Linux:检查网络连接命令
如何使用命令行选项检查 Linux 下的网络连接?
您需要使用 Linux 下的以下任一工具或命令来检查网络连接,包括其状态、源/目标、地址和带宽使用情况等:
- ss 命令:它转储套接字(网络连接)统计信息,例如所有 TCP / UDP 连接、每个协议的已建立连接(例如,显示所有已建立的 ssh 连接)、显示处于各种状态的所有 tcp 套接字,例如 ESTABLISHED 或 FIN-WAIT-1 等等。
- netstat 命令:它可以显示网络连接、路由表、接口等等。
- tcptrack 和 iftop 命令:分别显示在网络接口上看到的 TCP 连接信息并显示主机在接口上的带宽使用情况。
显示当前已建立、已关闭、孤立和正在等待的 TCP 套接字,输入:
# ss -s
示例输出:
Total: 529 (kernel 726) TCP: 1403 (estab 286, closed 1099, orphaned 1, synrecv 0, timewait 1098/0), ports 774 Transport Total IP IPv6 * 726 - - RAW 0 0 0 UDP 27 13 14 TCP 304 298 6 INET 331 311 20 FRAG 0 0 0
或者您可以使用 netstat 命令,如下所示:
# netstat -s
示例输出:
Ip:
102402748 total packets received
3 with invalid addresses
0 forwarded
0 incoming packets discarded
102192035 incoming packets delivered
95627316 requests sent out
Icmp:
6726 ICMP messages received
167 input ICMP message failed.
ICMP input histogram:
destination unreachable: 2353
timeout in transit: 4
echo requests: 4329
10323 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 5994
echo replies: 4329
IcmpMsg:
InType3: 2353
InType8: 4329
InType11: 4
OutType0: 4329
OutType3: 5994
Tcp:
839222 active connections openings
2148984 passive connection openings
1480 failed connection attempts
1501 connection resets received
281 connections established
101263451 segments received
94668430 segments send out
9820 segments retransmited
0 bad segments received.
1982 resets sent
Udp:
1024635 packets received
18 packets to unknown port received.
0 packet receive errors
1024731 packets sent
TcpExt:
592 invalid SYN cookies received
396 resets received for embryonic SYN_RECV sockets
2 packets pruned from receive queue because of socket buffer overrun
3 ICMP packets dropped because they were out-of-window
2166428 TCP sockets finished time wait in fast timer
2773 time wait sockets recycled by time stamp
11 packets rejects in established connections because of timestamp
1223930 delayed acks sent
298 delayed acks further delayed because of locked socket
Quick ack mode was activated 263 times
16413851 packets directly queued to recvmsg prequeue.
627914668 packets directly received from backlog
1146535624 packets directly received from prequeue
43628505 packets header predicted
10588802 packets header predicted and directly queued to user
8646100 acknowledgments not containing data received
44710342 predicted acknowledgments
5 times recovered from packet loss due to fast retransmit
596 times recovered from packet loss due to SACK data
2 bad SACKs received
Detected reordering 1 times using FACK
Detected reordering 4 times using time stamp
3 congestion windows fully recovered
7 congestion windows partially recovered using Hoe heuristic
TCPDSACKUndo: 44
208 congestion windows recovered after partial ack
2743 TCP data loss events
190 timeouts after SACK recovery
90 timeouts in loss state
2268 fast retransmits
220 forward retransmits
3704 retransmits in slow start
1318 other TCP timeouts
TCPRenoRecoveryFail: 2
98 sack retransmits failed
226 packets collapsed in receive queue due to low socket buffer
267 DSACKs sent for old packets
