【B Solaris 常用命令及例子】
proc工具

$ ps
PID TTY TIME CMD
806 pts/3 0:00 ps
368 pts/3 0:00 sh
$ pflags 368
368: -sh
data model = _ILP32 flags = PR_ORPHAN
/1: flags = PR_PCINVAL

% pmap 823 //进程的地址空间分配，和需要执行的库
823: -csh
08043000 20K rw--- [ stack ]
08050000 128K r-x-- /usr/bin/csh
08070000 12K rwx-- /usr/bin/csh
08073000 68K rwx-- [ heap ]
DD9C0000 8K r-x-- /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
DD9D1000 4K rwx-- /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
DD9E0000 324K r-x-- /usr/lib/locale/zh_CN.GB18030/zh_CN.GB18030.so.2
DDA40000 8K rwx-- /usr/lib/locale/zh_CN.GB18030/zh_CN.GB18030.so.2
DDA60000 4K rwx-- [ anon ]
DDA70000 628K r-x-- /usr/lib/libc.so.1
DDB1D000 24K rwx-- /usr/lib/libc.so.1
DDB23000 4K rwx-- /usr/lib/libc.so.1
DDB30000 152K r-x-- /usr/lib/libcurses.so.1
DDB66000 28K rwx-- /usr/lib/libcurses.so.1
DDB6D000 8K rwx-- /usr/lib/libcurses.so.1
DDB80000 4K r-x-- /usr/lib/libdl.so.1
DDB90000 292K r-x-- /usr/lib/ld.so.1
DDBE9000 16K rwx-- /usr/lib/ld.so.1
DDBED000 8K rwx-- /usr/lib/ld.so.1
total 1740K

$ pldd 830 //与每个进程链接的动态库列表
830: -sh
/usr/lib/libgen.so.1
/usr/lib/libc.so.1
/usr/lib/libdl.so.1
/usr/lib/locale/zh_CN.GB18030/zh_CN.GB18030.so.2
/usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2

$ psig 830 //与进程相关的的信号列表
830: -sh
HUP caught done 0
INT caught 0x8059a30 0
QUIT caught 0x8059a30 0
ILL caught done 0
TRAP caught done 0
ABRT caught done 0
EMT caught done 0
FPE caught done 0
KILL default
BUS caught done 0
SEGV caught 0x8059f70 ONSTACK,SIGINFO

$ pstack 830 //以十六进制格式查看进程堆栈跟踪
830: -sh
ddacedf7 waitid (0, 353, 8047d40, 83)
ddaeeea7 _waitpid (353, 8047df8, 80)66
ddb30581 waitpid (353, 8047df8, 80)21
08062319 ???????? (8078c44)
08062cef postjob (353, 1)ce
0805d1e9 execute (8079374, 0, 0)801
08055b61 ???????? (0)
080559b5 main (1, 8047eb4, 8047ebc)4d9
08055427 ???????? ()

$ pfiles 830 //每个进程所打开的所有文件
830: -sh
Current rlimit: 256 file descriptors
0: S_IFCHR mode:0620 dev:102,0 ino:853 uid:1001 gid:7 rdev:24,2
O_RDWR
1: S_IFCHR mode:0620 dev:102,0 ino:853 uid:1001 gid:7 rdev:24,2
O_RDWR
2: S_IFCHR mode:0620 dev:102,0 ino:853 uid:1001 gid:7 rdev:24,2
O_RDWR

