Like us on Facebook!

Like us on Facebook - https://www.facebook.com/eeDevelopers

Monday, 8 April 2013

Linux - netstat

Netstat returns a variety of information on active connections:
  • current status
  • what hosts are involved
  • which programs are involved
You can also see information about the routing table and even get statistics on your network interfaces.
  • netstat -l
    • To get an overview of everything running on your system, use this basic invocation
  • netstat -l -p --tcp --udp
    • display all listening TCP and UDP sockets and program doing the listening
  • netstat -a -p --tcp --udp
    • list all active TCP/UDP connections
  • netstat -t -n | cut -c 68- | sort | uniq -c | sort -n
    • This will show you a sorted list of how many sockets are in each connection state.
  • netstat -tlpn
    • what daemons are running and accepting connections
  • netstat -ulpn
    • for TCP services
  • netstat -s
    • summary of the network stack state counters, going into way more detail than the RX/TX frames dropped counter of ifconfig.
Parameter  Description
  • --a  
    • Displays all connections and listening ports
  • --e  
    • Displays Ethernet statistics
  • --n  
    • Displays addresses and port numbers in numerical form instead of using friendly names
  • --s  
    • Displays statistics categorized by protocol
  • --p
    • protocol  Shows connections for the specified protocol, either TCP or UDP
  • --r  
    • Displays the contents of the routing table interval  Displays selected statistics, pausing interval seconds between each display; press [Ctrl]C to stop displaying statistics
Common states

  • LISTEN
    • The socket is listening for incoming connections. Those sockets are only displayed if the --a or --l switch is set.
  • ESTABLISHED
    • The socket has an established connection.
  • SYN_SENT
    • The socket is actively attempting to establish a connection.
  • SYN_RECV
    • A connection request has been received from the network.
  • TIME_WAIT
    • The socket is waiting after close to handle packets still in the network.
  • FIN_WAIT1
    • The socket is closed, and the connection is shutting down.
  • FIN_WAIT2
    • The connection is closed and the socket is waiting for a shutdown from the remote end.
  • CLOSE_WAIT
    • The remote end has shut down, and it is waiting for the socket to close.
  • CLOSED
    • The socket is not being used. 
Posted by at

No comments:

Post a Comment

Have your say!

Subscribe to: Post Comments (Atom)