What is Netstat?

In computing, netstat (network statistics) is a command-line network utility tool that displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics.

List out all connections

The most simple command is to list out all the current connections by using:
netstat -a

Example:

1
2
3
4
5
6
7
8
9
$ netstat -a

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 enlightened:domain *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 enlightened.local:54750 li240-5.members.li:http ESTABLISHED
tcp 0 0 enlightened.local:49980 del01s07-in-f14.1:https ESTABLISHED
tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN

Get process name/pid and user id

When viewing the open/listening ports and connections, its often useful to know the process name/pid which has opened that port or connection.
You can use the following command:
sudo netstat -nlpt

Example:

1
2
3
4
5
6
~$ sudo netstat -nlpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN 1144/dnsmasq
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 661/cupsd
tcp6 0 0 ::1:631 :::* LISTEN 661/cupsd

Reference


This is the end of post