一、获取TCP连接数相关方法 方法一: [root@host-47-98-97-124 scripts]# netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' LISTEN 6 ESTABLISHED 64 TIME_WAIT 100
方法二: [root@host-47-98-97-124 scripts]# ss -ant | awk 'NR>1 {a[$1]++} END {for (b in a) print b,a[b]}' LISTEN 6 ESTAB 64 TIME-WAIT 100
netstat是遍历/proc下面每个PID目录,ss直接读/proc/net下面的统计信息。所以ss执行的时候消耗资源以及消耗的时间都比netstat少很多。
二、TCP状态信息描述
ESTABLISHED socket已经建立连接
CLOSED socket没有被使用,无连接
CLOSING 服务器端和客户端都同时关闭连接
CLOSE_WAIT 等待关闭连接
TIME_WAIT 表示收到了对方的FIN报文,并发送出了ACK报文,等待2MSL后就可回到CLOSED状态
LAST_ACK 远端关闭,当前socket被动关闭后发送FIN报文,等待对方ACK报文
LISTEN 监听状态
SYN_RECV 接收到SYN报文
SYN_SENT 已经发送SYN报文
FIN_WAIT1 The socket is closed, and the connection is shutting down
FIN_WAIT2 Connection is closed, and the socket is waiting for a shutdown from the remote end.
编写tcp状态监控脚本
#!/bin/bash
if [ $# -ne 1 ];then echo "Follow the script name with an argument " fi
case $1 in
established) #socket已经建立连接
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | grep -w ESTABLISHED | cut -d " " -f 2`
echo $result
;;
listen) #监听状态
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | grep -w LISTEN | cut -d " " -f 2`
echo $result
;;
timewait) #表示收到了对方的FIN报文,并发送出了ACK报文,等待2MSL后就可回到CLOSED状态
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | grep -w TIME_WAIT | cut -d " " -f 2`
echo $result
;;
closed)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/CLOSED/{print $2}'`
echo $result
;;
closewait)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/CLOSE_WAIT/{print $2}'`
if [ "$result" == "" ];then
echo 0
else
echo $result
fi
;;
closing)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/CLOSING/{print $2}'`
echo $result
;;
finwait1)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/FIN_WAIT1/{print $2}'`
echo $result
;;
finwait2)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/FIN_WAIT2/{print $2}'`
echo $result
;;
lastack)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/LAST_ACK /{print $2}'`
echo $result
;;
synrecv)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/SYN_RECV/{print $2}'`
echo $result
;;
synsent)
result=`netstat -an | awk '/^tcp/ {a[$NF]++} END {for (b in a) print b,a[b]}' | awk '/SYN_SENT/{print $2}'`
echo $result
;;
*)
echo -e "\e[033mUsage: sh $0 [closed|closing|closewait|synrecv|synsent|finwait1|finwait2|listen|established|lastack|timewait]\e[0m"
esac
#!/bin/bash
if [ $# -ne 1 ];then echo "Follow the script name with an argument " fi
case $1 in
LISTEN)
result=`ss -ant | awk 'NR>1 {a[$1]++} END {for (b in a) print b,a[b]}' | awk '/LISTEN/{print $2}'`
if [ "$result" == "" ];then
echo 0
else
echo $result
fi
;;
ESTAB)
result=`ss -ant | awk 'NR>1 {a[$1]++} END {for (b in a) print b,a[b]}' | awk '/ESTAB/{print $2}'`
if [ "$result" == "" ];then
echo 0
else
echo $result
fi
;;
CLOSE-WAIT)
result=`ss -ant | awk 'NR>1 {a[$1]++} END {for (b in a) print b,a[b]}' | awk '/CLOSE-WAIT/{print $2}'`
if [ "$result" == "" ];then
echo 0
else
echo $result
fi
;;
TIME-WAIT)
result=`ss -ant | awk 'NR>1 {a[$1]++} END {for (b in a) print b,a[b]}' | awk '/TIME-WAIT/{print $2}'`
if [ "$result" == "" ];then
echo 0
else
echo $result
fi
;;
esac