热门标签
热门文章
- 1mysql对以逗号分隔的字段内容进行查询——find_in_set函数或locate函数或position函数_mybatis 逗号分隔查询
- 2创建maven项目 index.jsp 报错解决办法_maven 常规项目 无法 访问index.jsp
- 3Android源码开发记录-自定义系统服务和jar包生成_android jar 打包aidl文件
- 4; #clock-c" href="/w/2023面试高手/article/detail/275303" target="_blank">RK3288下添加PCF8563 RTC支持_compatible = "nxp,pcf8563"; reg = <0x51>; #clock-c
- 5html隐藏微信右上角三个点,刚刚发现,原来微信右上角的三个小点还藏着这种功能,真的很实用...
- 6Mysql数据库select语句取出指定字段并按照逗号分隔的方法函数:GROUP_CONCAT_select 结果用逗号分割
- 7uniapp ios保存本地照片权限 uniapp存储权限
- 8从零开始uniapp微信小程序项目到发布(超级详细)_hbuilder怎么发布unapp到微信小程序
- 9鸿蒙java开发文档 鸿蒙 开发教程_鸿蒙开发java
- 10AIGC——ComfyUI 安装与基础使用
当前位置: article > 正文
linux中netstat命令详解及常见用法
作者:小小林熬夜学编程 | 2024-03-16 19:27:24
赞
踩
linux中netstat命令详解及常见用法
在Linux使用过程中,需要了解当前系统开放了哪些端口,并且要查看开放这些端口的具体进程和用户,可以通过netstat命令进行简单查询
1.netstat命令各个参数说明
-a 或–all 显示所有连线中的Socket。 -A <网络类型>或–<网络类型> 列出该网络类型连线中的相关地址。 -c 或–continuous 持续列出网络状态。 -C 或–cache 显示路由器配置的快取信息。 -e 或–extend 显示网络其他相关信息。 -F 或 –fib 显示FIB。 -g 或–groups 显示多重广播功能群组组员名单。 -h 或–help 在线帮助。 -i 或–interfaces 显示网络界面信息表单。 -l 或–listening 显示监控中的服务器的Socket。 -M 或–masquerade 显示伪装的网络连线。 -n 或–numeric 直接使用IP地址,而不通过域名服务器。 -N 或–netlink或–symbolic 显示网络硬件外围设备的符号连接名称。 -o 或–timers 显示计时器。 -p 或–programs 显示正在使用Socket的程序识别码和程序名称。 -r 或–route 显示 Routing Table。 -s 或–statistice 显示网络工作信息统计表。 -t 或–tcp 显示TCP 传输协议的连线状况。 -u或–udp 显示UDP传输协议的连线状况。 -v或–verbose 显示指令执行过程。 -V 或–version 显示版本信息。 -w或–raw 显示RAW传输协议的连线状况。 -x或–unix 此参数的效果和指定”-A unix”参数相同。 –ip或–inet 此参数的效果和指定”-A inet”参数相同。
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
2.查看当前所有tcp端口使用情况
这里解释一下: 1、0.0.0.0代表本机上可用的任意地址。 比如0.0.0.0:135 表示本机上所有地址的135端口,这样多ip计算机就不用重复显示了。 2、TCP 0.0.0.0:80表示在所有的可用接口上监听TCP80端口 3、0.0.0.0为默认路由,即要到达不再路由表里面的网段的包都走0.0.0.0这条规则 然后127.0.0.1就是表示你本机ip地址的意思了。 然后[::]:21这又是什么鬼? 这个表示ipv6的21号端口的意思。 还有UDP的外部链接怎么都是*:*呢? *:*是网址的通配符,就是192.168.15.12,这个类型的整体描述 这里解释一下: 1、0.0.0.0代表本机上可用的任意地址。 比如0.0.0.0:135 表示本机上所有地址的135端口,这样多ip计算机就不用重复显示了。 2、TCP 0.0.0.0:80表示在所有的可用接口上监听TCP80端口 3、0.0.0.0为默认路由,即要到达不再路由表里面的网段的包都走0.0.0.0这条规则 然后127.0.0.1就是表示你本机ip地址的意思了。 然后[::]:21这又是什么鬼? 这个表示ipv6的21号端口的意思。 还有UDP的外部链接怎么都是*:*呢? *:*是网址的通配符,就是192.168.15.12,这个类型的整体描述 注意:127.0.0.1 和 0.0.0.0 是两种不同的网络地址。127.0.0.1 是一个环回地址,只能本地访问,用于本地测试和调试12。0.0.0.0 是一个通配地址,可以接受来自本地和外部网络的连接,用于在开发环境中监听所有可用的网络接口
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
3.tcp端口使用的状态解释
LISTEN:(Listening for a connection.)侦听来自远方的TCP端口的连接请求 SYN-SENT:(Active; sent SYN. Waiting for a matching connection request after having sent a connection request.)再发送连接请求后等待匹配的连接请求 SYN-RECEIVED:(Sent and received SYN. Waiting for a confirming connection request acknowledgment after having both received and sent connection requests.)再收到和发送一个连接请求后等待对方对连接请求的确认 ESTABLISHED:(Connection established.)代表一个打开的连接 FIN-WAIT-1:(Closed; sent FIN.)等待远程TCP连接中断请求,或先前的连接中断请求的确认 FIN-WAIT-2:(Closed; FIN is acknowledged; awaiting FIN.)从远程TCP等待连接中断请求 CLOSE-WAIT:(Received FIN; waiting to receive CLOSE.)等待从本地用户发来的连接中断请求 CLOSING:(Closed; exchanged FIN; waiting for FIN.)等待远程TCP对连接中断的确认 LAST-ACK:(Received FIN and CLOSE; waiting for FIN ACK.)等待原来的发向远程TCP的连接中断请求的确认 TIME-WAIT:(In 2 MSL (twice the maximum segment length) quiet wait after close. )等待足够的时间以确保远程TCP接收到连接中断请求的确认 CLOSED:(Connection is closed.)没有任何连接状态 UNKNOWN:套接字状态未知
