tailieunhanh - Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and filter phần 4
Các lệnh liên kết ip cho thấy cấu hình của thiết bị mạng có thể được thay đổi với các thiết lập liên kết ip. Lệnh này được sử dụng để sửa đổi proprieties của thiết bị và không phải là địa chỉ IP. Các địa chỉ IP có thể được cấu hình bằng cách sử dụng lệnh ip addr. Lệnh này có thể được sử dụng để thêm một địa chỉ (bí danh) tiểu học hay trung IP đến một thiết bị mạng (ip addr thêm), . | Chapter 3 OPTIONS -V ersion -s tatistics -r esolve -f amily inet inet6 ipx dnet link -o neline root@router The ip link command shows the network device s configurations that can be changed with ip link set. This command is used to modify the device s proprieties and not the IP address. The IP addresses can be configured using the ip addr command. This command can be used to add a primary or secondary alias IP address to a network device ip addr add to display the IP addresses for each network device ip addr show or to delete IP addresses from interfaces ip addr del . IP addresses can also be flushed using different criteria . ip addr flush dynamic will flush all routes added to the kernel by a dynamic routing protocol. Neighbor Arp table management is done using ip neighbor which has a few commands expressively named add change replace delete and flush. ip tunnel is used to manage tunneled connections. Tunnels can be gre ipip and sit. We will include an example later in the book on how to build IP tunnels. The ip tool offers a way for monitoring routes addresses and the states of devices in real-time. This can be accomplished using ip monitor rtmon and rtacct commands included in the iproute2 package. One very important and probably the most used object of the ip tool is ip route which can do any operations on the kernel routing table. It has commands to add change replace delete show flush and get routes. One of the things iproute2 introduced to Linux that ensured its popularity was policy routing. This can be done using ip rule and ip route in a few simple steps. Traffic Control tc The tc command allows administrators to build different QoS policies in their networks using Linux instead of very expensive dedicated QoS machines. Using Linux you can implement QoS in all the ways any dedicated QoS machine can and even more. Also one can make a bridge using a good PC running Linux that can be transformed into a very powerful and very cheap dedicated QoS machine. .
đang nạp các trang xem trước