via: http://www.tecmint.com/20-netstat-commands-for-linux-network-management/
netstat (network statistics) is a command line tool for monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics etc. netstat is available on all Unix-like Operating Systems and also available on Windows OS as well. It is very useful in terms of network troubleshooting and performance measurement. netstat is one of the most basic network service debugging tools, telling you what ports are open and whether any programs are listening on ports.
This tool is very important and much useful for Linux network administrators as well as system administrators to monitor and troubleshoot their network related problems and determine network traffic performance. This article shows usages of netstat command with their examples which may be useful in daily operation.
1. Listing all the LISTENING Ports of TCP and UDP connections
Listing all ports (both TCP and UDP) using netstat -a option.
# netstat -a | more Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:sunrpc *:* LISTEN tcp 0 52 192.168.0.2:ssh 192.168.0.1:egs ESTABLISHED tcp 1 0 192.168.0.2:59292 www.gov.com:http CLOSE_WAIT tcp 0 0 localhost:smtp *:* LISTEN tcp 0 0 *:59482 *:* LISTEN udp 0 0 *:35036 *:* udp 0 0 *:npmp-local *:* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 16972 /tmp/orbit-root/linc-76b-0-6fa08790553d6 unix 2 [ ACC ] STREAM LISTENING 17149 /tmp/orbit-root/linc-794-0-7058d584166d2 unix 2 [ ACC ] STREAM LISTENING 17161 /tmp/orbit-root/linc-792-0-546fe905321cc unix 2 [ ACC ] STREAM LISTENING 15938 /tmp/orbit-root/linc-74b-0-415135cb6aeab
2. Listing TCP Ports connections
Listing only TCP (Transmission Control Protocol) port connections using netstat -at.
# netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost:ipp *:* LISTEN tcp 0 0 localhost:smtp *:* LISTEN tcp 0 52 192.168.0.2:ssh 192.168.0.1:egs ESTABLISHED tcp 1 0 192.168.0.2:59292 www.gov.com:http CLOSE_WAIT
3. Listing UDP Ports connections
Listing only UDP (User Datagram Protocol ) port connections using netstat -au.
# netstat -au Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 *:35036 *:* udp 0 0 *:npmp-local *:* udp 0 0 *:mdns *:*
4. Listing all LISTENING Connections
Listing all active listening ports connections with netstat -l.
# netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:58642 *:* LISTEN tcp 0 0 *:ssh *:* LISTEN udp 0 0 *:35036 *:* udp 0 0 *:npmp-local *:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 16972 /tmp/orbit-root/linc-76b-0-6fa08790553d6 unix 2 [ ACC ] STREAM LISTENING 17149 /tmp/orbit-root/linc-794-0-7058d584166d2 unix 2 [ ACC ] STREAM LISTENING 17161 /tmp/orbit-root/linc-792-0-546fe905321cc unix 2 [ ACC ] STREAM LISTENING 15938 /tmp/orbit-root/linc-74b-0-415135cb6aeab
5. Listing all TCP Listening Ports
Listing all active listening TCP ports by using option netstat -lt.
# netstat -lt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:dctp *:* LISTEN tcp 0 0 *:mysql *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:munin *:* LISTEN tcp 0 0 *:ftp *:* LISTEN tcp 0 0 localhost.localdomain:ipp *:* LISTEN tcp 0 0 localhost.localdomain:smtp *:* LISTEN tcp 0 0 *:http *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:https *:* LISTEN
6. Listing all UDP Listening Ports
Listing all active listening UDP ports by using option netstat -lu.
# netstat -lu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 *:39578 *:* udp 0 0 *:meregister *:* udp 0 0 *:vpps-qua *:* udp 0 0 *:openvpn *:* udp 0 0 *:mdns *:* udp 0 0 *:sunrpc *:* udp 0 0 *:ipp *:* udp 0 0 *:60222 *:* udp 0 0 *:mdns *:*
7. Listing all UNIX Listening Ports
Listing all active UNIX listening ports using netstat -lx.