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
4.netstat的10个基本用法
①:列出所有连接
[root@VM-12-14-centos test]# netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:65311 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:53118 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:64199 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.stati:954 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:25276 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:39902 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:51665 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:13772 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:12621 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:17978 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:63730 SYN_RECV tcp 0 0 0.0.0.0:epmd 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN tcp 0 0 VM-12-14-centos:domain 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 VM-12-14-centos:ipp 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:kerberos 0.0.0.0:* LISTEN tcp 0 0 VM-12-14:x11-ssh-offset 0.0.0.0:* LISTEN tcp 0 0 VM-12-14-centos:57884 VM-12-14-centos:epmd TIME_WAIT tcp 0 0 VM-12-14-centos:52702 169.254.0.138:8186 ESTABLISHED tcp 0 0 VM-12-14-centos:epmd VM-12-14-centos:40859 ESTABLISHED tcp 0 0 VM-12-14-centos:40859 VM-12-14-centos:epmd ESTABLISHED tcp 0 48 VM-12-14-centos:ssh 120.224.104.72:52646 ESTABLISHED 常见字段解释 proto 套接字使用的协议是什么 Recv-0 连接这个套接字的用户,还未拷贝的字节数 Send-0 远程主机还未确认的字节数 Local address套接字(一个连接情况)本地的地址和端口号317 Foreign Address 套接字的远程主机地址和口号 State套接字的运行情况
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
②:只列出TCP或UDP协议的连接
使用 -t 选项列出 TCP 协议的连接 [root@VM-12-14-centos test]# netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:24962 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:12954 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:21002 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:65432 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:39178 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:47736 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:49636 SYN_RECV tcp 0 0 VM-12-14-centos:http 45.135.201.241:59717 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:32799 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:14283 SYN_RECV tcp 0 0 VM-12-14-centos:http 103-148-72-71.sta:56900 SYN_RECV 使用 -u 选项列出 UDP 协议的连接 [root@VM-12-14-centos test]# netstat -au Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:884 0.0.0.0:* udp 0 0 0.0.0.0:mdns 0.0.0.0:* udp 0 0 VM-12-14-centos:domain 0.0.0.0:* udp 0 0 0.0.0.0:bootps 0.0.0.0:* udp 0 0 0.0.0.0:bootpc 0.0.0.0:* udp 0 0 0.0.0.0:sunrpc 0.0.0.0:* udp 0 0 VM-12-14-centos:ntp 0.0.0.0:* udp 0 0 VM-12-14-centos:ntp 0.0.0.0:* udp 0 0 0.0.0.0:45625 0.0.0.0:* udp6 0 0 [::]:884 [::]:* udp6 0 0 [::]:sunrpc [::]:* udp6 0 0 VM-12-14-centos:ntp [::]:* udp6 0 0 VM-12-14-centos:ntp [::]:*
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
③:禁用反向域名解析,加快查询速度
