N天学习一个linux命令之netstat
用途
打印网络连接,路由表,网卡信息,假连接,组播成员信息
用法
1 显示网络连接信息
netstat [address_family_options] [--tcp|-t] [--udp|-u] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--symbolic|-N] [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [delay]
2 显示路由表
netstat {--route|-r} [address_family_options] [--extend|-e[--extend|-e]] [--verbose|-v] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
3 显示网卡统计信息
netstat {--interfaces|-I|-i} [iface] [--all|-a] [--extend|-e] [--verbose|-v] [--program|-p] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
4 显示组播信息
netstat {--groups|-g} [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
5 显示假连接
netstat {--masquerade|-M} [--extend|-e] [--numeric|-n] [--numeric-hosts][--numeric-ports][--numeric-ports] [--continuous|-c] [delay]
6 显示网络连接统计信息
netstat {--statistics|-s} [--tcp|-t] [--udp|-u] [--raw|-w] [delay]
7 显示命令版本信息
netstat {--version|-V}
8 显示命令帮助信息
netstat {--help|-h}
常用选项
--verbose , -v
输出详细信息
--numeric , -n
地址和端口以及用户使用数字显示
--numeric-hosts
地址使用数字显示
--numeric-ports
端口使用数字显示
--numeric-users
用户以用户id的方式显示
--protocol=family , -A
协议族,多个使用英文逗号分隔,常用网络协议族inet, inet6, unix, ipx, ax25, netrom, and ddp,效果和--inet, --inet6, --unix (-x), --ipx, --ax25, --netrom, and --ddp options这些选项等价
-c, --continuous
每秒循环输出信息
-e, --extend
输出更多信息,双选项表示输出更多更多信息
-o, --timers
输出网络定时器信息
-p, --program
输出程序名称
-l, --listening
仅显示正在监听的socket
-a, --all
显示所有状态的连接
-F
从FIB输出路由信息
-C
从路由缓存输出路由信息
-T --notrim
显示完整的长地址
输出字段说明
1 活跃网络连接
Proto
socket使用的网络协议 (TCP, UDP, raw)
Recv-Q
The count of bytes not copied by the user program connected to this socket.
Send-Q
The count of bytes not acknowledged by the remote host.
Local Address
本地地址
Foreign Address
远程地址
State
状态,针对TCP协议
ESTABLISHED
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSED The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the
--listening (-l) or --all (-a) option.
CLOSING
Both sockets are shut down but we still don’t have all our data sent.
UNKNOWN
The state of the socket is unknown.
User
用户
PID/Program name
程序名称
Timer
网络定时器
2 Active UNIX domain Sockets
Proto
协议,通常是unix
RefCnt
The reference count (i.e. attached processes via this socket).
Flags
The flags displayed is SO_ACCEPTON (displayed as ACC), SO_WAITDATA (W) or SO_NOSPACE (N). SO_ACCECPTON is used on unconnected sockets if their corresponding processes are waiting for a connect request. The other flags are not of normal interest.
Type
There are several types of socket access:
SOCK_DGRAM
The socket is used in Datagram (connectionless) mode.
SOCK_STREAM
This is a stream (connection) socket.
SOCK_RAW
The socket is used as a raw socket.
SOCK_RDM
This one serves reliably-delivered messages.
SOCK_SEQPACKET
This is a sequential packet socket.
SOCK_PACKET
Raw interface access socket.
UNKNOWN
Who ever knows what the future will bring us - just fill in here :-)
State
状态
FREE The socket is not allocated
LISTENING
The socket is listening for a connection request. Such sockets are only included in the output if you specify the
--listening (-l) or --all (-a) option.
CONNECTING
The socket is about to establish a connection.
CONNECTED
The socket is connected.
DISCONNECTING
The socket is disconnecting.
(empty)
The socket is not connected to another one.
UNKNOWN
This state should never happen.
PID/Program name
程序名称
Path
This is the path name as which the corresponding processes attached to the socket.
