The netstat is one of the most popular utilities to monitor connections over your network.
It allows you to easily monitor incoming and outgoing connections, listening ports, statistics, and more.
In this tutorial, I will show you some of the most examples of the netstat command on Linux.
1. Find all the listening ports
To find all the ports (TCP and UDP), you will have to append the
-l flag with the netstat command:
2. List listening and non-listening ports
If you want to get a list of available sockets on your system, you can use the
-a flag with the netstat command:
Now, let's get to more specific ones.
3. Find TCP listening ports
If you want to list ports using TCP protocol and in the listening state, you will have to use
-l flag for listening and
-t flag for TCP connections:
4. Find UDP listening ports
To list every listening UDP port on your system, you will have to append
-u flag with the netstat command:
5. List all TCP port connections
If you want to list every socket using a TCP connection including listening and non-listening, use the
-at flag with the netstat command:
Want to know the difference between listening and an established state?
LISTENINGmeans it is listening for incoming connections.
ESTABLISHEDindicates that the socket has an established connection.
6. List all UDP connections
If you want to list every socket utilizing the UDP, you can use the combination of
7. Get a statistical summary of each protocol
This is one of the handiest features of netstat which allows you to find the number of connections established, the number of messages sent and received, and a lot more.
To get a summary of each protocol, all you need to do is append the
But what if you want statistics on specific protocols? Here's how you do it.
8. Get statistics for a specific connection
Let's start with the TCP.
To get the statistics of TCP connections, all you need to do is use the
-t flag with the netstat command:
Similarly, if you want the same for UDP, you will have to use the
9. Get raw network statistics
If you are looking for raw data rather than filtered one, it can easily be produced using the
-s (for statistics) and
--raw (for raw):
netstat -s --raw
10. Find services with PID
If you are into troubleshooting, getting the PID of the service can be very handy. To get PID, all you need to do is use the
sudo netstat -p
11. Find a specific listening service on the network
To find a specific listening, you can use the grep command which makes a killer combination while troubleshooting.
So let's suppose, I want to look for an HTTPS service on listening state which can be done through the following command:
sudo netstat -apl | grep -w https
Want to know how to get more out of grep? you can refer to our detailed guide on that topic:
12. Show transactions of network interfaces
The netstat utility can also be used to list available network interfaces and to get transactions of each one.
For that, all you need to do is append the
-i flag to the netstat:
13. Monitor the network continuously using the netstat command
If you want to monitor the network continuously, you can do it with
-c the option:
You can use appropriate flags such as
-c and it will look for listening TCP connections continuously:
Pretty handy. Right?
More on Networking in Linux
If you have just started your carries or studies on networking, we have a detailed guide on most basic networking commands:
Want to know more about ports? We got you covered on that too:
That was it from my side. And if you have any doubts or have tips for beginners, you can share your precious knowledge through the comments.