buyfakett/reference
1
0
Fork 0
mirror of https://github.com/jaywcjlove/reference.git synced 2025-06-17 20:51:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
7031c98ce491be6bdb4432f4059b15e0e1cf7164
reference/docs/netstat.html
jaywcjlove 7031c98ce4 doc: update docs/vue.md #832 a74c7e2092
2024-09-29 10:30:54 +00:00

313 lines
33 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!doctype html>
<html lang="en" data-color-mode="dark">
<head>
<meta charset="utf-8">
<title>Netstat 备忘清单
&#x26; netstat cheatsheet &#x26; Quick Reference</title>
<meta content="width=device-width, initial-scale=1" name="viewport">
<meta description="此快速参考备忘单提供了各种使用 netstat 命令的方法
入门,为开发人员分享快速参考备忘单。">
<meta keywords="netstat,reference,Quick,Reference,cheatsheet,cheat,sheet">
<link rel="icon" href="data:image/svg+xml,%3Csvg%20viewBox%3D%220%200%2024%2024%22%20fill%3D%22none%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20height%3D%221em%22%20width%3D%221em%22%3E%20%3Cpath%20d%3D%22m21.66%2010.44-.98%204.18c-.84%203.61-2.5%205.07-5.62%204.77-.5-.04-1.04-.13-1.62-.27l-1.68-.4c-4.17-.99-5.46-3.05-4.48-7.23l.98-4.19c.2-.85.44-1.59.74-2.2%201.17-2.42%203.16-3.07%206.5-2.28l1.67.39c4.19.98%205.47%203.05%204.49%207.23Z%22%20fill%3D%22%23c9d1d9%22%2F%3E%20%3Cpath%20d%3D%22M15.06%2019.39c-.62.42-1.4.77-2.35%201.08l-1.58.52c-3.97%201.28-6.06.21-7.35-3.76L2.5%2013.28c-1.28-3.97-.22-6.07%203.75-7.35l1.58-.52c.41-.13.8-.24%201.17-.31-.3.61-.54%201.35-.74%202.2l-.98%204.19c-.98%204.18.31%206.24%204.48%207.23l1.68.4c.58.14%201.12.23%201.62.27Zm2.43-8.88c-.06%200-.12-.01-.19-.02l-4.85-1.23a.75.75%200%200%201%20.37-1.45l4.85%201.23a.748.748%200%200%201-.18%201.47Z%22%20fill%3D%22%23228e6c%22%20%2F%3E%20%3Cpath%20d%3D%22M14.56%2013.89c-.06%200-.12-.01-.19-.02l-2.91-.74a.75.75%200%200%201%20.37-1.45l2.91.74c.4.1.64.51.54.91-.08.34-.38.56-.72.56Z%22%20fill%3D%22%23228e6c%22%20%2F%3E%20%3C%2Fsvg%3E" type="image/svg+xml">
<link href="../style/style.css" rel="stylesheet">
<link href="../style/katex.css" rel="stylesheet">
</head>
<body><nav class="header-nav"><div class="max-container"><a href="../index.html" class="logo"><svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" height="1em" width="1em">
<path d="m21.66 10.44-.98 4.18c-.84 3.61-2.5 5.07-5.62 4.77-.5-.04-1.04-.13-1.62-.27l-1.68-.4c-4.17-.99-5.46-3.05-4.48-7.23l.98-4.19c.2-.85.44-1.59.74-2.2 1.17-2.42 3.16-3.07 6.5-2.28l1.67.39c4.19.98 5.47 3.05 4.49 7.23Z" fill="#c9d1d9"></path>
<path d="M15.06 19.39c-.62.42-1.4.77-2.35 1.08l-1.58.52c-3.97 1.28-6.06.21-7.35-3.76L2.5 13.28c-1.28-3.97-.22-6.07 3.75-7.35l1.58-.52c.41-.13.8-.24 1.17-.31-.3.61-.54 1.35-.74 2.2l-.98 4.19c-.98 4.18.31 6.24 4.48 7.23l1.68.4c.58.14 1.12.23 1.62.27Zm2.43-8.88c-.06 0-.12-.01-.19-.02l-4.85-1.23a.75.75 0 0 1 .37-1.45l4.85 1.23a.748.748 0 0 1-.18 1.47Z" fill="#228e6c"></path>
<path d="M14.56 13.89c-.06 0-.12-.01-.19-.02l-2.91-.74a.75.75 0 0 1 .37-1.45l2.91.74c.4.1.64.51.54.91-.08.34-.38.56-.72.56Z" fill="#228e6c"></path>
</svg>
<span class="title">Quick Reference</span></a><div class="menu"><a href="javascript:void(0);" class="searchbtn" id="searchbtn"><svg xmlns="http://www.w3.org/2000/svg" height="1em" width="1em" viewBox="0 0 18 18">
