2023年7月10日发(作者:)
netstat命令详解和⽤法⽰例netstat命令netstat (network statistics) 是⼀个命令⾏的⽹络状况查看分析⼯具,它可以打印当前⽹络的连接情况,路由表 ,⽹络接⼝统计,伪装连接、multicast memberships。linux系统上的netstat命令详解命令语法netstat命令: ⽤于输出和⽹络相关的信息,⽐如⽹络连接状况、路由表、接⼝统计等信息。通过它,你可以看到有哪些⽹络⽹络连接、端⼝号在使⽤,以及哪些进程使⽤他们。netstat语法格式:netstat [address_family_options] [--tcp|-t] [--udp|-u] [--udplite|-U][--sctp|-S] [--raw|-w] [--l2cap|-2] [--rfcomm|-f] [--listening|-l][--all|-a] [--numeric|-n] [--numeric-hosts] [--numeric-ports][--numeric-users] [--symbolic|-N] [--extend|-e[--extend|-e]][--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c][--wide|-W]命令选项的说明:选项简称-a-t-u-l-n-c-p-ealltcpudp完整选项名展⽰所有的监听和⾮监听的套接字只展⽰tcp端⼝上的套接字只展⽰udp端⼝上的套接字只展⽰监听的套接字以数字化的形式展⽰地址、端⼝号每秒钟连续打印指定的信息含义listeningnumericcontinuousprogramextend同时展⽰出每个套接字所属的进程的PID和名称展⽰更多的附加信息命令的输出结果[root@iZbp10j45698ftelmrcx2Z ~]# netstat -natpActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 0.0.0.0:2181 0.0.0.0:* LISTEN 23372/javatcp 0 0 0.0.0.0:18342 0.0.0.0:* LISTEN 23372/javatcp 0 0 127.0.0.1:11883 0.0.0.0:* LISTEN 30368/ 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 23619/nginx: mastertcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 23372/javatcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 30368/ 0 0 0.0.0.0:4370 0.0.0.0:* LISTEN 30368/ 0 0 0.0.0.0:8883 0.0.0.0:* LISTEN 30368/ 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 22553/sshdtcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 19065/postmastertcp 0 0 0.0.0.0:5370 0.0.0.0:* LISTEN 30368/ 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN 30368/ 0 0 0.0.0.0:9600 0.0.0.0:* LISTEN 13648/javatcp 0 0 0.0.0.0:18083 0.0.0.0:* LISTEN 30368/ 0 0 172.16.54.168:1883 39.144.5.203:43314 ESTABLISHED 30368/ 0 0 172.16.54.168:64118 100.100.45.186:80 TIME_WAIT -tcp 0 0 172.16.54.168:1883 117.61.0.28:35013 ESTABLISHED 30368/ 0 0 172.16.54.168:1883 117.132.195.157:24087 ESTABLISHED 30368/ 0 0 172.16.54.168:1883 39.144.13.7:62568 ESTABLISHED 30368/ 0 0 172.16.54.168:1883 218.26.55.74:37440 ESTABLISHED 30368/ 0 0 172.16.54.168:1883 39.144.15.90:16553 ESTABLISHED 30368/ 0 8 172.16.54.168:1883 117.61.8.52:35387 ESTABLISHED 30368/ 0 0 172.16.54.168:1883 39.144.5.188:42274 ESTABLISHED 30368/ 0 0 172.16.54.168:1883 117.132.194.247:42289 ESTABLISHED 30368/ 0 0 172.16.54.168:1883 117.132.195.153:17158 TIME_WAIT -tcp 0 0 172.16.54.168:9600 113.89.10.102:6439 ESTABLISHED 13648/javatcp 0 0 172.16.54.168:1883 117.61.8.52:35380 TIME_WAIT -tcp 0 0 172.16.54.168:1883 221.178.124.19:8942 ESTABLISHED 30368/ 0 4 172.16.54.168:1883 98.116.200.113:38340 ESTABLISHED 30368/[root@iZbp10j45698ftelmrcx2Z ~]#每⼀列的含义:列名ProtoRecv-QSend-QLocal AddressForeign AddressStateState的值:含义此套接字所使⽤的协议Established连接:接收队列.