http://blog.csdn.net/arkblue/article/details/7876210

ss的含义 Socket State

1 查看链接

[html] view plaincopy
  1. [admin@v035114 ~]$ ss
  2. State      Recv-Q Send-Q                       Local Address:Port                           Peer Address:Port
  3. ESTAB      0      0                            10.232.35.114:43583                          10.235.171.2:15888
  4. ESTAB      0      0                            10.232.35.114:1023                           10.232.16.13:nfs
  5. ESTAB      0      0                            10.232.35.114:54487                          10.232.36.75:ssh
  6. ESTAB      0      0                            10.232.35.114:33943                          10.235.171.1:13888
  7. SYN-SENT   0      1                            10.232.35.114:37613                         10.232.14.220:webcache
  8. ESTAB      0      0                            10.232.35.114:34337                          10.232.17.73:ssh
  9. ESTAB      0      0                            10.232.35.114:44849                          10.232.36.86:ssh
  10. ESTAB      1392   0                            10.232.35.114:59068                         10.20.142.112:ssh
  11. ESTAB      0      0                            10.232.35.114:38479                          10.232.36.88:ssh
  12. ESTAB      0      0                            10.232.35.114:60156                          10.232.36.88:ssh
  13. ESTAB      0      0                            10.232.35.114:51222                          10.232.36.86:ssh
  14. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.35:ccmad
  15. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:65432
  16. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:50906
  17. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:51239
  18. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:53277
  19. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:50813

第一列表示状态

第二列和第三列的Send-Q和Recv-Q含义

Send-Q 对方没有收到的数据或者说没有Ack的,还是本地缓冲区。

count of bytes not acknowledged by the remote host.

Recv -Q 数据已经在本地接收缓冲,但是还没有recv()

The count of bytes not copied by the user program connected to this socket.

2 选项-n表示不解析服务名

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -n
  2. State      Recv-Q Send-Q                         Local Address:Port                           Peer Address:Port
  3. ESTAB      0      0                              10.232.35.114:43583                          10.235.171.2:15888
  4. ESTAB      0      0                              10.232.35.114:33943                          10.235.171.1:13888
  5. ESTAB      1392   0                              10.232.35.114:59068                         10.20.142.112:22
  6. ESTAB      0      0                              10.232.35.114:60156                          10.232.36.88:22
  7. ESTAB      0      0                              10.232.35.114:51222                          10.232.36.86:22
  8. ESTAB      0      0                       ::ffff:10.232.35.114:22                       ::ffff:10.13.44.35:3114
  9. ESTAB      0      0                       ::ffff:10.232.35.114:<span style="BACKGROUND-COLOR: #999900">22</span>                       ::ffff:10.13.44.34:50813

端口22对应ssh

3 ss -l 显示本地打开的所有监听端口

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -l
  2. Recv-Q Send-Q                            Local Address:Port                                Peer Address:Port
  3. 0      0                                     127.0.0.1:15777                                          *:*
  4. 0      0                                     127.0.0.1:15778                                          *:*
  5. 0      0                                     127.0.0.1:smux                                           *:*
  6. 0      0                                             *:50410                                          *:*
  7. 0      0                                             *:netbios-ssn                                        *:*
  8. 0      0                                             *:sunrpc                                         *:*
  9. 0      0                                             *:http                                           *:*
  10. 0      0                                             *:43698                                          *:*
  11. 0      0                                             *:socks                                          *:*
  12. 0      0                                             *:microsoft-ds                                        *:*
  13. 0      0                                            :::ssh                                           :::*

使用-n看看服务使用的端口

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -ln
  2. Recv-Q Send-Q                              Local Address:Port                                Peer Address:Port
  3. 0      0                                       127.0.0.1:15777                                          *:*
  4. 0      0                                       127.0.0.1:15778                                          *:*
  5. 0      0                                       127.0.0.1:199                                            *:*
  6. 0      0                                               *:50410                                          *:*
  7. 0      0                                               *:139                                            *:*
  8. 0      0                                               *:111                                            *:*
  9. 0      0                                               *:80                                             *:*
  10. 0      0                                               *:43698                                          *:*
  11. 0      0                                               *:1080                                           *:*
  12. 0      0                                               *:445                                            *:*
  13. 0      0                                              :::22                                            :::*

22 对应ssh

80 对应http

111 对应sunrpc

139 对应netbios-ssn

4 -s 摘要

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -s
  2. Total: 89 (kernel 114)
  3. TCP:   44 (estab 9, closed 23, orphaned 0, synrecv 0, timewait 22/0), ports 80
  4. Transport Total     IP        IPv6
  5. *         114       -         -
  6. RAW       0         0         0
  7. UDP       16        13        3
  8. TCP       21        17        4
  9. INET      37        30        7
  10. FRAG      0         0         0

orphaned什么意思?

最后的 ports 80 什么意思?

RAW、INET、FRAG什么意思?

IPv6 那一 列有好几行数值不为0 设么意思?

5 -t 显示TCP连接

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -t
  2. State      Recv-Q Send-Q                       Local Address:Port                           Peer Address:Port
  3. ESTAB      0      0                            10.232.35.114:59861                         10.235.144.41:ssh
  4. ESTAB      0      0                            10.232.35.114:43583                          10.235.171.2:15888
  5. ESTAB      0      0                            10.232.35.114:33943                          10.235.171.1:13888
  6. ESTAB      1392   0                            10.232.35.114:59068                         10.20.142.112:ssh
  7. ESTAB      0      0                            10.232.35.114:60156                          10.232.36.88:ssh
  8. ESTAB      0      0                            10.232.35.114:51222                          10.232.36.86:ssh
  9. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.35:ccmad
  10. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:50813
  11. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.50:54354

6 -u显示UDP连接

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -t
  2. State      Recv-Q Send-Q                       Local Address:Port                           Peer Address:Port
  3. ESTAB      0      0                            10.232.35.114:59861                         10.235.144.41:ssh
  4. ESTAB      0      0                            10.232.35.114:43583                          10.235.171.2:15888
  5. ESTAB      0      0                            10.232.35.114:33943                          10.235.171.1:13888
  6. ESTAB      1392   0                            10.232.35.114:59068                         10.20.142.112:ssh
  7. ESTAB      0      0                            10.232.35.114:60156                          10.232.36.88:ssh
  8. ESTAB      0      0                            10.232.35.114:51222                          10.232.36.86:ssh
  9. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.35:ccmad
  10. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:50813
  11. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.50:54354

7 -p显示使用socket的pid,第一次使用这个命令就是利用-p选项找java的pid,然后jstack java进程, ss -p | grep "db-ip"

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -p
  2. State      Recv-Q Send-Q                       Local Address:Port                           Peer Address:Port
  3. ESTAB      0      0                            10.232.35.114:59861                         10.235.144.41:ssh      users:(("ssh",<span style="BACKGROUND-COLOR: #999900">20182</span>,3))
  4. ESTAB      0      0                            10.232.35.114:43583                          10.235.171.2:15888
  5. ESTAB      0      0                            10.232.35.114:33943                          10.235.171.1:13888
  6. ESTAB      1392   0                            10.232.35.114:59068                         10.20.142.112:ssh      users:(("ssh",<span style="BACKGROUND-COLOR: #999900">19281</span>,3))
  7. SYN-SENT   0      1                            10.232.35.114:46842                         10.232.14.220:webcache
  8. ESTAB      0      0                            10.232.35.114:60156                          10.232.36.88:ssh      users:(("ssh",<span style="BACKGROUND-COLOR: #999900">10249</span>,3))
  9. ESTAB      0      0                            10.232.35.114:51222                          10.232.36.86:ssh      users:(("ssh",<span style="BACKGROUND-COLOR: #999900">10346</span>,3))
  10. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.35:ccmad
  11. ESTAB      0      180                   ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:50813
  12. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.50:54354

括号里面第3位不知道什么意思?
最后一行的::fffff:是什么意思?

8 -o显示定时器信息

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -o
  2. State      Recv-Q Send-Q                       Local Address:Port                           Peer Address:Port
  3. ESTAB      0      0                            10.232.35.114:59861                         10.235.144.41:ssh      timer:(keepalive,21min,0)
  4. ESTAB      0      0                            10.232.35.114:43583                          10.235.171.2:15888
  5. ESTAB      0      0                            10.232.35.114:33943                          10.235.171.1:13888    timer:(keepalive,6.248ms,0)
  6. ESTAB      1392   0                            10.232.35.114:59068                         10.20.142.112:ssh      timer:(keepalive,19min,0)
  7. SYN-SENT   0      1                            10.232.35.114:56005                         10.232.14.220:webcache  timer:(on,1.092ms,0)
  8. ESTAB      0      0                            10.232.35.114:60156                          10.232.36.88:ssh      timer:(keepalive,32min,0)
  9. ESTAB      0      0                            10.232.35.114:51222                          10.232.36.86:ssh      timer:(keepalive,30min,0)
  10. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.35:ccmad    timer:(keepalive,11min,0)
  11. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.34:50813    timer:(keepalive,18min,0)
  12. ESTAB      0      0                     ::ffff:10.232.35.114:ssh                      ::ffff:10.13.44.50:54354    timer:(keepalive,21min,0)

看到两个类型的timer,都不知道什么意思?

on

keepalive

9 -i 显示内部TCP信息,只打印后几列

[plain] view plaincopy
  1. [admin@v035114 ~]$ ss -i
  2. Local Address:Port              Peer Address:Port
  3. 10.232.35.114:59861            10.235.144.41:ssh      rto:0.212 ato:0.04 cwnd:3 ssthresh:100 qack:11
  4. 10.232.35.114:43583             10.235.171.2:15888    rto:0.204 ato:0.04 cwnd:3 ssthresh:100
  5. 10.232.35.114:33943             10.235.171.1:13888    rto:0.212 ato:0.04 cwnd:3 ssthresh:100
  6. 10.232.35.114:59068            10.20.142.112:ssh      rto:0.212 ato:0.04 cwnd:20 ssthresh:100
  7. 10.232.35.114:43376            10.232.14.220:webcache
  8. 10.232.35.114:60156             10.232.36.88:ssh      rto:0.204 ato:0.04 ssthresh:100 bidir
  9. 10.232.35.114:51222             10.232.36.86:ssh      rto:0.204 ato:0.04 cwnd:3 ssthresh:100
  10. ::ffff:10.232.35.114:ssh         ::ffff:10.13.44.35:ccmad    rto:0.256 ato:0.04 cwnd:3 ssthresh:3 qack:14
  11. ::ffff:10.232.35.114:ssh         ::ffff:10.13.44.34:50813    rto:0.476 ato:0.04 cwnd:5 ssthresh:100 bidir
  12. ::ffff:10.232.35.114:ssh         ::ffff:10.13.44.50:54354    rto:0.316 ato:0.04 cwnd:4 ssthresh:100 qack:1

rto

ato

cwnd

ssthresh 都是什么意思啊?

10  Filter过滤的例子

ss -o state established '( dport = :smtp or sport = :smtp )'   显示所有已建立的SMTP连接
ss -o state established '( dport = :http or sport = :http )'  显示所有已建立的HTTP连接

linux ss的使用方法相关推荐

  1. Linux 常用命令使用方法

    Linux 常用命令使用方法 1.# 表示权限用户(如:root),$ 表示普通用户  开机提示:Login:输入用户名  password:输入口令   用户是系统注册用户成功登陆后,可以进入相应的 ...

  2. Linux kernel panic解决方法

    Linux kernel panic解决方法 kernel panic错误表现 kernel panic 主要有以下几个出错提示: Kernel panic-not syncing fatal exc ...

