linux查看网络连接信息失败,【Linux 运维】查看网络连接状态信息之netstat和ss命令详解[转]...
转载自:https://www.cnblogs.com/yangleitao/p/9583280.html
一、netstat 常用命令详解
通过man netstat可以查看netstat的帮助信息:netstat 命令:用于显示各种网络相关信息,如网络连接,路由表,接口状态,无效连接,组播成员 等等。
netstat命令是net-tools软件包中的一员
![linux查看网络连接信息失败,【Linux 运维】查看网络连接状态信息之netstat和ss命令详解[转]..._第1张图片](http://img.e-com-net.com/image/info8/c628d770d21f48adb4b80df79bada7e6.png)
[[email protected] ~]# netstat 选项
选项:
-a: 列出系统中所有网络连接,包括已经连接的网络服务、监听的网络服务和Socket套接字
-t: 列出TCP数据 -u: 列出UDP数据
-l: 列出正在监听的网络服务(不包含已经连接的网路服务)
-n: 用端口显示服务,而不用服务名
-p: 列出该服务的进程ID(PID)
示例一:netstat -tlunp
[[email protected] ~]# netstat -tlunp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1490/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1989/master
tcp6 0 0 :::80 :::* LISTEN 852/httpd
tcp6 0 0 :::22 :::* LISTEN 1490/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1989/master
udp 0 0 127.0.0.1:323 0.0.0.0:* 524/chronyd
udp6 0 0 ::1:323 :::* 524/chronyd
[[email protected] ~]#
![linux查看网络连接信息失败,【Linux 运维】查看网络连接状态信息之netstat和ss命令详解[转]..._第2张图片](http://img.e-com-net.com/image/info8/e029ce501c304bf6846fbe25580d2e42.jpg)
实例二:使用netstat -an[[email protected] ~]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 192.168.19.129:22 192.168.19.1:1108 ESTABLISHED
tcp 0 0 192.168.19.129:22 192.168.19.1:2301 ESTABLISHED
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
udp 0 0 127.0.0.1:323 0.0.0.0:*
udp 0 0 192.168.19.129:39366 85.199.214.101:123 ESTABLISHED
udp 0 0 192.168.19.129:39060 85.199.214.100:123 ESTABLISHED
udp6 0 0 ::1:323 :::*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 25859 /run/docker/libnetwork/2607d31c4b65ff68cf08c24cc6d5e4687dad654f9ec402872e98f8dcc79f448f.sock
unix 2 [ ACC ] STREAM LISTENING 24960 private/rewrite
执行结果,除了上文的参数之外,还有Socket内容:
![linux查看网络连接信息失败,【Linux 运维】查看网络连接状态信息之netstat和ss命令详解[转]..._第3张图片](http://img.e-com-net.com/image/info8/ef285dc48dbe4f93b652f4f8ecd71470.jpg)
二、ss命令详解
ss是Socket Statistics的缩写ss命令可以用来获取socket统计信息,它可以显示和netstat类似的内容。但是ss的优势在于它能够显示更详细的有关网络连接的状态信息,而比netstat更快速、更高效。
ss命令是iproute2软件包中的一员
使用场景一:查看当前服务器的网络连接数[[email protected] ~]# ss -s
Total: 580 (kernel 1020)
TCP: 8 (estab 2, closed 1, orphaned 0, synrecv 0, timewait 0/0), ports 0
Transport Total IP IPv6
* 1020 - -
RAW 0 0 0
UDP 4 3 1
TCP 7 4 3
INET 11 7 4
FRAG 0 0 0
使用场景2:查看所有打开的网络端口[[email protected] ~]# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 rtnl:1736442360 *
nl UNCONN 768 0 rtnl:dockerd/853 *
nl UNCONN 0 0 rtnl:kernel *
nl UNCONN 0 0 rtnl:1736442360 *
nl UNCONN 4352 0 tcpdiag:ss/4865 *
nl UNCONN 768 0 tcpdiag:kernel *
nl UNCONN 0 0 xfrm:kernel *
nl UNCONN 0 0 xfrm:dockerd/853 *
nl UNCONN 0 0 selinux:kernel *
[[email protected] ~]# ss -pl #列出具体的程序名字
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 rtnl:1736442360 *
nl UNCONN 768 0 rtnl:dockerd/853 *
tcp LISTEN 0 128 :::http :::* users:(("httpd",pid=2493,fd=4),("httpd",pid=2492,fd=4),("httpd",pid=2491,fd=4),("httpd",pid=2490,fd=4),("httpd",pid=2489,fd=4),("httpd",pid=852,fd=4))
tcp LISTEN 0 128 :::ssh :::*
使用场景3:查看这台服务器上所有的Socket 连接
[[email protected] ~]# ss -a #列出所有网络连接
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 rtnl:1736442360 *
nl UNCONN 768 0 rtnl:dockerd/853 *
nl UNCONN 0 0 rtnl:kernel *
nl UNCONN 0 0 rtnl:1736442360 *
[[email protected] ~]# ss -ta #查看TCP socket
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:ssh *:*
LISTEN 0 100 127.0.0.1:smtp *:*
ESTAB 0 0 192.168.19.129:ssh 192.168.19.1:ratio-adp
ESTAB 0 0 192.168.19.129:ssh 192.168.19.1:cpq-wbem
LISTEN 0 128 :::http :::*
LISTEN 0 128 :::ssh :::*
LISTEN 0 100 ::1:smtp :::*
[[email protected] ~]# ss -ua #查看UDP Socket
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 127.0.0.1:323 *:*
ESTAB 0 0 192.168.19.129:53193 185.134.197.4:ntp
ESTAB 0 0 192.168.19.129:55294 193.228.143.12:ntp
ESTAB 0 0 192.168.19.129:49316 85.199.214.101:ntp
UNCONN 0 0 ::1:323 :::*
[[email protected] ~]#
[[email protected] ~]# ss -wa #查看RAW socket
State Recv-Q Send-Q Local Address:Port Peer Address:Port
[[email protected] ~]# ss -xa #查看UNIX socket
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_str LISTEN 0 128 /run/docker/libnetwork/2607d31c4b65ff68cf08c24cc6d5e4687dad654f9ec402872e98f8dcc79f448f.sock 25859 * 0
u_str LISTEN 0 100 private/rewrite 24960 * 0
u_str LISTEN 0 100 private/bounce 24963 * 0
u_str LISTEN 0 100 private/defer 24966 * 0
u_str LISTEN 0 100 private/trace 24969 * 0
三、netstat和ss之间替换命令
1、命令替换
![linux查看网络连接信息失败,【Linux 运维】查看网络连接状态信息之netstat和ss命令详解[转]..._第4张图片](http://img.e-com-net.com/image/info8/61fdbbb3fb6444a4927e5751ddd80139.jpg)
2、软件包替换
![linux查看网络连接信息失败,【Linux 运维】查看网络连接状态信息之netstat和ss命令详解[转]..._第5张图片](http://img.e-com-net.com/image/info8/87ac3fcb87ae4d1982314f49714aab01.jpg)