显示当前所有的链接
代码语言:javascript复制root@ts:~# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:domain *:* LISTEN
tcp 0 0 testforpaas.21vi:domain *:* LISTEN
tcp 0 0 localhost:5433 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:6010 *:* LISTEN
只显示tcp和dup
代码语言:javascript复制root@ts:~# netstat -tau
禁用反向域名解析,加快查询速度
默认情况下 netstat 会通过反向域名解析技术查找每个 IP 地址对应的主机名。这会降低查找速度。如果你觉得 IP 地址已经足够,而没有必要知道主机名,就使用 -n 选项禁用域名解析功能
代码语言:javascript复制root@ts:~# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 172.16.16.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:5433 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8123 0.0.0.0:* LISTEN
只列出监听中的连接
任何网络服务的后台进程都会打开一个端口,用于监听接入的请求。这些正在监听的套接字也和连接的套接字一样,也能被 netstat 列出来。使用 -l 选项列出正在监听的套接字
代码语言:javascript复制root@ts:~# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 172.16.16.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:5433 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8123 0.0.0.0:* LISTEN
获取进程名、进程号以及用户 ID
代码语言:javascript复制root@ts:~# netstat -tlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:domain *:* LISTEN 1080/dnsmasq
tcp 0 0 testforpaas.21vi:domain *:* LISTEN 1080/dnsmasq
tcp 0 0 localhost:5433 *:* LISTEN 11237/postgres
tcp 0 0 localhost:smtp *:* LISTEN 1371/sendmail: MTA:
tcp 0 0 localhost:6010 *:* LISTEN 9389/6
获取进程名和用户名
代码语言:javascript复制root@ts:~# netstat -tlpe
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 localhost:domain *:* LISTEN root 15870 1080/dnsmasq
tcp 0 0 testforpaas.21vi:domain *:* LISTEN root 15868 1080/dnsmasq
tcp 0 0 localhost:5433 *:* LISTEN postgres 130080 11237/postgres
tcp 0 0 localhost:smtp *:* LISTEN root 17826 1371/sendmail: MTA
显示进程名和用户ID
代码语言:javascript复制root@ts:~# netstat -tlpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 0 15870 1080/dnsmasq
tcp 0 0 172.16.16.1:53 0.0.0.0:* LISTEN 0 15868 1080/dnsmasq
tcp 0 0 127.0.0.1:5433 0.0.0.0:* LISTEN 116 130080 11237/postgres
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 17826 1371/sendmail: MTA
打印统计数据
netstat 可以打印出网络统计数据,包括某个协议下的收发包数量
代码语言:javascript复制root@ts:~# netstat -tns
IcmpMsg:
InType0: 93
InType3: 14674
InType11: 27391
OutType3: 18230
OutType8: 38060
Tcp:
23583 active connections openings
139747 passive connection openings
21350 failed connection attempts
1512 connection resets received
4 connections established
4263613 segments received
4716472 segments send out
171992 segments retransmited
55 bad segments received.
151266 resets sent
显示内核路由信息
代码语言:javascript复制root@ts:~# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.16.16.62 0.0.0.0 UG 0 0 0 ens160
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br-9547a5f0faec
10.20.0.0 10.20.101.9 255.255.0.0 UG 0 0 0 ppp0
打印网络接口
netstat 也能打印网络接口信息,-i 选项就是为这个功能而生
代码语言:javascript复制root@ts:~# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
br-9547a5f0faec 1500 0 55883292 0 0 0 89519216 0 0 0 BMRU
docker0 1500 0 49 0 0 0 16 0 0 0 BMU
ens160 1500 0 152552760 0 611 0 60254997 0 0 0 BMRU
lo 65536 0 583345 0 0 0 583345 0 0 0 LRU
ppp0 1354 0 2157 0 0 0 1679 0 0 0 MOPRU
veth5dd978f 1500 0 12751092 0 0 0 18590019 0 0 0 BMRU
输出友好信息
代码语言:javascript复制root@ts:~# netstat -ei
Kernel Interface table
br-9547a5f0faec Link encap:Ethernet HWaddr 02:42:ee:4b:21:05
inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::42:eeff:fe4b:2105/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55883460 errors:0 dropped:0 overruns:0 frame:0
TX packets:89519456 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7839329499 (7.8 GB) TX bytes:199950345292 (199.9 GB)docker0 Link encap:Ethernet HWaddr 02:42:8f:b2:de:7a
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:8fff:feb2:de7a/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:49 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1372 (1.3 KB) TX bytes:1368 (1.3 KB)
netstat 持续输出
代码语言:javascript复制root@ts:~# netstat -cu
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp6 0 0 localhost:37429 localhost:37429 ESTABLISHED
打印 active 状态的连接
代码语言:javascript复制netstat -atnp | grep ESTA
监视active状态连接
代码语言:javascript复制watch -d -n0 "netstat -atnp | grep ESTA"