实践
1 显示系统正在监听的服务
[root@vm ~]# netstat -tlop
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name Timer
tcp 0 0 localhost:irdmi *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9121 *:* LISTEN 806/redis_exporter off (0.00/0/0)
tcp 0 0 localhost:websm *:* LISTEN 805/prometheus off (0.00/0/0)
tcp 0 0 localhost:9187 *:* LISTEN 807/postgres_export off (0.00/0/0)
tcp 0 0 *:8070 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:mysql *:* LISTEN 1821/mysqld.bin off (0.00/0/0)
tcp 0 0 localhost:6379 *:* LISTEN 1953/redis-server 1 off (0.00/0/0)
tcp 0 0 localhost:jetdirect *:* LISTEN 813/node_exporter off (0.00/0/0)
tcp 0 0 localhost:9229 *:* LISTEN 811/gitlab-workhors off (0.00/0/0)
tcp 0 0 localhost:webcache *:* LISTEN 960/unicorn master off (0.00/0/0)
tcp 0 0 *:http *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 localhost:9236 *:* LISTEN 814/gitaly off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 *:ddi-tcp-1 *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
tcp 0 0 *:https *:* LISTEN 1892/nginx off (0.00/0/0)
tcp 0 0 *:8060 *:* LISTEN 812/nginx off (0.00/0/0)
tcp 0 0 *:raid-am *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:ema-sent-lm *:* LISTEN 30478/./skynet/skyn off (0.00/0/0)
tcp 0 0 localhost:9168 *:* LISTEN 810/ruby off (0.00/0/0)
tcp 0 0 *:ssh *:* LISTEN 1430/sshd off (0.00/0/0)
tcp 0 0 localhost:smtp *:* LISTEN 1509/master off (0.00/0/0)
2 显示所有状态的tcp连接
[root@vm ~]# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:irdmi *:* LISTEN
tcp 0 0 localhost:9121 *:* LISTEN
tcp 0 0 localhost:websm *:* LISTEN
tcp 0 0 localhost:9187 *:* LISTEN
tcp 0 0 *:8070 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 localhost:6379 *:* LISTEN
tcp 0 0 localhost:jetdirect *:* LISTEN
tcp 0 0 localhost:9229 *:* LISTEN
tcp 0 0 localhost:webcache *:* LISTEN
tcp 0 0 *:http *:* LISTEN
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 localhost:9236 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:ddi-tcp-1 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 *:https *:* LISTEN
tcp 0 0 *:8060 *:* LISTEN
tcp 0 0 *:raid-am *:* LISTEN
tcp 0 0 localhost:ema-sent-lm *:* LISTEN
tcp 0 0 localhost:webcache localhost:59852 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42390 TIME_WAIT
tcp 0 0 localhost:42498 localhost:jetdirect TIME_WAIT
tcp 0 0 localhost:8070 localhost:40552 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45880 TIME_WAIT
tcp 0 0 localhost:50728 localhost:9121 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56396 TIME_WAIT
tcp 0 0 localhost:43358 localhost:http TIME_WAIT
tcp 0 0 localhost:58866 localhost:9229 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59818 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50830 TIME_WAIT
tcp 0 0 localhost:websm localhost:60060 TIME_WAIT
tcp 0 0 localhost:raid-am localhost:53338 ESTABLISHED
tcp 0 0 localhost:9121 localhost:50762 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:51548 ESTABLISHED
tcp 0 0 localhost:jetdirect localhost:42424 TIME_WAIT
tcp 0 0 localhost:jetdirect localhost:42458 TIME_WAIT
tcp 0 0 localhost:58832 localhost:9229 TIME_WAIT
tcp 0 0 localhost:9236 localhost:45846 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56430 TIME_WAIT
tcp 0 0 localhost:webcache localhost:59886 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58764 TIME_WAIT
tcp 0 0 localhost:websm localhost:60134 TIME_WAIT
tcp 0 0 localhost:45812 localhost:9236 TIME_WAIT
tcp 0 0 localhost:60094 localhost:websm TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63964 ESTABLISHED
tcp 0 0 localhost:webcache localhost:59920 TIME_WAIT
tcp 0 0 localhost:53338 localhost:raid-am ESTABLISHED
tcp 0 0 localhost:9236 localhost:45778 TIME_WAIT
tcp 0 0 localhost:websm localhost:60026 TIME_WAIT
tcp 0 0 localhost:9187 localhost:56362 TIME_WAIT
tcp 0 0 10.0.2.4:ssh 10.0.2.2:63386 ESTABLISHED
tcp 0 0 localhost:9187 localhost:56464 TIME_WAIT
tcp 0 0 localhost:9229 localhost:58798 TIME_WAIT
tcp 0 0 localhost:9121 localhost:50796 TIME_WAIT
tcp 0 0 localhost:8070 localhost:40550 TIME_WAIT
tcp 0 0 localhost:9168 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:39366 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39354 TIME_WAIT
tcp 0 0 localhost:39332 localhost:9168 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39298 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39408 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39400 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39428 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39306 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39320 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39340 TIME_WAIT
tcp 0 0 localhost:9168 localhost:39374 TIME_WAIT
tcp 0 0 localhost:39388 localhost:9168 TIME_WAIT
3 显示网卡统计信息
[root@vm ~]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 51912 0 0 0 48318 0 0 0 BMRU
lo 65536 0 877515 0 0 0 877515 0 0 0 LRU
参考资料
【1】 man netstat
【2】TCP Timers
https://learningnetwork.cisco.com/thread/47664
N天学习一个linux命令之netstat的更多相关文章
- N天学习一个Linux命令之帮助命令:man
前言 工作中每天都在使用常用的命令和非常用的命令,忘记了用法或者参数,都会bing一下,然后如此循环.一直没有真正的系统的深入的去了解命令的用法,我决定打破它.以前看到有人,每天学习一个linux命令 ...
