netstat命令参数和使用详解

##netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships##
##netstat - 打印网络连接、路由表、接口统计、伪装连接和多播成员关系##


参数


usage: netstat [-veenNcCF] [] -r         netstat {-V|--version|-h|--help}
       netstat [-vnNcaeol] [ ...]
       netstat { [-veenNac] -I[] | [-veenNac] -i | [-cnNe] -M | -s } [delay]

        -r, --route                display routing table            #显示路由表
        -I, --interfaces=   display interface table for   #显示网络接口表
        -i, --interfaces           display interface table  #显示网络接口表
        -g, --groups               display multicast group memberships      #显示多播组成员
        -s, --statistics           display networking statistics (like SNMP)    #显示网络统计数据,如IP/ICMP/SNMP/..各协议统计。
        -M, --masquerade           display masqueraded connections     #显示伪装的连接

        -v, --verbose              be verbose   #详细信息
        -n, --numeric              don't resolve names     #不做名字解析
        --numeric-hosts            don't resolve host names     #不做主机名解析
        --numeric-ports            don't resolve port names     #不做端口名解析
        --numeric-users            don't resolve user names     #不做用户名解析
        -N, --symbolic             resolve hardware names   
        -e, --extend               display other/more information   #显示更多信息,用户名,inode
        -p, --programs             display PID/Program name for sockets     #显示pid和程序名字
        -c, --continuous           continuous listing   #持续的列出相关信息

        -l, --listening            display listening server sockets     #显示处于监听状态的套接字
        -a, --all, --listening     display all sockets (default: connected)     #显示所有的套接字
        -o, --timers               display timers       #显示计时器
        -F, --fib                  display Forwarding Information Base (default)       #使用-rF查看路由表时,显示转发信息
        -C, --cache                display routing cache instead of FIB     #使用-rC查看路由表时,显示详细的路由缓存
        -T, --notrim               stop trimming long addresses     #停止修剪长地址
        -Z, --context              display SELinux security context for sockets     #显示套接字的SELINUX上下文

  : Name of interface to monitor/list.
  ={-t|--tcp} {-u|--udp} {-S|--sctp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom
  =Use '-A ' or '--'; default: inet
  List of possible address families (which support routing):
    inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) 
    netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) 
    x25 (CCITT X.25) 

举例:


1 . 查看网络链接状态

    -a 显示所有状态的socket  
    -n 不做名字解析,不加此参数,80端口会显示成http,127.0.0.1显示成localhost,uid为0显示成root等等    
    -e 显示更多信息如用户,inode
    -p 显示pid和程序名字
    -t 显示tcp链接
    -u 显示udp链接
    -x 显示unix套接字    

           

  netstat -anpte   #查看tcp链接

[root@jia1-LinuxPerformance ~]# netstat -anpte
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       User       Inode      PID/Program name   
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      0          10294      1821/sshd           
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      0          10594      1923/master         
tcp        0     52 172.16.2.106:22             124.65.173.246:50809        ESTABLISHED 0          10826      1967/sshd           
tcp        0      0 172.16.2.106:54076          100.100.100.200:80          TIME_WAIT   0          0          -                   
tcp        0      0 172.16.2.106:60382          140.205.140.205:80          ESTABLISHED 0          9273       1471/AliYunDun      
tcp        0      0 172.16.2.106:54070          100.100.100.200:80          TIME_WAIT   0          0          -     

 netstat -anpue   #查看udp链接
 
[root@jia1-LinuxPerformance ~]# netstat -anpue
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       User       Inode      PID/Program name   
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               0          9200       1678/dhclient       
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               0          8655       1069/dhclient       
udp        0      0 172.16.2.107:123            0.0.0.0:*                               0          10366      1832/ntpd           
udp        0      0 172.16.2.106:123            0.0.0.0:*                               0          10365      1832/ntpd           
udp        0      0 127.0.0.1:123               0.0.0.0:*                               0          10364      1832/ntpd           

 netstat -anpxe   #查看unix套接字链接
 
[root@jia1-LinuxPerformance ~]# netstat -anpxe
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     9249   1471/AliYunDun      /tmp/Aegis-
unix  2      [ ACC ]     STREAM     LISTENING     9251   1471/AliYunDun      /usr/local/aegis/Aegis-
unix  2      [ ACC ]     STREAM     LISTENING     7047   1/init              @/com/ubuntu/upstart
unix  10     [ ]         DGRAM                    8814   1140/rsyslogd       /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     10600  1923/master         public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     10607  1923/master         private/tlsmgr
unix  2      [ ACC ]     STREAM     LISTENING     10611  1923/master         private/rewrite
unix  2      [ ACC ]     STREAM     LISTENING     10615  1923/master         private/bounce
unix  2      [ ACC ]     STREAM     LISTENING     10619  1923/master         private/defer
unix  2      [ ACC ]     STREAM     LISTENING     10623  1923/master         private/trace
unix  2      [ ACC ]     STREAM     LISTENING     10627  1923/master         private/verify
unix  2      [ ACC ]     STREAM     LISTENING     10631  1923/master         public/flush
unix  2      [ ACC ]     STREAM     LISTENING     10635  1923/master         private/proxymap
unix  2      [ ACC ]     STREAM     LISTENING     10639  1923/master         private/proxywrite
unix  2      [ ACC ]     STREAM     LISTENING     10643  1923/master         private/smtp
unix  2      [ ACC ]     STREAM     LISTENING     10647  1923/master         private/relay
unix  2      [ ACC ]     STREAM     LISTENING     10651  1923/master         public/showq
unix  2      [ ACC ]     STREAM     LISTENING     10655  1923/master         private/error
unix  2      [ ACC ]     STREAM     LISTENING     10659  1923/master         private/retry
unix  2      [ ACC ]     STREAM     LISTENING     10663  1923/master         private/discard
unix  2      [ ACC ]     STREAM     LISTENING     10667  1923/master         private/local
unix  2      [ ACC ]     STREAM     LISTENING     10671  1923/master         private/virtual
unix  2      [ ]         DGRAM                    7622   483/udevd           @/org/kernel/udev/udevd
unix  2      [ ACC ]     STREAM     LISTENING     10675  1923/master         private/lmtp
unix  2      [ ACC ]     STREAM     LISTENING     10679  1923/master         private/anvil
unix  2      [ ACC ]     STREAM     LISTENING     10683  1923/master         private/scache
unix  2      [ ]         DGRAM                    13412  2216/anacron        
unix  2      [ ]         DGRAM                    10874  1967/sshd           
unix  2      [ ]         DGRAM                    10719  1940/qmgr           
unix  2      [ ]         DGRAM                    10693  1939/pickup         
unix  2      [ ]         DGRAM                    10690  1941/crond          
unix  3      [ ]         STREAM     CONNECTED     10686  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10685  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10682  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10681  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10678  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10677  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10674  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10673  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10670  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10669  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10666  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10665  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10662  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10661  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10658  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10657  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10654  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10653  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10650  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10649  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10646  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10645  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10642  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10641  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10638  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10637  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10634  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10633  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10630  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10629  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10626  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10625  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10622  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10621  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10618  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10617  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10614  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10613  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10610  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10609  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10606  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10605  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10603  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10602  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10599  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10598  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10596  1923/master         
unix  3      [ ]         STREAM     CONNECTED     10595  1923/master         
unix  2      [ ]         DGRAM                    10556  1923/master         
unix  2      [ ]         DGRAM                    10321  1832/ntpd           
unix  3      [ ]         STREAM     CONNECTED     9248   1471/AliYunDun      
unix  3      [ ]         STREAM     CONNECTED     9247   1471/AliYunDun      
unix  3      [ ]         STREAM     CONNECTED     9246   1471/AliYunDun      
unix  3      [ ]         STREAM     CONNECTED     9245   1471/AliYunDun      
unix  2      [ ]         DGRAM                    9170   1678/dhclient       
unix  3      [ ]         STREAM     CONNECTED     8775   1118/auditd         
unix  3      [ ]         STREAM     CONNECTED     8774   1118/auditd         
unix  3      [ ]         DGRAM                    7636   483/udevd           
unix  3      [ ]         DGRAM                    7635   483/udevd    

2 . 查看路由表

   netstat -r和route命令输出是差不多的。
   
[root@jia1-LinuxPerformance ~]# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.2.0      *               255.255.255.0   U         0 0          0 eth0
172.16.2.0      *               255.255.255.0   U         0 0          0 eth1
link-local      *               255.255.0.0     U         0 0          0 eth0
link-local      *               255.255.0.0     U         0 0          0 eth1
default         172.16.2.253    0.0.0.0         UG        0 0          0 eth0
default         172.16.2.253    0.0.0.0         UG        0 0          0 eth1
[root@jia1-LinuxPerformance ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.2.0      *               255.255.255.0   U     0      0        0 eth0
172.16.2.0      *               255.255.255.0   U     0      0        0 eth1
link-local      *               255.255.0.0     U     1002   0        0 eth0
link-local      *               255.255.0.0     U     1003   0        0 eth1
default         172.16.2.253    0.0.0.0         UG    0      0        0 eth0
default         172.16.2.253    0.0.0.0         UG    1001   0        0 eth1

netstat -rF和netstat -rC两个命令的区别是一个输出的是路由表,一个输出的是路由缓存。
默认netstat -r输出的是netstat -rF结果。-F为默认参数

