使用到的命令
lsof -p <pid> 查看一个进程中的文件描述符分配情况
netstat -antp |grep <pid>/<port> 查看一个进程的网络连接情况
tcpdump -nn -i eth0 port <port> 监听一个端口的包
首先用socket启动一个服务端端口,不接受客户端
tcp抓包开始,此时没有连接请求:
[root@node01 ~]# tcpdump -nn -i eth0 port 9090
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
端口监听,此时没有客户端接入,只有一个9090端口处于LISTEN状态:
[root@node01 ~]# netstat -antp |grep 9090
tcp 0 0 :::9090 :::* LISTEN 1687/java
进程下的文件描述符分配:
[root@node01 ~]# lsof -p 1687
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 1687 root cwd DIR 8,3 4096 913922 /root
java 1687 root rtd DIR 8,3 4096 2 /
java 1687 root txt REG 8,3 8712 265929 /opt/java/jdk1.8.0_251/bin/java
java 1687 root mem REG 8,3 99174448 393616 /usr/lib/locale/locale-archive
java 1687 root mem REG 8,3 112768 264585 /opt/java/jdk1.8.0_251/jre/lib/amd64/libnet.so
java 1687 root mem REG 8,3 66689423 264592 /opt/java/jdk1.8.0_251/jre/lib/rt.jar
java 1687 root mem REG 8,3 127016 264553 /opt/java/jdk1.8.0_251/jre/lib/amd64/libzip.so
java 1687 root mem REG 8,3 66432 261151 /lib64/libnss_files-2.12.so
java 1687 root mem REG 8,3 231840 264564 /opt/java/jdk1.8.0_251/jre/lib/amd64/libjava.so
java 1687 root mem REG 8,3 66112 264565 /opt/java/jdk1.8.0_251/jre/lib/amd64/libverify.so
java 1687 root mem REG 8,3 44472 261163 /lib64/librt-2.12.so
java 1687 root mem REG 8,3 596864 261143 /lib64/libm-2.12.so
java 1687 root mem REG 8,3 17080312 264531 /opt/java/jdk1.8.0_251/jre/lib/amd64/server/libjvm.so
java 1687 root mem REG 8,3 1924768 261135 /lib64/libc-2.12.so
java 1687 root mem REG 8,3 20024 261141 /lib64/libdl-2.12.so
java 1687 root mem REG 8,3 109384 265358 /opt/java/jdk1.8.0_251/lib/amd64/jli/libjli.so
java 1687 root mem REG 8,3 143280 261159 /lib64/libpthread-2.12.so
java 1687 root mem REG 8,3 159312 261124 /lib64/ld-2.12.so
java 1687 root mem REG 8,3 32768 402876 /tmp/hsperfdata_root/1687
java 1687 root 0u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 1u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 2u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 3r REG 8,3 66689423 264592 /opt/java/jdk1.8.0_251/jre/lib/rt.jar
java 1687 root 4u unix 0xffff880037c373c0 0t0 38608 socket
java 1687 root 5u IPv6 38610 0t0 TCP *:websm (LISTEN)
启动一个客户端,但server端未接受
抓包内容,此时客户端与服务端进行了3次握手,建立连接:
[root@node01 ~]# tcpdump -nn -i eth0 port 9090
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:19:57.775274 IP 192.168.25.1.65361 > 192.168.25.66.9090: Flags [S], seq 1381983536, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
00:19:57.775459 IP 192.168.25.66.9090 > 192.168.25.1.65361: Flags [S.], seq 3466232271, ack 1381983537, win 1460, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0
00:19:57.776236 IP 192.168.25.1.65361 > 192.168.25.66.9090: Flags [.], ack 1, win 2053, length 0
端口监听,此时客户端与服务器建立了连接,但是server端还没有接受,连接处于ESTABLISHED状态,没有分配进程
[root@node01 ~]# netstat -antp |grep 9090
tcp 0 0 :::9090 :::* LISTEN 1687/java
tcp 0 0 ::ffff:192.168.25.66:9090 ::ffff:192.168.25.1:65361 ESTABLISHED -
进程下的文件描述符也没有增加
[root@node01 ~]# lsof -p 1687
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 1687 root cwd DIR 8,3 4096 913922 /root
java 1687 root rtd DIR 8,3 4096 2 /
java 1687 root txt REG 8,3 8712 265929 /opt/java/jdk1.8.0_251/bin/java
java 1687 root mem REG 8,3 99174448 393616 /usr/lib/locale/locale-archive
java 1687 root mem REG 8,3 112768 264585 /opt/java/jdk1.8.0_251/jre/lib/amd64/libnet.so
java 1687 root mem REG 8,3 66689423 264592 /opt/java/jdk1.8.0_251/jre/lib/rt.jar
java 1687 root mem REG 8,3 127016 264553 /opt/java/jdk1.8.0_251/jre/lib/amd64/libzip.so
java 1687 root mem REG 8,3 66432 261151 /lib64/libnss_files-2.12.so
java 1687 root mem REG 8,3 231840 264564 /opt/java/jdk1.8.0_251/jre/lib/amd64/libjava.so
java 1687 root mem REG 8,3 66112 264565 /opt/java/jdk1.8.0_251/jre/lib/amd64/libverify.so
java 1687 root mem REG 8,3 44472 261163 /lib64/librt-2.12.so
java 1687 root mem REG 8,3 596864 261143 /lib64/libm-2.12.so
java 1687 root mem REG 8,3 17080312 264531 /opt/java/jdk1.8.0_251/jre/lib/amd64/server/libjvm.so
java 1687 root mem REG 8,3 1924768 261135 /lib64/libc-2.12.so
java 1687 root mem REG 8,3 20024 261141 /lib64/libdl-2.12.so
java 1687 root mem REG 8,3 109384 265358 /opt/java/jdk1.8.0_251/lib/amd64/jli/libjli.so
java 1687 root mem REG 8,3 143280 261159 /lib64/libpthread-2.12.so
java 1687 root mem REG 8,3 159312 261124 /lib64/ld-2.12.so
java 1687 root mem REG 8,3 32768 402876 /tmp/hsperfdata_root/1687
java 1687 root 0u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 1u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 2u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 3r REG 8,3 66689423 264592 /opt/java/jdk1.8.0_251/jre/lib/rt.jar
java 1687 root 4u unix 0xffff880037c373c0 0t0 38608 socket
java 1687 root 5u IPv6 38610 0t0 TCP *:websm (LISTEN)
server端没有接受,但是客户端可以发送数据,此时数据存在连接的buffer里
客户端发送数据后,抓包,接收到了数据:
[root@node01 ~]# tcpdump -nn -i eth0 port 9090
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:19:57.775274 IP 192.168.25.1.65361 > 192.168.25.66.9090: Flags [S], seq 1381983536, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
00:19:57.775459 IP 192.168.25.66.9090 > 192.168.25.1.65361: Flags [S.], seq 3466232271, ack 1381983537, win 1460, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0
00:19:57.776236 IP 192.168.25.1.65361 > 192.168.25.66.9090: Flags [.], ack 1, win 2053, length 0
00:38:29.939158 IP 192.168.25.1.65361 > 192.168.25.66.9090: Flags [P.], seq 1:7, ack 1, win 2053, length 6
00:38:29.939196 IP 192.168.25.66.9090 > 192.168.25.1.65361: Flags [.], ack 7, win 23, length 0
连接状态还是处于ESTABLISHED,没有分配进程,但是buffer中新增了6个字节。
[root@node01 ~]# netstat -antp |grep 9090
tcp 0 0 :::9090 :::* LISTEN 1687/java
tcp 6 0 ::ffff:192.168.25.66:9090 ::ffff:192.168.25.1:65361 ESTABLISHED -
server端接受客户端
连接状态,连接中的buffer被读取,连接分配了进程。
[root@node01 ~]# netstat -antp |grep 9090
tcp 0 0 :::9090 :::* LISTEN 1687/java
tcp 0 0 ::ffff:192.168.25.66:9090 ::ffff:192.168.25.1:65361 ESTABLISHED 1687/java
进程下新增一个文件描述符6u:
[root@node01 ~]# lsof -p 1687
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 1687 root cwd DIR 8,3 4096 913922 /root
java 1687 root rtd DIR 8,3 4096 2 /
java 1687 root txt REG 8,3 8712 265929 /opt/java/jdk1.8.0_251/bin/java
java 1687 root mem REG 8,3 99174448 393616 /usr/lib/locale/locale-archive
java 1687 root mem REG 8,3 112768 264585 /opt/java/jdk1.8.0_251/jre/lib/amd64/libnet.so
java 1687 root mem REG 8,3 66689423 264592 /opt/java/jdk1.8.0_251/jre/lib/rt.jar
java 1687 root mem REG 8,3 127016 264553 /opt/java/jdk1.8.0_251/jre/lib/amd64/libzip.so
java 1687 root mem REG 8,3 66432 261151 /lib64/libnss_files-2.12.so
java 1687 root mem REG 8,3 231840 264564 /opt/java/jdk1.8.0_251/jre/lib/amd64/libjava.so
java 1687 root mem REG 8,3 66112 264565 /opt/java/jdk1.8.0_251/jre/lib/amd64/libverify.so
java 1687 root mem REG 8,3 44472 261163 /lib64/librt-2.12.so
java 1687 root mem REG 8,3 596864 261143 /lib64/libm-2.12.so
java 1687 root mem REG 8,3 17080312 264531 /opt/java/jdk1.8.0_251/jre/lib/amd64/server/libjvm.so
java 1687 root mem REG 8,3 1924768 261135 /lib64/libc-2.12.so
java 1687 root mem REG 8,3 20024 261141 /lib64/libdl-2.12.so
java 1687 root mem REG 8,3 109384 265358 /opt/java/jdk1.8.0_251/lib/amd64/jli/libjli.so
java 1687 root mem REG 8,3 143280 261159 /lib64/libpthread-2.12.so
java 1687 root mem REG 8,3 159312 261124 /lib64/ld-2.12.so
java 1687 root mem REG 8,3 32768 402876 /tmp/hsperfdata_root/1687
java 1687 root 0u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 1u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 2u CHR 136,1 0t0 4 /dev/pts/1
java 1687 root 3r REG 8,3 66689423 264592 /opt/java/jdk1.8.0_251/jre/lib/rt.jar
java 1687 root 4u unix 0xffff880037c373c0 0t0 38608 socket
java 1687 root 5u IPv6 38610 0t0 TCP *:websm (LISTEN)
java 1687 root 6u IPv6 55986 0t0 TCP 192.168.25.66:websm->192.168.25.1:65361 (ESTABLISHED)