  3. linux最好的关机方法,【Linux】正确的关机方法

    1)shutdown命令 我们较常使用的是shutdown这个命令,这个命令可以安全地关闭或重启Linux系统,它在系统关闭之前给系统上的所有登录用户提示一条警告信息.该命令还允许用户指定一个时间参数 ...

  4. Linux 常用命令使用方法大搜刮

    Linux 常用命令使用方法大搜刮 1.# 表示权限用户(如:root),$ 表示普通用户   开机提示:Login:输入用户名   password:输入口令   用户是系统注册用户成功登陆后,可以 ...

  5. linux默认文件大小,Linux 改变文件大小的方法

    函数原型: #include int ftruncate(int fd, off_t length); //改变文件大小为length指定大小;返回值 执行成功则返回0,失败返回-1. 函数ftrun ...

  6. linux 物理内存统计,说说free命令  + Linux可用内存统计方法

    关键在于两个字段,buffers和cached. 你经常会发现Linux系统用了一段时间后,内存所剩无几,free命令,一看,内存全跑到 buffers和cached里面了:这个现象是正常的.访问过的 ...

  7. linux命令在哪里使用,在Linux不同场景中Linux命令的使用方法

    文章目录 1.日志查看实时查看tomcat日志文件查看: 2.修改配置文件内容最常见的就是修改环境变量 3.vi/vim编辑器 4.查看tomcat进程,杀死进程,重启进程. 5.压缩解压缩文件 6. ...

  8. Linux permission denied解决方法

    Linux permission denied解决方法 参考文章: (1)Linux permission denied解决方法 (2)https://www.cnblogs.com/aarontho ...

  9. [Linux]core文件调试方法

    来源: shaovey的专栏 在程序不寻常退出时,内核会在当前工作目录下生成一个core文件(是一个内存映像,同时加上调试信息).使用gdb来查看core文件,可以指示出导致程序出错的代码所在文件和行 ...

最新文章

  1. 韩国一周新增千例确诊,想用 AI 定位出咳嗽的人
  2. python 有效的字母异位词
  3. java 读取 文本块_Java 13:文本块
  4. python split函数 空格_Python随笔29:Python基础编程练习题23~24
  5. hadoop-0.21.0-eclipse-plugin无法在eclipse中运行解决方案
  6. 《零基础》MySQL 删除数据库(六)
  7. nginx 搭建http协议拖动播放 FLV 视频播放服务器
  8. kloxo 安装图解
  9. python读取txt文件为字典username_如何使用txt和ids将.txt文件内容解析为python中的字典?...
  10. 【华为云技术分享】云图说|人工智能新科技—文字识别服务
  11. WebSocket 详解教程
  12. nginx负载均衡实验笔记
  13. sprint 3 总结
  14. MySQL数据库(10)----IN 和 NOT IN 子查询
  15. 计算机相关技术汇报ppt模板,计算机硕士开题报告ppt模板.doc
  16. php网易云信im即时通讯和聊天室
  17. 利用账号密码模拟登录新浪微博
  18. Vue CLI 3结合Lerna进行UI框架设计
  19. CCRC信息安全服务资质申请流程详解
  20. Matlab实现曲线拟合的最小二乘法

热门文章

  1. 2种方法设置RAR文件打开密码
  2. 电力窃漏电用户自动识别(SPSS Modeler)
  3. 【信息系统项目管理师】信息系统主流开发方法之结构化方法、面向对象方法和原型法总结
  4. 湖南省计算机等级考试(二级)题库 第四部分
  5. Day 41 Mysql高级操作
  6. 计蒜客---它是多么甜蜜啊!
  7. 扇贝编程python学习笔记-基础篇5
  8. access_token is invalid or not latest rid?
  9. 最大扇入数怎么判断_如何判断,你的运动是否有效?
  10. 为什么女性朋友容易患上拇外翻?