Socket Programming Commands
Aim: To Study Socket Programming Commands
Theory: ss - socket statistics
The netstat command has been replaced by the ss command from the iproute suite of tools.
The netstat command reads various /proc files to gather information. However this approach falls weak when there are lots of connections to display. This makes it slower.
The ss command gets its information directly from kernel space.
Following examples shows the use of ss command.
1. List all connections
The output contains all tcp, udp and unix socket connection details.
We are piping the output to less so that the output is scrollable.
2. Filter out tcp,udp or unix connections
To view only tcp or udp or unix connections use the t, u or x option.
The "t" option alone reports only those connections that are "established" or CONNECTED". It does not report the tcp sockets that are "LISTENING".
The “a” option tells ss to report both "CONNECTED" and "LISTENING" sockets.
UDP is a connection-less protocol, just "ss -u" will not report anything in most cases. Therefore we use the "a" option report all UDP connections (connected and listening).
The “x” option to list out all unix socket connections.
3. Do not resolve hostname
To get the output faster, use the "n" option to prevent ss from resolving ip addresses to hostnames. But this will prevent resolution of port numbers as well.
4. Show only listening sockets
This will list out all the listening sockets. For example apache web server opens a socket connection on port 80 to listen for incoming connections.
The above command lists out all "listening" "tcp" connections. The n option disables hostname resolution of the ip addresses giving the output faster.
To list out all listening udp connections replace t by u
5. Print process name and pid
To print out the process name/pid which owns the connection use the p option
6. Print summary statistics
The s option prints out the statistics.
7. Display timer
Theory: ss - socket statistics
The netstat command has been replaced by the ss command from the iproute suite of tools.
The netstat command reads various /proc files to gather information. However this approach falls weak when there are lots of connections to display. This makes it slower.
The ss command gets its information directly from kernel space.
Following examples shows the use of ss command.
1. List all connections
The output contains all tcp, udp and unix socket connection details.
We are piping the output to less so that the output is scrollable.
2. Filter out tcp,udp or unix connections
To view only tcp or udp or unix connections use the t, u or x option.
The "t" option alone reports only those connections that are "established" or CONNECTED". It does not report the tcp sockets that are "LISTENING".
The “a” option tells ss to report both "CONNECTED" and "LISTENING" sockets.
UDP is a connection-less protocol, just "ss -u" will not report anything in most cases. Therefore we use the "a" option report all UDP connections (connected and listening).
The “x” option to list out all unix socket connections.
3. Do not resolve hostname
To get the output faster, use the "n" option to prevent ss from resolving ip addresses to hostnames. But this will prevent resolution of port numbers as well.
4. Show only listening sockets
This will list out all the listening sockets. For example apache web server opens a socket connection on port 80 to listen for incoming connections.
The above command lists out all "listening" "tcp" connections. The n option disables hostname resolution of the ip addresses giving the output faster.
To list out all listening udp connections replace t by u
5. Print process name and pid
To print out the process name/pid which owns the connection use the p option
6. Print summary statistics
The s option prints out the statistics.
7. Display timer