HPE Community
Operating System - HP-UX
1824007 Members
3592 Online
109667 Solutions
New Discussion юеВ

netstat help!

 
SOLVED
Go to solution
Lorenzo Facello
Valued Contributor

тАО05-11-2004 02:09 AM

тАО05-11-2004 02:09 AM

netstat help!

Hi everybody,
I need to know and interpretate the output of
netstat -a
man pages are not enough!
in particular in the 4th field
"Local Address"
In which way can I know:
1.what process are they?
2.Which is the utlization?
Sometimes I find a port number:
What'is it?
(I've already checked in /etc/services but I recive only little decriptions)

Any suggestons or docs?
thanks in advance
LF
0 Kudos
Reply
4 REPLIES 4
Geoff Wild
Honored Contributor

тАО05-11-2004 02:34 AM

тАО05-11-2004 02:34 AM

Re: netstat help!

The Local adress is just that - your server.

These are made up of ports and the services listening on them as well the protocol in use, the Recv-Q, the Send-Q, the local address, the remote address, and the state. The Recv-Q is the number of bytes not copied by the program connected to the socket and Send-Q is the number of bytes for which no acknowledgment has yet been received.

You can also tell what their current status is by looking at their state. Some of the common states are:

├В┬╖ LISTEN├в The socket is listening for incoming connections. Those sockets are only displayed if the ├в a or ├в l switch is set.
├В┬╖ ESTABLISHED├в The socket has an established connection.
├В┬╖ SYN_SENT├в The socket is actively attempting to establish a connection.
├В┬╖ SYN_RECV├в A connection request has been received from the network.
├В┬╖ TIME_WAIT├в The socket is waiting after close to handle packets still in the network.
├В┬╖ FIN_WAIT1├в The socket is closed, and the connection is shutting down.
├В┬╖ FIN_WAIT2├в The connection is closed and the socket is waiting for a shutdown from the remote end.
├В┬╖ CLOSE_WAIT├в The remote end has shut down, and it is waiting for the socket to close.
├В┬╖ CLOSED├в The socket is not being used.

This information is useful in understanding what is happening on a network connection, from seeing which ports are actively listening to viewing incoming connections to examining the exact state of a TCP session.

Port numbers:
http://www.geek-faq.com/data-networks/port-numbers.shtml

http://ww
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
Reply
G. Vrijhoeven
Honored Contributor

тАО05-11-2004 02:41 AM

тАО05-11-2004 02:41 AM

Re: netstat help!

HI LF:

netstat -a :
roto Recv-Q Send-Q Local Address Foreign Address (state)
4 field?: Local adress: a connection is from this server to a remote server ( the local adress is the from part.)
The answers ( as far i i know)
1) what processes. It is not possible to see using netstat ( Only if the servers file is edited and a logical comment is provided) You can use lsof for that.
2) not to be seen. This can be monitored with a sniffer ( nmaP )
3) the portnumbers are sockets on an ipadress a deamon listens on e.g. can be found in /etc/services ( number name mapping for services ( ports))

you can check for more info:
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B9106-90007/B9106-90007_top.html&con=/hpux/onlinedocs/B9106-90007/00/02/214-con.html&toc=/hpux/onlinedocs/B9106-90007/00/02/214-toc.html&searchterms=netstat&queryid=20040511-082846

Regards,

Gideon


0 Kudos
Reply
Tim D Fulford
Honored Contributor

тАО05-11-2004 02:44 AM

тАО05-11-2004 02:44 AM

Re: netstat help!

looking at this the opposite way round..

lsof (http://hpux.connect.org.uk/) [LiSt Open Files] will show you what processes are attached to what ports, this may may be of more help that a list of ports!

what do you mean by "which is the utilisation" ports do not have a utilisation. e.g. it is meaningless to say port 23 is 50% ulilised!!

Regards

Tim
-
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.