默认情况下 netstat 会通过反向域名解析技术查找每个 IP 地址对应的主机名。这会降低查找速度。如果你觉得 IP 地址已经足够,而没有必要知道主机名,就使用 -n 选项禁用域名解析功能 [root@VM-12-14-centos test]# netstat -an Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 10.0.12.14:80 103.148.72.71:36631 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:8279 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:65432 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:43150 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:58653 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:12405 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:25388 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:41411 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:56328 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:3576 SYN_RECV tcp 0 0 10.0.12.14:80 103.148.72.71:7845 SYN_RECV
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
④:只列出监听中的连接
任何网络服务的后台进程都会打开一个端口,用于监听接入的请求。这些正在监听的套接字也和连接的套接字一样,也能被 netstat 列出来。使用 -l 选项列出正在监听的套接字 [root@VM-12-14-centos test]# netstat -tnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:4369 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN tcp6 0 0 :::5672 :::* LISTEN tcp6 0 0 :::3306 :::* LISTEN tcp6 0 0 :::5901 :::* LISTEN tcp6 0 0 :::111 :::* LISTEN tcp6 0 0 :::4369 :::* LISTEN tcp6 0 0 :::6001 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:631 :::* LISTEN tcp6 0 0 ::1:6010 :::* LISTEN 现在我们可以看到处于监听状态的 TCP 端口和连接。如果你查看所有监听端口,去掉 -t 选项。如果你只想查看 UDP 端口,使用 -u 选项,代替 -t 选项。 注意:不要使用 -a 选项,否则 netstat 会列出所有连接,而不仅仅是监听端口
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
⑤:获取进程名、进程号以及用户ID
查看端口和连接的信息时,能查看到它们对应的进程名和进程号对系统管理员来说是非常有帮助的。举个栗子,Apache 的 httpd 服务开启80端口,如果你要查看 http 服务是否已经启动,或者 http 服务是由 apache 还是 nginx 启动的,这时候你可以看看进程名 使用 -p 选项查看进程信息 [root@VM-12-14-centos test]# netstat -nlpt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 1110/beam.smp tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 21083/docker-proxy tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN 1508/Xvnc tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 713/rpcbind tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1407/nginx: master tcp 0 0 0.0.0.0:4369 0.0.0.0:* LISTEN 2136/epmd tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN 1508/Xvnc tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1950/dnsmasq tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1372/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1119/cupsd tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 1110/beam.smp tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN 1407/nginx: master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 3701/sshd: root@pts tcp6 0 0 :::5672 :::* LISTEN 1110/beam.smp tcp6 0 0 :::3306 :::* LISTEN 21088/docker-proxy tcp6 0 0 :::5901 :::* LISTEN 1508/Xvnc tcp6 0 0 :::111 :::* LISTEN 713/rpcbind tcp6 0 0 :::4369 :::* LISTEN 2136/epmd tcp6 0 0 :::6001 :::* LISTEN 1508/Xvnc tcp6 0 0 :::22 :::* LISTEN 1372/sshd tcp6 0 0 ::1:631 :::* LISTEN 1119/cupsd tcp6 0 0 ::1:6010 :::* LISTEN 3701/sshd: root@pts 使用 -p 选项时,netstat 必须运行在 root 权限之下,不然它就不能得到运行在 root 权限下的进程名,而很多服务包括 http 和 ftp 都运行在 root 权限之下 相比进程名和进程号而言,查看进程的拥有者会更有用。使用 -ep 选项可以同时查看进程名和用户名 [root@VM-12-14-centos test]# netstat -ltpe Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN rabbitmq 35092 1110/beam.smp tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN root 138883 21083/docker-proxy tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN root 31801 1508/Xvnc tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN root 19890 713/rpcbind tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN root 31241 1407/nginx: master tcp 0 0 0.0.0.0:epmd 0.0.0.0:* LISTEN rabbitmq 34894 2136/epmd tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN root 31793 1508/Xvnc tcp 0 0 VM-12-14-centos:domain 0.0.0.0:* LISTEN root 32486 1950/dnsmasq tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN root 30494 1372/sshd tcp 0 0 VM-12-14-centos:ipp 0.0.0.0:* LISTEN root 26582 1119/cupsd tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN rabbitmq 39837 1110/beam.smp tcp 0 0 0.0.0.0:kerberos 0.0.0.0:* LISTEN root 31242 1407/nginx: master tcp 0 0 VM-12-14:x11-ssh-offset 0.0.0.0:* LISTEN root 2148874 3701/sshd: root@pts tcp6 0 0 [::]:amqp [::]:* LISTEN rabbitmq 38151 1110/beam.smp tcp6 0 0 [::]:mysql [::]:* LISTEN root 137704 21088/docker-proxy tcp6 0 0 [::]:5901 [::]:* LISTEN root 31802 1508/Xvnc tcp6 0 0 [::]:sunrpc [::]:* LISTEN root 19893 713/rpcbind tcp6 0 0 [::]:epmd [::]:* LISTEN rabbitmq 34895 2136/epmd tcp6 0 0 [::]:6001 [::]:* LISTEN root 31792 1508/Xvnc tcp6 0 0 [::]:ssh [::]:* LISTEN root 30579 1372/sshd tcp6 0 0 VM-12-14-centos:ipp [::]:* LISTEN root 26581 1119/cupsd tcp6 0 0 VM-12-14:x11-ssh-offset [::]:* LISTEN root 2148873 3701/sshd: root@pts 上面列出 TCP 协议下的监听套接字,同时显示进程信息和一些额外信息。 这些额外的信息包括用户名和进程的索引节点号。这个命令对网管来说很有用。 注意 - 假如你将 -n 和 -e 选项一起使用,User 列的属性就是用户的 ID 号,而不是用户名
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
⑥:打印统计数据
netstat 可以打印出网络统计数据,包括某个协议下的收发包数量 [root@VM-12-14-centos test]# netstat -s Ip: 619929 total packets received 1265 forwarded 0 incoming packets discarded 618658 incoming packets delivered 762156 requests sent out 40 dropped because of missing route Icmp: 42560 ICMP messages received 29 input ICMP message failed. ICMP input histogram: destination unreachable: 34 redirects: 8 echo requests: 42518 42615 ICMP messages sent 0 ICMP messages failed ICMP output histogram: destination unreachable: 97 echo replies: 42518 IcmpMsg: InType3: 34 InType5: 8 InType8: 42518 OutType0: 42518 OutType3: 97 Tcp: 33204 active connections openings 35706 passive connection openings 5010 failed connection attempts 963 connection resets received 7 connections established 557820 segments received 689021 segments send out 175537 segments retransmited 19 bad segments received. 59219 resets sent InCsumErrors: 12 Udp: 17262 packets received 102 packets to unknown port received. 0 packet receive errors 17381 packets sent 0 receive buffer errors 0 send buffer errors UdpLite: TcpExt: 7565 invalid SYN cookies received 5010 resets received for embryonic SYN_RECV sockets 11 packets pruned from receive queue because of socket buffer overrun 1 ICMP packets dropped because they were out-of-window 2997 TCP sockets finished time wait in fast timer 3 packets rejects in established connections because of timestamp 15638 delayed acks sent 4 delayed acks further delayed because of locked socket Quick ack mode was activated 658 times 4 SYNs to LISTEN sockets dropped 1224 packets directly queued to recvmsg prequeue. 