N天学习一个linux命令之netstat
用途
打印网络连接,路由表,网卡信息,假连接,组播成员信息
用法
1 显示网络连接信息
netstat [address_family_options] [--tcp|-t] [--udp|-u] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--symbolic|-N] [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [delay]
2 显示路由表
netstat {--route|-r} [address_family_options] [--extend|-e[--extend|-e]] [--verbose|-v] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
3 显示网卡统计信息
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
4 显示组播信息
netstat {--groups|-g} [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
5 显示假连接
netstat {--masquerade|-M} [--extend|-e] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
6 显示网络连接统计信息
netstat {--statistics|-s} [--tcp|-t] [--udp|-u] [--raw|-w] [delay]
7 显示命令版本信息
netstat {--version|-V}
8 显示命令帮助信息
netstat {--help|-h}
常用选项
--verbose , -v
输出详细信息
--numeric , -n
地址和端口以及用户使用数字显示
--numeric-hosts
地址使用数字显示
--numeric-ports
端口使用数字显示
--numeric-users
用户以用户id的方式显示
--protocol=family , -A
协议族,多个使用英文逗号分隔,常用网络协议族inet, inet6, unix, ipx, ax25, netrom, and ddp,效果和--inet, --inet6, --unix (-x), --ipx, --ax25, --netrom, and --ddp options这些选项等价
-c, --continuous
每秒循环输出信息
-e, --extend
输出更多信息,双选项表示输出更多更多信息
-o, --timers
输出网络定时器信息
-p, --program
输出程序名称
-l, --listening
仅显示正在监听的socket
-a, --all
显示所有状态的连接
-F
从FIB输出路由信息
-C
从路由缓存输出路由信息
-T --notrim
显示完整的长地址
输出字段说明
1 活跃网络连接
Proto
socket使用的网络协议 (TCP, UDP, raw)
Recv-Q
The count of bytes not copied by the user program connected to this socket.
Send-Q
The count of bytes not acknowledged by the remote host.
Local Address
本地地址
Foreign Address
远程地址
State
状态,针对TCP协议
ESTABLISHED
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSED The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the
--listening (-l) or --all (-a) option.
CLOSING
Both sockets are shut down but we still don’t have all our data sent.
UNKNOWN
The state of the socket is unknown.
User
用户
PID/Program name
程序名称
Timer
网络定时器
2 Active UNIX domain Sockets
Proto
协议,通常是unix
RefCnt
The reference count (i.e. attached processes via this socket).
Flags
The flags displayed is SO_ACCEPTON (displayed as ACC), SO_WAITDATA (W) or SO_NOSPACE (N). SO_ACCECPTON is used on unconnected sockets if their corresponding processes are waiting for a connect request. The other flags are not of normal interest.
Type
There are several types of socket access:
SOCK_DGRAM
The socket is used in Datagram (connectionless) mode.
SOCK_STREAM
This is a stream (connection) socket.
SOCK_RAW
The socket is used as a raw socket.
SOCK_RDM
This one serves reliably-delivered messages.
SOCK_SEQPACKET
This is a sequential packet socket.
SOCK_PACKET
Raw interface access socket.
UNKNOWN
Who ever knows what the future will bring us - just fill in here :-)
State
状态
FREE The socket is not allocated
LISTENING
The socket is listening for a connection request. Such sockets are only included in the output if you specify the
--listening (-l) or --all (-a) option.
CONNECTING
The socket is about to establish a connection.
CONNECTED
The socket is connected.
DISCONNECTING
The socket is disconnecting.
(empty)
The socket is not connected to another one.
UNKNOWN
This state should never happen.
PID/Program name
程序名称
Path
This is the path name as which the corresponding processes attached to the socket.
