First, connect the unit to see which IP
netstat -an
Second, check the TCP connections
1) count the number of port 80
netstat -nat | grep -i "80" | WC the -l
2) Statistics httpd protocol connections
PS -ef | grep httpd | WC the -l
3), connected on the statistics, the state is " ESTABLISHED
the netstat -Na | grep the ESTABLISHED | -l WC
. 4), is connected up to find which IP address, which was sealed.
the netstat -Na | grep the ESTABLISHED | awk. 5} {Print $ | awk -F: {}. 1 Print $ | Sort | the uniq -C | -R & lt Sort + 0n
the netstat -Na | grep the SYN | awk. 5} {Print $ | awk -F: {}. 1 Print $ | Sort | the uniq -C | -R & lt Sort 0n +
------- -------------------------------------------------- ------------------------------------
Detailed TCP connection state
LISTEN: listening TCP port connection request from the remote
SYN-SENT: send a connection request again after waiting for the connection request matches the
SYN-RECEIVED: receive and send a connection request to the other party waiting for a connection request acknowledgment
ESTABLISHED: represents an open connection
FIN-wAIT-1: waiting for a remote TCP connection interrupt requests, or the previous connection interrupt request acknowledgment
FIN-wAIT-2: from the remote TCP waits for a connection interrupt request
CLOSE-wAIT: waiting to be sent from the local user to interruption of the connection request
CLOSING: waiting for the remote TCP acknowledgment interrupted connections
LAST-ACK: waiting for the original connection sent to the remote TCP interrupt request acknowledgment
tIME-wAIT: waiting for a time sufficient to ensure that the remote TCP receives the connection interrupt request confirm
CLOSED: no connection state
netstat -n | awk '/ ^ tcp / {++ S [$ NF]} END {for (a in S) print a, S [a]}'
return results Example:
LAST_ACK. 5
SYN_RECV 30
the ESTABLISHED 1597
FIN_WAIT1 51 is
the FIN_WAIT2 504
TIME_WAIT 1057
which represents the number of requests processed SYN_RECV is waiting; normal data transmission indicates the ESTABLISHED state; represents the TIME_WAIT processed, the number of requests waiting for the end of the timeout.
Status: Description
the CLOSED: No connection is active or being
the LISTEN: waiting for an incoming call server
SYN_RECV: a connection request has been reached, waiting for confirmation
the SYN_SENT: application has started, a connection opens
the ESTABLISHED: normal data transmission state
FIN_WAIT1: Application of it It has been completed
FIN_WAIT2: the other side has agreed to release
ITMED_WAIT: wait for all groups died
CLOSING: both sides at the same time try to shut down
TIME_WAIT: the other side has been initialized a release
LAST_ACK: wait for all the packets to die
The large found TIME_WAIT state system is connected, is solved by adjusting kernel parameters,
Vim /etc/sysctl.conf
edit the file, add the following:
net.ipv4.tcp_syncookies. 1 =
net.ipv4.tcp_tw_reuse. 1 =
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30
and then execute / sbin / sysctl -p let take effect.
net.ipv4.tcp_syncookies = 1 indicates turning SYN cookies. When the SYN queue overflow occurs, is enabled to process cookies, a small amount can prevent SYN attacks, defaults to zero disables;
net.ipv4.tcp_tw_reuse =. 1 indicate on reuse. TIME-WAIT sockets allow re-used for new TCP connection, the default is zero disables;
net.ipv4.tcp_tw_recycle = TCP connection open. 1 represents a rapid recovery of TIME-WAIT sockets, the default is 0, it off.
net.ipv4.tcp_fin_timeout modify the system default TIMEOUT time
Meaning attached below TIME_WAIT state:
client and server to establish TCP / IP connection after closing SOCKET, server port connecting
state TIME_WAIT
is not all active close the socket will enter TIME_WAIT state?
Is there any case the initiative to close the socket directly into the CLOSED state?
Initiative to close the party after sending a final ack
will enter TIME_WAIT state remain 2MSL (max segment lifetime) time
this is a TCP / IP essential, that is, to "solve" can not.
That is, TCP / IP designers could have been so designed
mainly for two reasons
1. Preventing a connection package, the re-emergence after getting lost, the impact of new connections
(through 2MSL, the last connection in all of the duplicate packets will disappear)
2. Reliable TCP connection is closed
in the last active close sends a ack (fin), there may be missing, then the passive side will re-send
fin, then take the initiative if the party is in CLOSED state, it will respond rst instead ack. Therefore,
the active side to the TIME_WAIT state, but can not be CLOSED.
TIME_WAIT does not occupy a lot of resources, unless attacked.
Also, if a party send or recv timeout, it will go directly to the CLOSED state