Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Mac Network Commands Cheat Sheet
After writing up the presentation for MacSysAdmin in Sweden, I decided to go ahead and throw these into a quick cheat sheet for anyone who’d like to have them all in one place. Good luck out there, and stay salty.
Get an ip address for en0:
ipconfig getifaddr en0
Same thing, but setting and echoing a variable:
ip=`ipconfig getifaddr en0` ; echo $ip
View the subnet mask of en0:
ipconfig getoption en0 subnet_mask
View the dns server for en0:
ipconfig getoption en0 domain_name_server
Get information about how en0 got its dhcp on:
ipconfig getpacket en1
View some network info:
ifconfig en0
Set en0 to have an ip address of and a subnet mask of
ifconfig en0 inet netmask
Show a list of locations on the computer:
networksetup -listlocations
Obtain the active location the system is using:
networksetup -getcurrentlocation
Create a network location called Work and populate it with information from the active network connection:
networksetup -createlocation Work populate
Delete a network location called Work:
networksetup -deletelocation Work
Switch the active location to a location called Work:
networksetup -switchlocation Work
Switch the active location to a location called Work, but also show the GUID of that location so we can make scripties with it laters:
scselect Work
List all of the network interfaces on the system:
networksetup -listallnetworkservices
Rename the network service called Ethernet to the word Wired:
networksetup -renamenetworkservice Ethernet Wired
Disable a network interface:
networksetup -setnetworkserviceenabled off
Change the order of your network services:
networksetup -ordernetworkservices “Wi-Fi” “USB Ethernet”
Set the interface called Wi-Fi to obtain it if it isn’t already
networksetup -setdhcp Wi-Fi
Renew dhcp leases:
ipconfig set en1 BOOTP && ipconfig set en1 DHCP
ifconfig en1 down && ifconfig en1 up
Renew a dhcp lease in a script:
echo "add State:/Network/Interface/en0/RefreshConfiguration temporary" | sudo scutil
Configure a manual static ip address:
networksetup -setmanual Wi-Fi
Configure the dns servers for a given network interface:
networksetup -setdnsservers Wi-Fi
Obtain the dns servers used on the Wi-Fi interface:
networksetup -getdnsservers Wi-Fi
Stop the application layer firewall:
launchctl unload /System/Library/LaunchAgents/
launchctl unload /System/Library/LaunchDaemons/
Start the application layer firewall:
launchctl load /System/Library/LaunchDaemons/
launchctl load /System/Library/LaunchAgents/
Allow an app to communicate outside the system through the application layer firewall:
socketfilterfw -t
“/Applications/FileMaker Pro/FileMaker Pro”
See the routing table of a Mac:
netstat -nr
Add a route so that traffic for communicates over the network interface:
route -n add
Log bonjour traffic at the packet level:
sudo killall -USR2 mDNSResponder
Stop Bonjour:
launchctl unload -w /System/Library/LaunchDaemons/

Start Bojour:
launchctl load -w /System/Library/LaunchDaemons/
Put a delay in your pings:
ping -i 5
Ping the hostname 5 times and then stop the ping:
ping -c 5
Flood ping the host:
ping -f localhost
Set the packet size during your ping:
ping -s 100
Customize the source IP during your ping:
ping -S
View disk performance:
iostat -d disk0
Get information about the airport connection on your system:
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -I
Scan the available Wireless networks:
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -s
Trace the path packets go through:
Trace the routes without looking up names:
traceroute -n
Trace a route in debug mode:
traceroute -d
View information on all sockets:
netstat -at
View network information for ipv6:
netstat -lt
View per protocol network statistics:
netstat -s
View the statistics for a specific network protocol:
netstat -p igmp
Show statistics for network interfaces:
netstat -i
View network information as it happens (requires ntop to be installed):
Scan port 80 of
/System/Library/CoreServices/Applications/Network\ 80 80
Port scan stealthily:
nmap -sS -O
Establish a network connection with
nc -v 80
Establish a network connection with over port 2195
/usr/bin/nc -v -w 15 2195
Establish a network connection with only allowing ipv4
/usr/bin/nc -v -4 2196
Setup a network listener on port 2196 for testing:
/usr/bin/nc -l 2196
Capture some packets:
tcpdump -nS
Capture all the packets:
tcpdump -nnvvXS
Capture the packets for a given port:
tcpdump -nnvvXs 548
Capture all the packets for a given port going to a given destination of
tcpdump -nnvvXs 548 dst
Capture the packets as above but dump to a pcap file:
tcpdump -nnvvXs 548 dst -w /tmp/myfile.pcap
Read tcpdump (cap) files and try to make them human readable:
tcpdump -qns 0 -A -r /var/tmp/capture.pcap
What binaries have what ports and in what states are those ports:
lsof -n -i4TCP
Make an alias for looking at what has a listener open, called ports:
alias ports='lsof -n -i4TCP | grep LISTEN'
Report back the name of the system:
Flush the dns cache:
dscacheutil -flushcache
Clear your arp cache:
arp -ad
View how the Server app interprets your network settings:
serveradmin settings network
Whitelist the ip address
/Applications/ -w
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.