1.功能与说明
netstat 用于显示linux中各种网络相关信息。如网络链接 路由表 接口状态链接 多播成员等等。
2.参数含义介绍
-a (all)显示所有选项,默认不显示LISTEN相关
-t (tcp)仅显示tcp相关选项
-u (udp)仅显示udp相关选项
-n 拒绝显示别名,能显示数字的全部转化成数字。
-l 仅列出有在 Listen (监听) 的服務状态
-p 显示建立相关链接的程序名
-r 显示路由信息,路由表
-e 显示扩展信息,例如uid等
-s 按各个协议进行统计
-c 每隔一个固定时间,执行该netstat命令。
提示:LISTEN和LISTENING的状态只有用-a或者-l才能看到
3.常用实例
3.1 列出所有端口
netstat -a
[root@zhz jiehun]# netstat -a|more Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:webcache *:* LISTEN tcp 0 0 *:http *:* LISTEN tcp 0 0 192.168.122.1:domain *:* LISTEN tcp 0 0 localhost.localdomain:d-s-n *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost.loc:simplifymedia *:* LISTEN
3.2 列出所有tcp端口
使用 -t 选项列出 TCP 协议的连接
[root@zhz jiehun]# netstat -at|more Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:webcache *:* LISTEN tcp 0 0 *:http *:* LISTEN tcp 0 0 192.168.122.1:domain *:* LISTEN tcp 0 0 localhost.localdomain:d-s-n *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost.loc:simplifymedia *:* LISTEN
3.3 列出所有udp端口
使用 -u 选项列出 UDP 协议的连接
netstat -au
[root@zhz jiehun]# netstat -au|more Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 *:ideafarm-panic *:* udp 0 0 *:47005 *:* udp 0 0 localhost.loca:memcache *:* udp 0 0 *:55276 *:* udp 0 0 192.168.122.1:domain *:* udp 0 0 *:bootps *:* udp 0 0 *:bootpc *:* udp 0 0 *:sunrpc *:* udp 0 0 *:ipp *:* udp 0 0 *:44236 *:* udp 0 0 *:722 *:*
3.4 只显示监听端口 netstat -l
[root@zhz jiehun]# netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:webcache *:* LISTEN tcp 0 0 *:http *:* LISTEN tcp 0 0 192.168.122.1:domain *:* LISTEN tcp 0 0 localhost.localdomain:d-s-n *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost.loc:simplifymedia *:* LISTEN tcp 0 0 localhost.localdomain:ipp *:* LISTEN tcp 0 0 *:44343 *:* LISTEN tcp 0 0 localhost.localdomain:smtp *:* LISTEN
3.5 只显示监听的tcp端口 netstat -lt
[root@zhz jiehun]# netstat -lt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:webcache *:* LISTEN tcp 0 0 *:http *:* LISTEN tcp 0 0 192.168.122.1:domain *:* LISTEN tcp 0 0 localhost.localdomain:d-s-n *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost.loc:simplifymedia *:* LISTEN tcp 0 0 localhost.localdomain:ipp *:* LISTEN tcp 0 0 *:44343 *:* LISTEN tcp 0 0 localhost.localdomain:smtp *:* LISTEN
3.6 只显示所有监听udp端口 netstat -lu
[root@zhz jiehun]# netstat -lu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 *:ideafarm-panic *:* udp 0 0 *:47005 *:* udp 0 0 *:47551 *:* udp 0 0 localhost.loca:memcache *:* udp 0 0 *:55276 *:* udp 0 0 192.168.122.1:domain *:* udp 0 0 *:bootps *:* udp 0 0 *:bootpc *:* udp 0 0 *:sunrpc *:*
3.7 只列出所有监听unix端口 netstat -lx
[root@zhz jiehun]# netstat -lx Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 21941 /tmp/.X11-unix/X0 unix 2 [ ACC ] STREAM LISTENING 34096 /tmp/orbit-haozheng/linc-cd2-0-5b33fa1ecf0c9 unix 2 [ ACC ] STREAM LISTENING 22263 @/tmp/gdm-greeter-cBlQsyRF unix 2 [ ACC ] STREAM LISTENING 32728 /tmp/.ICE-unix/3103 unix 2 [ ACC ] STREAM LISTENING 36866 @/tmp/dbus-AcJrBlWF unix 2 [ ACC ] STREAM LISTENING 20454 /tmp/mysql.sock
3.8 显示所有端口的统计信息 netstat -s
[root@zhz jiehun]# netstat -s Ip: 1943780 total packets received 2 forwarded 0 incoming packets discarded 1769532 incoming packets delivered 1121573 requests sent out 132 outgoing packets dropped 45867 dropped because of missing route Tcp: 64002 active connections openings 7632 passive connection openings 2309 failed connection attempts 498 connection resets received 8 connections established 1018564 segments received 1022700 segments send out 16835 segments retransmited 2 bad segments received. 552 resets sent Udp: 133420 packets received 7845 packets to unknown port received. 0 packet receive errors 74841 packets sent 0 receive buffer errors 0 send buffer errors
3.9 显示所有tcp(netstat -st)或udp(netstat -su)的统计信息
[root@zhz jiehun]# netstat -su IcmpMsg: InType0: 11 InType3: 13506 OutType3: 13679 OutType8: 11 Udp: 133462 packets received 7869 packets to unknown port received. 0 packet receive errors 74888 packets sent 0 receive buffer errors 0 send buffer errors UdpLite: IpExt: InNoRoutes: 991 InMcastPkts: 24308 OutMcastPkts: 2353 InBcastPkts: 630615 OutBcastPkts: 1546 InOctets: 755319900 OutOctets: 296705252 InMcastOctets: 2908748 OutMcastOctets: 93173 InBcastOctets: 99500419 OutBcastOctets: 299980
3.10 显示pid/进程名称 netstat -p -p可以与其他参数一起使用 比如 显示tcp的进程id信息
[root@zhz jiehun]# netstat -pt Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.0.52:44784 123.150.49.20:http FIN_WAIT2 4207/VirtualBox tcp 0 0 192.168.0.52:46715 ie-in-f125.1e100.net:https ESTABLISHED 4207/VirtualBox tcp 0 0 192.168.0.52:43415 geotrust-ocsp-mtv.veri:http FIN_WAIT2 4207/VirtualBox
3.11 在 netstat 输出中不显示主机,端口和用户名 (host, port or user)当你不想让主机,端口和用户名显示,使用 netstat -n。将会使用数字代替那些名称。同样可以加速输出,因为不用进行比对查询。netstat -ntpl 显示tcp的监听端口 不显示主机端口用户名 用数字代替
[root@zhz jiehun]# netstat -ptnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 971/rpcbind tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 1526/nginx: master tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1526/nginx: master tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1248/dnsmasq tcp 0 0 127.0.0.1:8086 0.0.0.0:* LISTEN 1553/python tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1163/sshd tcp 0 0 127.0.0.1:8087 0.0.0.0:* LISTEN 1553/python tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1140/cupsd tcp 0 0 0.0.0.0:44343 0.0.0.0:* LISTEN 1151/rpc.statd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 18573/sendmail: acc tcp 0 0 127.0.0.1:3002 0.0.0.0:* LISTEN 1004/ruby tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 1526/nginx: master
3.12 一秒钟输出一次tcp监听端口信息 netstat -ntplc
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 971/rpcbind tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 1526/nginx: master tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1526/nginx: master tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1248/dnsmasq tcp 0 0 127.0.0.1:8086 0.0.0.0:* LISTEN 1553/python tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1163/sshd
3.13 显示路由信息 netstat -r
[root@zhz jiehun]# netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface default vrouter 0.0.0.0 UG 0 0 0 eth0 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 192.168.122.0 * 255.255.255.0 U 0 0 0 virb
3.14 显示网络接口列表 netstat -i
[root@zhz jiehun]# netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 4943885 0 0 0 901773 0 0 0 BMRU lo 16436 0 236931 0 0 0 236931 0 0 0 LRU virbr0 1500 0 0 0 0 0 0 0 0 0 BMU