N天学习一个linux命令之netstat
用途
打印网络连接,路由表,网卡信息,假连接,组播成员信息
用法
1 显示网络连接信息
netstat [address_family_options] [--tcp|-t] [--udp|-u] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--symbolic|-N] [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [delay]
2 显示路由表
netstat {--route|-r} [address_family_options] [--extend|-e[--extend|-e]] [--verbose|-v] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
3 显示网卡统计信息
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
4 显示组播信息
netstat {--groups|-g} [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
5 显示假连接
netstat {--masquerade|-M} [--extend|-e] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
6 显示网络连接统计信息
netstat {--statistics|-s} [--tcp|-t] [--udp|-u] [--raw|-w] [delay]
7 显示命令版本信息
netstat {--version|-V}
8 显示命令帮助信息
netstat {--help|-h}
常用选项
--verbose , -v
输出详细信息
--numeric , -n
地址和端口以及用户使用数字显示
--numeric-hosts
地址使用数字显示
--numeric-ports
端口使用数字显示
--numeric-users
用户以用户id的方式显示
--protocol=family , -A
协议族,多个使用英文逗号分隔,常用网络协议族inet, inet6, unix, ipx, ax25, netrom, and ddp,效果和--inet, --inet6, --unix (-x), --ipx, --ax25, --netrom, and --ddp options这些选项等价
-c, --continuous
每秒循环输出信息
-e, --extend
输出更多信息,双选项表示输出更多更多信息
-o, --timers
输出网络定时器信息
-p, --program
输出程序名称
-l, --listening
仅显示正在监听的socket
-a, --all
显示所有状态的连接
-F
从FIB输出路由信息
-C
从路由缓存输出路由信息
-T --notrim
显示完整的长地址
输出字段说明
1 活跃网络连接
Proto
socket使用的网络协议 (TCP, UDP, raw)
Recv-Q
The count of bytes not copied by the user program connected to this socket.
Send-Q
The count of bytes not acknowledged by the remote host.
Local Address
本地地址
Foreign Address
远程地址
State
状态,针对TCP协议
ESTABLISHED
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSED The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the
--listening (-l) or --all (-a) option.
CLOSING
Both sockets are shut down but we still don’t have all our data sent.
UNKNOWN
The state of the socket is unknown.
User
用户
PID/Program name
程序名称
Timer
网络定时器
2 Active UNIX domain Sockets
Proto
协议,通常是unix
RefCnt
The reference count (i.e. attached processes via this socket).
Flags
The flags displayed is SO_ACCEPTON (displayed as ACC), SO_WAITDATA (W) or SO_NOSPACE (N). SO_ACCECPTON is used on unconnected sockets if their corresponding processes are waiting for a connect request. The other flags are not of normal interest.
Type
There are several types of socket access:
SOCK_DGRAM
The socket is used in Datagram (connectionless) mode.
SOCK_STREAM
This is a stream (connection) socket.
SOCK_RAW
The socket is used as a raw socket.
SOCK_RDM
This one serves reliably-delivered messages.
SOCK_SEQPACKET
This is a sequential packet socket.
SOCK_PACKET
Raw interface access socket.
UNKNOWN
Who ever knows what the future will bring us - just fill in here :-)
State
状态
FREE The socket is not allocated
LISTENING
The socket is listening for a connection request. Such sockets are only included in the output if you specify the
--listening (-l) or --all (-a) option.
CONNECTING
The socket is about to establish a connection.
CONNECTED
The socket is connected.
DISCONNECTING
The socket is disconnecting.
(empty)
The socket is not connected to another one.
UNKNOWN
This state should never happen.
PID/Program name
程序名称
Path
This is the path name as which the corresponding processes attached to the socket.
实践
1 显示系统正在监听的服务
[root@vm ~]# netstat -tlop
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name Timer
tcp 0 0 localhost:irdmi *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9121 *:* LISTEN 806/redis_exporter off (0.00/0/0)
tcp 0 0 localhost:websm *:* LISTEN 805/prometheus off (0.00/0/0)
tcp 0 0 localhost:9187 *:* LISTEN 807/postgres_export off (0.00/0/0)
tcp 0 0 *:8070 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:mysql *:* LISTEN 1821/mysqld.bin off (0.00/0/0)
tcp 0 0 localhost:6379 *:* LISTEN 1953/redis-server 1 off (0.00/0/0)
tcp 0 0 localhost:jetdirect *:* LISTEN 813/node_exporter off (0.00/0/0)
tcp 0 0 localhost:9229 *:* LISTEN 811/gitlab-workhors off (0.00/0/0)
tcp 0 0 localhost:webcache *:* LISTEN 960/unicorn master off (0.00/0/0)
tcp 0 0 *:http *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 localhost:9236 *:* LISTEN 814/gitaly off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 *:ddi-tcp-1 *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
tcp 0 0 *:https *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 *:8060 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:raid-am *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:ema-sent-lm *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
2 显示所有状态的tcp连接
[root@vm ~]# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:irdmi *:* LISTEN
tcp 0 0 localhost:9121 *:* LISTEN
tcp 0 0 localhost:websm *:* LISTEN
tcp 0 0 localhost:9187 *:* LISTEN
tcp 0 0 *:8070 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 localhost:6379 *:* LISTEN
tcp 0 0 localhost:jetdirect *:* LISTEN
tcp 0 0 localhost:9229 *:* LISTEN
tcp 0 0 localhost:webcache *:* LISTEN
tcp 0 0 *:http *:* LISTEN
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 localhost:9236 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:ddi-tcp-1 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 *:https *:* LISTEN
tcp 0 0 *:8060 *:* LISTEN
tcp 0 0 *:raid-am *:* LISTEN
tcp 0 0 localhost:ema-sent-lm *:* LISTEN
tcp 0 0 localhost:webcache localhost:59852 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42390 TIME_WAIT
tcp 0 0 localhost:42498 localhost:jetdirect TIME_WAIT
tcp 0 0 localhost:8070 localhost:40552 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45880 TIME_WAIT
tcp 0 0 localhost:50728 localhost:9121 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56396 TIME_WAIT
tcp 0 0 localhost:43358 localhost:http TIME_WAIT
tcp 0 0 localhost:58866 localhost:9229 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59818 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50830 TIME_WAIT
tcp 0 0 localhost:websm localhost:60060 TIME_WAIT
tcp 0 0 localhost:raid-am localhost:53338 ESTABLISHED
tcp 0 0 localhost:9121 localhost:50762 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:51548 ESTABLISHED
tcp 0 0 localhost:jetdirect localhost:42424 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42458 TIME_WAIT
tcp 0 0 localhost:58832 localhost:9229 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45846 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56430 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59886 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58764 TIME_WAIT
tcp 0 0 localhost:websm localhost:60134 TIME_WAIT
tcp 0 0 localhost:45812 localhost:9236 TIME_WAIT
tcp 0 0 localhost:60094 localhost:websm TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63964 ESTABLISHED
tcp 0 0 localhost:webcache localhost:59920 TIME_WAIT
tcp 0 0 localhost:53338 localhost:raid-am ESTABLISHED
tcp 0 0 localhost:9236 localhost:45778 TIME_WAIT
tcp 0 0 localhost:websm localhost:60026 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56362 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63386 ESTABLISHED
tcp 0 0 localhost:9187 localhost:56464 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58798 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50796 TIME_WAIT
tcp 0 0 localhost:8070 localhost:40550 TIME_WAIT
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:39366 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39354 TIME_WAIT
tcp 0 0 localhost:39332 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39298 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39408 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39400 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39428 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39306 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39320 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39340 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39374 TIME_WAIT
tcp 0 0 localhost:39388 localhost:9168 TIME_WAIT
3 显示网卡统计信息
[root@vm ~]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 51912 0 0 0 48318 0 0 0 BMRU
lo 65536 0 877515 0 0 0 877515 0 0 0 LRU
参考资料
【1】 man netstat
【2】TCP Timers
https://learningnetwork.cisco.com/thread/47664
N天学习一个linux命令之netstat的更多相关文章
- N天学习一个Linux命令之帮助命令:man
前言 工作中每天都在使用常用的命令和非常用的命令,忘记了用法或者参数,都会bing一下,然后如此循环.一直没有真正的系统的深入的去了解命令的用法,我决定打破它.以前看到有人,每天学习一个linux命令 ...
- N天学习一个Linux命令之free
用途 查看系统内存(物理/虚拟/缓存/共享)使用情况 用法 free [-b | -k | -m | -g | -h] [-o] [-s delay ] [-c count ] [-a] [-t] [ ...
