network

• check information

  • get interface

  • get ip address

  • get mac address

  • get interface information

  • find local device ip address

• networksetup

  • show network information

  • change order of networks

  • list hardware

  • list localtion

• wifi

  • scan available wifi network

  • disable ipv6

  • show network connection history

  • get wifi password

• DNS

  • firewall

• route

  • check route

  • add a static route item

  • delete a static route

• vpn

  • proxy setup

check information

[!NOTE|label:references:]

• * imarslo : linux/network

$ scutil --nwi
Network information

IPv4 network interface information
     en8 : flags      : 0x5 (IPv4,DNS)
           address    : 10.1.1.1
           reach      : 0x00000002 (Reachable)
     en0 : flags      : 0x5 (IPv4,DNS)
           address    : 192.168.6.55
           reach      : 0x00000002 (Reachable)

   REACH : flags 0x00000002 (Reachable)

IPv6 network interface information
   No IPv6 states found

   REACH : flags 0x00000000 (Not Reachable)

Network interfaces: en8 en0

get interface

[!NOTE|label:references:]

• * iMarslo: get interface

• #340 - Multiple unused utun interfaces after macOS upgrade

• Who creates utun0 adapter?

# default route
$ ip route get $(dig +short github.com | head -1) | sed -rn 's|.*dev\s+(\S+)\s+src.*$|\1|p')
# or
$ ip route get $(nslookup "${githubIp}" | grep Server | awk -F' ' '{print $NF}') | sed -rn 's|.*dev\s+(\S+)\s+src.*$|\1|p'
en8

# all active interface
$ netstat -nr | grep -E 'UG|UGSc' | grep -E '^0.0.0|default' | grep -E '[0-9.]{7,15}' | awk '{print $NF}'
en0
en8
# osx 15.0
$ netstat -nr | command grep -E '^0.0.0|^default|UG|UGScg' | awk '$2 ~ /([0-9]{1,3}\.){3}[0-9]{1,3}/' | awk '{print $NF}'
en8
en0

$ networksetup -listnetworkserviceorder | grep --color=none 'Hardware Port' | awk -F'(, )|(: )|[)]' '{print $2, "~>", $4}'
USB 10/100/1000 LAN ~> en8
Wi-Fi ~> en0
Thunderbolt Bridge ~> bridge0

• get default interface

  $ ip route get 1.1.1.1 | sed -n -re 's/.+via.+dev ([0-9a-zA-Z]+) src.+$/\1/p'
  en8

• list all interfaces

  $ /sbin/ifconfig | grep --color=none flags=8863 | grep -v bridge
  en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  en8: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  
  # or
  $ scutil --nwi | awk -F': ' '/Network interfaces/ {print $2;exit;}'
  en8 en0

get ip address

$ ipAddr=$(/usr/local/bin/ip a s "${interface}" | sed -rn 's|\W*inet[^6]\W*([0-9\.]{7,15}).*$|\1|p')
# or via `/sbin/ifconfig`
$ ipAddr=$(/sbin/ifconfig "${interface}" | sed -rn 's|^\s+inet\s+([0-9\.]+))

get mac address

$ ip link show ${interface} | sed -rn 's|.*ether ([0-9a-fA-F:]{17}).*$|\1|p' | sed 's|:||g' | tr [a-z] [A-Z]

get interface information

#!/bin/bash

while read -r line; do
    sname=$(echo "$line" | awk -F "(, )|(: )|[)]" '{print $2}')
    sdev=$(echo "$line" | awk -F "(, )|(: )|[)]" '{print $4}')
    # echo "Current service: $sname, $sdev, $currentservice"
    if [ -n "$sdev" ]; then
        ifout="$(/sbin/ifconfig "$sdev" 2>/dev/null)"
        echo "$ifout" | grep 'status: active' > /dev/null 2>&1
        rc="$?"
        if [ "$rc" -eq 0 ]; then
            currentservice="$sname"
            currentdevice="$sdev"
            currentip=$(echo "${ifout}" | sed -rn 's|^\s+inet\s+([0-9\.]+).*$|\1|p')
            currentmac=$(echo "$ifout" | awk '/ether/{print $2}')
            # may have multiple active devices, so echo it here
            echo "$currentservice, $currentdevice, $currentmac, ${currentip}"
        fi
    fi
done <<< "$(networksetup -listnetworkserviceorder | grep --color=none 'Hardware Port')"

find local device ip address

$ arp -a

networksetup

show network information

$ networksetup -listnetworkserviceorder
An asterisk (*) denotes that a network service is disabled.
(1) USB 10/100/1000 LAN
(Hardware Port: USB 10/100/1000 LAN, Device: en7)

(2) Wi-Fi
(Hardware Port: Wi-Fi, Device: en0)

...

# or
$ networksetup -listallnetworkservices
An asterisk (*) denotes that a network service is disabled.
USB 10/100/1000 LAN
Wi-Fi
Bluetooth PAN
Thunderbolt Bridge

change order of networks

$ networksetup -ordernetworkservices "Wi-Fi" "Ethernet" "USB Ethernet"

list hardware

$ networksetup -listallhardwareports

# list detail of hardware
$ networksetup -getinfo 'USB 10/100/1000 LAN'
DHCP Configuration
IP address: 192.168.1.10
Subnet mask: 255.255.255.0
Router: 192.168.1.1
Client ID:
IPv6: Automatic
IPv6 IP address: none
IPv6 Router: none
Ethernet Address: **:**:**:**:**:**

# or: https://apple.stackexchange.com/a/368047/254265
$ system_profiler SPAirPortDataType
Wi-Fi:

      Software Versions:
      ...

list localtion

$ networksetup -listlocations
work
automatic
home

$ networksetup -getcurrentlocation
automatic

# create
$ networksetup -createlocation <name>

# delete
$ networksetup -deletelocation <name>

# switch localtion
$ networksetup -switchtolocation <name>

wifi

[!NOTE|label:references:]

• Mac Terminal WIFI Commands

• get wifi name

  $ networksetup -getairportnetwork en0
  Current Wi-Fi Network: WLAN-PUB

• get wifi interface

  $ system_profiler SPAirPortDataType | awk -F: '/Interfaces:/{getline; print $1;}'
    en0
  
  $ ifconfig -i $(system_profiler SPAirPortDataType | awk -F: '/Interfaces:/{getline; print $1;}')
  en0 (6):
    inet address  172.16.5.27
    netmask       255.255.0.0
    broadcast     172.16.255.255
    flags         UP BROADCAST NOTRAILERS RUNNING SIMPLEX MULTICAST
    mtu           1500

• get current Wifi network

  $ networksetup -getairportnetwork en0
  Current Wi-Fi Network: WLAN-PUB
  
  $ system_profiler SPAirPortDataType | awk -F':' '/Current Network Information:/ {
        getline
        sub(/^ */, "")
        sub(/:$/, "")
        print
    }'
  WLAN-PUB
  Network Type: Infrastructure

• connect to another

  $ networksetup -setairportnetwork en0 WLAN-PUB <wifi-password>
  $ networksetup -getairportnetwork en0
  Current Wi-Fi Network: WLAN-PUB
  
  $ networksetup -setairportnetwork en0 Automation-4G <wifi-password>
  $ networksetup -getairportnetwork en0
  Current Wi-Fi Network: Automation-4G

• turn on/off wifi

  # check wifi status
  $ system_profiler SPAirPortDataType | awk -F: '/Status:/{print $2}'
   Connected
  # or
  $ networksetup -getairportpower en0
  Wi-Fi Power (en0): On
  # or
  $ networksetup -getairportpower $(networksetup -listallhardwareports | awk -F: '/Wi-Fi/{getline; print $2;}')
  Wi-Fi Power (en0): On
  
  # turn on
  $ networksetup -setairportpower en0 on
  $ networksetup -getairportpower en0
  Wi-Fi Power (en0): On
  
  # turn off
  $ networksetup -setairportpower en0 off
  $ networksetup -getairportpower en0
  Wi-Fi Power (en0): Off

scan available wifi network

$ networksetup -setairportpower en0 on

# not available anymore
$ sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s
                            SSID BSSID             RSSI CHANNEL HT CC SECURITY (auth/unicast/group)
                        Customer **:**:**:**:**:** -75  11      N  CN WEP
                        CorpWLAN **:**:**:**:**:** -72  1       Y  CN WPA2(802.1x,Unrecognized(0)/AES/AES)
                           Guest **:**:**:**:**:** -71  1       Y  CN NONE

disable ipv6

$ networksetup -listallnetworkservices
An asterisk (*) denotes that a network service is disabled.
USB 10/100/1000 LAN
Wi-Fi
Bluetooth PAN
Thunderbolt Bridge

# disable
$ networksetup -setv6off 'USB 10/100/1000 LAN'
$ networksetup -setv6off Wi-fi

# undo
$ networksetup -setv6automatic 'USB 10/100/1000 LAN'
$ networksetup -setv6automatic Wi-Fi

show network connection history

$ networksetup -listpreferredwirelessnetworks en0

# older version
$ defaults read /Library/Preferences/SystemConfiguration/com.apple.airport.preferences \
           | grep LastConnected -A 7

get wifi password

• list connected Wifi

  $ networksetup -listpreferredwirelessnetworks en0
  
  # older version
  $ defaults read /Library/Preferences/SystemConfiguration/com.apple.airport.preferences | \grep SSIDString
  ...
  SSIDString = "Apple Network Guest";
  ...

