以前會用 netstat – https://benjr.tw/22383 來監控網路連線狀態,這邊介紹另外一隻功能相似,功能更強的 新工具 ss (Socket Statistics).
測試環境為 CentOS 7 x86_64.
# ss [options] [ FILTER ]
直接來看一下 man ss 提供的範例.
Display all TCP sockets.
[root@localhost ~]$ ss -t -a State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:sunrpc *:* LISTEN 0 5 192.168.122.1:domain *:* LISTEN 0 128 *:ssh *:* LISTEN 0 128 127.0.0.1:ipp *:* ESTAB 0 0 172.16.15.132:ssh 172.16.15.1:51647 LISTEN 0 128 :::sunrpc :::* LISTEN 0 128 :::ssh :::* LISTEN 0 128 ::1:ipp :::*
參數:
- -t, –tcp
Display TCP sockets. - -a, –all
Display both listening and non-listening (for TCP this means established connections) sockets.
Display all TCP sockets with process SELinux security contexts.
[root@localhost ~]$ ss -t -a -Z
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:sunrpc *:* users:(("systemd",pid=1,proc_ctx=system_u:system_r:init_t:s0,fd=47))
LISTEN 0 5 192.168.122.1:domain *:* users:(("dnsmasq",pid=1462,proc_ctx=system_u:system_r:dnsmasq_t:s0-s0:c0.c1023,fd=6))
LISTEN 0 128 *:ssh *:* users:(("sshd",pid=1057,proc_ctx=system_u:system_r:sshd_t:s0-s0:c0.c1023,fd=3))
LISTEN 0 128 127.0.0.1:ipp *:* users:(("cupsd",pid=1059,proc_ctx=system_u:system_r:cupsd_t:s0-s0:c0.c1023,fd=12))
ESTAB 0 0 172.16.15.132:ssh 172.16.15.1:51647 users:(("sshd",pid=2617,proc_ctx=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023,fd=3))
LISTEN 0 128 :::sunrpc :::* users:(("systemd",pid=1,proc_ctx=system_u:system_r:init_t:s0,fd=46))
LISTEN 0 128 :::ssh :::* users:(("sshd",pid=1057,proc_ctx=system_u:system_r:sshd_t:s0-s0:c0.c1023,fd=4))
LISTEN 0 128 ::1:ipp :::* users:(("cupsd",pid=1059,proc_ctx=system_u:system_r:cupsd_t:s0-s0:c0.c1023,fd=11))
- -Z, –context
As the -p option but also shows process security context.
Display all UDP sockets.
[root@localhost ~]$ ss -u -a State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 192.168.122.1:domain *:* UNCONN 0 0 *%virbr0:bootps *:* UNCONN 0 0 *:bootpc *:* UNCONN 0 0 *:43723 *:* UNCONN 0 0 *:mdns *:* UNCONN 0 0 127.0.0.1:323 *:* UNCONN 0 0 *:34670 *:* UNCONN 0 0 :::26308 :::* UNCONN 0 0 ::1:323 :::*
- -u, –udp
Display UDP sockets.
Display all established ssh connections.
[root@localhost ~]$ ss -o state established dport = :ssh Netid Recv-Q Send-Q Local Address:Port Peer Address:Port [root@localhost ~]$ ss -o state established sport = :ssh Netid Recv-Q Send-Q Local Address:Port Peer Address:Port tcp 0 0 172.16.15.132:ssh 172.16.15.1:51647 timer:(keepalive,93min,0)
List all the tcp sockets in state FIN-WAIT
[root@localhost ~]$ ss -o state fin-wait-1 sport = :http Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
- -o, –options
Show timer information. - STATE-FILTER
All standard TCP states: established, syn-sent, syn-recv, fin-wait-1, fin-wait-2, time-wait, closed, close-wait, last-ack, listen and closing. - dport – Destination Port
- sport – Source Port
Find all local processes connected to X server.
[root@localhost ~]$ ss -x src /tmp/.X11-unix/* Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
- -x, –unix
Display Unix domain sockets.
沒有解決問題,試試搜尋本站其他內容