In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly introduces the relevant knowledge of how to use the Linux ss command, the content is detailed and easy to understand, the operation is simple and fast, and has a certain reference value. I believe you will gain something after reading this Linux ss command article. Let's take a look at it.
The ss command in the Linux system is used to get socket statistics, and it displays similar content to netstat, but the ss command is faster enough to display more and more detailed information about TCP and connection status.
Common options 12345678910111213141516171819202122232425262728293031Usage: ss [OPTIONS] ss [OPTIONS] [FILTER]-h,-- help this message-V,-- version output version information-n,-- numeric don't resolve service names-r,-- resolve resolve host names-a,-- all display all sockets-l,-- listening display listening socket-o,-- options show timer information-e,-- extended show detailed socket information-m,-- memory show socket memory usage-p,-- processes show process using socket-I -- info show internal TCP information-s,-- summary show socket usage summary-4,-ipv4 display only IP version 4 sockets-6,-- ipv6 display only IP version 6 sockets-0,-- packet display PACKET sockets-t,-- tcp display only TCP sockets-u,-- udp display only UDP sockets-d,-- dccp display only DCCP sockets-w,-- raw display only RAW sockets-x,-- unix display only Unix domain sockets-f,-- family=FAMILY display sockets of type FAMILY-A,-- query=QUERY -- socket=QUERY QUERY: = {all | inet | tcp | udp | raw | unix | packet | netlink} [, QUERY]-D,-- diag=FILE Dump raw information about TCP sockets to FILE-F,-- filter=FILE read filter information from FILE FILTER: = [state TCP-STATE] [EXPRESSION] ss command Application instance 1: display TCP connection
Command:
Ss-t-a
Output:
[root@localhost] # ss-t-aState Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 127.0.0.1:smux: LISTEN 0 0 *: 3690: LISTEN 0 0 *: ssh: ESTAB 0 0 192.168.120.204:ssh 10.2.0.68 127.0.0.1:smux 49368 [root@localhost] #
Description:
Example 2: display Sockets summary
Command:
Ss-s
Output:
[root@localhost] # ss-sTotal: 34 (kernel 48) TCP: 4 (estab 1, closed 0, orphaned 0, synrecv 0, timewait 0 Unip 0), ports 3
Transport Total IP IPv6* 48-- RAW 0 0 UDP 5 50 0 TCP 4 4 0 INET 9 9 0 FRAG 0 0 0
[root@localhost ~] #
Description:
List current established, closed, orphaned and waiting TCP sockets
Example 3: list all open network connection ports
Command:
Ss-l
Output:
[root@localhost ~] # ss-lRecv-Q Send-Q Local Address:Port Peer Address:Port 0 0 127.0.0.1:smux: 0 0 *: 3690: 00 *: ssh: [root@localhost ~] #
Description:
Example 4: view the socket used by the process
Command:
Ss-pl
Output:
[root@localhost ~] # ss-plRecv-Q Send-Q Local Address:Port Peer Address:Port 0 0 127.0.0.1:smux: users: (("snmpd", 2716 sshd 8)) 0 0 *: 3690: users: (("svnserve", 3590 sshd 3)) 0 0 *: ssh: users: (("sshd", 2735 Magne3)) [root@localhost ~] #
Description:
Example 5: find the open socket / port application
Command:
Ss-lp | grep 3306
Output:
[root@localhost ~] # ss-lp | grep 19350 0 *: 1935: users: (("fmsedge", 29131.18)) 0 0127.0.0.1 ss 19350: users: (("fmsedge", 29132.17)) [root@localhost ~] # ss-lp | grep 33060 0 *: 3306: users: (("mysqld", 2871) [root@localhost ~] #
Description:
Example 6: show all UDP Sockets
Command:
Ss-u-a
Output:
[root@localhost] # ss-u-aState Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 127.0.0.1:syslog: UNCONN 0 0 *: snmp: ESTAB 0 0 192.168.120.203 aState Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 39641 10.58.119.119:domain [root@localhost] #
Description:
Example 7: displays all SMTP connections with a status of established
Command:
Ss-o state established'(dport =: smtp or sport =: smtp)'
Output:
[root@localhost ~] # ss-o state established'(dport =: smtp or sport =: smtp) 'Recv-Q Send-Q Local Address:Port Peer Address:Port [root@localhost ~] #
Description:
Example 8: displays all HTTP connections with a status of Established
Command:
Ss-o state established'(dport =: http or sport =: http)'
Output:
[root@localhost] # ss-o state established'(dport =: http or sport =: http) 'Recv-Q Send-Q Local Address:Port Peer Address:Port 0 075.126.153.214 virtual 2164 192.168.10.42:http [root@localhost] #
Description:
Example 9: enumerates that the source port in the FIN-WAIT-1 state is 80 or 443, and the destination network is 193.233.7and24 all tcp sockets
Command:
Ss-o state fin-wait-1'(sport =: http or sport =: https) 'dst 193.233.7Unip 24
Output:
Description:
Example 10: filter Sockets with TCP status:
Command:
Ss-4 state FILTER-NAME-HERE
Ss-6 state FILTER-NAME-HERE
Output:
[root@localhost] # ss-4 state closing Recv-Q Send-Q Local Address:Port Peer Address:Port 1 11094 75.126.153.214:http 192.168.10.42 state closing Recv-Q Send-Q Local Address:Port Peer Address:Port 4669
Description:
FILTER-NAME-HERE can represent any of the following:
Established
Syn-sent
Syn-recv
Fin-wait-1
Fin-wait-2
Time-wait
Closed
Close-wait
Last-ack
Listen
Closing
All: all the above statu
Connected: all states except listen and closed
Synchronized: all connected states except syn-sent
Bucket: the display status is maintained as minisockets, such as time-wait and syn-recv.
Big: opposite to bucket.
Example 11: match remote address and port number
Command:
Ss dst ADDRESS_PATTERN
Ss dst 192.168.1.5
Ss dst 192.168.119.113:http
Ss dst 192.168.119.113:smtp
Ss dst 192.168.119.113:443
Output:
[root@localhost ~] # ss dst 192.168.119.113State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0192.168.119.103 ESTAB 20229 ESTAB 0 192.168.119.103 ESTAB 0 0192.168.119.113 ESTAB 0192.168.119.103Vera 16014 192.168.119.119.113 ESTAB 1623 ESTAB 0 192.168.119.103mer 16014 192.168.119.119.113136924 ESTAB 0 192.168 .119.103 ESTAB 16050 192.168.119.119.103 ESTAB 0 0192.168.119.103 ESTAB 32930 192.168.119.119.103 ESTAB 0192.168.119.103 ESTAB 019192.168.119.119.119.119.119.119.119.119.119.119.119.119.119.119.119.119.119.119.119.119.119014 192.168.119.11944 [root@localhost ~] # ss dst 192.168.119.113:httpState Recv-Q Send-Q Local Address:Port Peer Address:Port [root@localhost ~] # ss dst .168.119.113: 3844State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0192.168.119.103 3844State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 16014 192.168.119.113 13purl 3844 [root@localhost ~] #
Description:
Example 12: match local address and port number
Command:
Ss src ADDRESS_PATTERN
Ss src 192.168.119.103
Ss src 192.168.119.103:http
Ss src 192.168.119.103:80
Ss src 192.168.119.103:smtp
Ss src 192.168.119.103:25
Output:
[root@localhost ~] # ss src 192.168.119.103:16021State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.119.103 ESTAB 163054 ESTAB 0 192.168.119.103 ESTAB 0 192.168.119.20102894 ESTAB 0 192.168.119.103 Vera 16021 192.168.119.20163055 ESTAB 0 192.168.119.103Vera 16021 192.168.119.201Ron 2274 ESTAB 0 0192 .168.119.103: 16021 192.168.119.201:44784 ESTAB 0 0 192.168.119.103:16021 192.168.119.201:7233 ESTAB 0 0 192.168.119.103:16021 192.168.119.103:58660 ESTAB 0 0 192.168.119.103:16021 192.168.119.201:44822 ESTAB 0 0 192.168.119.103:16021 10.2.1.206:56737 ESTAB 0 0 192.168.119.103:16021 10.2.1.206 : 57487 ESTAB 0 0 192.168.119.103 ESTAB 16021 10.2.1.206 ESTAB 0 192.168.119.103 ESTAB 0 192.168.119.103 ESTAB 0192.168.119.103 ESTAB 0192.168.119.103 ESTAB 0192.168.119.103ESTAB 0192.168.119.103ESTAB 0192.168.119.103ESTAB 0192.16
Description:
Example 13: compare a local or remote port with a number
Command:
Ss dport OP PORT
Ss sport OP PORT
Output:
[root@localhost ~] # ss sport =: http [root@localhost ~] # ss dport =: http [root@localhost ~] # ss dport >: 1024 [root@localhost ~] # ss sport >: 1024 [root@localhost ~] # ss sport: 32000 [root@localhost ~] # ss sport eq: 22 [root@localhost ~] # ss state connected sport =: http [root@localhost ~] # ss (sport =: http or sport =: https) [root @ localhost ~] # ss-o state fin-wait-1 (sport =: http or sport =: https) dst 192.168.1 pick 24
Description:
Ss dport OP PORT remote port is compared to a number; ss sport OP PORT local port is compared to a number.
OP can represent any of the following:
> = or ge: greater than or equal to the port number
= = or eq: equal to port number
! = or ne: not equal to port number
> or lt: greater than the port number
Efficiency comparison between example 14:ss and netstat
Command:
Time netstat-at
Time ss
Output:
[root@localhost ~] # time ss real 0m0.739suser 0m0.019ssys 0m0.013s [root@localhost] # [root@localhost ~] # time netstat-atreal 2m45.907suser 0m0.063ssys 0m0.067s [root@localhost ~] #
This is the end of the article on "how to use the Linux ss command". Thank you for reading! I believe you all have a certain understanding of the knowledge of "how to use Linux ss commands". If you want to learn more, you are welcome to follow the industry information channel.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