# netstat -lx Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 4171 @ISCSIADM_ABSTRACT_NAMESPACE unix 2 [ ACC ] STREAM LISTENING 5767 /var/run/cups/cups.sock unix 2 [ ACC ] STREAM LISTENING 7082 @/tmp/fam-root- unix 2 [ ACC ] STREAM LISTENING 6157 /dev/gpmctl unix 2 [ ACC ] STREAM LISTENING 6215 @/var/run/hald/dbus-IcefTIUkHm unix 2 [ ACC ] STREAM LISTENING 6038 /tmp/.font-unix/fs7100 unix 2 [ ACC ] STREAM LISTENING 6175 /var/run/avahi-daemon/socket unix 2 [ ACC ] STREAM LISTENING 4157 @ISCSID_UIP_ABSTRACT_NAMESPACE unix 2 [ ACC ] STREAM LISTENING 60835836 /var/lib/mysql/mysql.sock unix 2 [ ACC ] STREAM LISTENING 4645 /var/run/audispd_events unix 2 [ ACC ] STREAM LISTENING 5136 /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 6216 @/var/run/hald/dbus-wsUBI30V2I unix 2 [ ACC ] STREAM LISTENING 5517 /var/run/acpid.socket unix 2 [ ACC ] STREAM LISTENING 5531 /var/run/pcscd.comm
8. Showing Statistics by Protocol
Displays statistics by protocol. By default, statistics are shown for the TCP, UDP, ICMP, and IP protocols. The -s parameter can be used to specify a set of protocols.
# netstat -s
Ip:
2461 total packets received
0 forwarded
0 incoming packets discarded
2431 incoming packets delivered
2049 requests sent out
Icmp:
0 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
1 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 1
Tcp:
159 active connections openings
1 passive connection openings
4 failed connection attempts
0 connection resets received
1 connections established
2191 segments received
1745 segments send out
24 segments retransmited
0 bad segments received.
4 resets sent
Udp:
243 packets received
1 packets to unknown port received.
0 packet receive errors
281 packets sent
9. Showing Statistics by TCP Protocol
Showing statistics of only TCP protocol by using option netstat -st.
# netstat -st
Tcp:
2805201 active connections openings
1597466 passive connection openings
1522484 failed connection attempts
37806 connection resets received
1 connections established
57718706 segments received
64280042 segments send out
3135688 segments retransmited
74 bad segments received.
17580 resets sent
10. Showing Statistics by UDP Protocol
# netstat -su
Udp:
1774823 packets received
901848 packets to unknown port received.
0 packet receive errors
2968722 packets sent
11. Displaying Service name with PID
Displaying service name with their PID number, using option netstat -tp will display “PID/Program Name”.
# netstat -tp Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.0.2:ssh 192.168.0.1:egs ESTABLISHED 2179/sshd tcp 1 0 192.168.0.2:59292 www.gov.com:http CLOSE_WAIT 1939/clock-applet
12. Displaying Promiscuous Mode
Displaying Promiscuous mode with -ac switch, netstat print the selected information or refresh screen every five second. Default screen refresh in every second.
# netstat -ac 5 | grep tcp tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:58642 *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost:ipp *:* LISTEN tcp 0 0 localhost:smtp *:* LISTEN tcp 1 0 192.168.0.2:59447 www.gov.com:http CLOSE_WAIT tcp 0 52 192.168.0.2:ssh 192.168.0.1:egs ESTABLISHED tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost:ipp *:* LISTEN tcp 0 0 localhost:smtp *:* LISTEN tcp 0 0 *:59482 *:* LISTEN
13. Displaying Kernel IP routing
Display Kernel IP routing table with netstat and route command.
# netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 0 0 0 eth0 default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
14. Showing Network Interface Transactions
Showing network interface packet transactions including both transferring and receiving packets with MTU size.
# netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 4459 0 0 0 4057 0 0 0 BMRU lo 16436 0 8 0 0 0 8 0 0 0 LRU
15. Showing Kernel Interface Table
Showing Kernel interface table, similar to ifconfig command.
# netstat -ie
Kernel Interface table
eth0 Link encap:Ethernet HWaddr 00:0C:29:B4:DA:21
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb4:da21/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4486 errors:0 dropped:0 overruns:0 frame:0
TX packets:4077 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2720253 (2.5 MiB) TX bytes:1161745 (1.1 MiB)
Interrupt:18 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:480 (480.0 b) TX bytes:480 (480.0 b)
16. Displaying IPv4 and IPv6 Information
Displays multicast group membership information for both IPv4 and IPv6.
