netstat Introduction
Netstat command for displaying various information networks, such as network connection, routing tables, interface (Interface Statistics), masquerade connections, multicast membership (Multicast Memberships) and the like.
Output Meaning
netstat output in two parts:
one is the Active Internet connections, called an active TCP connection, where "Recv-Q" and "Send-Q" refers to a send queue and receive queue. These numbers are generally should be zero. If not, it means the package is in the queue accumulation. This situation can only be seen in very few cases.
Another is the Active UNIX domain sockets, called active Unix domain sockets (socket and the same network, but only for the native communication, the performance can be doubled).
Proto display protocol used by the connection, RefCnt represents the number of connections to the process of the present socket, Types display socket type, State displays the current state of the socket, Path represents a path name to connect to other process uses socket.
Common parameters
-a
(all) to display all the options, not displayed by default LISTEN related
-t
(tcp) displays only relevant option tcp
-u
(udp) shows only relevant options udp
-n
refused to display an alias, to show all converted into digital numbers.
-l
There are only listed service status in Listen (listen) of
-p
The Create Links program name
-r
display routing information, routing table
-e
displays extended information such as uid, etc.
-s
by each protocol statistics
-c
every fixed time, the implementation of the netstat command.
Tip: LISTEN and LISTENING state with only -a or -l to see
Practical command
- List all ports (including listening and not listening)
- List all ports
netstat -a
- List all tcp ports
netstat -at
- List all udp ports
netstat -au
- List all Sockets in the listening state
- Show only listening port
netstat -l
- Only list all listening tcp ports
netstat -lt
- Only list all listening udp port
netstat -lu
- Only list all listening ports UNIX
netstat -lx