The Netstat command is used to display various network-related information such as network connection, routing table, interface statistics, masquerade connections, multicast group members, and so on.
On the whole, netstat output can be divided into two parts:
One is Active Internet connections, called active TCP connections, where "Recv-Q" and "Send-Q" means% 0A is the receive queue and the send queue. These numbers should generally be 0. If not, the package is being stacked in the queue. This can only be seen in very rare cases.
The other is Active UNIX domain sockets, called active Unix domain socket (and network socket, but can only be used for local communication, performance can be doubled).
ProtC shows the protocol used by the connection, RefCnt represents the process number connected to this interface, Types shows the type of socket, State displays the current state of the socket, and Path represents the pathname used by other processes connected to the socket.
Common parameters
-a (all) Displays all options, and LISTEN is not displayed by default
-t (tcp) Show only tcp related options
-u (udp) Show only udp related options
-n refuses to display aliases, can show all the numbers into numbers.
-l only lists the status of the service in Listen (listen)
-p Displays the name of the program that created the associated link
-r Displays the routing information and routing table
-e Displays extended information such as uid
-s Statistics by protocol
-c Execute the netstat command every other fixed time.
Tip: LISTEN and LISTENING state only with-a or-l can see
A practical command instance
1. List all ports (including listening and unregistered)
List all ports netstat -a
List all tcp ports netstat -at
List all udp ports netstat -au
2. List all Sockets that are listening
Only show the listening port netstat -l
Only list all tcp port netstat -lt
3. Display the statistics for each protocol
Display statistics for all ports netstat -s
4. Display the PID and the process name netstat -p in the netstat output
Netstat -p can be used with other switches, you can add "PID / process name" to the netstat output, so debugging time can be very convenient to find a specific port to run the program.
5. In the netstat output does not show the host, port and user name (host, port or user)
When you do not want the host, port and username display, use netstat -n. Will use numbers instead of those names.
The same can speed up the output, because no comparison query.
6. Continue to output netstat information
Netstat will output network information every second.
7. Show the system does not support the address family (Address Families)
Netstat -verbose
At the end of the output, the following information is available
8. Display the core routing information netstat -r
Note: Use netstat -rn to display the number format without querying the host name.
9. Locate the port on which the program is running
Not all processes can be found, there is no permission will not show, use the root privileges to view all the information.
10. Display the network interface list
11. IP and TCP analysis
View the maximum number of IP addresses that connect to a service port
0 comments:
Post a Comment