3, Netstat.
With no options ...
-A option ...
-E option ...
-N option ...
-F option ...
-B option ...
-O option ...
-R option ...
-S option ...
-T option ...
Interval Options ...
3, Netstat
Netstat is a very useful tool for monitoring TCP/IP networks, which can display routing tables, actual TCP network connections, TCP and UDP snooping, process memory management, and status information for each network interface device. The netstat is used to display statistics related to IP, TCP, UDP, and ICMP protocols, and is typically used to verify the network connectivity of each port on the machine, letting users know which network connections are in operation.
If your computer sometimes receives data packets that cause error data or failures, you don't have to be surprised that TCP/IP can tolerate these types of errors and be able to automatically re-send packets. But if the cumulative number of errors accounts for a significant percentage of the IP datagram received, or if its number is increasing rapidly, then you should use Netstat to find out why these situations occur.
In command-line mode, enter netstat/? can display help information.
650) this.width=650; "title=" clip_image002 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image002 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_14145925281kEo.jpg " height= "462"/>
Netstat will be prompted for the following statistics:
1. protocol (TCP or UDP)
2. Local Address: The IP address of the local computer and the port number being used. If you do not specify the-n parameter, the name and port name that corresponds to the IP address of the local computer are displayed. The port number is displayed as an asterisk if it is not already established.
3. external address: The IP address and port number of the socket connected to the remote computer. If you do not specify the-n parameter, the corresponding IP address and port name are displayed. The port number is displayed as an asterisk if it is not already established.
4, Status: Indicates the status of a TCP connection, the possible status is as follows:
LISTENING : (Listening for a connection.) Listening for connection requests from a remote TCP port
syn-sent : (Active; Sent SYN. Waiting for a matching connection the request after having sent a connection request.) Wait for a matching connection request after sending the connection request again
syn-received : (Sent and received SYN. Waiting for a confirming connection request acknowledgment after have both received and Sent con Nection requests.) Wait for confirmation of the connection request after receiving and sending a connection request
established : (Connection established.) Represents an open connection
fin-wait-1 : (Closed; sent FIN.) Waiting for a remote TCP connection to interrupt the request, or the acknowledgement of a previous connection interrupt request
fin-wait-2 : (Closed; FIN is acknowledged; Awaiting FIN.) Waiting for connection interrupt request from remote TCP
close-wait : (Received FIN; waiting to receive CLOSE.) Waiting for a connection interrupt request from a local user
CLOSING : (Closed; exchanged fin; waiting for Fin.) Wait for the remote TCP acknowledgement of the connection interruption
Last-ack : (Received fin and CLOSE; waiting for Fin ACK.) Acknowledgement of the connection interrupt request waiting for the original send to remote TCP
time-wait : (in 2 MSL (twice, maximum segment length) quiet wait after close.) Wait enough time to ensure that the remote TCP receives a connection interrupt request acknowledgement
CLOSED : (Connection is closed.) No connection Status
For more information about the status of TCP connections, see RFC 793
With no options
The netstat command, with no parameters, displays the active TCP connection. Official description: Used without parameters, Netstat displays active TCP connections.
650) this.width=650; "title=" clip_image004 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image004 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_1414592528l4aj.jpg " height= "326"/>
-A option
Displays all active TCP connections and the TCP and UDP ports that the computer is listening on. Official description: Displays all active TCP connections and the TCP and UDP ports on which the computer is listening.
The-a option is often used to get your local system open ports, and with it you can check your system on your own to have no Trojans installed. Ports less than 1024 typically run some network services, and ports greater than 1024 are used to establish a connection to a remote machine.
650) this.width=650; "title=" clip_image006 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image006 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_1414592529BmcT.jpg " height= "176"/>
-E option
This option is used to display statistical data about Ethernet. The items it lists include the total number of bytes sent, the number of errors, the number of deletes, the number of datagrams, and the number of broadcasts. These statistics have both the number of datagrams sent and the number of datagrams received. This option can be used to count some basic network traffic. This option can be used in combination with the-s option. The-s parameter is classified according to different protocols.
If the network becomes slow or unusual, you can use this command to view the scale of dropped or bad packets. If the errors received and the errors sent are close to zero or all zeros, there is no problem with the network interface. However, when the two fields have more than 100 error groups, it can be considered a high error rate. High Send error indicates local network saturation or bad physical connection between host and network; High receive error indicates that the overall network saturation, local host overload or physical connection problems, you can use the ping command to statistical error rate, further determine the extent of the failure. The combination of netstat-e and ping can solve a large number of network failures.
650) this.width=650; "title=" clip_image008 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image008 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_14145925304eIU.jpg " Height= "/>"
-N option
Displays the address and port number in a digital form, which can basically be seen as a digital form of netstat–a.
Netstat-an are generally used to display all connected ports and are represented by numbers.
650) this.width=650; "title=" clip_image010 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image010 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_1414592530eigw.jpg " height= "258"/>
-F option
Displays the fully qualified domain name of the external address
650) this.width=650; "title=" clip_image012 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image012 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_14145925313m3o.jpg " height= "312"/>
-B option
Displays the executable components that are included in creating each connection or listening port. In some cases, the executable component is known to have multiple independent components, and in these cases a sequence of components that are included in creating a connection or listening port is displayed. In this case, the executable component name is in the bottom [], the top is the component it calls, and so on, until the TCP/IP section. Note This option may take a long time and may fail if insufficient permissions are available.
650) this.width=650; "title=" clip_image014 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image014 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_1414592531dLzw.jpg " height= "271"/>
-O option
Displays the ID of the process that you have associated with each connection.
650) this.width=650; "title=" clip_image016 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image016 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_1414592532Tldu.jpg " height= "258"/>
-R option
Displays the route table, just like the output of the route print command.
650) this.width=650; "title=" clip_image018 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image018 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_14145925336dj7.jpg " height= "339"/>
-S option
Displays statistics for each protocol.
650) this.width=650; "title=" clip_image020 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image020 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_1414592533hwIQ.jpg " Height= "/>"
-T option
Displays the uninstall status of the current connection
650) this.width=650; "title=" clip_image022 "style=" Border-top:0px;border-right:0px;border-bottom:0px;border-left : 0px; "border=" 0 "alt=" clip_image022 "src=" Http://img1.51cto.com/attachment/201410/29/1024435_1414592534AN1Z.jpg " height= "326"/>
Interval options
Displays the selected statistics again, pausing interval seconds between each display. Press CTRL + C to stop displaying the statistics again. If this argument is omitted, netstat prints the current configuration information once.
This article is from the "Haina Rivers" blog, please be sure to keep this source http://hichuann.blog.51cto.com/1024435/1569435
The three commands used in network management-Netstat command text