• get password

  $ sudo security find-generic-password -ga "Apple Network Guest"  | grep password\:
  password: "guest@3742"

DNS

• get info

  $ scutil --dns
  DNS configuration
  resolver #1
  ...
  resolver #7
  
  DNS configuration (for scoped queries)
  resolver #1
    search domain[0] : ...
    nameserver[0] : ...
    nameserver[1] : ...
    nameserver[2] : ...
    if_index : ...
    flags    : ...
    reach    : ...

• setup DNS

  [!NOTE|label:references:]

  $ networksetup -getdnsservers Wi-Fi
  There aren't any DNS Servers set on Wi-Fi.

  $ networksetup -setdnsservers Wi-Fi 192.168.236.5 192.168.35.78 192.168.2.69 192.168.200.139
  
  $ networksetup -getdnsservers Wi-Fi
  192.168.236.5
  192.168.35.78
  192.168.2.69
  192.168.200.139
  
  $ cat /etc/resolv.conf
  nameserver 192.168.236.5
  nameserver 192.168.35.78
  nameserver 192.168.2.69
  nameserver 192.168.200.139

firewall

• show status

  $ sudo /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate
  Firewall is disabled. (State = 0)

• enable firewall

  $ sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

route

[!NOTE|label:references:]

• * imarslo : route

• * imarslo : ubuntu 17.10 bootup settings

• Adding a Static Route to macOS

• How to get routing table in terminal [duplicate]

• can we change default gateway and interface in mac through commandline

• Viewing the routing table from the command-line interface

  • Routing table flags

• * Chapter 4 Administering TCP/IP (Task)

• route flags

FLAG	DESCRIPTION
U	Up—Route is valid
G	Gateway—Route is to a gateway router
H	Host name—Route is to a host rather than to a network
R	Reject—Set by ARP when an entry expires
D	Dynamic—Route added by a route redirect or RIP
M	Modified—Route modified by a route redirect
C	Cloning—A new route is cloned from this entry when it is used
L	Link—Link-level information, such as the Ethernet MAC address, is present
S	Static—Route added with the route command

check route

• show all

  # linux-like route -n
  $ netstat -nr
  
  # ipv4
  $ netstat -nr -f inet
  
  # ipv6
  $ netstat -nr -f inet6
  
  # via `ip route`
  $ ip route show

• show particular ip

  $ route get <ip.address>
     route to: ec2-1-1-1-1.compute-1.amazonaws.com
  destination: ec2-1-1-1-1.compute-1.amazonaws.com
      gateway: 192.168.0.1
    interface: en0
        flags: <UP,GATEWAY,HOST,DONE,STATIC>
   recvpipe  sendpipe  ssthresh  rtt,msec    rttvar  hopcount      mtu     expire
         0         0         0        77        11         0      1500         0
  
  # or via `ip route`
  $ ip route get 1.1.1.1
  1.1.1.1 via 192.168.0.1 dev en0  src 192.168.6.55

• display network interface status

  $ netstat -i

• log network problems

  $ /usr/sbin/in.routed /var/logfilename

add a static route item

$ sudo route -nv add -host <ip.address> <gateway>

# or
$ sudo route add -host <ip.address> -iface en1

delete a static route

$ sudo route delete <ip.address> <gateway>

vpn

[!NOTE|label:references:]

• * use networksetup or scutil

• * determining if the system is connected to a vpn from the command line under os x

• scutil

  $ scutil --help
     or: scutil --nc
         show VPN network configuration information. Use --nc help for full command list
  
  $ scutil --nc help

proxy setup

[!NOTE|label:references:]

$ networksetup -printcommands
networksetup -getwebproxy <networkservice>
networksetup -setwebproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
networksetup -setwebproxystate <networkservice> <on off>
networksetup -getsecurewebproxy <networkservice>
networksetup -setsecurewebproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
networksetup -setsecurewebproxystate <networkservice> <on off>
networksetup -getsocksfirewallproxy <networkservice>
networksetup -setsocksfirewallproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
networksetup -setsocksfirewallproxystate <networkservice> <on off>
networksetup -getproxybypassdomains <networkservice>
networksetup -setproxybypassdomains <networkservice> <domain1> [domain2] [...]
networksetup -getproxyautodiscovery <networkservice>
networksetup -setproxyautodiscovery <networkservice> <on off>

$ networksetup -getwebproxy Wi-Fi
Enabled: No
Server:
Port: 0
Authenticated Proxy Enabled: 0

$ networksetup -getwebproxy Ethernet
Enabled: No
Server:
Port: 0
Authenticated Proxy Enabled: 0

$ networksetup -getproxybypassdomains Ethernet
*.local
169.254/16

$ scutil --proxy
<dictionary> {
  HTTPEnable : 0
  HTTPSEnable : 0
  ProxyAutoConfigEnable : 1
  ProxyAutoConfigURLString : http://pac.domain.com/global-pac.pac
  SOCKSEnable : 0
}