netstat – show network status
DESCRIPTION:
The netstat command displays the contents of certain network-related data structures in various formats, depend-ing on the options you select.
How to view Established connections only?
# netstat -natu | grep ‘ESTABLISHED’
List All Ports (both listening and non listening ports)
List all ports using netstat –a
# netstat –a | more
In order to get the summary statistics for each protocol you would use:
netstat -s | more
List all tcp ports using netstat –at
# netstat –at
List all udp ports using netstat –au
# netstat –au
List Sockets which are in Listening State
List only listening ports using netstat –l
# netstat –l
List only listening TCP Ports using netstat –lt
# netstat –lt
List only listening UDP Ports using netstat –lu
# netstat –lu
List only the listening UNIX Ports using netstat –lx
# netstat –lx
Show the statistics for each protocol
Show statistics for all ports using netstat –s
# netstat –s
Show statistics for TCP (or) UDP ports using netstat -st (or) –su
# netstat -st
# netstat -su
Display PID and program names in netstat output using netstat -p
netstat -p option can be combined with any other netstat option. This will add the “PID/Program Name” to the netstat output. This is very useful while debugging to identify which program is running on a particular port.
# netstat –pt
Don’t resolve host, port and user name in netstat output
When you don’t want the name of the host, port or user to be displayed, use netstat -n option. This will display in numbers, instead of resolving the host name, port name, user name.
This also speeds up the output, as netstat is not performing any look-up.
# netstat -an
If you don’t want only any one of those three items (ports, or hosts, or users) to be resolved, use following commands.
# netsat -a –numeric-ports
# netsat -a –numeric-hosts
# netsat -a –numeric-users
Display Active Connections with Process ID and Program Name
This could be very helpful to identify which program has initiated a specific network connection.
# netstat -tap
Print netstat information continuously
netstat will print information continuously every few seconds.
# netstat –c
Find the non supportive Address families in your system
# netstat –verbose
Display the kernel routing information using netstat -r
# netstat -r
Note: Use netstat -rn to display routes in numeric format without resolving for host-names.
Display the routing cache
# netstat -rnC
To display all ports open by a process with id PID
# netstat –aop | grep “56356”
Find out on which port a program is running
# netstat -ap | grep ssh
Find out which process is using a particular port:
# netstat -an | grep ‘:56356′
How to find out connection count on a particular port using netstat?
# netstat -ant | grep 56356 | wc –l
# netstat -ant | grep 80 | wc -l
Show the list of network interfaces
# netstat –i
Display extended information on the interfaces (similar to ifconfig) using netstat -ie:
# netstat –ie
How to find the Nature of connections going on my server?
# netstat -ant | awk ‘{print $6}’ | sort | uniq -c | sort -n
How to find the Nature of connections going on my server for a particular port?
# netstat -ant | grep 56356 | awk ‘{print $6}’ | sort | uniq -c | sort –n
No comments:
Post a Comment