Linux每日小技巧---ss命令

ss命令 ss是Socket Statistics的缩写。顾名思义，ss命令可以用来获取socket统计信息，它可以显示和netstat类似的内容。但ss的优势在于它能够显示更多更详细的有关TCP和连接状态的信息，而且比netstat更快速更高效
例如查看22端口状态：

[tidb@:vg_adn_tidbCkhsTest:54.158.254.36:172.31.30.62 ~/tidb-ansible]$ss -tnl | grep 22
LISTEN     0      128          *:22                       *:*                  
LISTEN     0      128         :::22                      :::*

ss命令比netstat命令还有更强大的过滤功能，非常方便查询使用。

1、查询连接状态为ESTABLISHED的端口连接：

[root@ELK-chaofeng ~]#ss -tan state ESTABLISHED
Recv-Q Send-Q                Local Address:Port                               Peer Address:Port              
0      0                         127.0.0.1:36134                                 127.0.0.1:3306               
40     0                         127.0.0.1:10050                                 127.0.0.1:55180              
0      0                         127.0.0.1:36122                                 127.0.0.1:3306               
0      0                         127.0.0.1:36112                                 127.0.0.1:3306               
0      0                         127.0.0.1:36124                                 127.0.0.1:3306               
0      0                         127.0.0.1:36118                                 127.0.0.1:3306               
0      0                         127.0.0.1:36152                                 127.0.0.1:3306               
0      0                         127.0.0.1:36142                                 127.0.0.1:3306               
0      0                         127.0.0.1:36110                                 127.0.0.1:3306               
0      0                         127.0.0.1:44630                                 127.0.0.1:3306               
0      0                     172.17.36.151:51274                            100.100.80.176:8000               
0      0                         127.0.0.1:55172                                 127.0.0.1:10050              
0      0                         127.0.0.1:55180                                 127.0.0.1:10050              
32     0                         127.0.0.1:10050                                 127.0.0.1:55176              
0      0                     172.17.36.151:42392                             100.100.30.25:80                 
0      0                         127.0.0.1:10050                                 127.0.0.1:55172

查询连接状态为LISTEN的端口连接：

[root@ELK-chaofeng ~]#ss -tan state LISTENING
Recv-Q Send-Q                Local Address:Port                               Peer Address:Port              
0      128                               *:80                                            *:*                  
0      128                               *:22                                            *:*                  
0      10                        127.0.0.1:15772                                         *:*                  
4      128                               *:10050                                         *:*                  
0      128                               *:10051                                         *:*                  
0      128                              :::3306                                         :::*                  
0      128                              :::10050                                        :::*                  
0      128                              :::10051                                        :::*

2、过滤功能，过滤出源端口为10050的端口连接状态

[root@ELK-chaofeng ~]#ss -tan '( sport = :10050 or dport = :10050 )'
State      Recv-Q Send-Q           Local Address:Port                          Peer Address:Port              
LISTEN     1      128                          *:10050                                    *:*                  
ESTAB      0      0                    127.0.0.1:10050                            127.0.0.1:55548              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55482              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55474              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55530              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55472              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55522              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55448              
ESTAB      0      0                    127.0.0.1:55550                            127.0.0.1:10050              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55534              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55540              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55514              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55536              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55510              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55526              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55422              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55498              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55438              
TIME-WAIT  0      0                    127.0.0.1:10050                            127.0.0.1:55506