$ pwdx 830 //获取该进程当前的工作目录
830: /export/home/wing
$ ptree 830 //获父进程与子进程的关系
179 /usr/sbin/inetd -s
828 in.telnetd
830 -sh
854 ptree 830



lsof 工具-需下载安装，本身没有自带




软件管理
pkgadd
#pkgadd -d /tem softwarename
软件名gpw-6.94-sol8-intel-local.gz
#gunzip gpw-6.94-sol8-intel-local.gz
#head gpw-6.94-sol8-intel-local.gz //查看文件的版本信息
#pkgadd -d gpw-6.94-sol8-intel-local.gz
install
#install -c /opt/scripts -m 0755 -u bin -g sysadmin /tmp/setup_script
//目标路径 权限 用户 组 源路径
pkginfo
#pkginfo //安装了的软件包
pkgchk
#pkgchk pkginst //检查软件包的完整性
#pkgchk -f pkginst //处理软件包问题
#pkgchk -n pkginst //忽略包的不稳定性
#pkgchk -l -p /usr/bin/mydir //获取已安装文件的包属性
pkgrm
#pkgrm pkginst //删除软件包
#pkgrm pkginst1 pkginst2 //同时删除多个包
showrev
#showrev -p //显示已安装的补丁

patchadd
#patchadd patchname //安装补丁
#patchadd -M patch1 patch2 //同时安装多个补丁
#patchadd -d -R /export/mars /var/spool/patch/11102-12
//目的 源路径
//不允许对补丁安装进行现场恢复

补丁安装实例
2.6_Recommended.tar.z 补丁名
1
#df -k dir //查看该目录的大小
#tar xvf 2.6_Recommended.tar.z
#./install


参数 功能
-B 指定存储恢复现场信息的目录，而不是默认目录
-C 如果需要，指定需要打补丁的网络安装映象的路径
-d 不接受可恢复现场的补丁安装
-M 指定定位补丁的可选目录
-p 打印所有已安装的补丁列表
-u 不让文件安装生效
-R 为客户安装指定可选根目录
-S 从服务器为客户端安装补丁，客户机共享服务器操作系统目录


patchrm
#patchrm patchname // 删除补丁
#patchrm -C /export/Solaris_2.9/tools/1065-15
//从客户端系统删除补丁

引导和启动过程、ok模式
#shutdown
#reboot
#init 0
#boot -r

ok setenv boot-device disk //将默认的启动设备改为disk
boot-device = disk

ok printenv boot-device //验正启动设备
boot-device disk disk

ok reset

ok test net //测试回路网络设备
ok watch-clock //测试时钟设备
ok boot -r //重新引导系统
ok boot net //从网络启动
ok boot cdrom //从光盘启动
ok boot floppy //从软盘启动
ok boot tape //从磁带引导系统
ok watch-net //检查网络是否联通
ok probe-scsi //检查系统检测出的所有磁盘设备，并得到可用的设备列表
ok banner //检测内存、系统固件的openboot版本信息
ok boot -s //进入单用户模式
#reboot -l -- -r //重新引导不在系统日记里记录
#shutdown - i 0 -g 120 -y
#sync;init 0
#traceroute www.abc.com


wall
#wall

init
#init q //重新初始化运行级别
#init 0 //硬件维护模式
#init 1 //单用户模式
#init 2 //NFS不可用
#init 3 //NFS可用
#init 4 //用户定义状态
#init 5 //关闭系统电源
#init 6 //挂起操作系统
#init s //进入管理状态

网络配置

etc/hostname.interface //是这块网卡的名字或机器的名字
# cat hostname.pcn0
wing

# cat hosts
#
# Internet host table
#
127.0.0.1 localhost
192.168.0.11 wing
# hostname
wing

# cat netmasks
192.168.0.0 255.255.255.0

＃ifconfig le0 172.16.255.1 netmask 255.255.255.0

配置网络端口状态
＃ifconfig le0 up/down
配置网络端口是否可用
＃ifconfig le0 plumb/unplumb
#ifconfig -a 这个地址只有root用户使用时才显示 。如果一个非root用户使用ifconfig命令，那么只有IP地址
# ifconfig -a
lo0: flags=1000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
hme0: flags=1000843 mtu 1500 index 2
inet 192.168.10.25 netmask ffffff00 broadcast 192.168.10.255
ether 8:0:20:a2:11:de
#

#ifconfig le0 192.168.0.3 netmask 255.255.255.0 broadcast 192.168.0.255 up
banner
你也可以在系统还没有启动时在ok提示符下敲入banner来找到Mac地址,CPU 型号和频率 。
ok banner

un Ultra 5/10 UPA/PCI (UltraSPARC-IIi 300MHz), Keyboard Present
OpenBoot 3.1.1 64 MB memory installed, Serial #9361102.
Ethernet address 8:0:20:8e:d6:ce, HostID: 808ed6ce.


# arp -a //登陆用户

Net to Media Table: IPv4
Device IP Address Mask Flags Phys Addr
------ -------------------- --------------- ----- ---------------
pcn0 192.168.0.1 255.255.255.255 00:03:0f:fd:6d:0c
pcn0 wing 255.255.255.255 SP 00:0c:29:19:a1:54
pcn0 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00


# netstat // 网络状态

TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
wing.telnet 192.168.0.1.1030 7168 0 66608 0 ESTABLISHED
wing.telnet 192.168.0.1.1032 6253 1 66608 0 ESTABLISHED

Active Unix domain sockets
Address Type Vnode Conn Local Addr Remote Addr
df187cc0 stream-ord dee4c1c0 00000000 /tmp/.X11-unix/X0
df187de8 stream-ord 00000000 00000000
#

# netstat -r //查看路由表

Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 wing U 1 3 pcn0
224.0.0.0 wing U 1 0 pcn0
default wing UG 1 0
localhost localhost UH 2 6 lo0

# netstat -g

Group Memberships: IPv4
Interface Group RefCnt
--------- -------------------- ------
lo0 224.0.0.1 1
pcn0 224.0.0.1 1


# netstat -p

Net to Media Table: IPv4
Device IP Address Mask Flags Phys Addr
------ -------------------- --------------- ----- ---------------
pcn0 192.168.0.1 255.255.255.255 00:03:0f:fd:6d:0c
pcn0 solaris9 255.255.255.255 SP 00:0c:29:80:4c:0a
pcn0 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00
#


# netstat -s

RAWIP
rawipInDatagrams = 0 rawipInErrors = 0
rawipInCksumErrs = 0 rawipOutDatagrams = 0
rawipOutErrors = 0

UDP
udpInDatagrams = 923 udpInErrors = 0
udpOutDatagrams = 928 udpOutErrors = 0

TCP tcpRtoAlgorithm = 4 tcpRtoMin = 400
tcpRtoMax = 60000 tcpMaxConn = -1
tcpActiveOpens = 18 tcpPassiveOpens = 21
tcpAttemptFails = 0 tcpEstabResets = 0
tcpCurrEstab = 31 tcpOutSegs = 715
tcpOutDataSegs = 524 tcpOutDataBytes = 52210
tcpRetransSegs = 0 tcpRetransBytes = 0
tcpOutAck = 191 tcpOutAckDelayed = 90
tcpOutUrg = 0 tcpOutWinUpdate = 0
tcpOutWinProbe = 0 tcpOutControl = 47
tcpOutRsts = 0 tcpOutFastRetrans = 0
tcpInSegs = 925
tcpInAckSegs = 505 tcpInAckBytes = 52216
tcpInDupAck = 7 tcpInAckUnsent = 0
tcpInInorderSegs = 524 tcpInInorderBytes = 45645
tcpInUnorderSegs = 0 tcpInUnorderBytes = 0
tcpInDupSegs = 0 tcpInDupBytes = 0
tcpInPartDupSegs = 0 tcpInPartDupBytes = 0
tcpInPastWinSegs = 0 tcpInPastWinBytes = 0
tcpInWinProbe = 0 tcpInWinUpdate = 0
tcpInClosed = 0 tcpRttNoUpdate = 0
tcpRttUpdate = 497 tcpTimRetrans = 0
tcpTimRetransDrop = 0 tcpTimKeepalive = 0
tcpTimKeepaliveProbe= 0 tcpTimKeepaliveDrop = 0
tcpListenDrop = 0 tcpListenDropQ0 = 0
tcpHalfOpenDrop = 0 tcpOutSackRetrans = 0

IPv4 ipForwarding = 2 ipDefaultTTL = 255
ipInReceives = 422 ipInHdrErrors = 0
ipInAddrErrors = 0 ipInCksumErrs = 0
ipForwDatagrams = 0 ipForwProhibits = 0
ipInUnknownProtos = 0 ipInDiscards = 0
ipInDelivers = 1832 ipOutRequests = 265
ipOutDiscards = 0 ipOutNoRoutes = 0
ipReasmTimeout = 60 ipReasmReqds = 0
ipReasmOKs = 0 ipReasmFails = 0
ipReasmDuplicates = 0 ipReasmPartDups = 0
ipFragOKs = 0 ipFragFails = 0
ipFragCreates = 0 ipRoutingDiscards = 0
tcpInErrs = 0 udpNoPorts = 20
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipsecInSucceeded = 0
ipsecInFailed = 0 ipInIPv6 = 0
ipOutIPv6 = 0 ipOutSwitchIPv6 = 8

IPv6 ipv6Forwarding = 2 ipv6DefaultHopLimit = 255
ipv6InReceives = 0 ipv6InHdrErrors = 0
ipv6InTooBigErrors = 0 ipv6InNoRoutes = 0
ipv6InAddrErrors = 0 ipv6InUnknownProtos = 0
ipv6InTruncatedPkts = 0 ipv6InDiscards = 0
ipv6InDelivers = 0 ipv6OutForwDatagrams= 0
ipv6OutRequests = 0 ipv6OutDiscards = 0
ipv6OutNoRoutes = 0 ipv6OutFragOKs = 0
ipv6OutFragFails = 0 ipv6OutFragCreates = 0
ipv6ReasmReqds = 0 ipv6ReasmOKs = 0
ipv6ReasmFails = 0 ipv6InMcastPkts = 0
ipv6OutMcastPkts = 0 ipv6ReasmDuplicates = 0
ipv6ReasmPartDups = 0 ipv6ForwProhibits = 0
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipv6InIPv4 = 0
ipv6OutIPv4 = 0 ipv6OutSwitchIPv4 = 0

ICMPv4 icmpInMsgs = 5 icmpInErrors = 0
icmpInCksumErrs = 0 icmpInUnknowns = 0
icmpInDestUnreachs = 5 icmpInTimeExcds = 0
icmpInParmProbs = 0 icmpInSrcQuenchs = 0
icmpInRedirects = 0 icmpInBadRedirects = 0
icmpInEchos = 0 icmpInEchoReps = 0
icmpInTimestamps = 0 icmpInTimestampReps = 0
icmpInAddrMasks = 0 icmpInAddrMaskReps = 0
icmpInFragNeeded = 0 icmpOutMsgs = 5
icmpOutDrops = 0 icmpOutErrors = 0
icmpOutDestUnreachs = 5 icmpOutTimeExcds = 0
icmpOutParmProbs = 0 icmpOutSrcQuenchs = 0
icmpOutRedirects = 0 icmpOutEchos = 0
icmpOutEchoReps = 0 icmpOutTimestamps = 0
icmpOutTimestampReps= 0 icmpOutAddrMasks = 0
icmpOutAddrMaskReps = 0 icmpOutFragNeeded = 0
icmpInOverflows = 0

ICMPv6 icmp6InMsgs = 0 icmp6InErrors = 0
icmp6InDestUnreachs = 0 icmp6InAdminProhibs = 0
icmp6InTimeExcds = 0 icmp6InParmProblems = 0
icmp6InPktTooBigs = 0 icmp6InEchos = 0
icmp6InEchoReplIEs = 0 icmp6InRouterSols = 0
icmp6InRouterAds = 0 icmp6InNeighborSols = 0
icmp6InNeighborAds = 0 icmp6InRedirects = 0
icmp6InBadRedirects = 0 icmp6InGroupQueries = 0
icmp6InGroupResps = 0 icmp6InGroupReds = 0
icmp6InOverflows = 0
icmp6OutMsgs = 0 icmp6OutErrors = 0
icmp6OutDestUnreachs= 0 icmp6OutAdminProhibs= 0
icmp6OutTimeExcds = 0 icmp6OutParmProblems= 0
icmp6OutPktTooBigs = 0 icmp6OutEchos = 0
icmp6OutEchoReplies = 0 icmp6OutRouterSols = 0
icmp6OutRouterAds = 0 icmp6OutNeighborSols= 0
icmp6OutNeighborAds = 0 icmp6OutRedirects = 0
icmp6OutGroupQueries= 0 icmp6OutGroupResps = 0
icmp6OutGroupReds = 0

