命令的作用:
Netstat 命令用于显示各种网络相关信息,如网络连接,路由表,接口状态 (Interface Statistics),masquerade 连接,多播成员 (Multicast Memberships) 等等。
输出结果:
从整体上看,netstat的输出结果可以分为两个部分:
一个是Active Internet connections,称为有源TCP连接,其中"Recv-Q"和"Send-Q"指%0A的是接收队列和发送队列。这些数字一般都应该是0。如果不是则表示软件包正在队列中堆积。这种情况只能在非常少的情况见到。
另一个是Active UNIX domain sockets,称为有源Unix域套接口(和网络套接字一样,但是只能用于本机通信,性能可以提高一倍)。
Proto显示连接使用的协议,RefCnt表示连接到本套接口上的进程号,Types显示套接口的类型,State显示套接口当前的状态,Path表示连接到套接口的其它进程使用的路径名。
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 2 210.34.6.89:telnet 210.34.6.96:2873 ESTABLISHED tcp 296 0 210.34.6.89:1165 210.34.6.84:netbios-ssn ESTABLISHED tcp 0 0 localhost.localdom:9001 localhost.localdom:1162 ESTABLISHED tcp 0 0 localhost.localdom:1162 localhost.localdom:9001 ESTABLISHED tcp 0 80 210.34.6.89:1161 210.34.6.10:netbios-ssn CLOSE Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 1 [ ] STREAM CONNECTED 16178 @000000dd unix 1 [ ] STREAM CONNECTED 16176 @000000dc unix 9 [ ] DGRAM 5292 /dev/log unix 1 [ ] STREAM CONNECTED 16182 @000000df
-a (all)显示所有选项,默认不显示LISTEN相关
-t (tcp)仅显示tcp相关选项
-u (udp)仅显示udp相关选项
-n 拒绝显示别名,能显示数字的全部转化成数字。
-l 仅列出有在 Listen (监听) 的服務状态
-p 显示建立相关链接的程序名
-r 显示路由信息,路由表
-e 显示扩展信息,例如uid等
-s 按各个协议进行统计
-c 每隔一个固定时间,执行该netstat命令。
提示:LISTEN和LISTENING的状态只有用-a或者-l才能看到
列出所有 tcp 端口 netstat -atActive Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:523 *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 localhost:5939 *:* LISTEN
tcp 0 0 zhangxin-ThinkPa:domain *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 *:microsoft-ds *:* LISTEN
tcp 0 0 localhost:mysql *:* LISTEN
tcp 0 0 *:git *:* LISTEN
tcp 1 1 dingchao.yeepay.c:44933 117.79.157.201:http CLOSING
tcp 1 0 dingchao.yeepay.c:49200 backoo.canonical.c:http CLOSE_WAIT
tcp 1 0 dingchao.yeepay.c:54873 stimpy.musicbrainz:http CLOSE_WAIT
tcp 1 0 dingchao.yeepay.c:49203 backoo.canonical.c:http CLOSE_WAIT
tcp 0 0 dingchao.yeepay.c:58543 117.79.157.251:http ESTABLISHED
tcp 1 0 dingchao.yeepay.c:50899 barbadine.canonica:http CLOSE_WAIT
列出所有 udp 端口 netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 *:4000 *:*
udp 0 0 *:4001 *:*
udp 0 0 *:4002 *:*
udp 0 0 *:4003 *:*
udp 0 0 *:4004 *:*
udp 0 0 *:4005 *:*
udp 0 0 *:4006 *:*
udp 0 0 *:4007 *:*
udp 0 0 *:4008 *:*
udp 0 0 zhangxin-ThinkPa:domain *:*
udp 0 0 *:bootpc *:*
udp 0 0 192.168.100.:netbios-ns *:*
udp 0 0 dingchao.yee:netbios-ns *:*
只显示监听端口 netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:523 *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 localhost:5939 *:* LISTEN
tcp 0 0 zhangxin-ThinkPa:domain *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 *:microsoft-ds *:* LISTEN
tcp 0 0 localhost:mysql *:* LISTEN
tcp 0 0 *:git *:* LISTEN
tcp6 0 0 [::]:netbios-ssn [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN
tcp6 0 0 [::]:microsoft-ds [::]:* LISTEN
tcp6 0 0 [::]:daap [::]:* LISTEN
tcp6 0 0 [::]:git [::]:* LISTEN
udp 0 0 *:4000 *:*
udp 0 0 *:4001 *:*
udp 0 0 *:4002 *:*
udp 0 0 *:4003 *:*
udp 0 0 *:4004 *:*
udp 0 0 *:4005 *:*
udp 0 0 *:4006 *:*
udp 0 0 *:4007 *:*
udp 0 0 *:4008 *:*
udp 0 0 zhangxin-ThinkPa:domain *:*
udp 0 0 *:bootpc *:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 17180 @/tmp/.ICE-unix/3079
unix 2 [ ACC ] STREAM LISTENING 22741 /home/dasuser1/das/tmp/dasnamedpipe
unix 2 [ ACC ] STREAM LISTENING 11833 /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 15893 /var/lib/samba/winbindd_privileged/pipe
unix 2 [ ACC ] STREAM LISTENING 17905 @/tmp/dbus-bBksXDeV
unix 2 [ ACC ] STREAM LISTENING 16841 /tmp/ssh-ZBiQGjOj3bvy/agent.2959
unix 2 [ ACC ] STREAM LISTENING 17181 /tmp/.ICE-unix/3079
unix 2 [ ACC ] STREAM LISTENING 15891 /var/run/samba/winbindd/pipe
unix 2 [ ACC ] STREAM LISTENING 761153 socket
unix 2 [ ACC ] STREAM LISTENING 15905 /var/run/samba/nmbd/unexpected
unix 2 [ ACC ] STREAM LISTENING 11832 @/tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 9014 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 17978 /run/user/1000/pulse/native
unix 2 [ ACC ] STREAM LISTENING 13373 /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM LISTENING 17223 /run/user/1000/keyring-AuVpEk/ssh
unix 2 [ ACC ] STREAM LISTENING 21856 @/dbus-vfs-daemon/socket-V1zAlI5U
unix 2 [ ACC ] STREAM LISTENING 9038 /var/run/sdp
unix 2 [ ACC ] STREAM LISTENING 863619 @/dbus-vfs-daemon/socket-j94ZcNiL
unix 2 [ ACC ] STREAM LISTENING 17249 /run/user/1000/keyring-AuVpEk/gpg
只列出所有监听 UNIX 端口 netstat -lx
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 17180 @/tmp/.ICE-unix/3079
unix 2 [ ACC ] STREAM LISTENING 22741 /home/dasuser1/das/tmp/dasnamedpipe
unix 2 [ ACC ] STREAM LISTENING 11833 /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 15893 /var/lib/samba/winbindd_privileged/pipe
unix 2 [ ACC ] STREAM LISTENING 17905 @/tmp/dbus-bBksXDeV
unix 2 [ ACC ] STREAM LISTENING 16841 /tmp/ssh-ZBiQGjOj3bvy/agent.2959
unix 2 [ ACC ] STREAM LISTENING 17181 /tmp/.ICE-unix/3079
unix 2 [ ACC ] STREAM LISTENING 15891 /var/run/samba/winbindd/pipe
unix 2 [ ACC ] STREAM LISTENING 761153 socket
unix 2 [ ACC ] STREAM LISTENING 15905 /var/run/samba/nmbd/unexpected
unix 2 [ ACC ] STREAM LISTENING 11832 @/tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 9014 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 17978 /run/user/1000/pulse/native
unix 2 [ ACC ] STREAM LISTENING 13373 /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM LISTENING 17223 /run/user/1000/keyring-AuVpEk/ssh
unix 2 [ ACC ] STREAM LISTENING 21856 @/dbus-vfs-daemon/socket-V1zAlI5U
unix 2 [ ACC ] STREAM LISTENING 9038 /var/run/sdp
unix 2 [ ACC ] STREAM LISTENING 863619 @/dbus-vfs-daemon/socket-j94ZcNiL
显示所有端口的统计信息 netstat -s
Ip:
742693 total packets received
0 forwarded
2 with unknown protocol
0 incoming packets discarded
598618 incoming packets delivered
357142 requests sent out
4 outgoing packets dropped
Icmp:
229 ICMP messages received
3 input ICMP message failed.
ICMP input histogram:
destination unreachable: 228
echo requests: 1
12417 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 12416
echo replies: 1
IcmpMsg:
InType3: 228
InType8: 1
OutType0: 1
OutType3: 12416
Tcp:
7169 active connections openings
100 passive connection openings
89 failed connection attempts
156 connection resets received
4 connections established
267968 segments received
249190 segments send out
12317 segments retransmited
43 bad segments received.
1076 resets sent
Udp:
514384 packets received
12417 packets to unknown port received.
0 packet receive errors
82823 packets sent
UdpLite:
TcpExt:
1994 TCP sockets finished time wait in fast timer
1666 delayed acks sent
6 delayed acks further delayed because of locked socket
Quick ack mode was activated 816 times
635 packets directly queued to recvmsg prequeue.
7417 bytes directly in process context from backlog
765973 bytes directly received in process context from prequeue
155844 packet headers predicted
448 packets header predicted and directly queued to user
36321 acknowledgments not containing data payload received
17185 predicted acknowledgments
9 times recovered from packet loss by selective acknowledgements
198 congestion windows recovered without slow start after partial ack
3 timeouts after SACK recovery
3 timeouts in loss state
netstat 将每隔一秒输出网络信息:netstat -c
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default 192.168.100.1 0.0.0.0 UG 0 0 0 eth0
192.168.100.0 * 255.255.255.0 U 0 0 0 eth0
netstat -ap|grep ssh
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 *:ssh *:* LISTEN -
tcp6 0 0 [::]:ssh [::]:* LISTEN -
unix 2 [ ACC ] STREAM LISTENING 16841 - /tmp/ssh-ZBiQGjOj3bvy/agent.2959
unix 2 [ ACC ] STREAM LISTENING 17223 - /run/user/1000/keyring-AuVpEk/ssh
显示网络接口列表:netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 3100980 0 0 0 326281 0 0 0 BMRU
lo 65536 0 36056 0 0 0 36056 0 0 0 LRU
wlan0 1500 0 0 0 0 0 0 0 0 0 BMU