Scaler
Academy
Data Science
Neovarsity
New
Skill Test
Free Masterclass
Search for Articles, Topics
netstat Command in Linux

netstat Command in Linux

Topics Covered

Overview

The netstat command in Linux is a useful tool for monitoring network connections. It displays active connections, their status, and related statistics. With this command, you can quickly find out which ports are open, which services are listening on them, and which IP addresses are connected to your system. This article will cover the syntax, options, and usage of the netstat command in Linux.

Linux netstat Command Syntax

The syntax for the netstat command is as follows:

Where:

  • netstat: The name of the command.

netstat Command Options:

  • -t: Displays TCP connections.
  • -u: Displays UDP connections.
  • -l: Displays only listening ports.
  • -p: Displays the process name/ID using the port.
  • -n: Displays numerical addresses instead of resolving names.
  • -r: Displays the routing table information.

Example Usages

  • Display all active connections.:

    Output:

    Explanation: The command netstat without any options will display all active connections in the system. The output includes the protocol (TCP or UDP), the local and foreign addresses, and the state of the connection.

  • Display listening TCP ports.:

    Output:

    Explanation: The option -l displays only listening ports. The option -n displays numerical addresses instead of resolving names. The option -t filters TCP connections and the option -p shows the process name/ID using the port. Therefore, the command netstat -tln displays only listening TCP ports in the system.

  • Display routing table information.:

    Output:

    Explanation: The option -r displays the routing table information. This includes the destination, gateway, and netmask of the route, as well as the interface and metric. In this example, there are two routes defined: one for the local network and one for the default route.

Tips

  • You can use the option -a to display all connections, including those in the listening state.

  • You can use the option -c to display the netstat output continuously, updating it every second.

  • You can use the option -e to display additional networking statistics.

Advanced Use Cases of netstat Command in Linux

  • Display network statistics for a specific protocol.:

    Output:

    Explanation: The option -s displays the statistics for the specified protocol. In this example, the command netstat -s tcp displays the TCP statistics, including active and passive connection openings, failed connection attempts, and segment transmissions.

  • Display network statistics for a specific interface.:

    Output:

    Explanation: The option -i displays the statistics for the specified interface. In this example, the command netstat -i eth0 displays the network statistics for the eth0 interface, including the number of received and transmitted packets, errors, and drops.

  • Display network statistics for a specific process.:

    Output:

    Explanation: The option -p shows the process name/ID using the port. You can use the grep command to filter the output by process name. In this example, the command netstat -tap | grep sshd displays the network statistics for the sshd process.

Conclusion

  • The netstat command is a powerful tool for monitoring network connections in Linux.

  • With this command, you can display active connections, their status, and related statistics.

  • You can filter the output by protocol, interface, process, or state.

  • The netstat command can help you troubleshoot network issues and identify potential security threats.