Home Download FAQ / Knowledge Base Screenshots Documentation Support Roadmap

Networking

Note: you should perform these operations while logged in with root privileges. You may become root with the commands su - or sudo -s.

ifconfig

ifconfig shows you how your ethernet interfaces are configured. The primary device will have a name such as eth0.

root@yourserver:/# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0B:99:99:00:00 
          inet addr:192.168.3.115  Bcast:192.168.3.255  Mask:255.255.255.0
          inet6 addr: fe80::290:4bff:9999:0000 /64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1633075 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2512154 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:690787053 (658.7 MiB)  TX bytes:221517909 (211.2 MiB)
          Interrupt:5 Memory:faff6000-faff8000 

route

route shows the paths to other networks, most notably the default gateway (which for IPv4 is 0.0.0.0).

root@yourserver/# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.168.3.1     0.0.0.0         UG    0      0        0 eth0

netstat

netstat shows you which ports are open, and which processes listen on them. It also shows the address of the other end of each open connection.

root@yourserver:/# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN     16825/citserver     
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN     16825/citserver     
tcp        0      0 0.0.0.0:2020            0.0.0.0:*               LISTEN     16825/citserver     
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN     16825/citserver     
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN     16825/citserver   
tcp        0      0 0.0.0.0:504             0.0.0.0:*               LISTEN     16825/citserver     
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN     16825/citserver     
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN     16825/citserver     
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN     27329/webcit     
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     16825/citserver     
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     1569009  16825/citserver     /var/run/citadel/citadel.socket
unix  2      [ ACC ]     STREAM     LISTENING     1569016  16825/citserver     /var/run/citadel/lmtp.socket
unix  2      [ ACC ]     STREAM     LISTENING     1569019  16825/citserver     /var/run/citadel/lmtp-unfiltered.socket

If you prefer to see the names of the services than their port numbers you can omit the -n

If you have chosen to let your citserver bind a secific IP, the whole thing will look a little different. Lets say, your machine has the addresses 127.0.0.1 (loopback), 10.10.1.1, and 10.10.1.55, and you want Citadel to answer queries only on 10.10.1.55 since other services are already answering on the above listed ports on 10.10.1.1 the lines will look like this:

tcp        0      0 10.10.1.55:504             0.0.0.0:*               LISTEN     16825/citserver     

So this not just removes the bind to 10.10.1.1, but also implicitly

tcp        0      0 127.0.0.1:505             0.0.0.0:*               LISTEN     16825/citserver     

won't be accessible; If you run Webcit with an IP connection (and not the unix domain socket "citadel.socket"), you need to point it to 10.10.1.55 port 504; 127.0.0.1 port 504 won't be accessible, and you will receive an error message.

telnet

Telnet is an unencrypted remote terminal tool. But we can also abuse it to check whether Citadel is able to answer on various server ports:

In the example below, the text in bold indicates what you type, and the remaining text is what the mail server (in this case a Citadel) sends back.

root@yourserver:/# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 yourserver ESMTP Citadel server ready.
ehlo localhost
250 Hello localhost (localhost [127.0.0.1])
250-HELP
250-SIZE 10485760
250-PIPELINING
250-STARTTLS
250-AUTH=LOGIN PLAIN
MAIL FROM: test@test.org
250 2.0.0 Sender ok
quit
221 Goodbye...
Connection closed by foreign host.

You could make Citadel receive or send out an email this way. Furthermore, you have now confirmed that you are talking with the Citadel SMTP service, not with another email program left over from a previous or default installation.

The reply to the EHLO command also shows you which kind of authentication the host supports (another sample would be CRAMD-MD5). Citadel itself just supports "plain" auth, in receiving and sending direction. This is almost plaintext, so you should wrap a TLS session around it.

If you don't see

220 yourserver ESMTP Citadel server ready.

but something like Postfix, Exim, QMail... you are not talking to your Citadel server; some other program is listening on port 25.

NetCat

Note: depending on your system, netcat may either be named nc or netcat; we'll name it nc in the examples.

Netcat was designed for the purpose for which we misused telnet earlier. If you want for example to post a message using an automated script, telnet would add special control characters, which will spoil your effort. You need to use netcat in this case. But netcat can do even more: It can open server sockets (like citserver does) or speak UDP.

Netcat as Server

The problem we want to use netcat for in this example is the following: You want to know which headers your browser sends to webcit. For that we need netcat to open a server socket, our browser will talk to:

  nc -l -p 8888

Now point your browser to http://192.168.3.115:8888 (or whatever the IP address is of the server on which your netcat is running) and see what netcat says:

GET / HTTP/1.1
Host: 127.0.0.1:8888
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.1) Gecko/20061205 Iceweasel/2.0.0.1 (Debian-2.0.0.1+dfsg-2)
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,en-us;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-IR-111,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive

Now you can press Ctrl-C to terminate your netcat, or type into it and say some nice things to your browser.

Netcat as Client

Here we want to use netcat to talk to your citserver in Citadel's native language; this is usualy done through TCP Port 504 (see your output of netcat above).

# nc 127.0.0.1 504
200 poza Citadel server ready.
ECHO test
200 test
QUIT
200 Goodbye.

Now if you want to do this from within a shell script, you'll get the problem that NetCat will close the connection to the server when its input channel is closed; ence we need to make it waiting; we'll use '()' (which invokes a sub-shell) for that:

(
printf "ECHO test\nQUIT\n"
sleep 10
) | nc 127.0.0.1 504

Hostname lookup

To resolve IP addresses from names like google.com, your computer needs nameservers; the file /etc/hosts shows your programs where to find it. Verify that thie file exists, and that the IP address inside is reachable with ping.

Next you can use the nslookup or host utility to check if it's working:

$ host google.com
google.com has address 74.125.67.100

(and some more...) Or to find out who is the mail exchanger there:

$ host -t mx google.com
google.com mail is handled by 10 smtp2.google.com.
google.com mail is handled by 10 smtp1.google.com.
google.com mail is handled by 10 smtp3.google.com.
google.com mail is handled by 10 smtp4.google.com.
There are no social media links here. Enjoy a friendly Citadel community instead. Or go outside.