235 bytes directly received in process context from prequeue 58146 packet headers predicted 184612 acknowledgments not containing data payload received 34227 predicted acknowledgments 30 times recovered from packet loss by selective acknowledgements 1 congestion windows recovered without slow start by DSACK 127 congestion windows recovered without slow start after partial ack 1 timeouts after reno fast retransmit 12 timeouts after SACK recovery 1 timeouts in loss state 24 fast retransmits 6 forward retransmits 32 retransmits in slow start 197634 other TCP timeouts TCPLossProbes: 3946 TCPLossProbeRecovery: 509 5 SACK retransmits failed 632 DSACKs sent for old packets 3 DSACKs sent for out of order packets 1530 DSACKs received 2523 connections reset due to unexpected data 861 connections reset due to early user close 51 connections aborted due to timeout TCPDSACKIgnoredNoUndo: 419 TCPSpuriousRTOs: 2 TCPSackShiftFallback: 169 TCPRcvCoalesce: 38207 TCPOFOQueue: 2251 TCPOFOMerge: 3 TCPChallengeACK: 123 TCPSYNChallenge: 7 TCPWantZeroWindowAdv: 1 TCPSynRetrans: 164576 TCPOrigDataSent: 232528 TCPACKSkippedSynRecv: 10 TCPACKSkippedSeq: 2 TCPACKSkippedChallenge: 1 IpExt: InNoRoutes: 6 InMcastPkts: 1111 OutMcastPkts: 1123 InOctets: 105748257 OutOctets: 99010928 InMcastOctets: 55945 OutMcastOctets: 60254 InNoECTPkts: 654410 InECT1Pkts: 2870 InECT0Pkts: 1
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
⑦:显示内核路由信息
使用 -r 选项打印内核路由信息。打印出来的信息与 route 命令输出的信息一样。我们也可以使用 -n 选项禁止域名解析 [root@VM-12-14-centos test]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 10.0.12.1 0.0.0.0 UG 0 0 0 eth0 10.0.0.0 10.0.12.1 255.255.255.0 UG 0 0 0 eth0 10.0.0.10 10.0.13.1 255.255.255.255 UGH 0 0 0 eth0 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.0.12.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-a0d112e232a1 172.19.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-23353f657e8b 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 224.0.0.0 - 240.0.0.0 ! - - - - 224.0.0.0 0.0.0.0 240.0.0.0 U 0 0 0 eth0
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
⑧:打印网络接口
netstat 也能打印网络接口信息,-i 选项就是为这个功能而生 [root@VM-12-14-centos test]# netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg br-23353f657e8b 1500 711 0 0 0 706 0 0 0 BMU br-a0d112e232a1 1500 711 0 0 0 706 0 0 0 BMU docker0 1500 711 0 0 0 698 0 0 0 BMRU eth0 1500 646680 0 0 0 751767 0 0 0 BMRU eth0:1 1500 - no statistics available - BMRU eth0:2 1500 - no statistics available - BMRU lo 65536 21313 0 0 0 21313 0 0 0 LRU vethfb859b6 1500 711 0 0 0 706 0 0 0 BMRU virbr0 1500 0 0 0 0 0 0 0 0 BMU 字段解释: Iface网络设备的名字 MTU 最大的传输单元,单位是字节 RX-0K/TX-0K 正确接收了多少数据包,发送了多少数据包 RX-ERR/TX-ERR 接收、发送数据包的时候,丢弃了多少数据包 RX-0VR/TX-0VR 由于错误遗失了多少的数据包 FLg标记 L是回环地址的含义 R:这个网络接口正在运行中,U:接口正在处于活动的状态 B:设置了广播地址 M:接收所有的数据包 O:表示在该接口上禁止arp P:端对端的连接 查看TX-ERR RX-ERR最好是0,否则表示网络情况不健康,有丢包的现象 上面输出的信息比较原始。我们将 -e 选项和 -i 选项搭配使用,可以输出用户友好的信息 [root@VM-12-14-centos test]# netstat -ie Kernel Interface table br-23353f657e8b: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.19.0.1 netmask 255.255.0.0 broadcast 172.19.255.255 ether 02:42:69:59:5d:f8 txqueuelen 0 (Ethernet) RX packets 711 bytes 63222 (61.