##netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships##
##netstat - 打印网络连接、路由表、接口统计、伪装连接和多播成员关系##
usage: netstat [-veenNcCF] [] -r netstat {-V|--version|-h|--help}
netstat [-vnNcaeol] [ ...]
netstat { [-veenNac] -I[] | [-veenNac] -i | [-cnNe] -M | -s } [delay]
-r, --route display routing table #显示路由表
-I, --interfaces= display interface table for #显示网络接口表
-i, --interfaces display interface table #显示网络接口表
-g, --groups display multicast group memberships #显示多播组成员
-s, --statistics display networking statistics (like SNMP) #显示网络统计数据,如IP/ICMP/SNMP/..各协议统计。
-M, --masquerade display masqueraded connections #显示伪装的连接
-v, --verbose be verbose #详细信息
-n, --numeric don't resolve names #不做名字解析
--numeric-hosts don't resolve host names #不做主机名解析
--numeric-ports don't resolve port names #不做端口名解析
--numeric-users don't resolve user names #不做用户名解析
-N, --symbolic resolve hardware names
-e, --extend display other/more information #显示更多信息,用户名,inode
-p, --programs display PID/Program name for sockets #显示pid和程序名字
-c, --continuous continuous listing #持续的列出相关信息
-l, --listening display listening server sockets #显示处于监听状态的套接字
-a, --all, --listening display all sockets (default: connected) #显示所有的套接字
-o, --timers display timers #显示计时器
-F, --fib display Forwarding Information Base (default) #使用-rF查看路由表时,显示转发信息
-C, --cache display routing cache instead of FIB #使用-rC查看路由表时,显示详细的路由缓存
-T, --notrim stop trimming long addresses #停止修剪长地址
-Z, --context display SELinux security context for sockets #显示套接字的SELINUX上下文
: Name of interface to monitor/list.
={-t|--tcp} {-u|--udp} {-S|--sctp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom
=Use '-A ' or '--'; default: inet
List of possible address families (which support routing):
inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25)
netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP)
x25 (CCITT X.25)
1 . 查看网络链接状态
-a 显示所有状态的socket
-n 不做名字解析,不加此参数,80端口会显示成http,127.0.0.1显示成localhost,uid为0显示成root等等
-e 显示更多信息如用户,inode
-p 显示pid和程序名字
-t 显示tcp链接
-u 显示udp链接
-x 显示unix套接字
netstat -anpte #查看tcp链接
[root@jia1-LinuxPerformance ~]# netstat -anpte
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 10294 1821/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 10594 1923/master
tcp 0 52 172.16.2.106:22 124.65.173.246:50809 ESTABLISHED 0 10826 1967/sshd
tcp 0 0 172.16.2.106:54076 100.100.100.200:80 TIME_WAIT 0 0 -
tcp 0 0 172.16.2.106:60382 140.205.140.205:80 ESTABLISHED 0 9273 1471/AliYunDun
tcp 0 0 172.16.2.106:54070 100.100.100.200:80 TIME_WAIT 0 0 -
netstat -anpue #查看udp链接
[root@jia1-LinuxPerformance ~]# netstat -anpue
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 9200 1678/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 8655 1069/dhclient
udp 0 0 172.16.2.107:123 0.0.0.0:* 0 10366 1832/ntpd
udp 0 0 172.16.2.106:123 0.0.0.0:* 0 10365 1832/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 0 10364 1832/ntpd
netstat -anpxe #查看unix套接字链接
[root@jia1-LinuxPerformance ~]# netstat -anpxe
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 9249 1471/AliYunDun /tmp/Aegis-
unix 2 [ ACC ] STREAM LISTENING 9251 1471/AliYunDun /usr/local/aegis/Aegis-
unix 2 [ ACC ] STREAM LISTENING 7047 1/init @/com/ubuntu/upstart
unix 10 [ ] DGRAM 8814 1140/rsyslogd /dev/log
unix 2 [ ACC ] STREAM LISTENING 10600 1923/master public/cleanup
unix 2 [ ACC ] STREAM LISTENING 10607 1923/master private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 10611 1923/master private/rewrite
unix 2 [ ACC ] STREAM LISTENING 10615 1923/master private/bounce
unix 2 [ ACC ] STREAM LISTENING 10619 1923/master private/defer
unix 2 [ ACC ] STREAM LISTENING 10623 1923/master private/trace
unix 2 [ ACC ] STREAM LISTENING 10627 1923/master private/verify
unix 2 [ ACC ] STREAM LISTENING 10631 1923/master public/flush
unix 2 [ ACC ] STREAM LISTENING 10635 1923/master private/proxymap
unix 2 [ ACC ] STREAM LISTENING 10639 1923/master private/proxywrite
unix 2 [ ACC ] STREAM LISTENING 10643 1923/master private/smtp
unix 2 [ ACC ] STREAM LISTENING 10647 1923/master private/relay
unix 2 [ ACC ] STREAM LISTENING 10651 1923/master public/showq
unix 2 [ ACC ] STREAM LISTENING 10655 1923/master private/error
unix 2 [ ACC ] STREAM LISTENING 10659 1923/master private/retry
unix 2 [ ACC ] STREAM LISTENING 10663 1923/master private/discard
unix 2 [ ACC ] STREAM LISTENING 10667 1923/master private/local
unix 2 [ ACC ] STREAM LISTENING 10671 1923/master private/virtual
unix 2 [ ] DGRAM 7622 483/udevd @/org/kernel/udev/udevd
unix 2 [ ACC ] STREAM LISTENING 10675 1923/master private/lmtp
unix 2 [ ACC ] STREAM LISTENING 10679 1923/master private/anvil
unix 2 [ ACC ] STREAM LISTENING 10683 1923/master private/scache
unix 2 [ ] DGRAM 13412 2216/anacron
unix 2 [ ] DGRAM 10874 1967/sshd
unix 2 [ ] DGRAM 10719 1940/qmgr
unix 2 [ ] DGRAM 10693 1939/pickup
unix 2 [ ] DGRAM 10690 1941/crond
unix 3 [ ] STREAM CONNECTED 10686 1923/master
unix 3 [ ] STREAM CONNECTED 10685 1923/master
unix 3 [ ] STREAM CONNECTED 10682 1923/master
unix 3 [ ] STREAM CONNECTED 10681 1923/master
unix 3 [ ] STREAM CONNECTED 10678 1923/master
unix 3 [ ] STREAM CONNECTED 10677 1923/master
unix 3 [ ] STREAM CONNECTED 10674 1923/master
unix 3 [ ] STREAM CONNECTED 10673 1923/master
unix 3 [ ] STREAM CONNECTED 10670 1923/master
unix 3 [ ] STREAM CONNECTED 10669 1923/master
unix 3 [ ] STREAM CONNECTED 10666 1923/master
unix 3 [ ] STREAM CONNECTED 10665 1923/master
unix 3 [ ] STREAM CONNECTED 10662 1923/master
unix 3 [ ] STREAM CONNECTED 10661 1923/master
unix 3 [ ] STREAM CONNECTED 10658 1923/master
unix 3 [ ] STREAM CONNECTED 10657 1923/master
unix 3 [ ] STREAM CONNECTED 10654 1923/master
unix 3 [ ] STREAM CONNECTED 10653 1923/master
unix 3 [ ] STREAM CONNECTED 10650 1923/master
unix 3 [ ] STREAM CONNECTED 10649 1923/master
unix 3 [ ] STREAM CONNECTED 10646 1923/master
unix 3 [ ] STREAM CONNECTED 10645 1923/master
unix 3 [ ] STREAM CONNECTED 10642 1923/master
unix 3 [ ] STREAM CONNECTED 10641 1923/master
unix 3 [ ] STREAM CONNECTED 10638 1923/master
unix 3 [ ] STREAM CONNECTED 10637 1923/master
unix 3 [ ] STREAM CONNECTED 10634 1923/master
unix 3 [ ] STREAM CONNECTED 10633 1923/master
unix 3 [ ] STREAM CONNECTED 10630 1923/master
unix 3 [ ] STREAM CONNECTED 10629 1923/master
unix 3 [ ] STREAM CONNECTED 10626 1923/master
unix 3 [ ] STREAM CONNECTED 10625 1923/master
unix 3 [ ] STREAM CONNECTED 10622 1923/master