# netstat -g IPv6/IPv4 Group Memberships Interface RefCnt Group --------------- ------ --------------------- lo 1 all-systems.mcast.net eth0 1 224.0.0.251 eth0 1 all-systems.mcast.net lo 1 ff02::1 eth0 1 ff02::202 eth0 1 ff02::1:ffb4:da21 eth0 1 ff02::1
17. Print Netstat Information Continuously
To get netstat information every few second, then use the following command, it will print netstat information continuously, say every few seconds.
# netstat -c Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 tecmint.com:http sg2nlhg007.shr.prod.s:36944 TIME_WAIT tcp 0 0 tecmint.com:http sg2nlhg010.shr.prod.s:42110 TIME_WAIT tcp 0 132 tecmint.com:ssh 115.113.134.3.static-:64662 ESTABLISHED tcp 0 0 tecmint.com:http crawl-66-249-71-240.g:41166 TIME_WAIT tcp 0 0 localhost.localdomain:54823 localhost.localdomain:smtp TIME_WAIT tcp 0 0 localhost.localdomain:54822 localhost.localdomain:smtp TIME_WAIT tcp 0 0 tecmint.com:http sg2nlhg010.shr.prod.s:42091 TIME_WAIT tcp 0 0 tecmint.com:http sg2nlhg007.shr.prod.s:36998 TIME_WAIT
18. Finding non supportive Address
Finding un-configured address families with some useful information.
# netstat --verbose netstat: no support for `AF IPX' on this system. netstat: no support for `AF AX25' on this system. netstat: no support for `AF X25' on this system. netstat: no support for `AF NETROM' on this system.
19. Finding Listening Programs
Find out how many listening programs running on a port.
# netstat -ap | grep http tcp 0 0 *:http *:* LISTEN 9056/httpd tcp 0 0 *:https *:* LISTEN 9056/httpd tcp 0 0 tecmint.com:http sg2nlhg008.shr.prod.s:35248 TIME_WAIT - tcp 0 0 tecmint.com:http sg2nlhg007.shr.prod.s:57783 TIME_WAIT - tcp 0 0 tecmint.com:http sg2nlhg007.shr.prod.s:57769 TIME_WAIT - tcp 0 0 tecmint.com:http sg2nlhg008.shr.prod.s:35270 TIME_WAIT - tcp 0 0 tecmint.com:http sg2nlhg009.shr.prod.s:41637 TIME_WAIT - tcp 0 0 tecmint.com:http sg2nlhg009.shr.prod.s:41614 TIME_WAIT - unix 2 [ ] STREAM CONNECTED 88586726 10394/httpd
20. Displaying RAW Network Statistics
# netstat --statistics --raw
Ip:
62175683 total packets received
52970 with invalid addresses
0 forwarded
Icmp:
875519 ICMP messages received
destination unreachable: 901671
echo request: 8
echo replies: 16253
IcmpMsg:
InType0: 83
IpExt:
InMcastPkts: 117
That’s it, If you are looking for more information and options about netstat command, refer netstat manual docs or use man netstat command to know all the information. If we’ve missed anything in the list, please inform us using our comment section below. So, we could keep updating this list based on your comments.
相关推荐
在文档`linux netstat rmsock.docx`中,可能包含了这些工具的详细使用方法和实际操作示例,建议阅读以获取更全面的指导。 总之,`netstat`是检查网络连接的首选工具,`rmsock`可能是特定环境下管理套接字的工具,而...
Linux是世界上最广泛使用的开源操作系统之一,它为个人用户、企业乃至超级计算机提供了强大的计算平台。在准备Linux期末考试时,了解Linux的基础知识、命令行操作、文件系统管理、权限控制、进程管理、网络配置以及...
标题中的“Linux Commands Cheat Sheet”指的是一个用于快速参考的Linux命令集合,通常包含了一系列在Linux命令行界面(也称为终端或控制台)中常用的命令。这个“PhoenixNAP_Linux_Console”版本可能是由PhoenixNAP...
Linux是开源的操作系统,源于UNIX,它以其稳定性和灵活性在全球范围内广泛应用,特别是在服务器领域。本教程针对初学者,旨在提供全面的Linux学习指南。 一、Linux基础 Linux是一套自由和开放源码的类UNIX操作系统...
