linux 命令之 netstat
netstat命令的作用是显示IP、TCP、UDP和ICMP等协议相关的统计信息以及当前TCP/IP网络的连接状况。
netstat常用参数:
-a : 显示所有连线中的socket。
-c : 持续列出网络状态。
-e : 显示网络中的其他相关信息。
-g : 显示多重广播功能群组组员名单。
-h : 显示帮助信息。
-i : 显示指定网络接口信息的所有信息。
-l : 显示监控中的服务器socket。
-M : 显示伪装的网络连接。
-n : 直接使用IP地址,而不通过域名服务器。(以数字的方式显示域名)
-N : 显示网络硬件外围设备的负号链接名称。
-o : 显示计时器。
-p : 显示正在使用socket的程序识别码和程序名称。
-r : 显示内核路由表信息。
-s : 显示各个网络协议的统计信息。
-t : 显示TCP传输协议的连接状况。
-u : 显示UDP传输协议的连接状况。
-v : 显示命令的执行过程。
-V : 显示版本信息。
-w : 显示RAW传输协议的连接状况。$ netstat | more
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 1 0 gino-virtual-mach:53480 mistletoe.canonica:http CLOSE_WAIT
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 19 [ ] DGRAM 8229 /dev/log
unix 2 [ ] STREAM CONNECTED 16135
unix 3 [ ] STREAM CONNECTED 15104 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 15103
unix 3 [ ] STREAM CONNECTED 15041 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 15040
unix 3 [ ] STREAM CONNECTED 15039 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 15038
unix 3 [ ] STREAM CONNECTED 15032 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 15031
unix 3 [ ] STREAM CONNECTED 15029 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 15028
unix 3 [ ] STREAM CONNECTED 15907 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 15027
unix 3 [ ] STREAM CONNECTED 14700 /home/gino/.pulse/37d4c46e1e7da45a62e08f6500000005-runtime/native
unix 3 [ ] STREAM CONNECTED 14699
unix 3 [ ] STREAM CONNECTED 14660
unix 3 [ ] STREAM CONNECTED 14659
unix 3 [ ] STREAM CONNECTED 14656 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 14655
unix 3 [ ] STREAM CONNECTED 14654 @/tmp/.ICE-unix/1905
unix 3 [ ] STREAM CONNECTED 14653
unix 3 [ ] STREAM CONNECTED 14652 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 14651
unix 3 [ ] STREAM CONNECTED 14650 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 14649
unix 3 [ ] STREAM CONNECTED 14082 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 14081
unix 3 [ ] STREAM CONNECTED 14648 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 14078
unix 3 [ ] STREAM CONNECTED 14039 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 14597
unix 3 [ ] STREAM CONNECTED 14555 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 14554
unix 3 [ ] STREAM CONNECTED 14552 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 14551
unix 3 [ ] STREAM CONNECTED 14007 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 14006
unix 3 [ ] STREAM CONNECTED 14550 @/tmp/dbus-3NPVW2eGgt
unix 3 [ ] STREAM CONNECTED 14549
unix 3 [ ] STREAM CONNECTED 14004 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 14003
unix 3 [ ] STREAM CONNECTED 13939 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 14474
--More--
$ netstat -i ##查看本机网络接口的当前配置信息
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 2485 0 0 0 1258 0 0 0 BMRU
lo 16436 0 106 0 0 0 106 0 0 0 LRU
B 已经设置了一个广播地址
L 该接口是一个回送设备
M 接收所有数据包(混乱模式)
N 避免跟踪,并在该接口上禁用ARP
P 点到点链接
R 接口正在运行
U 接口处于“活动”状态
$ netstat -ta ##查看本机TCP传输协议的连接状况
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:41620 *:* LISTEN
tcp 0 0 localhost:domain *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 *:38168 *:* LISTEN
tcp 0 0 *:35770 *:* LISTEN
tcp 0 0 *:51770 *:* LISTEN
tcp 0 0 *:microsoft-ds *:* LISTEN
tcp 0 0 *:nfs *:* LISTEN
tcp 0 0 *:60965 *:* LISTEN
tcp 1 0 gino-virtual-mach:53480 mistletoe.canonica:http CLOSE_WAIT
tcp6 0 0 [::]:59819 [::]:* LISTEN
tcp6 0 0 [::]:netbios-ssn [::]:* LISTEN
tcp6 0 0 [::]:41391 [::]:* LISTEN
tcp6 0 0 [::]:sunrpc [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN
tcp6 0 0 [::]:50392 [::]:* LISTEN
tcp6 0 0 [::]:microsoft-ds [::]:* LISTEN
tcp6 0 0 [::]:52703 [::]:* LISTEN
tcp6 0 0 [::]:43233 [::]:* LISTEN
tcp6 0 0 [::]:nfs [::]:* LISTEN Proto 通信协议
Recv-Q 接收队列中的数据量
Send-Q 发送队列中的数据量
Local Address 本地主机名和端口号
Foreign Address 远程主机名和端口号
State 通信状态。LISTEN表示处于侦听状态$ netstat -nr ##查看本机内核路由表信息
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
G 采用网关的路由
U 准备使用的接口处于 “活动” 状态
H 通过该路由,只能抵达一台主机
D 路由表的条目是由ICMP重定向消息生成的
M 路由表条目已被ICMP重定向消息修改
$ netstat -es ##显示以太网网络接口的统计信息和所有协议的统计信息
Ip:
2758 total packets received
2 with invalid addresses
0 forwarded
0 incoming packets discarded
2756 incoming packets delivered
1455 requests sent out
Icmp:
1 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
echo requests: 1
1 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
echo replies: 1
IcmpMsg:
InType8: 1
OutType0: 1
Tcp:
9 active connections openings
0 passive connection openings
0 failed connection attempts
0 connection resets received
0 connections established
2216 segments received
1029 segments send out
18 segments retransmited
0 bad segments received.
0 resets sent
Udp:
498 packets received
0 packets to unknown port received.
0 packet receive errors
336 packets sent
UdpLite:
TcpExt:
2 TCP sockets finished time wait in fast timer
6 delayed acks sent
2029 packet headers predicted
16 acknowledgments not containing data payload received
3 predicted acknowledgments
3 other TCP timeouts
3 connections aborted due to timeout
IpExt:
InMcastPkts: 111
OutMcastPkts: 109
InBcastPkts: 176
OutBcastPkts: 74
InOctets: 3211167
OutOctets: 97155
InMcastOctets: 8136
OutMcastOctets: 8046
InBcastOctets: 21885
OutBcastOctets: 9406