linux command

netstat

Linux Command – netstat ใช้ในการแสดงสถานะ network connection ทั้งหมด

 

คำสั่ง

1. แสดงข้อมูลสถานะ network

netstat

$ netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 216 xxx.com:ssh cm-134-196-90-62.:49639 ESTABLISHED
tcp6 0 0 xxx.com:https cm-134-196-90-62.:50393 FIN_WAIT2 
tcp6 0 0 xxx.com:https cm-134-196-90-62.:50389 TIME_WAIT 
tcp6 0 0 localhost:39280 localhost:2181 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 18607 /run/user/1000/systemd/notify
unix 6 [ ] DGRAM 11162 /run/systemd/journal/socket
unix 13 [ ] DGRAM 1618 /run/systemd/journal/dev-log
unix 2 [ ] DGRAM 1620 /run/systemd/journal/syslog

 

2. แสดงข้อมูบ connection ,ip , port ที่มีการใช้งาน

netstat -an

$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 
tcp 0 0 192.168.1.200:53 0.0.0.0:* LISTEN 
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN

 

3. แสดงข้อมูบ routing table

netstat -rn

$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 enp2s0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 enp2s0

 

4. แสดงสถานะข้อมูล internet connection

netstat -natp

$ netstat -natp
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN - 
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN - 
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN - 
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN - 
tcp 0 0 192.168.1.200:53 0.0.0.0:* LISTEN - 

 

โครงสร้างคำสั่ง

 netstat [address_family_options] [--tcp|-t] [--udp|-u] [--raw|-w] [--listening|-l] [--all|-a] [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--symbolic|-N]
 [--extend|-e[--extend|-e]] [--timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c]
 netstat {--route|-r} [address_family_options] [--extend|-e[--extend|-e]] [--verbose|-v] [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--continuous|-c]
 netstat {--interfaces|-i} [--all|-a] [--extend|-e[--extend|-e]] [--verbose|-v] [--program|-p] [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--continuous|-c]
 netstat {--groups|-g} [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--continuous|-c]
 netstat {--masquerade|-M} [--extend|-e] [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--continuous|-c]
 netstat {--statistics|-s} [--tcp|-t] [--udp|-u] [--raw|-w]
 netstat {--version|-V}
 netstat {--help|-h}

 

รายละเอียด

เป็นคำสั่งที่ใช้ในการแสดงสถานะ network connection ทั้งหมด เช่น สถานะ connection, routing table, interface stat

 

Option

 --verbose , -v
 Tell the user what is going on by being verbose. Especially print some useful information about unconfigured address families.

 --wide , -W
 Do not truncate IP addresses by using output as wide as needed. This is optional for now to not break existing scripts.

 --numeric , -n
 Show numerical addresses instead of trying to determine symbolic host, port or user names.

 --numeric-hosts
 shows numerical host addresses but does not affect the resolution of port or user names.

 --numeric-ports
 shows numerical port numbers but does not affect the resolution of host or user names.

 --numeric-users
 shows numerical user IDs but does not affect the resolution of host or port names.

 --protocol=family , -A
 Specifies the address families (perhaps better described as low level protocols) for which connections are to be shown. family is a comma (',') separated list of address family
 keywords like inet, unix, ipx, ax25, netrom, and ddp. This has the same effect as using the --inet, --unix (-x), --ipx, --ax25, --netrom, and --ddp options.

 The address family inet includes raw, udp and tcp protocol sockets.

 -c, --continuous
 This will cause netstat to print the selected information every second continuously.

 -e, --extend
 Display additional information. Use this option twice for maximum detail.

 -o, --timers
 Include information related to networking timers.

 -p, --program
 Show the PID and name of the program to which each socket belongs.

 -l, --listening
 Show only listening sockets. (These are omitted by default.)

 -a, --all
 Show both listening and non-listening sockets. With the --interfaces option, show interfaces that are not up

 -F
 Print routing information from the FIB. (This is the default.)

 -C
 Print routing information from the route cache.

 

กลุ่มคำสั่ง

pingtraceroute, route(8), ifconfig(8), ipchains(8), iptables(8), proc(5)

 

Reference:

คำสั่ง Unix – Linux Command

Linux, Unix

 

Author: Suphakit Annoppornchai

Credit: https://saixiii.com

One Thought to “netstat – Linux Command คำสั่งแสดงสถานะ network connection ทั้งหมด”

Leave a Reply