Code Review In Seconds

Self-Hosted AI Code Reviewer

Hexmos LiveReview AI-Powered Code Review
Live Review
AI-Powered Code Review

Netstat Command - View Network Connections & Routing

Learn how to use the netstat command to view network connections, listening ports, and routing tables. Discover its modern ss command replacements.

Netstat Command Guide

Understanding Netstat: A Powerful Networking Utility

The netstat command is a versatile command-line utility used to display network connections, routing tables, interface statistics, and more. It's an essential tool for network administrators and developers to diagnose and troubleshoot network-related issues. While powerful, it's important to note that netstat is considered deprecated in many modern Linux distributions, with the ss command being its recommended successor.

Key Netstat Commands and Their Usage

Here are some common and useful ways to employ the netstat command:

Viewing Listening Ports and Processes

To see which users or processes are listening on which ports, use the following command:

sudo netstat -lnptu

This command provides detailed information, including the protocol, local address, foreign address, state, and the PID/program name associated with each listening socket.

Inspecting the Routing Table

To view your system's routing table, which dictates how network traffic is directed, use:

netstat -r

For a faster display that disables DNS lookups and shows IP addresses directly, add the -n flag:

netstat -rn

Identifying Processes Listening on a Specific Port

If you need to find out which process is using a particular port, you can combine netstat with grep and awk:

netstat -pln | grep <port> | awk '{print $NF}'

The output will typically show the process name and its PID, for example: 1507/python.

Fast Display of IPv4 TCP Listening Programs

For a quick overview of IPv4 TCP programs that are in a listening state, use:

sudo netstat -vtlnp --listening -4

Modern Alternatives to Netstat

As mentioned, netstat is being phased out. The ss command is the modern and more efficient replacement. Here's how the ss command corresponds to some common netstat uses:

  • For netstat -r (routing table), use ip route.
  • For netstat -i (interface statistics), use ip -s link.
  • For netstat -g (multicast group memberships), use ip maddr.
  • The general replacement for netstat is simply ss.

Understanding these commands and their modern counterparts is crucial for effective network management and troubleshooting on Linux systems.

External Resources:

← Back to cmd cheatsheets All cheatsheets 🙏  Credits & Acknowledgments