unix 3 [ ] STREAM CONNECTED 10621 1923/master
unix 3 [ ] STREAM CONNECTED 10618 1923/master
unix 3 [ ] STREAM CONNECTED 10617 1923/master
unix 3 [ ] STREAM CONNECTED 10614 1923/master
unix 3 [ ] STREAM CONNECTED 10613 1923/master
unix 3 [ ] STREAM CONNECTED 10610 1923/master
unix 3 [ ] STREAM CONNECTED 10609 1923/master
unix 3 [ ] STREAM CONNECTED 10606 1923/master
unix 3 [ ] STREAM CONNECTED 10605 1923/master
unix 3 [ ] STREAM CONNECTED 10603 1923/master
unix 3 [ ] STREAM CONNECTED 10602 1923/master
unix 3 [ ] STREAM CONNECTED 10599 1923/master
unix 3 [ ] STREAM CONNECTED 10598 1923/master
unix 3 [ ] STREAM CONNECTED 10596 1923/master
unix 3 [ ] STREAM CONNECTED 10595 1923/master
unix 2 [ ] DGRAM 10556 1923/master
unix 2 [ ] DGRAM 10321 1832/ntpd
unix 3 [ ] STREAM CONNECTED 9248 1471/AliYunDun
unix 3 [ ] STREAM CONNECTED 9247 1471/AliYunDun
unix 3 [ ] STREAM CONNECTED 9246 1471/AliYunDun
unix 3 [ ] STREAM CONNECTED 9245 1471/AliYunDun
unix 2 [ ] DGRAM 9170 1678/dhclient
unix 3 [ ] STREAM CONNECTED 8775 1118/auditd
unix 3 [ ] STREAM CONNECTED 8774 1118/auditd
unix 3 [ ] DGRAM 7636 483/udevd
unix 3 [ ] DGRAM 7635 483/udevd
2 . 查看路由表
netstat -r和route命令输出是差不多的。
[root@jia1-LinuxPerformance ~]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
172.16.2.0 * 255.255.255.0 U 0 0 0 eth0
172.16.2.0 * 255.255.255.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth1
default 172.16.2.253 0.0.0.0 UG 0 0 0 eth0
default 172.16.2.253 0.0.0.0 UG 0 0 0 eth1
[root@jia1-LinuxPerformance ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.2.0 * 255.255.255.0 U 0 0 0 eth0
172.16.2.0 * 255.255.255.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 1002 0 0 eth0
link-local * 255.255.0.0 U 1003 0 0 eth1
default 172.16.2.253 0.0.0.0 UG 0 0 0 eth0
default 172.16.2.253 0.0.0.0 UG 1001 0 0 eth1
netstat -rF和netstat -rC两个命令的区别是一个输出的是路由表,一个输出的是路由缓存。
默认netstat -r输出的是netstat -rF结果。-F为默认参数
[root@jia1-LinuxPerformance ~]# netstat -rF
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
172.16.2.0 * 255.255.255.0 U 0 0 0 eth0
172.16.2.0 * 255.255.255.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth1
default 172.16.2.253 0.0.0.0 UG 0 0 0 eth0
default 172.16.2.253 0.0.0.0 UG 0 0 0 eth1
[root@jia1-LinuxPerformance ~]# netstat -rC
Kernel IP routing cache
Source Destination Gateway Flags MSS Window irtt Iface
140.205.140.205 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 10.143.0.46 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.3.2 172.16.2.253 1500 0 0 eth0
172.16.2.106 10.143.0.45 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.5.3 172.16.2.253 1500 0 0 eth0
100.100.5.2 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 10.143.33.51 172.16.2.253 1500 0 0 eth0
100.100.5.1 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 10.143.33.50 172.16.2.253 1500 0 0 eth0
203.107.6.88 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 10.143.33.50 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.2.136 172.16.2.253 1500 0 0 eth0
100.100.3.1 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 100.100.5.3 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.5.2 172.16.2.253 1500 0 0 eth0
