一、liunx 下
1.查找指定目标项目(atf web工程)进程的pid
ps -aux | grep atf
root 3582 0.1 11.2 382228 190588 ? Sl 09:31 0:19 java -Datf -jar start.jar etc/jetty.xml
root 22121 0.0 0.0 1644 508 pts/1 R+ 12:12 0:00 grep atf
2.在全部端口中查找进程号为 pid=3582(atf项目的进程号) 的信息
netstat -naop | grep 3582
tcp6 0 0 :::8080 :::* LISTEN 3582/java off (0.00/0/0)
tcp6 0 0 :::8443 :::* LISTEN 3582/java off (0.00/0/0)
tcp6 0 0 ::ffff:192.168.6.:49454 ::ffff:192.168.6.1:1531 ESTABLISHED3582/java off (0.00/0/0)
tcp6 0 0 ::ffff:192.168.6.:49593 ::ffff:192.168.6.:61616 ESTABLISHED3582/java off (0.00/0/0)
tcp6 0 0 ::ffff:192.168.6.:34871 ::ffff:192.168.6.1:1531 ESTABLISHED3582/java off (0.00/0/0)
tcp6 0 0 ::ffff:192.168.6.2:8080 ::ffff:192.168.88.:3692 ESTABLISHED3582/java off (0.00/0/0)
tcp6 0 0 ::ffff:192.168.6.2:8080 ::ffff:192.168.88.:3689 ESTABLISHED3582/java off (0.00/0/0)
tcp6 0 0 ::ffff:192.168.6.2:8443 ::ffff:192.168.88.:3695 ESTABLISHED3582/java off (0.00/0/0)
tcp6 0 0 ::ffff:192.168.6.2:8443 ::ffff:192.168.88.:3697 ESTABLISHED3582/java off (0.00/0/0)
其中 :::8080 和:::8443 是 atf项目打开的端口号,
其他是已经和atf建立连接的请求服务。
这里建立的7个链接
两个oracle的连接
::ffff:192.168.6.:49454 ::ffff:192.168.6.1:1531 ESTABLISHED
::ffff:192.168.6.:34871 ::ffff:192.168.6.1:1531 ESTABLISHED
一个apache-activemq的连接
::ffff:192.168.6.:49593 ::ffff:192.168.6.:61616
四个请求连接(表示有两个用户在使用atf系统系统,在生产环境中可以用来判断当前正在使用atf系统的用户数)
::ffff:192.168.6.2:8080 ::ffff:192.168.88.:3692 ESTABLISHED3582/java off (0.00/0/0)
::ffff:192.168.6.2:8080 ::ffff:192.168.88.:3689 ESTABLISHED3582/java off (0.00/0/0)
::ffff:192.168.6.2:8443 ::ffff:192.168.88.:3695 ESTABLISHED3582/java off (0.00/0/0)
::ffff:192.168.6.2:8443 ::ffff:192.168.88.:3697 ESTABLISHED3582/java off (0.00/0/0)
二、 windows 下
1.查找指定目标进程(java的atf web工程)
tasklist -v |find "java"
图像名 PID
javaw.exe 2760
2.在全部端口中查找进程号为 pid=3582(atf项目的进程号) 的信息
netstat -nao |find "2760"
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 1232
TCP 0.0.0.0:8443 0.0.0.0:0 LISTENING 1232
TCP 192.168.88.46:4168 192.168.6.19:1531 ESTABLISHED 1232
TCP 192.168.88.46:4169 192.168.6.19:1531 ESTABLISHED 1232
三、
netstat在显示连接情景是的state的几个值所代表的意义,其实也就是TCP连接的三次握手细分的状态:
The state of the socket. Since there are no states in raw mode and usually no states used in UDP, this column may be
left blank. Normally this can be one of several values:
ESTABLISHED #套结字确立连接
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSED The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN
he socket is listening for incoming connections. Such sockets are not included in the output unless you spec-
ify the --listening (-l) or --all (-a) option.
CLOSING
Both sockets are shut down but we still don’t have all our data sent.
UNKNOWN
The state of the socket is unknown.
连接进程是通过一系列状态表示的,这些状态有:
LISTEN,SYN-SENT,SYN-RECEIVED,ESTABLISHED,FIN-WAIT-1,FIN-WAIT-2,CLOSE-WAIT,CLOSING,LAST-ACK,TIME-WAIT和 CLOSED。
各个状态的意义如下:
LISTEN - 侦听来自远方TCP端口的连接请求,表示这个端口正在开放 可以提供服务;
SYN-SENT - 在发送连接请求后等待匹配的连接请求,SYN Sent和established是对应的 established是你接受别人发来的数据 而那个是你发出让别人接受 ;
SYN-RECEIVED - 在收到和发送一个连接请求后等待对连接请求的确认;
ESTABLISHED - 代表一个打开的连接,数据可以传送给用户,是对方与你已经产生了连接 正在通信交换数据 ;
FIN-WAIT-1 - 等待远程TCP的连接中断请求,或先前的连接中断请求的确认;
FIN-WAIT-2 - 从远程TCP等待连接中断请求;
CLOSE-WAIT - 等待从本地用户发来的连接中断请求;
CLOSING - 等待远程TCP对连接中断的确认,表示端口人为或者放火墙使其关闭(也许服务被卸载) ;
LAST-ACK - 等待原来发向远程TCP的连接中断请求的确认;
TIME-WAIT - 等待足够的时间以确保远程TCP接收到连接中断请求的确认,正在等待连接 就是你正在向该端口发送请求连接状态 也许因为网速 也许认证问题 反正你没练上 正在提交连接请求(长时间这样状态会变成第四个) 如:Timewait代表等待《例如:QQ聊天开始时是Listening,建立聊天之后就Established,如果是关闭聊天窗口,就会变成Timewait等待连接…》! ;
CLOSED - 没有任何连接状态;
TCP连接过程是状态的转换,促使发生状态转换的是用户调用:OPEN,SEND,RECEIVE,CLOSE,ABORT和STATUS;
传送过来的数据段,特别那些包括以下标记的数据段SYN,ACK,RST和FIN;
还有超时,上面所说的都会时TCP状态发生变化。