一、netstat 常用命令詳解
通過man netstat可以查看netstat的幫助信息:
- netstat 命令:用於顯示各種網絡相關信息,如網絡連接,路由表,接口狀態,無效連接,組播成員 等等。
- netstat命令是net-tools軟件包中的一員
[root@web129 ~]# netstat 選項 選項: -a: 列出系統中所有網絡連接,包括已經連接的網絡服務、監聽的網絡服務和Socket套接字 -t: 列出TCP數據
-u: 列出UDP數據 -l: 列出正在監聽的網絡服務(不包含已經連接的網路服務) -n: 用端口顯示服務,而不用服務名 -p: 列出該服務的進程ID(PID)
示例一:netstat -tlunp
[root@web129 ~]# netstat -tlunp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1490/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1989/master tcp6 0 0 :::80 :::* LISTEN 852/httpd tcp6 0 0 :::22 :::* LISTEN 1490/sshd tcp6 0 0 ::1:25 :::* LISTEN 1989/master udp 0 0 127.0.0.1:323 0.0.0.0:* 524/chronyd udp6 0 0 ::1:323 :::* 524/chronyd [root@web129 ~]#
實例二:使用netstat -an
[root@web129 ~]# netstat -an Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 192.168.19.129:22 192.168.19.1:1108 ESTABLISHED tcp 0 0 192.168.19.129:22 192.168.19.1:2301 ESTABLISHED tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN udp 0 0 127.0.0.1:323 0.0.0.0:* udp 0 0 192.168.19.129:39366 85.199.214.101:123 ESTABLISHED udp 0 0 192.168.19.129:39060 85.199.214.100:123 ESTABLISHED udp6 0 0 ::1:323 :::* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 25859 /run/docker/libnetwork/2607d31c4b65ff68cf08c24cc6d5e4687dad654f9ec402872e98f8dcc79f448f.sock unix 2 [ ACC ] STREAM LISTENING 24960 private/rewrite
執行結果,除了上文的參數之外,還有Socket內容:
二、ss命令詳解
ss是Socket Statistics的縮寫
- ss命令可以用來獲取socket統計信息,它可以顯示和netstat類似的內容。但是ss的優勢在於它能夠顯示更詳細的有關網絡連接的狀態信息,而比netstat更快速、更高效。
- ss命令是iproute2軟件包中的一員
使用場景一:查看當前服務器的網絡連接數
[root@web129 ~]# ss -s Total: 580 (kernel 1020) TCP: 8 (estab 2, closed 1, orphaned 0, synrecv 0, timewait 0/0), ports 0 Transport Total IP IPv6 * 1020 - - RAW 0 0 0 UDP 4 3 1 TCP 7 4 3 INET 11 7 4 FRAG 0 0 0
使用場景2:查看所有打開的網絡端口
[root@web129 ~]# ss -l Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 rtnl:1736442360 * nl UNCONN 768 0 rtnl:dockerd/853 * nl UNCONN 0 0 rtnl:kernel * nl UNCONN 0 0 rtnl:1736442360 * nl UNCONN 4352 0 tcpdiag:ss/4865 * nl UNCONN 768 0 tcpdiag:kernel * nl UNCONN 0 0 xfrm:kernel * nl UNCONN 0 0 xfrm:dockerd/853 * nl UNCONN 0 0 selinux:kernel *
[root@web129 ~]# ss -pl #列出具體的程序名字
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 rtnl:1736442360 *
nl UNCONN 768 0 rtnl:dockerd/853 *
tcp LISTEN 0 128 :::http :::* users:(("httpd",pid=2493,fd=4),("httpd",pid=2492,fd=4),("httpd",pid=2491,fd=4),("httpd",pid=2490,fd=4),("httpd",pid=2489,fd=4),("httpd",pid=852,fd=4))
tcp LISTEN 0 128 :::ssh :::*
使用場景3:查看這台服務器上所有的Socket 連接
[root@web129 ~]# ss -a #列出所有網絡連接 Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 rtnl:1736442360 * nl UNCONN 768 0 rtnl:dockerd/853 * nl UNCONN 0 0 rtnl:kernel * nl UNCONN 0 0 rtnl:1736442360 * [root@web129 ~]# ss -ta #查看TCP socket State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:ssh *:* LISTEN 0 100 127.0.0.1:smtp *:* ESTAB 0 0 192.168.19.129:ssh 192.168.19.1:ratio-adp ESTAB 0 0 192.168.19.129:ssh 192.168.19.1:cpq-wbem LISTEN 0 128 :::http :::* LISTEN 0 128 :::ssh :::* LISTEN 0 100 ::1:smtp :::* [root@web129 ~]# ss -ua #查看UDP Socket State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 127.0.0.1:323 *:* ESTAB 0 0 192.168.19.129:53193 185.134.197.4:ntp ESTAB 0 0 192.168.19.129:55294 193.228.143.12:ntp ESTAB 0 0 192.168.19.129:49316 85.199.214.101:ntp UNCONN 0 0 ::1:323 :::* [root@web129 ~]# [root@web129 ~]# ss -wa #查看RAW socket State Recv-Q Send-Q Local Address:Port Peer Address:Port [root@web129 ~]# ss -xa #查看UNIX socket Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port u_str LISTEN 0 128 /run/docker/libnetwork/2607d31c4b65ff68cf08c24cc6d5e4687dad654f9ec402872e98f8dcc79f448f.sock 25859 * 0 u_str LISTEN 0 100 private/rewrite 24960 * 0 u_str LISTEN 0 100 private/bounce 24963 * 0 u_str LISTEN 0 100 private/defer 24966 * 0 u_str LISTEN 0 100 private/trace 24969 * 0
三、netstat和ss之間替換命令
1、命令替換
2、軟件包替換