<path fill="currentColor" d="M17.71,16.29 L14.31,12.9 C15.4069846,11.5024547 16.0022094,9.77665502 16,8 C16,3.581722 12.418278,0 8,0 C3.581722,0 0,3.581722 0,8 C0,12.418278 3.581722,16 8,16 C9.77665502,16.0022094 11.5024547,15.4069846 12.9,14.31 L16.29,17.71 C16.4777666,17.8993127 16.7333625,18.0057983 17,18.0057983 C17.2666375,18.0057983 17.5222334,17.8993127 17.71,17.71 C17.8993127,17.5222334 18.0057983,17.2666375 18.0057983,17 C18.0057983,16.7333625 17.8993127,16.4777666 17.71,16.29 Z M2,8 C2,4.6862915 4.6862915,2 8,2 C11.3137085,2 14,4.6862915 14,8 C14,11.3137085 11.3137085,14 8,14 C4.6862915,14 2,11.3137085 2,8 Z"></path>
</svg><span>搜索</span><span>⌘K</span></a><a href="https://github.com/jaywcjlove/reference/blob/main/docs/netstat.md" class="" target="__blank"><svg viewBox="0 0 36 36" fill="currentColor" height="1em" width="1em"><path d="m33 6.4-3.7-3.7a1.71 1.71 0 0 0-2.36 0L23.65 6H6a2 2 0 0 0-2 2v22a2 2 0 0 0 2 2h22a2 2 0 0 0 2-2V11.76l3-3a1.67 1.67 0 0 0 0-2.36ZM18.83 20.13l-4.19.93 1-4.15 9.55-9.57 3.23 3.23ZM29.5 9.43 26.27 6.2l1.85-1.85 3.23 3.23Z"></path><path fill="none" d="M0 0h36v36H0z"></path></svg><span>编辑</span></a><button id="darkMode" type="button"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="currentColor" class="light" height="1em" width="1em">
<path d="M6.995 12c0 2.761 2.246 5.007 5.007 5.007s5.007-2.246 5.007-5.007-2.246-5.007-5.007-5.007S6.995 9.239 6.995 12zM11 19h2v3h-2zm0-17h2v3h-2zm-9 9h3v2H2zm17 0h3v2h-3zM5.637 19.778l-1.414-1.414 2.121-2.121 1.414 1.414zM16.242 6.344l2.122-2.122 1.414 1.414-2.122 2.122zM6.344 7.759 4.223 5.637l1.415-1.414 2.12 2.122zm13.434 10.605-1.414 1.414-2.122-2.122 1.414-1.414z"></path>
</svg>
<svg xmlns="http://www.w3.org/2000/svg" fill="currentColor" viewBox="0 0 24 24" class="dark" height="1em" width="1em">
<path d="M12 11.807A9.002 9.002 0 0 1 10.049 2a9.942 9.942 0 0 0-5.12 2.735c-3.905 3.905-3.905 10.237 0 14.142 3.906 3.906 10.237 3.905 14.143 0a9.946 9.946 0 0 0 2.735-5.119A9.003 9.003 0 0 1 12 11.807z"></path>
</svg>
</button><script src="../js/dark.js?v=1.6.0"></script><a href="https://github.com/jaywcjlove/reference" class="" target="__blank"><svg viewBox="0 0 16 16" fill="currentColor" height="1em" width="1em"><path d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.012 8.012 0 0 0 16 8c0-4.42-3.58-8-8-8z"></path></svg></a></div></div></nav><div class="wrap h1body-exist max-container"><header class="wrap-header h1wrap"><h1 id="netstat-备忘清单"><svg viewBox="0 0 36 36" xmlns="http://www.w3.org/2000/svg" fill="currentColor" height="1em" width="1em">
<path d="M26.58 32h-18a1 1 0 1 0 0 2h18a1 1 0 0 0 0-2Z"></path>
<path d="M31.73 15.4h-6.17a18.87 18.87 0 0 1-1.62 2.52 2.33 2.33 0 0 1 .33 1.19 22 22 0 0 0 5 .45 11.88 11.88 0 0 1-.61 1.53h-.56a17.41 17.41 0 0 1-4.32-.56 2.29 2.29 0 0 1-3 .62 18.43 18.43 0 0 1-7 3.5 2.34 2.34 0 0 1-1.57 1.79l-.29.06a11.93 11.93 0 0 1-3.39-2.8h.66a2.33 2.33 0 0 1 4.37-.58A16.94 16.94 0 0 0 19.78 20a2.32 2.32 0 0 1-.18-1.17c-.42-.24-.84-.49-1.25-.76a17.53 17.53 0 0 1-5.35-5.6 2.31 2.31 0 0 1-2.28-.63 27.31 27.31 0 0 0-5 4.74v-.57a12 12 0 0 1 .14-1.73 18.75 18.75 0 0 1 4.2-3.8 2.28 2.28 0 0 1 1.1-2.25c-.12-.43-.24-.86-.33-1.3 0-.14 0-.29-.11-.64a12 12 0 0 1 1.37-.87c.1.59.14.9.21 1.21s.2.85.32 1.27h.25a2.33 2.33 0 0 1 1.13.63 18.59 18.59 0 0 1 6.39-1L23 3A14 14 0 0 0 3.75 16c0 .45 0 .89.07 1.33A14 14 0 0 0 31.76 16c0-.2-.02-.4-.03-.6Z"></path>
<path d="M14.26 11.64a16 16 0 0 0 4.93 5.23c.34.23.69.43 1 .63a2.28 2.28 0 0 1 2.58-.57 17.29 17.29 0 0 0 1-1.54h-1.6A3.68 3.68 0 0 1 19 9.89l.56-.89a17.08 17.08 0 0 0-4.84.88 2.25 2.25 0 0 1-.47 1.77Z"></path>
<path d="M26.85 1.14 21.13 11a1.28 1.28 0 0 0 1.1 2h11.45a1.28 1.28 0 0 0 1.1-2l-5.72-9.86a1.28 1.28 0 0 0-2.21 0Z"></path>
<path fill="none" d="M0 0h36v36H0z"></path>
</svg>
<a aria-hidden="true" tabindex="-1" href="#netstat-备忘清单"><span class="icon icon-link"></span></a>Netstat 备忘清单</h1><div class="wrap-body">
<p>此快速参考备忘单提供了各种使用 netstat 命令的方法</p>
</div></header><div class="menu-tocs"><div class="menu-btn"><svg aria-hidden="true" fill="currentColor" height="1em" width="1em" viewBox="0 0 16 16" version="1.1" data-view-component="true">
<path fill-rule="evenodd" d="M2 4a1 1 0 100-2 1 1 0 000 2zm3.75-1.5a.75.75 0 000 1.5h8.5a.75.75 0 000-1.5h-8.5zm0 5a.75.75 0 000 1.5h8.5a.75.75 0 000-1.5h-8.5zm0 5a.75.75 0 000 1.5h8.5a.75.75 0 000-1.5h-8.5zM3 8a1 1 0 11-2 0 1 1 0 012 0zm-1 6a1 1 0 100-2 1 1 0 000 2z"></path>
</svg></div><div class="menu-modal"><a aria-hidden="true" class="leve2 tocs-link" data-num="2" href="#入门">入门</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#入门实例">入门实例</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#监听">监听</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#连接">连接</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#网络">网络</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#路由">路由</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#统计数据">统计数据</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#显示没有域名的-tcp-连接">显示没有域名的 TCP 连接</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#显示活动已建立的连接">显示活动/已建立的连接</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#获取活动连接的连续列表">获取活动连接的连续列表</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#显示到特定端口的所有打开连接">显示到特定端口的所有打开连接</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#检查服务是否正在运行">检查服务是否正在运行</a><a aria-hidden="true" class="leve2 tocs-link" data-num="2" href="#netstat--安全命令">Netstat 安全命令</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#显示具有大量连接的-ip">显示具有大量连接的 IP</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#连接到端口-80-的-ip-地址">连接到端口 80 的 IP 地址</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#显示端口-80-上的活动连接数">显示端口 80 上的活动连接数</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#仅显示外部-ip-地址">仅显示外部 IP 地址</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#显示活动-sync_rec">显示活动 SYNC_REC</a><a aria-hidden="true" class="leve4 tocs-link" data-num="4" href="#列出发送-syn_rec-连接的唯一-ip-地址">列出发送 SYN_REC 连接的唯一 IP 地址</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#每个远程-ip-的连接数">每个远程 IP 的连接数</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#检查开放端口ipv4-和-ipv6">检查开放端口ipv4 和 ipv6</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#检查开放端口ipv4-和-ipv6-1">检查开放端口ipv4 和 ipv6</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#每个-ip-的打开连接数">每个 IP 的打开连接数</a><a aria-hidden="true" class="leve3 tocs-link" data-num="3" href="#活跃的互联网连接">活跃的互联网连接</a></div></div><div class="h1wrap-body"><div class="wrap h2body-exist"><div class="wrap-header h2wrap"><h2 id="入门"><a aria-hidden="true" tabindex="-1" href="#入门"><span class="icon icon-link"></span></a>入门</h2><div class="wrap-body">
</div></div><div class="h2wrap-body"><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="入门实例"><a aria-hidden="true" tabindex="-1" href="#入门实例"><span class="icon icon-link"></span></a>入门实例</h3><div class="wrap-body">
<p>端口 80 上的所有连接</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-anp</span> <span class="token operator">|</span> <span class="token function">grep</span> :80
</span></code></pre>
<p>网络统计帮助</p>
<pre class="language-shell"><code class="language-shell code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-h</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="监听"><a aria-hidden="true" tabindex="-1" href="#监听"><span class="icon icon-link"></span></a>监听</h3><div class="wrap-body">
<table><thead><tr><th align="left">选项</th><th align="left">说明</th></tr></thead><tbody><tr><td align="left"><code>netstat -ltunp</code></td><td align="left">所有监听端口</td></tr><tr><td align="left"><code>netstat -ltn</code></td><td align="left">监听 TCP 端口</td></tr><tr><td align="left"><code>netstat -lun</code></td><td align="left">监听 UDP 端口</td></tr><tr><td align="left"><code>netstat -lx</code></td><td align="left">监听 Unix 端口</td></tr><tr><td align="left"><code>netstat -lt</code></td><td align="left">仅列出侦听 TCP 端口</td></tr><tr><td align="left"><code>netstat -lu</code></td><td align="left">仅列出侦听 UDP 端口</td></tr><tr><td align="left"><code>netstat -l</code></td><td align="left">列出所有监听条件</td></tr></tbody></table>
</div></div></div><div class="wrap h3body-not-exist row-span-2"><div class="wrap-header h3wrap"><h3 id="连接"><a aria-hidden="true" tabindex="-1" href="#连接"><span class="icon icon-link"></span></a>连接</h3><div class="wrap-body">
<!--rehype:wrap-class=row-span-2-->
<table><thead><tr><th align="left">选项</th><th align="left">说明</th></tr></thead><tbody><tr><td align="left"><code>netstat -a</code></td><td align="left">所有连接</td></tr><tr><td align="left"><code>netstat -at</code></td><td align="left">所有 TCP 连接</td></tr><tr><td align="left"><code>netstat -au</code></td><td align="left">所有 UDP 连接</td></tr><tr><td align="left"><code>netstat -ant</code></td><td align="left">显示没有反向 DNS 查找的 IP 地址</td></tr></tbody></table>
<table><thead><tr><th align="left">选项</th><th align="left">说明</th></tr></thead><tbody><tr><td align="left"><code>netstat</code></td><td align="left">活动连接</td></tr><tr><td align="left"><code>netstat -a</code></td><td align="left">所有连接</td></tr><tr><td align="left"><code>netstat -at</code></td><td align="left">所有 TCP 连接</td></tr><tr><td align="left"><code>netstat -au</code></td><td align="left">所有 UDP 连接</td></tr><tr><td align="left"><code>netstat -ant</code></td><td align="left">显示没有反向 DNS 查找的 IP 地址</td></tr><tr><td align="left"><code>netstat -tnl</code></td><td align="left">监听 TCP 端口</td></tr><tr><td align="left"><code>netstat -unl</code></td><td align="left">监听 UDP 端口</td></tr></tbody></table>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="网络"><a aria-hidden="true" tabindex="-1" href="#网络"><span class="icon icon-link"></span></a>网络</h3><div class="wrap-body">
<table><thead><tr><th align="left">选项</th><th align="left">说明</th></tr></thead><tbody><tr><td align="left"><code>netstat -i</code></td><td align="left">显示网络接口</td></tr><tr><td align="left"><code>netstat -ie</code></td><td align="left">显示网络接口扩展信息</td></tr><tr><td align="left"><code>netstat -n</code></td><td align="left">仅显示 IP 地址</td></tr><tr><td align="left"><code>netstat -F</code></td><td align="left">尽可能显示 IP 地址的域名</td></tr></tbody></table>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="路由"><a aria-hidden="true" tabindex="-1" href="#路由"><span class="icon icon-link"></span></a>路由</h3><div class="wrap-body">
<table><thead><tr><th align="left">选项</th><th align="left">说明</th></tr></thead><tbody><tr><td align="left"><code>netstat -r</code></td><td align="left">显示路由表</td></tr><tr><td align="left"><code>netstat -rn</code></td><td align="left">显示路由表,不解析主机</td></tr></tbody></table>
