1. Plain old netstat
Without any command-line arguments, "netstat" shows a list of network connections in your system, including TCP, UDP and UNIX socket connections.
If you want to speed up things a bit, use "-n" (numeric) to prevent network lookups and display IP and port numbers instead of names.
2. Seeing all connections with "netstat -a"
Just like the above, but shows all connections, including those in the LISTEN state. Good when you want to see all connections in one shot.
3. What I am listening to? "netstat -l"
Many people type "netstat -a | grep -i LISTEN", but "netstat -l" will do the same: filter the output to show sockets in the LISTEN state only. Very useful to quickly see what is being "served" in your box. You can combine this with "-u" to only show UDP connections or "-p" to restrict the output to TCP connections only.
4. Who's using that socket? "netstat -p"
With "-p", netstat shows what program/pid is using a given socket. Very handy to find out who's listening on a port or holding a connection open. A personal favorite of mine is "netstat -lput", which displays all TCP and UDP sockets in the LISTEN state, plus the name and pid of the program listening on that socket.
5. Details, lots of details: "netstat -e"
If you really want to see what's going on, add the "-e" command-line switch to your netstat command. It will cause "extra" information to be printed, such as the username, process name and pid, and the inode number of each of your sockets.
6. Dial "o" for obscure: "netstat -o"
The "-o" command-line option causes the TCP timers to be displayed next to the connection. If you're not into TCP/IP, the extra information will not make sense. For those who are, you'll be able to see your TCP timers in real-time, and follow the progress of things like the KeepAlive timer, for instance. For a real treat, use "watch netstat -to", sit down and watch the blinkenlights.
7. Interface status with "netstat -i"
Shows the status of your interfaces. Very handy to make sure everything is going smooth on the hardware side of things. Keep an eye on the ERR, DRP and OVR counters, as they can indicate trouble (10/100 mismatch anyone?).
8. Continuous display: "netstat -c"
Makes netstat display output continuously. This command-line option can be used with any other form of netstat. I'd suggest using the "watch" command instead.
9. TCP/IP statistics: "netstat -s"
Shows statistics about your TCP/IP stack. Requires deeper knowledge of the protocols to make some sense of it, but can be used by anyone to impress (scare?) friends, relatives and prospect girlfriends.
10. Routing Table: "netstat -r"
Shows the Routing table
No comments:
Post a Comment