自動目錄
mac的路由指令大致採用 netstat、route、networksetup 這三個來完成,圖形化管理程式在此並不適用。
查看路由
% netstat -rn -f inet
-r 顯示路由表
-n 用ip而不是網域名稱顯示
-f 網路協定 inet是ip4;inet6是ip6
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 172.16.0.1 UGScg en0
127 127.0.0.1 UCS lo0
127.0.0.1 127.0.0.1 UH lo0
169.254 link#4 UCS en0 !
172.16/21 link#4 UCS en0 !
172.16.0.1/32 link#4 UCS en0 !
172.16.0.1 90:6c:ac:50:11:8f UHLWIir en0 1193
172.16.0.11 ec:9b:8b:3c:3b:20 UHLWI en0 997
172.16.0.15 ec:9b:8b:3c:28:90 UHLWI en0 996
172.16.0.18 ec:9b:8b:9f:59:78 UHLWI en0 996
172.16.0.201 0:17:c8:62:68:3 UHLWI en0 1142
…略
Internet:
Destination Gateway Flags Netif Expire
default 172.16.0.1 UGScg en0
127 127.0.0.1 UCS lo0
127.0.0.1 127.0.0.1 UH lo0
169.254 link#4 UCS en0 !
172.16/21 link#4 UCS en0 !
172.16.0.1/32 link#4 UCS en0 !
172.16.0.1 90:6c:ac:50:11:8f UHLWIir en0 1193
172.16.0.11 ec:9b:8b:3c:3b:20 UHLWI en0 997
172.16.0.15 ec:9b:8b:3c:28:90 UHLWI en0 996
172.16.0.18 ec:9b:8b:9f:59:78 UHLWI en0 996
172.16.0.201 0:17:c8:62:68:3 UHLWI en0 1142
…略
表中的Gateway指的是閘道,link#4代表第4個連線
上面Flags代表的意義[1]如下:
1 RTF_PROTO1 Protocol specific routing flag #1
2 RTF_PROTO2 Protocol specific routing flag #2
3 RTF_PROTO3 Protocol specific routing flag #3
B RTF_BLACKHOLE Just discard packets (during updates)
b RTF_BROADCAST The route represents a broadcast address
C RTF_CLONING Generate new routes on use
c RTF_PRCLONING Protocol-specified generate new routes on use
D RTF_DYNAMIC Created dynamically (by redirect)
G RTF_GATEWAY Destination requires forwarding by intermediary
H RTF_HOST Host entry (net otherwise)
I RTF_IFSCOPE Route is associated with an interface scope
i RTF_IFREF Route is holding a reference to the interface
L RTF_LLINFO Valid protocol to link address translation
M RTF_MODIFIED Modified dynamically (by redirect)
m RTF_MULTICAST The route represents a multicast address
R RTF_REJECT Host or net unreachable
r RTF_ROUTER Host is a default router
S RTF_STATIC Manually added
U RTF_UP Route usable
W RTF_WASCLONED Route was generated as a result of cloning
X RTF_XRESOLVE External daemon translates proto to link address
Y RTF_PROXY Proxying; cloned routes will not be scoped
mac路由表中把二層和三層的都混在一起,透過flags來識別,有'L'的代表是二層的、'H'的代表是主機,有些意義我也不清楚沒研究。
查看 netwrok 代碼
% netstat -i
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
lo0 16384 <Link#1> 25939 0 25939 0 0
lo0 16384 127 localhost 25939 - 25939 - -
lo0 16384 localhost ::1 25939 - 25939 - -
lo0 16384 fe80::1%lo0 fe80:1::1 25939 - 25939 - -
gif0* 1280 <Link#2> 0 0 0 0 0
stf0* 1280 <Link#3> 0 0 0 0 0
en0 1500 <Link#4> 8c:85:90:cb:c8:f7 6608609 0 1432408 0 0
en0 1500 fe80::1404: fe80:4::1404:e476 6608609 - 1432408 - -
en0 1500 172.16/21 172.16.2.34 6608609 - 1432408 - -
en0 1500 2001:288:52 2001:288:5218:172 6608609 - 1432408 - -
en0 1500 2001:288:52 2001:288:5218:172 6608609 - 1432408 - -
en1 1500 <Link#5> 82:6d:f4:84:50:01 0 0 0 0 0
en2 1500 <Link#6> 82:6d:f4:84:50:00 0 0 0 0 0
bridge0 1500 <Link#7> 82:6d:f4:84:50:01 0 0 0 0 0
p2p0 2304 <Link#8> 0e:85:90:cb:c8:f7 0 0 0 0 0
awdl0 1484 <Link#9> 5e:6f:31:63:66:38 2027 0 167 0 0
lo0 16384 <Link#1> 25939 0 25939 0 0
lo0 16384 127 localhost 25939 - 25939 - -
lo0 16384 localhost ::1 25939 - 25939 - -
lo0 16384 fe80::1%lo0 fe80:1::1 25939 - 25939 - -
gif0* 1280 <Link#2> 0 0 0 0 0
stf0* 1280 <Link#3> 0 0 0 0 0
en0 1500 <Link#4> 8c:85:90:cb:c8:f7 6608609 0 1432408 0 0
en0 1500 fe80::1404: fe80:4::1404:e476 6608609 - 1432408 - -
en0 1500 172.16/21 172.16.2.34 6608609 - 1432408 - -
en0 1500 2001:288:52 2001:288:5218:172 6608609 - 1432408 - -
en0 1500 2001:288:52 2001:288:5218:172 6608609 - 1432408 - -
en1 1500 <Link#5> 82:6d:f4:84:50:01 0 0 0 0 0
en2 1500 <Link#6> 82:6d:f4:84:50:00 0 0 0 0 0
bridge0 1500 <Link#7> 82:6d:f4:84:50:01 0 0 0 0 0
p2p0 2304 <Link#8> 0e:85:90:cb:c8:f7 0 0 0 0 0
awdl0 1484 <Link#9> 5e:6f:31:63:66:38 2027 0 167 0 0
上面用<Link#1><Link#2><Link#3>...用作網路的群組名,其下的網路視為同一個群組,對照上面查看路由時顯示時一致,例如上面黃色的就屬於同一群組。
查看本身網路介面
ifconfig
新增/刪除路由(臨時)
以下設定在重開機後就消失
新增路由
# sudo route -nv add 10.0.0.0/8 10.16.1.254
# sudo route -n add -net 192.168.100.0/24 192.168.0.99
-n 跳過指定代表網段或主機
-v 顯示詳細內容
刪除路由
只要刪除網段即可
# sudo route delete 10.0.0.0
新增/刪除路由(永久)
使用 networksetup 指令來完成 [2]
查看現有網路服務
% networksetup -listallnetworkservices
An asterisk (*) denotes that a network service is disabled.
Wi-Fi
Wi-Fi-OFFICE
Thunderbolt Bridge
VPN
An asterisk (*) denotes that a network service is disabled.
Wi-Fi
Wi-Fi-OFFICE
Thunderbolt Bridge
VPN
查看網路順序
% networksetup -listnetworkserviceorder
An asterisk (*) denotes that a network service is disabled.
(1) Wi-Fi
(Hardware Port: Wi-Fi, Device: en0)
(2) Wi-Fi-OFFICE
(Hardware Port: Wi-Fi, Device: en0)
(3) Thunderbolt Bridge
(Hardware Port: Thunderbolt Bridge, Device: bridge0)
(4) VPN
(Hardware Port: com.fortinet.forticlient.macos.vpn, Device: )
An asterisk (*) denotes that a network service is disabled.
(1) Wi-Fi
(Hardware Port: Wi-Fi, Device: en0)
(2) Wi-Fi-OFFICE
(Hardware Port: Wi-Fi, Device: en0)
(3) Thunderbolt Bridge
(Hardware Port: Thunderbolt Bridge, Device: bridge0)
(4) VPN
(Hardware Port: com.fortinet.forticlient.macos.vpn, Device: )
這個指令 和->系統偏好設定->網路 看到的是一樣的
在網路服務VPN中設定路由
當這個服務生效時,路由自動會生效,同理,當此服務結束後,路由自動消失
networksetup -setadditionalroutes "VPN" 211.75.194.243 255.255.255.255 192.168.99.130
查看
networksetup -getadditionalroutes 'VPN'
清除設定
networksetup -setadditionalroutes "VPN"
此項設定在重開機後還是有效
參考資料
[2] 蛙蛙醬 https://blog.wawajohn.net/12206.html
END