172.16.2.106 10.143.33.49 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.3.1 172.16.2.253 1500 0 0 eth0
172.16.2.106 120.25.115.20 172.16.2.253 1500 0 0 eth0
172.16.2.106 203.107.6.88 172.16.2.253 1500 0 0 eth0
172.16.2.106 124.65.173.246 172.16.2.253 1500 0 0 eth0
172.16.2.106 10.143.0.46 172.16.2.253 1500 0 0 eth0
100.100.3.3 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 100.100.3.3 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.3.2 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.3.3 172.16.2.253 1500 0 0 eth0
100.100.5.3 172.16.2.106 172.16.2.106 l 65535 0 0 lo
124.65.173.246 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 10.143.0.44 172.16.2.253 1500 0 0 eth0
120.25.115.20 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 140.205.140.205 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.3.1 172.16.2.253 1500 0 0 eth0
100.100.2.136 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 10.143.0.45 172.16.2.253 1500 0 0 eth0
172.16.2.106 10.143.0.44 172.16.2.253 1500 0 0 eth0
172.16.2.106 120.25.115.20 172.16.2.253 1500 0 0 eth0
172.16.2.106 10.143.33.49 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.5.1 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.2.138 172.16.2.253 1500 0 0 eth0
172.16.2.106 203.107.6.88 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.5.1 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.2.138 172.16.2.253 1500 0 0 eth0
100.100.3.2 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 100.100.5.2 172.16.2.253 1500 0 0 eth0
100.100.2.138 172.16.2.106 172.16.2.106 l 65535 0 0 lo
172.16.2.106 10.143.33.51 172.16.2.253 1500 0 0 eth0
172.16.2.106 100.100.2.136 172.16.2.253 1500 0 0 eth0
3 . 查看网络统计数据,netstat -s展示各协议的统计信息
[root@jia1-LinuxPerformance ~]# netstat -s
Ip:
4440 total packets received
4 with invalid addresses
0 forwarded
0 incoming packets discarded
4436 incoming packets delivered
4269 requests sent out
Icmp:
806 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
echo requests: 804
echo replies: 2
806 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
echo request: 2
echo replies: 804
IcmpMsg:
InType0: 2
InType8: 804
OutType0: 804
OutType8: 2
Tcp:
79 active connections openings
1 passive connection openings
3 failed connection attempts
0 connection resets received
2 connections established
2840 segments received
2494 segments send out
16 segments retransmited
0 bad segments received.
5 resets sent
Udp:
790 packets received
0 packets to unknown port received.
0 packet receive errors
953 packets sent
UdpLite:
TcpExt:
3 resets received for embryonic SYN_RECV sockets
71 TCP sockets finished time wait in fast timer
44 delayed acks sent
Quick ack mode was activated 1 times
652 packets header predicted
516 acknowledgments not containing data received
1283 predicted acknowledgments
1 congestion windows recovered after partial ack
0 TCP data loss events
10 other TCP timeouts
1 DSACKs sent for old packets
1 DSACKs received
IpExt:
InOctets: 329641
OutOctets: 1297221
4 . 查看网络接口信息
[root@jia1-LinuxPerformance ~]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 4502 0 0 0 4353 0 0 0 BMRU
eth1 1500 0 2 0 0 0 3 0 0 0 BMRU
lo 65536 0 0 0 0 0 0 0 0 0 LRU