Master Linux Network & System Tools: From ping to journalctl

Network Operations – Playing with Connections

ping – Test Network Connectivity

Send ICMP packets to a target to check reachability and latency.

# 1. Continuous ping (default)
ping www.google.com

# 2. Send 5 packets
ping -c 5 www.google.com

# 3. Set interval to 1 second
ping -i 1 www.google.com

# 4. Change packet size (default 56 bytes)
ping -s 128 www.google.com

# 5. Disable hostname resolution for faster output
ping -n www.google.com

Basic connectivity: use ping to verify a host is online.

Control count: -c limits the number of packets.

Performance tuning: -s and -i adjust packet size and interval.

traceroute – Route Tracing Tool

Shows each hop a packet takes to reach the destination.

# Basic trace
traceroute example.com

# Limit maximum hops to 20
traceroute -m 20 example.com

# Probe once per hop
traceroute -q 1 example.com

# Use ICMP instead of UDP
traceroute -I example.com

# Specify destination port
traceroute -p 443 example.com

Basic trace: traceroute lists intermediate routers.

Hop limit: -m prevents overly long output.

Protocol choice: -I works better on some networks.

wget – File Download Utility

Download files over HTTP/HTTPS/FTP with support for resume and batch operations.

# Download a single file
wget http://example.com/file.zip

# Save with a custom name
wget -O newname.zip http://example.com/file.zip

# Resume an interrupted download
wget -c http://example.com/largefile.zip

# Authenticated download
wget --user=username --password=password http://example.com/securefile.zip

# Limit download speed to 100KB/s
wget --limit-rate=100k http://example.com/file.zip

Simple download: wget URL Resume: -c continues partial files.

Rate limiting: --limit-rate throttles bandwidth.

curl – Versatile Data Transfer Tool

Handles HTTP, HTTPS, FTP and many other protocols; useful for downloading files, testing APIs, and inspecting raw responses.

# Download a file
curl -O http://example.com/file.zip

# Save with a custom name
curl -o newname.zip http://example.com/file.zip

# Show page content
curl http://example.com

# GET request to an API
curl -X GET http://api.example.com/data

# POST request with data
curl -X POST -d "key=value" http://api.example.com/data

# Verbose output (request/response details)
curl -v http://example.com

Download: curl -O or -o.

API testing: -X selects method, -d sends payload.

Debugging: -v shows headers and details.

telnet – Test Port Connectivity

Open a raw TCP connection to a host and port to verify service availability.

# Test HTTP port on Baidu
telnet www.baidu.com 80

Successful connection displays "Connected to …".

Failure shows "Connection refused" or similar.

netstat – Network Connection Overview (classic)

Lists active connections, listening ports, and protocol statistics.

# Show all connections
netstat -a

# Show listening TCP/UDP ports with numeric addresses
netstat -nlptu

# Filter for port 80
netstat -tlnp | grep :80

# Show only processes owned by nginx
netstat -tlnp | grep nginx

Listening ports: -tlnp reveals services and owning processes.

Filtering: pipe to grep for specific ports or states.

ss – Modern Replacement for netstat

Provides faster, kernel‑direct insight into sockets and listening services.

# Show all sockets
ss -a

# Show listening TCP and UDP ports
ss -nlptu

# Show established connections only
ss -t state established

# Filter by port 80
ss -tlnp | grep :80

# Filter by IP address
ss -tlnp | grep '192.168.1.100'

# Filter by process ID 1234
ss -tulnp | grep 1234

Performance: reads directly from kernel, much faster than netstat.

Filtering: supports precise state and grep combos.

tcpdump – Packet Capture Tool

Capture and optionally save network packets for deep analysis.

# Capture all traffic on eth0
tcpdump -i eth0

# Save to a file
tcpdump -i eth0 -w capture.pcap

# Capture from a specific source IP
tcpdump -i eth0 src 192.168.1.100

# Capture traffic to port 80
tcpdump -i eth0 port 80

# Capture and save with filters (src IP + dest port)
tcpdump -i eth0 src 192.168.1.100 and dst port 80 -w capture.pcap -nn -v

Capture: -i selects interface.

