Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

OpenID
or
Sign in Register

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!
Hide

Top Tags


awk, bash, curl, find, grep, Linux, sed
Hide

Functions

Hide

Credits

Maintained by Jon H.

Site originally by David Winterbottom (user root).

Psst. Open beta.

Wow, didn't really expect you to read this far down. The latest iteration of the site is in open beta. It's a gentle open beta-- not in prime-time just yet. It's being hosted over at UpGuard (link) and you are more than welcome to give it a shot. Couple things:

  • » The open beta is running a copy of the database that will not carry over to the final version. Don't post anything you don't mind losing.
  • » If you wish to use your user account, you will probably need to reset your password.
Your feedback is appreciated via the form on the beta page. Thanks! -Jon & CLFU Team

Commands using netstat from sorted by
Terminal - Commands using netstat - 119 results
netstat -antu | awk '$5 ~ /[0-9]:/{split($5, a, ":"); ips[a[1]]++} END {for (ip in ips) print ips[ip], ip | "sort -k1 -nr"}'
2013-04-09 03:24:43
User: 4Aiur
Functions: awk netstat
Tags: netstat connections
0
Up
Down
Show number of connections per remote IP
Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -antu | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | sort -n
2013-04-08 19:46:41
User: wejn
Functions: awk netstat sort uniq
Tags: netstat connections
-1
Up
Down
Show number of connections per remote IP

Output contains also garbage (text parts from netstat's output) but it's good enough for quick check who's overloading your server.

Comments (4) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tulpn
2013-03-28 11:18:32
User: FiloSottile
Functions: netstat
Tags: netstat
1
Up
Down
Show all LISTENing and open server connections, with port number and process name/pid
Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -an | grep --color -i -E 'listen|listening'
2013-03-19 08:53:47
User: opexxx
Functions: grep netstat
Tags: grep netstat
-1
Up
Down
Open Port Check

Open Port Check

Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -town
2012-10-08 13:10:04
User: ioggstream
Functions: netstat
8
Up
Down
See KeepAlive counters on tcp connections

See connection's tcp timers

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tn | awk '($4 ~ /:22\s*/) && ($6 ~ /^EST/) {print substr($5, 0, index($5,":"))}'
2012-10-03 04:47:54
User: toxick
Functions: awk netstat
Tags: ssh awk netstat
1
Up
Down
list current ssh clients
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -an | grep 80 | wc -l
2012-09-05 06:17:09
User: mrhassell
Functions: grep netstat wc
Tags: sort awk uniq netstat cut
0
Up
Down
Number of open connections per ip.

Count on a specific port (80) - FreeBSD friendly.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -t -p --extend | grep USERNAME
2012-08-07 02:25:54
User: wr8cr8
Functions: grep netstat
-2
Up
Down
Get connections from a SSH tunnel

This obtains a list of open connections that a user is connected to if he/she is using a SSH tunnel

Comments (3) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -ie
2012-08-07 01:57:49
User: minigeek
Functions: netstat
-3
Up
Down
Network Interfaces
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tn | grep :80 | awk '{print $5}'| grep -v ':80' | cut -f1 -d: |cut -f1,2,3 -d. | sort | uniq -c| sort -n
2012-06-26 08:29:37
User: krishnan
Functions: awk cut grep netstat sort uniq
Tags: sort awk IP grep netstat connection range user
0
Up
Down
Number of connections per IP with range 24

cut -f1,2 - IP range 16

cut -f1,2,3 - IP range 24

cut -f1,2,3,4 - IP range 24

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat-nat -n
2012-05-29 13:12:06
User: slezhuk
Functions: netstat
0
Up
Down
List state of NAT.

