简介

netstat（network statistics）是一种命令行网络实用工具，可显示TCP协议传入和传出的情况、路由表和一些网络接口（网络接口控制器或软件定义的网络接口）和网络协议统计。

常见参数

-a (all)显示所有选项(默认不显示LISTEN相关)
-t (tcp)仅显示tcp相关选项
-u (udp)仅显示udp相关选项
-n 拒绝显示别名，能显示数字的全部转化成数字。
-l 仅列出有在 Listen (监听) 的服务状态

-p 显示建立相关链接的程序名和PID
-r 显示路由信息，路由表
-e 显示扩展信息，例如uid等
-s 按各个协议进行统计(IP, TCP, UDP, ICMP)
-c 每隔一个固定时间，执行该netstat命令
-i 显示网络接口

示例

1	-st 只分析tcp协议的内容

1	-anp 显示相关联的程序和PID，拒绝显示别名，显示LISTEN状态端口

结果项

Proto – the name of the protocol (TCP or UDP).
Recv-Q – the bytes of data in the queue to be sent to the user program that established the connection. This value should be 0 or close to 0.
Send-Q – the bytes in the queue to be sent to the remote program. This value should also be 0 or close to 0.
Local Address – the IP address of the local computer and the port number being used. An asterisk (*) is shown for the host if the server is listening on all interfaces.
Foreign Address – the IP address and port number of the remote computer to which the socket is connected. If the port is not yet established, the port number is shown as an asterisk (*).
State – the state of a TCP connection. The possible states are: CLOSE_WAIT, CLOSED, ESTABLISHED, FIN_WAIT_1, FIN_WAIT_2, LAST_ACK, LISTEN, SYN_RECEIVED, SYN_SEND, and TIME_WAIT.