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 706 bytes 57772 (56.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 br-a0d112e232a1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255 ether 02:42:65:59:4e:7a txqueuelen 0 (Ethernet) RX packets 711 bytes 63222 (61.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 706 bytes 57772 (56.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 inet6 fe80::42:4aff:fe93:976b prefixlen 64 scopeid 0x20<link> ether 02:42:4a:93:97:6b txqueuelen 0 (Ethernet) RX packets 711 bytes 53268 (52.0 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 698 bytes 57116 (55.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.12.14 netmask 255.255.252.0 broadcast 10.0.15.255 inet6 fe80::5054:ff:fe39:b685 prefixlen 64 scopeid 0x20<link> ether 52:54:00:39:b6:85 txqueuelen 1000 (Ethernet) RX packets 647172 bytes 115417012 (110.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 752274 bytes 108765481 (103.7 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.18 netmask 255.255.255.0 broadcast 10.0.2.255 ether 52:54:00:39:b6:85 txqueuelen 1000 (Ethernet) eth0:2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.17 netmask 255.255.255.0 broadcast 10.0.2.255 ether 52:54:00:39:b6:85 txqueuelen 1000 (Ethernet) lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 21333 bytes 1221206 (1.1 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 21333 bytes 1221206 (1.1 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 vethfb859b6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::fcbf:a0ff:fe31:9587 prefixlen 64 scopeid 0x20<link> ether fe:bf:a0:31:95:87 txqueuelen 0 (Ethernet) RX packets 711 bytes 63222 (61.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 706 bytes 57772 (56.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether 52:54:00:fa:a2:70 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 上面的输出信息与 ifconfig 输出的信息一样
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
⑨:netstat持续输出
我们可以使用 netstat 的 -c 选项持续输出信息
[root@VM-12-14-centos test]# netstat -c
- 1
- 2
- 3
⑩:显示多播信息
选项 -g 会输出 IPv4 和 IPv6 的多播组信息 [root@VM-12-14-centos test]# netstat -g IPv6/IPv4 Group Memberships Interface RefCnt Group --------------- ------ --------------------- lo 1 all-systems.mcast.net eth0 1 mdns.mcast.net eth0 1 all-systems.mcast.net virbr0 1 mdns.mcast.net virbr0 1 all-systems.mcast.net br-23353f657e8b 1 mdns.mcast.net br-23353f657e8b 1 all-systems.mcast.net br-a0d112e232a1 1 mdns.mcast.net br-a0d112e232a1 1 all-systems.mcast.net docker0 1 mdns.mcast.net docker0 1 all-systems.mcast.net vethfb859b6 1 all-systems.mcast.net lo 1 ff02::1 lo 1 ff01::1 eth0 1 ff02::1:ff39:b685 eth0 1 ff02::1 eth0 1 ff01::1 virbr0 1 ff02::1 virbr0 1 ff01::1 virbr0-nic 1 ff02::1 virbr0-nic 1 ff01::1 br-23353f657e8b 1 ff02::1 br-23353f657e8b 1 ff01::1 br-a0d112e232a1 1 ff02::1 br-a0d112e232a1 1 ff01::1 docker0 1 ff02::1:ff93:976b docker0 1 ff02::1 docker0 1 ff01::1 vethfb859b6 1 ff02::1:ff31:9587 vethfb859b6 1 ff02::1 vethfb859b6 1 ff01::1
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小小林熬夜学编程/article/detail/251564
推荐阅读
相关标签
