netstat 简介
- man netstat
要了解linux下的netstat命令,通过 man netstat ,简介如下:
netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships,即
netstat
netstat -a
OUTPUT
Active Internet connections (TCP, UDP, UDPLite, raw)
Proto
The protocol (tcp, udp, udpl, raw) used by the socket.
Recv-Q
Established: The count of bytes not copied by the user program connected to this socket. Listening: Since Kernel 2.6.18 this column contains the current syn backlog.
Send-Q
Established: The count of bytes not acknowledged by the remote host. Listening: Since Kernel 2.6.18 this column contains the maximum size of the syn backlog.
Local Address
Address and port number of the local end of the socket. Unless the --numeric (-n) option is specified, the socket address is resolved to its canonical host name (FQDN), and the port number is translated into the corresponding service name.
Foreign Address
Address and port number of the remote end of the socket. Analogous to "Local Address."
State
The state of the socket. Since there are no states in raw mode and usually no states used in UDP and UDPLite, this column may be left blank. Normally this can be one of several values:
ESTABLISHED
The socket has an established connection.
SYN_SENT
The socket is actively attempting to establish a connection.
SYN_RECV
A connection request has been received from the network.
FIN_WAIT1
The socket is closed, and the connection is shutting down.
FIN_WAIT2
Connection is closed, and the socket is waiting for a shutdown from the remote end.
TIME_WAIT
The socket is waiting after close to handle packets still in the network.
CLOSE The socket is not being used.
CLOSE_WAIT
The remote end has shut down, waiting for the socket to close.
LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the --listening (-l) or --all (-a) option.
CLOSING
Both sockets are shut down but we still don't have all our data sent.
UNKNOWN
The state of the socket is unknown.
tcp6 can handle IP version 6. If you only use IPV4, you should use tcp instead of tcp6
实验环境 :
CentOS Linux release 7.3.1611 (Core)
参考链接:
每天一个linux命令(56):netstat命令: https://www.cnblogs.com/peida/archive/2013/03/08/2949194.html,
Linux netstat命令详解: https://www.cnblogs.com/ggjucheng/archive/2012/01/08/2316661.html,
TCP协议中的三次握手和四次挥手(图解): https://blog.csdn.net/whuslei/article/details/6667471/,
TCP三次握手和四次挥手过程: https://www.cnblogs.com/Andya/p/7272462.html,
IPtables中SNAT和MASQUERADE的区别: http://server.zhiding.cn/server/2008/0317/772069.shtml,