</div></div></div><div class="wrap h3body-not-exist row-span-3"><div class="wrap-header h3wrap"><h3 id="统计数据"><a aria-hidden="true" tabindex="-1" href="#统计数据"><span class="icon icon-link"></span></a>统计数据</h3><div class="wrap-body">
<!--rehype:wrap-class=row-span-3-->
<table><thead><tr><th align="left">选项</th><th align="left">说明</th></tr></thead><tbody><tr><td align="left"><code>netstat -s</code></td><td align="left">显示统计信息</td></tr><tr><td align="left"><code>netstat -st</code></td><td align="left">显示 TCP 统计信息</td></tr><tr><td align="left"><code>netstat -su</code></td><td align="left">显示 UDP 统计信息</td></tr><tr><td align="left"><code>netstat -ltpe</code></td><td align="left">使用进程信息和扩展信息显示 TCP 的侦听连接</td></tr><tr><td align="left"><code>netstat -tp</code></td><td align="left">显示带有 PID 编号的服务名称</td></tr><tr><td align="left"><code>sudo netstat -nlpt</code></td><td align="left">列出进程名称/PID 和用户 ID</td></tr><tr><td align="left"><code>netstat -nlptue</code></td><td align="left">所有带有 PID 和扩展信息的侦听端口</td></tr><tr><td align="left"><code>netstat -M</code></td><td align="left">显示伪装的连接</td></tr></tbody></table>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="显示没有域名的-tcp-连接"><a aria-hidden="true" tabindex="-1" href="#显示没有域名的-tcp-连接"><span class="icon icon-link"></span></a>显示没有域名的 TCP 连接</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">--tcp</span> <span class="token parameter variable">--numeric</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="显示活动已建立的连接"><a aria-hidden="true" tabindex="-1" href="#显示活动已建立的连接"><span class="icon icon-link"></span></a>显示活动/已建立的连接</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-atnp</span> <span class="token operator">|</span> <span class="token function">grep</span> ESTA
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="获取活动连接的连续列表"><a aria-hidden="true" tabindex="-1" href="#获取活动连接的连续列表"><span class="icon icon-link"></span></a>获取活动连接的连续列表</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">watch</span> <span class="token parameter variable">-d</span> <span class="token parameter variable">-n0</span> <span class="token string">"netstat -atnp | grep ESTA"</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="显示到特定端口的所有打开连接"><a aria-hidden="true" tabindex="-1" href="#显示到特定端口的所有打开连接"><span class="icon icon-link"></span></a>显示到特定端口的所有打开连接</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-anp</span> <span class="token operator">|</span> <span class="token function">grep</span><span class="token string">":"</span>
</span></code></pre>
<p>插入<code>端口</code>号(上图)代替冒号 <code>:</code></p>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="检查服务是否正在运行"><a aria-hidden="true" tabindex="-1" href="#检查服务是否正在运行"><span class="icon icon-link"></span></a>检查服务是否正在运行</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">sudo</span> <span class="token function">netstat</span> <span class="token parameter variable">-aple</span> <span class="token operator">|</span> <span class="token function">grep</span> ntp
</span></code></pre>
<p>你可以用<code>http</code><code>smtp</code>代替<code>ntp</code></p>
</div></div></div></div></div><div class="wrap h2body-exist"><div class="wrap-header h2wrap"><h2 id="netstat--安全命令"><a aria-hidden="true" tabindex="-1" href="#netstat--安全命令"><span class="icon icon-link"></span></a>Netstat 安全命令</h2><div class="wrap-body">
</div></div><div class="h2wrap-body"><div class="wrap h3body-not-exist col-span-3"><div class="wrap-header h3wrap"><h3 id="显示具有大量连接的-ip"><a aria-hidden="true" tabindex="-1" href="#显示具有大量连接的-ip"><span class="icon icon-link"></span></a>显示具有大量连接的 IP</h3><div class="wrap-body">
