netstat命令
我们可以使用man netstat查看该命令的使用手册。
在手册中标注这个程序已经过时了。netstat的替换为ss。netstat-r的替换是ip路由。netstat-i的替换是ip-s链接。netstat-g的替换是ip maddr
该命令用于输出网络状态
1 不带任何参数命令
其中输出包括两部分:Active Internet connections (w/o servers)和Active UNIX domain sockets (w/o servers)。Active Internet connections (w/o servers)为socket连接。Active UNIX domain sockets (w/o servers)为UNIX域套接字连接,不通过网络层传输数据,而是内核级别的进程之间通信。
Recv-Q和Send-Q分别表示接收队列和发送队列字节数,也就是在途中的数据
Local Address为本地地址和端口,Foreign Address为客户端地址和端口
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 wh2-login-2-1.wh.:46534 wh2-login-2-1.wh.:mysql ESTABLISHED tcp 0 0 wh2-login-2-1.wh.:mysql wh2-login-2-1.wh.:45998 ESTABLISHED tcp 0 0 wh2-login-2-1.wh.:mysql wh2-login-2-1.wh.:46562 ESTABLISHED tcp 0 0 wh2-login-2-1.wh.h:exp1 10.26.1.26:988 ESTABLISHED udp 0 0 wh2-login-2-1.wh.:58302 wh2-login-2-2.wh.h:8650 ESTABLISHED udp 0 0 wh2-login-2-1.wh.:46570 wh2-login-2-1.wh.h:8650 ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 3 [ ] DGRAM 9613 /run/systemd/notify unix 2 [ ] DGRAM 9615 /run/systemd/cgroups-agent unix 5 [ ] DGRAM 9626 /run/systemd/journal/socket unix 24 [ ] DGRAM 9628 /dev/log
2 netstat --route或netstat -r
路由表信息
$ netstat --route Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface default 192.168.160.254 0.0.0.0 UG 0 0 0 em2 //发往任何一个地址都经过192.168.160.254网关 10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 em1 //发往10.0.0.0网段是直接可达的,不需要经过网关 10.49.32.209 192.168.160.254 255.255.255.255 UGH 0 0 0 em2 // 224.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 em1 // 255.255.255.255 0.0.0.0 255.255.255.255 UH 0 0 0 em1 //广播地址不需要经过网关
3 netstat --interfaces
网卡信息
$ netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg em1 1500 929030804 0 15441 0 861262213 0 0 0 BMRU em2 1500 274694218 4 0 0 265690135 0 0 0 BMRU lo 65536 685245949 0 0 0 685245949 0 0 0 LRU
4 比较重要的参数
--numeric/-n,直接显示ip地址,而不是默认输出域名格式
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 10.25.2.101:32950 10.176.41.12:8080 TIME_WAIT tcp 0 0 192.168.160.7:3306 192.168.160.7:50428 ESTABLISHED tcp 0 0 10.25.2.101:1021 10.26.1.26:988 ESTABLISHED
--program/-p,显示进程名
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 wh2-login-2-1.wh.:mysql wh2-login-2-1.wh.:50428 ESTABLISHED - tcp 0 0 localhost.localdo:58568 localhost.localdom:8093 ESTABLISHED 2601/java tcp 0 0 wh2-login-2-1.wh.h:exp2 10.176.48.3:988 ESTABLISHED - tcp 0 0 wh2-login-2-1.wh.bl:ssh 172.19.4.84:64207 ESTABLISHED - tcp 0 0 wh2-login-2-1.wh.h:exp2 10.176.48.7:988 ESTABLISHED - tcp 0 0 wh2-login-2-1.wh.h:1023 10.176.48.8:988 ESTABLISHED - tcp 0 0 wh2-login-2-1.wh.:50750 wh2-login-2-1.wh.:mysql ESTABLISHED 17154/java
--listen/-l,显示处于监听状态的连接
$ netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 localhost.localdom:smux 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:cslistener 0.0.0.0:* LISTEN tcp 0 0 wh2-login-2-1.wh.h:7946 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8650 0.0.0.0:* LISTEN
--all/-a
显示listening和非listening的连接
$ netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8650 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8093 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8098 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN tcp 0 0 wh2-login-2-1.wh.:mysql wh2-login-2-1.wh.:50428 ESTABLISHED tcp 0 0 wh2-login-2-1.wh.h:exp1 10.26.1.26:988 ESTABLISHED tcp 0 0 wh2-login-2-1.wh.h:exp1 10.176.48.10:988 ESTABLISHED tcp 0 0 wh2-login-2-1.wh.:mysql wh2-login-2-1.wh.:50956 ESTABLISHED
