文章目录
[隐藏]1.释义
netstat是控制台命令,是一个监控TCP/IP网络的非常有用的工具,它可以显示路由表、实际的网络连接以及每一个网络接口设备的状态信息。netstat用于显示与IP、TCP、UDP和ICMP协议相关的统计数据,一般用于检验本机各端口的网络连接情况
2.系统帮助
usage: netstat [-vWeenNcCF] [<Af>] -r netstat {-V|--version|-h|--help}
netstat [-vWnNcaeol] [<Socket> ...]
netstat { [-vWeenNac] -I[<Iface>] | [-veenNac] -i | [-cnNe] -M | -s [-6tuw] } [delay]
-r, --route 显示路由表
-I, --interfaces=<Iface> display interface table for <Iface>
-i, --interfaces display interface table
-g, --groups display multicast group memberships
-s, --statistics 显示网络统计信息(如SNMP)
-M, --masquerade display masqueraded connections
-v, --verbose be verbose
-W, --wide don't truncate IP addresses
-n, --numeric 拒绝显示别名,以数字形式显示,不要解析名字
--numeric-hosts 不要解析主机名
--numeric-ports 不要解析端口名
--numeric-users 不要解析用户名
-N, --symbolic 解析硬件名称
-e, --extend 显示其他/更多信息
-p, --programs 显示套接字的PID /程序名称
-o, --timers 显示计时器
-c, --continuous 每隔一个固定时间,执行该netstat命令
-l, --listening 显示监听服务器套接字
-a, --all 显示所有套接字 (default: connected)
-F, --fib display Forwarding Information Base (default)
-C, --cache display routing cache instead of FIB
-Z, --context display SELinux security context for sockets
<Socket>={-t|--tcp} {-u|--udp} {-U|--udplite} {-S|--sctp} {-w|--raw}
{-x|--unix} --ax25 --ipx --netrom
-t(tcp) 仅显示tcp相关选项
-u(udp) 仅显示udp相关选项
<AF>=Use '-6|-4' or '-A <af>' or '--<af>'; default: inet
List of possible address families (which support routing):
inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25)
netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP)
x25 (CCITT X.25)
3.示例
3.1.组合查看(常用)
[root@itbkz ~]#netstat -nultp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 6341/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 6544/master tcp6 0 0 :::22 :::* LISTEN 6341/sshd tcp6 0 0 ::1:25 :::* LISTEN 6544/master udp 0 0 127.0.0.1:323 0.0.0.0:* 6088/chronyd udp6 0 0 ::1:323 :::* 6088/chronyd
3.2.默认
[root@itbkz ~]#netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 36 itbkz.com:ssh 192.168.1.58:62521 ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ] DGRAM 26124 /run/systemd/shutdownd unix 2 [ ] DGRAM 28303 /var/run/chrony/chronyd.sock
3.3.列出所有端口
[root@itbkz ~]#netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 36 itbkz.com:ssh 192.168.1.58:62521 ESTABLISHED tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN udp 0 0 localhost:323 0.0.0.0:* udp6 0 0 localhost:323 [::]:* raw6 0 0 [::]:ipv6-icmp [::]:* 7 Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ] DGRAM 26124 /run/systemd/shutdownd unix 2 [ ACC ] STREAM LISTENING 26126 /run/lvm/lvmetad.socket unix 2 [ ACC ] SEQPACKET LISTENING 26145 /run/udev/control unix 2 [ ACC ] STREAM LISTENING 26219 /run/lvm/lvmpolld.socket unix 2 [ ] DGRAM 28303 /var/run/chrony/chronyd.sock ......略
3.4.查看网卡状态
[root@itbkz ~]#netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg ens192 1500 6363 0 3520 0 1303 0 0 0 BMRU lo 65536 64 0 0 0 64 0 0 0 LRU [root@itbkz ~]#netstat -I Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg ens192 1500 6382 0 3529 0 1310 0 0 0 BMRU lo 65536 64 0 0 0 64 0 0 0 LRU
Iface:存在的网卡。MTU:最大传输单元。RX-OK RX-ERR RX-DRP RX-OVR:正确接收数据报的数量以及发生错误、流式、碰撞的总数。TX-OK TX-ERR TX-DRP TX-OVR:正确发送数据报的数量以及发生错误、流式、碰撞的总数3.5.列出所有tcp端口
[root@itbkz ~]#netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 36 itbkz.com:ssh 192.168.1.58:62521 ESTABLISHED tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN
3.6.列出所有udp端口
[root@itbkz ~]#netstat -au Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 localhost:323 0.0.0.0:* udp6 0 0 localhost:323 [::]:*
3.7.列出全部侦听状态的
[root@itbkz ~]#netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN udp 0 0 localhost:323 0.0.0.0:* udp6 0 0 localhost:323 [::]:* raw6 0 0 [::]:ipv6-icmp [::]:* 7 Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 26126 /run/lvm/lvmetad.socket unix 2 [ ACC ] SEQPACKET LISTENING 26145 /run/udev/control unix 2 [ ACC ] STREAM LISTENING 26219 /run/lvm/lvmpolld.socket unix 2 [ ACC ] STREAM LISTENING 30361 private/tlsmgr unix 2 [ ACC ] STREAM LISTENING 1466 /run/systemd/journal/stdout
3.8.列出所有监听tcp端口
[root@itbkz ~]#netstat -lt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN
3.9.列出所有监听udp端口
[root@itbkz ~]#netstat -lu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 localhost:323 0.0.0.0:* udp6 0 0 localhost:323 [::]:*
3.10.只列出unix侦听
[root@itbkz ~]#netstat -lx Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 26126 /run/lvm/lvmetad.socket unix 2 [ ACC ] SEQPACKET LISTENING 26145 /run/udev/control unix 2 [ ACC ] STREAM LISTENING 26219 /run/lvm/lvmpolld.socket unix 2 [ ACC ] STREAM LISTENING 30361 private/tlsmgr
3.11.所有端口的统计信息
[root@itbkz ~]#netstat -s
Ip:
353 total packets received
0 forwarded
0 incoming packets discarded
353 incoming packets delivered
309 requests sent out
15 outgoing packets dropped
Icmp:
33 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
destination unreachable: 32
echo requests: 1
33 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 32
echo replies: 1
IcmpMsg:
InType3: 32
InType8: 1
OutType0: 1
OutType3: 32
Tcp:
0 active connections openings
1 passive connection openings
0 failed connection attempts
0 connection resets received
1 connections established
181 segments received
180 segments send out
0 segments retransmited
0 bad segments received.
0 resets sent
Udp:
59 packets received
32 packets to unknown port received.
0 packet receive errors
109 packets sent
0 receive buffer errors
0 send buffer errors
UdpLite:
TcpExt:
8 delayed acks sent
1 packets directly queued to recvmsg prequeue.
1 bytes directly received in process context from prequeue
30 packet headers predicted
70 acknowledgments not containing data payload received
7 predicted acknowledgments
TCPSackShiftFallback: 2
TCPRcvCoalesce: 1
TCPAutoCorking: 2
TCPOrigDataSent: 154
TCPHystartTrainDetect: 1
TCPHystartTrainCwnd: 16
IpExt:
InMcastPkts: 2
InBcastPkts: 46
InOctets: 29733
OutOctets: 59707
InMcastOctets: 72
InBcastOctets: 5217
InNoECTPkts: 353
3.12.显示TCP统计信息
[root@itbkz ~]#netstat -st
IcmpMsg:
InType3: 32
InType8: 1
OutType0: 1
OutType3: 38
Tcp:
0 active connections openings
1 passive connection openings
0 failed connection attempts
0 connection resets received
1 connections established
190 segments received
189 segments send out
0 segments retransmited
0 bad segments received.
0 resets sent
UdpLite:
TcpExt:
9 delayed acks sent
1 packets directly queued to recvmsg prequeue.
1 bytes directly received in process context from prequeue
32 packet headers predicted
74 acknowledgments not containing data payload received
7 predicted acknowledgments
TCPSackShiftFallback: 2
TCPRcvCoalesce: 1
TCPAutoCorking: 2
TCPOrigDataSent: 160
TCPHystartTrainDetect: 1
TCPHystartTrainCwnd: 16
IpExt:
InMcastPkts: 2
InBcastPkts: 49
InOctets: 31724
OutOctets: 63075
InMcastOctets: 72
InBcastOctets: 5780
InNoECTPkts: 376
3.13.显示UDP统计信息
[root@itbkz ~]#netstat -su
IcmpMsg:
InType3: 32
InType8: 1
OutType0: 1
OutType3: 38
Udp:
64 packets received
38 packets to unknown port received.
0 packet receive errors
115 packets sent
0 receive buffer errors
0 send buffer errors
UdpLite:
IpExt:
InMcastPkts: 2
InBcastPkts: 49
InOctets: 32464
OutOctets: 64779
InMcastOctets: 72
InBcastOctets: 5780
InNoECTPkts: 388
3.14.持续输出信息
[root@itbkz ~]#netstat -atc Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN tcp 0 36 itbkz.com:ssh 192.168.1.58:62521 ESTABLISHED tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:smtp [::]:* LISTEN
3.15.显示路由表信息
[root@itbkz ~]#netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 ens192 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens192
3.16.显示连接会话
[root@itbkz ~]#ss -tu Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port tcp ESTAB 0 0 192.168.1.246:ssh 192.168.1.58:63370 tcp ESTAB 0 36 192.168.1.246:ssh 192.168.1.58:62753
3.17.数字化显示连接会话
[root@itbkz ~]#ss -tun Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port tcp ESTAB 0 0 192.168.1.246:22 192.168.1.58:63370 tcp ESTAB 0 36 192.168.1.246:22 192.168.1.58:62753