<!--rehype:wrap-class=col-span-3-->
<pre class="wrap-text "><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-tn</span> <span class="token operator"><span class="token file-descriptor important">2</span>></span>/dev/null <span class="token operator">|</span> <span class="token function">grep</span> :80 <span class="token operator">|</span> <span class="token function">awk</span> <span class="token string">'{print $5}'</span> <span class="token operator">|</span> <span class="token function">cut</span> -d: <span class="token parameter variable">-f1</span> <span class="token operator">|</span> <span class="token function">sort</span> <span class="token operator">|</span> <span class="token function">uniq</span> <span class="token parameter variable">-c</span> <span class="token operator">|</span> <span class="token function">sort</span> <span class="token parameter variable">-nr</span> <span class="token operator">|</span> <span class="token function">head</span>
</span></code></pre>
<!--rehype:className=wrap-text -->
</div></div></div><div class="wrap h3body-not-exist col-span-3"><div class="wrap-header h3wrap"><h3 id="连接到端口-80-的-ip-地址"><a aria-hidden="true" tabindex="-1" href="#连接到端口-80-的-ip-地址"><span class="icon icon-link"></span></a>连接到端口 80 的 IP 地址</h3><div class="wrap-body">
<!--rehype:wrap-class=col-span-3-->
<pre class="wrap-text "><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-tn</span> <span class="token operator"><span class="token file-descriptor important">2</span>></span>/dev/null <span class="token operator">|</span> <span class="token function">grep</span> <span class="token string">':80 '</span> <span class="token operator">|</span> <span class="token function">awk</span> <span class="token string">'{print $5}'</span> <span class="token operator">|</span><span class="token function">sed</span> <span class="token parameter variable">-e</span> <span class="token string">'s/::ffff://'</span> <span class="token operator">|</span> <span class="token function">cut</span> <span class="token parameter variable">-f1</span> -d: <span class="token operator">|</span> <span class="token function">sort</span> <span class="token operator">|</span> <span class="token function">uniq</span> <span class="token parameter variable">-c</span> <span class="token operator">|</span> <span class="token function">sort</span> <span class="token parameter variable">-rn</span> <span class="token operator">|</span> <span class="token function">head</span>
</span></code></pre>
<!--rehype:className=wrap-text -->
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="显示端口-80-上的活动连接数"><a aria-hidden="true" tabindex="-1" href="#显示端口-80-上的活动连接数"><span class="icon icon-link"></span></a>显示端口 80 上的活动连接数</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-an</span> <span class="token operator">|</span><span class="token function">grep</span> :80 <span class="token operator">|</span><span class="token function">wc</span> <span class="token parameter variable">-l</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist col-span-2"><div class="wrap-header h3wrap"><h3 id="仅显示外部-ip-地址"><a aria-hidden="true" tabindex="-1" href="#仅显示外部-ip-地址"><span class="icon icon-link"></span></a>仅显示外部 IP 地址</h3><div class="wrap-body">
<!--rehype:wrap-class=col-span-2-->
