Linux常用命令-ss

发表于 分类于

命令

ss

描述

another utility to investigate sockets
查看网络连接状态

用法

1
ss [options] [ FILTER ]

选项

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Options:
   -n, --numeric       显示数字格式而非服务名称
   -r, --resolve       解析主机名
   -a, --all           display all sockets
   -l, --listening     display listening sockets
   -o, --options       show timer information
   -e, --extended      show detailed socket information
   -m, --memory        show socket memory usage
   -p, --processes     显示进程信息
   -i, --info          show internal TCP information
   -s, --summary       显示汇总信息
   -b, --bpf           show bpf filter socket information
   -E, --events        continually display sockets as they are destroyed
   -Z, --context       display process SELinux security contexts
   -z, --contexts      display process and socket SELinux security contexts
   -N, --net           switch to the specified network namespace name
   -4, --ipv4          display only IP version 4 sockets
   -6, --ipv6          display only IP version 6 sockets
   -0, --packet        display PACKET sockets
   -t, --tcp           display only TCP sockets
   -S, --sctp          display only SCTP sockets
   -u, --udp           display only UDP sockets
   -d, --dccp          display only DCCP sockets
   -w, --raw           display only RAW sockets
   -x, --unix          display only Unix domain sockets
       --vsock         display only vsock sockets
   -f, --family=FAMILY display sockets of type FAMILY
       FAMILY := {inet|inet6|link|unix|netlink|vsock|help}
   -K, --kill          forcibly close sockets, display what was closed
   -H, --no-header     不显示标题
   -A, --query=QUERY, --socket=QUERY
       QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram}[,QUERY]
   -D, --diag=FILE     Dump raw information about TCP sockets to FILE
   -F, --filter=FILE   read filter information from FILE
       FILTER := [ state STATE-FILTER ] [ EXPRESSION ]
       STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}
         TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listen|closing}
          connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
       synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
             bucket := {syn-recv|time-wait}
                big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listen|closing}

注意

示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# 以数字格式显示tcp和udp的sockets连接
$ ss -tun
Netid  State      Recv-Q Send-Q  Local Address:Port    Peer Address:Port
tcp    ESTAB      0      0       192.168.80.10:22      192.168.80.81:42886
# 显示服务名称而非数字格式
$ ss -tu
Netid  State      Recv-Q Send-Q  Local Address:Port    Peer Address:Port
tcp    ESTAB      0      0       192.168.80.10:ssh     192.168.80.81:42886
# 同时显示监听地址,状态为LISTEN
$ ss -tunl
Netid  State      Recv-Q Send-Q  Local Address:Port    Peer Address:Port
udp    UNCONN     0      0           127.0.0.1:323                *:*
udp    UNCONN     0      0               [::1]:323             [::]:*
tcp    LISTEN     0      128                 *:22                 *:*
# 显示所有连接状态
$ ss -tuna
Netid  State      Recv-Q Send-Q  Local Address:Port    Peer Address:Port
udp    UNCONN     0      0           127.0.0.1:323                *:*
udp    UNCONN     0      0               [::1]:323             [::]:*
tcp    LISTEN     0      128                 *:22                 *:*
tcp    ESTAB      0      0       192.168.80.10:22     192.168.80.81:42886
# -p 显示进程pid
$ ss -tunap
Netid  State      Recv-Q Send-Q  Local Address:Port    Peer Address:Port
udp    UNCONN     0      0           127.0.0.1:323                *:*        users:(("chronyd",pid=653,fd=5))
udp    UNCONN     0      0               [::1]:323             [::]:*        users:(("chronyd",pid=653,fd=6))
tcp    LISTEN     0      128                 *:22                 *:*        users:(("sshd",pid=885,fd=3))
tcp    ESTAB      0      0       192.168.80.10:22     192.168.80.81:42886    users:(("sshd",pid=1075,fd=3),("sshd",pid=1073,fd=3))
# -s 显示汇总信息
$ ss -tunas
Total: 486 (kernel 969)
TCP:   2 (estab 1, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 0
Transport Total     IP        IPv6
*	  969       -         -
RAW	  1         0         1
UDP	  2         1         1
TCP	  2         2         0
INET	  5         3         2
FRAG	  0         0         0
Netid  State      Recv-Q Send-Q   Local Address:Port        Peer Address:Port
udp    UNCONN     0      0            127.0.0.1:323                    *:*
udp    UNCONN     0      0                [::1]:323                 [::]:*
tcp    LISTEN     0      128                  *:22                     *:*
tcp    ESTAB      0      0        192.168.80.10:22         192.168.80.81:42886
# 显示IPv4
$ ss -tuna4
Netid  State      Recv-Q Send-Q   Local Address:Port        Peer Address:Port
udp    UNCONN     0      0            127.0.0.1:323                    *:*
tcp    LISTEN     0      128                  *:22                     *:*
tcp    ESTAB      0      0        192.168.80.10:22         192.168.80.81:42886
# 显示IPv6
$ ss -tuna6
Netid  State      Recv-Q Send-Q   Local Address:Port        Peer Address:Port
udp    UNCONN     0      0                [::1]:323                 [::]:*
# -H 不显示标题
$ ss -tunaH
udp    UNCONN     0      0            127.0.0.1:323                    *:*
udp    UNCONN     0      0                [::1]:323                 [::]:*
tcp    LISTEN     0      128                  *:22                     *:*
tcp    ESTAB      0      0        192.168.80.10:22         192.168.80.81:42886