26 de abr de 2010

Using netstat

Using netstat: "
As promised (in my article “How do I find my network information in Linux?“) I am going to introduce you to the netstat command. This command is a very useful tool for discovering networking information such as routing tables, network connections, interface statistics, masquerade connections, and multicast memberships. But it’s not quite as simple to use as some of of the other “discovery” tools (such as ifconfig). With netstat you really do need to know what you’re looking for and how to find it. This article will help you to understand just that.

Fortunately your distribution should come with the netstat command pre-installed. To check this, open up a terminal window (that’s where you will use netstat anyway) and issue the command which netsat. This command should return something like /bin/netstat. That will tell you that the tool is installed and where the executable is.
Because netstat offers such a variety of options, it might be best if I first list some of the more useful options.
a: Shows the state of all sockets and routing table entries.
c: Display information continuously.
d: Show the state of all interfaces that use DHCP.
e: Show extended information.
g: Show the multicast group membership information for both IPv4 and IPv6.
i: Display a table of all network inferfaces.
l: Limit statistics to a defined interface.
M: Show multicast routing tables.
n: Shows network addresses as numbers instead of the default symbols.
p: Show address resolution tables.
P: Limit statistics to a defined protocol.
r: Show all routing tables.
t: Show TCP connections.
u: Show UDP connections.
v: Use verbose mode for output.
So let’s take a look and see how these can be used together.
By itself (no options) this command prints out generic statistics of the host you are currently connected to.
netstat -an
This command will display all connections to the host, including source and destination addresses and ports, and displays them as numbers.
netstat -rn
This command will display the routing table for the host in numeric form.
netstat -r
This command will display your routing table for your host.
netstat -natp
This command will display active TCP connections in numerical form.
netstat -t –listening
This will show you all tcp ports you host is listening on.

Figure 1
netstat –statistics
This command will display various statistics for your host’s interfaces. Note that this command will display a LOT of statistics. A snippet of the output will look like that shown in Figure 1.
As you can see, this command will display quite a bit of information. On top of that you might need to pipe this command through the less command in order to see it more easily. That full command would look like netstat –statistics | less. Using it that way would allow you to use your arrow keys to scroll up and down through the ouput.
Final thoughts
Although not an exhaustive look at the netstat command, this will get you started and using this handy tool. Since there are so many switches and options to use with netstat, in order to cover them all, take a look at the netstat man page (issue the command man netstat) where you can see each and every switch explained.

Nenhum comentário:

Postar um comentário