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-antu</span> <span class="token operator">|</span> <span class="token function">grep</span> :80 <span class="token operator">|</span> <span class="token function">grep</span> <span class="token parameter variable">-v</span> LISTEN <span class="token operator">|</span> <span class="token function">awk</span> <span class="token string">'{print $5}'</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-exist row-span-2"><div class="wrap-header h3wrap"><h3 id="显示活动-sync_rec"><a aria-hidden="true" tabindex="-1" href="#显示活动-sync_rec"><span class="icon icon-link"></span></a>显示活动 SYNC_REC</h3><div class="wrap-body">
<!--rehype:wrap-class=row-span-2-->
<p>以下命令将输出服务器上正在发生和正在发生的活动 <code>SYNC_REC</code> 数量。数量应该很低(小于 <code>5</code>)。如果该数字为两位数,则您可能正在遭受 <code>DoS</code> 攻击或被邮件轰炸。</p>
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-n</span> -p<span class="token operator">|</span><span class="token function">grep</span> SYN_REC <span class="token operator">|</span> <span class="token function">wc</span> <span class="token parameter variable">-l</span>
</span></code></pre>
<h4 id="列出发送-syn_rec-连接的唯一-ip-地址"><a aria-hidden="true" tabindex="-1" href="#列出发送-syn_rec-连接的唯一-ip-地址"><span class="icon icon-link"></span></a>列出发送 SYN_REC 连接的唯一 IP 地址</h4>
<pre class="wrap-text "><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-n</span> <span class="token parameter variable">-p</span> <span class="token operator">|</span> <span class="token function">grep</span> SYN_REC <span class="token operator">|</span> <span class="token function">awk</span> <span class="token string">'{print $5}'</span> <span class="token operator">|</span> <span class="token function">awk</span> -F: <span class="token string">'{print $1}'</span>
</span></code></pre>
<!--rehype:className=wrap-text -->
<p>与上面的命令一样,该命令也列出了发送 <code>SYN_REC</code> 连接状态的节点的所有唯一 <code>IP</code> 地址</p>
</div></div></div><div class="wrap h3body-not-exist col-span-2"><div class="wrap-header h3wrap"><h3 id="每个远程-ip-的连接数"><a aria-hidden="true" tabindex="-1" href="#每个远程-ip-的连接数"><span class="icon icon-link"></span></a>每个远程 IP 的连接数</h3><div class="wrap-body">
<!--rehype:wrap-class=col-span-2-->
<pre class="wrap-text "><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-antu</span> <span class="token operator">|</span> <span class="token function">awk</span> <span class="token string">'{print $5}'</span> <span class="token operator">|</span> <span class="token function">awk</span> -F: <span class="token string">'{print $1}'</span> <span class="token operator">|</span> <span class="token function">sort</span> <span class="token operator">|</span> <span class="token function">uniq</span> <span class="token parameter variable">-c</span> <span class="token operator">|</span> <span class="token function">sort</span> <span class="token parameter variable">-n</span>
</span></code></pre>
<!--rehype:className=wrap-text -->
<p>或者</p>
<pre class="wrap-text "><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-antu</span> <span class="token operator">|</span> <span class="token function">awk</span> <span class="token string">'$5 ~ /[0-9]:/{split($5, a, ":"); ips[a[1]]++} END {for (ip in ips) print ips[ip], ip | "sort -k1 -nr"}'</span>
</span></code></pre>
<!--rehype:className=wrap-text -->
