Linux Networking Commands Cheat Sheet — 40 Commands You Actually Use
DevToolKitDiagnostics
These are the commands you reach for when something is broken.
# Check if a host is reachable ping -c 4 example.com # Trace route traceroute example.com mtr example.com # interactive version # DNS lookup dig example.com dig +short example.com A dig @8.8.8.8 example.com # specific DNS server # Reverse DNS dig -x 93.184.216.34 # What's listening on ports ss -tlnp netstat -tlnp # older systems # Which process owns a port lsof -i :8080 fuser 8080/tcp
Interface Management
# Show all interfaces ip addr show ip a # Show routing table ip route show # Add IP address ip addr add 192.168.1.100/24 dev eth0 # Bring interface up/down ip link set eth0 up ip link set eth0 down # Show ARP table ip neigh show # Flush DNS cache (systemd) resolvectl flush-caches
Traffic Analysis
# Capture packets tcpdump -i eth0 tcpdump -i eth0 port 80 # HTTP only tcpdump -i eth0 -w capture.pcap # save to file # Bandwidth per interface nload iftop vnstat # Bandwidth per process nethogs # Speed test between hosts iperf3 -c speedtest.example.com
Curl Essentials
# GET with headers
curl -v https://example.com
# POST JSON
curl -X POST https://api.example.com/data \
-H 'Content-Type: application/json' \
-d '{"key": "value"}'
# Follow redirects
curl -L https://example.com
# Download file
curl -O https://example.com/file.tar.gz
# Resume broken download
curl -C - -O https://example.com/large-file.iso
# Headers only
curl -I https://example.comSSH Tunnels
# Local port forward ssh -L 5432:localhost:5432 user@server # Remote port forward ssh -R 3000:localhost:3000 user@server # SOCKS proxy ssh -D 1080 user@server # Background tunnel ssh -fN -L 5432:localhost:5432 user@server
Firewall Quick Ref
# List rules iptables -L -n -v # Allow SSH iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Block an IP iptables -A INPUT -s 10.0.0.5 -j DROP # nftables nft list ruleset nft add rule inet filter input tcp dport 22 accept
Bookmark this. You'll need it at 3 AM when DNS breaks again.