[root@jia1-LinuxPerformance ~]# netstat -rF
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.2.0      *               255.255.255.0   U         0 0          0 eth0
172.16.2.0      *               255.255.255.0   U         0 0          0 eth1
link-local      *               255.255.0.0     U         0 0          0 eth0
link-local      *               255.255.0.0     U         0 0          0 eth1
default         172.16.2.253    0.0.0.0         UG        0 0          0 eth0
default         172.16.2.253    0.0.0.0         UG        0 0          0 eth1
[root@jia1-LinuxPerformance ~]# netstat -rC
Kernel IP routing cache
Source          Destination     Gateway         Flags   MSS Window  irtt Iface
140.205.140.205 172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    10.143.0.46     172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.3.2     172.16.2.253           1500 0          0 eth0
172.16.2.106    10.143.0.45     172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.5.3     172.16.2.253           1500 0          0 eth0
100.100.5.2     172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    10.143.33.51    172.16.2.253           1500 0          0 eth0
100.100.5.1     172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    10.143.33.50    172.16.2.253           1500 0          0 eth0
203.107.6.88    172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    10.143.33.50    172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.2.136   172.16.2.253           1500 0          0 eth0
100.100.3.1     172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    100.100.5.3     172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.5.2     172.16.2.253           1500 0          0 eth0
172.16.2.106    10.143.33.49    172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.3.1     172.16.2.253           1500 0          0 eth0
172.16.2.106    120.25.115.20   172.16.2.253           1500 0          0 eth0
172.16.2.106    203.107.6.88    172.16.2.253           1500 0          0 eth0
172.16.2.106    124.65.173.246  172.16.2.253           1500 0          0 eth0
172.16.2.106    10.143.0.46     172.16.2.253           1500 0          0 eth0
100.100.3.3     172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    100.100.3.3     172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.3.2     172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.3.3     172.16.2.253           1500 0          0 eth0
100.100.5.3     172.16.2.106    172.16.2.106    l     65535 0          0 lo
124.65.173.246  172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    10.143.0.44     172.16.2.253           1500 0          0 eth0
120.25.115.20   172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    140.205.140.205 172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.3.1     172.16.2.253           1500 0          0 eth0
100.100.2.136   172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    10.143.0.45     172.16.2.253           1500 0          0 eth0
172.16.2.106    10.143.0.44     172.16.2.253           1500 0          0 eth0
172.16.2.106    120.25.115.20   172.16.2.253           1500 0          0 eth0
172.16.2.106    10.143.33.49    172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.5.1     172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.2.138   172.16.2.253           1500 0          0 eth0
172.16.2.106    203.107.6.88    172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.5.1     172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.2.138   172.16.2.253           1500 0          0 eth0
100.100.3.2     172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    100.100.5.2     172.16.2.253           1500 0          0 eth0
100.100.2.138   172.16.2.106    172.16.2.106    l     65535 0          0 lo
172.16.2.106    10.143.33.51    172.16.2.253           1500 0          0 eth0
172.16.2.106    100.100.2.136   172.16.2.253           1500 0          0 eth0

3 . 查看网络统计数据,netstat -s展示各协议的统计信息

[root@jia1-LinuxPerformance ~]# netstat -s
Ip:
    4440 total packets received
    4 with invalid addresses
    0 forwarded
    0 incoming packets discarded
    4436 incoming packets delivered
    4269 requests sent out
Icmp:
    806 ICMP messages received
    0 input ICMP message failed.
    ICMP input histogram:
        echo requests: 804
        echo replies: 2
    806 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
        echo request: 2
        echo replies: 804
IcmpMsg:
        InType0: 2
        InType8: 804
        OutType0: 804
        OutType8: 2
Tcp:
    79 active connections openings
    1 passive connection openings
    3 failed connection attempts
    0 connection resets received
    2 connections established
    2840 segments received
    2494 segments send out
    16 segments retransmited
    0 bad segments received.
    5 resets sent
Udp:
    790 packets received
    0 packets to unknown port received.
    0 packet receive errors
    953 packets sent
UdpLite:
TcpExt:
    3 resets received for embryonic SYN_RECV sockets
    71 TCP sockets finished time wait in fast timer
    44 delayed acks sent
    Quick ack mode was activated 1 times
    652 packets header predicted
    516 acknowledgments not containing data received
    1283 predicted acknowledgments
    1 congestion windows recovered after partial ack
    0 TCP data loss events
    10 other TCP timeouts
    1 DSACKs sent for old packets
    1 DSACKs received
IpExt:
    InOctets: 329641
    OutOctets: 1297221

4 . 查看网络接口信息

[root@jia1-LinuxPerformance ~]# netstat -i
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500   0     4502      0      0      0     4353      0      0      0 BMRU
eth1       1500   0        2      0      0      0        3      0      0      0 BMRU
lo        65536   0        0      0      0      0        0      0      0      0 LRU

你可能感兴趣的:(Linux系统)