Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

OpenID
or
Sign in Register

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

UpGuard checks and validates configurations for every major OS, network device, and cloud provider.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!
Hide

Top Tags


awk, bash, curl, find, grep, Linux, sed
Hide

Functions

Commands tagged netstat from sorted by
Terminal - Commands tagged netstat - 47 results
netstat -tlpn | sort -t: -k2 -n
2014-07-22 14:08:01
User: hute37
Functions: netstat sort
Tags: netstat
4
Up
Down
List Listen Port by numbers

Show TCP Listen ports sorted by number

(bugs: IPV6 addresses not supported)

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -pnut -W | column -t -s $'\t'
2014-05-03 00:48:53
User: Nadiar
Functions: column netstat
Tags: column netstat wide
2
Up
Down
Show complete URL in netstat output

This takes all of the tab spaces, and uses column to put them into the appropriately sized table.

Show sample output | Comments (4) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tunlapo
2014-01-23 20:44:31
User: treebeard
Functions: netstat
Tags: netstat
0
Up
Down
TCP and UDP listening sockets

-t TCP

-u UDP

-n NO DNS resolution or PORT/SERVICE resolution

-l state

-a ?

-p PORT show

-o flag (keepalive, off, etc)

Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tup -W | column -t
2014-01-08 22:39:01
User: b_t
Functions: column netstat
Tags: column netstat wide
5
Up
Down
Show complete URL in netstat output

The -W switch of netstat makes it print complete URL of the connections, which otherwise by default

is truncated to fit its default column size.

Now to compensate for irregular column sizes, pipe the output to column (-t switch of column prints in tabular form). The only downside to this part is that the very first row, the header, goes pear shape.

Show sample output | Comments (74) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
watch -d 'echo -e "Remaining: `(nodetool netstats | grep " 0%" | wc -l)` \nCurrent: `(nodetool netstats | grep "%" | grep -v " 0%")`"'
2014-01-01 16:59:01
User: mrwulf
Functions: watch
Tags: stream netstat watch cassandra nodetool nodetool netstat repair bootstrap
0
Up
Down
See what a cassandra node is streaming

When bootstrapping or repairing a node this is a simple way to keep tabs on what a node is actively doing.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -ntu | awk ' $5 ~ /^(::ffff:|[0-9|])/ { gsub("::ffff:","",$5); print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr
2013-09-10 19:28:06
User: mrwulf
Functions: awk cut netstat sort uniq
Tags: sort awk uniq IP netstat cut
1
Up
Down
netstat with group by (ip adress)

Same as the rest, but handle IPv6 short IPs. Also, sort in the order that you're probably looking for.

Show sample output | Comments (3) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
sudo netstat -plntu --inet | sort -t: -k2,2n | sort --stable -t. -k 1,1n -k 2,2n -k 3,3n -k 4,4n | sort -s -t" " -k1,1
2013-08-13 09:21:26
User: thechile
Functions: netstat sort sudo
Tags: sort netstat stable
0
Up
Down
make pretty the netstat output for listening services

bit of a contrived example and playing to my OCD but nice for quick scripted output of listening ports which is sorted by port, ip address and protocol.

Show sample output | Comments (5) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
sudo netstat -tulpn | grep :8080
2013-07-30 13:10:50
User: BU5T4
Functions: grep netstat sudo
Tags: netstat
-1
Up
Down
check to see what is running on a specific port number
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
while true; do netstat -a|grep WAIT|wc -l; sleep 5; done
2013-06-19 09:19:41
User: adimania
Functions: grep netstat sleep wc
Tags: netstat tcp
0
Up
Down
One liner to check out CLOSE_WAIT and TIME_WAIT connection every five seconds while debugging network apps

This has saved me many times while debugging timeout issues to "too many open files" issues. A high number of the order of thousand, indicates that somewhere connection is not being closed properly.

Show sample output | Comments (4) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tuapen | grep LISTEN
2013-05-18 20:40:38
User: mered
Functions: grep netstat
Tags: Linux netstat
0
Up
Down
Check for listening services
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -antu | awk '$5 ~ /[0-9]:/{split($5, a, ":"); ips[a[1]]++} END {for (ip in ips) print ips[ip], ip | "sort -k1 -nr"}'
2013-04-09 03:24:43
User: 4Aiur
Functions: awk netstat
Tags: netstat connections
0
Up
Down
Show number of connections per remote IP
Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -antu | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | sort -n
2013-04-08 19:46:41
User: wejn
Functions: awk netstat sort uniq
Tags: netstat connections
-1
Up
Down
Show number of connections per remote IP

Output contains also garbage (text parts from netstat's output) but it's good enough for quick check who's overloading your server.

Comments (4) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
lsof -i -n | grep ESTABLISHED
2013-04-03 09:14:09
User: techie
Functions: grep
Tags: grep netstat lsof tcp connections
2
Up
Down
find established tcp connections without using netstat!!

Fast and easy way to find all established tcp connections without using the netstat command.

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tulpn
2013-03-28 11:18:32
User: FiloSottile
Functions: netstat
Tags: netstat
1
Up
Down
Show all LISTENing and open server connections, with port number and process name/pid
Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -an | grep --color -i -E 'listen|listening'
2013-03-19 08:53:47
User: opexxx
Functions: grep netstat
Tags: grep netstat
-1
Up
Down
Open Port Check

Open Port Check

Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
watch "ss -nat | awk '"'{print $1}'"' | sort | uniq -c"
2012-12-07 19:07:33
User: ricardofunke
Functions: watch
Tags: monitoring netstat tcp ss connections
-1
Up
Down
Monitoring TCP connections number

Monitoring TCP connections number showing each state. It uses ss instead of netstat because it's much faster with high trafic.

You can fgrep specific ports by piping right before awk:

watch "ss -nat | fgrep :80 | awk '"'{print $1}'"' | sort | uniq -c"

Show sample output | Comments (2) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tn | awk '($4 ~ /:22\s*/) && ($6 ~ /^EST/) {print substr($5, 0, index($5,":"))}'
2012-10-03 04:47:54
User: toxick
Functions: awk netstat
Tags: ssh awk netstat
1
Up
Down
list current ssh clients
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -an | grep 80 | wc -l
2012-09-05 06:17:09
User: mrhassell
Functions: grep netstat wc
Tags: sort awk uniq netstat cut
0
Up
Down
Number of open connections per ip.

Count on a specific port (80) - FreeBSD friendly.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tn | grep :80 | awk '{print $5}'| grep -v ':80' | cut -f1 -d: |cut -f1,2,3 -d. | sort | uniq -c| sort -n
2012-06-26 08:29:37
User: krishnan
Functions: awk cut grep netstat sort uniq
Tags: sort awk IP grep netstat connection range user
0
Up
Down
Number of connections per IP with range 24

cut -f1,2 - IP range 16

cut -f1,2,3 - IP range 24

cut -f1,2,3,4 - IP range 24

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -Aan | grep .80 | grep -v 127.0.0.1 | grep EST | awk '{print $6}' | cut -d "." -f1,2,3,4 | sort | uniq
2012-02-03 13:54:11
User: janvanderwijk
Functions: awk cut grep netstat sort
Tags: sort uniq grep netstat cut aix
0
Up
Down
See who are using a specific port

See who is using a specific port. Especially when you're using AIX. In Ubuntu, for example, this can easily be seen with the netstat command.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -plntu
2011-10-01 12:16:38
User: bolthorn0
Functions: netstat
Tags: netstat lsof networking
1
Up
Down
check open ports (both ipv4 and ipv6)

Check open TCP and UDP ports

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -plnt
2011-09-30 19:56:32
User: DopeGhoti
Functions: netstat
Tags: netstat lsof networking
7
Up
Down
check open ports (both ipv4 and ipv6)

While `lsof` will work, why not use the tool designed explicitly for this job?

(If not run as root, you will only see the names of PID you own)

Show sample output | Comments (3) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
sudo netstat|head -n2|tail -n1 && sudo netstat -a|grep udp && echo && sudo netstat|head -n2|tail -n1 && sudo netstat -a|grep tcp
2011-09-08 18:54:36
User: brando56894
Functions: echo grep head netstat sudo tail
Tags: netstat udp tcp connections
0
Up
Down
Displays All TCP and UDP Connections
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -nt | awk -F":" '{print $2}' | sort | uniq -c
2011-07-05 07:53:29
User: sreimann
Functions: awk netstat sort uniq
Tags: sort awk uniq netstat
0
Up
Down
netstat with group by (ip adress)

count connections, group by IP and port

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -ntu | awk ' $5 ~ /^[0-9]/ {print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
2011-07-04 20:23:21
User: letterj
Functions: awk cut netstat sort uniq
Tags: netstat
-4
Up
Down
netstat with group by (ip adress)

netstat has two lines of headers:

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

Added a filter in the awk command to remove them

Comments (6) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate