一、netstat 不加参数输出如下(列出所有活动的链接)
| [root@test ~]# netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 1 test:45785 162.221.13.80:301 SYN_SENT tcp 0 0 test:ssh localhost:sdclient ESTABLISHED tcp 0 0 test:ssh localhost:starbot ESTABLISHED |
二、netstat -n 输出如下 (以数字ip形式显示主机,默认只显示ESTABLISHED 以及系统socket)
| [root@test ~]# netstat -n Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 ::ffff:192.168.2.150:22 ::ffff:192.168.2.153:2310 ESTABLISHED tcp 0 0 ::ffff:192.168.2.150:9000 ::ffff:192.168.2.153:4279 TIME_WAIT tcp 0 1 192.168.2.150:34336 162.221.13.80:301 SYN_SENT tcp 0 0 ::ffff:192.168.2.150:9000 ::ffff:192.168.2.153:4275 TIME_WAIT |
三、netstat -an 输出如下(列出所有活动的和在监听的链接)
| [root@test ~]# netstat -an Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 ::ffff:192.168.2.150:22 ::ffff:192.168.2.153:2310 ESTABLISHED tcp 0 0 192.168.2.150:45245 192.168.2.142:3306 TIME_WAIT tcp 0 0 :::8800 :::* LISTEN tcp 0 1 192.168.2.150:45157 162.221.13.80:301 SYN_SENT |
四、netstat -p (列出所对应的程序)
| [root@test ~]# netstat -np Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.2.150:43380 192.168.2.142:3306 TIME_WAIT - tcp 0 0 192.168.2.150:43379 192.168.2.142:3306 TIME_WAIT - tcp 0 0 192.168.2.150:43378 192.168.2.142:3306 TIME_WAIT - tcp 0 0 192.168.2.150:43377 192.168.2.142:3306 TIME_WAIT - tcp 0 1 192.168.2.150:57533 162.221.13.80:301 SYN_SENT 24891/.IptabLex tcp 0 0 ::ffff:192.168.2.150:22 ::ffff:192.168.2.153:2310 ESTABLISHED 23377/sshd: root@no tcp 0 0 ::ffff:192.168.2.150:9000 ::ffff:192.168.2.153:4385 TIME_WAIT - tcp 0 0 ::ffff:192.168.2.150:22 ::ffff:192.168.2.153:2838 ESTABLISHED 23538/sshd: root@no |
五、netstat -l (只显示当前正在监听的端口,一般配合 -np)
| [root@test ~]# netstat -npl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 3470/mysqld tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 13066/portmap tcp 0 0 0.0.0.0:690 0.0.0.0:* LISTEN 2204/rpc.statd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 2543/vsftpd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2511/cupsd tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 2467/python tcp 0 0 :::8800 :::* LISTEN 5433/httpd tcp 0 0 :::8130 :::* LISTEN 5433/httpd |
六、netstat -s (显示统计信息)
| [root@test ~]# netstat -s Ip: 10657726 total packets received 36 with invalid headers 1900 with invalid addresses 0 forwarded 0 incoming packets discarded 6215893 incoming packets delivered 4861616 requests sent out 77938 outgoing packets dropped 218 dropped because of missing route Icmp: 16308 ICMP messages received 2 input ICMP message failed. ICMP input histogram: destination unreachable: 16281 echo requests: 4 echo replies: 23 17897 ICMP messages sent 0 ICMP messages failed ICMP output histogram: destination unreachable: 17853 echo request: 40 echo replies: 4 IcmpMsg: InType0: 23 InType3: 16281 InType8: 4 OutType0: 4 OutType3: 17853 OutType8: 40 Tcp: 387717 active connections openings 37216 passive connection openings 20861 failed connection attempts 1250 connection resets received 12 connections established 5841319 segments received 4936864 segments send out 9036 segments retransmited 0 bad segments received. 34626 resets sent Udp: 125596 packets received 17787 packets to unknown port received. 0 packet receive errors 149618 packets sent TcpExt: 132 invalid SYN cookies received 107 resets received for embryonic SYN_RECV sockets 30 ICMP packets dropped because they were out-of-window 135121 TCP sockets finished time wait in fast timer 11 time wait sockets recycled by time stamp 116242 delayed acks sent 171 delayed acks further delayed because of locked socket Quick ack mode was activated 857 times 1986372 packets directly queued to recvmsg prequeue. 713824 packets directly received from backlog 1401900484 packets directly received from prequeue 625773 packets header predicted 1841811 packets header predicted and directly queued to user 1089511 acknowledgments not containing data received 1826530 predicted acknowledgments 269 times recovered from packet loss due to SACK data 3 bad SACKs received Detected reordering 1 times using FACK Detected reordering 3 times using time stamp 2 congestion windows fully recovered 11 congestion windows partially recovered using Hoe heuristic TCPDSACKUndo: 11 225 congestion windows recovered after partial ack 1184 TCP data loss events 112 timeouts after SACK recovery 25 timeouts in loss state 1138 fast retransmits 97 forward retransmits 743 retransmits in slow start 212734 other TCP timeouts 79 sack retransmits failed 4 times receiver scheduled too late for direct processing 1167 DSACKs sent for old packets 148 DSACKs received 19 connections reset due to unexpected data 16 connections reset due to early user close 550 connections aborted due to timeout IpExt: InMcastPkts: 10144 OutMcastPkts: 44 InBcastPkts: 263521 |
七、netstat -c (动态显示每秒钟刷新,持续管擦链接状况。可配合-t -u 持续观察tcp udp的链接状况)