##netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships##
##netstat - 打印网络连接、路由表、接口统计、伪装连接和多播成员关系##
usage: netstat [-veenNcCF] [<Af>] -r netstat {-V|--version|-h|--help} netstat [-vnNcaeol] [<Socket> ...] netstat { [-veenNac] -I[<Iface>] | [-veenNac] -i | [-cnNe] -M | -s } [delay] -r, --route display routing table #显示路由表 -I, --interfaces=<Iface> display interface table for <Iface> #显示网络接口表 -i, --interfaces display interface table #显示网络接口表 -g, --groups display multicast group memberships #显示多播组成员 -s, --statistics display networking statistics (like SNMP) #显示网络统计数据,如IP/ICMP/SNMP/..各协议统计。 -M, --masquerade display masqueraded connections #显示伪装的连接 -v, --verbose be verbose #详细信息 -n, --numeric don't resolve names #不做名字解析 --numeric-hosts don't resolve host names #不做主机名解析 --numeric-ports don't resolve port names #不做端口名解析 --numeric-users don't resolve user names #不做用户名解析 -N, --symbolic resolve hardware names -e, --extend display other/more information #显示更多信息,用户名,inode -p, --programs display PID/Program name for sockets #显示pid和程序名字 -c, --continuous continuous listing #持续的列出相关信息 -l, --listening display listening server sockets #显示处于监听状态的套接字 -a, --all, --listening display all sockets (default: connected) #显示所有的套接字 -o, --timers display timers #显示计时器 -F, --fib display Forwarding Information Base (default) #使用-rF查看路由表时,显示转发信息 -C, --cache display routing cache instead of FIB #使用-rC查看路由表时,显示详细的路由缓存 -T, --notrim stop trimming long addresses #停止修剪长地址 -Z, --context display SELinux security context for sockets #显示套接字的SELINUX上下文 <Iface>: Name of interface to monitor/list. <Socket>={-t|--tcp} {-u|--udp} {-S|--sctp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom <AF>=Use '-A <af>' or '--<af>'; default: inet List of possible address families (which support routing): inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) x25 (CCITT X.25) 1 . 查看网络链接状态
-a 显示所有状态的socket -n 不做名字解析,不加此参数,80端口会显示成http,127.0.0.1显示成localhost,uid为0显示成root等等 -e 显示更多信息如用户,inode -p 显示pid和程序名字 -t 显示tcp链接 -u 显示udp链接 -x 显示unix套接字 netstat -anpte #查看tcp链接[root@jia1-LinuxPerformance ~]# netstat -anpteActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 10294 1821/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 10594 1923/master tcp 0 52 172.16.2.106:22 124.65.173.246:50809 ESTABLISHED 0 10826 1967/sshd tcp 0 0 172.16.2.106:54076 100.100.100.200:80 TIME_WAIT 0 0 - tcp 0 0 172.16.2.106:60382 140.205.140.205:80 ESTABLISHED 0 9273 1471/AliYunDun tcp 0 0 172.16.2.106:54070 100.100.100.200:80 TIME_WAIT 0 0 - netstat -anpue #查看udp链接 [root@jia1-LinuxPerformance ~]# netstat -anpueActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name udp 0 0 0.0.0.0:68 0.0.0.0:* 0 9200 1678/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 0 8655 1069/dhclient udp 0 0 172.16.2.107:123 0.0.0.0:* 0 10366 1832/ntpd udp 0 0 172.16.2.106:123 0.0.0.0:* 0 10365 1832/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 0 10364 1832/ntpd netstat -anpxe #查看unix套接字链接 [root@jia1-LinuxPerformance ~]# netstat -anpxeActive UNIX domain sockets (servers and established)Proto RefCnt Flags Type State I-Node PID/Program name Pathunix 2 [ ACC ] STREAM LISTENING 9249 1471/AliYunDun /tmp/Aegis-<Guid(5A2C30A2-A87D-490A-9281-6765EDAD7CBA)>unix 2 [ ACC ] STREAM