IGMP:
0 messages received
0 messages received with too few bytes
0 messages received with bad checksum
0 membership queries received
0 membership queries received with invalid field(s)
0 membership reports received
0 membership reports received with invalid field(s)
0 membership reports received for groups to which we belong
0 membership reports sent


# netstat -M

Virtual Interface Table is empty

Multicast Forwarding Cache is empty

#


# netstat -r //网络接口状态

Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 solaris9 U 1 1 pcn0
192.168.0.0 address2 U 1 0 pcn0:1
224.0.0.0 solaris9 U 1 0 pcn0
default 192.168.0.1 UG 1 0
localhost localhost UH 2 6 lo0
# netstat -rn

Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 192.168.0.3 U 1 1 pcn0
192.168.0.0 192.168.0.5 U 1 0 pcn0:1
224.0.0.0 192.168.0.3 U 1 0 pcn0
default 192.168.0.1 UG 1 0
127.0.0.1 127.0.0.1 UH 2 6 lo0
#


# netstat -i 1 5
input pcn0 output input (Total) output
packets errs packets errs colls packets errs packets errs colls
1187 0 1318 0 0 3699 0 3830 0 0
4 0 4 0 0 4 0 4 0 0
3 0 3 0 0 5 0 5 0 0
4 0 4 0 0 4 0 4 0 0
3 0 4 0 0 5 0 6 0 0
#

snoop

# snoop -c 3 //抓取3IP包
Using device /dev/pcn0 (promiscuous mode)
192.168.0.1 -> solaris9 TELNET C port=3013
solaris9 -> 192.168.0.1 TELNET R port=3013 Using device /dev/pc
192.168.0.1 -> solaris9 TELNET C port=3013
3 packets captured
#


# snoop -v -c 2 //抓取两个详细的IP包 。
Using device /dev/pcn0 (promiscuous mode)
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 1 arrived at 1:43:41.42
ETHER: Packet size = 60 bytes
ETHER: Destination = 0:c:29:80:4c:a,
ETHER: Source = 0:3:f:fd:6d:c,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = not ECN capable transport
IP: .... ...0 = no ECN congestion experienced
IP: Total length = 40 bytes
IP: Identification = 1627
IP: Flags = 0x4
IP: .1.. .... = do not fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 128 seconds/hops
IP: Protocol = 6 (TCP)
IP: Header checksum = 7320
IP: Source address = 192.168.0.1, 192.168.0.1
IP: Destination address = 192.168.0.3, solaris9
IP: No options
IP:
TCP: ----- TCP Header -----
TCP:
TCP: Source port = 3013
TCP: Destination port = 23 (TELNET)
TCP: Sequence number = 769864152
TCP: Acknowledgement number = 52297913
TCP: Data offset = 20 bytes
TCP: Flags = 0x10
TCP: 0... .... = No ECN congestion window reduced
TCP: .0.. .... = No ECN echo
TCP: ..0. .... = No urgent pointer
TCP: ...1 .... = Acknowledgement
TCP: .... 0... = No push
TCP: .... .0.. = No reset
TCP: .... ..0. = No Syn
TCP: .... ...0 = No Fin
TCP: Window = 17292
TCP: Checksum = 0x7b85
TCP: Urgent pointer = 0
TCP: No options
TCP:
TELNET: ----- TELNET: -----
TELNET:
TELNET: ""
TELNET:

ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 2 arrived at 1:43:41.42
ETHER: Packet size = 97 bytes
ETHER: Destination = 0:3:f:fd:6d:c,
ETHER: Source = 0:c:29:80:4c:a,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = not ECN capable transport
IP: .... ...0 = no ECN congestion experienced
IP: Total length = 83 bytes
IP: Identification = 50744
IP: Flags = 0x4
IP: .1.. .... = do not fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 60 seconds/hops
IP: Protocol = 6 (TCP)
IP: Header checksum = f717
IP: Source address = 192.168.0.3, solaris9
IP: Destination address = 192.168.0.1, 192.168.0.1
IP: No options
IP:
TCP: ----- TCP Header -----
TCP:
TCP: Source port = 23
TCP: Destination port = 3013
TCP: Sequence number = 52297913
TCP: Acknowledgement number = 769864152
TCP: Data offset = 20 bytes
TCP: Flags = 0x18
TCP: 0... .... = No ECN congestion window reduced
TCP: .0.. .... = No ECN echo
TCP: ..0. .... = No urgent pointer
TCP: ...1 .... = Acknowledgement
TCP: .... 1... = Push
TCP: .... .0.. = No reset
TCP: .... ..0. = No Syn
TCP: .... ...0 = No Fin
TCP: Window = 64240
TCP: Checksum = 0xd1f6
TCP: Urgent pointer = 0
TCP: No options
TCP:
TELNET: ----- TELNET: -----
TELNET:
TELNET: "Using device /dev/pcn0 (promiscuous mode)rn"
TELNET:

2 packets captured
#

# snoop host1 host2
host1 -> host2 ICMP Echo request
host2 -> host1 ICMP Echo reply
使用snoop实用程序判定系统间实际上传送的什么信，判断网络畅通
# snoop -a dhcp

