Commands matching netstat sorted by votes

Commands matching netstat (162)

sorted by

Graph # of connections for each hosts.

Written for linux, the real example is how to produce ascii text graphs based on a numeric value (anything where uniq -c is useful is a good candidate). Show Sample Output
This is sample output - yours may be different.
```
64.74.153.141	3	***
192.168.10.10   5       *****
```
53

netstat -an | grep ESTABLISHED | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | awk '{ printf("%s\t%s\t",$2,$1) ; for (i = 0; i < $1; i++) {printf("*")}; print "" }'

knassery · 2009-04-27 22:02:19 24

Lists all listening ports together with the PID of the associated process

This command is more portable than it's cousin netstat. It works well on all the BSDs, GNU/Linux, AIX and Mac OS X. You won't find lsof by default on Solaris or HPUX by default, but packages exist around the web for installation, if needed, and the command works as shown. This is the most portable command I can find that lists listening ports and their associated pid. Show Sample Output

This is sample output - yours may be different.

COMMAND     PID        USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
nmbd       1381        root   10u  IPv4 37683465      0t0  UDP *:137
nmbd       1381        root   13u  IPv4 37683466      0t0  UDP *:138
nmbd       1381        root   14u  IPv4 37683468      0t0  UDP 192.168.1.66:137
nmbd       1381        root   15u  IPv4 37683469      0t0  UDP 192.168.1.66:138
nmbd       1381        root   16u  IPv4 37683470      0t0  UDP 192.168.1.6:137
nmbd       1381        root   17u  IPv4 37683471      0t0  UDP 192.168.1.6:138
smbd       1384        root   25u  IPv6 37683528      0t0  TCP *:445 (LISTEN)
smbd       1384        root   26u  IPv6 37683530      0t0  TCP *:139 (LISTEN)
smbd       1384        root   27u  IPv4 37683532      0t0  TCP *:445 (LISTEN)
smbd       1384        root   28u  IPv4 37683534      0t0  TCP *:139 (LISTEN)
portmap    1642      daemon    4u  IPv4     4146      0t0  UDP *:111
portmap    1642      daemon    5u  IPv4     4161      0t0  TCP *:111 (LISTEN)
rpc.statd  1658       statd    4u  IPv4     4186      0t0  UDP *:986
rpc.statd  1658       statd    6u  IPv4     4195      0t0  UDP *:50215
rpc.statd  1658       statd    7u  IPv4     4198      0t0  TCP *:37962 (LISTEN)
cupsd      1689        root    5u  IPv4 51957733      0t0  TCP *:631 (LISTEN)
cupsd      1689        root   16u  IPv6 51957734      0t0  TCP *:631 (LISTEN)
cupsd      1689        root   18u  IPv4 51957737      0t0  UDP *:631
dhclient   2031        root    5u  IPv4     5307      0t0  UDP *:68
apache2    2093        root    4u  IPv6     5480      0t0  TCP *:80 (LISTEN)
avahi-dae  2281       avahi   13u  IPv4     5670      0t0  UDP *:5353
avahi-dae  2281       avahi   14u  IPv6     5671      0t0  UDP *:5353
avahi-dae  2281       avahi   15u  IPv4     5672      0t0  UDP *:60574
avahi-dae  2281       avahi   16u  IPv6     5673      0t0  UDP *:37378
hddtemp    2705        root    0u  IPv4     6851      0t0  TCP 127.0.0.1:7634 (LISTEN)
dhclient   3115        root    5u  IPv4    10765      0t0  UDP *:68
exim4     13674 Debian-exim    4u  IPv4 45844908      0t0  TCP 127.0.0.1:25 (LISTEN)
sshd      26220        root    3u  IPv4 16151998      0t0  TCP *:22 (LISTEN)
sshd      26220        root    4u  IPv6 16152000      0t0  TCP *:22 (LISTEN)
apache2   30313    www-data    4u  IPv6     5480      0t0  TCP *:80 (LISTEN)
apache2   30316    www-data    4u  IPv6     5480      0t0  TCP *:80 (LISTEN)

