Linux命令之netstat

原创

梵音静思 2013-05-09 08:52:08 博主文章分类：Linux命令 ©著作权

文章标签 netstat linux netstat命令 文章分类 运维

©著作权归作者所有：来自51CTO博客作者梵音静思的原创作品，请联系作者获取转载授权，否则将追究法律责任

netstat

简介

netstat命令用于显示各种网络相关信息，如网络连接，路由表，接口状态（interface statistice），masquerade连接，多播成员（Multicast Memberships）等等

输出信息含义

执行netstat后，其输出结果为

[root@yubing ~]# netstat

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED

Active UNIX domain sockets (w/o servers)

Proto RefCnt Flags Type State I-Node Path

unix 6 [ ] DGRAM 9036 /dev/log

unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd

unix 2 [ ] DGRAM 10123

unix 2 [ ] DGRAM 9940

unix 2 [ ] DGRAM 9214

unix 2 [ ] DGRAM 9044

从整体上看，netstat的输出结果可以分为两个部分：

一个是Active Internet connections，称为有源TCP连接，其中“Recv-Q”和“Send-Q”指的是接收队列和发送队列。这些数字一般都应该是0.如果不是则表示软件包正在列队中堆积。这种情况只能在非常少的情况见到。

另一个是Active UNIX domain sockets，称为有源Unix域套接口(和网络套接字一样，但是只能用于本机通信，性能可以提高一倍)。

Proto显示连接使用的协议,RefCnt表示连接到本套接口上的进程号,Types显示套接口的类型,State显示套接口当前的状态,Path表示连接到套接口的其它进程使用的路径名。

常见参数：

-a (all)显示所有选项，默认不显示LISTEN相关

-t (tcp)仅显示tcp相关选项

-u (udp)仅显示udp相关选项

-n 拒绝显示别名，能显示数字的全部转化成数字。

-l 仅列出有在 Listen (监听) 的服務状态

-p 显示建立相关链接的程序名

-r 显示路由信息，路由表

-e 显示扩展信息，例如uid等

-s 按各个协议进行统计

-c 每隔一个固定时间，执行该netstat命令。

提示：LISTEN和LISTENING的状态只有用-a或者-l才能看到

[root@yubing ~]# netstat

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED

Active UNIX domain sockets (w/o servers)

Proto RefCnt Flags Type State I-Node Path

unix 6 [ ] DGRAM 9036 /dev/log

unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd

unix 2 [ ] DGRAM 10123

unix 2 [ ] DGRAM 9940

unix 2 [ ] DGRAM 9214

unix 2 [ ] DGRAM 9044

[root@yubing ~]# netstat -a 列出所有端口

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 *:ssh *:* LISTEN

tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED

udp 0 0 *:bootpc *:*

Active UNIX domain sockets (servers and established)

Proto RefCnt Flags Type State I-Node Path

unix 2 [ ACC ] STREAM LISTENING 10136 /tmp/ssh-DQxsec2667/agent.2667

unix 6 [ ] DGRAM 9036 /dev/log

unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd

unix 2 [ ] DGRAM 10123

unix 2 [ ] DGRAM 9940

unix 2 [ ] DGRAM 9214

unix 2 [ ] DGRAM 9044

[root@yubing ~]# netstat -at 列出所有tcp端口

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 *:ssh *:* LISTEN

tcp 0 132 bogon:ssh bogon:sdproxy ESTABLISHED

[root@yubing ~]# netstat -au 列出所有udp端口

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State

udp 0 0 *:bootpc *:*

[root@yubing ~]# netstat -l 只显示监听端口

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 *:ssh *:* LISTEN

udp 0 0 *:bootpc *:*

Active UNIX domain sockets (only servers)

Proto RefCnt Flags Type State I-Node Path

unix 2 [ ACC ] STREAM LISTENING 10136 /tmp/ssh-DQxsec2667/agent.2667

[root@yubing ~]# netstat -s 显示所有端口的统计信息

Ip:

1356 total packets received

1 with invalid addresses

0 forwarded

0 incoming packets discarded

1355 incoming packets delivered

1800 requests sent out

Icmp:

0 ICMP messages received

0 input ICMP message failed.

ICMP input histogram:

0 ICMP messages sent

0 ICMP messages failed

ICMP output histogram:

Tcp:

0 active connections openings

2 passive connection openings

0 failed connection attempts

0 connection resets received

1 connections established

1328 segments received

1778 segments send out

0 segments retransmited

0 bad segments received.

0 resets sent

Udp:

18 packets received

0 packets to unknown port received.

0 packet receive errors

22 packets sent

TcpExt:

7 delayed acks sent

118 packets header predicted

951 acknowledgments not containing data received

0 TCP data loss events

IpExt:

InBcastPkts: 9

[root@yubing ~]# netstat -p 显示建立相关链接的程序名

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 148 bogon:ssh bogon:sdproxy ESTABLISHED 2667/0

Active UNIX domain sockets (w/o servers)

Proto RefCnt Flags Type State I-Node PID/Program name Path

unix 6 [ ] DGRAM 9036 2376/syslogd /dev/log

unix 2 [ ] DGRAM 1835 588/udevd @/org/kernel/udev/udevd

unix 2 [ ] DGRAM 10123 2667/0

unix 2 [ ] DGRAM 9940 2325/dhclient

unix 2 [ ] DGRAM 9214 2452/crond

unix 2 [ ] DGRAM 9044 2379/klogd

[root@yubing ~]# netstat -pt

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 148 bogon:ssh bogon:sdproxy ESTABLISHED 2667/0

[root@yubing ~]# netstat -an

当你不想让主机，端口和用户名显示，使用netstat -n。将会使用数字代替那些名称

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 :::22 :::* LISTEN

tcp 0 132 ::ffff:192.168.18.132:22 ::ffff:192.168.18.1:1297 ESTABLISHED

udp 0 0 0.0.0.0:68 0.0.0.0:*

Active UNIX domain sockets (servers and established)

Proto RefCnt Flags Type State I-Node Path

unix 2 [ ACC ] STREAM LISTENING 10136 /tmp/ssh-DQxsec2667/agent.2667

unix 6 [ ] DGRAM 9036 /dev/log

unix 2 [ ] DGRAM 1835 @/org/kernel/udev/udevd

unix 2 [ ] DGRAM 10123

unix 2 [ ] DGRAM 9940

unix 2 [ ] DGRAM 9214

unix 2 [ ] DGRAM 9044

[root@yubing ~]# netstat -ap | grep ssh 找出程序运行的端口

并不是所有的进程都能找到，没有权限的会不显示，使用root权限查看所有的信息

tcp 0 0 *:ssh *:* LISTEN 2439/sshd

tcp 0 52 bogon:ssh bogon:sdproxy ESTABLISHED 2667/0

unix 2 [ ACC ] STREAM LISTENING 10136 2667/0 /tmp/ssh-DQxsec2667/agent.2667

[root@yubing ~]# netstat -an | grep ':80'

[root@yubing ~]# netstat -i 显示网络接口列表

Kernel Interface table

Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVRTX-OK TX-ERR TX-DRPTX-OVR Flg

eth0 1500 0 1572 0 0 0 2011 0 0 0 BMRU

lo 16436 0 0 0 0 0 0 0 0 0 LRU

[root@yubing ~]# netstat -r 显示核心路由信息

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

192.168.18.0 * 255.255.255.0 U 0 0 0 eth0

169.254.0.0 * 255.255.0.0 U 0 0 0 eth0

default bogon 0.0.0.0 UG 0 0 0 eth0

[root@yubing ~]# netstat -ie 显示详细信息，像是ifconfig

Kernel Interface table

eth0 Link encap:Ethernet HWaddr 00:0C:29:D6:54:00

inet addr:192.168.18.132 Bcast:192.168.18.255 Mask:255.255.255.0

inet6 addr: fe80::20c:29ff:fed6:5400/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:1603 errors:0 dropped:0 overruns:0 frame:0

TX packets:2034 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:125127 (122.1 KiB) TX bytes:261086 (254.9 KiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

上一篇：Linux命令之mv

下一篇：Linux命令之nl

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