Recommended reading: Learn a Linux command every day (65) : netstat
Introduction of the command
The ss command is used to check the network status. The ss command can be used to obtain socket statistics. The information displayed is similar to that displayed by the netstat command, but the advantage of ss is that it can display more detailed information about TCP and connection status, and it is faster and more efficient than netstat.
When the number of socket connections on the server becomes too large, the execution speed is slow, whether you run the netstat command or directly cat /proc/net/tcp. When the server maintains tens of thousands of connections, using the ss command saves more time than netstat.
Syntax format
ss [OPTIONS]
ss [ OPTIONS ] [ FILTER ]
Copy the codeOption to show
-h # Print help information -v # program version information -n # do not resolve service name -r # resolve host name -A # Display all sockets -l # Display listening sockets -o # Display timer information -e -m # Show socket memory usage -p # Show socket processes -I # Show TCP internal information -s # Show socket usage -4 # display only IPv4 sockets -6 # display only IPv6 sockets -0 # display only TCP sockets - U # display only UCP sockets -d # show only DCCP sockets -w # show only RAW sockets -x # Show only Unix sockets -f # Show FAMILY sockets -d # Dump raw TCP socket information to a file -f # Remove all information from the fileCopy the codeApplication, for example,
All TCP connections are displayed
[root@CentOS7-1 ~]# ss -t -a State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:ssh *:* LISTEN 0 100 127.0.0.1: SMTP *:* LISTEN 0 128 127.0.0.1:8125 *:* LISTEN 0 128 *: DNP -sec *:* ESTAB 00 192.168.1.100: SSH 192.168.1.93: LISTEN 59231 0 128 [: :] : SSH [: :] : * LISTEN 0 100 [: : 1) : SMTP [: :] : * LISTEN 0 128 [: : 1) : 8125 [: :] : * LISTEN 0 128 [::]:dnp-sec [::]:*Copy the codeAll UDP connection information is displayed
[root@CentOS7-1 ~]# ss -u -a State Recv -q Send -q Local Address:Port Peer Address:Port UNCONN 0 0 127.0.0.1:8125 *:* UNCONN 0 0 127.0.0.1:323 * : * UNCONN 0 0 [: : 1) : 8125. [...] : * UNCONN 0 0 [: : 1) : 323. [...] : *Copy the codeDisplay Sockets digest information
[root@CentOS7-1 ~]# ss -s Total: 569 (kernel 1020) TCP: 9 (estab 1, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 0 Transport Total IP IPv6 * 1020 - - RAW 1 0 1 UDP 4 2 2 TCP 9 5 4 INET 14 7 7 FRAG 0 0 0 [root@CentOS7-1 ~]# ss -o state established '(dport = : SSH or sport = : SSH)' Netid Recv -q Send-q Local Address:Port Peer Address:Port TCP 0 52 192.168.1.100: SSH 192.168.1.93:59231 Timer :(on,235ms,0) SS-O state Established '(dport = : SMTP or sport = : SMTP)' ss -o state established '(dport = : HTTP or Sport = : HTTP)' #Copy the codeEfficiency comparison between SS and Netstat
[root@CentOS7-1 ~]# time netstat -an|awk '/^tcp/{++S[$NF]}END{for(a in S) print a,S[a]}' LISTEN 8 ESTABLISHED 1 real 0 m0. 021 S user 0 m0. 009 S sys 0 m0. 009 S/root @ CentOS7-1 ~ # time ss - tan | awk 'NR > 1 [$1]} {+ + S END {for (S) in a print a, S [a]}' LISTEN 8 ESTAB 1 real 0m0.009s user 0m0.007s sys 0m0.001sCopy the codeA script to view the number of TCP or UDP connections
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh
Usage: sh ./get_tcp_or_udp-connetios.sh [closed|closing|closewait|synrecv|synsent|finwait1|finwait2|listen|established|lastack|timewait]
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh timewait
0
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh listen
8
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh established
1
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh closed
0
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh closing
0
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh closewait
0
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh synrecv
0
[root@CentOS7-1 ~]# ./get_tcp_or_udp-connetios.sh lastack
0
Copy the codeReaders who need this script can download the script in the background dialog box of this public number to reply to the key word [connection number script].
Learn a Linux command every day: route
Learn a Linux command every day (64) : ifconfig
