Netstat is a command line utility that can be used to monitor both incoming and outgoing network connections as well as view routing tables, interface statistics, etc. It can be used to list all the connected TCP and UDP socket connections and also list listening sockets that are waiting for incoming connections.
Netstat is available on all Unix-like operating systems. It is very useful for every system administrator to monitor and troubleshoot network-related problems and determine network traffic performance.
In this tutorial we will discuss how to use netstat to find information about network connections and open ports on a Linux system.
List all the TCP and UDP connections
The simplest way to use netstat is to list all the TCP and UDP connections.
Simply run the netstat command with the -a option.
netstat -a
You should see the following output.
The above command shows all the established and listening TCP and UDP socket connections
List only TCP or UDP connections
You can only list TCP connections using the -t option.
netstat -at
You should see the following output.
Similarly, only list UDP connections using the u option.
netstat -au
You should see the following output.
List all listening connections
You can list all active listening ports connections using the -l option.
netstat -l
You should see the following output.
Disable reverse DNS lookup for faster output
By default, the netstat command tries to find the hostname of each IP address in the connection by doing a reverse DNS lookup. This slows down the output.
You can disable reverse DNS lookup with the -n option.
netstat -ant
You should see the following output.
List the process name and user ID
When viewing the open listening ports and connections, it’s necessary to know the process name which has opened that port or connection.
You can get process details using the -p option.
netstat -nlpt
You should see the following output.
You can get the username along with process name using the e option.
netstat -ltpe
You should see the following output.
List network statistics
The netstat command can also be used to print network statistics of the total number of packets received and transmitted by protocol type.
To list statistics of all packet types, run:
netstat -s
You should see the following output.
Displaying IPv4 and IPv6 information
You can use the -g option to display the multicast information for both IPv4 and IPv6 protocols.
netstat -g
You should see the following output.
Display network interface statistics
You can also print the information of your network interface. You can do this with the -i and -e options:
netstat -ie
You should see the following output.
Conclusion
In above post we have explained most of what netstat is used for. If you are looking for more advanced information, read the netstat manual. You can also leave your feedback and suggestions in the comments box below.
Image credit: Jon ‘ShakataGaNai’ Davis via Wikimedia Commons
Subscribe to our newsletter!
Our latest tutorials delivered straight to your inbox
Sign up for all newsletters.
By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy. We will not share your data and you can unsubscribe at any time. Subscribe
Hitesh Jethva
Over 5 years of experience as IT system administrator for IT company in India. My skills include a deep knowledge of Rehat/Centos, Ubuntu nginx and Apache, Mysql, Subversion, Linux, Ubuntu, web hosting, web server, squied proxy, NFS, FTP, DNS, Samba, ldap, Openvpn, Haproxy, Amazon web services, WHMCS, Openstack Cloud, Postfix Mail Server, Security etc.
Comments (2)