ss命令 ss是Socket Statistics的缩写。顾名思义,ss命令可以用来获取socket统计信息,它可以显示和netstat类似的内容。但ss的优势在于它能够显示更多更详细的有关TCP和连接状态的信息,而且比netstat更快速更高效
例如查看22端口状态 :
[tidb@:vg_adn_tidbCkhsTest:54.158.254.36:172.31.30.62 ~/tidb-ansible]$ss -tnl | grep 22
LISTEN 0 128 *:22 *:*
LISTEN 0 128 :::22 :::*
ss命令比netstat命令还有更强大的过滤功能,非常方便查询使用。
1、查询连接状态为ESTABLISHED的端口连接:
[root@ELK-chaofeng ~]#ss -tan state ESTABLISHED
Recv-Q Send-Q Local Address:Port Peer Address:Port
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
172.17.36.151: 100.100.80.176:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
127.0.0.1: 127.0.0.1:
172.17.36.151: 100.100.30.25:
127.0.0.1: 127.0.0.1:
查询连接状态为LISTEN的端口连接:
[root@ELK-chaofeng ~]#ss -tan state LISTENING
Recv-Q Send-Q Local Address:Port Peer Address:Port
*: *:*
*: *:*
127.0.0.1: *:*
*: *:*
*: *:*
::: :::*
::: :::*
::: :::*
2、过滤功能,过滤出源端口为10050的端口连接状态
[root@ELK-chaofeng ~]#ss -tan '( sport = :10050 or dport = :10050 )'
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN *: *:*
ESTAB 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
ESTAB 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1:
TIME-WAIT 127.0.0.1: 127.0.0.1: