netstat详解

一.功能与说明:
1.netstat:用于显示与IP、TCP、UDP和ICMP协议相关的统计数据, 一般用于检验本机各端口的网络连接情况
主要作用是: 查看端口使用情况
2. Recv-Q:socket接收到,却没有被进程取走的数据(字节单位)
Send-Q:socket发送出去,却没有收到远程对方确认的数据(字节单位)

二.参数含义介绍:
1.常用的:
-a (all) 显示所有内容
-t  (tcp) 仅显示tcp相关内容
-u (udp) 仅显示udp相关内容
-n (numeric) 直接显示ip地址以及端口,不解析
-l  (listen) 仅列出 Listen (监听) 的服务
-p (pid) 显示出socket所属的进程PID 以及进程名字
2.不常用的:
-r 显示路由信息,路由表
-e 显示扩展信息,例如uid等
-s 按各个协议进行统计
-c 每隔一个固定时间,执行该netstat命令。

注: 不使用n的情况
1.IP解析:27.0.0.1->localhost 0.0.0.0->*
2.端口解析:80->www22->ssh13->daytime

提示: LISTEN和LISTENING的状态只有用-a或者-l才能看到

三.语句说明:
1.列出所有端口 
     netstat -a
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -a|more  
  2. Active Internet connections (servers and established)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       
  4. tcp        0      0 *:sunrpc                    *:*                         LISTEN       
  5. tcp        0      0 *:webcache                  *:*                         LISTEN       
  6. tcp        0      0 *:http                      *:*                         LISTEN       
  7. tcp        0      0 192.168.122.1:domain        *:*                         LISTEN       
  8. tcp        0      0 localhost.localdomain:d-s-n *:*                         LISTEN       
  9. tcp        0      0 *:ssh                       *:*                         LISTEN       
  10. tcp        0      0 localhost.loc:simplifymedia *:*                         LISTEN  

2.列出所有tcp端口
     netstat -at|more
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -at|more  
  2. Active Internet connections (servers and established)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       
  4. tcp        0      0 *:sunrpc                    *:*                         LISTEN       
  5. tcp        0      0 *:webcache                  *:*                         LISTEN       
  6. tcp        0      0 *:http                      *:*                         LISTEN       
  7. tcp        0      0 192.168.122.1:domain        *:*                         LISTEN       
  8. tcp        0      0 localhost.localdomain:d-s-n *:*                         LISTEN       
  9. tcp        0      0 *:ssh                       *:*                         LISTEN       
  10. tcp        0      0 localhost.loc:simplifymedia *:*                         LISTEN    

3.列出所有udp端口 
     netstat -au
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -au|more  
  2. Active Internet connections (servers and established)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       
  4. udp        0      0 *:ideafarm-panic            *:*                                      
  5. udp        0      0 *:47005                     *:*                                      
  6. udp        0      0 localhost.loca:memcache     *:*                                      
  7. udp        0      0 *:55276                     *:*                                      
  8. udp        0      0 192.168.122.1:domain        *:*                                      
  9. udp        0      0 *:bootps                    *:*                                      
  10. udp        0      0 *:bootpc                    *:*                                      
  11. udp        0      0 *:sunrpc                    *:*                                      
  12. udp        0      0 *:ipp                       *:*                                      
  13. udp        0      0 *:44236                     *:*                                      
  14. udp        0      0 *:722                       *:*         
 
4.只显示监听端口
     netstat -l
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -l  
  2. Active Internet connections (only servers)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       
  4. tcp        0      0 *:sunrpc                    *:*                         LISTEN       
  5. tcp        0      0 *:webcache                  *:*                         LISTEN       
  6. tcp        0      0 *:http                      *:*                         LISTEN       
  7. tcp        0      0 192.168.122.1:domain        *:*                         LISTEN       
  8. tcp        0      0 localhost.localdomain:d-s-n *:*                         LISTEN       
  9. tcp        0      0 *:ssh                       *:*                         LISTEN       
  10. tcp        0      0 localhost.loc:simplifymedia *:*                         LISTEN       
  11. tcp        0      0 localhost.localdomain:ipp   *:*                         LISTEN       
  12. tcp        0      0 *:44343                     *:*                         LISTEN       
  13. tcp        0      0 localhost.localdomain:smtp  *:*                         LISTEN      

5.只显示监听的tcp端口
     netstat -lt
Java代码   收藏代码
  1. [leon@leon-PC]#  
  2. Active Internet connections (only servers)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       
  4. tcp        0      0 *:sunrpc                    *:*                         LISTEN       
  5. tcp        0      0 *:webcache                  *:*                         LISTEN       
  6. tcp        0      0 *:http                      *:*                         LISTEN       
  7. tcp        0      0 192.168.122.1:domain        *:*                         LISTEN       
  8. tcp        0      0 localhost.localdomain:d-s-n *:*                         LISTEN       
  9. tcp        0      0 *:ssh                       *:*                         LISTEN       
  10. tcp        0      0 localhost.loc:simplifymedia *:*                         LISTEN       
  11. tcp        0      0 localhost.localdomain:ipp   *:*                         LISTEN       
  12. tcp        0      0 *:44343                     *:*                         LISTEN       
  13. tcp        0      0 localhost.localdomain:smtp  *:*                         LISTEN       
 
6.只显示所有监听udp端口 
     netstat -lu
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -lu  
  2. Active Internet connections (only servers)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       
  4. udp        0      0 *:ideafarm-panic            *:*                                      
  5. udp        0      0 *:47005                     *:*                                      
  6. udp        0      0 *:47551                     *:*                                      
  7. udp        0      0 localhost.loca:memcache     *:*                                      
  8. udp        0      0 *:55276                     *:*                                      
  9. udp        0      0 192.168.122.1:domain        *:*                                      
  10. udp        0      0 *:bootps                    *:*                                      
  11. udp        0      0 *:bootpc                    *:*                                      
  12. udp        0      0 *:sunrpc                    *:*        

7.只列出所有监听unix端口 
     netstat -lx
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -lx  
  2. Active UNIX domain sockets (only servers)  
  3. Proto RefCnt Flags       Type       State         I-Node Path  
  4. unix  2      [ ACC ]     STREAM     LISTENING     21941  /tmp/.X11-unix/X0  
  5. unix  2      [ ACC ]     STREAM     LISTENING     34096  /tmp/orbit-haozheng/linc-cd2-0-5b33fa1ecf0c9  
  6. unix  2      [ ACC ]     STREAM     LISTENING     22263  @/tmp/gdm-greeter-cBlQsyRF  
  7. unix  2      [ ACC ]     STREAM     LISTENING     32728  /tmp/.ICE-unix/3103  
  8. unix  2      [ ACC ]     STREAM     LISTENING     36866  @/tmp/dbus-AcJrBlWF  
  9. unix  2      [ ACC ]     STREAM     LISTENING     20454  /tmp/mysql.sock  

8.显示所有端口的统计信息 
     netstat -s
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -s  
  2. Ip:  
  3.     1943780 total packets received  
  4.     2 forwarded  
  5.     0 incoming packets discarded  
  6.     1769532 incoming packets delivered  
  7.     1121573 requests sent out  
  8.     132 outgoing packets dropped  
  9.     45867 dropped because of missing route  
  10. Tcp:  
  11.     64002 active connections openings  
  12.     7632 passive connection openings  
  13.     2309 failed connection attempts  
  14.     498 connection resets received  
  15.     8 connections established  
  16.     1018564 segments received  
  17.     1022700 segments send out  
  18.     16835 segments retransmited  
  19.     2 bad segments received.  
  20.     552 resets sent  
  21. Udp:  
  22.     133420 packets received  
  23.     7845 packets to unknown port received.  
  24.     0 packet receive errors  
  25.     74841 packets sent  
  26.     0 receive buffer errors  
  27.     0 send buffer errors  
 
9.显示所有tcp(netstat -st)或udp(netstat -su)的统计信息
     netstat -su
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -su  
  2. IcmpMsg:  
  3.     InType0: 11  
  4.     InType3: 13506  
  5.     OutType3: 13679  
  6.     OutType8: 11  
  7. Udp:  
  8.     133462 packets received  
  9.     7869 packets to unknown port received.  
  10.     0 packet receive errors  
  11.     74888 packets sent  
  12.     0 receive buffer errors  
  13.     0 send buffer errors  
  14. UdpLite:  
  15. IpExt:  
  16.     InNoRoutes: 991  
  17.     InMcastPkts: 24308  
  18.     OutMcastPkts: 2353  
  19.     InBcastPkts: 630615  
  20.     OutBcastPkts: 1546  
  21.     InOctets: 755319900  
  22.     OutOctets: 296705252  
  23.     InMcastOctets: 2908748  
  24.     OutMcastOctets: 93173  
  25.     InBcastOctets: 99500419  
  26.     OutBcastOctets: 299980  
 
10.显示pid/进程名称 netstat -p   (-p可以与其他参数一起使用。比如显示tcp的进程id信息)
     netstat -pt
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -pt  
  2. Active Internet connections (w/o servers)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name    
  4. tcp        0      0 192.168.0.52:44784          123.150.49.20:http          FIN_WAIT2   4207/VirtualBox      
  5. tcp        0      0 192.168.0.52:46715          ie-in-f125.1e100.net:https  ESTABLISHED 4207/VirtualBox      
  6. tcp        0      0 192.168.0.52:43415          geotrust-ocsp-mtv.veri:http FIN_WAIT2   4207/VirtualBox       
 
11.在 netstat 输出中不显示主机,端口和用户名 (host, port or user)当你不想让主机,端口和用户名显示,使用 netstat -n。将会使用数字代替那些名称。同样可以加速输出,因为不用进行比对查询。netstat -ntpl  显示tcp的监听端口 不显示主机端口用户名 用数字代替
     netstat -ptnl
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -ptnl  
  2. Active Internet connections (only servers)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name    
  4. tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      971/rpcbind          
  5. tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN      1526/nginx: master   
  6. tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      1526/nginx: master   
  7. tcp        0      0 192.168.122.1:53            0.0.0.0:*                   LISTEN      1248/dnsmasq         
  8. tcp        0      0 127.0.0.1:8086              0.0.0.0:*                   LISTEN      1553/python          
  9. tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1163/sshd            
  10. tcp        0      0 127.0.0.1:8087              0.0.0.0:*                   LISTEN      1553/python          
  11. tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      1140/cupsd           
  12. tcp        0      0 0.0.0.0:44343               0.0.0.0:*                   LISTEN      1151/rpc.statd       
  13. tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      18573/sendmail: acc  
  14. tcp        0      0 127.0.0.1:3002              0.0.0.0:*                   LISTEN      1004/ruby            
  15. tcp        0      0 0.0.0.0:8000                0.0.0.0:*                   LISTEN      1526/nginx: master    

12.一秒钟输出一次tcp监听端口信息 
     netstat -ntplc
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -ntplc  
  2. Active Internet connections (only servers)  
  3. Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name    
  4. tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      971/rpcbind          
  5. tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN      1526/nginx: master   
  6. tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      1526/nginx: master   
  7. tcp        0      0 192.168.122.1:53            0.0.0.0:*                   LISTEN      1248/dnsmasq         
  8. tcp        0      0 127.0.0.1:8086              0.0.0.0:*                   LISTEN      1553/python          
  9. tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1163/sshd      
 
13.显示路由信息 
     netstat -r
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -r  
  2. Kernel IP routing table  
  3. Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface  
  4. default         vrouter         0.0.0.0         UG        0 0          0 eth0  
  5. 192.168.0.0     *               255.255.255.0   U         0 0          0 eth0  
  6. 192.168.122.0   *               255.255.255.0   U         0 0          0 virb  
 
14.显示网络接口列表 
     netstat -i
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -i  
  2. Kernel Interface table  
  3. Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg  
  4. eth0       1500   0  4943885      0      0      0   901773      0      0      0 BMRU  
  5. lo        16436   0   236931      0      0      0   236931      0      0      0 LRU  
  6. virbr0     1500   0        0      0      0      0        0      0      0      0 BMU  
 
四.常用实例:
1.查看8080端口
    netstat -ap|grep 8080
Java代码   收藏代码
  1. [leon@leon-PC]# netstat -ap|grep 8080  
  2. tcp6       0      0 :::8080                 :::*                    LISTEN      
  3. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54189     TIME_WAIT   
  4. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54194     TIME_WAIT   
  5. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54171     TIME_WAIT   
  6. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54162     TIME_WAIT   
  7. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54186     TIME_WAIT   
  8. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54192     TIME_WAIT   
  9. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54177     TIME_WAIT   
  10. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54195     TIME_WAIT   
  11. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54175     TIME_WAIT   
  12. tcp6       0      0 192.168.1.189:8080      192.168.1.145:54183     TIME_WAIT   
 
2.如果PC有多个网卡,查看绑定了外网网卡IP的进程。
netstat -npl|grep 0.0.0.0   // 0.0.0.0表示绑定每一个网卡,包括外网网卡和内网网卡
netstat -npl|grep 外网_IP
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值