此连接的接收队列中的字节数Established连接:发送队列.此连接的发送队列中的字节数此套接字在本地端的地址和端⼝号此套接字在远端的地址和端⼝号此套接字的状态(只对TCP协议有意义)值ESTABLISHEDSYN_SENTSYN_RECVFIN_WAIT1FIN_WAIT2TIME_WAIT此套接字已建⽴连接此套接字正在积极地试图建⽴连接已经收到了连接请求此套接字被关闭,并且正在结束此连接含义连接被关闭,并且此套接字正在等待远端的结束关闭之后,此套接字正等待处理仍在⽹络上的数据包CLOSED值当前已不再使⽤此套接字远端已经结束,现在正等待此套接字关闭含义CLOSE_WAITLAST_ACKLISTENCLOSINGUNKNOWN远端已经结束,此套接字已被关闭,并正等待确认此套接字正在监听⼊站连接俩端的套接字都结束了,但是我们仍有数据没被发送出去未知linux系统上常⽤的netstat命令选项查看服务器当前监听的所有TCP端⼝号netstat -lt⽰例# netstat -ltActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address Statetcp 0 0 *:dctp *:* LISTENtcp 0 0 *:mysql *:* LISTENtcp 0 0 *:sunrpc *:* LISTENtcp 0 0 *:munin *:* LISTENtcp 0 0 *:ftp *:* LISTENtcp 0 0 omain:ipp *:* LISTENtcp 0 0 omain:smtp *:* LISTENtcp 0 0 *:http *:* LISTENtcp 0 0 *:ssh *:* LISTENtcp 0 0 *:https *:* LISTEN查看某个端⼝号的服务所有tcp连接netstat -nat|grep -i "1883"[root@iZbp10j45698ftelmrcx2Z ~]# netstat -nat|grep -i "1883"tcp 0 0 127.0.0.1:11883 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN
tcp 0 0 172.16.54.168:1883 117.61.8.52:35389 SYN_RECV
tcp 0 0 172.16.54.168:1883 39.144.5.203:43314 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.132.195.153:34235 TIME_WAIT
tcp 0 0 172.16.54.168:1883 39.144.15.73:13872 ESTABLISHEDtcp 0 0 172.16.54.168:1883 39.144.18.95:40516 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.61.9.115:29264 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.132.193.142:35312 ESTABLISHEDtcp 0 0 172.16.54.168:1883 203.168.9.165:26093 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.132.198.60:56892 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.132.195.153:34243 TIME_WAIT
tcp 0 0 172.16.54.168:1883 39.144.18.241:29091 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.132.191.192:41933 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.132.191.181:2142 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.61.8.41:21068 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.61.8.52:35373 TIME_WAIT
tcp 0 0 172.16.54.168:1883 117.61.8.52:35388 TIME_WAIT
tcp 0 0 172.16.54.168:1883 1.80.80.156:12861 ESTABLISHEDtcp 0 0 172.16.54.168:1883 39.144.10.154:44862 ESTABLISHEDtcp 0 0 172.16.54.168:1883 117.132.192.41:63551 ESTABLISHEDtcp 0 0 172.16.54.168:1883 39.144.1.91:60008 ESTABLISHED查看某个端⼝上处于ESTABLISHED状态的连接个数netstat -na | grep -i 1883|grep ESTABLISHED|wc -l[root@iZbp10j40viotftelmrcx2Z ~]# netstat -na | grep -i 1883|grep ESTABLISHED|wc -l185[root@iZbp10j40viotftelmrcx2Z ~]#
参考⽂献1、man8⼿册2、netstat3、使⽤netstat进⾏⽹络管理
发布者:admin,转转请注明出处:http://www.yc00.com/news/1688985679a191736.html
评论列表(0条)