实践
1 显示系统正在监听的服务
[root@vm ~]# netstat -tlop
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name Timer
tcp 0 0 localhost:irdmi *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9121 *:* LISTEN 806/redis_exporter off (0.00/0/0)
tcp 0 0 localhost:websm *:* LISTEN 805/prometheus off (0.00/0/0)
tcp 0 0 localhost:9187 *:* LISTEN 807/postgres_export off (0.00/0/0)
tcp 0 0 *:8070 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:mysql *:* LISTEN 1821/mysqld.bin off (0.00/0/0)
tcp 0 0 localhost:6379 *:* LISTEN 1953/redis-server 1 off (0.00/0/0)
tcp 0 0 localhost:jetdirect *:* LISTEN 813/node_exporter off (0.00/0/0)
tcp 0 0 localhost:9229 *:* LISTEN 811/gitlab-workhors off (0.00/0/0)
tcp 0 0 localhost:webcache *:* LISTEN 960/unicorn master off (0.00/0/0)
tcp 0 0 *:http *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 localhost:9236 *:* LISTEN 814/gitaly off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 *:ddi-tcp-1 *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
tcp 0 0 *:https *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 *:8060 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:raid-am *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:ema-sent-lm *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
2 显示所有状态的tcp连接
[root@vm ~]# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:irdmi *:* LISTEN
tcp 0 0 localhost:9121 *:* LISTEN
tcp 0 0 localhost:websm *:* LISTEN
tcp 0 0 localhost:9187 *:* LISTEN
tcp 0 0 *:8070 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 localhost:6379 *:* LISTEN
tcp 0 0 localhost:jetdirect *:* LISTEN
tcp 0 0 localhost:9229 *:* LISTEN
tcp 0 0 localhost:webcache *:* LISTEN
tcp 0 0 *:http *:* LISTEN
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 localhost:9236 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:ddi-tcp-1 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 *:https *:* LISTEN
tcp 0 0 *:8060 *:* LISTEN
tcp 0 0 *:raid-am *:* LISTEN
tcp 0 0 localhost:ema-sent-lm *:* LISTEN
tcp 0 0 localhost:webcache localhost:59852 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42390 TIME_WAIT
tcp 0 0 localhost:42498 localhost:jetdirect TIME_WAIT
tcp 0 0 localhost:8070 localhost:40552 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45880 TIME_WAIT
tcp 0 0 localhost:50728 localhost:9121 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56396 TIME_WAIT
tcp 0 0 localhost:43358 localhost:http TIME_WAIT
tcp 0 0 localhost:58866 localhost:9229 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59818 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50830 TIME_WAIT
tcp 0 0 localhost:websm localhost:60060 TIME_WAIT
tcp 0 0 localhost:raid-am localhost:53338 ESTABLISHED
tcp 0 0 localhost:9121 localhost:50762 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:51548 ESTABLISHED
tcp 0 0 localhost:jetdirect localhost:42424 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42458 TIME_WAIT
tcp 0 0 localhost:58832 localhost:9229 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45846 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56430 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59886 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58764 TIME_WAIT
tcp 0 0 localhost:websm localhost:60134 TIME_WAIT
tcp 0 0 localhost:45812 localhost:9236 TIME_WAIT
tcp 0 0 localhost:60094 localhost:websm TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63964 ESTABLISHED
tcp 0 0 localhost:webcache localhost:59920 TIME_WAIT
tcp 0 0 localhost:53338 localhost:raid-am ESTABLISHED
tcp 0 0 localhost:9236 localhost:45778 TIME_WAIT
tcp 0 0 localhost:websm localhost:60026 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56362 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63386 ESTABLISHED
tcp 0 0 localhost:9187 localhost:56464 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58798 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50796 TIME_WAIT
tcp 0 0 localhost:8070 localhost:40550 TIME_WAIT
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:39366 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39354 TIME_WAIT
tcp 0 0 localhost:39332 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39298 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39408 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39400 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39428 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39306 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39320 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39340 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39374 TIME_WAIT
tcp 0 0 localhost:39388 localhost:9168 TIME_WAIT
3 显示网卡统计信息
[root@vm ~]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 51912 0 0 0 48318 0 0 0 BMRU
lo 65536 0 877515 0 0 0 877515 0 0 0 LRU
参考资料
【1】 man netstat
【2】TCP Timers
https://learningnetwork.cisco.com/thread/47664
N天学习一个linux命令之netstat的更多相关文章
- N天学习一个Linux命令之帮助命令:man
前言 工作中每天都在使用常用的命令和非常用的命令,忘记了用法或者参数,都会bing一下,然后如此循环.一直没有真正的系统的深入的去了解命令的用法,我决定打破它.以前看到有人,每天学习一个linux命令 ...
- N天学习一个Linux命令之free
用途 查看系统内存(物理/虚拟/缓存/共享)使用情况 用法 free [-b | -k | -m | -g | -h] [-o] [-s delay ] [-c count ] [-a] [-t] [ ...
