netstat Command in Linux

Learn via video courses
Topics Covered

Overview

The netstat command in Linux is a useful tool for monitoring network connections. It displays active connections, their status, and related statistics. With this command, you can quickly find out which ports are open, which services are listening on them, and which IP addresses are connected to your system. This article will cover the syntax, options, and usage of the netstat command in Linux.

Transform Your Career

Choose from our industry-leading programs designed for career success

NSDC Certified

Modern Software and AI Engineering Program

Master full-stack development with AI integration

12 MonthsDuration
AI-LedCurriculum
Career SupportSupport
GoogleAmazonPaytm+1000 more
Go to Program
NSDC Certified

Modern Data Science and ML with specialisation in AI

Advanced data science techniques with AI specialization

12 MonthsDuration
AI-LedCurriculum
Career SupportSupport
GoogleAmazonPaytm+1000 more
Go to Program
NSDC Certified

Advanced AIML with Specialisation in Agentic AI

Deep dive into AIML with focus on Agentic systems

12 MonthsDuration
AI-LedCurriculum
Career SupportSupport
GoogleAmazonPaytm+1000 more
Go to Program
NSDC Certified

DevOps, Cloud & AI Platform Engineering

Build and manage AI-powered cloud infrastructure

12 MonthsDuration
AI-LedCurriculum
Career SupportSupport
GoogleAmazonPaytm+1000 more
Go to Program
NSDC Certified

AI Engineering Advanced Certification by IIT-Roorkee

Premier AI engineering certification from IIT-Roorkee

3 MonthsDuration
AI-LedCurriculum
Career SupportSupport
Program highlights
Go to Program

Linux netstat Command Syntax

The syntax for the netstat command is as follows:

Where:

  • netstat: The name of the command.

netstat Command Options:

  • -t: Displays TCP connections.
  • -u: Displays UDP connections.
  • -l: Displays only listening ports.
  • -p: Displays the process name/ID using the port.
  • -n: Displays numerical addresses instead of resolving names.
  • -r: Displays the routing table information.

Example Usages

  • Display all active connections.:

    Output:

    Explanation: The command netstat without any options will display all active connections in the system. The output includes the protocol (TCP or UDP), the local and foreign addresses, and the state of the connection.

  • Display listening TCP ports.:

    Output:

    Explanation: The option -l displays only listening ports. The option -n displays numerical addresses instead of resolving names. The option -t filters TCP connections and the option -p shows the process name/ID using the port. Therefore, the command netstat -tln displays only listening TCP ports in the system.

  • Display routing table information.:

    Output:

    Explanation: The option -r displays the routing table information. This includes the destination, gateway, and netmask of the route, as well as the interface and metric. In this example, there are two routes defined: one for the local network and one for the default route.

Turn Learning into Career Growth

1200+Hiring Partners
89%Placement Rate
11,000+Placements
147%Avg Salary Increment
2.5XCareer Growth
₹23 LPAAvg Post-Scaler Salary
1200+Hiring Partners
89%Placement Rate
11,000+Placements
147%Avg Salary Increment
2.5XCareer Growth
₹23 LPAAvg Post-Scaler Salary

Tips

  • You can use the option -a to display all connections, including those in the listening state.

  • You can use the option -c to display the netstat output continuously, updating it every second.

  • You can use the option -e to display additional networking statistics.

Advanced Use Cases of netstat Command in Linux

  • Display network statistics for a specific protocol.:

    Output:

    Explanation: The option -s displays the statistics for the specified protocol. In this example, the command netstat -s tcp displays the TCP statistics, including active and passive connection openings, failed connection attempts, and segment transmissions.

  • Display network statistics for a specific interface.:

    Output:

    Explanation: The option -i displays the statistics for the specified interface. In this example, the command netstat -i eth0 displays the network statistics for the eth0 interface, including the number of received and transmitted packets, errors, and drops.

  • Display network statistics for a specific process.:

    Output:

    Explanation: The option -p shows the process name/ID using the port. You can use the grep command to filter the output by process name. In this example, the command netstat -tap | grep sshd displays the network statistics for the sshd process.

Conclusion

  • The netstat command is a powerful tool for monitoring network connections in Linux.

  • With this command, you can display active connections, their status, and related statistics.

  • You can filter the output by protocol, interface, process, or state.

  • The netstat command can help you troubleshoot network issues and identify potential security threats.

Hiring Partners:
GoogleGoogleAmazonAmazonMicrosoftMicrosoftFlipkartFlipkartAdobeAdobe1200+ more