Open in app

Sign in

Write

Sign in

ss and netstat Commands in Linux

Mohibul Alam
2 min readJul 30, 2023

--

netstat

The netstat command is a powerful networking tool that is commonly used for troubleshooting and configuration purposes. Additionally, it can serve as a valuable monitoring tool for tracking connections over the network. Whether you need to analyze incoming and outgoing connections, inspect routing tables, monitor port listening, or gather usage statistics, the netstat command has got you covered. In this regard, understanding the basics of netstat usage and its most common applications is essential for network administrators and engineers alike.

Using netstat with single options

netstat -a # to enlist all active ports including both tcp and udp ports
netstat -r # to inspect routing table
netstat -p # to print all ports with their process id
netstat -l # to enlist all lintening ports
netstat -e # to print all connection established ports
netstat -c # to refreshe netstat output at regular intervals
netstat -n # to display network address and port number in numeric

Run netstat combining options

netstat -at # to enlist all tcp active ports
netstat -au # to enlist all udp ports
netstat -lt # to enlist all listening tcp ports
netstat -lu # to enlist all listening udp ports
netstat -ie # to show all active interfaces. Same as ifconfig
netstat -atp # to print all tcp ports with their process id
netstat -tnl # to print all tcp and listening state port 
netstat -udp

ss

The ss command is a powerful command-line utility on Linux systems used for socket statistics. It provides detailed information about network sockets, network connections, and other networking-related statistics. The name “ss” stands for “socket statistics.”

Some common options for the ss command are:

  • -t: Display TCP sockets and connections.
  • -u: Display UDP sockets and connections.
  • -n: Show numerical addresses (IP and port numbers) instead of resolving hostnames.
  • -l: Display listening sockets.
  • -p: Show process information for each socket.
  • -r: Display raw sockets.
  • -s: Show summary statistics for each protocol (TCP, UDP, etc.).
ss [options]
ss -t -u -a # To display all TCP and UDP sockets and connections
ss -t -l # To show listening TCP sockets only
ss -t -a state established # To display all established TCP connections
ss -s # To show summary statistics for TCP and UDP protocols
Linux
Linuxnetworkmonitoring
DevOps

--

--

Mohibul Alam

Written by Mohibul Alam

18 Followers

DevOps Enthusiast || AWS Certified Solution Architect-Associate || Linux || Docker || Kubernetes || Terraform

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams