本文链接:
一:获取数据
netstat -anp
//命令介绍:
netstat : linux中查看网络状态的命令
-a : 显示所有的连接
-n : 以ip格式显示
-p : 显示连接对应的进程
netstat命令详解请移步:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 458/sshd
tcp 0 52 10.105.254.117:22 124.251.53.238:58615 ESTABLISHED 29936/sshd: root@pt
tcp6 0 0 :::3306 :::* LISTEN 32519/mysqld
tcp6 0 0 :::111 :::* LISTEN 5737/rpcbind
tcp6 0 0 :::22 :::* LISTEN 458/sshd
udp 0 0 0.0.0.0:111 0.0.0.0:* 5737/rpcbind
udp 0 0 0.0.0.0:824 0.0.0.0:* 5737/rpcbind
udp6 0 0 :::111 :::* 5737/rpcbind
udp6 0 0 :::824 :::* 5737/rpcbind
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 130995418 32519/mysqld /var/lib/mysql/mysql.sock
unix 2 [ ACC ] STREAM LISTENING 12137 454/lsmd /var/run/lsm/ipc/simc
unix 2 [ ] DGRAM 6767 1/systemd /run/systemd/notify
unix 2 [ ] DGRAM 6769 1/systemd /run/systemd/cgroups-agent
unix 2 [ ACC ] STREAM LISTENING 6778 1/systemd /run/systemd/journal/stdout
unix 5 [ ] DGRAM 6781 1/systemd /run/systemd/journal/socket
unix 8 [ ] DGRAM 6783 1/systemd /dev/log
unix 2 [ ACC ] STREAM LISTENING 9601 1/systemd /run/lvm/lvmetad.socket
unix 2 [ ] DGRAM 9613 1/systemd /run/systemd/shutdownd
unix 2 [ ACC ] STREAM LISTENING 9615 1/systemd /run/lvm/lvmpolld.socket
unix 2 [ ACC ] STREAM LISTENING 11170 1/systemd /var/run/rpcbind.sock
unix 2 [ ACC ] STREAM LISTENING 12196 454/lsmd /var/run/lsm/ipc/sim
unix 2 [ ACC ] STREAM LISTENING 11173 1/systemd /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 11944 462/acpid /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 9448 1/systemd /run/systemd/private
unix 2 [ ACC ] SEQPACKET LISTENING 9464 1/systemd /run/udev/control
二:结果分析
Active Internet connections 部分:
字段介绍:
相关字段作用:
State:标识tcp连接状态,比如TCP的状态有:(图片来自:)
Active UNIX domain sockets 部分:
字段介绍:
State:套接字当前的状态
PID/Program name :使用该连接的进程id和name
I-Node:unix系统文件系统中每个文件都存在的inode
Path:”This is the path name as which the corresponding processes attached to the socket.“ 即:代表附加到套接字的相应进程的路径名
上一个教程:Linux中hexdump命令用法
下一个教程:Linux--查询文件的第几行到第几行命令