Show state of NAT, readed from '/proc/net/ip_conntrack' or '/proc/net/nf_conntrack'

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -Aan | grep .80 | grep -v 127.0.0.1 | grep EST | awk '{print $6}' | cut -d "." -f1,2,3,4 | sort | uniq
2012-02-03 13:54:11
User: janvanderwijk
Functions: awk cut grep netstat sort
Tags: sort uniq grep netstat cut aix
0
Up
Down
See who are using a specific port

See who is using a specific port. Especially when you're using AIX. In Ubuntu, for example, this can easily be seen with the netstat command.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tan | awk '$1 == "tcp" && $4 ~ /:/ { port=$4; sub(/^[^:]+:/, "", port); used[int(port)] = 1; } END { for (p = 32768; p <= 61000; ++p) if (! (p in used)) { print p; exit(0); }; exit(1); }'
2012-01-26 20:42:56
User: wirawan0
Functions: awk netstat
0
Up
Down
find an unused unprivileged TCP port

This is also perl-less, and only uses AWK as its postprocessor. Tested with GAWK and MAWK.

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -a --numeric-ports | grep 8321
2012-01-20 22:00:56
User: peter4512
Functions: grep netstat
Tags: net tcp
1
Up
Down
tell if a port is in use

if you don't do --numeric-ports, netstat will try to resolve them to names

Show sample output | Comments (2) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -plantu
2012-01-19 00:18:43
User: player27
Functions: netstat
1
Up
Down
Show all listening and established ports TCP and UDP together with the PID of the associated process

Easy to remenber. Fot TCP only use: netstat -plant

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -anpe
2011-12-06 18:27:09
User: anarcat
Functions: netstat
Tags: Network status diagnostic
1
Up
Down
Lists all listening ports together with the PID of the associated process

Lists all opened sockets (not only listeners), no DNS resolution (so it's fast), the process id and the user holding the socket.

Previous samples were limiting to TCP too, this also lists UDP listeners.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -atn | grep :22 | grep ESTABLISHED | awk '{print $4}' | sed 's/:22//'
2011-11-09 10:51:55
User: agambier
Functions: awk grep netstat sed
-2
Up
Down
list current ssh clients
Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -plntu
2011-10-01 12:16:38
User: bolthorn0
Functions: netstat
Tags: netstat lsof networking
1
Up
Down
check open ports (both ipv4 and ipv6)

Check open TCP and UDP ports

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -plnt
2011-09-30 19:56:32
User: DopeGhoti
Functions: netstat
Tags: netstat lsof networking
6
Up
Down
check open ports (both ipv4 and ipv6)

While `lsof` will work, why not use the tool designed explicitly for this job?

(If not run as root, you will only see the names of PID you own)

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
while true ; do sleep 1 ; clear ; (netstat -tn | grep -P ':36089\s+\d') ; done
2011-09-28 11:39:43
User: hute37
Functions: clear grep netstat sleep true
-3
Up
Down
Monitoring a port connections

shell loop to scan netstat output avoiding loolback aliases (local/remote swap for local connections)

Show sample output | Comments (2) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -rn | convert label:@- netstat.png
2011-09-21 11:52:28
User: appanax
Functions: netstat
0
Up
Down
Command results as an image capture

We use the "convert" command (ImageMagick package) : see man convert (http://www.ma.utexas.edu/cgi-bin/man-cgi?convert+1)

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tn | awk 'NR>2 {print $6}' | sort | uniq -c | sort -rn
2011-09-12 23:29:39
User: evandrix
Functions: awk netstat sort uniq
8
Up
Down
Quick network status of machine

credit to tumblr engineering blog @ http://engineering.tumblr.com/

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
sudo netstat|head -n2|tail -n1 && sudo netstat -a|grep udp && echo && sudo netstat|head -n2|tail -n1 && sudo netstat -a|grep tcp
2011-09-08 18:54:36
User: brando56894
Functions: echo grep head netstat sudo tail
Tags: netstat udp tcp connections
0
Up
Down
Displays All TCP and UDP Connections
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -an |grep ":80" |awk '{print $5}' | sed s/::ffff://g | cut -d: -f1 |sort |uniq -c |sort -n | tail -1000 | grep -v "0.0.0.0"
2011-07-28 09:36:08
User: zeros
Functions: awk cut grep netstat sed sort tail uniq
0
Up
Down
Find all IP connected to my host through TCP connection and count it

Count and Find all IP connected to my host through TCP connection.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -nut | sed '/ESTABLISHED/!d;s/.*[\t ]\+\(.*\):.*/\1/' | sort -u
2011-07-27 07:25:25
User: bitbasher
Functions: netstat sed sort
0
Up
Down
All IP connected to my host
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate