的TCP/UDP协议。
2、方法
2.1、telnet命令
telnet命令为用户提供了在本地计算机上完成远程主机工作的能力,因此可以通过telnet来测试端口的连通性;
用法:
telnet ip port
2.1.1 开放的端口
[root@localhost /]# telnet 10.169.42.84 80
Trying 10.169.42.84...
Connected to 10.169.42.84.
Escape character is '^]'.
此时命令未退出。
根据提示Escape character is '^]'.可知退出字符为'^]'(CTRL+])。此时输入其它字符不能使其退出,CTRL+C都不行。输入CTRL+]后会自动执行,进入命令模式:
2.1.2 不开放的端口
[root@localhost /]# telnet 10.169.42.96 23
Trying 10.169.42.96...
telnet: connect to address 10.169.42.96: Connection refused
2.2、ssh 命令
用法:
ssh -v -p port username@ip
参数说明:
v :调试模式(会打印日志)
p: 指定端口
username: 远程主机的登录用户,如:root
ip:远程主机的IP地址
2.2.1、开放的端口
[root@localhost log]# ssh -v -p 22 root@192.168.6.208
OpenSSH_8.7p1, OpenSSL 3.0.1 14 Dec 2021
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: Connecting to 192.168.6.208 [192.168.6.208] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: compat_banner: match: OpenSSH_7.4 pat OpenSSH_7.4* compat 0x04000006
debug1: Authenticating to 192.168.6.208:22 as 'root'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:2GWzaDuCLIrTFPQClMFtw/dhwdcp3xAybNc0x8a89Sw
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: hostkeys_find_by_key_hostfile: hostkeys file /root/.ssh/known_hosts does not exist
debug1: hostkeys_find_by_key_hostfile: hostkeys file /root/.ssh/known_hosts2 does not exist
debug1: hostkeys_find_by_key_hostfile: hostkeys file /etc/ssh/ssh_known_hosts does not exist
debug1: hostkeys_find_by_key_hostfile: hostkeys file /etc/ssh/ssh_known_hosts2 does not exist
The authenticity of host '192.168.6.208 (192.168.6.208)' can't be established.
ED25519 key fingerprint is SHA256:2GWzaDuCLIrTFPQClMFtw/dhwdcp3xAybNc0x8a89Sw.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?
2.2.2 未开放的端口
[root@localhost /]# ssh -v -p 80 root@10.169.42.96
OpenSSH_8.7p1, OpenSSL 3.0.1 14 Dec 2021
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: Connecting to 10.169.42.96 [10.169.42.96] port 80.
debug1: connect to address 10.169.42.96 port 80: Connection refused
ssh: connect to host 10.169.42.96 port 80: Connection refused
2.3、curl命令
curl是利用URL语法在命令行方式下工作的开源文件传输工具。也可以用来测试端口的连通性;
url 是常用的命令行工具,用来请求 Web 服务器。它的名字就是客户端(client)的 URL 工具的意思。
用法:
curl ip:port
参数说明:
ip:是测试主机的ip地址
port:是端口,比如:80
如果远程主机开通了相应的端口,都会输出信息,如果没有开通相应的端口,则没有任何提示,需要CTRL+C断开
2.3.1、 开放的端口
[root@localhost /]# curl 192.168.6.150 7001
<HTML>
<HEAD>
<TITLE>Error 404 - Not Found<TITLE>
<BODY>
</BODY>
</HTML>
2.3.2 未开放的端口
[root@localhost /]# curl 192.168.6.201 28081
curl: (7)Failed connect to 192.168.6.201:28081; Connection refused