一、netstat 常用命令详解
通过man netstat可以查看netstat的帮助信息:
netstat 命令:用于显示各种网络相关信息,如网络连接,路由表,接口状态,无效连接,组播成员 等等。
netstat命令是net-tools软件包中的一员
[root@web129 ~]# netstat 选项
选项:
-a: 列出系统中所有网络连接,包括已经连接的网络服务、监听的网络服务和Socket套接字
-t: 列出TCP数据
-u: 列出UDP数据
-l: 列出正在监听的网络服务(不包含已经连接的网路服务)
-n: 用端口显示服务,而不用服务名
-p: 列出该服务的进程ID(PID)
示例一:netstat -tlunp
[root@web129 ~]# netstat -tlunp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0.0.0.0: 0.0.0.0:* LISTEN /sshd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /master
tcp6 ::: :::* LISTEN /httpd
tcp6 ::: :::* LISTEN /sshd
tcp6 ::: :::* LISTEN /master
udp 127.0.0.1: 0.0.0.0:* /chronyd
udp6 ::: :::* /chronyd
[root@web129 ~]#
实例二:使用netstat -an
[root@web129 ~]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0.0.0.0: 0.0.0.0:* LISTEN
tcp 127.0.0.1: 0.0.0.0:* LISTEN
tcp 192.168.19.129: 192.168.19.1: ESTABLISHED
tcp 192.168.19.129: 192.168.19.1: ESTABLISHED
tcp6 ::: :::* LISTEN
tcp6 ::: :::* LISTEN
tcp6 ::: :::* LISTEN
udp 127.0.0.1: 0.0.0.0:*
udp 192.168.19.129: 85.199.214.101: ESTABLISHED
udp 192.168.19.129: 85.199.214.100: ESTABLISHED
udp6 ::: :::*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix [ ACC ] STREAM LISTENING /run/docker/libnetwork/2607d31c4b65ff68cf08c24cc6d5e4687dad654f9ec402872e98f8dcc79f448f.sock
unix [ ACC ] STREAM LISTENING private/rewrite
执行结果,除了上文的参数之外,还有Socket内容:
二、ss命令详解
ss是Socket Statistics的缩写
ss命令可以用来获取socket统计信息,它可以显示和netstat类似的内容。但是ss的优势在于它能够显示更详细的有关网络连接的状态信息,而比netstat更快速、更高效。
ss命令是iproute2软件包中的一员
使用场景一:查看当前服务器的网络连接数
[root@web129 ~]# ss -s
Total: (kernel )
TCP: (estab , closed , orphaned , synrecv , timewait /), ports Transport Total IP IPv6
* - -
RAW
UDP
TCP
INET
FRAG
使用场景2:查看所有打开的网络端口
[root@web129 ~]# ss -l
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN rtnl: *
nl UNCONN rtnl:dockerd/ *
nl UNCONN rtnl:kernel *
nl UNCONN rtnl: *
nl UNCONN tcpdiag:ss/ *
nl UNCONN tcpdiag:kernel *
nl UNCONN xfrm:kernel *
nl UNCONN xfrm:dockerd/ *
nl UNCONN selinux:kernel *
[root@web129 ~]# ss -pl #列出具体的程序名字
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 rtnl:1736442360 *
nl UNCONN 768 0 rtnl:dockerd/853 *
tcp LISTEN 0 128 :::http :::* users:(("httpd",pid=2493,fd=4),("httpd",pid=2492,fd=4),("httpd",pid=2491,fd=4),("httpd",pid=2490,fd=4),("httpd",pid=2489,fd=4),("httpd",pid=852,fd=4))
tcp LISTEN 0 128 :::ssh :::*
使用场景3:查看这台服务器上所有的Socket 连接
[root@web129 ~]# ss -a #列出所有网络连接
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN rtnl: *
nl UNCONN rtnl:dockerd/ *
nl UNCONN rtnl:kernel *
nl UNCONN rtnl: *
[root@web129 ~]# ss -ta #查看TCP socket
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN *:ssh *:*
LISTEN 127.0.0.1:smtp *:*
ESTAB 192.168.19.129:ssh 192.168.19.1:ratio-adp
ESTAB 192.168.19.129:ssh 192.168.19.1:cpq-wbem
LISTEN :::http :::*
LISTEN :::ssh :::*
LISTEN :::smtp :::*
[root@web129 ~]# ss -ua #查看UDP Socket
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 127.0.0.1: *:*
ESTAB 192.168.19.129: 185.134.197.4:ntp
ESTAB 192.168.19.129: 193.228.143.12:ntp
ESTAB 192.168.19.129: 85.199.214.101:ntp
UNCONN ::: :::*
[root@web129 ~]#
[root@web129 ~]# ss -wa #查看RAW socket
State Recv-Q Send-Q Local Address:Port Peer Address:Port
[root@web129 ~]# ss -xa #查看UNIX socket
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_str LISTEN /run/docker/libnetwork/2607d31c4b65ff68cf08c24cc6d5e4687dad654f9ec402872e98f8dcc79f448f.sock *
u_str LISTEN private/rewrite *
u_str LISTEN private/bounce *
u_str LISTEN private/defer *
u_str LISTEN private/trace *
三、netstat和ss之间替换命令
1、命令替换
2、软件包替换
![PIP升级+安装Django命令[WARNING: Retrying (Retry(total=4, connect=None...]](https://www.kunjuke.com/file/css/thumb/9.jpg/280-180.jpg)