- N天学习一个linux命令之ping
用途 检测主机是否可到达,也就是说,目标主机是否可以联网,还可以用于检测网速.通过发送ICMP ECHO_REQUEST数据包检测. 用法 ping [options] destination 常用选 ...
- N天学习一个linux命令之kill
用途 用于终止进程 用法 kill [-s signal|-p] [--] pid... kill -l [signal] 说明 1.默认发送信号15(请求终止进程,程序可以捕获,操作系统会杀死没有对 ...
- N天学习一个linux命令之du
用途 统计文件或者目录占用硬盘空间大小 用法 du [OPTION] [FILE]du [OPTION] --files0-from=F 常用参数 -a, --all统计所有文件,不仅仅是目录 -b, ...
- N天学习一个linux命令之scp
用途 通过ssh通道,不同主机之间复制文件 用法 scp [options] [user@host:]file1 [user2@host2:]file2 常用参数 -1使用 ssh 1协议 -2使用s ...
- 每天学习一个Linux命令-目录
在工作中总会零零散散使用到各种Linux命令,从今天开始详细的学习一下linux常用命令,坚持每天一个命令,学习的主要参考资料为: 1.竹子-博客(https://www.cnblogs.com/pe ...
- 每天一个linux命令(43)--netstat命令
netstat 命令用于显示与 IP TCP UDP 和 ICMP协议相关的统计数据,一般用于检验本机各端口的网络连接情况.netstat 是在内核中访问网络及相关信息的程序,它能提供TCP连接,T ...
- N天学习一个linux命令之umask
前言 umask不是linux命令,而是shell内置的指令,俗称用户权限掩码,用于对用户创建的文件和目录设置默认权限.默认的权限掩码是0022,也就是说新创建的文件权限是0644,新创建的目录权限是 ...
随机推荐
- 理解JavaScript中的闭包
(这篇文章后面关于onclick事件的解释是错误的,请不要被误导了2016.6.16) 闭包这个概念给JavaScript初学者心中留下了巨大的阴影,网络上关于闭包的文章不可谓不多,但是能让初学者看懂 ...
- [Swift通天遁地]四、网络和线程-(15)程序内购功能
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★➤微信公众号:山青咏芝(shanqingyongzhi)➤博客园地址:山青咏芝(https://www.cnblogs. ...
- Jquery和Ajax的关系!
Jquery是一种JavaScript框架,而Ajax(Asynchronous JavaScript and XML)是异步JavaScript和XML. Jquery是JavaScript的框架, ...
- MySQL实现当前数据表的所有时间都增加或减少指定的时间间隔
DATE_ADD() 函数向日期添加指定的时间间隔. 当前表所有数据都往后增加一天时间: UPDATE ACT_BlockNum SET CreateTime = DATE_ADD(CreateTim ...
- JS——滚动条
1.核心思想与之前的拖拽盒子是一样的 2.完全将鼠标在盒子中的坐标给滚动条是错的,因为这样会使滚动条顶部立刻瞬间移动到鼠标位置 3.必须在鼠标按下事件时记住鼠标在滚动条内部的坐标,再将鼠标在盒子中的坐 ...
- dotnetnuke 获得List 属性
new DotNetNuke.Common.Lists.ListController().GetListEntryInfo("DataType","Text") ...
- python PIL相关操作
项目中需要用python生成二维码,这里记录一下相关PIL相关操作. RGBA问题: 需要将图片A粘贴到图片B上,之前没有注意透明度问题,A的背景是透明的,粘贴到B上后,A的周围是黑的.后来才发现是P ...
- 四次挥手与tcp标志位
鉴于tcp的标志位可以同时置位,在相应端无数据传输时,四次握手可以用三次报文完成.
- 5.21leetcode练习
目录 两数之和 题目 答案 整数反转 题目 思路及答案 回文数 题目 思路及答案 希望每天进步一点点 两数之和 题目 新手司机上路,光荣翻车,没想出来.借了别人的答案,自行领会 答案 整数反转 题目 ...
- 贴一段自动编译java,并混淆编译的代码
刚写的一个自动编译.混淆.打包jar的代码,做个记录 用到的NuGet: <?xml version="1.0" encoding="utf-8"?> ...