有没有打印网络连接结构的工具?
在我的 CentOS 服务器中,有很多由其他服务创建的接口。
[root@att ~]# dumpcap -D
1. bridge0
2. docker0
3. nflog
4. nfqueue
5. em1
6. usbmon1
7. em2
8. veth8b8f97a
9. vethfe9fbcf
10. br-eb92c719d431
11. veth5587e98
12. any
13. lo (Loopback)
那么,有没有什么工具可以描述网络拓扑的连接呢?那么我们就可以简单的分析一下。
编辑-01
我使用 yum 安装的plotnetcfg:
# plotnetcfg --version
v0.4.1
我想生成pdf,但出现错误:
# plotnetcfg | dot -Tpdf > output.pdf
ERROR: Invalid argument
编辑-02
[dele@att root]$ plotnetcfg | dot -Tpdf > output.pdf
bash: output.pdf: permission denied
Must be run under root (or with enough capabilities).
编辑-03
[dele@att ~]$ cd; sudo plotnetcfg | dot -Tpdf > output.pdf
ERROR: Invalid argument
编辑-04
我straceplotnetcfg,得到以下信息:
[root@att ~]# strace plotnetcfg | grep EINVAL
execve("/usr/sbin/plotnetcfg", ["plotnetcfg"], 0x7ffff0bc5840 /* 28 vars */) = 0
brk(NULL) = 0xe24000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fbadaa2a000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (the directory does not exists)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=91401, ...}) = 0
mmap(NULL, 91401, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fbadaa13000
close(3) = 0
open("/lib64/libjansson.so.4", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200#\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=53944, ...}) = 0
mmap(NULL, 2146960, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fbada5fd000
mprotect(0x7fbada609000, 2093056, PROT_NONE) = 0
mmap(0x7fbada808000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7fbada808000
close(3) = 0
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`&\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2156240, ...}) = 0
mmap(NULL, 3985920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fbada22f000
mprotect(0x7fbada3f2000, 2097152, PROT_NONE) = 0
mmap(0x7fbada5f2000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c3000) = 0x7fbada5f2000
mmap(0x7fbada5f8000, 16896, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fbada5f8000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fbadaa12000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fbadaa10000
arch_prctl(ARCH_SET_FS, 0x7fbadaa10740) = 0
mprotect(0x7fbada5f2000, 16384, PROT_READ) = 0
mprotect(0x7fbada808000, 4096, PROT_READ) = 0
mprotect(0x609000, 4096, PROT_READ) = 0
mprotect(0x7fbadaa2b000, 4096, PROT_READ) = 0
munmap(0x7fbadaa13000, 91401) = 0
brk(NULL) = 0xe24000
brk(0xe45000) = 0xe45000
brk(NULL) = 0xe45000
capget({version=_LINUX_CAPABILITY_VERSION_1, pid=0}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP, inheritable=0}) = 0
open("/proc/1/ns/net", O_RDONLY) = 3
setns(3, CLONE_NEWNET) = 0
close(3) = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
setsockopt(3, SOL_SOCKET, SO_SNDBUF, [32768], 4) = 0
setsockopt(3, SOL_SOCKET, SO_RCVBUF, [1048576], 4) = 0
bind(3, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, nl_pid=1763448, nl_groups=00000000}, [12]) = 0
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=36, type=nlctrl, flags=NLM_F_REQUEST, seq=1, pid=0}, "\x03\x01\x00\x00"}, iov_len=20}, {iov_base={len=131086, type=0x766f /* GENERIC_FAMILY_??? */, flags=NLM_F_REQUEST|NLM_F_MULTI|NLM_F_DUMP_INTR|NLM_F_DUMP_FILTERED|0x5f40, seq=1919905910, pid=116}, iov_len=16}], msg_iovlen=2, msg_controllen=0, msg_flags=0}, 0) = 36
recvmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=184, type=nlctrl, flags=0, seq=1, pid=1763448}, "\x01\x02\x00\x00\x0e\x00\x02\x00\x6f\x76\x73\x5f\x76\x70\x6f\x72\x74\x00\x00\x00\x06\x00\x01\x00\x1c\x00\x00\x00\x08\x00\x03\x00"...}, iov_len=16384}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 184
close(3) = 0
readlink("/proc/1/ns/net", "net:[4026531956]", 4096) = 16
open("/proc/1/ns/net", O_RDONLY) = 3
openat(AT_FDCWD, "/var/run/netns", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
getdents(4, /* 4 entries */, 32768) = 96
open("/var/run/netns/net2", O_RDONLY) = 5
setns(5, CLONE_NEWNET) = -1 EINVAL (invalid param)
write(2, "ERROR: Invalid argument\n", 24ERROR: Invalid argument
) = 24
exit_group(1) = ?
+++ exited with 1 +++
答案1
是的,有 Jiri Benc 的plotnetcfg
,它将生成总结主机网络接口和网桥(包括连接和网络命名空间)的图表: