Netstat (NETwork STATistics) is a command-line tool that provides information about your network configuration and activity.
To display the routing table:
To display the routing table:
#netstat -rn -r: Kernel routing tables.
-n: Shows numerical addresses instead of trying to determine hosts.
Kernel IP routing table
Destination 192.168.1.0 0.0.0.0 | Gateway 0.0.0.0 192.168.1.1 | Genmask 255.255.255.0 0.0.0.0 | Flags U UG | MSS 0 0 | Window 0 0 | irtt 0 0 | Iface eth1 eth1 |
To display the quick interfaces statistics:
#netstat -i -i: Interface
Kernel Interface table
Iface ath0 eth0 eth1 lo | MTU 1500 1500 1500 16436 | Met 0 0 0 0 | RX-OK 0 0 1156 225 | RX-ERR 250 0 0 0 | RX-DRP 0 0 0 0 | RX-OVR 0 0 0 0 | TX-OK 0 0 568 225 | TX-ERR 0 0 0 0 | TX-DRP 0 0 0 0 | TX-OVR 0 0 0 0 | FLG BMRU BMU BMRU LRU |
To display the extended interfaces statistics:
#netstat -ie-i: Interface
-e: Extended information
Kernel Interface table
eth0 Link encap:Ethernet HWaddr AA:00:11:22:33:44
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:169
eth1 Link encap:Ethernet HWaddr AA:00:11:22:33:44
inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a100:0aa:aa00:a01/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1212 errors:0 dropped:0 overruns:0 frame:0
TX packets:580 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:216479 (211.4 KiB) TX bytes:56987 (55.6 KiB)
Interrupt:201 Memory:dfcff000-dfcfffff
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:238 errors:0 dropped:0 overruns:0 frame:0
TX packets:238 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8688 (8.4 KiB) TX bytes:8688 (8.4 KiB)
Note that "netstat -ie" is equivalent to "ifconfig -a".
To display all the opened network sockets:
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:169
eth1 Link encap:Ethernet HWaddr AA:00:11:22:33:44
inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a100:0aa:aa00:a01/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1212 errors:0 dropped:0 overruns:0 frame:0
TX packets:580 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:216479 (211.4 KiB) TX bytes:56987 (55.6 KiB)
Interrupt:201 Memory:dfcff000-dfcfffff
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:238 errors:0 dropped:0 overruns:0 frame:0
TX packets:238 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8688 (8.4 KiB) TX bytes:8688 (8.4 KiB)
Note that "netstat -ie" is equivalent to "ifconfig -a".
To display all the opened network sockets:
#netstat -uta -u: UDP
-t: TCP
-a: All
Active Internet connections (servers and established)
Proto tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp6 udp | Recv-Q 0 0 0 0 0 0 0 0 0 0 0 | Send-Q 0 0 0 0 0 0 0 0 0 0 0 | Local Address localhost:48898 localhost:39524 localhost:mysql localhost:ipp 192.168.1.101:49041 localhost:39524 192.168.1.101:43706 192.168.1.101:43704 localhost:53920 *:www *:bootpc | Foreign Address *:* *:* *:* *:* lm-in-f104.google.c:www localhost:53920 fk-in-f104.google.c:www fk-in-f104.google.c:www localhost:39524 *:* *:* | State LISTEN LISTEN LISTEN LISTEN CLOSE_WAIT ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED LISTEN |
The listening state sockets are included in the output only if you specify the --listening (-l) or --all (-a) option.
The possible socket states are as follows:
The possible socket states are as follows:
(taken from the "man netstat" page)
| ESTABLISHED | The socket has an established connection. |
| SYN_SENT | The socket is actively attempting to establish a connection. |
| SYN_RECV | A connection request has been received from the network. |
| FIN_WAIT1 | The socket is closed, and the connection is shutting down. |
| FIN_WAIT2 | Connection is closed, and the socket is waiting for a shutdown from the remote end. |
| TIME_WAIT | The socket is waiting after close to handle packets still in the network. |
| CLOSED | The socket is not being used. |
| CLOSE_WAIT | The remote end has shut down, waiting for the socket to close. |
| LAST_ACK | The remote end has shut down, and the socket is closed. Waiting for acknowledgement. |
| LISTEN | The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the --listening (-l) or --all (-a) option. |
| CLOSING | Both sockets are shut down but we still don�t have all our data sent. |
| UNKNOWN | The state of the socket is unknown. |
To display all the opened network sockets (extended informations):
#netstat -aute-a: All
-u: UDP
-t: TCP
-e: Extended
Active Internet connections (servers and established)
Proto tcp tcp tcp tcp tcp tcp tcp tcp6 udp | Recv-Q 0 0 0 0 0 0 0 0 0 | Send-Q 0 0 0 0 0 0 0 0 0 | Local Address localhost:48898 localhost:39524 localhost:mysql localhost:ipp localhost:39524 localhost:53920 192.168.1.101:42745 *:www *:bootpc | Foreign Address *:* *:* *:* *:* localhost:53920 localhost:39524 lm-in-f147.google.c:www *:* *:* | State LISTEN LISTEN LISTEN LISTEN ESTABLISHED ESTABLISHED ESTABLISHED LISTEN | User hplip hplip mysql root hplip hplip po root dhcp | Inode 12383 12321 12635 12447 12324 12389 15781 13141 14513 |
To display all the listening state sockets:
#netstat -lt -t: TCP
-l: Listening state sockets
Active Internet connections (only servers)
Proto tcp tcp tcp tcp tcp6 | Recv-Q 0 0 0 0 0 | Send-Q 0 0 0 0 0 | Local Address localhost:48898 localhost:39524 localhost:mysql localhost:ipp *:www | Foreign Address *:* *:* *:* *:* *:* | State LISTEN LISTEN LISTEN LISTEN LISTEN |
To display the summary statistics for each protocol
#netstat -s -s: Summary statistics for each protocol.
Ip:
604 total packets received
1 with invalid addresses
0 forwarded
0 incoming packets discarded
485 incoming packets delivered
507 requests sent out
Icmp:
0 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
0 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
Tcp:
21 active connections openings
4 passive connection openings
0 failed connection attempts
0 connection resets received
3 connections established
351 segments received
388 segments send out
0 segments retransmited
0 bad segments received.
2 resets sent
Udp:
119 packets received
0 packets to unknown port received.
0 packet receive errors
119 packets sent
TcpExt:
5 TCP sockets finished time wait in fast timer
21 delayed acks sent
Quick ack mode was activated 10 times
31 packets directly queued to recvmsg prequeue.
15765 of bytes directly received from prequeue
105 packet headers predicted
17 packets header predicted and directly queued to user
36 acknowledgments not containing data received
11 predicted acknowledgments
0 TCP data loss events
604 total packets received
1 with invalid addresses
0 forwarded
0 incoming packets discarded
485 incoming packets delivered
507 requests sent out
Icmp:
0 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
0 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
Tcp:
21 active connections openings
4 passive connection openings
0 failed connection attempts
0 connection resets received
3 connections established
351 segments received
388 segments send out
0 segments retransmited
0 bad segments received.
2 resets sent
Udp:
119 packets received
0 packets to unknown port received.
0 packet receive errors
119 packets sent
TcpExt:
5 TCP sockets finished time wait in fast timer
21 delayed acks sent
Quick ack mode was activated 10 times
31 packets directly queued to recvmsg prequeue.
15765 of bytes directly received from prequeue
105 packet headers predicted
17 packets header predicted and directly queued to user
36 acknowledgments not containing data received
11 predicted acknowledgments
0 TCP data loss events
No comments:
Post a Comment