Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

OpenID
or
Sign in Register

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2011-03-12 - Confoo 2011 presentation
Slides are available from the commandlinefu presentation at Confoo 2011: http://presentations.codeinthehole.com/confoo2011/
2011-01-04 - Moderation now required for new commands
To try and put and end to the spamming, new commands require moderation before they will appear on the site.
2010-12-27 - Apologies for not banning the trolls sooner
Have been away from the interwebs over Christmas. Will be more vigilant henceforth.
2010-09-24 - OAuth and pagination problems fixed
Apologies for the delay in getting Twitter's OAuth supported. Annoying pagination gremlin also fixed.
Hide

Tags

Hide

Functions

Hide

Credits

Site by David Winterbottom (user root).

Commands using netstat

Commands using netstat from sorted by
Terminal - Commands using netstat - 96 results
netstat -nut | sed '/ESTABLISHED/!d;s/.*[\t ]\+\(.*\):.*/\1/' | sort -u
2011-07-27 07:25:25
User: bitbasher
Functions: netstat sed sort
-1
Up
Down
All IP connected to my host
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -nut | awk '$NF=="ESTABLISHED" {print $5}' | cut -d: -f1 | sort -u
2011-07-27 07:24:10
User: bitbasher
Functions: awk cut netstat sort
-1
Up
Down
All IP connected to my host

find all computer connected to my host through TCP connection

Show sample output | Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -lantp | grep ESTABLISHED |awk '{print $5}' | awk -F: '{print $1}' | sort -u
2011-07-21 21:23:10
User: bitbasher
Functions: awk grep netstat sort
16
Up
Down
All IP connected to my host

find all computer connected to my host through TCP connection.

Show sample output | Comments (6) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -nt | awk -F":" '{print $2}' | sort | uniq -c
2011-07-05 07:53:29
User: sreimann
Functions: awk netstat sort uniq
Tags: sort awk uniq netstat
0
Up
Down
netstat with group by (ip adress)

count connections, group by IP and port

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -ntu | awk ' $5 ~ /^[0-9]/ {print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
2011-07-04 20:23:21
User: letterj
Functions: awk cut netstat sort uniq
Tags: netstat
-2
Up
Down
netstat with group by (ip adress)

netstat has two lines of headers:

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

Added a filter in the awk command to remove them

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -ntu | awk ' $5 ~ /^[0-9]/ {print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
2011-07-01 11:17:38
User: Koobiac
Functions: awk cut netstat sort uniq
Tags: netstat
2
Up
Down
netstat with group by (ip adress)
Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -nt | awk '{print $6}' | sort | uniq -c | sort -n -k 1 -r
2011-06-21 16:27:19
User: dennisfaust
Functions: awk netstat sort uniq
1
Up
Down
Summarize the number of open TCP connections by state

Useful for checking the number and state of TCP connections.

Show sample output | Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -n -f inet|awk '/\.389/{print $2}'|cut -f1-4 -d.|sort -u
2011-06-20 14:24:05
User: guptavi
Functions: awk cut netstat sort
1
Up
Down
To find the LDAP clients connected to LDAP service running on Solaris
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
watch -n 2 netstat -antu
2011-06-02 23:27:33
User: wilbercarmona
Functions: netstat watch
0
Up
Down
Watch netstat output every 2 seconds
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
2011-05-25 20:53:34
User: unixmonkey21979
Functions: awk cut netstat sort uniq
0
Up
Down
get the IP connected to the server (usefull to detect IP that should be blocked)
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -lnptu
2011-05-19 21:16:35
User: mariusbutuc
Functions: netstat
0
Up
Down
Active Internet connections (only servers)
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
while sleep 1; do date; (netstat -a -n | grep 80) ; done
2011-05-16 07:56:56
User: hute37
Functions: grep netstat sleep
Tags: netstat logging
-4
Up
Down
Polls fos network port usage
Comments (2) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -a -o -n | grep 8080
2011-04-28 09:58:59
User: evandrix
Functions: grep netstat
0
Up
Down
How to Kill Process that is Running on Certain Port in Windows?

I cannot run Tomcat from Eclipse. It says that there?s other process that is running on port 8080, but I don?t know what is the process, and how to stop it from the Services manger in Windows. So here?s how you can kill and find out what is that process:

To find out what PID 8080 was (hopefully not a trojan)

I typed tasklist /FI ?PID eq 8080″

taskkill /F /PID 2600

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tulpnc
2011-04-20 07:30:31
User: altern
Functions: netstat
Tags: networking port
0
Up
Down
showing opened ports on machine

shows opened ports on machine in continuous mode (refreshing every 10 sec)

Show sample output | Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
(netstat -atn | awk '{printf "%s\n%s\n", $4, $4}' | grep -oE '[0-9]*$'; seq 32768 61000) | sort -n | uniq -u | head -n 1
2010-12-15 09:27:59
User: depesz
Functions: awk grep head netstat seq sort uniq
2
Up
Down
find an unused unprivileged TCP port

perl-less way

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -atn | perl -ane 'if ( $F[3] =~ /(\d+)$/ ) { $x{$1}=1 } END{ print( (grep {!$x{$_}} 32768..61000)[0] . "\n" )}'
2010-12-15 09:25:52
User: depesz
Functions: grep netstat perl
0
Up
Down
find an unused unprivileged TCP port

perl-based version

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -atn | perl -0777 -ne '@ports = /tcp.*?\:(\d+)\s+/imsg ; for $port (32768..61000) {if(!grep(/^$port$/, @ports)) { print $port; last } }'
2010-12-14 20:44:37
User: bashrc
Functions: last netstat perl
1
Up
Down
find an unused unprivileged TCP port

Not really better - just different ;)

There's probably a really simple solution out there somewhere...

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -lnp6 | grep :8080 | sed 's#^[^\/]*/\([a-z0-9]*\)#\1#'
2010-11-03 14:11:21
User: cicatriz
Functions: grep netstat sed
1
Up
Down
The program listening on port 8080 through IPv6

Gets the application's name that's listening from the port 8080 through IPv6

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -n | grep '^tcp.*<IP>:<PORT>' | tr " " | awk 'BEGIN{FS="( |:)"}{print $6}' | sort | uniq -c | sort -n -k1 | awk '{if ($1 >= 10){print $2}}'
2010-09-16 21:06:30
User: guptavi
Functions: awk grep netstat sort tr uniq
1
Up
Down
To find which host made maximum number of specific tcp connections

This command is primarily going to work on linux boxes.

and needs to be changed, for example

IP=10\.194\.194\.2

PORT=389

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -tlvp
2010-09-05 12:00:03
User: onurgu
Functions: netstat
0
Up
Down
find out which TCP ports are listening and opened by which process in verbose
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -rn | awk '/UG/{print $2}'
2010-08-09 15:56:02
User: putnamhill
Functions: awk netstat
Tags: awk netstat gateway
-1
Up
Down
Find default gateway

Tested on CentOS, Ubuntu, and MacOS.

Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -rn | grep UG | tr -s " " | cut -d" " -f2
2010-08-09 15:25:18
User: greenmang0
Functions: cut grep netstat tr
Tags: grep netstat cut tr gateway
1
Up
Down
Find default gateway
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -antp | grep 22
2010-08-05 15:53:41
User: WhiteHatsCom
Functions: grep netstat
-16
Up
Down
عرض اتصالات لبورت محدد

عرض الاتصالات لبورت ٢٢

Comments (2) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -l -p --tcp | egrep -e 'www.*[0-9]{3,4}\/(apache2|httpd)' | awk '{print$7}'
2010-07-26 12:52:07
User: cicatriz
Functions: awk egrep netstat
Tags: netstat
-3
Up
Down
Show the number of current httpd processes
Comments (2) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
netstat -an | grep ESTABLISHED | awk '\''{print $5}'\'' | awk -F: '\''{print $1}'\'' | sort | uniq -c | awk '\''{ printf("%s\t%s\t",$2,$1); for (i = 0; i < $1; i++) {printf("*")}; print ""}'\''
2010-07-09 00:25:45
User: mramos
Functions: awk grep netstat sort uniq
7
Up
Down
Display connections histogram

Displays a connection histogram of active tcp connections. Works even better under an alias. Thanks @Areis1 for sharing this one.

Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate