How to work with Networking Tools
Linux

Using network tools ping/netstat in Linux

1 923

Networking Tools

Hi welcome to new interesting tutorial . In this tutorial we will provides lots of information regarding network monitoring. In previous topic we discussed about network related configurations and files and this tutorial its mainly related to network monitoring.

Introduction

There are so many tools with CLI/GUI for network monitoring but we will discuss here two command mode utilities. We use these tools when we need a quick response to see that our network or our ISP’s network is online. Tools which are very useful in networking are ping and netstat.

Ping

Assume that we have done the networking in small office and now we want to check that every system is connected with router/server or other systems/ISPs. Ping is the tool to communicate with devices. If the remote server is online, ping reports back the number of bytes and time it takes to get there. If the server is not online, it will give you an error message that remote system does not exist in term of request time out/unreachable/general failure. This tool is available in all operating systems.

Here we see that localhost (127.0.0.1) is connected. While ping will go on forever unless you hit Ctrl + C. Syntax ping ip. (You can restrict number of times you want to ping remote system by using option c (count))

You can restrict number of times you want to ping remote system by using option c

[root@faraz ~]# ping localhost
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.088 ms
64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.252 ms

In below command we are using option c with ping command . We want to ping system 10 times
[root@faraz ~]# ping -c 10 localhost
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.086 ms
64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.113 ms
64 bytes from localhost (127.0.0.1): icmp_seq=3 ttl=64 time=0.123 ms
64 bytes from localhost (127.0.0.1): icmp_seq=4 ttl=64 time=0.230 ms
64 bytes from localhost (127.0.0.1): icmp_seq=5 ttl=64 time=0.232 ms
64 bytes from localhost (127.0.0.1): icmp_seq=6 ttl=64 time=0.122 ms
64 bytes from localhost (127.0.0.1): icmp_seq=7 ttl=64 time=0.124 ms
64 bytes from localhost (127.0.0.1): icmp_seq=8 ttl=64 time=0.124 ms
64 bytes from localhost (127.0.0.1): icmp_seq=9 ttl=64 time=0.122 ms
64 bytes from localhost (127.0.0.1): icmp_seq=10 ttl=64 time=0.585 ms

--- localhost ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9006ms
rtt min/avg/max/mdev = 0.086/0.186/0.585/0.141 ms
[root@faraz ~]#

Netstat

netstat stand for network statistics. This is command line tool to monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics etc. It is very useful in network troubleshooting and performance measurement. netstat is one of the  most basic network service debugging tool, it tells you which ports are open and whether programs are listening on ports. This tool is very important and much useful for Linux Network/System Administrator to determine network traffic performance.

List all the listening ports of tcp and udp by using command netstat –a.

[root@faraz ~]# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:sunrpc          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:mountd          0.0.0.0:*               LISTEN
tcp        0      0 192.168.122.1:domain    0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:35382           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN
tcp        0      0 localhost:ipp           0.0.0.0:*               LISTEN
tcp        0      0 localhost:smtp          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:51329           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:nfs             0.0.0.0:*               LISTEN
tcp        0      0 192.168.8.110:ssh       192.168.8.106:57764     ESTABLISHED
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
tcp6       0      0 [::]:40848              [::]:*                  LISTEN
tcp6       0      0 [::]:mountd             [::]:*                  LISTEN
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
tcp6       0      0 localhost:smtp          [::]:*                  LISTEN
tcp6       0      0 [::]:nfs                [::]:*                  LISTEN
tcp6       0      0 [::]:32994              [::]:*                  LISTEN
udp        0      0 0.0.0.0:40641           0.0.0.0:*
udp        0      0 0.0.0.0:mdns            0.0.0.0:*
udp        0      0 0.0.0.0:32608           0.0.0.0:*

List only tcp port connections by using command netstat –at.

[root@faraz ~]# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:sunrpc          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:mountd          0.0.0.0:*               LISTEN
tcp        0      0 192.168.122.1:domain    0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:35382           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN
tcp        0      0 localhost:ipp           0.0.0.0:*               LISTEN
tcp        0      0 localhost:smtp          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:51329           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:nfs             0.0.0.0:*               LISTEN
tcp        0     64 192.168.8.110:ssh       192.168.8.106:57764     ESTABLISHED
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
tcp6       0      0 [::]:40848              [::]:*                  LISTEN
tcp6       0      0 [::]:mountd             [::]:*                  LISTEN
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
tcp6       0      0 localhost:smtp          [::]:*                  LISTEN
tcp6       0      0 [::]:nfs                [::]:*                  LISTEN
tcp6       0      0 [::]:32994              [::]:*                  LISTEN
[root@faraz ~]#

List only udp port connections by using command netstat –au.

[root@faraz ~]# netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 0.0.0.0:40641           0.0.0.0:*
udp        0      0 0.0.0.0:mdns            0.0.0.0:*
udp        0      0 0.0.0.0:32608           0.0.0.0:*
udp        0      0 0.0.0.0:941             0.0.0.0:*
udp        0      0 localhost:951           0.0.0.0:*
udp        0      0 0.0.0.0:nfs             0.0.0.0:*
udp        0      0 192.168.122.1:domain    0.0.0.0:*
udp        0      0 0.0.0.0:bootps          0.0.0.0:*
udp        0      0 0.0.0.0:bootpc          0.0.0.0:*
udp        0      0 0.0.0.0:mountd          0.0.0.0:*
udp        0      0 0.0.0.0:sunrpc          0.0.0.0:*
udp        0      0 0.0.0.0:39549           0.0.0.0:*
udp        0      0 0.0.0.0:59526           0.0.0.0:*
udp6       0      0 [::]:49880              [::]:*
udp6       0      0 [::]:64255              [::]:*
udp6       0      0 [::]:55556              [::]:*
udp6       0      0 [::]:941                [::]:*
udp6       0      0 [::]:nfs                [::]:*
udp6       0      0 [::]:mountd             [::]:*
udp6       0      0 [::]:sunrpc             [::]:*
[root@faraz ~]#

List all active listening port connections by using command netstat –l (small L).

[root@faraz ~]# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:sunrpc          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:mountd          0.0.0.0:*               LISTEN
tcp        0      0 192.168.122.1:domain    0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:35382           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN
tcp        0      0 localhost:ipp           0.0.0.0:*               LISTEN
tcp        0      0 localhost:smtp          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:51329           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:nfs             0.0.0.0:*               LISTEN
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
tcp6       0      0 [::]:40848              [::]:*                  LISTEN
tcp6       0      0 [::]:mountd             [::]:*                  LISTEN
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
tcp6       0      0 localhost:smtp          [::]:*                  LISTEN
tcp6       0      0 [::]:nfs                [::]:*                  LISTEN
tcp6       0      0 [::]:32994              [::]:*                  LISTEN
udp        0      0 0.0.0.0:40641           0.0.0.0:*
udp        0      0 0.0.0.0:mdns            0.0.0.0:*
udp        0      0 0.0.0.0:32608           0.0.0.0:*
udp        0      0 0.0.0.0:941             0.0.0.0:*
udp        0      0 localhost:951           0.0.0.0:*
udp        0      0 0.0.0.0:nfs             0.0.0.0:*
udp        0      0 192.168.122.1:domain    0.0.0.0:*
udp        0      0 0.0.0.0:bootps          0.0.0.0:*
udp        0      0 0.0.0.0:bootpc          0.0.0.0:*
udp        0      0 0.0.0.0:mountd          0.0.0.0:*
udp        0      0 0.0.0.0:sunrpc          0.0.0.0:*
udp        0      0 0.0.0.0:39549           0.0.0.0:*
udp        0      0 0.0.0.0:59526           0.0.0.0:*
udp6       0      0 [::]:49880              [::]:*
udp6       0      0 [::]:64255              [::]:*
udp6       0      0 [::]:55556              [::]:*
udp6       0      0 [::]:941                [::]:*
udp6       0      0 [::]:nfs                [::]:*
udp6       0      0 [::]:mountd             [::]:*
udp6       0      0 [::]:sunrpc             [::]:*
raw6       0      0 [::]:ipv6-icmp          [::]:*                  7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     26978    @/tmp/.ICE-unix/2850
unix  2      [ ACC ]     STREAM     LISTENING     21075    private/smtp
unix  2      [ ACC ]     STREAM     LISTENING     21078    private/relay
unix  2      [ ACC ]     STREAM     LISTENING     21099    private/lmtp
unix  2      [ ACC ]     STREAM     LISTENING     21102    private/anvil
unix  2      [ ACC ]     STREAM     LISTENING     21106    private/scache
unix  2      [ ACC ]     STREAM     LISTENING     11378    /run/lvm/lvmpolld.socket
unix  2      [ ACC ]     STREAM     LISTENING     26951    @/tmp/dbus-ce4gMkRasC
unix  2      [ ACC ]     STREAM     LISTENING     16006    /run/gssproxy.sock
unix  2      [ ACC ]     STREAM     LISTENING     11400    /run/lvm/lvmetad.socket
unix  2      [ ACC ]     STREAM     LISTENING     30606    /run/user/1000/at-spi2-JIMMBY/socket
unix  2      [ ACC ]     STREAM     LISTENING     30357    /run/user/1000/at-spi2-5OMZBY/socket
unix  2      [ ACC ]     STREAM     LISTENING     11160    /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     30376    /run/user/1000/at-spi2-M65SBY/socket
unix  2      [ ACC ]     STREAM     LISTENING     14521    /var/run/lsm/ipc/sim
unix  2      [ ACC ]     STREAM     LISTENING     14523    /var/run/lsm/ipc/simc
unix  2      [ ACC ]     STREAM     LISTENING     14380    @ISCSIADM_ABSTRACT_NAMESPACE
unix  2      [ ACC ]     STREAM     LISTENING     27979    /tmp/.esd-1000/socket
unix  2      [ ACC ]     STREAM     LISTENING     14275    /var/run/avahi-daemon/socket
unix  2      [ ACC ]     STREAM     LISTENING     21037    public/pickup
unix  2      [ ACC ]     STREAM     LISTENING     21041    public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     21044    public/qmgr
unix  2      [ ACC ]     STREAM     LISTENING     21066    public/flush
unix  2      [ ACC ]     STREAM     LISTENING     21081    public/showq
unix  2      [ ACC ]     STREAM     LISTENING     14285    /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     6870     /run/systemd/journal/stdout
unix  2      [ ACC ]     STREAM     LISTENING     14295    /var/run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     30426    /run/user/1000/at-spi2-2GV5BY/socket
unix  2      [ ACC ]     STREAM     LISTENING     33767    /var/run/NetworkManager/private-dhcp
unix  2      [ ACC ]     STREAM     LISTENING     27124    /run/user/1000/keyring/gpg
unix  2      [ ACC ]     STREAM     LISTENING     16125    /var/run/abrt/abrt.socket
[root@faraz ~]#