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="检查开放端口ipv4-和-ipv6"><a aria-hidden="true" tabindex="-1" href="#检查开放端口ipv4-和-ipv6"><span class="icon icon-link"></span></a>检查开放端口ipv4 和 ipv6</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-plntu</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="检查开放端口ipv4-和-ipv6-1"><a aria-hidden="true" tabindex="-1" href="#检查开放端口ipv4-和-ipv6-1"><span class="icon icon-link"></span></a>检查开放端口ipv4 和 ipv6</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-plnt</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="每个-ip-的打开连接数"><a aria-hidden="true" tabindex="-1" href="#每个-ip-的打开连接数"><span class="icon icon-link"></span></a>每个 IP 的打开连接数</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-an</span> <span class="token operator">|</span> <span class="token function">grep</span> <span class="token number">80</span> <span class="token operator">|</span> <span class="token function">wc</span> <span class="token parameter variable">-l</span>
</span></code></pre>
</div></div></div><div class="wrap h3body-not-exist"><div class="wrap-header h3wrap"><h3 id="活跃的互联网连接"><a aria-hidden="true" tabindex="-1" href="#活跃的互联网连接"><span class="icon icon-link"></span></a>活跃的互联网连接</h3><div class="wrap-body">
<pre class="language-bash"><code class="language-bash code-highlight"><span class="code-line">$ <span class="token function">netstat</span> <span class="token parameter variable">-pnut</span> <span class="token parameter variable">-w</span> <span class="token operator">|</span> <span class="token function">column</span> <span class="token parameter variable">-t</span> <span class="token parameter variable">-s</span> <span class="token string">$'<span class="token entity" title="\t">\t</span>'</span>
</span></code></pre>
</div></div></div></div></div></div><script src="https://giscus.app/client.js" data-repo="jaywcjlove/reference" data-repo-id="R_kgDOID2-Mw" data-category="Q&#x26;A" data-category-id="DIC_kwDOID2-M84CS5wo" data-mapping="pathname" data-strict="0" data-reactions-enabled="1" data-emit-metadata="0" data-input-position="bottom" data-theme="dark" data-lang="zh-CN" crossorigin="anonymous" async></script><div class="giscus"></div></div><footer class="footer-wrap"><footer class="max-container">© 2022 <a href="https://wangchujiang.com/#/app" target="_blank">Kenny Wang</a>.</footer></footer><script src="../data.js?v=1.6.0" defer></script><script src="../js/fuse.min.js?v=1.6.0" defer></script><script src="../js/main.js?v=1.6.0" defer></script><div id="mysearch"><div class="mysearch-box"><div class="mysearch-input"><div><svg xmlns="http://www.w3.org/2000/svg" height="1em" width="1em" viewBox="0 0 18 18">
<path fill="currentColor" d="M17.71,16.29 L14.31,12.9 C15.4069846,11.5024547 16.0022094,9.77665502 16,8 C16,3.581722 12.418278,0 8,0 C3.581722,0 0,3.581722 0,8 C0,12.418278 3.581722,16 8,16 C9.77665502,16.0022094 11.5024547,15.4069846 12.9,14.31 L16.29,17.71 C16.4777666,17.8993127 16.7333625,18.0057983 17,18.0057983 C17.2666375,18.0057983 17.5222334,17.8993127 17.71,17.71 C17.8993127,17.5222334 18.0057983,17.2666375 18.0057983,17 C18.0057983,16.7333625 17.8993127,16.4777666 17.71,16.29 Z M2,8 C2,4.6862915 4.6862915,2 8,2 C11.3137085,2 14,4.6862915 14,8 C14,11.3137085 11.3137085,14 8,14 C4.6862915,14 2,11.3137085 2,8 Z"></path>
</svg><input id="mysearch-input" type="search" placeholder="搜索" autocomplete="off"><div class="mysearch-clear"></div></div><button id="mysearch-close" type="button">搜索</button></div><div class="mysearch-result"><div id="mysearch-menu"></div><div id="mysearch-content"></div></div></div></div></body>
</html>
Reference in New Issue View Git Blame Copy Permalink