N天学习一个linux命令之netstat
用途
打印网络连接,路由表,网卡信息,假连接,组播成员信息
用法
1 显示网络连接信息
netstat [address_family_options] [--tcp|-t] [--udp|-u] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--symbolic|-N] [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [delay]
2 显示路由表
netstat {--route|-r} [address_family_options] [--extend|-e[--extend|-e]] [--verbose|-v] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
3 显示网卡统计信息
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
4 显示组播信息
netstat {--groups|-g} [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
5 显示假连接
netstat {--masquerade|-M} [--extend|-e] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
6 显示网络连接统计信息
netstat {--statistics|-s} [--tcp|-t] [--udp|-u] [--raw|-w] [delay]
7 显示命令版本信息
netstat {--version|-V}
8 显示命令帮助信息
netstat {--help|-h}
常用选项
--verbose , -v
输出详细信息
--numeric , -n
地址和端口以及用户使用数字显示
--numeric-hosts
地址使用数字显示
--numeric-ports
端口使用数字显示
--numeric-users
用户以用户id的方式显示
--protocol=family , -A
协议族,多个使用英文逗号分隔,常用网络协议族inet, inet6, unix, ipx, ax25, netrom, and ddp,效果和--inet, --inet6, --unix (-x), --ipx, --ax25, --netrom, and --ddp options这些选项等价
-c, --continuous
每秒循环输出信息
-e, --extend
输出更多信息,双选项表示输出更多更多信息
-o, --timers
输出网络定时器信息
-p, --program
输出程序名称
-l, --listening
仅显示正在监听的socket
-a, --all
显示所有状态的连接
-F
从FIB输出路由信息
-C
从路由缓存输出路由信息
-T --notrim
显示完整的长地址
输出字段说明
1 活跃网络连接
Proto
socket使用的网络协议 (TCP, UDP, raw)
Recv-Q
The count of bytes not copied by the user program connected to this socket.
Send-Q
The count of bytes not acknowledged by the remote host.
Local Address
本地地址
Foreign Address
远程地址
State
状态,针对TCP协议
ESTABLISHED
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSED The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the
--listening (-l) or --all (-a) option.
CLOSING
Both sockets are shut down but we still don’t have all our data sent.
UNKNOWN
The state of the socket is unknown.
User
用户
PID/Program name
程序名称
Timer
网络定时器
2 Active UNIX domain Sockets
Proto
协议,通常是unix
RefCnt
The reference count (i.e. attached processes via this socket).
Flags
The flags displayed is SO_ACCEPTON (displayed as ACC), SO_WAITDATA (W) or SO_NOSPACE (N). SO_ACCECPTON is used on unconnected sockets if their corresponding processes are waiting for a connect request. The other flags are not of normal interest.
Type
There are several types of socket access:
SOCK_DGRAM
The socket is used in Datagram (connectionless) mode.
SOCK_STREAM
This is a stream (connection) socket.
SOCK_RAW
The socket is used as a raw socket.
SOCK_RDM
This one serves reliably-delivered messages.
SOCK_SEQPACKET
This is a sequential packet socket.
SOCK_PACKET
Raw interface access socket.
UNKNOWN
Who ever knows what the future will bring us - just fill in here :-)
State
状态
FREE The socket is not allocated
LISTENING
The socket is listening for a connection request. Such sockets are only included in the output if you specify the
--listening (-l) or --all (-a) option.
CONNECTING
The socket is about to establish a connection.
CONNECTED
The socket is connected.
DISCONNECTING
The socket is disconnecting.
(empty)
The socket is not connected to another one.
UNKNOWN
This state should never happen.
PID/Program name
程序名称
Path
This is the path name as which the corresponding processes attached to the socket.
实践
1 显示系统正在监听的服务
[root@vm ~]# netstat -tlop
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name Timer
tcp 0 0 localhost:irdmi *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9121 *:* LISTEN 806/redis_exporter off (0.00/0/0)
tcp 0 0 localhost:websm *:* LISTEN 805/prometheus off (0.00/0/0)
tcp 0 0 localhost:9187 *:* LISTEN 807/postgres_export off (0.00/0/0)
tcp 0 0 *:8070 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:mysql *:* LISTEN 1821/mysqld.bin off (0.00/0/0)
tcp 0 0 localhost:6379 *:* LISTEN 1953/redis-server 1 off (0.00/0/0)
tcp 0 0 localhost:jetdirect *:* LISTEN 813/node_exporter off (0.00/0/0)
tcp 0 0 localhost:9229 *:* LISTEN 811/gitlab-workhors off (0.00/0/0)
tcp 0 0 localhost:webcache *:* LISTEN 960/unicorn master off (0.00/0/0)
tcp 0 0 *:http *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 localhost:9236 *:* LISTEN 814/gitaly off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 *:ddi-tcp-1 *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
tcp 0 0 *:https *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 *:8060 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:raid-am *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:ema-sent-lm *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
2 显示所有状态的tcp连接
[root@vm ~]# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:irdmi *:* LISTEN
tcp 0 0 localhost:9121 *:* LISTEN
tcp 0 0 localhost:websm *:* LISTEN
tcp 0 0 localhost:9187 *:* LISTEN
tcp 0 0 *:8070 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 localhost:6379 *:* LISTEN
tcp 0 0 localhost:jetdirect *:* LISTEN
tcp 0 0 localhost:9229 *:* LISTEN
tcp 0 0 localhost:webcache *:* LISTEN
tcp 0 0 *:http *:* LISTEN
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 localhost:9236 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:ddi-tcp-1 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 *:https *:* LISTEN
tcp 0 0 *:8060 *:* LISTEN
tcp 0 0 *:raid-am *:* LISTEN
tcp 0 0 localhost:ema-sent-lm *:* LISTEN
tcp 0 0 localhost:webcache localhost:59852 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42390 TIME_WAIT
tcp 0 0 localhost:42498 localhost:jetdirect TIME_WAIT
tcp 0 0 localhost:8070 localhost:40552 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45880 TIME_WAIT
tcp 0 0 localhost:50728 localhost:9121 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56396 TIME_WAIT
tcp 0 0 localhost:43358 localhost:http TIME_WAIT
tcp 0 0 localhost:58866 localhost:9229 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59818 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50830 TIME_WAIT
tcp 0 0 localhost:websm localhost:60060 TIME_WAIT
tcp 0 0 localhost:raid-am localhost:53338 ESTABLISHED
tcp 0 0 localhost:9121 localhost:50762 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:51548 ESTABLISHED
tcp 0 0 localhost:jetdirect localhost:42424 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42458 TIME_WAIT
tcp 0 0 localhost:58832 localhost:9229 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45846 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56430 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59886 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58764 TIME_WAIT
tcp 0 0 localhost:websm localhost:60134 TIME_WAIT
tcp 0 0 localhost:45812 localhost:9236 TIME_WAIT
tcp 0 0 localhost:60094 localhost:websm TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63964 ESTABLISHED
tcp 0 0 localhost:webcache localhost:59920 TIME_WAIT
tcp 0 0 localhost:53338 localhost:raid-am ESTABLISHED
tcp 0 0 localhost:9236 localhost:45778 TIME_WAIT
tcp 0 0 localhost:websm localhost:60026 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56362 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63386 ESTABLISHED
tcp 0 0 localhost:9187 localhost:56464 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58798 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50796 TIME_WAIT
tcp 0 0 localhost:8070 localhost:40550 TIME_WAIT
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:39366 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39354 TIME_WAIT
tcp 0 0 localhost:39332 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39298 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39408 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39400 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39428 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39306 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39320 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39340 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39374 TIME_WAIT
tcp 0 0 localhost:39388 localhost:9168 TIME_WAIT
3 显示网卡统计信息
[root@vm ~]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 51912 0 0 0 48318 0 0 0 BMRU
lo 65536 0 877515 0 0 0 877515 0 0 0 LRU
参考资料
【1】 man netstat
【2】TCP Timers
https://learningnetwork.cisco.com/thread/47664
N天学习一个linux命令之netstat的更多相关文章
- N天学习一个Linux命令之帮助命令:man
前言 工作中每天都在使用常用的命令和非常用的命令,忘记了用法或者参数,都会bing一下,然后如此循环.一直没有真正的系统的深入的去了解命令的用法,我决定打破它.以前看到有人,每天学习一个linux命令 ...
- N天学习一个Linux命令之free
用途 查看系统内存(物理/虚拟/缓存/共享)使用情况 用法 free [-b | -k | -m | -g | -h] [-o] [-s delay ] [-c count ] [-a] [-t] [ ...
- N天学习一个linux命令之ping
用途 检测主机是否可到达,也就是说,目标主机是否可以联网,还可以用于检测网速.通过发送ICMP ECHO_REQUEST数据包检测. 用法 ping [options] destination 常用选 ...
- N天学习一个linux命令之kill
用途 用于终止进程 用法 kill [-s signal|-p] [--] pid... kill -l [signal] 说明 1.默认发送信号15(请求终止进程,程序可以捕获,操作系统会杀死没有对 ...
- N天学习一个linux命令之du
用途 统计文件或者目录占用硬盘空间大小 用法 du [OPTION] [FILE]du [OPTION] --files0-from=F 常用参数 -a, --all统计所有文件,不仅仅是目录 -b, ...
- N天学习一个linux命令之scp
用途 通过ssh通道,不同主机之间复制文件 用法 scp [options] [user@host:]file1 [user2@host2:]file2 常用参数 -1使用 ssh 1协议 -2使用s ...
- 每天学习一个Linux命令-目录
在工作中总会零零散散使用到各种Linux命令,从今天开始详细的学习一下linux常用命令,坚持每天一个命令,学习的主要参考资料为: 1.竹子-博客(https://www.cnblogs.com/pe ...
- 每天一个linux命令(43)--netstat命令
netstat 命令用于显示与 IP TCP UDP 和 ICMP协议相关的统计数据,一般用于检验本机各端口的网络连接情况.netstat 是在内核中访问网络及相关信息的程序,它能提供TCP连接,T ...
- N天学习一个linux命令之umask
前言 umask不是linux命令,而是shell内置的指令,俗称用户权限掩码,用于对用户创建的文件和目录设置默认权限.默认的权限掩码是0022,也就是说新创建的文件权限是0644,新创建的目录权限是 ...
随机推荐
- 等价表达式 2005年NOIP全国联赛提高组(栈模拟)
P1054 等价表达式 题目描述 明明进了中学之后,学到了代数表达式.有一天,他碰到一个很麻烦的选择题.这个题目的题干中首先给出了一个代数表达式,然后列出了若干选项,每个选项也是一个代数表达式,题目的 ...
- [Swift通天遁地]七、数据与安全-(1)XML文档的创建和解析
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★➤微信公众号:山青咏芝(shanqingyongzhi)➤博客园地址:山青咏芝(https://www.cnblogs. ...
- Entity Framework 4.3 中使用存储过程
尽管 Entity Framework 4.3 都已经发布了,且表示在 EF 5 中性能将会有很大提升.但很多存储过程控,始终不会放弃使用存储过程,那今天就让我们看看在 EF 4.3 中怎么使用存储过 ...
- Jmeter jdbc连接
1.下载对应的驱动包(mysql-connector-java-5.1.13-bin.jar 可能现在有跟新的版本了),并放到Jmeter目录中的lib文件 2.打开Jmeter,添加JDBC Con ...
- ResGen.exe”已退出,代码为2 问题处理
转载自 http://blog.sina.com.cn/s/blog_5f82a1060101d8tm.html 在64位的Windows 7下,用VS2010编译4.0以前的.Net项目会有问题. ...
- ios9-NSLayoutAnchor和UILayoutGuide实现自动布局
@interface ViewController () { NSLayoutConstraint *yellowViewTopConstraint; NSLayoutConstraint *blue ...
- [ CTSC 2007 / BZOJ 2151 ] Backup / 种树
\(\\\) \(Description\) 给出一个数轴上\(N\)个点的坐标\(A_i\),选择\(K\)个点对,使得这\(K\)个点对每个点对的距离之和尽可能小. \(N\in [0,10^5] ...
- vue项目杂记
vue项目杂记 文件目录结构 src main.js app.vue package.json webpack_config_dev.js 需要安装的包 1. vue cnpm i vue --sav ...
- 定制UVM Messages(参考)
UVM的Messages机制有些时候很繁琐,很多时候希望能够在UVM messages的基础上做一些个人化的订制,这里给出来一个找到的例子作为参考. my_macros.sv: `define ...
- 03-Servlet 体系结构知识梳理
一.Servlet体系结构 Java Web应用是基于Servlet规范运行,Servlet顶层类的关联如下图: 从图可看出,Servlet规范基本围绕这几个类运行,其中,与Servlet主动关联的有 ...