Log Linux command (20180424)-SS command

The SS is the abbreviation for the socket statistics. As the name implies, the SS command can be used to get socket statistics, which can display and netstat similar content. But the advantage of the SS is that it can show more and more detailed information about TCP and connection status, and is faster and more efficient than netstat.

When the number of socket connections for a server becomes very large, the execution speed is slow, either with the netstat command or the cat/proc/net/tcp. You may not have a personal feeling, but please believe me, when the server maintains a connection of tens of thousands of times, the use of netstat equals wasting life, and the SS is to save time.

The World martial arts only fast not broken. The secret of SS Quick is that he took advantage of the TCP protocol stack in Tcp_diag. Tcp_diag is a module for analyzing statistics that gives you first-hand information in the Linux kernel, which ensures the fast and efficient SS. Of course, if you do not have tcp_diag,ss in your system, you can run normally, but the efficiency will become slightly slower. (but still faster than Netstat.) ）

Usage examples:

Example 1: Displaying a TCP connection

Command: Ss-t-A

Example 2: Display sockets summary

Command: Ss-s

Lists the current established, closed, orphaned, and waiting TCP sockets

Example 3:

Ss-l

Example 4: View the socket used by the process

Command:

Ss-pl

Example 5: Find out the open socket/port application

Command:

Ss-lp | grep 3306

Example 6: Show all UDP sockets

Command:

Ss-u-A

Example 7: Show all SMTP connections with established status

Command:

Ss-o State established ' (Dport =: SMTP or sport =: SMTP) '

Example 8: Show all HTTP connections with established status

Command:

Ss-o State established ' (Dport =: http or sport =: http) '

Example 9: Enumerate all TCP sockets in the Fin-wait-1 state where the source port is 80 or 443 and the destination network is 192.168.1/24

Command:

Ss-o state fin-wait-1 ' (sport =: http or sport =: HTTPS) ' DST 192.168.1/24

Example 10: Filtering Sockets with TCP status:

Command:

Ss-4 State Filter-name-here

Ss-6 State Filter-name-here

Filter-name-here can represent any one of the following

Established

Syn-sent

Syn-recv

Fin-wait-1

Fin-wait-2

Time-wait

Closed

Close-wait

Last-ack

Listen

Closing

All above states

Connected all states except listen and closed

Synchronized all connected states in addition to Syn-sent

Buckets show states as maintained as minisockets, such as time-wait and SYN-RECV.

Big and bucket opposite

Example 11: Matching remote address and port number

Command:

SS DST Adderss_pattern

SS DST 192.168.1.1

SS DST 192.168.1.1:8080

Example 12: Matching local address and port number

Command:

SS Src Address_pattern

SS Src 192.168.1.1

SS Src 192.168.1.1:80

Example 13: Compare a local or remote port to a number

Command:

SS Dport OP Port remote port and a number comparison; destination port

SS Sport OP Port Local port and a number comparison; source port

Op--option:

<= or LE, >= or ge, = = or EQ,

! = or NE < or GT > or LT

Example 14:SS and netstat efficiency comparison

Command:

Time Netstat-at

Time SS

Use the time command to obtain, respectively, the Times used by the Netstat and SS commands to get the resource occupied by the program. When the number of server connections is more, netstat efficiency is completely unable to compare with SS.

Source: https://www.cnblogs.com/aaronax/p/5664719.html

Log linux commands (20180424)-SS command