If an application using STREAM sockets; tcp protocol thread serve them and each such thread, at any point in time during the socket operations, has an state out of a total of 11 defined TCP states, based on the phase of the communication. This includes the beginning (right from the 1st SYN in the 3-way handshake) to the termination of the communication (when you close a socket).
The 'netstat' shows these states of all the TCP threads serving their corresponding sockets.
Please look at RFC#793.
Attaching the text showing TCP state change diagram.
The diagram depicts the states a TCP thread under goes (taken from RFC#793).
Hi
what is the command to see the process name/application name
along with the port number, connection status ...
netstat is not giving process/application name
Is there any way to know which application is holding which port?
Thanks in advance (3 Replies)
Hi..,
Now, I am reading about the netstat command and its implementation. I have doubts in some options and its functionalities,
natstat - M (Which is described as display masqueraded connections), what it means?
What is Forwarding Information Base.?(--fib)
Thanks in advance,... (3 Replies)
For FreeBSD I use this command to determine what ports are listenning
netstat -an | grep LISTEN
is there another way, perhaps another command? (2 Replies)
I can't tell what the output of the netstat command means. Is there anywhere that has this information? I tried the man pages, but they weren't helpful. (3 Replies)
Greetings to all,
Here is a line of output from my netstat command
cbp031.904 wdcprodhome.nfsd 98304 0 49640 0 ESTABLISHED
The only thing i recognize is the unix machine "cbp031" but what is .904 and all the other data telling me?
Thanks in advance. (3 Replies)
Hi,
In my project we use sftp with batch mode (password less) script in parallel for 14 sessions which connects to 2 different servers alternatively i.e. 7 connects to one server say server1 and the other 7 connects to say server 2.
Now the problem is that these 14 sessions are run in... (5 Replies)
Hi,
I want to list the time for how long a secure connections last to my server/blade. i am using netstat command to get the same, but not sure how to get the time for how long connections is being ESTABLISHED.
netstat -na | grep 'ESTABLISHED' | grep :443 |awk '{print $4}' | cut -d: -f1 |... (1 Reply)
Do I have this command correct to show all current connections/sessions my Solaris box has? It does not seem to do anything.
netstat -an | grep EST (6 Replies)
When running netstat -i from the Command Terminal,
It returns with 21 different connections..
The addresses all look like this:
::1
fe80:1::1
10:dd:b1:a5:c4:ba
with Network names like
Linke#2
fe80::8e2d
How can I delve deeper into this to clarify what is going on with my network?... (0 Replies)
Discussion started by: dwfiedler
0 Replies
LEARN ABOUT SUSE
ss
SS(8) System Manager's Manual SS(8)NAME
ss - another utility to investigate sockets
SYNOPSIS
ss [options] [ FILTER ]
DESCRIPTION
ss is used to dump socket statistics. It allows showing information similar to netstat. It can display more TCP and state informations
than other tools.
OPTIONS
These programs follow the usual GNU command line syntax, with long options starting with two dashes (`-'). A summary of options is
included below.
-h, --help
Show summary of options.
-V, --version
Output version information.
-n, --numeric
Do now try to resolve service names.
-r, --resolve
Try to resolve numeric address/ports.
-a, --all
Display all sockets.
-l, --listening
Display listening sockets.
-o, --options
Show timer information.
-e, --extended
Show detailed socket information
-m, --memory
Show socket memory usage.
-p, --processes
Show process using socket.
-i, --info
Show internal TCP information.
-s, --summary
Print summary statistics. This option does not parse socket lists obtaining summary from various sources. It is useful when amount
of sockets is so huge that parsing /proc/net/tcp is painful.
-4, --ipv4
Display only IP version 4 sockets (alias for -f inet).
-6, --ipv6
Display only IP version 6 sockets (alias for -f inet6).
-0, --packet
Display PACKET sockets.
-t, --tcp
Display only TCP sockets.
-u, --udp
Display only UDP sockets.
-d, --dccp
Display only DCCP sockets.
-w, --raw
Display only RAW sockets.
-x, --unix
Display only Unix domain sockets.
-f FAMILY, --family=FAMILY
Display sockets of type FAMILY. Currently the following families are supported: unix, inet, inet6, link, netlink.
-A QUERY, --query=QUERY
List of socket tables to dump, separated by commas. The following identifiers are understood: all, inet, tcp, udp, raw, unix,
packet, netlink, unix_dgram, unix_stream, packet_raw, packet_dgram.
-D FILE
Do not display anything, just dump raw information about TCP sockets to FILE after applying filters. If FILE is - stdout is used.
-F FILE, --filter=FILE
Read filter information from FILE. Each line of FILE is interpreted like single command line option. If FILE is - stdin is used.
FILTER := [ state TCP-STATE ] [ EXPRESSION ]
Please take a look at the official documentation (Debian package iproute-doc) for details regarding filters.
USAGE EXAMPLES
ss -t -a
Display all TCP sockets.
ss -u -a
Display all UDP sockets.
ss -o state established '( dport = :ssh or sport = :ssh )'
Display all established ssh connections.
ss -x src /tmp/.X11-unix/*
Find all local processes connected to X server.
ss -o state fin-wait-1 '( sport = :http or sport = :https )' dst 193.233.7/24
List all the tcp sockets in state FIN-WAIT-1 for our apache to network 193.233.7/24 and look at their timers.
SEE ALSO ip(8), /usr/share/doc/iproute-doc/ss.html (package iproutedoc)
AUTHOR
ss was written by Alexey Kuznetosv, <kuznet@ms2.inr.ac.ru>.
This manual page was written by Michael Prokop <mika@grml.org> for the Debian project (but may be used by others).
SS(8)