Linux网络工具之fping
那宏大
fping
更为强大的ping
CentOS 中由EPEL源提供
官网:http://www.fping.org/
[21:25:38 rooter@C8-3-55 ~]#type fping
fping 是 /usr/sbin/fping
[21:26:13 rooter@C8-3-55 ~]#whatis fping
fping (8) - send ICMP ECHO_REQUEST packets to network hosts
[21:26:21 rooter@C8-3-55 ~]#rpm -qi fping
Name : fping
Version : 4.2
Release : 2.el8
Architecture: x86_64
Install Date: 2021年04月19日 星期一 12时29分11秒
Group : Unspecified
Size : 64875
License : BSD with advertising
Signature : RSA/SHA256, 2019年08月28日 星期三 10时41分52秒, Key ID 21ea45ab2f86d6a1
Source RPM : fping-4.2-2.el8.src.rpm
Build Date : 2019年08月19日 星期一 11时22分52秒
Build Host : buildvm-09.phx2.fedoraproject.org
Relocations : (not relocatable)
Packager : Fedora Project
Vendor : Fedora Project
URL : http://www.fping.org/
Bug URL : https://bugz.fedoraproject.org/fping
Summary : Scriptable, parallelized ping-like utility
Description :
fping is a ping-like program which can determine the accessibility of
multiple hosts using ICMP echo requests. fping is designed for parallelized
monitoring of large numbers of systems, and is developed with ease of
use in scripting in mind.
fping可以直观的显示网络ip的状态
[21:26:32 rooter@C8-3-55 ~]#fping 10.0.0.56
10.0.0.56 is alive
[21:27:18 rooter@C8-3-55 ~]#fping www.baidu.com
www.baidu.com is alive
[21:27:32 rooter@C8-3-55 ~]#fping www.google.com
www.google.com is unreachable
[21:27:51 rooter@C8-3-55 ~]#echo $?
1
并且可以用echo $?查看返回值,
在写脚本时,可以直接用来判断网络健康情况
fping可以一次ping多个地址
[21:29:18 rooter@C8-3-55 ~]#fping 10.0.0.1 10.0.0.100
10.0.0.1 is unreachable
10.0.0.100 is unreachable
fping加参数g实现ping网络区间
fping -g 起始地址 终止地址
实例:
[21:31:12 rooter@C8-3-55 ~]#fping -g 10.0.0.50 10.0.0.60
10.0.0.55 is alive
10.0.0.56 is alive
10.0.0.58 is alive
ICMP Host Unreachable from 10.0.0.55 for ICMP Echo sent to 10.0.0.57
10.0.0.50 is unreachable
10.0.0.51 is unreachable
10.0.0.52 is unreachable
10.0.0.53 is unreachable
10.0.0.54 is unreachable
10.0.0.57 is unreachable
10.0.0.59 is unreachable
10.0.0.60 is unreachable
fping实现ping整个网段
fping -g 网络ID/网络位 (俗称的CIDR地址表示方式)
10.0.0.2 is alive
10.0.0.55 is alive
10.0.0.56 is alive
10.0.0.58 is alive
^C10.0.0.1 is unreachable
10.0.0.3 is unreachable
10.0.0.4 is unreachable
10.0.0.5 is unreachable
这都省了写循环了,直接给你ping出来了
for i in {1..254};do
ping -c -W1 192.168.88.$i && echo "192.168.88.$i" is alive || echo "192.168.88.$i" is down;
done
支持标准输入输出重定向
可以将地址写进文件,并通过文件重定向给fping执行群扫
fping < host.txt
可以将扫描的结果保存到文件
fping -g 172.20.0.0/16 &> fping`date +%F`.log
禁止主机被ping
网络通畅的主机却不能被ping通,可能由于修改了配置文件
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
实例
- 10.0.0.56 当前状态为可以ping通状态
[root@C6-56 ~]# cat /proc/sys/net/ipv4/icmp_echo_ignore_
icmp_echo_ignore_all icmp_echo_ignore_broadcasts
[root@C6-56 ~]# cat /proc/sys/net/ipv4/icmp_echo_ignore_all
0
[root@C6-56 ~]# ping 10.0.0.56
PING 10.0.0.56 (10.0.0.56) 56(84) bytes of data.
64 bytes from 10.0.0.56: icmp_seq=1 ttl=64 time=0.014 ms
64 bytes from 10.0.0.56: icmp_seq=2 ttl=64 time=0.041 ms
64 bytes from 10.0.0.56: icmp_seq=3 ttl=64 time=0.029 ms
64 bytes from 10.0.0.56: icmp_seq=4 ttl=64 time=0.023 ms
^C
--- 10.0.0.56 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3600ms
rtt min/avg/max/mdev = 0.014/0.026/0.041/0.011 ms
- 通过更改文件中的值,将10.0.0.56禁止主机被ping
[root@C6-56 ~]# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
[root@C6-56 ~]# cat /proc/sys/net/ipv4/icmp_echo_ignore_all
1
[root@C6-56 ~]# ping 10.0.0.56
PING 10.0.0.56 (10.0.0.56) 56(84) bytes of data.
^C
--- 10.0.0.56 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4501ms
ping通常用于嗅探网络中服务器的第一步,也可使用次方法在网络中隐藏服务器,从而减少攻击
fping的更多内容
[22:28:54 rooter@C8-3-55 ~]#fping --help
Usage: fping [options] [targets...]
Probing options:
-4, --ipv4 only ping IPv4 addresses
-6, --ipv6 only ping IPv6 addresses
-b, --size=BYTES amount of ping data to send, in bytes (default: 56)
-B, --backoff=N set exponential backoff factor to N (default: 1.5)
-c, --count=N count mode: send N pings to each target
-f, --file=FILE read list of targets from a file ( - means stdin)
-g, --generate generate target list (only if no -f specified)
(give start and end IP in the target list, or a CIDR address)
(ex. fping -g 192.168.1.0 192.168.1.255 or fping -g 192.168.1.0/24)
-H, --ttl=N set the IP TTL value (Time To Live hops)
-I, --iface=IFACE bind to a particular interface
-l, --loop loop mode: send pings forever
-m, --all use all IPs of provided hostnames (e.g. IPv4 and IPv6), use with -A
-M, --dontfrag set the Don't Fragment flag
-O, --tos=N set the type of service (tos) flag on the ICMP packets
-p, --period=MSEC interval between ping packets to one target (in ms)
(in loop and count modes, default: 1000 ms)
-r, --retry=N number of retries (default: 3)
-R, --random random packet data (to foil link data compression)
-S, --src=IP set source address
-t, --timeout=MSEC individual target initial timeout (default: 500 ms,
except with -l/-c/-C, where it's the -p period up to 2000 ms)
Output options:
-a, --alive show targets that are alive
-A, --addr show targets by address
-C, --vcount=N same as -c, report results in verbose format
-D, --timestamp print timestamp before each output line
-e, --elapsed show elapsed time on return packets
-i, --interval=MSEC interval between sending ping packets (default: 10 ms)
-n, --name show targets by name (-d is equivalent)
-N, --netdata output compatible for netdata (-l -Q are required)
-o, --outage show the accumulated outage time (lost packets * packet interval)
-q, --quiet quiet (don't show per-target/per-ping results)
-Q, --squiet=SECS same as -q, but show summary every n seconds
-s, --stats print final stats
-u, --unreach show targets that are unreachable
-v, --version show version
-x, --reachable=N shows if >=N hosts are reachable or not
类似资料: