Linux netstat命令详解和使用例子(显示各种网络相关信息)(4)
代码如下: [root@localhost ~]# netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.120.0 * 255.255.255.0 U 0 0 0 eth0 192.168.0.0 192.168.120.1 255.25
代码如下:
[root@localhost ~]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.120.0 * 255.255.255.0 U 0 0 0 eth0
192.168.0.0 192.168.120.1 255.255.0.0 UG 0 0 0 eth0
10.0.0.0 192.168.120.1 255.0.0.0 UG 0 0 0 eth0
default 192.168.120.240 0.0.0.0 UG 0 0 0 eth0
[root@localhost ~]#
实例12:列出所有 tcp 端口
命令:netstat -at
输出:
代码如下:
[root@localhost ~]# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:smux *:* LISTEN
tcp 0 0 *:svn *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 284 192.168.120.204:ssh 10.2.0.68:62420 ESTABLISHED
[root@localhost ~]#
实例13:统计机器中网络连接各个状态个数
命令:netstat -a | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
输出:
代码如下:
[root@localhost ~]# netstat -a | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
ESTABLISHED 1
LISTEN 3
[root@localhost ~]#
实例14:把状态全都取出来后使用uniq -c统计后再进行排序
命令:netstat -nat |awk '{print $6}'|sort|uniq -c
输出:
代码如下:
[root@andy ~]# netstat -nat |awk '{print $6}'|sort|uniq -c
14 CLOSE_WAIT
1 established)
578 ESTABLISHED
1 Foreign
43 LISTEN
5 TIME_WAIT
[root@andy ~]# netstat -nat |awk '{print $6}'|sort|uniq -c|sort -rn
576 ESTABLISHED
43 LISTEN
14 CLOSE_WAIT
5 TIME_WAIT
1 Foreign
1 established)
[root@andy ~]#
实例15:查看连接某服务端口最多的的IP地址
命令:netstat -nat | grep "192.168.120.20:16067" |awk '{print $5}'|awk -F: '{print $4}'|sort|uniq -c|sort -nr|head -20
输出:
代码如下:
[root@andy ~]# netstat -nat | grep "192.168.120.20:16067" |awk '{print $5}'|awk -F: '{print $4}'|sort|uniq -c|sort -nr|head -20
8 10.2.1.68
7 192.168.119.13
6 192.168.119.201
6 192.168.119.20
6 192.168.119.10
4 10.2.1.199
3 10.2.1.207
2 192.168.120.20
2 192.168.120.15
2 192.168.119.197
2 192.168.119.11
2 10.2.1.206
2 10.2.1.203
2 10.2.1.189
2 10.2.1.173
1 192.168.120.18
1 192.168.119.19
1 10.2.2.227
1 10.2.2.138
1 10.2.1.208
[root@andy ~]#
实例16:找出程序运行的端口
命令:netstat -ap | grep ssh
输出:
代码如下:
[root@andy ~]# netstat -ap | grep ssh
tcp 0 0 *:ssh *:* LISTEN 2570/sshd
tcp 0 0 ::ffff:192.168.120.206:ssh ::ffff:10.2.1.205:54508 ESTABLISHED 13883/14
tcp 0 0 ::ffff:192.168.120.206:ssh ::ffff:10.2.0.68:62886 ESTABLISHED 20900/6
tcp 0 0 ::ffff:192.168.120.206:ssh ::ffff:10.2.2.131:52730 ESTABLISHED 20285/sshd: root@no
unix 2 [ ACC ] STREAM LISTENING 194494461 20900/6 /tmp/ssh-cXIJj20900/agent.20900
unix 3 [ ] STREAM CONNECTED 194307443 20285/sshd: root@no
unix 3 [ ] STREAM CONNECTED 194307441 20285/sshd: root@no
[root@andy ~]#
实例17:在 netstat 输出中显示 PID 和进程名称
命令:netstat -pt
输出:
代码如下:
[root@localhost ~]# netstat -pt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 248 192.168.120.204:ssh 10.2.0.68:62420 ESTABLISHED 15725/0
[root@localhost ~]#
说明:
netstat -p 可以与其它开关一起使用,就可以添加 “PID/进程名称” 到 netstat 输出中,这样 debugging 的时候可以很方便的发现特定端口运行的程序。
实例18:找出运行在指定端口的进程
命令:netstat -anpt | grep ':16064'
精彩图集
精彩文章