Any Linux user must know how to manage network connections efficiently. Managing network connections becomes even more important when you’re troubleshooting issues or monitoring traffic. The Linux netstat command is a versatile tool that allows you to inspect active network connections, listening ports, routing tables, and network interface statistics. Whether you’re optimizing system performance, debugging, or just want to understand network activity better, mastering this command is essential. In this post, you’ll learn how to install netstat, explore its various options, and use it to get detailed insights into your system’s network operations. Keep reading for practical examples and tips on maximizing netstat‘s capabilities.
How to Install netstat on Linux
Before diving into the Linux netstat command, you may need to install it, as some Linux distributions don’t include it by default. Here’s how to install Linux netstat on Ubuntu and other Linux systems.
Ubuntu Install netstat
On Ubuntu, you’ll need to install the net-tools package to use netstat, as it’s part of that package. You can install netstat Ubuntu using the following command:
sudo apt update sudo apt install net-tools
On other Linux distributions, use your respective package manager, such as yum or dnf:
# For RHEL-based distros (CentOS, Fedora, etc.) sudo yum install net-tools
Once installed, verify it by typing netstat in your terminal.
Basic Syntax of netstat
The Linux netstat command has a fairly simple syntax:
netstat [OPTIONS]
You can combine different options to get detailed output about network connections, ports, and more.
Practical Uses of the Linux Netstat Command
Below, we will go through some common and practical uses of the command.
- List All TCP Ports Using Linux netstat Command: To list all TCP connections, use the -t option with netstat. This will display all active TCP ports on the system.
netstat -t
- List All UDP Ports Using Linux netstat Command: Similarly, you can list all UDP connections by using the -u option:
netstat -u
- List Only Listening Ports Using Linux netstat Command: To view only listening ports, use the -l option. This will filter out all established connections and show only ports waiting for connections.
netstat -l
- List Only Listening TCP Ports Using Linux netstat Command: For only TCP listening ports, you can combine the -t and -l options:
netstat -lt
- List Only Listening UDP Ports Using Linux netstat Command: For UDP listening ports, combine -u and -l:
netstat -lu
- List Only Listening UNIX Ports Using Linux netstat Command: To display UNIX domain sockets, use the -x option along with -l to list only listening UNIX ports:
netstat -lx
- List Statistics for All Ports Using Linux netstat Command: To view network statistics for all protocols, the -s option is useful. This provides an overview of traffic and error counts.
netstat -s
- List Statistics for TCP Ports Using Linux netstat Command: To see statistics for TCP specifically, combine -s with -t:
netstat -st
- List Statistics for UDP Ports Using Linux netstat Command: For UDP statistics, use -su:
netstat -su
- Display PID and Program Names Using Linux netstat Command: Sometimes, you want to know which programs are using specific network ports. Use the -p option to display the process ID (PID) and program names:
sudo netstat -p
- Print netstat Information Continuously Using Linux Netstat Command: If you need to monitor connections in real-time, use the -c option. It will continuously print network statistics:
netstat -c
- Get Kernel Routing Information Using Linux netstat Command: To view the kernel’s routing table, use the -r option. This will display how packets are routed across your network.
netstat -r
- Get Port on Which a Program is Running Using Linux netstat Command: You can find out which port a program is using by combining the -p option with grep:
sudo netstat -plnt | grep <program_name>
This will show you the port number and associated program.
Additional netstat Options
While we’ve covered some common options, here are a few more netstat options you might find useful:
- -i : Show network interface statistics.
- -g : Show multicast group membership information.
- -v : Verbose mode for more detailed output.
These options add flexibility when you’re diagnosing network issues or inspecting traffic.
Table of netstat Commands
Use Case | Command |
List all TCP ports | netstat -t |
List all UDP ports | netstat -u |
List all listening ports | netstat -l |
List only listening TCP ports | netstat -lt |
List only listening UDP ports | netstat -lu |
List only listening UNIX ports | netstat -lx |
List network statistics | netstat -s |
List TCP statistics | netstat -st |
List UDP statistics | netstat -su |
Display PID and program names | sudo netstat -p |
Continuously print network information | netstat -c |
Display kernel routing table | netstat -r |
grep <program> | sudo netstat -plnt |
netstat Alternative
Although netstat is powerful, it’s considered a bit outdated. If you’re looking for a modern replacement, ss (Socket Statistics) is an excellent netstat alternative. It is more efficient and offers similar functionalities:
ss -tuln
This command lists all listening TCP and UDP ports, just like netstat. If you want to learn about other Linux commands that will help you navigate the Linux environment more easily, I encourage you to read our other blog on 15 basic linux commands every user should know.
Conclusion
For any network admin, the netstat command in Linux is an essential part of the toolkit. It’s your go-to for dissecting traffic flows, pinpointing open ports, and tracking down processes tied to network activity. When issues arise, netstat offers a quick view of who’s connecting where, with options that let you drill into TCP, UDP, and routing tables. And as Linux evolves, so do our tools. Modern distributions often prefer ss for its efficiency and expanded features, but netstat remains a reliable standby for those who know its ins and outs. Mastering it gives you a deep, actionable look at your network’s inner workings.
FAQ
How do I install netstat on Linux?
To install netstat on Linux, you need the net-tools package. On Ubuntu, run: sudo apt install net-tools.
What’s the best netstat alternative?
The ss command is a modern alternative to netstat and offers similar functionalities, but it’s faster and more efficient.
Can I monitor netstat output continuously?
Yes, with netstat -c, you can continuously print network information in real-time.
What is the Linux netstat command used for?
The Linux netstat command is used to display network-related information such as active connections, listening ports, routing tables, and network interface statistics. It’s a powerful tool for monitoring network traffic, troubleshooting connectivity issues, and checking the status of both TCP and UDP ports in a Linux system.
How to display all active TCP connections on a Linux system?
When you run netstat -at, you’ll get a list of all active TCP connections, regardless of their state. This is useful for quickly seeing which TCP ports are open and actively in use, as well as for identifying any unexpected or suspicious connections.
What is netstat -au used for?
The command netstat -au is used to display all active UDP connections on Linux.
What is netstat -s used for?
The netstat -s command displays counts and information for all supported protocols, including TCP, UDP, ICMP, and IP. The output includes metrics such as the number of packets transmitted, received, and dropped, as well as error counts and other protocol-specific statistics.
0 Comment