netstat Command in Linux
Overview
The netstat command in Linux is a useful tool for monitoring network connections. It displays active connections, their status, and related statistics. With this command, you can quickly find out which ports are open, which services are listening on them, and which IP addresses are connected to your system. This article will cover the syntax, options, and usage of the netstat command in Linux.
Transform Your Career
Choose from our industry-leading programs designed for career success
Modern Software and AI Engineering Program
Master full-stack development with AI integration
+1000 moreModern Data Science and ML with specialisation in AI
Advanced data science techniques with AI specialization
+1000 moreAdvanced AIML with Specialisation in Agentic AI
Deep dive into AIML with focus on Agentic systems
+1000 moreDevOps, Cloud & AI Platform Engineering
Build and manage AI-powered cloud infrastructure
+1000 moreAI Engineering Advanced Certification by IIT-Roorkee
Premier AI engineering certification from IIT-Roorkee
Linux netstat Command Syntax
The syntax for the netstat command is as follows:
Where:
- netstat: The name of the command.
netstat Command Options:
- -t: Displays TCP connections.
- -u: Displays UDP connections.
- -l: Displays only listening ports.
- -p: Displays the process name/ID using the port.
- -n: Displays numerical addresses instead of resolving names.
- -r: Displays the routing table information.
Example Usages
-
Display all active connections.:
Output:
Explanation: The command netstat without any options will display all active connections in the system. The output includes the protocol (TCP or UDP), the local and foreign addresses, and the state of the connection.
-
Display listening TCP ports.:
Output:
Explanation: The option -l displays only listening ports. The option -n displays numerical addresses instead of resolving names. The option -t filters TCP connections and the option -p shows the process name/ID using the port. Therefore, the command netstat -tln displays only listening TCP ports in the system.
-
Display routing table information.:
Output:
Explanation: The option -r displays the routing table information. This includes the destination, gateway, and netmask of the route, as well as the interface and metric. In this example, there are two routes defined: one for the local network and one for the default route.
Turn Learning into Career Growth
Tips
-
You can use the option -a to display all connections, including those in the listening state.
-
You can use the option -c to display the netstat output continuously, updating it every second.
-
You can use the option -e to display additional networking statistics.
Advanced Use Cases of netstat Command in Linux
-
Display network statistics for a specific protocol.:
Output:
Explanation: The option -s displays the statistics for the specified protocol. In this example, the command netstat -s tcp displays the TCP statistics, including active and passive connection openings, failed connection attempts, and segment transmissions.
-
Display network statistics for a specific interface.:
Output:
Explanation: The option -i displays the statistics for the specified interface. In this example, the command netstat -i eth0 displays the network statistics for the eth0 interface, including the number of received and transmitted packets, errors, and drops.
-
Display network statistics for a specific process.:
Output:
Explanation: The option -p shows the process name/ID using the port. You can use the grep command to filter the output by process name. In this example, the command netstat -tap | grep sshd displays the network statistics for the sshd process.
Conclusion
-
The netstat command is a powerful tool for monitoring network connections in Linux.
-
With this command, you can display active connections, their status, and related statistics.
-
You can filter the output by protocol, interface, process, or state.
-
The netstat command can help you troubleshoot network issues and identify potential security threats.