lsof -Pan -i tcp -i udp

atoponce · 2010-06-07 15:22:44 13

List the number and type of active network connections
This is sample output - yours may be different.
26

netstat -ant | awk '{print $NF}' | grep -v '[a-z]' | sort | uniq -c

himynameisthor · 2009-02-05 18:02:59 36

Create a system overview dashboard on F12 key

Command binds a set of commands to the F12 key. Feel free to alter the dashboard according to your own needs. How to find the key codes? Type read Then press the desired key (example: F5) ^[[15~ Try bind '"\e[15~"':"\"ssh su@ip-address\C-m""" or bind '"\e[16~"':"\"apachectl -k restart\C-m""" Show Sample Output

This is sample output - yours may be different.

F S UID        PID  PPID  C PRI  NI ADDR SZ WCHAN    RSS PSR STIME TTY          TIME CMD
4 S root         1     0  0  76   0 -   371 -        528   1 Jun02 ?        00:00:01 init [2]
1 S bind     31818     1  0  80   0 -  9274 rt_sig  2728   1 Jun02 ?        00:00:00 /usr/sbin/named -t /var/named/run-root -c /etc/named.conf -u bind
1 S clamav   32358     1  0  75   0 -   667 pause   1268   0 Jun02 ?        00:00:04 Filesystem            Size  Used Avail Use% Mounted on
/dev/vzfs              30G   25G  5,1G  83% /
tmpfs                 4,0G   64K  4,0G   1% /var/run
             total       used       free     shared    buffers     cached
Mem:          8099       7657        441          0        198       4624
Swap:        16002          3      15998
Total:       24102       7661      16440
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN     27870/mysqld
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN     1499/apache2
tcp        0      0 0.0.0.0:8880            0.0.0.0:*               LISTEN     1706/httpsd
tcp        0      0 87.230.26.178:53        0.0.0.0:*               LISTEN     31818/named
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN     31818/named
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     1825/sshd
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN     31818/named
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN     32482/0
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN     1499/apache2
tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN     1706/httpsd
                        2009-06-02 12:57             30316 id=si    term=0 exit=0
           system boot  2009-06-02 12:57
           run-level 2  2009-06-02 12:57                   last=S
                        2009-06-02 12:58             31781 id=l2    term=0 exit=0
root     - pts/0        2009-06-22 01:01   .         32484 (p57a704d4.dip0.t-ipconnect.de)
           pts/1        2009-06-21 20:42              5497 id=ts/1  term=0 exit=0

bind '"\e[24~"':"\"ps -elF;df -h;free -mt;netstat -lnpt;who -a\C-m"""

Neo23x0 · 2009-06-21 23:57:20 81

Monitor open connections for httpd including listen, count and sort it per IP

It's not my code, but I found it useful to know how many open connections per request I have on a machine to debug connections without opening another http connection for it. You can also decide to sort things out differently then the way it appears in here. Show Sample Output
This is sample output - yours may be different.
```
1 
2 10.0.0.2
```
18

watch "netstat -plan|grep :80|awk {'print \$5'} | cut -d: -f 1 | sort | uniq -c | sort -nk 1"

ik_5 · 2010-03-15 09:27:43 11

List all open ports and their owning executables

Particularly useful on OS X where netstat doesn't have -p option. Show Sample Output

lsof -i -P | grep -i "listen"

patko · 2010-10-14 09:37:51 10

Show which programs are listening on TCP and UDP ports

-p Tell me the name of the program and it's PID -l that is listening -u on a UDP port. -n Give me numeric IP addresses (don't resolve them) -t oh, also TCP ports Show Sample Output

netstat -plunt

JamesGreenhalgh · 2009-02-06 06:04:32 26

All IP connected to my host

find all computer connected to my host through TCP connection. Show Sample Output
This is sample output - yours may be different.
```
91.186.200.150
92.42.55.172
94.127.72.60
94.182.150.25
94.182.156.230
94.184.255.134
95.38.45.133
```
16

netstat -lantp | grep ESTABLISHED |awk '{print $5}' | awk -F: '{print $1}' | sort -u

bitbasher · 2011-07-21 21:23:10 16
Monitor TCP opened connections
This is sample output - yours may be different.
15

watch -n 1 "netstat -tpanl | grep ESTABLISHED"

klipz · 2009-04-13 20:40:41 123
Number of open connections per ip.

