Parameters and use of ss command

Others 2021-01-25 05:58:32 views: null

Article Directory

Introduction

ss-another utility to investigate sockets: another utility to investigate sockets

1. Detailed explanation of ss parameters

 Usage: ss [ OPTIONS ]
       ss [ OPTIONS ] [ FILTER ]
   -h, --help           this message      				#显示帮助菜单
   -V, --version        output version information      #输出版本信息
   -n, --numeric        don't resolve service names     #不解析服务名
   -r, --resolve       resolve host names   			#解析主机名
   -a, --all            display all sockets  		    #显示所有的套接字
   -l, --listening      display listening sockets   	#显示监听状态的socket
   -o, --options       show timer information  		    #显示计时器信息
   -e, --extended      show detailed socket information	 #展示详细的socket信息
   -m, --memory        show socket memory usage 		 #展示socket的内存使用
   -p, --processes      show process using socket   	#展示使用socket的进程
   -i, --info           show internal TCP information  	 #展示tcp内部信息
   -s, --summary        show socket usage summary 		#展示socket使用汇总

   -4, --ipv4          display only IP version 4 sockets    #只显示ipv4的sockets
   -6, --ipv6          display only IP version 6 sockets    #只显示ipv6的sockets
   -0, --packet display PACKET sockets  #显示包经过的网络接口
   -t, --tcp            display only TCP sockets    #显示tcp套接字
   -u, --udp            display only UDP sockets    #显示udp套接字
   -d, --dccp           display only DCCP sockets   #显示dccp套接字
   -w, --raw            display only RAW sockets    #显示raw套接字
   -x, --unix           display only Unix domain sockets    #显示unix套接字
   -f, --family=FAMILY display sockets of type FAMILY   	#显示指定类型的套接字

   -A, --query=QUERY, --socket=QUERY    #查看某种类型
       QUERY := {
    
    all|inet|tcp|udp|raw|unix|packet|netlink}[,QUERY]

   -D, --diag=FILE      Dump raw information about TCP sockets to FILE 	 #将关于TCP套接字的原始信息转储到文件中
   -F, --filter=FILE   read filter information from FILE 		#使用此参数指定的过滤规则文件,过滤某种状态的连接
       FILTER := [ state TCP-STATE ] [ EXPRESSION ]

2.ss command usage

2.1 Commonly used ss commands

ss -l 显示本地打开的所有端口
ss -pl 显示每个进程具体打开的socket
ss -t -a 显示所有tcp socket
ss -u -a 显示所有的UDP Socekt
ss -o state established '( dport = :smtp or sport = :smtp )' 显示所有已建立的SMTP连接
ss -o state established '( dport = :http or sport = :http )' 显示所有已建立的HTTP连接
ss -x src /tmp/.X11-unix/* 找出所有连接X服务器的进程
ss -s 列出当前socket详细信息

2.2 Application example of ss command

  • Display brief information about sockets
[root@localhost ~]# ss -s
Total: 122 (kernel 139)
TCP:   4 (estab 2, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 3

Transport Total     IP        IPv6
*         139       -         -        
RAW       0         0         0        
UDP       6         6         0        
TCP       4         4         0        
INET      10        10        0        
FRAG      0         0         0  

'//列出当前已经连接,关闭,等待的tcp连接'
  • List current listening ports
[root@localhost ~]# ss -l
State      Recv-Q Send-Q                                           Local Address:Port                                               Peer Address:Port   
LISTEN     0      128                                                          *:ssh                                                           *:*       
LISTEN     0      100                                                  127.0.0.1:smtp                                                          *:*
  • List listening ports and corresponding processes
[root@localhost ~]# ss -pl
State      Recv-Q Send-Q                                     Local Address:Port                                         Peer Address:Port   
LISTEN     0      128                                                    *:ssh                                                     *:*        users:(("sshd",1821,3))
LISTEN     0      100                                            127.0.0.1:smtp                                                    *:*        users:(("master",1923,12))
  • List all tcp sockets
[root@localhost ~]# ss -at
State      Recv-Q Send-Q                                     Local Address:Port                                         Peer Address:Port   
LISTEN     0      128                                                    *:ssh                                                     *:*       
LISTEN     0      100                                            127.0.0.1:smtp                                                    *:*       
ESTAB      0      196                                         172.16.2.106:ssh                                        124.65.173.246:50809   
ESTAB      0      0                                           172.16.2.106:60382                                     140.205.140.205:http
  • List all udp sockets
[root@localhost ~]# ss -au
State      Recv-Q Send-Q                                     Local Address:Port                                         Peer Address:Port   
UNCONN     0      0                                                      *:bootpc                                                  *:*       
UNCONN     0      0                                                      *:bootpc                                                  *:*       
UNCONN     0      0                                           172.16.2.107:ntp                                                     *:*       
UNCONN     0      0                                           172.16.2.106:ntp                                                     *:*       
UNCONN     0      0                                              127.0.0.1:ntp                                                     *:*       
UNCONN     0      0                                                      *:ntp                                                     *:*
  • List all connections in http connections
ss -o state established '( dport = :http or sport = :http )'
  • List which local process is connected to x server
ss -x src /tmp/.X11-unix/*
  • List http and https connections in FIN-WAIT-1 state
ss -o state fin-wait-1 '( sport = :http or sport = :https )'

2.3 Commonly used state states of ss

1. established
2. syn-sent
3. syn-recv
4. fin-wait-1
5. fin-wait-2
6. time-wait
7. closed
8. close-wait
9. last-ack
10. listen
11. closing
12. all : All of the above states
13. connected : All the states except for listen and closed
14. synchronized : All the connected states except for syn-sent
15. bucket : Show states, which are maintained as minisockets, i.e. time-wait and syn-recv.
16. big : Opposite to bucket state.

2.4 Comparison of ss and netstat

  • When ss is executed, it consumes less resources and time than netstat.
  • The advantage of ss is that it can display more and more detailed information about TCP and connection status, and it is faster and more efficient than netstat. The reasons are as follows:
1)当服务器的socket连接数量变得非常大时,无论是使用netstat命令还是直接cat /proc/net/tcp,执行速度都会很慢。可能你不会有
切身的感受,但当服务器维持的连接达到上万个的时候,使用netstat会浪费大量的时间去等待。
2)而ss快的秘诀在于它利用到了TCP协议栈中tcp_diag。tcp_diag是一个用于分析统计的模块,可以获得Linux内核中第一手的信息,这就
确保了ss的快捷高效。当然,如果你的系统中没有tcp_diag,ss也可以正常运行,只是效率会变得稍慢(但仍然比netstat要快)。

Guess you like

Origin blog.csdn.net/weixin_42449832/article/details/112226496
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com