@[toc]
功能
netstat 命令用于显示各种网络相关信息,比如网络连接,路由表,接口状态 (Interface Statistics),masquerade 连接,多播成员 Multicast Memberships等等
语法
列几个比较常用的
- -t (tcp) 仅显示tcp相关选项
- -u (udp)仅显示udp相关选项
- -n 拒绝显示别名,能显示数字的全部转化为数字
- -l 仅列出在Listen(监听)的服务状态
- -p 显示建立相关链接的程序名
- -a或--all:显示所有连线中的Socket;
- -A<网络类型>或--<网络类型>:列出该网络类型连线中的相关地址;
- -c或--continuous:持续列出网络状态;
- -C或--cache:显示路由器配置的快取信息;
- -e或--extend:显示网络其他相关信息;
- -F或--fib:显示FIB;
- -g或--groups:显示多重广播功能群组组员名单;
- -h或--help:在线帮助;
- -i或--interfaces:显示网络界面信息表单;
- -l或--listening:显示监控中的服务器的Socket;
- -M或--masquerade:显示伪装的网络连线;
- -n或--numeric:直接使用ip地址,而不通过域名服务器;
- -N或--netlink或--symbolic:显示网络硬件外围设备的符号连接名称;
- -o或--timers:显示计时器;
- -p或--programs:显示正在使用Socket的程序识别码和程序名称;
- -r或--route:显示Routing Table;
- -s或--statistice:显示网络工作信息统计表;
- -t或--tcp:显示TCP传输协议的连线状况;
- -u或--udp:显示UDP传输协议的连线状况;
- -v或--verbose:显示指令执行过程;
- -V或--version:显示版本信息;
- -w或--raw:显示RAW传输协议的连线状况;
- -x或--unix:此参数的效果和指定"-A unix"参数相同;
- --ip或--inet:此参数的效果和指定"-A inet"参数相同。
示例
显示 tcp,udp 的端口和进程
netstat -tunlp这里我们简单科普一下网络连接状态State的含义 :
- LISTEN:(Listening for a connection.)侦听来自远方的TCP端口的连接请求
- SYN-SENT:(Active; sent SYN. Waiting for a matching connection request after having sent a connection request.)再发送连接请求后等待匹配的连接请求
- SYN-RECEIVED:(Sent and received SYN. Waiting for a confirming connection request acknowledgment after having both received and sent connection requests.)再收到和发送一个连接请求后等待对方对连接请求的确认
- ESTABLISHED:(Connection established.)代表一个打开的连接
- FIN-WAIT-1:(Closed; sent FIN.)等待远程TCP连接中断请求,或先前的连接中断请求的确认
- FIN-WAIT-2:(Closed; FIN is acknowledged; awaiting FIN.)从远程TCP等待连接中断请求
- CLOSE-WAIT:(Received FIN; waiting to receive CLOSE.)等待从本地用户发来的连接中断请求
- CLOSING:(Closed; exchanged FIN; waiting for FIN.)等待远程TCP对连接中断的确认
- LAST-ACK:(Received FIN and CLOSE; waiting for FIN ACK.)等待原来的发向远程TCP的连接中断请求的确认
- TIME-WAIT:(In 2 MSL (twice the maximum segment length) quiet wait after close. )等待足够的时间以确保远程TCP接收到连接中断请求的确认
- CLOSED:(Connection is closed.)没有任何连接状态
Show both listening and non-listening sockets
# netstat -a | more : To show both listening and
non-listening sockets.
List all tcp ports.
# netstat -at : To list all tcp ports.List all udp ports
# netstat -au : To list all udp ports.List only listening ports
# netstat -l : To list only the listening ports.List only listening TCP ports.
# netstat -lt : To list only the listening tcp ports.List only listening UDP ports.
# netstat -lu : To list only the listening udp ports.List only the listening UNIX ports
# netstat -lx : To list only the listening UNIX portsList the statistics for all ports.
# netstat -s : To list the statistics for all ports.List the statistics for TCP (or) UDP ports.
# netstat -st(TCP) : To list the statistics for TCP ports.
# netstat -su(UDP) : List the statistics for UDP ports.Display PID and program names in the output.
# netstat -pt : To display the PID and program names.Print the netstat information continuously.
# netstat -c : To print the netstat information continuously.The kernel routing information.
# netstat -r : To get the kernel routing information.The port on which a program is running.
# netstat -ap | grep ssh : To get the port
on which a program is running.Which process is using a particular port:
# netstat -an | grep ':80' : To get the process
which is using the given port.
