Sunday, March 5, 2017

Nestat socket states - from man page reference

[root@puppet-agent1 shellscript]# netstat -tulpn

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name  
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1946/sshd          
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      1807/cupsd        
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2076/master        
tcp        0      0 :::22                       :::*                                 LISTEN      1946/sshd          
tcp        0      0 ::1:631                     :::*                        LISTEN      1807/cupsd        
tcp        0      0 ::1:25                      :::*                        LISTEN      2076/master        
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               1807/cupsd        
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               1772/dhclient      


    Recv-Q
       The count of bytes not copied by the user program connected to this socket.

   Send-Q
       The count of bytes not acknowledged by the remote host.

   Local Address
       Address and port number of the local end of the socket.  Unless the --numeric (-n) option is         specified, the socket address is resolved
       to its canonical host name (FQDN), and the port number is translated into the corresponding service name.

   Foreign Address
       Address and port number of the remote end of the socket.  Analogous to "Local Address."


       The state of the socket. Since there are no states in raw mode and usually no states used in UDP, this column may be left blank.  Normally this can be one of several values:

       ESTABLISHED
              The socket has an established connection.

       SYN_SENT
              The socket is actively attempting to establish a connection.

       SYN_RECV
              A connection request has been received from the network.

       FIN_WAIT1
              The socket is closed, and the connection is shutting down.

       FIN_WAIT2
              Connection is closed, and the socket is waiting for a shutdown from the remote end.

       TIME_WAIT
              The socket is waiting after close to handle packets still in the network.

       CLOSED
 The socket is not being used.

       CLOSE_WAIT
              The remote end has shut down, waiting for the socket to close.

       LAST_ACK
              The remote end has shut down, and the socket is closed. Waiting for acknowledgement.

       LISTEN 
The socket is listening for incoming connections.  Such sockets are not included in the output unless you specify the --listen option.

       CLOSING
              Both sockets are shut down but we still don't have all our data sent.

       UNKNOWN
              The state of the socket is unknown.


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)