用于显示各种网络相关信息,如网络连接,路由表,接口状态 (Interface Statistics),masquerade 连接,多播成员 (Multicast Memberships) 等
输出信息含义
root@ubuntu:~ # netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost.localdo:27017 localhost.localdo:57278 ESTABLISHED
tcp 0 0 localhost.localdo:27017 localhost.localdo:57210 ESTABLISHED
tcp 0 0 localhost.localdom:6379 localhost.localdo:49426 ESTABLISHED
tcp 0 0 localhost.localdom:6379 localhost.localdo:49582 ESTABLISHED
tcp 0 0 ubuntu:55468 172.17.0.3:6379 ESTABLISHED
tcp 0 0 localhost.localdo:48066 localhost.localdo:27017 ESTABLISHED
tcp 0 0 ubuntu:52974 172.17.0.3:6379 ESTABLISHED
tcp 0 0 localhost.localdo:56594 localhost.localdo:27017 ESTABLISHED
tcp 0 0 localhost.localdo:57210 localhost.localdo:27017 ESTABLISHED
tcp 0 0 localhost.localdom:6379 localhost.localdo:52394 ESTABLISHED
tcp 0 0 localhost.localdo:27017 localhost.localdo:59156 ESTABLISHED
tcp 0 0 localhost.localdo:27017 localhost.localdo:56952 ESTABLISHED
tcp 0 0 localhost.localdo:27017 localhost.localdo:52960 ESTABLISHED
tcp 0 0 localhost.localdo:27017 localhost.localdo:57326 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 45769 /run/user/0/systemd/notify
unix 3 [ ] DGRAM 45076 /run/systemd/notify
unix 2 [ ] DGRAM 45101 /run/systemd/journal/syslog
unix 10 [ ] DGRAM 45105 /run/systemd/journal/socket
unix 16 [ ] DGRAM 25376 /run/systemd/journal/dev-log
unix 2 [ ] DGRAM 41723412
unix 2 [ ] DGRAM 1324
unix 3 [ ] STREAM CONNECTED 32436618
unix 3 [ ] STREAM CONNECTED 15621 /run/systemd/journal/stdout
- Active Internet connections 有源TCP连接
Recv-Q:接收队列
Send-Q:发送队列
一般为0 - Active UNIX domain sockets 有源Unix域套接口
和网络套接字一样,但是只用于本机通信,性能更优
Proto:连接使用的协议
RefCnt:连接到本套接口的进程号
Type:套接口类型
State:套接口状态
Path:连接到套接口的其它进程使用的路径名
常用参数
-a (all)显示所有选项,默认不显示LISTEN相关
-t (tcp)仅显示tcp相关选项
-u (udp)仅显示udp相关选项
-n 拒绝显示别名,能显示数字的全部转化成数字。
-l 仅列出有在 Listen (监听) 的服務状态
-p 显示建立相关链接的程序名
-r 显示路由信息,路由表
-e 显示扩展信息,例如uid等
-s 按各个协议进行统计
-c 每隔一个固定时间,执行该netstat命令。
提示:LISTEN和LISTENING的状态只有用-a或者-l才能看到
使用示例
- 列出所有监听和未监听的端口
root@ubuntu:~ # netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdo:27017 localhost.localdo:57278 ESTABLISHED
- 列出所有监听和未监听的tcp端口
root@ubuntu:~ # netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdo:27017 localhost.localdo:57278 ESTABLISHED
tcp 0 0 localhost.localdo:27017 localhost.localdo:57210 ESTABLISHED
tcp 0 0 localhost.localdom:6379 localhost.localdo:49426 ESTABLISHED
tcp 0 0 localhost.localdom:6379 localhost.localdo:49582 ESTABLISHED
tcp 0 0 ubuntu:55468 172.17.0.3:6379 ESTABLISHED
tcp 0 0 localhost.localdo:48066 localhost.localdo:27017 ESTABLISHED
- 列出所有监听和未监听的udp端口
root@ubuntu:~ # netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 localhost:domain 0.0.0.0:*
udp 0 0 ubuntu:bootpc 0.0.0.0:*
- 列出所有处于监听状态的Sockets的端口
root@ubuntu:~ # netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN
tcp 0 0 localhost:domain 0.0.0.0:* LISTEN
tcp6 0 0 [::]:2181 [::]:* LISTEN
tcp6 0 0 localhost6.localdo:6379 [::]:* LISTEN
udp 0 0 localhost:domain 0.0.0.0:*
udp 0 0 ubuntu:bootpc 0.0.0.0:*
raw6 0 0 [::]:ipv6-icmp [::]:* 7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] SEQPACKET LISTENING 45098 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 45772 /run/user/0/systemd/private
unix 2 [ ACC ] STREAM LISTENING 45776 /run/user/0/gnupg/S.gpg-agent
unix 2 [ ACC ] SEQPACKET LISTENING 41811990 @cuda-uvmfd-4026531836-30098@
unix 2 [ ACC ] SEQPACKET LISTENING 442711 @cuda-uvmfd-4026531836-12867@
unix 2 [ ACC ] SEQPACKET LISTENING 442725 @cuda-uvmfd-4026531836-12866@
- 列出所有处于监听UNIX的Sockets的端口
root@ubuntu:~ # netstat -lx
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] SEQPACKET LISTENING 45098 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 45772 /run/user/0/systemd/private
unix 2 [ ACC ] STREAM LISTENING 45776 /run/user/0/gnupg/S.gpg-agent
unix 2 [ ACC ] STREAM LISTENING 45777 /run/user/0/gnupg/S.gpg-agent.extra
unix 2 [ ACC ] STREAM LISTENING 45778 /run/user/0/gnupg/S.gpg-agent.browser
unix 2 [ ACC ] STREAM LISTENING 45779 /run/user/0/gnupg/S.dirmngr
unix 2 [ ACC ] STREAM LISTENING 45780 /run/user/0/gnupg/S.gpg-agent.ssh
unix 2 [ ACC ] SEQPACKET LISTENING 41811990 @cuda-uvmfd-4026531836-30098@
unix 2 [ ACC ] SEQPACKET LISTENING 442711 @cuda-uvmfd-4026531836-12867@
- 显示UDP端口的统计信息
root@ubuntu:~ # netstat -su
IcmpMsg:
InType0: 30
InType3: 341
InType8: 38
OutType0: 38
OutType3: 532
OutType5: 1
OutType8: 30
Udp:
2677 packets received
152 packets to unknown port received
0 packet receive errors
2733 packets sent
0 receive buffer errors
0 send buffer errors
IgnoredMulti: 113596
UdpLite:
IpExt:
InBcastPkts: 113596
InOctets: 24951781738842
OutOctets: 21721838794820
InBcastOctets: 13099334
InNoECTPkts: 11730786509
InECT0Pkts: 16119
- 显示TCP进程相关的PID和进程名称
root@ubuntu:~ # netstat -pt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdo:27017 localhost.localdo:57278 ESTABLISHED 1519/mongod
tcp 0 0 localhost.localdom:6379 localhost.localdo:49582 ESTABLISHED 1471/redis-server 0
tcp 0 0 ubuntu:55468 172.17.0.3:6379 ESTABLISHED 10504/docker-proxy
tcp 0 0 localhost.localdo:48066 localhost.localdo:27017 ESTABLISHED 3281/python
tcp 0 0 localhost.localdo:57322 localhost.localdo:27017 ESTABLISHED 22733/python
- 显示核心路由信息
root@ubuntu:~ # netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default _gateway 0.0.0.0 UG 0 0 0 eno1
default _gateway 0.0.0.0 UG 0 0 0 eno1
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1
_gateway 0.0.0.0 255.255.255.255 UH 0 0 0 eno1
- 找出程序运行的端口
root@ubuntu:~ # netstat -ap|grep ssh
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 1975/sshd
tcp 0 0 node1:ssh 192.168.0.196:2198 ESTABLISHED 11782/sshd: root@pt
tcp 0 0 node1:ssh 192.168.0.196:12726 ESTABLISHED 730/sshd: root@pts/
tcp6 0 0 [::]:ssh [::]:* LISTEN 1975/sshd
unix 2 [ ACC ] STREAM LISTENING 45780 5521/systemd /run/user/0/gnupg/S.gpg-agent.ssh
unix 3 [ ] STREAM CONNECTED 29167 1975/sshd
unix 2 [ ] DGRAM 39937779 28263/sshd: root@no
unix 2 [ ] DGRAM 30718863 11782/sshd: root@pt
网友评论