Linux netstat命令大全详解

列出所有 udp 端口 netstat -au

 # netstat -au
 Active Internet connections (servers and established)
 Proto Recv-Q Send-Q Local Address      Foreign Address     State
 udp    0   0 *:bootpc        *:*
 udp    0   0 *:49119         *:*
 udp    0   0 *:mdns         *:*

2. 列出所有处于监听状态的 Sockets

只显示监听端口 netstat -l

# netstat -l
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address      Foreign Address     State
 tcp    0   0 localhost:ipp      *:*           LISTEN
 tcp6    0   0 localhost:ipp      [::]:*         LISTEN
 udp    0   0 *:49119         *:*

只列出所有监听 tcp 端口 netstat -lt

 # netstat -lt
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address      Foreign Address     State
 tcp    0   0 localhost:30037     *:*           LISTEN
 tcp    0   0 *:smtp         *:*           LISTEN
 tcp6    0   0 localhost:ipp      [::]:*         LISTEN

只列出所有监听 udp 端口 netstat -lu

# netstat -lu
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address      Foreign Address     State
 udp    0   0 *:49119         *:*
 udp    0   0 *:mdns         *:*

只列出所有监听 UNIX 端口 netstat -lx

 # netstat -lx
 Active UNIX domain sockets (only servers)
 Proto RefCnt Flags    Type    State     I-Node  Path
 unix 2   [ ACC ]   STREAM   LISTENING   6294   private/maildrop
 unix 2   [ ACC ]   STREAM   LISTENING   6203   public/cleanup
 unix 2   [ ACC ]   STREAM   LISTENING   6302   private/ifmail
 unix 2   [ ACC ]   STREAM   LISTENING   6306   private/bsmtp

3. 显示每个协议的统计信息

显示所有端口的统计信息 netstat -s

 # netstat -s
 Ip:
total packets received
with invalid addresses
forwarded
incoming packets discarded
incoming packets delivered
requests sent out
 Icmp:
ICMP messages received
input ICMP message failed.
 Tcp:
active connections openings
failed connection attempts
connection resets received
 Udp:
packets received
packets to unknown port received.
 .....

显示 TCP 或 UDP 端口的统计信息 netstat -st 或 -su

# netstat -st 
# netstat -su

4. 在 netstat 输出中显示 PID 和进程名称 netstat -p

netstat -p 可以与其它开关一起使用，就可以添加 “PID/进程名称” 到 netstat 输出中，这样 debugging 的时候可以很方便的发现特定端口运行的程序。

# netstat -pt
 Active Internet connections (w/o servers)
 Proto Recv-Q Send-Q Local Address      Foreign Address     State    PID/Program name
 tcp    1   0 ramesh-laptop.loc:47212 192.168.185.75:www    CLOSE_WAIT 2109/firefox
 tcp    0   0 ramesh-laptop.loc:52750 lax:www ESTABLISHED 2109/firefox								 
 2/4   首页 上一页 1 2 3 4 下一页 尾页