Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Linux netstat command to get started     - JavaScript Advanced Programming notes event capture and event bubbling (Programming)

- C ++ overloaded stream insertion operator and the stream extraction operator (Programming)

- Android Service service applications and the phone SMS Listener Listener (Programming)

- Node.js developers must know four JavaScript concepts (Programming)

- After VMware CentOS full VM clone the network card is unavailable Solutions (Linux)

- Install the latest development version of Wine on RedHat and Debian-based systems (Linux)

- Using Python multithreaded mistakes summary (Programming)

- The need to avoid a gap of InnoDB lock (Database)

- Linux system - The understanding cpu load (Linux)

- Unetbootin make use U disk loading Linux system (Linux)

- Installation and deployment of Hadoop 2.7.1 on Ubuntu 14.04 LTS (Server)

- GitLab remote backup of Linux Shell Scripting (Linux)

- Reset CentOS / RHEL root account password 7 (Linux)

- How to install the Linux text editor Atom 0.124.0 (Linux)

- Linux monitoring tools introduced series --smem (Server)

- DELL D630 Wireless LAN Driver Installation CentOS6 (Linux)

- Getting Started with Java NIO (Programming)

- installation process of Matlab 2012a under Ubuntu 14.04 (Linux)

- First start with Kali Linux 2.0 (Linux)

- Installation through the network Debian 7 (Wheezy) (Linux)

 
         
  Linux netstat command to get started
     
  Add Date : 2017-04-13      
         
         
         
  Netstat is a command Linux system administration common, especially during troubleshooting network-related problems when it is called the 'Switzerland ***'. I have always been only a few commonly used options, such as (a, n, p, t, u), and several other options are more familiar with, but netstat displays the connection status

Most also thorough enough understanding, have time today, according to man document hereby deepen understanding about.

netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

SYNOPSIS (Summary)
      netstat [address_family_options (address family options)] [--tcp | -t] [--udp | -u] [--raw | -w] [--listening | -l] [--all | -a] [ --numeric | -n] [--numeric-hosts] [- numeric-ports] [- numeric-ports] [--sym-bolic | -N] [--extend | -e [- extend | -e]] [--timers | -o] [--program | -p] [--verbose | -v] [--continuous | -c] [delay]
      netstat {--route | -r} [address_family_options] [--extend | -e [- extend | -e]] [--verbose | -v] [--numeric | -n] [--numeric-hosts ] [- numeric-ports] [- numeric-ports] [--continu-ous | -c] [delay]
      netstat {--interfaces | -I | -i} [iface] [--all | -a] [--extend | -e] [--verbose | -v] [--program | -p] [- numeric | -n] [--numeric-hosts] [- numeric-ports] [- numeric-ports] [--continu-ous | -c] [delay]
      netstat {--groups | -g} [--numeric | -n] [--numeric-hosts] [- numeric-ports] [- numeric-ports] [--continuous | -c] [delay]
      netstat {--masquerade | -M} [--extend | -e] [--numeric | -n] [--numeric-hosts] [- numeric-ports] [- numeric-ports] [--continuous | -c] [delay]
      netstat {--statistics | -s} [--tcp | -t] [--udp | -u] [--raw | -w] [delay]
      netstat {--version | -V}
      netstat {--help | -h}
      address_family_options:
      [--protocol = {Inet, unix, ipx, ax25, netrom, ddp} [, ...]] [--unix | -x] [--inet | --ip] [--ax25] [- ipx] [--netrom] [--ddp]
NOTE
      This program is obsolete. Replacement for netstat is ss. Replacement for netstat -r is ip route. Replacement for netstat -i is ip -s link. Replacement for netstat -g
is ip maddr.
Note: This procedure has been yes old / obsolete (but still very common). The new version of the system to ss command to replace netstat, in order to replace the ip route netstat -r, to ip maddr to replace netstat -g.

DESCRIPTION (Summary)
      Netstat prints information about the Linux networking subsystem The type of information printed is controlled by the first argument, as follows.:
    netstat Print network subsystem of Linux information, style information output is controlled by the first argument, as follows:
(None)
      By default, netstat displays a list of open sockets. If you do not specify any address families, then the active sockets of all configured address families will be
printed.
    (No parameters) default, netstat displays a list of all the socket systems. If you do not specify any address family, all configured socket address family activities will be displayed.
  --route, -r
      Display the kernel routing tables.
    Displays the kernel routing table
  --groups, -g
      Display multicast group membership information for IPv4 and IPv6.
    Displays the IPv4 and IPv6 multicast group membership information.
  --interfaces = iface, -I = iface, -i
      Display a table of all network interfaces, or the specified iface.
    The table below shows information for all network interfaces, or the specified interface display
  --masquerade, -M
      Display a list of masqueraded connections.
    Cloaked connection
  --statistics, -s
      Display summary statistics for each protocol.
    In accordance with the protocol type displays summary information for each protocol


OPTIONS (option)
  --verbose, -v
      Tell the user what is going on by being verbose. Especially print some useful information about unconfigured address families.
  --numeric, -n Show numerical addresses instead of trying to determine symbolic host, port or user names.
  --numeric-hosts
      shows numerical host addresses but does not affect the resolution of port or user names.
  --numeric-ports
      shows numerical port numbers but does not affect the resolution of host or user names.
  --numeric-users
      shows numerical user IDs but does not affect the resolution of host or port names.
  --protocol = family, -A (protocol family type)
      Specifies the address families (perhaps better described as low level protocols) for which connections are to be shown. Family is a comma ( ',') separated list of address
family keywords like inet, unix, ipx, ax25, netrom, and ddp This has the same effect as using the --inet, --unix (-x), --ipx, --ax25, --netrom, and. - -ddp options.
      The address family inet includes raw, udp and tcp protocol sockets.

  -c, --continuous
      This will cause netstat to print the selected information every second continuously (continuous).
  -e, --extend
      Display additional information. Use this option twice for maximum detail.
    Display more information, display the most information with -ee
  -o, --timers
      Include information related to networking timers.
    Timer display and network-related information
  -p, --program
      Show the PID and name of the program to which each socket belongs.
    Show PID and program name connection belongs
  -l, --listening
      Show only listening sockets. (These are omitted by default.)
    Show only listening sockets (port) The default is to ignore this option
  -a, --all
      Show both listening and non-listening (for TCP this means established connections) sockets. With the --interfaces option, show interfaces that are not marked
  -F
      Print routing information from the FIB. (This is the default.)
  -C
      Print routing information from the route cache.
  -Z --context
      If SELinux enabled print SELinux context.
  -T --notrim
      Stop trimming long addresses.
  delay
      Netstat will cycle printing through statistics every delay seconds

Next is the main event, in-depth understanding of netstat output, here is actually to help us and give us tips of places.

OUTPUT (Output)

Active Internet connections (TCP, UDP, raw)
  Proto
      The protocol (tcp, udp, raw) used by the socket
  Recv-Q
      The count of bytes not copied by the user program connected to this socket.
    The number of bytes is not connected to the socket by a user program to copy
  Send-Q
      The count of bytes not acknowledged by the remote host.
    The number of bytes not yet been confirmed by the remote host
    The above two outputs, it should be understood that I receive and send network queue situation

  Local Address
      Address and port number of the local end of the socket. Unless the --numeric (-n) option is specified, the socket address is resolved to its canonical host name (FQDN),
and the port number is translated into the corresponding service name.

  Foreign Address
      Address and port number of the remote end of the socket. Analogous to "Local Address."

  State (connected state, a total of 12 in the state, the focus here needs and TCP three-way handshake corresponding to each state)
      . The state of the socket Since there are no states in raw mode and usually no states used in UDP, this column may be left blank Normally this can be one of several val-ues.:

      ESTABLISHED
          The socket has an established connection.
      Represents an open connection, the two sides can be or have been in the data exchange. Represents an open connection, data can be transmitted to the user
      SYN_SENT
          The socket is actively attempting to establish a connection.

      After the client calls connect conducted active open by the application. So tcp client sends a SYN request to establish a connection status to SYN_SENT. After sending the connection request to wait for a connection request matches

      SYN_RECV
              A connection request has been received from the network.

      After the server should send an ACK client SYN, while the client to send yourself a SYN. State to SYN_RECV. Upon receipt and sends a connection request to wait for confirmation of the connection request
      FIN_WAIT1
          The socket is closed, and the connection is shutting down.

      Active close (active close) client application calls close, then issued its TCP FIN request to take the initiative to close the connection, then enter the FIN_WAIT1 state waiting for the remote TCP connection interrupt request, the interrupt request or the previous connection confirmation

      FIN_WAIT2
          Connection is closed, and the socket is waiting for a shutdown from the remote end.

      After active close end to the ACK, he entered the FIN-WAIT2. Wait for a connection from a remote TCP interrupt request

      TIME_WAIT
          The socket is waiting after close to handle packets still in the network.
      After active close receives FIN, TCP sends ACK packet, and enter the TIME-WAIT state. Waiting for a sufficient time to ensure that the remote TCP received the acknowledgment of the connection interrupt request
      CLOSED The socket is not being used.
    Passive closed end Upon receipt of ACK packet enters the closed state. End connection. There is no connection state
      CLOSE_WAIT
          The remote end has shut down, waiting for the socket to close.
    Close passive (passive close) after receiving end TCP FIN, ACK is issued in response to the FIN request (which also acts as the reception end of file is passed to the upper application), and enter CLOSE_WAIT. Wait from local users sent disconnection request
      LAST_ACK
          The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
    After a period of passive closed end, receiving the end of file application to call CLOSE will close the connection. This led to it also sends a TCP FIN, waiting for the other side of the ACK. Entered the LAST-ACK. Wait original interrupt request sent to the remote TCP connection confirmation
      LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the --listening (-l) or --all (-a) option.
    First, the server needs to open a socket for listening, the state is LISTEN. Listens from afar TCP port connection request
      CLOSING
          Both sockets are shut down but we still do not have all our data sent.
    Sockets both hosts are down, but not yet fully transmit all data
      UNKNOWN (unknown state)
          The state of the socket is unknown.
  User
      The username or the user id (UID) of the owner of the socket.
    User name or user UID socket belongs
  PID / Program name
      Slash-separated pair of the process id (PID) and process name of the process that owns the socket. --program Causes this column to be included. You will also need superuser privileges to see this information on sockets you do not own. This identification information is not yet available for IPX sockets.

These are the basic usage of netstat and explanation output, daily practice can be more profound understanding of the meaning, in order to apply their knowledge. mutual encouragement!
     
         
         
         
  More:      
 
- Btrfs file system repair techniques (Linux)
- Configuring automatic mail GAMIT under CentOS system (Linux)
- Ubuntu 14.04 installed Nvidia CUDA 7.5 and build Python Theano deep learning development environment (Linux)
- Linux System Getting Started Learning: On Linux how to convert text files to PDF (Linux)
- Linux Mint brightness adjustment --xrandr command learning (Linux)
- 15 things to do after installing Ubuntu 15.04 Desktop (Linux)
- 12 Linux Process Management Commands (Linux)
- To_teach you three strategies to prevent the LAN IP address theft (Linux)
- OpenDJ installed on RHEL6 (Linux)
- [Errno 4] IOError: [Errno ftp error] with yum appears as a workaround (Linux)
- jdbc Oracle database connection string writing pluggable (Database)
- Json data with double backslashes to a single backslash Json data processing (Programming)
- Go performed using iOS and Android programming (Programming)
- Monitor traffic Linux Shell Edition (Programming)
- Android first line of code study notes (Programming)
- Oracle table space create large files (Database)
- Servlet life cycle works (Programming)
- Ubuntu Backup and Recovery (Linux)
- MongoDB Installation under CentOS 6.6 (Database)
- Oracle to read and modify the data block process (Database)
     
           
     
  CopyRight 2002-2020 newfreesoft.com, All Rights Reserved.