1.禁止被ping

/etc/sysctl.conf 内核参数配置文件
永久允许ping配置方法   1表示不能被ping 0可以被ping
[root@web01 /html/blog]# echo "net.ipv4.icmp_echo_ignore_all=1" >> /ect/sysctl.conf

结果不能被ping
[root@web01 ~]# ping 10.0.0.7
PING 10.0.0.7 (10.0.0.7) 56(84) bytes of data.

临时允许被ping配置方法
/proc/sys/net/ipv4/icmp_echo_ignore_all  配置文件
[root@web01 /html/blog]# echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

结果能ping
[root@web01 ~]# ping 10.0.0.7
PING 10.0.0.7 (10.0.0.7) 56(84) bytes of data.
64 bytes from 10.0.0.7: icmp_seq=200 ttl=64 time=0.026 ms
64 bytes from 10.0.0.7: icmp_seq=201 ttl=64 time=0.019 ms
64 bytes from 10.0.0.7: icmp_seq=202 ttl=64 time=0.021 ms

2.显示tcp的各种状态

[root@web01 ~]# ss -ant
State       Recv-Q Send-Q              Local Address:Port                             Peer Address:Port              
LISTEN      0      128                     127.0.0.1:9000                                        *:*                  
LISTEN      0      5                               *:873                                         *:*                  
LISTEN      0      128                             *:80                                          *:*                  
LISTEN      0      128                             *:22                                          *:*                  
LISTEN      0      100                     127.0.0.1:25                                          *:*                  
ESTAB       0      0                        10.0.0.7:22                                   10.0.0.1:4629               
ESTAB       0      52                       10.0.0.7:22                                   10.0.0.1:14640              
LISTEN      0      5                              :::873                                        :::*                  
LISTEN      0      128                            :::22                                         :::*                  
LISTEN      0      100                           ::1:25                                         :::*