Snoop 的使用
Snoop 是Solaris 系统中自带的工具，是一个用于显示网络通讯的程序，它
可捕获IP 包并将其显示或保存到指定文件. (限超级用户使用snoop)
Snoop 可将捕获的包以一行的形式加以总结或用多行加以详细的描述(有
调用不同的参数-v -V来实现). 在总结方式下(-V ) , 将仅显示最高层的相关协
议, 例如一个NFS 包将仅显示NFS 信息, 其低层的RPC, UDP, IP, Ethernet 帧信息将不会显示, 但是当加上相应的参数(-v ), 这些信息都能被显示出来.
参数简介：
[ -a ] # Listen to packets on audio
[ -d device ] # settable to le?, ie?, bf?, tr?
[ -s snaplen ] # Truncate packets
[ -c count ] # Quit after count packets
[ -P ] # Turn OFF promiscuous mode
[ -D ] # Report dropped packets
[ -S ] # Report packet size
[ -i file ] # Read previously captured packets
[ -o file ] # Capture packets in file
[ -n file ] # Load addr-to-name table from file
[ -N ] # Create addr-to-name table
[ -t r|a|d ] # Time: Relative, Absolute or Delta
[ -v ] # Verbose packet display
[ -V ] # Show all summary lines
[ -p first[,last] ] # Select packet(s) to display
[ -x offset[,length] ] # Hex dump from offset for length
[ -C ] # Print packet filter code
由于snoop 的使用非常灵活, 希望能通过下面一些例子的学习来其常见用法.
1. 监听所有以本机为源和目的的包并将其显示出来.
# snoop
2. 监听所有以主机A为源和目的的包并将其显示出来. ( A为主机名, 下同)
- 2 -
# snoop A
3. 监听所有A和B之间的包并将其保存到文件file.
# snoop -o file A B
4. 显示文件file 中指定的包(99-108)
# snoop - i file -p 99,108
99 0.0027 boutique -> sunroof NFS C GETATTR FH=8E6C
100 0.0046 sunroof -> boutique NFS R GETATTR OK
101 0.0080 boutique -> sunroof NFS C RENAME FH=8E6C MTra00192
to .nfs08
102 0.0102 marmot -> viper NFS C LOOKUP FH=561E screen.r.13.i386
103 0.0072 viper -> marmot NFS R LOOKUP No such file or Directory
104 0.0085 bugbomb -> sunroof RLOGIN C PORT=1023 h
105 0.0005 kandinsky -> sparky RSTAT C Get Statistics
106 0.0004 beeblebrox -> sunroof NFS C GETATTR FH=0307
107 0.0021 sparky -> kandinsky RSTAT R
108 0.0073 Office -> jeremiah NFS C READ FH=2584 at 40960 for 8192
5. 详细查看文件file 中第101 个包:
# snoop - i file - v -p101
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 101 arrived at 16:09:53.59
ETHER: Packet size = 210 bytes
ETHER: Destination = 8:0:20:1:3d:94, Sun
ETHER: Source = 8:0:69:1:5f:e, Silicon Graphics
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: ..0. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 196 bytes
IP: Identification 19846
IP: Flags = 0X
IP: .0.. .... = may fragment
IP: ..0. .... = more fragments
?
- 3 -
?
6. 查看主机A和主机B之间的NFS 包(命令中的and 和or 为相应的逻辑运
算)
# snoop - i file rpc nfs and A and B
1 0.0000 A -> B NFS C GETATTR FH=8E6C
2 0.0046 B -> A NFS R GETATTR OK
3 0.0080 A -> B NFS C RENAME FH=8E6C MTra00192 to .nfs08
7. 将这些符合条件的包保存到另一文件file2 中:
# snoop - i file -o file2 rpc nfs A B
8. 监听主机A和主机B间所有TCP 80 端口或UDP80端口的包
# snoop A and B and (tcp or udp) and port 80
9. 监听所有的广播包
# snoop broadcast
Using device /dev/hme (promiscuous mode)
10.10.10.50 -> BROADCAST UDP D=177 S=2541 LEN=35
10.10.10.50 -> BROADCAST UDP D=177 S=2541 LEN=35
10.10.10.50 -> BROADCAST UDP D=177 S=2541 LEN=35
10. 监听所有的多播包, 并显示详细内容.
#snoop -v multicast
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 1 arrived at 12:33:2.16
ETHER: Packet size = 69 bytes
ETHER: Destination = ff:ff:ff:ff:ff:ff, (broadcast)
ETHER: Source = 0:4:76:46:8f:50,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
- 4 -
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 55 bytes
IP: Identification = 14658
IP: Flags = 0x0
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 128 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = ed38
IP: Source address = 10.10.10.50, 10.10.10.50
IP: Destination address = 255.255.255.255, BROADCAST
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 2541
UDP: Destination port = 177
UDP: Length = 35
UDP: Checksum = 8E35
UDP:
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 2 arrived at 12:33:12.16
ETHER: Packet size = 69 bytes
ETHER: Destination = ff:ff:ff:ff:ff:ff, (broadcast)
ETHER: Source = 0:4:76:46:8f:50,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 55 bytes
IP: Identification = 14985
IP: Flags = 0x0
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 128 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = ebf1
IP: Source address = 10.10.10.50, 10.10.10.50
- 5 -
IP: Destination address = 255.255.255.255, BROADCAST
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 2541
UDP: Destination port = 177
UDP: Length = 35
UDP: Checksum = 8E35
UDP:
11．监听所有的NTP 协议包
# snoop |grep - i NTP
Using device /dev/hme (promiscuous mode)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:48:50 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:49:54 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:50:58 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:52:02 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:53:06 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:54:10 2002)
这里我们也可看到NTP server 每隔约一分钟即向多播地址广播一次.

date
# date
2003年10月12日 星期日 10时04分16秒 CST
（CST是Chinese Standard Time的缩写）
# date 10121003 设置时间为10月12日10时03分

