SMALL
리눅스에서 netstat 명령어는 시스템의 네트워크 관련 다양한 상태정보를 관리할 수 있는 명령어 입니다.
사용법 netstat [option] [address_family_option]
- netstat -antp
- 내가 가장 많이 사용하는 옵션
- -a : 모든 소켓 상태 정보
- -n (--numeric) : 도메인 주소를 읽어들이지 않고 숫자로 출력한다. ex)ftp -->21
- -t (--tcp) : TCP 소켓을 출력하라는 옵션, TCP 소켓 중 연결된(ESTABLISHED) 소켓만 출력 됨
- -p (--program) : PID(프로세서 ID) 와 사용중인 프로그램명이 표시된다. (TCP 소켓을 열고 있는 프로세스 확인 유용)
[root@dochi /]# netstat -antp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 2341/smbd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2341/smbd
tcp 0 0 0.0.0.0:56783 0.0.0.0:* LISTEN 1874/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1852/rpcbind
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 2186/vsftpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2150/sshd
tcp 0 0 0.0.0.0:56695 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1929/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2265/master
tcp 0 96 10.10.10.15:22 10.10.11.12:3385 ESTABLISHED 19030/sshd
tcp 0 0 10.10.10.15:22 10.10.11.12:46599 ESTABLISHED 18752/sshd
tcp 0 0 :::445 :::* LISTEN 2341/smbd
tcp 0 0 :::34494 :::* LISTEN -
tcp 0 0 :::139 :::* LISTEN 2341/smbd
tcp 0 0 :::60013 :::* LISTEN 1874/rpc.statd
tcp 0 0 :::111 :::* LISTEN 1852/rpcbind
tcp 0 0 :::80 :::* LISTEN 3910/httpd
tcp 0 0 :::22 :::* LISTEN 2150/sshd
tcp 0 0 :::23 :::* LISTEN 2161/xinetd
tcp 0 0 ::1:631 :::* LISTEN 1929/cupsd
tcp 0 0 ::1:25 :::* LISTEN 2265/master
옵션 하나하나 분석!!!!
- netstat [옵션 없음]
- 모든 연결된(ESTABLISHED) 소켓 상태 정보
[root@dochi /]# netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 96 10.10.10.15:ssh 10.10.11.12:qnxnetman ESTABLISHED
tcp 0 0 10.10.10.15:ssh 10.10.11.12:46599 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 15 [ ] DGRAM 12297 /dev/log
unix 2 [ ] DGRAM 12800 @/org/freedesktop/hal/udev_event
unix 2 [ ] DGRAM 9570 @/org/kernel/udev/udevd
unix 2 [ ] DGRAM 449020
unix 2 [ ] DGRAM 448785
unix 2 [ ] DGRAM 443670
unix 2 [ ] DGRAM 441635
unix 3 [ ] STREAM CONNECTED 16043 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16042
unix 3 [ ] STREAM CONNECTED 16019 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16018
unix 3 [ ] STREAM CONNECTED 16007 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16006
unix 3 [ ] STREAM CONNECTED 15975 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 15974
unix 3 [ ] STREAM CONNECTED 14301 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 14300
unix 2 [ ] DGRAM 13795
unix 2 [ ] DGRAM 13729
- netstat -a
- -a : 모든 소켓 상태 정보
[root@dochi /]# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:microsoft-ds *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:56783 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:56695 *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 10.10.10.15:ssh 10.10.11.12:qnxnetman ESTABLISHED
tcp 0 0 10.10.10.15:ssh 10.10.11.12:46599 ESTABLISHED
Proto RefCnt Flags Type State I-Node Path
unix 15 [ ] DGRAM 12297 /dev/log
unix 2 [ ACC ] STREAM LISTENING 13563 public/cleanup
unix 2 [ ACC ] STREAM LISTENING 13570 private/tlsmgr
/dbus-oXBwtEiBLb
unix 2 [ ACC ] STREAM LISTENING 12706 /var/run/cups/cups.sock
unix 2 [ ] DGRAM 9570 @/org/kernel/udev/udevd
unix 2 [ ACC ] STREAM LISTENING 12642 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12737 /var/run/acpid.socket
unix 2 [ ACC ] 727 /var/run/abrt/abrt.socket
unix 2 [ ACC ] STREAM LISTENING 12775 @/var/run/hald/dbus-XzJpd5E24X
unix 2 [ ] DGRAM 449020
unix 2 [ ] DGRAM 448785
unix 2 [ ] DGRAM 443670
unix 2 [ ] DGRAM 441635
unix 3 [ ] STREAM CONNECTED 16043 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 16042
unix 3 [ ]
unix 3 [ ] STREAM CONNECTED 14301 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 14300
unix 2 [ ] DGRAM 13795
unix 2 [ ] DGRAM 13729
unix 2 [ ] DGRAM 13671
- netstat -t
- -t (--tcp) : TCP 소켓을 출력하라는 옵션, TCP 소켓 중 연결된(ESTABLISHED) 소켓만 출력 됨
netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 96 10.10.10.15:ssh 10.10.11.12:qnxnetman ESTABLISHED
tcp 0 0 10.10.10.15:ssh 10.10.11.12:46599 ESTABLISHED
[root@dochi /]# netstat --tcp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 96 10.10.10.15:ssh 10.10.11.12:qnxnetman ESTABLISHED
tcp 0 0 10.10.10.15:ssh 10.10.11.12:46599 ESTABLISHED
- netstat -n
- -n (--numeric) : 도메인 주소를 읽어들이지 않고 숫자로 출력한다. ex)ftp -->21
netstat -n
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 224 10.10.10.15:22 10.10.11.12:3385 ESTABLISHED
tcp 0 0 10.10.10.15:22 10.10.11.12:46599 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 15 [ ] DGRAM 12297 /dev/log
unix 2 [ ] DGRAM 12800 @/org/freedesktop/hal/udev_event
unix 2 [ ] DGRAM 9570 @/org/kernel/udev/udevd
unix 2 [ ] DGRAM 449020
- netstat -p
- -p (--program) : PID(프로세서 ID) 와 사용중인 프로그램명이 표시된다. (TCP 소켓을 열고 있는 프로세스 확인 유용)
[root@dochi /]# netstat -p
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 96 10.10.10.15:ssh 10.10.11.12:qnxnetman ESTABLISHED 19030/sshd
tcp 0 0 10.10.10.15:ssh 10.10.11.12:46599 ESTABLISHED 18752/sshd
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 15 [ ] DGRAM 12297 1799/rsyslogd /dev/log
unix 2 [ ] DGRAM 12800 1955/hald @/org/freedesktop/hal/udev_event
unix 2 [ ] DGRAM 9570 666/udevd @/org/kernel/udev/udevd
unix 2 [ ] DGRAM 449020 19059/su
unix 2 [ ] DGRAM 448785 19030/sshd
- netstat -rn
- 시스템 라우팅 정보
[root@dochi /]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.10.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth2
0.0.0.0 10.10.10.254 0.0.0.0 UG 0 0 0 eth2
- netstat -s
- 부팅된 이후부터 현재까지 누적된 프로토콜 통계정보
[root@dochi /]# netstat -s
Ip:
913002 total packets received
990 with invalid addresses
0 forwarded
0 incoming packets discarded
912012 incoming packets delivered
588676 requests sent out
Icmp:
3 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
redirects: 3
0 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
IcmpMsg:
InType5: 3
Tcp:
31 active connections openings
110 passive connection openings
0 failed connection attempts
0 connection resets received
2 connections established
615201 segments received
586339 segments send out
125 segments retransmited
0 bad segments received.
3 resets sent
Udp:
69856 packets received
0 packets to unknown port received.
30 packet receive errors
2212 packets sent
UdpLite:
TcpExt:
121 TCP sockets finished time wait in fast timer
31 delayed acks sent
4 packets directly queued to recvmsg prequeue.
16 packets directly received from prequeue
610545 packets header predicted
4 packets header predicted and directly queued to user
1537 acknowledgments not containing data received
548231 predicted acknowledgments
3 congestion windows recovered after partial ack
0 TCP data loss events
20 other TCP timeouts
1 DSACKs received
15 connections aborted due to timeout
TCPSackShiftFallback: 1
IpExt:
InMcastPkts: 2
InBcastPkts: 293527
OutBcastPkts: 1753
InOctets: 447084395
OutOctets: 105192423
InMcastOctets: 72
InBcastOctets: 154944511
OutBcastOctets: 223525LIST
'도치의 IT > 리눅스' 카테고리의 다른 글
| captcha 이미지 안보이는 현상 해결 (0) | 2019.05.30 |
|---|---|
| 리눅스 웹서버 인증서 확인 방법 (0) | 2019.05.28 |
| 솔라리스(SunOS 11) ntp 설정 (서버에서 받아오는 설정) (0) | 2019.05.09 |
| CentOS 에서 백스페이스 입력하면 ^? 가 입력되는 경우 해결 방법 (0) | 2019.05.07 |
| 디렉터리, 파일 용량 확인 (du) (0) | 2019.04.29 |