Save: -w writes to a pcap file for later analysis (e.g., Wireshark).

Filters: combine src, dst, and port to narrow traffic.

nc (Netcat) – Swiss‑Army Knife for Networking

Supports TCP/UDP connections, port scanning, file transfer, and simple server creation.

# Connect to a remote host (TCP)
nc example.com 80

# Listen on a local port (simple server)
nc -l 12345

# Transfer a file (receiver side)
nc -l 12345 > received_file.txt

# Send a file (sender side)
nc remote_host 12345 < file_to_send.txt

# UDP listener
nc -u -l 12345

# Scan ports 1‑1000 on a host
nc -zv example.com 1-1000

# Simple HTTP request
echo -e "GET / HTTP/1.1
Host: example.com

" | nc example.com 80

Port test: -zv checks if ports are open.

File transfer: combine -l with redirection.

Service mock: listen and manually respond.

lsof – List Open Files and Network Connections

Shows which processes have which files or sockets open.

# All network connections
lsof -i

# Specific port (e.g., 80)
lsof -i :80

# Detailed numeric output
lsof -Pni

# Filter listening sockets
lsof -Pni | grep LISTEN

# Find processes using a specific IP
lsof -Pni | grep 192.168.1.100

# Show files opened by a PID
lsof -p 1234

Network view: -i lists sockets.

File ownership: specify a path to see which process uses it.

Filtering: pipe to grep for state or IP.

ip – Manage Network Interfaces and Routes

Modern replacement for ifconfig and route.

# Show interfaces and addresses
ip addr show

# Show routing table
ip route show

# Bring interface up
sudo ip link set eth0 up

# Bring interface down
sudo ip link set eth0 down

Use addr for IP configuration, route for routing, and link to enable/disable interfaces.

ssh – Secure Remote Login

Connect to a remote host over an encrypted channel.

# Basic login
ssh user@remote_host

# Specify a non‑standard port
ssh -p 2222 user@remote_host

# Use a private key file
ssh -i /path/to/private_key user@remote_host

# Run a single command and exit
ssh user@remote_host "ls -l /home"

Port selection: -p.

Key authentication: -i.

scp – Secure Copy Files Over SSH

Copy files or directories between local and remote hosts.

# Local to remote
scp file.txt user@remote:/path/to/dest

# Remote to local
scp user@remote:/path/to/file.txt ./

# Recursive directory copy
scp -r /local/dir user@remote:/remote/dir

# Specify remote SSH port
scp -P 8000 file.txt user@remote:/remote/path

-r

copies directories recursively. -P sets the remote SSH port.

rsync – Efficient File Synchronization

Synchronizes files and directories, transferring only differences.

# Sync local to remote
rsync -av /local/dir user@remote:/remote/dir

# Sync remote to local
rsync -av user@remote:/remote/dir /local/dir

# Delete extraneous files on destination
rsync -av --delete /local/dir user@remote:/remote/dir

# Use a non‑standard SSH port
rsync -av -e "ssh -p 2222" /local/dir user@remote:/remote/dir

-a

preserves permissions and timestamps. --delete removes files that no longer exist in the source.

Log and System Debugging – The System Detective

strace – System Call Tracing

Tracks the system calls made by a command or process.

# Trace a command
strace ls

# Save output to a file
strace -o trace.log ls

# Trace only file‑related calls
strace -e trace=file ls

# Attach to a running process (PID)
strace -p 1234

# Show time spent in each call
strace -T ls

-e trace=file

limits output to file operations. -p attaches to an existing PID. -T adds timing information.

iostat – CPU and Disk I/O Monitoring

Displays CPU utilization and device I/O statistics.

