This tutorial explains Linux “nc” command, options and its usage with examples.
nc is the command which runs netcat, a simple Unix utility that reads and writes data across network connections, using the TCP or UDP protocol. It is designed to be a reliable “back-end” tool that can be used directly or driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Common uses include:
1. Simple TCP proxies
2. Shell-script based HTTP clients and servers
3. Network daemon testing
4. A Socks or HTTP ProxyCommand for ssh
nc [-46bCDdhklnrStUuvZz] [-I length] [-i interval] [-O length] [-P proxy_username] [-p source_port] [-q seconds] [-s source] [-T toskeyword] [-V rtable] [-w timeout] [-X proxy_protocol] [-x proxy_address[:port]] [destination] [port]
Forces nc to use IPv4 addresses only.
Forces nc to use IPv6 addresses only.
Send CRLF as line-ending.
Enable debugging on the socket.
Do not attempt to read from stdin.
Prints out nc help.
Specifies the size of the TCP receive buffer.
Specifies a delay time interval between lines of text sent and received. Also causes a delay time between connections to multiple ports.
Forces nc to stay listening for another connection after its current connection is completed. It is an error to use this option without the -l option.
Used to specify that nc should listen for an incoming connection rather than initiate a connection to a remote host. It is an error to use this option in conjunction with the -p, -s, or -z options. Additionally, any timeouts specified with the -w option are ignored.
Do not do any DNS or service lookups on any specified addresses, hostnames or ports.
Specifies the size of the TCP send buffer.
Specifies a username to present to a proxy server that requires authentication. If no username is specified then authentication will not be attempted. Proxy authentication is only supported for HTTP CONNECT proxies at present.
Specifies the source port nc should use, subject to privilege restrictions and availability.
after EOF on stdin, wait the specified number of seconds and then quit. If seconds is negative, wait forever.
Specifies that source and/or destination ports should be chosen randomly instead of sequentially within a range or in the order that the system assigns them.
Enables the RFC 2385 TCP MD5 signature option.
Specifies the IP of the interface which is used to send the packets. For UNIX-domain datagram sockets, specifies the local temporary socket file to create and use so that datagrams can be received. It is an error to use this option in conjunction with the -l option.
Change IPv4 TOS value. toskeyword may be one of critical, inetcontrol, lowcost, lowdelay, netcontrol, throughput, reliability, or one of the DiffServ Code Points: ef, af11 … af43, cs0 … cs7; or a number in either hex or decimal.
Causes nc to send RFC 854 DON’T and WON’T responses to RFC 854 DO and WILL requests. This makes it possible to use nc to script telnet sessions.
Specifies to use UNIX-domain sockets.
Use UDP instead of the default option of TCP. For UNIX-domain sockets, use a datagram socket instead of a stream socket. If a UNIX-domain socket is used, a temporary receiving socket is created in /tmp unless the -s flag is given.
Set the routing table to be used. The default is 0.
Have nc give more verbose output.
Connections which cannot be established or are idle timeout after timeout seconds. The -w flag has no effect on the -l option, i.e. nc will listen forever for a connection, with or without the -w flag. The default is no timeout.
Requests that nc should use the specified protocol when talking to the proxy server. Supported protocols are “4” (SOCKS v.4), “5” (SOCKS v.5) and “connect” (HTTPS proxy). If the protocol is not specified, SOCKS version 5 is used.
Requests that nc should connect to destination using a proxy at proxy_address and port. If port is not specified, the well-known port for the proxy protocol is used (1080 for SOCKS, 3128 for HTTPS).
Specifies that nc should just scan for listening daemons, without sending any data to them. It is an error to use this option in conjunction with the -l option.
1. Netcat in a Server-Client Architecture
The netcat utility can be run in the server mode on a specified port listening for incoming connections.
$ nc -l 2380
Also, it can be used in client mode trying to connect on the port(2380) just opened
$ nc localhost 2380
Now, if we write some text at the client side, it reaches the server side. Here is the proof :
$ nc localhost 2380 HI, server
On the terminal where server is running :
$ nc -l 2380 HI, server
2. Timeout Support
There are cases when we do not want a connection to remain open forever. In that case, through ‘-w’ switch we can specify the timeout in a connection.
$ nc -l 2389
$ nc -w 20 localhost 2389
The connection above would be terminated after 20 seconds.
3. Transfer Files
At the client side, suppose we have a file named ‘testfile’ containing :
$ cat testfile hello testfile. this is me.
and at the server side we have an empty file ‘test’
Now, we run the server as :
$ nc -l 2380 > test
and run the client as :
cat testfile | nc localhost 2380
Now, when we see the ‘test’ file at the server end, we see :
$ cat test hello testfile. this is me.
4. Support of IPV4/IPV6 Connectivity
The flag -4 or -6 specifies that netcat utility should use which type of addresses.
$ nc -4 -l 2380
$ nc -4 localhost 2380
Now, if we run the netstat command, we see :
$ netstat | grep 2380 tcp 0 0 localhost:2380 localhost:50850 ESTABLISHED tcp 0 0 localhost:50850 localhost:2380 ESTABLISHED
The first field in the above output would contain a postfix ’6′ in case the IPV6 addresses are being used. Since in this case it is not, so a connection between server and client is established using IPV4 addresses.
Now, If we force nc to use IPV6 addresses
$ nc -6 -l 2380
$ nc -6 localhost 2380
Now, if we run the netstat command, we see :
$ netstat | grep 2380 tcp6 0 0 localhost:2380 localhost:33230 ESTABLISHED tcp6 0 0 localhost:33230 localhost:2380 ESTABLISHED
5. Disable Reading from STDIN in Netcat
This functionality can be achieved by using the flag -d.
$ nc -d localhost 2380 Hi
The text ‘Hi’ will not be sent to the server end as using -d option the read from stdin has been disabled.
6. Force Netcat Server to Stay Up
If the netcat client is connected to the server and then after sometime the client is disconnected then normally netcat server also terminates.
$ nc -k -l 2380
$ nc localhost 2380 ^C
$ nc -k -l 2380
So we see that by using the -k option the server remains up even if the client got disconnected. If it would have been the other case, then after the client gets disconnected, the nc server would also have terminated on server and produced a $ prompt at server terminal.
7. Use Netcat with UDP Protocol
By default all the sockets that nc utility creates are TCP protocols but this utility also works with UDP protocol. To enable UDP protocol the -u flag is used.
$ nc -4 -u -l 2380
$ nc -4 -u localhost 2380
8. Configure Netcat Client to Stay Up after EOF
Netcat client can be configured to stay up after EOF is received. In a normal scenario, if the nc client receives an EOF character then it terminates immediately but this behavior can also be controlled if the -q flag is used. This flag expects a number which depicts number of seconds to wait before client terminates (after receiving EOF)
$ nc -q 5 localhost 2380
Sanfoundry Global Education & Learning Series – 1000 Linux Tutorials.