netstat (network statistics) is a command-line utility available in most operating systems, including Windows and Unix-like systems (Linux, macOS). It provides information about network connections, routing tables, interface statistics, masquerade connections, and other network-related statistics. It’s a powerful tool for diagnosing network issues, monitoring network activities, and understanding the current network status of a system.
Here is an overview of some common parameters and their explanations for the netstat command:
- -a (or –all): Displays all active connections, including listening and non-listening sockets.Example:css
netstat -a
-n (or –numeric): Displays numerical addresses instead of resolving hostnames and port numbers.
Example:
netstat -n
-p (or –program): Displays the process ID (PID) and the name of the program associated with each connection.
netstat -p
-r (or –route): Displays the kernel’s routing table.
Example:
netstat -r
-t (or –tcp): Displays TCP connections.
Example:
netstat -t
-u (or –udp): Displays UDP connections.
Example:
netstat -u
-l (or –listening): Displays only listening sockets.
Example:
netstat -l
-e (or –extend): Provides additional information such as the User Datagram Protocol (UDP) statistics and Transmission Control Protocol (TCP) extended information.
Example:
netstat -e
-s (or –statistics): Displays various network statistics, including TCP, UDP, ICMP, and IP protocol statistics.
Example:
netstat -s
-c (or –continuous): Displays a continuous listing of network information, updating the display at regular intervals.
Example:
netstat -c
Remember that the availability of these parameters and their behavior might vary slightly depending on the operating system you’re using. Always refer to the manual (man netstat on Unix-like systems) for the most accurate and up-to-date information regarding parameter usage and output interpretation.
Here’s a possible output example for netstat -an (numeric addresses):
Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 192.168.1.2:34567 203.0.113.10:80 ESTABLISHED tcp6 0 0 :::80 :::* LISTEN udp 0 0 0.0.0.0:514 0.0.0.0:*
In this example, you can see TCP and UDP connections with their respective states, local and foreign addresses, and ports. The use of -n displays numerical addresses instead of hostname resolution.