# Basic CPU and I/O view
iostat

# Refresh every 2 seconds, 5 times
iostat 2 5

# Detailed device statistics
iostat -d

# Detailed CPU statistics
iostat -c

# Extended statistics for all devices
iostat -x

Install via sudo apt install sysstat if missing.

vmstat – System Performance Snapshot

Shows CPU, memory, I/O, and process statistics.

# One‑time snapshot
vmstat

# Continuous monitoring: 1‑second interval, 5 samples
vmstat 1 5

# Show memory, I/O, and CPU details
vmstat -a

# Show disk block I/O
vmstat -d

# Show detailed CPU usage with timestamps
vmstat -t

Useful for quick identification of bottlenecks.

dmesg – Kernel Ring Buffer Viewer

Displays messages generated by the kernel since boot.

# Full kernel log
dmesg

# Paginated view
dmesg | less

# Filter for USB messages
dmesg | grep usb

# Real‑time monitoring
dmesg -w

journalctl – Systemd Journal Viewer

Queries logs managed by systemd.

# Show all logs
journalctl

# Logs for a specific service (e.g., nginx)
journalctl -u nginx

# Follow new log entries in real time
journalctl -f

# Logs from the last hour
journalctl --since "1 hour ago"

uptime – System Run Time and Load

Reports how long the system has been up, number of users, and load averages.

# Standard output
uptime

# Show only uptime duration
uptime -p

# Show exact boot time
uptime -s

Developer Tools – Command‑Line Black Magic

alias – Create Command Shortcuts

Define a short name for a longer command.

alias ll='ls -alF'

which – Locate Executable Paths

Find the absolute path of a command.

which bash   # => /usr/bin/bash

env and export – Environment Variable Helpers

View and set environment variables.

# List all variables
env

# Set a variable for the current session
export MY_VAR="Hello World"

# Verify
echo $MY_VAR

# Append a directory to PATH
export PATH=$PATH:/new/path

# Persist in ~/.bashrc
echo "export MY_VAR='Hello World'" >> ~/.bashrc
source ~/.bashrc

diff – Compare Files

Show differences between two files or directories.

# Simple file comparison
diff file1.txt file2.txt

# Ignore case differences
diff -i file1.txt file2.txt

# Recursive directory comparison
diff -r dir1/ dir2/

# Brief report (only whether files differ)
diff --brief file1.txt file2.txt

vim – Text Editor

Open and edit files in the terminal.

# Open a file
vim file.txt

# Enter insert mode (press i)
# Save and quit (:wq)
# Quit without saving (:q!)

tree – Directory Tree Viewer

Display a directory hierarchy in a tree‑like format.

# Current directory tree
tree

# Specific path
tree /path/to/dir

# Limit depth to 2 levels
tree -L 2

# Show file sizes
tree -h

# List directories only
tree -d

# Save output to a file
tree > tree_output.txt

xargs – Build and Execute Command Lines from Input

Convert standard input into arguments for another command.

# Delete all *.log files found by find
find . -name "*.log" | xargs rm -f

# Echo each filename on a separate line
echo "file1 file2 file3" | xargs -n 1 echo

# Move files to /backup using placeholder {}
echo "file1 file2" | xargs -I {} mv {} /backup

# Parallel copy of images (4 concurrent jobs)
find . -name "*.jpg" | xargs -P 4 cp -t /backup

tee – Duplicate Output to File and Console

Write command output to a file while still displaying it.

# Save and display directory listing
ls -l | tee output.txt

# Append instead of overwrite
ls -l | tee -a output.txt

# Write to multiple files
ls -l | tee file1.txt file2.txt

# Capture both stdout and stderr
ls nonexistent 2>&1 | tee errors.log

man – Command Manual Pages

Show detailed documentation for a command.

# View manual for ls
man ls

# Search within a manual (type / then keyword)
# Press q to quit

--help – Quick Command Synopsis

Display a brief usage summary.

# Example with ls
ls --help

These utilities together form a powerful toolbox for Linux system administrators, developers, and anyone who needs to diagnose network issues, monitor performance, or automate routine tasks from the command line.