设备管理

软盘
#volcheck
fdformat [-dDeEfHlLmMUqvx] [-b label] [-B filename] [-t Dos-
type] [devname] //格式化

prtconf
# prtconf //配置信息
System Configuration: Sun Microsystems i86pc
Memory size: 128 Megabytes //内存
System Peripherals (Software Nodes):

i86pc
boot (driver not attached)
memory (driver not attached)
aliases (driver not attached)
chosen (driver not attached)
i86pc-memory (driver not attached)
i86pc-mmu (driver not attached)
openprom (driver not attached)
options, instance #0
packages (driver not attached)
delayed-writes (driver not attached)
itu-props (driver not attached)
isa, instance #0
motherboard (driver not attached)
asy, instance #0
asy, instance #1
lp (driver not attached)
fdc, instance #0
fd, instance #0
fd, instance #1 (driver not attached)
i8042, instance #0
keyboard, instance #0
mouse, instance #0
PNP0C02 (driver not attached)
PNP0C02 (driver not attached)
PNP0C02 (driver not attached)
bios (driver not attached)
bios (driver not attached)
bios (driver not attached)
pci, instance #0
pci15ad,1976 (driver not attached)
pci8086,7191 (driver not attached)
pci15ad,1976 (driver not attached)
pci-ide, instance #0
ide, instance #0
cmdk, instance #0
ide, instance #1
sd, instance #0
pci15ad,1976, instance #0
pci15ad,1976 (driver not attached)
display, instance #0
pci1022,2000, instance #0
pci1274,1371 (driver not attached)
used-resources (driver not attached)
objmgr, instance #0
cpus (driver not attached)
cpu, instance #0 (driver not attached)
pseudo, instance #0
#
# prtconf | grep Memory //查看内存
Memory size: 128 Megabytes





arch
# arch -k //了解体系结构
i86pc
uname
# uname -m
i86pc
# uname
SunOS
# uname -a
SunOS wing 5.9 Generic_112234-03 i86pc i386 i86pc


eject
#eject floppy

eeprom
#eeprom selftest -#megs=64 //修改系统自检到的内存数

sysdef
#sysdef //更详细的体系机构

df
# df -k //显示当前所有已安装的文件系统上的文件数目和空闲块的数目
文件系统 千字节 用了 可用 容量 挂接在
/dev/dsk/c0d0s0 63127 36143 20672 64% /
/dev/dsk/c0d0s6 1201014 768820 372144 68% /usr
/proc 0 0 0 0% /proc
mnttab 0 0 0 0% /etc/mnttab
fd 0 0 0 0% /dev/fd
/dev/dsk/c0d0s3 55047 25258 24285 51% /var
swap 651040 24 651016 1% /var/run
swap 651016 0 651016 0% /tmp
/dev/dsk/c0d0s5 24239 15 21801 1% /opt
/dev/dsk/c0d0s7 2691830 122 2637872 1% /export/home
/dev/dsk/c0d0s1 462639 306816 109560 74% /usr/openwin
# df -a //打印所有文件系统的信息
/ (/dev/dsk/c0d0s0 ): 53968 块 30100 文件
/usr (/dev/dsk/c0d0s6 ): 864388 块 261705 文件
/proc (/proc ): 0 块 1878 文件
/etc/mnttab (mnttab ): 0 块 0 文件
/dev/fd (fd ): 0 块 0 文件
/var (/dev/dsk/c0d0s3 ): 59578 块 25450 文件
/var/run (swap ): 1
请大家多多捧场学习

• 10个最常用 Windows Vista运行命令
• 常用的房屋设计软件有哪些 常用的房屋设计用什么软件呢
• Android Studio快捷键如何设置 常用快捷键设置方法介绍
• Windows Vista系统实用命令行小百科
• Vista系统实用命令行小百科
• Windows Vista实用命令行小百科
• 想看见碎片整理全过程只要一条命令
• 海浪的寓意和象征 海浪的寓意是什么
• 轻松玩Vista！常用FTP工具兼容测试
• 电脑常用快捷键有多少 常用快捷键大全分享