LISTENING 9251 1471/AliYunDun /usr/local/aegis/Aegis-<Guid(5A2C30A2-A87D-490A-9281-6765EDAD7CBA)>unix 2 [ ACC ] STREAM LISTENING 7047 1/init @/com/ubuntu/upstartunix 10 [ ] DGRAM 8814 1140/rsyslogd /dev/logunix 2 [ ACC ] STREAM LISTENING 10600 1923/master public/cleanupunix 2 [ ACC ] STREAM LISTENING 10607 1923/master private/tlsmgrunix 2 [ ACC ] STREAM LISTENING 10611 1923/master private/rewriteunix 2 [ ACC ] STREAM LISTENING 10615 1923/master private/bounceunix 2 [ ACC ] STREAM LISTENING 10619 1923/master private/deferunix 2 [ ACC ] STREAM LISTENING 10623 1923/master private/traceunix 2 [ ACC ] STREAM LISTENING 10627 1923/master private/verifyunix 2 [ ACC ] STREAM LISTENING 10631 1923/master public/flushunix 2 [ ACC ] STREAM LISTENING 10635 1923/master private/proxymapunix 2 [ ACC ] STREAM LISTENING 10639 1923/master private/proxywriteunix 2 [ ACC ] STREAM LISTENING 10643 1923/master private/smtpunix 2 [ ACC ] STREAM LISTENING 10647 1923/master private/relayunix 2 [ ACC ] STREAM LISTENING 10651 1923/master public/showqunix 2 [ ACC ] STREAM LISTENING 10655 1923/master private/errorunix 2 [ ACC ] STREAM LISTENING 10659 1923/master private/retryunix 2 [ ACC ] STREAM LISTENING 10663 1923/master private/discardunix 2 [ ACC ] STREAM LISTENING 10667 1923/master private/localunix 2 [ ACC ] STREAM LISTENING 10671 1923/master private/virtualunix 2 [ ] DGRAM 7622 483/udevd @/org/kernel/udev/udevdunix 2 [ ACC ] STREAM LISTENING 10675 1923/master private/lmtpunix 2 [ ACC ] STREAM LISTENING 10679 1923/master private/anvilunix 2 [ ACC ] STREAM LISTENING 10683 1923/master private/scacheunix 2 [ ] DGRAM 13412 2216/anacron unix 2 [ ] DGRAM 10874 1967/sshd unix 2 [ ] DGRAM 10719 1940/qmgr unix 2 [ ] DGRAM 10693 1939/pickup unix 2 [ ] DGRAM 10690 1941/crond unix 3 [ ] STREAM CONNECTED 10686 1923/master unix 3 [ ] STREAM CONNECTED 10685 1923/master unix 3 [ ] STREAM CONNECTED 10682 1923/master unix 3 [ ] STREAM CONNECTED 10681 1923/master unix 3 [ ] STREAM CONNECTED 10678 1923/master unix 3 [ ] STREAM CONNECTED 10677 1923/master unix 3 [ ] STREAM CONNECTED 10674 1923/master unix 3 [ ] STREAM CONNECTED 10673 1923/master unix 3 [ ] STREAM CONNECTED 10670 1923/master unix 3 [ ] STREAM CONNECTED 10669 1923/master unix 3 [ ] STREAM CONNECTED 10666 1923/master unix 3 [ ] STREAM CONNECTED 10665 1923/master unix 3 [ ] STREAM CONNECTED 10662 1923/master unix 3 [ ] STREAM CONNECTED 10661 1923/master unix 3 [ ] STREAM CONNECTED 10658 1923/master unix 3 [ ] STREAM CONNECTED 10657 1923/master unix 3 [ ] STREAM CONNECTED 10654 1923/master unix 3 [ ] STREAM CONNECTED 10653 1923/master unix 3 [ ] STREAM CONNECTED 10650 1923/master unix 3 [ ] STREAM CONNECTED 10649 1923/master unix 3 [ ] STREAM CONNECTED 10646 1923/master unix 3 [ ] STREAM CONNECTED 10645 1923/master unix 3 [ ] STREAM CONNECTED 10642 1923/master unix 3 [ ] STREAM CONNECTED 10641 1923/master unix 3 [ ] STREAM CONNECTED 10638 1923/master unix 3 [ ] STREAM CONNECTED 10637 1923/master unix 3 [ ] STREAM CONNECTED 10634 1923/master unix 3 [ ] STREAM CONNECTED 10633 1923/master unix 3 [ ] STREAM CONNECTED 10630 1923/master unix 3 [ ] STREAM CONNECTED 10629 1923/master unix 3 [ ] STREAM CONNECTED 10626 1923/master unix 3 [ ] STREAM CONNECTED 10625 1923/master unix 3 [ ] STREAM CONNECTED 10622 1923/master unix 3 [ ] STREAM CONNECTED 10621 1923/master unix 3 [ ] STREAM CONNECTED 10618 1923/master unix 3 [ ] STREAM CONNECTED 10617 1923/master unix 3 [ ] STREAM CONNECTED 10614 1923/master unix 3 [ ] STREAM CONNECTED 10613 1923/master unix 3 [ ] STREAM CONNECTED 10610 1923/master unix 3 [ ] STREAM CONNECTED 10609 1923/master unix 3 [ ] STREAM CONNECTED 10606 1923/master unix 3 [ ] STREAM CONNECTED 10605 1923/master unix 3 [ ] STREAM CONNECTED 10603 1923/master unix 3 [ ] STREAM CONNECTED 10602 1923/master unix 3 [ ] STREAM CONNECTED 10599 1923/master unix 3 [ ] STREAM CONNECTED 10598 1923/master unix 3 [ ] STREAM CONNECTED 10596 1923/master unix 3 [ ] STREAM CONNECTED 10595 1923/master unix 2 [ ] DGRAM 10556 1923/master unix 2 [ ] DGRAM 10321 1832/ntpd unix 3 [ ] STREAM CONNECTED 9248 1471/AliYunDun unix 3 [ ] STREAM CONNECTED 9247 1471/AliYunDun unix 3 [ ] STREAM CONNECTED 9246 1471/AliYunDun unix 3 [ ] STREAM CONNECTED 9245 1471/AliYunDun unix 2 [ ] DGRAM 9170 1678/dhclient unix 3 [ ] STREAM CONNECTED 8775 1118/auditd unix 3 [ ] STREAM CONNECTED 8774 1118/auditd unix 3 [ ] DGRAM 7636 483/udevd unix 3 [ ] DGRAM 7635 483/udevd 2 . 查看路由表
netstat -r和route命令输出是差不多的。 [root@jia1-LinuxPerformance ~]# netstat -rKernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface172.16.2.0 * 255.255.255.0 U 0 0 0 eth0172.16.2.0 * 255.255.255.0 U 0 0 0 eth1link-local * 255.255.0.0 U 0 0 0 eth0link-local * 255.255.0.0 U 0 0 0 eth1default 172.16.2.253 0.0.0.0 UG 0 0 0 eth0default 172.16.2.253 0.0.0.0 UG 0 0 0 eth1[root@jia1-LinuxPerformance ~]# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface172.16.2.0 * 255.255.255.0 U 0 0 0 eth0172.16.2.0 * 255.255.255.0 U 0 0 0 eth1link-local * 255.255.0.0 U 1002 0 0 eth0link-local * 255.255.0.0 U 1003 0 0 eth1default 172.16.2.253 0.0.0.0 UG 0 0 0 eth0default 172.16.2.253 0.0.0.0 UG 1001 0 0 eth1netstat -rF和netstat -rC两个命令的区别是一个输出的是路由表,一个输出的是路由缓存。默认netstat -r输出的是netstat -rF结果。-F为默认参数[root@jia1-LinuxPerformance ~]# netstat -rFKernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface172.16.2.0 * 255.255.255.0 U 0 0 0 eth0172.16.2.0 * 255.255.255.0 U 0 0 0 eth1link-local * 255.255.0.0 U 0 0 0 eth0link-local * 255.255.0.0 U 0 0 0 eth1default 172.16.2.253 0.0.0.0 UG 0 0 0 eth0default 172.16.2.253 0.0.0.0 UG 0 0 0 eth1[root@jia1-LinuxPerformance ~]# netstat -rCKernel IP routing cacheSource Destination Gateway Flags MSS Window irtt Iface140.205.140.205 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 10.143.0.46 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.3.2 172.16.2.253 1500 0 0 eth0172.16.2.106 10.143.0.45 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.5.3 172.16.2.253 1500 0 0 eth0100.100.5.2 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 10.143.33.51 172.16.2.253 1500 0 0 eth0100.100.5.1 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 10.143.33.50 172.16.2.253 1500 0 0 eth0203.107.6.88 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 10.143.33.50 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.2.136 172.16.2.253 1500 0 0 eth0100.100.3.1 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 100.100.5.3 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.5.2 172.16.2.253 1500 0 0 