這篇文章給大家分享的是有關Linux下怎么用netstat查看網絡狀態、端口狀態的內容。小編覺得挺實用的,因此分享給大家做個參考,一起跟隨小編過來看看吧。
netstat命令是一個監控TCP/IP網絡的非常有用的工具,它可以顯示路由表、實際的網絡連接以及每一個網絡接口設備的
netstat命令的功能是顯示網絡連接、路由表和網絡接口信息,可以讓用戶得知目前都有哪些網絡連接正在運作。
該命令的一般格式為:
netstat [選項]
命令中各選項的含義如下:
-a 顯示所有socket,包括正在監聽的。
-c 每隔1秒就重新顯示一遍,直到用戶中斷它。
-i 顯示所有網絡接口的信息,格式同“ifconfig -e”。
-n 以網絡IP地址代替名稱,顯示出網絡連接情形。
-r 顯示核心路由表,格式同“route -e”。
-t 顯示TCP協議的連接情況。
-u 顯示UDP協議的連接情況。
-v 顯示正在進行的工作。
1. netstat -an | grep LISTEN
0.0.0.0的就是每個IP都有的服務,寫明哪個IP的就是綁定那個IP的服務。
2. netstat -tln
用來查看linux的端口使用情況
3. /etc/init.d/vsftp start
是用來啟動ftp端口~!
4. netstat
查看已經連接的服務端口(ESTABLISHED)
5. netstat -a
查看所有的服務端口(LISTEN,ESTABLISHED)
6. sudo netstat -ap
查看所有的服務端口并顯示對應的服務程序名
7. nmap <掃描類型><掃描參數>
例如:
nmap localhost
nmap -p 1024-65535 localhost
nmap -PT 192.168.1.127-245
當我們使用 netstat -apn 查看網絡連接的時候,會發現很多類似下面的內容:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 52 218.104.81.152:7710 211.100.39.250:29488 ESTABLISHED 6111/1
----
ESTABLISHED The socket has an established connection. SYN_SENT The socket is actively attempting to establish a connection. SYN_RECV A connection request has been received from the network. FIN_WAIT1 The socket is closed, and the connection is shutting down. FIN_WAIT2 Connection is closed, and the socket is waiting for a shutdown from the remote end. TIME_WAIT The socket is waiting after close to handle packets still in the network. CLOSE The socket is not being used. CLOSE_WAIT The remote end has shut down, waiting for the socket to close. LAST_ACK The remote end has shut down, and the socket is closed. Waiting for acknowledgement. LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the --listening (-l) or --all (-a) option. CLOSING Both sockets are shut down but we still don't have all our data sent. UNKNOWN The state of the socket is unknown.
Consider two programs attempting a socket connection (call them a and b). Both set up sockets and transition to the LISTEN state. Then one program (say a) tries to connect to the other (b). asends a request and enters the SYN_SENT state, and b receives the request and enters the SYN_RECV state. When b acknowledges the request, they enter the ESTABLISHED state, and do their business. Now a couple of things can happen:
a wishes to close the connection, and enters FIN_WAIT1. b receives the FIN request, sends an ACK (then a enters FIN_WAIT2), enters CLOSE_WAIT, tells a it is closing down and the enters LAST_ACK. Once a acknowledges this (and enters TIME_WAIT), b enters CLOSE. a waits a bit to see if anythings is left, then enters CLOSE.
a and b have finished their business and decide to close the connection (simultaneous closing). When a is in FIN_WAIT, and instead of receiving an ACK from b, it receives a FIN(as b wishes to close it as well), a enters CLOSING. But there are still some messages to send (the ACK that a is supposed to get for its original FIN), and once this ACK arrives, aenters TIME_WAIT as usual.
顯示這臺服務器開放了7710端口,那么這個端口屬于哪個程序呢?我們可以使用 lsof -i :7710 命令來查詢:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
sshd 1990 root 3u IPv4 4836 TCP *:7710 (LISTEN) 54com.cn
這樣,我們就知道了7710端口是屬于sshd程序的。
感謝各位的閱讀!關于“Linux下怎么用netstat查看網絡狀態、端口狀態”這篇文章就分享到這里了,希望以上內容可以對大家有一定的幫助,讓大家可以學到更多知識,如果覺得文章不錯,可以把它分享出去讓更多的人看到吧!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。