Open in app

Sign in

Write

Sign in

Master the Linux ‘netstat’ Command: A Comprehensive Guide

Peter Hou
3 min readJun 2, 2023

--

This guide explores the ‘netstat’ command in Linux in depth, covering its history, uses, common parameters, and advanced techniques. ‘netstat’ is an essential tool for any Linux user, providing insights into network activity and helping in troubleshooting. Through understanding and mastering ‘netstat’, you’ll gain a crucial skill in Linux network administration.

Instructions

This article provides a thorough guide to the ‘netstat’ command in Linux. Starting from the history of ‘netstat’, to its usage, and diving deep into its common and advanced parameters. Finally, showcasing common use cases and techniques of the ‘netstat’ command.

History

The ‘netstat’ command, short for network statistics, has been a staple tool in UNIX and UNIX-like systems, including Linux, for many years. It is used to display network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

When and why to use it

‘netstat’ is used when you need to troubleshoot network issues or monitor network activity. It provides a simple way to view all current network connections and listen on your system.

How to use it

To use ‘netstat’, you simply type the command ‘netstat’ into your command line and hit enter:

$ netstat

This command will display a list of all active network connections on your machine, along with the type of connection, local and foreign addresses, and the state of the connection.

The commonly used parameters

‘netstat’ has many parameters that modify its output, some of the most common ones are:

  • -a This parameter displays all active network connections and the TCP and UDP ports on which the computer is listening.
$ netstat -a
  • -n This parameter displays addresses and port numbers in numerical format.
$ netstat -n

Other supported parameters

Some other parameters that ‘netstat’ supports are:

  • -r It displays the routing table.
  • -i It displays the network interfaces.
  • -s It displays network statistics.
  • -p It displays the program name/pid for each socket.

Most common use cases

One of the most common uses of ‘netstat’ is to find out which services or programs are using which ports on a system. For example, to find out what program is using port 80 (commonly used by web servers), you can use the ‘-p’ parameter:

$ netstat -nlp | grep :80

The tricky skills

One of the more advanced uses of ‘netstat’ is to combine it with other commands to filter and manipulate the output. For example, you can use the ‘grep’ command with ‘netstat’ to only show connections that are in a certain state, such as ‘ESTABLISHED’:

$ netstat -n | grep ESTABLISHED

What needs to be noted

Note that ‘netstat’ may require administrative privileges to display certain information. If you find that a command isn’t displaying the expected output, try running it with ‘sudo’.

Conclusion

‘netstat’ is a powerful tool for monitoring and troubleshooting network activity on a Linux system. With a range of parameters and options, it provides a flexible way to view network activity that can be customized to suit your needs.

Linux
Coding
Development
Software Development

--

--

Peter Hou
Peter Hou

Written by Peter Hou

78 Followers
11 Following

I am a Senior Software Engineer and tech lead in a top tech company.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams