前言
后台开发,netstat命令总是绕不过,不仅工作中经常用过,面试也是考的多。netstat命令,对应的选项比较多,功能比较强大。netstat 常用来查看,后台服务进程的相关状态。
netstat 可以用来打印网络连接、路由表、连接的数据统计。下面我们来学习一下。
打印所有连接
- 使用 -a,列出所有连接。
- [root@VM-16-9-centos ~]# netstat -a
- Active Internet connections (servers and established)
- Proto Recv-Q Send-Q Local Address Foreign Address State
- tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
- tcp 0 0 VM-16-9-centos:49326 169.254.0.55:lsi-bobcat ESTABLISHED
- tcp 0 52 VM-16-9-centos:ssh 119.137.1.7:20029 ESTABLISHED
- tcp 0 0 VM-16-9-centos:ssh 113.110.224.255:63626 ESTABLISHED
- tcp6 0 0 [::]:mysql [::]:* LISTEN
- udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
- udp 0 0 VM-16-9-centos:ntp 0.0.0.0:*
- udp 0 0 VM-16-9-centos:ntp 0.0.0.0:*
- udp 0 0 0.0.0.0:38064 0.0.0.0:*
- udp6 0 0 VM-16-9-centos:ntp [::]:*
- udp6 0 0 VM-16-9-centos:ntp [::]:*
打印 TCP 或 UDP 连接
使用 -t 选项列出 TCP 协议的连接。
- [root@VM-16-9-centos ~]# netstat -t
- Active Internet connections (w/o servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State
- tcp 0 0 VM-16-9-centos:49326 169.254.0.55:lsi-bobcat ESTABLISHED
- tcp 0 52 VM-16-9-centos:ssh 119.137.1.7:20029 ESTABLISHED
- tcp 0 0 VM-16-9-centos:ssh 113.110.224.255:63626 ESTABLISHED
- tcp 0 0 VM-16-9-centos:ssh vps-d395feee.vps.:39128 ESTABLISHED
使用 -u 选项列出 UDP 协议的连接。
- [root@VM-16-9-centos ~]# netstat -u
- Active Internet connections (w/o servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State
禁用反向域名解析
使用 -n 选项禁用域名解析功能,这样可以加快查找速度。
- [root@VM-16-9-centos ~]# netstat -n
- Active Internet connections (w/o servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State
- tcp 0 0 172.17.16.9:49326 169.254.0.55:5574 ESTABLISHED
- tcp 0 52 172.17.16.9:22 119.137.1.7:20029 ESTABLISHED
- tcp 0 0 172.17.16.9:22 113.110.224.255:63626 ESTABLISHED
- tcp 0 0 172.17.16.9:52236 169.254.0.4:80 TIME_WAIT
显示对应的程序识别码和程序名称
使用 -p 选项列出正在监听的套接字。
- [root@VM-16-9-centos ~]# netstat -p
- Active Internet connections (w/o servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
- tcp 0 0 VM-16-9-centos:49326 169.254.0.55:lsi-bobcat ESTABLISHED 1400/YDService
- tcp 0 52 VM-16-9-centos:ssh 119.137.1.7:20029 ESTABLISHED 22131/sshd: root@pt
- tcp 0 0 VM-16-9-centos:ssh host-188-14-121-2:55529 TIME_WAIT -
- tcp 0 0 VM-16-9-centos:ssh 113.110.224.255:63626 ESTABLISHED 32201/sshd: root@pt
打印监听中的连接
使用 -l 选项列出正在监听的套接字。
- [root@VM-16-9-centos ~]# netstat -l
- Active Internet connections (only servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State
- tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
- tcp6 0 0 [::]:mysql [::]:* LISTEN
- udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
停下来,花30秒时间,欣赏一幅美丽的欧式建筑。建筑就像小时候童话里的,看着感觉心情舒畅。接下来接着学。
打印连接进程信息
使用 -p 选项查看进程信息。
- [root@VM-16-9-centos ~]# netstat -p
- Active Internet connections (w/o servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
- tcp 0 0 VM-16-9-centos:49326 169.254.0.55:lsi-bobcat ESTABLISHED 1400/YDService
- tcp 0 0 VM-16-9-centos:48680 169.254.0.55:webcache TIME_WAIT -
- tcp 0 52 VM-16-9-centos:ssh 119.137.1.7:20029 ESTABLISHED 22131/sshd: root@pt
- tcp 0 0 VM-16-9-centos:ssh 113.110.224.255:63626 ESTABLISHED 32201/sshd: root@pt
- tcp 0 0 VM-16-9-centos:ssh host-188-14-121-2:56025 ESTABLISHED 10384/sshd: unknown
打印网络工作信息统计表
使用 -s 选项查看进程信息(只展示部分结果)。
- [root@VM-16-9-centos ~]# netstat -s
- Ip:
- 7502855 total packets received
- 0 forwarded
- 0 incoming packets discarded
- 7502837 incoming packets delivered
- 7624338 requests sent out
- 40 dropped because of missing route
- Icmp:
- 938052 ICMP messages received
- 147 input ICMP message failed.
- ICMP input histogram:
- destination unreachable: 411
- timeout in transit: 8
- redirects: 2
- echo requests: 937623
- echo replies: 7
- timestamp request: 1
- 946258 ICMP messages sent
- 0 ICMP messages failed
- ICMP output histogram:
- destination unreachable: 8634
- echo replies: 937623
- timestamp replies: 1
打印网络接口
使用 -i 选项查看进程信息。
- [root@VM-16-9-centos ~]# netstat -i
- Kernel Interface table
- Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
- eth0 1500 7825094 0 0 0 7712988 0 0 0 BMRU
- lo 65536 10230 0 0 0 10230 0 0 0 LRU
持续输出信息
使用 -c 选项查看进程信息。
- [root@VM-16-9-centos ~]# netstat -c
- Active Internet connections (w/o servers)
- Proto Recv-Q Send-Q Local Address Foreign Address State
- tcp 0 0 VM-16-9-centos:49326 169.254.0.55:lsi-bobcat ESTABLISHED
- tcp 0 52 VM-16-9-centos:ssh 119.137.1.7:20029 ESTABLISHED
- tcp 0 0 VM-16-9-centos:ssh vps-d395feee.vps.:39442 ESTABLISHED
- tcp 0 0 VM-16-9-centos:ssh 113.110.224.255:63626 ESTABLISHED
- tcp 0 0 VM-16-9-centos:52660 169.254.0.4:http TIME_WAIT
- tcp 0 0 VM-16-9-centos:ssh b3d278e1.virtua.c:35113 TIME_WAIT
- tcp 0 0 VM-16-9-centos:ssh 58.230.147.230:56693 TIME_WAIT
- Active UNIX domain sockets (w/o servers)
- Proto RefCnt Flags Type State I-Node Path
- unix 3 [ ] DGRAM 7444 /run/systemd/notify
根据进程pid查端口
利用 grep 命令,通过进程 pid 查出监听端口。
- [root@VM-16-9-centos test]# netstat -nap|grep 12178
- tcp6 0 0 :::8888 :::* LISTEN 12178/gin
根据端口查进程
利用 grep 命令,通过监听端口查出进程 pid 。
- [root@VM-16-9-centos test]# netstat -nap|grep 8888
- tcp6 0 0 :::8888 :::* LISTEN 12178/gin
统计网络socket状态
借助 awk 命令,统计socket状态对应的个数。
- [test]# netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
- ESTABLISHED 5
- TIME_WAIT 2
絮叨
netstat命令不难,但是选项比较多,工作中也常用,务必要掌握。这篇文章可以用作为大家 netstat 参考手册。
希望这篇文章能帮助到大家,下期再会!
