Skip to content

Instantly share code, notes, and snippets.

@blebo

blebo/mac-network-commands-terminal

Forked from jjnilton/mac-network-commands-cheat-sheet.md
Created October 2, 2020 02:45
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save blebo/b91b939bccfada6947ebc383b7902bbd to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save blebo/b91b939bccfada6947ebc383b7902bbd to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @jjnilton jjnilton renamed this gist Apr 21, 2016. 1 changed file with 0 additions and 0 deletions.
    0 mac network commands terminal → mac-network-commands-terminal
    View file
    File renamed without changes.
  2. @jjnilton jjnilton created this gist Feb 1, 2016.
    272 changes: 272 additions & 0 deletions mac network commands terminal
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,272 @@
    Mac Network Commands Cheat Sheet

    After writing up the presentation for MacSysAdmin in Sweden, I decided to go ahead and throw these into a quick cheat sheet for anyone who’d like to have them all in one place. Good luck out there, and stay salty.

    Get an ip address for en0:

    ipconfig getifaddr en0

    Same thing, but setting and echoing a variable:

    ip=`ipconfig getifaddr en0` ; echo $ip

    View the subnet mask of en0:

    ipconfig getoption en0 subnet_mask

    View the dns server for en0:

    ipconfig getoption en0 domain_name_server

    Get information about how en0 got its dhcp on:

    ipconfig getpacket en1

    View some network info:

    ifconfig en0

    Set en0 to have an ip address of 10.10.10.10 and a subnet mask of 255.255.255.0:

    ifconfig en0 inet 10.10.10.10 netmask 255.255.255.0

    Show a list of locations on the computer:

    networksetup -listlocations

    Obtain the active location the system is using:

    networksetup -getcurrentlocation

    Create a network location called Work and populate it with information from the active network connection:

    networksetup -createlocation Work populate

    Delete a network location called Work:

    networksetup -deletelocation Work

    Switch the active location to a location called Work:

    networksetup -switchlocation Work

    Switch the active location to a location called Work, but also show the GUID of that location so we can make scripties with it laters:

    scselect Work

    List all of the network interfaces on the system:

    networksetup -listallnetworkservices

    Rename the network service called Ethernet to the word Wired:

    networksetup -renamenetworkservice Ethernet Wired

    Disable a network interface:

    networksetup -setnetworkserviceenabled off

    Change the order of your network services:

    networksetup -ordernetworkservices “Wi-Fi” “USB Ethernet”

    Set the interface called Wi-Fi to obtain it if it isn’t already

    networksetup -setdhcp Wi-Fi

    Renew dhcp leases:

    ipconfig set en1 BOOTP && ipconfig set en1 DHCP
    ifconfig en1 down && ifconfig en1 up

    Renew a dhcp lease in a script:

    echo "add State:/Network/Interface/en0/RefreshConfiguration temporary" | sudo scutil

    Configure a manual static ip address:

    networksetup -setmanual Wi-Fi 10.0.0.2 255.255.255.0 10.0.0.1

    Configure the dns servers for a given network interface:

    networksetup -setdnsservers Wi-Fi 10.0.0.2 10.0.0.3

    Obtain the dns servers used on the Wi-Fi interface:

    networksetup -getdnsservers Wi-Fi

    Stop the application layer firewall:

    launchctl unload /System/Library/LaunchAgents/com.apple.alf.useragent.plist
launchctl unload /System/Library/LaunchDaemons/com.apple.alf.agent.plist

    Start the application layer firewall:

    launchctl load /System/Library/LaunchDaemons/com.apple.alf.agent.plist
launchctl load /System/Library/LaunchAgents/com.apple.alf.useragent.plist

    Allow an app to communicate outside the system through the application layer firewall:

    socketfilterfw -t
“/Applications/FileMaker Pro/FileMaker Pro.app/Contents/MacOS/FileMaker Pro”

    See the routing table of a Mac:

    netstat -nr

    Add a route so that traffic for 10.0.0.0/32 communicates over the 10.0.9.2 network interface:

    route -n add 10.0.0.0/32 10.0.9.2

    Log bonjour traffic at the packet level:

    sudo killall -USR2 mDNSResponder

    Stop Bonjour:

    launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist


    Start Bojour:

    launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

    Put a delay in your pings:

    ping -i 5 192.168.210.1

    Ping the hostname 5 times and then stop the ping:

    ping -c 5 google.com

    Flood ping the host:

    ping -f localhost

    Set the packet size during your ping:

    ping -s 100 google.com

    Customize the source IP during your ping:

    ping -S 10.10.10.11 google.com

    View disk performance:

    iostat -d disk0

    Get information about the airport connection on your system:

    /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -I

    Scan the available Wireless networks:

    /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -s

    Trace the path packets go through:

    traceroute google.com

    Trace the routes without looking up names:

    traceroute -n google.com

    Trace a route in debug mode:

    traceroute -d google.com

    View information on all sockets:

    netstat -at

    View network information for ipv6:

    netstat -lt

    View per protocol network statistics:

    netstat -s

    View the statistics for a specific network protocol:

    netstat -p igmp

    Show statistics for network interfaces:

    netstat -i

    View network information as it happens (requires ntop to be installed):

    ntop

    Scan port 80 of www.google.com

    /System/Library/CoreServices/Applications/Network\ Utility.app/Contents/Resources/stroke www.google.com 80 80

    Port scan krypted.com stealthily:

    nmap -sS -O krypted.com/24

    Establish a network connection with www.apple.com:

    nc -v www.apple.com 80

    Establish a network connection with gateway.push.apple.com over port 2195

    /usr/bin/nc -v -w 15 gateway.push.apple.com 2195

    Establish a network connection with feedback.push.apple.com only allowing ipv4

    /usr/bin/nc -v -4 feedback.push.apple.com 2196

    Setup a network listener on port 2196 for testing:

    /usr/bin/nc -l 2196

    Capture some packets:

    tcpdump -nS

    Capture all the packets:

    tcpdump -nnvvXS

    Capture the packets for a given port:

    tcpdump -nnvvXs 548

    Capture all the packets for a given port going to a given destination of 10.0.0.48:

    tcpdump -nnvvXs 548 dst 10.0.0.48

    Capture the packets as above but dump to a pcap file:

    tcpdump -nnvvXs 548 dst 10.0.0.48 -w /tmp/myfile.pcap

    Read tcpdump (cap) files and try to make them human readable:

    tcpdump -qns 0 -A -r /var/tmp/capture.pcap

    What binaries have what ports and in what states are those ports:

    lsof -n -i4TCP

    Make an alias for looking at what has a listener open, called ports:

    alias ports='lsof -n -i4TCP | grep LISTEN'

    Report back the name of the system:

    hostname

    Flush the dns cache:

    dscacheutil -flushcache

    Clear your arp cache:

    arp -ad

    View how the Server app interprets your network settings:

    serveradmin settings network

    Whitelist the ip address 10.10.10.2:

    /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -w 10.10.10.2