Here is a command line to run on your server if you think your server is under attack. It prints our a list of open connections to your server and sorts them by amount. BSD Version: netstat -na |awk '{print $5}' |cut -d "." -f1,2,3,4 |sort |uniq -c |sort -nr Show Sample Output
This is sample output - yours may be different.
```
20 81.49.60.x
21 116.212.111.x
26 65.184.224.x
31 189.61.36.x
84 89.180.3.x
212 127.0.0.1
```
14

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

tiagofischer · 2009-03-28 21:02:26 73
count IPv4 connections per IP

usefull in case of abuser/DoS attacks. Show Sample Output
This is sample output - yours may be different.
```
14 111.111.111.111
     28 123.123.123.123
     34 0.0.0.0
```
12

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | sed s/::ffff:// | cut -d: -f1 | sort | uniq -c | sort -n

dt · 2009-02-15 09:16:16 19
Show tcp connections sorted by Host / Most connections
This is sample output - yours may be different.
11

netstat -ntu|awk '{print $5}'|cut -d: -f1 -s|sort|uniq -c|sort -nk1 -r

dbiesecke · 2022-03-08 11:52:18 380
Quick network status of machine

credit to tumblr engineering blog @ http://engineering.tumblr.com/ Show Sample Output
This is sample output - yours may be different.
```
 1618 ESTABLISHED
 4 LAST_ACK
 2 SYN_RECV
 1 TIME_WAIT
 1 CLOSE_WAIT
```
8

netstat -tn | awk 'NR>2 {print $6}' | sort | uniq -c | sort -rn

evandrix · 2011-09-12 23:29:39 13

check open ports (both ipv4 and ipv6)

While `lsof` will work, why not use the tool designed explicitly for this job? (If not run as root, you will only see the names of PID you own) Show Sample Output

netstat -plnt

DopeGhoti · 2011-09-30 19:56:32 5

See KeepAlive counters on tcp connections

See connection's tcp timers Show Sample Output
This is sample output - yours may be different.
```
tcp        0      0 192.168.10.117:45979       192.168.1.1:80         ESTABLISHED keepalive (25.96/0/0)
tcp        0      0 192.168.10.117:37418       192.168.0.5:993            ESTABLISHED off (0.00/0/0)
```
8

netstat -town

ioggstream · 2012-10-08 13:10:04 43

dstat - a mix of vmstat, iostat, netstat, ps, sar...

This is a very powerful command line tool to gather statistics for a Linux system. http://dag.wieers.com/home-made/dstat/ Show Sample Output

dstat -ta

vutcovici · 2009-04-02 14:19:12 9

Show apps that use internet connection at the moment. (Multi-Language)

Show apps that use internet connection at the moment. Can be used to discover what programms create internet traffic. Skip the part after awk to get more details, though it will not work showing only unique processes. This version will work with other languages such as Spanish and Portuguese, if the word for "ESTABLISHED" still contain the fragment "STAB"(e.g. "ESTABELECIDO") Show Sample Output
This is sample output - yours may be different.
```
firefox
http
ktorrent
opera
python
```
7

netstat -lantp | grep -i stab | awk -F/ '{print $2}' | sort | uniq

ProMole · 2009-09-19 14:54:31 9
see the TIME_WAIT and ESTABLISHED nums of the network

see the TIME_WAIT and ESTABLISHED nums of the network Show Sample Output
This is sample output - yours may be different.
```
TIME_WAIT 60013
ESTABLISHED 37
```
7

netstat -n | awk '/^tcp/ {++B[$NF]} END {for(a in B) print a, B[a]}'

healthly · 2010-04-24 12:11:52 4
Display connections histogram

Displays a connection histogram of active tcp connections. Works even better under an alias. Thanks @Areis1 for sharing this one.
This is sample output - yours may be different.
7

netstat -an | grep ESTABLISHED | awk '\''{print $5}'\'' | awk -F: '\''{print $1}'\'' | sort | uniq -c | awk '\''{ printf("%s\t%s\t",$2,$1); for (i = 0; i < $1; i++) {printf("*")}; print ""}'\''

mramos · 2010-07-09 00:25:45 42

Cheap iftop

Shows updated status in a terminal window for connections to port '80' in a human-friendly form. Use 'watch -n1' to update every second, and 'watch -d' to highlight changes between updates. If you wish for status updates on a port other than '80', always remember to put a space afterwards so that ":80" will not match ":8080". Show Sample Output

watch 'netstat -anptu |egrep "^Proto|:80 "'

Mozai · 2011-05-18 15:05:52 25

list processes with established tcp connections (without netstat)

Uses lsof to list open network connections (file descriptors), grepping for only those in an established state
This is sample output - yours may be different.
6

lsof -i -n | grep ESTABLISHED

systemj · 2009-02-05 15:28:11 37
Show all programs on UDP and TCP ports with timer information

-p PID and name of the program -u on a UDP port. -t also TCP ports -o networking timer -n numeric IP addresses (don't resolve them) -a all sockets
This is sample output - yours may be different.
6

netstat -putona

starchox · 2009-02-16 19:14:35 33
List programs with open ports and connections
This is sample output - yours may be different.
6

netstat -ntauple

luqmanux · 2009-07-02 20:18:26 12
Show complete URL in netstat output

The -W switch of netstat makes it print complete URL of the connections, which otherwise by default is truncated to fit its default column size. Now to compensate for irregular column sizes, pipe the output to column (-t switch of column prints in tabular form). The only downside to this part is that the very first row, the header, goes pear shape. Show Sample Output
This is sample output - yours may be different.
```
$ netstat -tup 
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 me:41486        XXX.XXX.XXX.XXX-sta:http ESTABLISHED 1669/chrome         


$ netstat -tup -W | column -t
Proto   Recv-Q    Send-Q       Local             Address                                           Foreign      Address           State  PID/Program  name
tcp     0         0            me:41486  XXX.XXX.XXX.XXX-static.reverse.softlayer.com:http  ESTABLISHED  1669/chrome
```
6

netstat -tup -W | column -t

b_t · 2014-01-08 22:39:01 13
Examine processes generating traffic on your website

I often have to google this so I put it here for quick reference.
This is sample output - yours may be different.
6

netstat -np | grep -v ^unix

UnklAdM · 2015-11-09 17:22:30 16
1 2 3 > Last ›

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands

Check These Out

Fix Ubuntu's Broken Sound Server

Ever since the switch to pulseaudio, Ubuntu users including myself have found themselves with no sound intermittently. To fix this, just use this command and restarts firefox or mplayer or whatever.

Monitor open connections for httpd including listen, count and sort it per IP

It's not my code, but I found it useful to know how many open connections per request I have on a machine to debug connections without opening another http connection for it. You can also decide to sort things out differently then the way it appears in here.

follow the content of all files in a directory

The `-q' arg forces tail to not output the name of the current file

Check if your webserver supports gzip compression with curl

Download Englishword pronounciation as mp3 file

Create a mirror of a local folder, on a remote server

Create a exact mirror of the local folder "/root/files", on remote server 'remote_server' using SSH command (listening on port 22) (all files & folders on destination server/folder will be deleted)

make, or run a script, everytime a file in a directory is modified

add the result of a command into vi

':r!ls -l' results in listing the files in the current directory and paste it into vi

command shell generate random strong password

shell generate random strong password

Empty a file

The downside of output redirection is that you need permissions. So something like $ > file won't play nicely w/ sudo. You'd need to do something like $ bash -c '> file' instead, you could go w/ $ sudo truncate -s0 file

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

» all commands
» commands with 3 up-votes (commandlinefu3)
» commands with 10 up-votes (commandlinefu10)
» commands matching netstat

Commands matching netstat (162) the last day the last week the last month all time sorted by date votes

What's this?

Check These Out

Stay in the loop…

Commands matching netstat (162)

sorted by