Shulou(Shulou.com)06/01 Report--

This article mainly introduces "what are the practical methods of ss command". In daily operation, I believe that many people have doubts about the practical methods of ss command. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts of "what are the practical methods of ss command?" Next, please follow the editor to study!

The ss command is used to display the socket status. It can display statistics such as PACKET sockets, TCP sockets, UDP sockets, DCCP sockets, RAW sockets, Unix domain sockets, etc. It displays more tcp and state information than other tools. It is a very practical, fast, and effective new tool for tracking IP connections and sockets.

Practical usage of ss $ss-sTotal: 524TCP: 8 (estab 1, closed 0, orphaned 0, timewait 0) Transport Total IP IPv6RAW 2 1 1UDP 7 5 2TCP 8 6 2INET 17 12 5FRAG 0 0

RAW Socket raw socket. Allows you to send and receive IP packets directly without having to meet specific transport protocols for security applications such as namp.

TCP transmission control protocol. It is the main connection protocol in our network connection. UDP user Datagram protocol. Similar to TCP but without error checking. INET contains the above items. (INET4 and INET6 can be viewed separately through some ss commands). FRAG can be understood as fragment.

Obviously, the above output does not directly show the detailed socket connections, and we can see that the top Total line shows a very large total number of socket, but this classification is useful in some cases. If you want to see specific socket activity information, we can use the ss-a command, but to be prepared to view a lot of information, we can first use wc-l to count the number of lines to test a wave:

$ss-a | wc-l555

Are you scared? 555 rows of data! But don't be alarmed, we can look at the specified categories of socket activities.

Ss-ta dump all TCP socketss-ua dump all UDP socketss-wa dump all RAW socketss-xa dump all UNIX socketss-4a dump all IPV4 socketss-6a dump all IPV6 socket

The ss command with no arguments displays all established socket connections. For ease of reading, only one page of information is displayed here, omitting most of the other information:

$ss | moreNetid State Recv-Q Send-Q Local Address:Port Peer Address:Portu_str ESTAB 0 0 * 20863 * 20864u_str ESTAB 0 0 * 32232 * 33018u_str ESTAB 0 0 * 33147 * 3257544ddddyu_str ESTAB 0 0 / run/user/121/bus 32796 * 32795u_str ESTAB 0 0 / run/user/121/bus 32574 * 32573u_str ESTAB 0 0 * 32782 * 32783u_str ESTAB 0 0 / run/systemd/journal/stdout 19091 * 18113u_str ESTAB 0 0 * 769568 * 768429u_str ESTAB 0 0 * 32560 * 32561u_str ESTAB 0 0 @ / tmp/dbus-8xbBdjNe 33155 * 33154u_str ESTAB 0 0 / run/systemd/journal/stdout 32783 * 32782 … Tcp ESTAB 0 64 192.168.0.16:ssh 192.168.0.6:25944tcp ESTAB 0 0 192.168.0.16:ssh 192.168.0.6:5385

To view the newly established TCP connection, use ss-t:

$ss-tState Recv-Q Send-Q Local Address:Port Peer Address:PortESTAB 0 64 192.168.0.16:ssh 192.168.0.6:25944ESTAB 0 0 192.168.0.16:ssh 192.168.0.915 5385

To display only the listening socket, try ss-lt:

$ss-ltState Recv-Q Send-Q Local Address:Port Peer Address:PortLISTEN 0 10 127.0.0.1:submission 0.0.0.0:*LISTEN 0 128 127.0.0.53%lo:domain 0.0.0.0:*LISTEN 0 128 0.0.0.0: Ssh 0.0.0.0:*LISTEN 0 5 127.0.0.1:ipp 0.0.0.0:*LISTEN 0 10 127.0.0.1:smtp 0.0.0.0:*LISTEN 0 128 [::]: ssh [:]: * LISTEN 0 5 [:: 1]: ipp [:]: *

If you want to display the port number instead of the service name, ss-ltn:

$ss-ltnState Recv-Q Send-Q Local Address:Port Peer Address:PortLISTEN 0 10 127.0.0.1 0.0.0.0:*LISTEN 0128 127.0.0.53%lo:53 0.0.0.0:*LISTEN 0 128 0.0.0.0:22 0.0.0.0:*LISTEN 0 5 127.0.0.1:631 0.0.0.0:*LISTEN 0 10 127.0.0.1:25 0.0.0.0:*LISTEN 0 128 [:]: 22 [::]: * LISTEN 0 5 [:: 1]: 631 [::]: *

That's all here. For other details, please refer to the help manual (ss-h). In addition, here are some tips where you can convert the most useful options into aliases to make it easier for you to use. For example:

Alias listen= "ss-lt" $alias socksum= "ss-s" at this point, the study of "what are the practical methods of ss commands" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.