List all active listening tcp ports by using command netstat –lt.

[root@faraz ~]# netstat -lt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:sunrpc          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:mountd          0.0.0.0:*               LISTEN
tcp        0      0 192.168.122.1:domain    0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:35382           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN
tcp        0      0 localhost:ipp           0.0.0.0:*               LISTEN
tcp        0      0 localhost:smtp          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:51329           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:nfs             0.0.0.0:*               LISTEN
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN
tcp6       0      0 [::]:40848              [::]:*                  LISTEN
tcp6       0      0 [::]:mountd             [::]:*                  LISTEN
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
tcp6       0      0 localhost:smtp          [::]:*                  LISTEN
tcp6       0      0 [::]:nfs                [::]:*                  LISTEN
tcp6       0      0 [::]:32994              [::]:*                  LISTEN
[root@faraz ~]#

Showing statistics of only tcp protocol by using command netstat –st.

[root@faraz ~]# netstat -st
IcmpMsg:
    InType0: 109
    InType3: 11
    InType8: 77
    InType11: 147
    OutType0: 77
    OutType3: 11
    OutType8: 158
Tcp:
    0 active connections openings
    1 passive connection openings
    0 failed connection attempts
    0 connection resets received
    1 connections established
    3786 segments received
    2641 segments send out
    0 segments retransmited
    0 bad segments received.
    36 resets sent
UdpLite:
TcpExt:
    6 delayed acks sent
    4 delayed acks further delayed because of locked socket
    1236 packet headers predicted
    636 acknowledgments not containing data payload received
    1132 predicted acknowledgments
    IPReversePathFilter: 3
    TCPRcvCoalesce: 110
    TCPAutoCorking: 1
    TCPOrigDataSent: 2538
IpExt:
    InNoRoutes: 12
    InMcastPkts: 18
    OutMcastPkts: 22
    InBcastPkts: 70
    InOctets: 367392
    OutOctets: 543186
    InMcastOctets: 4355
    OutMcastOctets: 4515
    InBcastOctets: 6460
    InNoECTPkts: 4342
[root@faraz ~]#

List all active listening udp ports by using command netstat –lu.

[root@faraz ~]# netstat -lu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 0.0.0.0:40641           0.0.0.0:*
udp        0      0 0.0.0.0:mdns            0.0.0.0:*
udp        0      0 0.0.0.0:32608           0.0.0.0:*
udp        0      0 0.0.0.0:941             0.0.0.0:*
udp        0      0 localhost:951           0.0.0.0:*
udp        0      0 0.0.0.0:nfs             0.0.0.0:*
udp        0      0 192.168.122.1:domain    0.0.0.0:*
udp        0      0 0.0.0.0:bootps          0.0.0.0:*
udp        0      0 0.0.0.0:bootpc          0.0.0.0:*
udp        0      0 0.0.0.0:mountd          0.0.0.0:*
udp        0      0 0.0.0.0:sunrpc          0.0.0.0:*
udp        0      0 0.0.0.0:39549           0.0.0.0:*
udp        0      0 0.0.0.0:59526           0.0.0.0:*
udp6       0      0 [::]:49880              [::]:*
udp6       0      0 [::]:64255              [::]:*
udp6       0      0 [::]:55556              [::]:*
udp6       0      0 [::]:941                [::]:*
udp6       0      0 [::]:nfs                [::]:*
udp6       0      0 [::]:mountd             [::]:*
udp6       0      0 [::]:sunrpc             [::]:*
[root@faraz ~]#

Showing statistics of only udp protocol by using command netstat –su.

[root@faraz ~]# netstat -su
IcmpMsg:
    InType0: 109
    InType3: 11
    InType8: 77
    InType11: 147
    OutType0: 77
    OutType3: 11
    OutType8: 158
Udp:
    109 packets received
    1 packets to unknown port received.
    0 packet receive errors
    286 packets sent
    0 receive buffer errors
    0 send buffer errors
UdpLite:
IpExt:
    InNoRoutes: 12
    InMcastPkts: 20
    OutMcastPkts: 22
    InBcastPkts: 70
    InOctets: 372507
    OutOctets: 550282
    InMcastOctets: 4500
    OutMcastOctets: 4515
    InBcastOctets: 6460
    InNoECTPkts: 4411
[root@faraz ~]#

Statistics are shown for the tcp, udp, icmp and ip protocol by using command netstat –s. (Try it yourself)

Displaying service name with their process id number by using command netstat –tp.

[root@faraz ~]# netstat -tp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 192.168.8.110:ssh       192.168.8.106:57764     ESTABLISHED 3767/sshd: root@pts
[root@faraz ~]#

Displaying kernel ip routing table by using command netstat –r.

[root@faraz ~]# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
default         www.huaweimobil 0.0.0.0         UG        0 0          0 enp0s3
192.168.8.0     0.0.0.0         255.255.255.0   U         0 0          0 enp0s3
192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0 virbr0
[root@faraz ~]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.8.1     0.0.0.0         UG        0 0          0 enp0s3
192.168.8.0     0.0.0.0         255.255.255.0   U         0 0          0 enp0s3
192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0 virbr0
[root@faraz ~]#

Showing network interface packet transactions including both transferring and receiving packets with MTU (Maximum Transmission Unit) size by using command netstat –i.

[root@faraz ~]# netstat -i
Kernel Interface table
Iface      MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
enp0s3    1500     4765      0      0 0          3460      0      0      0 BMRU
lo       65536      198      0      0 0           198      0      0      0 LRU
[root@faraz ~]#

Showing interface table similar to ifconfig command by using command netstat –ie.

[root@faraz ~]# netstat -ie
Kernel Interface table
enp0s3: flags=4163  mtu 1500
        inet 192.168.8.110  netmask 255.255.255.0  broadcast 192.168.8.255
        inet6 fe80::a00:27ff:fe34:71df  prefixlen 64  scopeid 0x20
        ether 08:00:27:34:71:df  txqueuelen 1000  (Ethernet)
        RX packets 4799  bytes 463896 (453.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3476  bytes 692966 (676.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 0  (Local Loopback)
        RX packets 198  bytes 15084 (14.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 198  bytes 15084 (14.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@faraz ~]#

To get netstat information every few seconds continuously by using command netstat –c.

[root@faraz ~]# netstat -c
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0     64 192.168.8.110:ssh       192.168.8.106:61150     ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ]         DGRAM                    11175    /run/systemd/shutdownd
unix  2      [ ]         DGRAM                    6852     /run/systemd/notify
unix  5      [ ]         DGRAM                    6873     /run/systemd/journal/socket
unix  27     [ ]         DGRAM                    6875     /dev/log
unix  3      [ ]         STREAM     CONNECTED     30206    @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     16114
unix  3      [ ]         STREAM     CONNECTED     14531
unix  3      [ ]         STREAM     CONNECTED     26976    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18289
unix  2      [ ]         STREAM     CONNECTED     27589
unix  3      [ ]         STREAM     CONNECTED     30149
unix  3      [ ]         STREAM     CONNECTED     29908
unix  3      [ ]         STREAM     CONNECTED     26740    @/tmp/dbus-AgDlDc7U39
unix  3      [ ]         STREAM     CONNECTED     15778
unix  3      [ ]         STREAM     CONNECTED     30360
unix  3      [ ]         STREAM     CONNECTED     29254
unix  3      [ ]         STREAM     CONNECTED     29972
unix  3      [ ]         STREAM     CONNECTED     21079
unix  3      [ ]         STREAM     CONNECTED     29141
unix  2      [ ]         DGRAM                    16152
unix  3      [ ]         STREAM     CONNECTED     14955    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     30114    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     16471
unix  3      [ ]         STREAM     CONNECTED     21059
unix  3      [ ]         STREAM     CONNECTED     24567    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     22663    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     29763    @/tmp/dbus-AgDlDc7U39
unix  3      [ ]         STREAM     CONNECTED     17911
unix  3      [ ]         STREAM     CONNECTED     30197
unix  3      [ ]         STREAM     CONNECTED     29154
unix  3      [ ]         STREAM     CONNECTED     28849    @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     15086
unix  3      [ ]         STREAM     CONNECTED     16012    /run/gssproxy.sock
unix  3      [ ]         STREAM     CONNECTED     12184
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 192.168.8.110:ssh       192.168.8.106:61150     ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ]         DGRAM                    11175    /run/systemd/shutdownd
unix  2      [ ]         DGRAM                    6852     /run/systemd/notify
unix  5      [ ]         DGRAM                    6873     /run/systemd/journal/socket
unix  27     [ ]         DGRAM                    6875     /dev/log
unix  3      [ ]         STREAM     CONNECTED     30206    @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     16114
unix  3      [ ]         STREAM     CONNECTED     14531
unix  3      [ ]         STREAM     CONNECTED     26976    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18289
unix  2      [ ]         STREAM     CONNECTED     27589
unix  3      [ ]         STREAM     CONNECTED     30149
unix  3      [ ]         STREAM     CONNECTED     29908
unix  3      [ ]         STREAM     CONNECTED     26740    @/tmp/dbus-AgDlDc7U39
unix  3      [ ]         STREAM     CONNECTED     15778
unix  3      [ ]         STREAM     CONNECTED     30360
unix  3      [ ]         STREAM     CONNECTED     29254
unix  3      [ ]         STREAM     CONNECTED     29972
unix  3      [ ]         STREAM     CONNECTED     21079
unix  3      [ ]         STREAM     CONNECTED     29141
unix  2      [ ]         DGRAM                    16152
unix  3      [ ]         STREAM     CONNECTED     14955    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     30114    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     16471
unix  3      [ ]         STREAM     CONNECTED     21059
unix  3      [ ]         STREAM     CONNECTED     24567    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     22663    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     29763    @/tmp/dbus-AgDlDc7U39

Now we want to find how many listening programs are running on a port by using command netstat –ap |grep ssh.

[root@faraz ~]# netstat -ap| grep ssh
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN      1175/sshd
tcp        0      0 192.168.8.110:ssh       192.168.8.106:61150     ESTABLISHED 6242/sshd: root@pts
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      1175/sshd
unix  2      [ ACC ]     STREAM     LISTENING     26858    3011/ssh-agent       /tmp/ssh-H42Tir49LfQc/agent.2850
unix  2      [ ACC ]     STREAM     LISTENING     27216    2824/gnome-keyring-  /run/user/1000/keyring/ssh
unix  3      [ ]         STREAM     CONNECTED     17710    1175/sshd
unix  2      [ ]         DGRAM                    50038    6242/sshd: root@pts
[root@faraz ~]#

Summary

In this tutorial we discussed network monitoring tools and we learn how to check network status, listening ports and their statistics. Monitor tools provides the real time availability of any network node. Through the above commands you can communicate with other systems and get theirs replies if the systems in running position. Once you deploy network system now you are able to share resources and configure different types of servers to facilitate users.

I hope you enjoyed this tutorial please let us know with your suggestion we will appreciate. Keep learning with us. 🙂

Thanks

SUBSCRIBE OUR NEWSLETTER
Join us by subscribing to our newsletter and learn IT subjects for free
We hate spam. Your email address will not be sold or shared with anyone else.

1 Comment

  1. ledbrv28th January 2016 at 4:52 pm - 

    netstat is indeed very useful, but it is being slowly deprecated in favor of ss, just like ifconfig was deprecated in favor of ip. The article http://bit.ly/ss-examples (in portuguese) shows some ss equivalent comands to the netstat comands of your article.

Leave a reply

You must be logged in to post a comment.