eth0172.16.2.106 10.143.33.49 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.3.1 172.16.2.253 1500 0 0 eth0172.16.2.106 120.25.115.20 172.16.2.253 1500 0 0 eth0172.16.2.106 203.107.6.88 172.16.2.253 1500 0 0 eth0172.16.2.106 124.65.173.246 172.16.2.253 1500 0 0 eth0172.16.2.106 10.143.0.46 172.16.2.253 1500 0 0 eth0100.100.3.3 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 100.100.3.3 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.3.2 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.3.3 172.16.2.253 1500 0 0 eth0100.100.5.3 172.16.2.106 172.16.2.106 l 65535 0 0 lo124.65.173.246 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 10.143.0.44 172.16.2.253 1500 0 0 eth0120.25.115.20 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 140.205.140.205 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.3.1 172.16.2.253 1500 0 0 eth0100.100.2.136 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 10.143.0.45 172.16.2.253 1500 0 0 eth0172.16.2.106 10.143.0.44 172.16.2.253 1500 0 0 eth0172.16.2.106 120.25.115.20 172.16.2.253 1500 0 0 eth0172.16.2.106 10.143.33.49 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.5.1 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.2.138 172.16.2.253 1500 0 0 eth0172.16.2.106 203.107.6.88 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.5.1 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.2.138 172.16.2.253 1500 0 0 eth0100.100.3.2 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 100.100.5.2 172.16.2.253 1500 0 0 eth0100.100.2.138 172.16.2.106 172.16.2.106 l 65535 0 0 lo172.16.2.106 10.143.33.51 172.16.2.253 1500 0 0 eth0172.16.2.106 100.100.2.136 172.16.2.253 1500 0 0 eth03 . 查看网络统计数据,netstat -s展示各协议的统计信息
[root@jia1-LinuxPerformance ~]# netstat -sIp: 4440 total packets received 4 with invalid addresses 0 forwarded 0 incoming packets discarded 4436 incoming packets delivered 4269 requests sent outIcmp: 806 ICMP messages received 0 input ICMP message failed. ICMP input histogram: echo requests: 804 echo replies: 2 806 ICMP messages sent 0 ICMP messages failed ICMP output histogram: echo request: 2 echo replies: 804IcmpMsg: InType0: 2 InType8: 804 OutType0: 804 OutType8: 2Tcp: 79 active connections openings 1 passive connection openings 3 failed connection attempts 0 connection resets received 2 connections established 2840 segments received 2494 segments send out 16 segments retransmited 0 bad segments received. 5 resets sentUdp: 790 packets received 0 packets to unknown port received. 0 packet receive errors 953 packets sentUdpLite:TcpExt: 3 resets received for embryonic SYN_RECV sockets 71 TCP sockets finished time wait in fast timer 44 delayed acks sent Quick ack mode was activated 1 times 652 packets header predicted 516 acknowledgments not containing data received 1283 predicted acknowledgments 1 congestion windows recovered after partial ack 0 TCP data loss events 10 other TCP timeouts 1 DSACKs sent for old packets 1 DSACKs receivedIpExt: InOctets: 329641 OutOctets: 12972214 . 查看网络接口信息
[root@jia1-LinuxPerformance ~]# netstat -iKernel Interface tableIface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeth0 1500 0 4502 0 0 0 4353 0 0 0 BMRUeth1 1500 0 2 0 0 0 3 0 0 0 BMRUlo 65536 0 0 0 0 0 0 0 0 0 LRU联系客服
