netstat的10个基本用法

2021-11-15 17:54:52 浏览数 (1)

显示当前所有的链接

代码语言:javascript复制
root@ts:~# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 localhost:domain        *:*                     LISTEN    
tcp        0      0 testforpaas.21vi:domain *:*                     LISTEN    
tcp        0      0 localhost:5433          *:*                     LISTEN    
tcp        0      0 localhost:smtp          *:*                     LISTEN    
tcp        0      0 localhost:6010          *:*                     LISTEN

只显示tcp和dup

代码语言:javascript复制
root@ts:~# netstat -tau

禁用反向域名解析,加快查询速度

默认情况下 netstat 会通过反向域名解析技术查找每个 IP 地址对应的主机名。这会降低查找速度。如果你觉得 IP 地址已经足够,而没有必要知道主机名,就使用 -n 选项禁用域名解析功能

代码语言:javascript复制
root@ts:~# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN    
tcp        0      0 172.16.16.1:53          0.0.0.0:*               LISTEN    
tcp        0      0 127.0.0.1:5433          0.0.0.0:*               LISTEN    
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN    
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN    
tcp        0      0 0.0.0.0:8123            0.0.0.0:*               LISTEN

只列出监听中的连接

任何网络服务的后台进程都会打开一个端口,用于监听接入的请求。这些正在监听的套接字也和连接的套接字一样,也能被 netstat 列出来。使用 -l 选项列出正在监听的套接字

代码语言:javascript复制
root@ts:~# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN    
tcp        0      0 172.16.16.1:53          0.0.0.0:*               LISTEN    
tcp        0      0 127.0.0.1:5433          0.0.0.0:*               LISTEN    
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN    
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN    
tcp        0      0 0.0.0.0:8123            0.0.0.0:*               LISTEN

获取进程名、进程号以及用户 ID

代码语言:javascript复制
root@ts:~# netstat -tlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 localhost:domain        *:*                     LISTEN      1080/dnsmasq    
tcp        0      0 testforpaas.21vi:domain *:*                     LISTEN      1080/dnsmasq    
tcp        0      0 localhost:5433          *:*                     LISTEN      11237/postgres  
tcp        0      0 localhost:smtp          *:*                     LISTEN      1371/sendmail: MTA:
tcp        0      0 localhost:6010          *:*                     LISTEN      9389/6

获取进程名和用户名

代码语言:javascript复制
root@ts:~# netstat -tlpe
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode       PID/Program name
tcp        0      0 localhost:domain        *:*                     LISTEN      root       15870       1080/dnsmasq    
tcp        0      0 testforpaas.21vi:domain *:*                     LISTEN      root       15868       1080/dnsmasq    
tcp        0      0 localhost:5433          *:*                     LISTEN      postgres   130080      11237/postgres  
tcp        0      0 localhost:smtp          *:*                     LISTEN      root       17826       1371/sendmail: MTA

显示进程名和用户ID

代码语言:javascript复制
root@ts:~# netstat -tlpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode       PID/Program name
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      0          15870       1080/dnsmasq    
tcp        0      0 172.16.16.1:53          0.0.0.0:*               LISTEN      0          15868       1080/dnsmasq    
tcp        0      0 127.0.0.1:5433          0.0.0.0:*               LISTEN      116        130080      11237/postgres  
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      0          17826       1371/sendmail: MTA

打印统计数据

netstat 可以打印出网络统计数据,包括某个协议下的收发包数量

代码语言:javascript复制
root@ts:~# netstat -tns
IcmpMsg:
   InType0: 93
   InType3: 14674
   InType11: 27391
   OutType3: 18230
   OutType8: 38060
Tcp:
   23583 active connections openings
   139747 passive connection openings
   21350 failed connection attempts
   1512 connection resets received
   4 connections established
   4263613 segments received
   4716472 segments send out
   171992 segments retransmited
   55 bad segments received.
   151266 resets sent

显示内核路由信息

代码语言:javascript复制
root@ts:~# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         172.16.16.62    0.0.0.0         UG        0 0          0 ens160
10.0.0.0        0.0.0.0         255.255.255.0   U         0 0          0 br-9547a5f0faec
10.20.0.0       10.20.101.9     255.255.0.0     UG        0 0          0 ppp0

打印网络接口

netstat 也能打印网络接口信息,-i 选项就是为这个功能而生

代码语言:javascript复制
root@ts:~# netstat -i
Kernel Interface table
Iface   MTU Met   RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
br-9547a5f0faec  1500 0  55883292      0      0 0      89519216      0      0      0 BMRU
docker0    1500 0        49      0      0 0            16      0      0      0 BMU
ens160     1500 0  152552760      0    611 0      60254997      0      0      0 BMRU
lo        65536 0    583345      0      0 0        583345      0      0      0 LRU
ppp0       1354 0      2157      0      0 0          1679      0      0      0 MOPRU
veth5dd978f  1500 0  12751092      0      0 0      18590019      0      0      0 BMRU

输出友好信息

代码语言:javascript复制
root@ts:~# netstat -ei
Kernel Interface table
br-9547a5f0faec Link encap:Ethernet  HWaddr 02:42:ee:4b:21:05  
         inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
         inet6 addr: fe80::42:eeff:fe4b:2105/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:55883460 errors:0 dropped:0 overruns:0 frame:0
         TX packets:89519456 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:7839329499 (7.8 GB)  TX bytes:199950345292 (199.9 GB)docker0   Link encap:Ethernet  HWaddr 02:42:8f:b2:de:7a  
         inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
         inet6 addr: fe80::42:8fff:feb2:de7a/64 Scope:Link
         UP BROADCAST MULTICAST  MTU:1500  Metric:1
         RX packets:49 errors:0 dropped:0 overruns:0 frame:0
         TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:1372 (1.3 KB)  TX bytes:1368 (1.3 KB)

netstat 持续输出

代码语言:javascript复制
root@ts:~# netstat -cu
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
udp6       0      0 localhost:37429         localhost:37429         ESTABLISHED

打印 active 状态的连接

代码语言:javascript复制
netstat -atnp | grep ESTA

监视active状态连接

代码语言:javascript复制
watch -d -n0 "netstat -atnp | grep ESTA"

0 人点赞