1 DSACKs sent for out of order packets
272 DSACKs received
34 connections reset due to unexpected data
184 connections reset due to early user close
147 connections aborted due to timeout
IpExt:
InBcastPkts: 10
显示所有开放的网络端口
使用 ss 命令如下:
# ss -l
示例输出:
Recv-Q Send-Q Local Address:Port Peer Address:Port 0 50 127.0.0.1:mysql *:* 0 128 127.0.0.1:11211 *:* 0 128 *:sunrpc *:* 0 128 :::www :::* 0 128 *:55153 *:* 0 3 10.1.11.27:domain *:* 0 3 192.168.1.101:domain *:* 0 3 127.0.0.1:domain *:* 0 3 :::domain :::* 0 128 :::ssh :::* 0 128 *:ssh *:* 0 128 127.0.0.1:ipp *:* 0 128 ::1:ipp :::* 0 128 :::afs3-callback :::* 0 128 *:afs3-callback *:* 0 100 *:smtp *:* 0 128 ::1:953 :::* 0 128 127.0.0.1:953 *:* 0 5 *:8000 *:*
或者使用 netstat 命令如下:
# netstat -tulpn
示例输出:
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1380/mysqld tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1550/memcached tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 936/portmap tcp 0 0 0.0.0.0:55153 0.0.0.0:* LISTEN 1025/rpc.statd tcp 0 0 10.1.11.27:53 0.0.0.0:* LISTEN 1343/named tcp 0 0 192.168.1.101:53 0.0.0.0:* LISTEN 1343/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1343/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 979/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1828/cupsd tcp 0 0 0.0.0.0:7001 0.0.0.0:* LISTEN 10129/transmission tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1694/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1343/named tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 1539/icecast2 tcp6 0 0 :::80 :::* LISTEN 1899/apache2 tcp6 0 0 :::53 :::* LISTEN 1343/named tcp6 0 0 :::22 :::* LISTEN 979/sshd tcp6 0 0 ::1:631 :::* LISTEN 1828/cupsd tcp6 0 0 :::7001 :::* LISTEN 10129/transmission tcp6 0 0 ::1:953 :::* LISTEN 1343/named udp 0 0 239.255.255.250:1900 0.0.0.0:* 11937/opera udp 0 0 239.255.255.250:1900 0.0.0.0:* 11937/opera udp 0 0 0.0.0.0:111 0.0.0.0:* 936/portmap udp 0 0 0.0.0.0:777 0.0.0.0:* 1025/rpc.statd udp 0 0 0.0.0.0:38297 0.0.0.0:* 1025/rpc.statd udp 0 0 192.168.1.101:33843 0.0.0.0:* 11937/opera udp 0 0 10.1.11.27:53 0.0.0.0:* 1343/named udp 0 0 192.168.1.101:53 0.0.0.0:* 1343/named udp 0 0 127.0.0.1:53 0.0.0.0:* 1343/named udp 0 0 0.0.0.0:68 0.0.0.0:* 5840/dhclient udp 0 0 127.0.0.1:11211 0.0.0.0:* 1550/memcached udp 0 0 0.0.0.0:7001 0.0.0.0:* 10129/transmission udp 0 0 10.1.11.27:33372 0.0.0.0:* 11937/opera udp6 0 0 :::53 :::* 1343/named
显示所有 TCP 套接字
键入 ss 命令如下:
# ss -t -a
或者使用 netstat 命令如下:
# netstat -nat
显示所有 UDP 套接字
键入 ss 命令如下:
# ss -u -a
或者使用 netstat 命令如下:
# netstat -nau
lsof 命令
您可以使用以下 lsof 命令列出有关开放端口的更多信息:
# lsof -i :portNumber
# lsof -i tcp:portNumber
# lsof -i udp:portNumber
# lsof -i :80 | grep LISTEN
仅查看已建立的连接
使用netstat命令如下:
# netstat -natu | grep 'ESTABLISHED'
向 tcptrack 问好
tcptrack 命令显示它在给定网络接口上看到的 TCP 连接的状态。tcptrack 监视它们的状态并在排序的更新列表中显示状态、源/目标地址和带宽使用情况等信息,与 top 命令非常相似。
# tcptrack -i eth0
示例输出:
图 01:tcptrack 运行情况
iftop 命令
iftop 命令监听给定网络接口(例如 eth0)上的网络流量,并显示主机对当前带宽使用情况的表格:
# iftop -i eth1
它可以显示或分析进出 192.168.1.0/24 网络的数据包:
# iftop -F 192.168.1.0/24
示例输出:
图 02:iftop 命令运行中
推荐阅读:
请参阅以下文章以了解更多信息: