日韩性视频-久久久蜜桃-www中文字幕-在线中文字幕av-亚洲欧美一区二区三区四区-撸久久-香蕉视频一区-久久无码精品丰满人妻-国产高潮av-激情福利社-日韩av网址大全-国产精品久久999-日本五十路在线-性欧美在线-久久99精品波多结衣一区-男女午夜免费视频-黑人极品ⅴideos精品欧美棵-人人妻人人澡人人爽精品欧美一区-日韩一区在线看-欧美a级在线免费观看

歡迎訪問 生活随笔!

生活随笔

當前位置: 首頁 > 运维知识 > linux >内容正文

linux

Linux shell 的ss

發布時間:2024/3/7 linux 35 豆豆
生活随笔 收集整理的這篇文章主要介紹了 Linux shell 的ss 小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

ss的含義 Socket State

1 查看鏈接

[admin@v035114 ~]$ ss State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.232.35.114:43583 10.235.171.2:15888 ESTAB 0 0 10.232.35.114:1023 10.232.16.13:nfs ESTAB 0 0 10.232.35.114:54487 10.232.36.75:ssh ESTAB 0 0 10.232.35.114:33943 10.235.171.1:13888 SYN-SENT 0 1 10.232.35.114:37613 10.232.14.220:webcache ESTAB 0 0 10.232.35.114:34337 10.232.17.73:ssh ESTAB 0 0 10.232.35.114:44849 10.232.36.86:ssh ESTAB 1392 0 10.232.35.114:59068 10.20.142.112:ssh ESTAB 0 0 10.232.35.114:38479 10.232.36.88:ssh ESTAB 0 0 10.232.35.114:60156 10.232.36.88:ssh ESTAB 0 0 10.232.35.114:51222 10.232.36.86:ssh ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.35:ccmad ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:65432 ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:50906 ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:51239 ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:53277 ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:50813

第一列表示狀態

第二列和第三列的Send-Q和Recv-Q含義

Send-Q 對方沒有收到的數據或者說沒有Ack的,還是本地緩沖區。

count of bytes not acknowledged by the remote host.

Recv -Q 數據已經在本地接收緩沖,但是還沒有recv()

The count of bytes not copied by the user program connected to this socket.

2 選項-n表示不解析服務名

[admin@v035114 ~]$ ss -n State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.232.35.114:43583 10.235.171.2:15888 ESTAB 0 0 10.232.35.114:33943 10.235.171.1:13888 ESTAB 1392 0 10.232.35.114:59068 10.20.142.112:22 ESTAB 0 0 10.232.35.114:60156 10.232.36.88:22 ESTAB 0 0 10.232.35.114:51222 10.232.36.86:22 ESTAB 0 0 ::ffff:10.232.35.114:22 ::ffff:10.13.44.35:3114 ESTAB 0 0 ::ffff:10.232.35.114:22 ::ffff:10.13.44.34:50813

端口22對應ssh

3 ss -l 顯示本地打開的所有監聽端口

[admin@v035114 ~]$ ss -l Recv-Q Send-Q Local Address:Port Peer Address:Port 0 0 127.0.0.1:15777 *:* 0 0 127.0.0.1:15778 *:* 0 0 127.0.0.1:smux *:* 0 0 *:50410 *:* 0 0 *:netbios-ssn *:* 0 0 *:sunrpc *:* 0 0 *:http *:* 0 0 *:43698 *:* 0 0 *:socks *:* 0 0 *:microsoft-ds *:* 0 0 :::ssh :::*

使用-n看看服務使用的端口

[admin@v035114 ~]$ ss -ln Recv-Q Send-Q Local Address:Port Peer Address:Port 0 0 127.0.0.1:15777 *:* 0 0 127.0.0.1:15778 *:* 0 0 127.0.0.1:199 *:* 0 0 *:50410 *:* 0 0 *:139 *:* 0 0 *:111 *:* 0 0 *:80 *:* 0 0 *:43698 *:* 0 0 *:1080 *:* 0 0 *:445 *:* 0 0 :::22 :::*

22 對應ssh

80 對應http

111 對應sunrpc

139 對應netbios-ssn

4 -s 摘要

[admin@v035114 ~]$ ss -s Total: 89 (kernel 114) TCP: 44 (estab 9, closed 23, orphaned 0, synrecv 0, timewait 22/0), ports 80Transport Total IP IPv6 * 114 - - RAW 0 0 0 UDP 16 13 3 TCP 21 17 4 INET 37 30 7 FRAG 0 0 0

orphaned什么意思?

最后的 ports 80 什么意思?

RAW、INET、FRAG什么意思?

IPv6 那一?列有好幾行數值不為0 設么意思?

