Linux - netstat 查看系统端口占用和监听情况

2022-11-30 14:09:35 浏览数 (2)

文章目录

  • 功能
  • 语法
  • 示例
    • 显示 tcp,udp 的端口和进程
    • Show both listening and non-listening sockets
    • List all tcp ports.
    • List all udp ports
    • List only listening ports
    • List only listening TCP ports.
    • List only listening UDP ports.
    • List only the listening UNIX ports
    • List the statistics for all ports.
    • List the statistics for TCP (or) UDP ports.
    • Display PID and program names in the output.
    • Print the netstat information continuously.
    • The kernel routing information.
    • The port on which a program is running.
    • Which process is using a particular port:

功能

netstat 命令用于显示各种网络相关信息,比如网络连接,路由表,接口状态 (Interface Statistics),masquerade 连接,多播成员 Multicast Memberships等等


语法

列几个比较常用的

  • -t (tcp) 仅显示tcp相关选项
  • -u (udp)仅显示udp相关选项
  • -n 拒绝显示别名,能显示数字的全部转化为数字
  • -l 仅列出在Listen(监听)的服务状态
  • -p 显示建立相关链接的程序名

  • -a或–all:显示所有连线中的Socket;
  • -A<网络类型>或–<网络类型>:列出该网络类型连线中的相关地址;
  • -c或–continuous:持续列出网络状态;
  • -C或–cache:显示路由器配置的快取信息;
  • -e或–extend:显示网络其他相关信息;
  • -F或–fib:显示FIB;
  • -g或–groups:显示多重广播功能群组组员名单;
  • -h或–help:在线帮助;
  • -i或–interfaces:显示网络界面信息表单;
  • -l或–listening:显示监控中的服务器的Socket;
  • -M或–masquerade:显示伪装的网络连线;
  • -n或–numeric:直接使用ip地址,而不通过域名服务器;
  • -N或–netlink或–symbolic:显示网络硬件外围设备的符号连接名称;
  • -o或–timers:显示计时器;
  • -p或–programs:显示正在使用Socket的程序识别码和程序名称;
  • -r或–route:显示Routing Table;
  • -s或–statistice:显示网络工作信息统计表;
  • -t或–tcp:显示TCP传输协议的连线状况;
  • -u或–udp:显示UDP传输协议的连线状况;
  • -v或–verbose:显示指令执行过程;
  • -V或–version:显示版本信息;
  • -w或–raw:显示RAW传输协议的连线状况;
  • -x或–unix:此参数的效果和指定"-A unix"参数相同;
  • –ip或–inet:此参数的效果和指定"-A inet"参数相同。

示例

显示 tcp,udp 的端口和进程

代码语言:javascript复制
 netstat -tunlp

这里我们简单科普一下网络连接状态State的含义 :

  • LISTEN:(Listening for a connection.)侦听来自远方的TCP端口的连接请求

  • SYN-SENT:(Active; sent SYN. Waiting for a matching connection request after having sent a connection request.)再发送连接请求后等待匹配的连接请求

  • SYN-RECEIVED:(Sent and received SYN. Waiting for a confirming connection request acknowledgment after having both received and sent connection requests.)再收到和发送一个连接请求后等待对方对连接请求的确认

  • ESTABLISHED:(Connection established.)代表一个打开的连接

  • FIN-WAIT-1:(Closed; sent FIN.)等待远程TCP连接中断请求,或先前的连接中断请求的确认

  • FIN-WAIT-2:(Closed; FIN is acknowledged; awaiting FIN.)从远程TCP等待连接中断请求

  • CLOSE-WAIT:(Received FIN; waiting to receive CLOSE.)等待从本地用户发来的连接中断请求

  • CLOSING:(Closed; exchanged FIN; waiting for FIN.)等待远程TCP对连接中断的确认

  • LAST-ACK:(Received FIN and CLOSE; waiting for FIN ACK.)等待原来的发向远程TCP的连接中断请求的确认

  • TIME-WAIT:(In 2 MSL (twice the maximum segment length) quiet wait after close. )等待足够的时间以确保远程TCP接收到连接中断请求的确认

  • CLOSED:(Connection is closed.)没有任何连接状态

Show both listening and non-listening sockets

代码语言:javascript复制
# netstat -a | more : To show both listening and 
non-listening sockets.

List all tcp ports.

代码语言:javascript复制
# netstat -at : To list all tcp ports.

List all udp ports

代码语言:javascript复制
# netstat -au : To list all udp ports.

List only listening ports

代码语言:javascript复制
# netstat -l : To list only the listening ports.

List only listening TCP ports.

代码语言:javascript复制
# netstat -lt : To list only the listening tcp ports.

List only listening UDP ports.

代码语言:javascript复制
# netstat -lu : To list only the listening udp ports.

List only the listening UNIX ports

代码语言:javascript复制
# netstat -lx : To list only the listening UNIX ports

List the statistics for all ports.

代码语言:javascript复制
# netstat -s : To list the statistics for all ports.

List the statistics for TCP (or) UDP ports.

代码语言:javascript复制
# netstat -st(TCP) : To list the statistics for TCP ports.
代码语言:javascript复制
# netstat -su(UDP) : List the statistics for UDP ports.

Display PID and program names in the output.

代码语言:javascript复制
# netstat -pt : To display the PID and program names.

Print the netstat information continuously.

代码语言:javascript复制
# netstat -c : To print the netstat information continuously.

The kernel routing information.

代码语言:javascript复制
# netstat -r : To get the kernel routing information.

The port on which a program is running.

代码语言:javascript复制
# netstat -ap | grep ssh : To get the port
on which a program is running.

Which process is using a particular port:

代码语言:javascript复制
# netstat -an | grep ':80' : To get the process
which is using the given port.

0 人点赞