|
netstat
简介 netstat命令用于显示各种网络相关信息,如网络连接,路由表,接口状态(interface statistice),masquerade连接,多播成员(Multicast Memberships)等等 输出信息含义 执行netstat后,其输出结果为 [iyunv@yubing ~]# netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 6 [ ] DGRAM 9036 /dev/log unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd unix 2 [ ] DGRAM 10123 unix 2 [ ] DGRAM 9940 unix 2 [ ] DGRAM 9214 unix 2 [ ] DGRAM 9044 从整体上看,netstat的输出结果可以分为两个部分: 一个是Active Internet connections,称为有源TCP连接,其中“Recv-Q”和“Send-Q”指的是接收队列和发送队列。这些数字一般都应该是0.如果不是则表示软件包正在列队中堆积。这种情况只能在非常少的情况见到。 另一个是Active UNIX domain sockets,称为有源Unix域套接口(和网络套接字一样,但是只能用于本机通信,性能可以提高一倍)。 Proto显示连接使用的协议,RefCnt表示连接到本套接口上的进程号,Types显示套接口的类型,State显示套接口当前的状态,Path表示连接到套接口的其它进程使用的路径名。 常见参数: -a (all)显示所有选项,默认不显示LISTEN相关 -t (tcp)仅显示tcp相关选项 -u (udp)仅显示udp相关选项 -n 拒绝显示别名,能显示数字的全部转化成数字。 -l 仅列出有在 Listen (监听) 的服務状态 -p 显示建立相关链接的程序名 -r 显示路由信息,路由表 -e 显示扩展信息,例如uid等 -s 按各个协议进行统计 -c 每隔一个固定时间,执行该netstat命令。 提示:LISTEN和LISTENING的状态只有用-a或者-l才能看到 [iyunv@yubing ~]# netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 6 [ ] DGRAM 9036 /dev/log unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd unix 2 [ ] DGRAM 10123 unix 2 [ ] DGRAM 9940 unix 2 [ ] DGRAM 9214 unix 2 [ ] DGRAM 9044 [iyunv@yubing ~]# netstat -a 列出所有端口 Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:ssh *:* LISTEN tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED udp 0 0 *:bootpc *:* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 10136 /tmp/ssh-DQxsec2667/agent.2667 unix 6 [ ] DGRAM 9036 /dev/log unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd unix 2 [ ] DGRAM 10123 unix 2 [ ] DGRAM 9940 unix 2 [ ] DGRAM 9214 unix 2 [ ] DGRAM 9044 [iyunv@yubing ~]# netstat -at 列出所有tcp端口 Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:ssh *:* LISTEN tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED [iyunv@yubing ~]# netstat -au 列出所有udp端口 Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 *:bootpc *:* [iyunv@yubing ~]# netstat -l 只显示监听端口 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:ssh *:* LISTEN udp 0 0 *:bootpc *:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 10136 /tmp/ssh-DQxsec2667/agent.2667 [iyunv@yubing ~]# netstat -s 显示所有端口的统计信息 Ip: 1356 total packets received 1 with invalid addresses 0 forwarded 0 incoming packets discarded 1355 incoming packets delivered 1800 requests sent out Icmp: 0 ICMP messages received 0 input ICMP message failed. ICMP input histogram: 0 ICMP messages sent 0 ICMP messages failed ICMP output histogram: Tcp: 0 active connections openings 2 passive connection openings 0 failed connection attempts 0 connection resets received 1 connections established 1328 segments received 1778 segments send out 0 segments retransmited 0 bad segments received. 0 resets sent Udp: 18 packets received 0 packets to unknown port received. 0 packet receive errors 22 packets sent TcpExt: 7 delayed acks sent 118 packets header predicted 951 acknowledgments not containing data received 0 TCP data loss events IpExt: InBcastPkts: 9 [iyunv@yubing ~]# netstat -p 显示建立相关链接的程序名 Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 148 bogon:ssh bogon:sdproxy ESTABLISHED 2667/0 Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 6 [ ] DGRAM 9036 2376/syslogd /dev/log unix 2 [ ] DGRAM 1835 588/udevd @/org/kernel/udev/udevd unix 2 [ ] DGRAM 10123 2667/0 unix 2 [ ] DGRAM 9940 2325/dhclient unix 2 [ ] DGRAM 9214 2452/crond unix 2 [ ] DGRAM 9044 2379/klogd [iyunv@yubing ~]# netstat -pt Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 148 bogon:ssh bogon:sdproxy ESTABLISHED 2667/0 [iyunv@yubing ~]# netstat -an 当你不想让主机,端口和用户名显示,使用netstat -n。将会使用数字代替那些名称 Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 :::22 :::* LISTEN tcp 0 132 ::ffff:192.168.18.132:22 ::ffff:192.168.18.1:1297 ESTABLISHED udp 0 0 0.0.0.0:68 0.0.0.0:* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 10136 /tmp/ssh-DQxsec2667/agent.2667 unix 6 [ ] DGRAM 9036 /dev/log unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd unix 2 [ ] DGRAM 10123 unix 2 [ ] DGRAM 9940 unix 2 [ ] DGRAM 9214 unix 2 [ ] DGRAM 9044 [iyunv@yubing ~]# netstat -ap | grep ssh 找出程序运行的端口 并不是所有的进程都能找到,没有权限的会不显示,使用root权限查看所有的信息 tcp 0 0 *:ssh *:* LISTEN 2439/sshd tcp 0 52 bogon:ssh bogon:sdproxy ESTABLISHED 2667/0 unix 2 [ ACC ] STREAM LISTENING 10136 2667/0 /tmp/ssh-DQxsec2667/agent.2667 [iyunv@yubing ~]# netstat -an | grep ':80' [iyunv@yubing ~]# netstat -i 显示网络接口列表 Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 1572 0 0 0 2011 0 0 0 BMRU lo 16436 0 0 0 0 0 0 0 0 0 LRU [iyunv@yubing ~]# netstat -r 显示核心路由信息 Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.18.0 * 255.255.255.0 U 0 0 0 eth0 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 default bogon 0.0.0.0 UG 0 0 0 eth0 [iyunv@yubing ~]# netstat -ie 显示详细信息,像是ifconfig Kernel Interface table eth0 Link encap:Ethernet HWaddr 00:0C:29:D6:54:00 inet addr:192.168.18.132 Bcast:192.168.18.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fed6:5400/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1603 errors:0 dropped:0 overruns:0 frame:0 TX packets:2034 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:125127 (122.1 KiB) TX bytes:261086 (254.9 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2013-5-9 11:36:17
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