- N天学习一个linux命令之ping
用途 检测主机是否可到达,也就是说,目标主机是否可以联网,还可以用于检测网速.通过发送ICMP ECHO_REQUEST数据包检测. 用法 ping [options] destination 常用选 ...
- N天学习一个linux命令之kill
用途 用于终止进程 用法 kill [-s signal|-p] [--] pid... kill -l [signal] 说明 1.默认发送信号15(请求终止进程,程序可以捕获,操作系统会杀死没有对 ...
- N天学习一个linux命令之du
用途 统计文件或者目录占用硬盘空间大小 用法 du [OPTION] [FILE]du [OPTION] --files0-from=F 常用参数 -a, --all统计所有文件,不仅仅是目录 -b, ...
- N天学习一个linux命令之scp
用途 通过ssh通道,不同主机之间复制文件 用法 scp [options] [user@host:]file1 [user2@host2:]file2 常用参数 -1使用 ssh 1协议 -2使用s ...
- 每天学习一个Linux命令-目录
在工作中总会零零散散使用到各种Linux命令,从今天开始详细的学习一下linux常用命令,坚持每天一个命令,学习的主要参考资料为: 1.竹子-博客(https://www.cnblogs.com/pe ...
- 每天一个linux命令(43)--netstat命令
netstat 命令用于显示与 IP TCP UDP 和 ICMP协议相关的统计数据,一般用于检验本机各端口的网络连接情况.netstat 是在内核中访问网络及相关信息的程序,它能提供TCP连接,T ...
- N天学习一个linux命令之umask
前言 umask不是linux命令,而是shell内置的指令,俗称用户权限掩码,用于对用户创建的文件和目录设置默认权限.默认的权限掩码是0022,也就是说新创建的文件权限是0644,新创建的目录权限是 ...
随机推荐
- C 语言程序员必读的 5 本书,你读过几本?
你正通过看书来学习C语言吗?书籍是知识的丰富来源.你可以从书中学到各种知识.书籍可以毫无歧视地向读者传达作者的本意.C语言是由 Dennis Ritchie在1969年到1973年在贝尔实验室研发的. ...
- InterferenceSignal-----------挺简单的 一道题 就是英语不好
InterferenceSignal 时间限制: 2000ms内存限制: 128000KB 64位整型: Java 类名: 上一题 提交 运行结果 统计 讨论版 下一题 类型: 没有 添加 题目描述 ...
- UNIX环境高级编程--5
标准I/O库流和FILE对象: 所有I/O函数都是围绕文件描述符的.当打开一个文件时,即返回一个文件描述符,然后该文件描述符就用于后续的I/O操作.当用标准I/O库打开或者创建一个文件时,我们已 ...
- DataFrame入门案例(集团公司对人事信息处理场景)
我用一个集团公司对人事信息处理场景的简单案例,来作为入门,详细分析DataFrame上的各种常用操作,包括集团子公司的职工人事信息的合并,职工的部门相关信息查询.职工信息的统计.关联职工与部门信息的统 ...
- Leetcode0143--Reorder List 链表重排
[转载请注明]https://www.cnblogs.com/igoslly/p/9351564.html 具体的图示可查看 链接 代码一 /** * Definition for singly-li ...
- CUDA-GPU编程
参考:http://blog.csdn.net/augusdi/article/details/12833235 第二节 新建NVIDIA项目: 新建项目及会生成一个简单的代码demo,计算矩阵的加 ...
- 【译】x86程序员手册19-6.3.2数据访问的约束
6.3.2 Restricting Access to Data 数据访问的约束 To address operands in memory, an 80386 program must load ...
- java设计模式03装饰者者模式
动态地给一个对象添加一些额外的职责.就增加功能来说, Decorator模式相比生成子类更为灵活.该模式以对客 户端透明的方式扩展对象的功能. (1)在不影响其他对象的情况下,以动态.透明的方式给单个 ...
- Lazarus Reading XML- with TXMLDocument and TXPathVariable
也就是使用XPath的方式,具体语法规则查看http://www.w3school.com.cn/xpath/xpath_syntax.asp,说明得相当详细.这里列举例子是说明在Lazarus/FP ...
- 【sqli-labs】 less57 GET -Challenge -Union -14 queries allowed -Variation4 (GET型 挑战 联合查询 只允许14次查询 变化4)
双引号闭合 http://192.168.136.128/sqli-labs-master/Less-57/?id=1"%23 和less56一样查数据