- N天学习一个Linux命令之free
用途 查看系统内存(物理/虚拟/缓存/共享)使用情况 用法 free [-b | -k | -m | -g | -h] [-o] [-s delay ] [-c count ] [-a] [-t] [ ...
- N天学习一个linux命令之ping
用途 检测主机是否可到达,也就是说,目标主机是否可以联网,还可以用于检测网速.通过发送ICMP ECHO_REQUEST数据包检测. 用法 ping [options] destination 常用选 ...
- N天学习一个linux命令之kill
用途 用于终止进程 用法 kill [-s signal|-p] [--] pid... kill -l [signal] 说明 1.默认发送信号15(请求终止进程,程序可以捕获,操作系统会杀死没有对 ...
- N天学习一个linux命令之du
用途 统计文件或者目录占用硬盘空间大小 用法 du [OPTION] [FILE]du [OPTION] --files0-from=F 常用参数 -a, --all统计所有文件,不仅仅是目录 -b, ...
- N天学习一个linux命令之scp
用途 通过ssh通道,不同主机之间复制文件 用法 scp [options] [user@host:]file1 [user2@host2:]file2 常用参数 -1使用 ssh 1协议 -2使用s ...
- 每天学习一个Linux命令-目录
在工作中总会零零散散使用到各种Linux命令,从今天开始详细的学习一下linux常用命令,坚持每天一个命令,学习的主要参考资料为: 1.竹子-博客(https://www.cnblogs.com/pe ...
- 每天一个linux命令(43)--netstat命令
netstat 命令用于显示与 IP TCP UDP 和 ICMP协议相关的统计数据,一般用于检验本机各端口的网络连接情况.netstat 是在内核中访问网络及相关信息的程序,它能提供TCP连接,T ...
- N天学习一个linux命令之umask
前言 umask不是linux命令,而是shell内置的指令,俗称用户权限掩码,用于对用户创建的文件和目录设置默认权限.默认的权限掩码是0022,也就是说新创建的文件权限是0644,新创建的目录权限是 ...
随机推荐
- codeforces——数学
codeforces 805A http://codeforces.com/problemset/problem/805/A /* 题意:输入两个整数l,r,让你找一个因子 使得[l,r]里面 ...
- [Swift通天遁地]八、媒体与动画-(9)快速实现复合、Label、延续、延时、重复、缓冲、弹性动画
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★➤微信公众号:山青咏芝(shanqingyongzhi)➤博客园地址:山青咏芝(https://www.cnblogs. ...
- 设计模式 |备忘录模式(memento)
定义: 在不破坏封装性的前提下,捕获一个对象的内部状态,并在该对象之外保存这个状态.这样以后就可以将该对象恢复到原先保存的状态. 结构:(书中图,侵删) Originator:需要备份的类(写在便签上 ...
- Java使用Player播放mp3
大家平时闲了都会听听歌,散散心,于是很多人就问,在Java里边如何播放歌曲呢,唉,别说,在Java里边还真能歌曲,下面我为大家揭晓. 我们都知道Java里边做什么都需要对应的jar包,首先贴上mave ...
- SpringBoot2.0整合Redission
Redisson是redis一个很强大的客户端,有兴趣的同学可以看我的下一篇文章,这篇主要讲如何整合,费话不多说,直接上干货(大牛请绕道) 首先创建RedissionConfig文件 import o ...
- Jquery课堂上课了,第一节Jquery选择器$
Jquery是优秀的Javascrīpt框架,$是jquery库的申明,它很不稳定(我就常遇上),换一种稳定的写法jQuery.noConflict(); jQue ...
- 国内外知名IT科技博客
国内 1.36氪(www.36kr.com): 目前国内做的最风生水起的科技博客,以介绍国内外互联网创业新闻为主的博客网站,自己建立有36Tree互联网创业融投资社区.36氪的名字源于元素周期 表的第 ...
- mysql GTID主从复制(主库在线,添加新丛库)
要求: 1. 主库上线,主库不停止服务的前提下做主从复制 2. 新添加一个丛库 操作: 1. 在主库导出数据(主库正常运行): 2. 将 ...
- MVC5+EasyUI+EF6+Linq通用权限系统出炉(1)
1.先晒一下结构吧,
- (转) Arcgis for js之WKT和GEOMETRY的相互转换
http://blog.csdn.net/gisshixisheng/article/details/44057453 1.wkt简介 WKT(Well-known text)是一种文本标记语言,用于 ...