netstart:查看网络状态

netstat是一个用于显示网络连接、路由表、接口统计等信息的命令行工具。本文详细介绍了netstat的用法,包括显示路由表、接口信息、多播组成员、统计信息等,并列出了一系列参数选项,如显示监听套接字、详细信息、计时器、程序PID等。此外,还提到了netstat的过时情况,建议使用ss作为替代工具。
摘要由CSDN通过智能技术生成

一、语法

onlylove@ubuntu:~$ netstat -help
usage: netstat [-vWeenNcCF] [<Af>] -r         netstat {-V|--version|-h|--help}
       netstat [-vWnNcaeol] [<Socket> ...]
       netstat { [-vWeenNac] -i | [-cnNe] -M | -s [-6tuw] }

        -r, --route              display routing table
        -i, --interfaces         display interface table
        -g, --groups             display multicast group memberships
        -s, --statistics         display networking statistics (like SNMP)
        -M, --masquerade         display masqueraded connections

        -v, --verbose            be verbose
        -W, --wide               don't truncate IP addresses
        -n, --numeric            don't resolve names
        --numeric-hosts          don't resolve host names
        --numeric-ports          don't resolve port names
        --numeric-users          don't resolve user names
        -N, --symbolic           resolve hardware names
        -e, --extend             display other/more information
        -p, --programs           display PID/Program name for sockets
        -o, --timers             display timers
        -c, --continuous         continuous listing

        -l, --listening          display listening server sockets
        -a, --all                display all sockets (default: connected)
        -F, --fib                display Forwarding Information Base (default)
        -C, --cache              display routing cache instead of FIB
        -Z, --context            display SELinux security context for sockets

  <Socket>={-t|--tcp} {-u|--udp} {-U|--udplite} {-S|--sctp} {-w|--raw}
           {-x|--unix} --ax25 --ipx --netrom
  <AF>=Use '-6|-4' or '-A <af>' or '--<af>'; default: inet
  List of possible address families (which support routing):
    inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) 
    netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) 
    x25 (CCITT X.25) 
onlylove@ubuntu:~$

二、参数说明

参数说明
-r, --route显示路由表
-i, --interfaces显示接口表
-g, --groups显示组播组成员
-s, --statistics显示网络统计信息(如SNMP)
-M, --masquerade显示伪装的连接
-v, --verbose详细
-W, --wide不要截断IP地址
-n, --numeric不解析名称
–numeric-hosts不解析主机名
–numeric-ports不解析端口名称
–numeric-users不解析用户名
-N, --symbolic解析硬件名称
-e, --extend显示其他/更多信息
-p, --programs显示套接字的 PID/程序名称
-o, --timers显示计时器
-c, --continuous连续的清单
-l, --listening显示侦听服务器套接字
-a, --all显示所有套接字(默认:已连接)
-F, --fib显示转发信息库(默认)
-C, --cache显示路由缓存而不是 FIB
-Z, --context显示套接字的 SELinux 安全上下文
-t, --tcp
-u, --udp
-U, --udplite
-S, --sctp
-w, --raw
-x, --unix
–ax25
–ipx
–netrom

三、man netstat

NETSTAT(8)                                 Linux System Administrator's Manual                                NETSTAT(8)

NAME
       netstat  - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

       打印网络连接、路由表、接口统计信息、伪装程序连接和多播成员身份

SYNOPSIS
       netstat [address_family_options] [--tcp|-t] [--udp|-u] [--udplite|-U] [--sctp|-S] [--raw|-w] [--l2cap|-2]  [--rfcomm|-f] [--listening|-l] [--all|-a] [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--symbolic|-N] [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [--wide|-W]

       netstat {--route|-r} [address_family_options]  [--extend|-e[--extend|-e]]  [--verbose|-v]  [--numeric|-n]  [--numeric-hosts] [--numeric-ports] [--numeric-users] [--continuous|-c]

       netstat  {--interfaces|-i}  [--all|-a]  [--extend|-e[--extend|-e]]  [--verbose|-v]  [--program|-p] [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--continuous|-c]

       netstat {--groups|-g} [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--continuous|-c]

       netstat {--masquerade|-M}  [--extend|-e]  [--numeric|-n]  [--numeric-hosts]  [--numeric-ports]  [--numeric-users] [--continuous|-c]

       netstat {--statistics|-s} [--tcp|-t] [--udp|-u] [--udplite|-U] [--sctp|-S] [--raw|-w]

       netstat {--version|-V}

       netstat {--help|-h}

       address_family_options:

       [-4|--inet]   [-6|--inet6]   [--protocol={inet,inet6,unix,ipx,ax25,netrom,ddp,bluetooth,   ...  }  ]  [--unix|-x]
       [--inet|--ip|--tcpip] [--ax25] [--x25] [--rose]  [--ash]  [--bluetooth]  [--ipx]  [--netrom]  [--ddp|--appletalk]
       [--econet|--ec]

NOTES
       This  program  is  mostly obsolete.  Replacement for netstat is ss.  Replacement for netstat -r is ip route.  Replacement for netstat -i is ip -s link.  Replacement for netstat -g is ip maddr.

       这个程序基本上已经过时了。netstat的替代品是ss。netstat -r 的替代是 ip 路由。netstat -i 的替代者是 ip -s 链接。 netstat -g 的替代品是 ip maddr。

DESCRIPTION
       Netstat prints information about the Linux networking subsystem.  The type of information printed  is  controlled by the first argument, as follows:

       Netstat 打印有关 Linux 网络子系统的信息。 打印的信息类型由第一个参数控制,如下所示:

   (none)
       By  default, netstat displays a list of open sockets.  If you don't specify any address families, then the active sockets of all configured address families will be printed.

       默认情况下,netstat 显示打开的套接字列表。如果未指定任何地址系列,则将打印所有已配置地址系列的活动套接字。

   --route, -r
       Display the kernel routing tables. See the description in route(8) for details.  netstat -r and route -e  produce the same output.

       显示内核路由表。有关详细信息,请参阅 route(8) 中的说明。 netstat -r 和 route -e 产生相同的输出。

   --groups, -g
       Display multicast group membership information for IPv4 and IPv6.

       显示 IPv4 和 IPv6 的多播组成员身份信息。

   --interfaces, -i
       Display a table of all network interfaces.

       显示所有网络接口的表。

   --masquerade, -M
       Display a list of masqueraded connections.

       显示伪装连接的列表。

   --statistics, -s
       Display summary statistics for each protocol.

       显示每个协议的汇总统计信息。

OPTIONS
   --verbose, -v
       Tell  the user what is going on by being verbose. Especially print some useful information about unconfigured address families.

       通过详细地告诉用户正在发生什么。特别是打印一些关于未配置地址族的有用信息。

   --wide, -W
       Do not truncate IP addresses by using output as wide as needed. This is optional for now to  not  break  existing scripts.

       不要使用所需的输出宽度来截断IP地址。为了不破坏现有的脚本,这是可选的。

   --numeric, -n
       Show numerical addresses instead of trying to determine symbolic host, port or user names.

       显示数字地址,而不是试图确定符号主机、端口或用户名。

   --numeric-hosts
       shows numerical host addresses but does not affect the resolution of port or user names.

       显示数字主机地址,但不影响端口或用户名的解析。

   --numeric-ports
       shows numerical port numbers but does not affect the resolution of host or user names.

       示数字端口号,但不影响主机或用户名的解析。

   --numeric-users
       shows numerical user IDs but does not affect the resolution of host or port names.

       显示数字用户id,但不影响主机或端口名的解析。

   --protocol=family, -A
       Specifies  the address families (perhaps better described as low level protocols) for which connections are to be shown.  family is a comma (',') separated list of address family keywords like  inet,  inet6,  unix,  ipx,  ax25, netrom,  econet,  ddp,  and  bluetooth.   This has the same effect as using the --inet|-4, --inet6|-6, --unix|-x, --ipx, --ax25, --netrom, --ddp, and --bluetooth options.

       The address family inet (Iv4) includes raw, udp, udplite and tcp protocol sockets.

       The address family bluetooth (Iv4) includes l2cap and rfcomm protocol sockets.

       指定要显示连接的地址族(最好描述为低级别协议)。Family是由逗号(',')分隔的地址族关键字列表,如inet、inet6、unix、ipx、ax25、netrom、econet、ddp和bluetooth。这与使用 --inet|-4、--inet6|-6、--unix|-x、--ipx、--ax25、--netrom、--ddp 和 --bluetooth 选项具有相同的效果。

       地址族inet (Iv4)包括raw、udp、udplite和tcp协议套接字。

       地址系列蓝牙 (Iv4) 包括 l2cap 和 rfcomm 协议插座。

   -c, --continuous
       This will cause netstat to print the selected information every second continuously.

       这将导致netstat每秒钟连续打印选定的信息。

   -e, --extend
       Display additional information.  Use this option twice for maximum detail.

       显示额外的信息。使用此选项两次以获得最大详细信息。

   -o, --timers
       Include information related to networking timers.

       包括与联网计时器相关的信息。

   -p, --program
       Show the PID and name of the program to which each socket belongs.

       显示每个套接字所属程序的 PID 和名称。

   -l, --listening
       Show only listening sockets.  (These are omitted by default.)

       只显示监听套接字。(这些默认省略。)

   -a, --all
       Show both listening and non-listening sockets.  With the --interfaces option, show interfaces that are not up

       同时显示侦听和非侦听套接字。使用 --interfaces 选项,显示未启动的接口。

   -F
       Print routing information from the FIB.  (This is the default.)

       从FIB中打印路由信息。(这是默认值。)

   -C
       Print routing information from the route cache.

       从路由缓存打印路由信息。

OUTPUT
   Active Internet connections (TCP, UDP, UDPLite, raw) 活跃的互联网连接(TCP, UDP, UDPLite,raw)
   Proto
       The protocol (tcp, udp, udpl, raw) used by the socket.

       套接字使用的协议(tcp, udp, udpl, raw)。

   Recv-Q
       Established: The count of bytes not copied by the user program connected to this socket.  Listening: Since Kernel 2.6.18 this column contains the current syn backlog.

       已建立:连接到此套接字的用户程序未复制的字节数。 侦听:从内核 2.6.18 开始,此列包含当前的 syn 积压工作。

   Send-Q
       Established:  The count of bytes not acknowledged by the remote host.  Listening: Since Kernel 2.6.18 this column contains the maximum size of the syn backlog.

       已建立:远程主机未确认的字节数。 侦听:从内核 2.6.18 开始,此列包含 syn 积压工作的最大大小。

   Local Address
       Address and port number of the local end of the socket.  Unless the  --numeric  (-n)  option  is  specified,  the socket  address  is resolved to its canonical host name (FQDN), and the port number is translated into the corresponding service name.

       套接字本地端的地址和端口号。除非指定了 --numeric (-n) 选项,否则套接字地址将解析为其规范主机名 (FQDN),并将端口号转换为相应的服务名称。

   Foreign Address
       Address and port number of the remote end of the socket.  Analogous to "Local Address".

       套接字的远程端的地址和端口号。 类似于"本地地址"。

   State
       The state of the socket. Since there are no states in raw mode and usually no states used  in  UDP  and  UDPLite,this column may be left blank. Normally this can be one of several values:

       套接字的状态。由于原始模式下没有状态,并且通常没有在UDP和UDPLite中使用的状态,因此此列可能留空。通常,这可以是以下几个值之一:

       ESTABLISHED
              The socket has an established connection.

              套接字已建立连接。

       SYN_SENT
              The socket is actively attempting to establish a connection.

              套接字正在主动尝试建立连接。

       SYN_RECV
              A connection request has been received from the network.

              已从网络收到连接请求。

       FIN_WAIT1
              The socket is closed, and the connection is shutting down.

              套接字已关闭,并且连接正在关闭。

       FIN_WAIT2
              Connection is closed, and the socket is waiting for a shutdown from the remote end.

              连接已关闭,并且套接字正在等待从远程端关闭。

       TIME_WAIT
              The socket is waiting after close to handle packets still in the network.

              套接字在关闭后正在等待处理仍在网络中的数据包。

       CLOSE  The socket is not being used. 未使用套接字。

       CLOSE_WAIT
              The remote end has shut down, waiting for the socket to close.

              远程端已关闭,等待套接字关闭。

       LAST_ACK
              The remote end has shut down, and the socket is closed. Waiting for acknowledgement.

              远程端已关闭,套接字已关闭。正在等待确认。

       LISTEN 
            The  socket is listening for incoming connections.  Such sockets are not included in the output unless you specify the --listening (-l) or --all (-a) option.

            套接字正在侦听传入连接。 除非指定 --listening(-l) 或 --all(-a) 选项,否则此类套接字不包括在输出中。

       CLOSING
              Both sockets are shut down but we still don't have all our data sent.

              两个套接字都已关闭,但我们仍然没有发送所有数据。

       UNKNOWN
              The state of the socket is unknown.

              套接字的状态未知。

   User
       The username or the user id (UID) of the owner of the socket.

       套接字所有者的用户名或用户 ID (UID)。

   PID/Program name
       Slash-separated pair of the process id (PID) and process name of the process that  owns  the  socket.   --program causes  this  column  to be included.  You will also need superuser privileges to see this information on sockets you don't own.  This identification information is not yet available for IPX sockets.

       拥有套接字的进程的进程 ID (PID) 和进程名称的斜杠分隔对。--program使此列被包括在内。您还需要超级用户权限才能在不属于您的套接字上查看此信息。此标识信息尚不可用于 IPX 套接字。

   Timer
       (this needs to be written)

   Active UNIX domain Sockets 活动 UNIX 域套接字
   Proto
       The protocol (usually unix) used by the socket.

       套接字使用的协议(通常是 unix)。

   RefCnt
       The reference count (i.e. attached processes via this socket).

       引用计数(即通过这个套接字连接的进程)。

   Flags
       The flags displayed is SO_ACCEPTON (displayed as ACC), SO_WAITDATA (W) or SO_NOSPACE (N).  SO_ACCECPTON  is  used on  unconnected  sockets  if their corresponding processes are waiting for a connect request. The other flags are not of normal interest.

       显示的标志为SO_ACCEPTON(显示为 ACC)、SO_WAITDATA (W) 或 SO_NOSPACE (N)。如果未连接的套接字的相应进程正在等待连接请求,则在未连接的套接字上使用SO_ACCECPTON。其他标志不是正常的兴趣。

   Type
       There are several types of socket access:

       有几种类型的套接字访问:

       SOCK_DGRAM
              The socket is used in Datagram (connectionless) mode.

              套接字在数据报(无连接)模式下使用。

       SOCK_STREAM
              This is a stream (connection) socket.

              这是一个流(连接)套接字。

       SOCK_RAW
              The socket is used as a raw socket.

              套接字用作raw套接字。

       SOCK_RDM
              This one serves reliably-delivered messages.

              这个提供可靠传递的消息。

       SOCK_SEQPACKET
              This is a sequential packet socket.

              这是一个顺序数据包套接字。

       SOCK_PACKET
              Raw interface access socket.

              Raw 接口访问套接字。

       UNKNOWN
              Who ever knows what the future will bring us - just fill in here :-)

   State
       This field will contain one of the following Keywords:

       此字段将包含以下关键字之一:

       FREE   The socket is not allocated 未分配套接字

       LISTENING
              The socket is listening for a connection request.  Such sockets are only included in  the  output  if  you specify the --listening (-l) or --all (-a) option.

              套接字正在侦听连接请求。仅当指定 --listening (-l) 或 --all (-a) 选项时,此类套接字才会包含在输出中。

       CONNECTING
              The socket is about to establish a connection.

              套接字即将建立连接。

       CONNECTED
              The socket is connected.

              套接字已连接

       DISCONNECTING
              The socket is disconnecting.

              套接字未连接。

       (empty)
              The socket is not connected to another one.

              套接字未连接其他套接字。

       UNKNOWN
              This state should never happen.

              这种状态永远不应该发生。

   PID/Program name
       Process  ID (PID) and process name of the process that has the socket open.  More info available in Active Internet connections section written above.

       已打开套接字的进程的进程 ID (PID) 和进程名称。有关详细信息,请参阅上面的"活动互联网连接"部分。

   Path
       This is the path name as which the corresponding processes attached to the socket.

       这是连接到套接字的相应进程的路径名。

   Active IPX sockets
       (this needs to be done by somebody who knows it)

   Active NET/ROM sockets
       (this needs to be done by somebody who knows it)

   Active AX.25 sockets
       (this needs to be done by somebody who knows it)

FILES
       /etc/services -- The services translation file 服务翻译文件

       /proc -- Mount point for the proc filesystem, which gives access to kernel status information via  the  following files.

       proc 文件系统的挂载点,它允许通过以下文件访问内核状态信息。

       /proc/net/dev -- device information 设备信息

       /proc/net/raw -- raw socket information raw 套接字信息

       /proc/net/tcp -- TCP socket information TCP 套接字信息

       /proc/net/udp -- UDP socket information UDP 套接字信息

       /proc/net/udplite -- UDPLite socket information UDPLite 套接字信息

       /proc/net/igmp -- IGMP multicast information IGMP 多播信息

       /proc/net/unix -- Unix domain socket information Unix 域套接字信息

       /proc/net/ipx -- IPX socket information IPX套接字信息

       /proc/net/ax25 -- AX25 socket information AX25套接字信息

       /proc/net/appletalk -- DDP (appletalk) socket information DDP 套接字信息

       /proc/net/nr -- NET/ROM socket information NET/ROM 套接字信息

       /proc/net/route -- IP routing information IP 路由信息

       /proc/net/ax25_route -- AX25 routing information AX25 路由信息

       /proc/net/ipx_route -- IPX routing information IPX 路由信息

       /proc/net/nr_nodes -- NET/ROM nodelist NET/ROM 节点列表

       /proc/net/nr_neigh -- NET/ROM neighbours NET/ROM 邻居

       /proc/net/ip_masquerade -- masqueraded connections

       /sys/kernel/debug/bluetooth/l2cap -- Bluetooth L2CAP information

       /sys/kernel/debug/bluetooth/rfcomm -- Bluetooth serial connections

       /proc/net/snmp -- statistics

SEE ALSO
       route(8), ifconfig(8), iptables(8), proc(5) ss(8) ip(8)

BUGS
       Occasionally strange information may appear if a socket changes as it is viewed. This is unlikely to occur.

AUTHORS
       The netstat user interface was written by Fred Baumgarten <dc6iq@insu1.etec.uni-karlsruhe.de>, the man page basi‐
       cally by Matt Welsh <mdw@tc.cornell.edu>. It was updated by Alan Cox <Alan.Cox@linux.org>, updated again by  Tuan
       Hoang  <tqhoang@bigfoot.com>. The man page and the command included in the net-tools package is totally rewritten
       by Bernd Eckenfels <ecki@linux.de>.  UDPLite options were added by Brian Micek <bmicek@gmail.com>

net-tools                                              2014-10-07                                             NETSTAT(8)

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值