在深入探讨Linux中netstat命令的丰富功能与应用之前,我们先简要回顾一下netstat的基本定义:netstat是Linux系统中一个强大的网络诊断工具,主要用于显示与IP、TCP、UDP和ICMP协议相关的统计数据,尤其适用于监测和...
在IT领域,Linux操作系统是开发者和系统管理员的重要工具,尤其对于初学者来说,掌握基本的Linux命令行操作至关重要。"Linux_command.rar" 提供了一个针对Linux初学者的学习资源,主要聚焦于60个常用命令的教学,...
在Linux操作系统中,数据采集是一项重要的任务,尤其在监控系统性能、分析日志或进行大数据分析时。本压缩包文件“linux_test.rar”似乎包含了与Linux数据采集相关的资源,包括可能的数据采集脚本、配置文件或者说明...
在Linux系统中,我们面临的是一个强大的开源操作系统,它提供了丰富的命令行工具和广泛的软件支持。这个名为"linux_system"的资料可能包含了关于Linux系统管理、命令行操作、系统服务配置以及性能监控等方面的知识。...
在Linux操作系统中,掌握一些基本的命令行操作是至关重要的,因为这将极大地提升你在系统管理、文件操作、网络通信等方面的工作效率。本资源“linux_ppt.zip”包含了一个关于Linux命令的介绍,可能是以PPT的形式呈现...
### Linux性能工具详解 #### 一、背景与概述 在当今快速发展的信息技术领域,Linux作为最流行的开源操作系统之一,在服务器端、云计算以及高性能计算等领域占据了举足轻重的地位。随着技术的发展,对于Linux系统的...
在IT领域,网络通信是计算机科学的一个重要组成部分,而TCP(传输控制协议)作为网络通信中的主力协议,尤其在Linux操作系统中扮演着至关重要的角色。本文将深入探讨Linux下的TCP编程,包括TCP套接字(socket)的...
描述中提到“Sample for use netstat command on Delphi”,这表明我们将探讨如何在Delphi程序中调用系统命令来执行NetStat,并处理返回的数据。这通常涉及到进程控制、命令行参数传递以及可能的文本解析,以便将...
在Linux系统中,Socket编程是实现网络通信的基础,它提供了一种进程间通信(IPC)机制,使得运行在...记得在编写和调试代码时,充分利用Linux的命令行工具,如`netstat`、`tcpdump`等,来观察网络状态和数据传输情况。
在IT领域,尤其是在网络通信和系统管理中,"心跳包"是一个非常重要的概念,尤其在Linux环境下。心跳包,也称为“ping包”,是用于检测网络连接状态或维持长连接的一种技术。它的工作原理是通过周期性地发送小型...
4. **网络配置与管理**:在Linux中,网络配置涉及到ifconfig, route, netstat等命令,理解IP地址、子网掩码、路由规则等概念对网络问题排查至关重要。 5. **软件包管理**:在Linux系统中,apt(Debian/Ubuntu)或...
Linux 命令之 netstat Netstat 命令是 Linux 系统中一个非常重要的命令,它可以用来查看 Linux 系统中正在使用的服务和端口情况。下面是 Netstat 命令的详细介绍。 Netstat 命令的基本用法 Netstat 命令的基本...
在Linux操作系统中,网络编程是开发跨平台网络应用的关键技能之一。标题中的“linuxwangluo.rar”可能是一个包含详细教程或参考资料的压缩文件,专注于Linux下的网络编程。描述指出,该资源深入讲解了Linux网络编程...
【LINUX_24学时教程(1)】是一份全面深入学习Linux操作系统的课程资料,分为上下两部分,共计12个PDF文档。这部分教程主要涵盖了Linux的基础知识,是初学者入门的理想选择,同时也适合有一定经验的用户巩固和深化...
Linux下的TCP调试是一个重要的话题,通常使用`strace`工具跟踪系统调用,`tcpdump`抓取网络包,或者`netstat`查看网络状态。此外,`gdb`可以用来调试C/C++程序,帮助找出潜在的运行时问题。在"linux_tcp调试"这部分...
在IT领域,Linux操作系统是许多专业技术人员不可或缺的工具,尤其对于服务器管理、网络运维和软件开发等场景。本文将深入探讨“ice_chen_linux_command”这个主题,它聚焦于Linux命令行操作,帮助用户掌握日常工作中...