netstat 命令用于显示各种网络相关信息,如网络连接,路由表,接口状态 (Interface Statistics),masquerade 连接,多播成员 (Multicast Memberships) 等等
1 常用选项:
-a :(all)显示所有选项,默认不显示LISTEN相关
-t :(tcp)仅显示tcp相关选项
-u :(udp)仅显示udp相关选项
-n :以数字显示IP和端口,能显示数字的全部转化成数字。
-l :仅列出有在 Listen (监听) 的服務状态
-p: 显示建立相关链接的程序名
-r :显示路由信息,路由表
-e :显示扩展信息,例如uid等
-s :按各个协议进行统计
-c :每隔一个固定时间,执行该netstat命令。
-w:raw socket相关
2 -tan 显示所有tcp端口
[root@CentOS7 ~]# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 52 192.168.29.3:22 192.168.29.1:51029 ESTABLISHED
tcp 0 0 192.168.29.3:22 192.168.29.1:51180 ESTABLISHED
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 ::1:25 :::*
3 显示所有udp端口 -uan
[root@centos7 ~]# netstat -anu
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:47414 0.0.0.0:*
udp 0 0 192.168.122.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:67 0.0.0.0:*
4 显示所有处于监听的tcp端口 -tnl
[root@centos7 ~]# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
5 显示所有处于监听状态的udp端口 -unl
[root@centos7 ~]# netstat -unl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:47414 0.0.0.0:*
udp 0 0 0.0.0.0:20815 0.0.0.0:*
udp 0 0 192.168.122.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:67 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:9804 0.0.0.0:*
udp6 0 0 :::12799 :::*
udp6 0 0 :::37953 :::*
6 显示路由表 –rn
[root@centos7 ~]# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.29.1 0.0.0.0 UG 0 0 0 ens33
192.168.29.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
[root@centos7 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.29.1 0.0.0.0 UG 100 0 0 ens33
192.168.29.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
7 显示每个协议的统计信息
(1)显示所有端口的统计信息 netstat -s
[root@centos7 ~]# netstat -s
Ip:
3808 total packets received
0 forwarded
0 incoming packets discarded
2444 incoming packets delivered
2254 requests sent out
32 outgoing packets dropped
Icmp:
676 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
destination unreachable: 148
echo replies: 528
717 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 148
echo request: 569
[……]
(2)显示 TCP 端口的统计信息 netstat -st
[root@centos7 ~]# netstat -st
IcmpMsg:
InType0: 528
InType3: 148
OutType3: 148
OutType8: 569
Tcp:
0 active connections openings
2 passive connection openings
0 failed connection attempts
0 connection resets received
2 connections established
1637 segments received
1418 segments send out
0 segments retransmited
0 bad segments received.
0 resets sent
(3)显示 UDP 端口的统计信息 netstat -su
[root@centos7 ~]# netstat -su
IcmpMsg:
InType0: 528
InType3: 148
OutType3: 148
OutType8: 569
Udp:
0 packets received
140 packets to unknown port received.
0 packet receive errors
169 packets sent
0 receive buffer errors
0 send buffer errors
UdpLite:
IpExt:
InMcastPkts: 27
OutMcastPkts: 33
InBcastPkts: 766
InOctets: 410294
OutOctets: 432666
InMcastOctets: 4963
OutMcastOctets: 5444
InBcastOctets: 179503
InNoECTPkts: 3848
8 显示 PID 和进程名称 netstat -p
[root@centos7 ~]# netstat -p
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 52 centos7.3.local:ssh gateway:51029 ESTABLISHED 1552/sshd: root@pts
tcp 0 0 centos7.3.local:ssh gateway:51180 ESTABLISHED 1854/sshd: root@pts
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ] DGRAM 8520 1/systemd /run/systemd/notify
unix 2 [ ] DGRAM 8522 1/systemd /run/systemd/cgroups-agent
unix 5 [ ] DGRAM 8542 1/systemd /run/systemd/journal/socket
unix 28 [ ] DGRAM 8544 1/systemd /dev/log
unix 2 [ ] DGRAM 11419 1/systemd /run/systemd/shutdownd
unix 3 [ ] STREAM CONNECTED 23993 1276/ibus-x11