5 -t 顯示TCP連接

[admin@v035114 ~]$ ss -t State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.232.35.114:59861 10.235.144.41:ssh ESTAB 0 0 10.232.35.114:43583 10.235.171.2:15888 ESTAB 0 0 10.232.35.114:33943 10.235.171.1:13888 ESTAB 1392 0 10.232.35.114:59068 10.20.142.112:ssh ESTAB 0 0 10.232.35.114:60156 10.232.36.88:ssh ESTAB 0 0 10.232.35.114:51222 10.232.36.86:ssh ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.35:ccmad ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:50813 ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.50:54354

6 -u顯示UDP連接

[admin@v035114 ~]$ ss -t State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.232.35.114:59861 10.235.144.41:ssh ESTAB 0 0 10.232.35.114:43583 10.235.171.2:15888 ESTAB 0 0 10.232.35.114:33943 10.235.171.1:13888 ESTAB 1392 0 10.232.35.114:59068 10.20.142.112:ssh ESTAB 0 0 10.232.35.114:60156 10.232.36.88:ssh ESTAB 0 0 10.232.35.114:51222 10.232.36.86:ssh ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.35:ccmad ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:50813 ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.50:54354

7 -p顯示使用socket的pid,第一次使用這個命令就是利用-p選項找java的pid,然后jstack java進程, ss -p | grep "db-ip"

[admin@v035114 ~]$ ss -p State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.232.35.114:59861 10.235.144.41:ssh users:(("ssh",20182,3)) ESTAB 0 0 10.232.35.114:43583 10.235.171.2:15888 ESTAB 0 0 10.232.35.114:33943 10.235.171.1:13888 ESTAB 1392 0 10.232.35.114:59068 10.20.142.112:ssh users:(("ssh",19281,3)) SYN-SENT 0 1 10.232.35.114:46842 10.232.14.220:webcache ESTAB 0 0 10.232.35.114:60156 10.232.36.88:ssh users:(("ssh",10249,3)) ESTAB 0 0 10.232.35.114:51222 10.232.36.86:ssh users:(("ssh",10346,3)) ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.35:ccmad ESTAB 0 180 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:50813 ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.50:54354

括號里面第3位不知道什么意思?
最后一行的::fffff:是什么意思?

8 -o顯示定時器信息

[admin@v035114 ~]$ ss -o State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.232.35.114:59861 10.235.144.41:ssh timer:(keepalive,21min,0) ESTAB 0 0 10.232.35.114:43583 10.235.171.2:15888 ESTAB 0 0 10.232.35.114:33943 10.235.171.1:13888 timer:(keepalive,6.248ms,0) ESTAB 1392 0 10.232.35.114:59068 10.20.142.112:ssh timer:(keepalive,19min,0) SYN-SENT 0 1 10.232.35.114:56005 10.232.14.220:webcache timer:(on,1.092ms,0) ESTAB 0 0 10.232.35.114:60156 10.232.36.88:ssh timer:(keepalive,32min,0) ESTAB 0 0 10.232.35.114:51222 10.232.36.86:ssh timer:(keepalive,30min,0) ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.35:ccmad timer:(keepalive,11min,0) ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:50813 timer:(keepalive,18min,0) ESTAB 0 0 ::ffff:10.232.35.114:ssh ::ffff:10.13.44.50:54354 timer:(keepalive,21min,0)

看到兩個類型的timer,都不知道什么意思?

on

keepalive

9 -i 顯示內部TCP信息,只打印后幾列

[admin@v035114 ~]$ ss -iLocal Address:Port Peer Address:Port 10.232.35.114:59861 10.235.144.41:ssh rto:0.212 ato:0.04 cwnd:3 ssthresh:100 qack:1110.232.35.114:43583 10.235.171.2:15888 rto:0.204 ato:0.04 cwnd:3 ssthresh:10010.232.35.114:33943 10.235.171.1:13888 rto:0.212 ato:0.04 cwnd:3 ssthresh:10010.232.35.114:59068 10.20.142.112:ssh rto:0.212 ato:0.04 cwnd:20 ssthresh:10010.232.35.114:43376 10.232.14.220:webcache 10.232.35.114:60156 10.232.36.88:ssh rto:0.204 ato:0.04 ssthresh:100 bidir10.232.35.114:51222 10.232.36.86:ssh rto:0.204 ato:0.04 cwnd:3 ssthresh:100::ffff:10.232.35.114:ssh ::ffff:10.13.44.35:ccmad rto:0.256 ato:0.04 cwnd:3 ssthresh:3 qack:14::ffff:10.232.35.114:ssh ::ffff:10.13.44.34:50813 rto:0.476 ato:0.04 cwnd:5 ssthresh:100 bidir::ffff:10.232.35.114:ssh ::ffff:10.13.44.50:54354 rto:0.316 ato:0.04 cwnd:4 ssthresh:100 qack:1


rto

ato

cwnd

ssthresh 都是什么意思啊?

10? Filter過濾的例子

ss -o state established '( dport = :smtp or sport = :smtp )' ? 顯示所有已建立的SMTP連接
ss -o state established '( dport = :http or sport = :http )' ?顯示所有已建立的HTTP連接





?

?

?


?

總結

以上是生活随笔為你收集整理的Linux shell 的ss的全部內容,希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯,歡迎將生活随笔推薦給好友。