[ad_1]
The netstat command supplies a large quantity on data on network activity. With the -s possibility (netstat -s), it will exhibit summaries for a variety of protocols such as packets gained, lively connections, failed connections and a large amount more. When the facts is considerable plenty of to make you dizzy, the additional you get employed to what the command’s output appears like, the much more you may turn out to be common with what to expect and probably even get greater at spotting what is strange. In this article, we are likely to search at several portions of the netstat -s command’s output utilizing crafted aliases to make it much easier.
What type of stats does the netstat -s command provide?
To listing the numerous varieties of stats the netstat -s command supplies, I ran a command like that revealed down below to list the protocols it displays. The grep -v “^ “ part of the command selects only lines that don’t begin with a blank. Since the specifics are all indented, this command shows just the protocols.
$ netstat -s | grep -v "^ " Ip: Icmp: IcmpMsg: Tcp: Udp: UdpLite: TcpExt: IpExt: MPTcpExt:
The following command shows the protocol headings with their line quantities involved by demanding colons and omitting traces with tabs. The line numbers will support isolate the sections for the aliases.
$ netstat -s | nl | grep "[A-Za-z]:$" | grep -Pv 't '
1Ip:
10Icmp:
19IcmpMsg:
22Tcp:
33Udp:
41UdpLite:
42TcpExt:
93IpExt:
104MPTcpExt:
This command counts the general lines on the output:
$ netstat -s | w -l 104
From the above output, I could establish the starting line and the size of every single segment and produce the aliases for each as effectively.
get started area lines head command
======================================================
1Ip:1-9head -9
10Icmp:10-18head -18 | tail -9
19IcmpMsg:19-21head -21 | tail -3
22Tcp:22-32head -32 | tail -11
33Udp: 33-40head -40 | tail -8
41UdpLite:41-41head -41 | tail -1
42TcpExt: 42-92head -88 | tail -47
93IpExt: 93-103head -99 | tail -11
104MPTcpExt:104-104 head -100 | tail -1
Right after this, it was relatively simple to assemble aliases like these because I knew where by just about every area commenced and finished.
alias Ip='netstat -s | head -9' alias Icmp='netstat -s | head -18 | tail -9'
On the other hand, figuring out that the variety of traces in each and every segment could possibly not constantly be the exact, I resorted to making a script that would build the aliases for me. A critical part in this script is the scenario statement, which is made up of commands to be run for every portion of the netstat -s output.
Be aware that just about every part of the script collects its starting level and calculates the ending position for the prior protocol (the line right before its beginning). Only MPTcpExt section defines its individual alias and does this by calculating the lines in the file containing the netstat -s output.
#!/bin/bash
# conserve netstat -s output in file
netstat -s > netstat-s
# rely lines
traces=`wc -l netstat-s | awk 'print $1'`
n=
when IFS= examine -r line
do
((n=n+1))
w=`echo $line | wc -w`
if [ $w == 1 ] then
# echo $line $n
protocol=`echo $line | sed 's/://'`
situation $protocol in
Ip) Ip=$n
Icmp) Icmp=$n Ip2=`expr $n - 1`
echo alias IP="'netstat -s | head -$Ip2'"
IcmpMsg) IcmpMsg=$n Icmp2=`expr $n - 1`
len=`expr $IcmpMsg - $Icmp`
echo alias Icmp="'netstat -s | head -$Icmp2 | tail -$len'"
Tcp) Tcp=$n IcmpMsg2=`expr $n - 1`
len=`expr $Tcp - $IcmpMsg`
echo alias IcmpMsg="'netstat -s | head -$IcmpMsg2 | tail -$len'"
Udp) Udp=$n Tcp2=`expr $n - 1`
len=`expr $Udp - $Tcp`
echo alias Tcp="'netstat -s | head -$Tcp2 | tail -$len'"
UdpLite) UdpLite=$n Udp2=`expr $n - 1`
len=`expr $UdpLite - $Udp`
echo alias Udp="'netstat -s | head -$Udp2 | tail -$len'"
TcpExt) TcpExt=$n UdpLite2=`expr $n - 1`
len=`expr $TcpExt - $UdpLite`
echo alias UdpLite="'netstat -s | head -$UdpLite2 | tail -$len'"
IpExt) IpExt=$n TcpExt2=`expr $n - 1`
len=`expr $IpExt - $TcpExt`
echo alias TcpExt="'netstat -s | head -$TcpExt2 | tail -$len'"
MPTcpExt) MPTcpExt=$n IpExt2=`expr $n - 1`
len=`expr $MPTcpExt - $IpExt`
echo alias IpExt="'netstat -s | head -$IpExt2 | tail -$len'"
len=`expr $n - $MPTcpExt + 1`
echo alias MPTcpExt="'netstat -s | head -$MPTcpExt | tail -$len'"
# rest=`expr $strains - $MPTcpExt` echo $rest
esac
fi
finished < netstat-s
On running the script, I got the following output – a list of the aliases that I then added to my ~/.bashrc file and regenerate as needed. They could have been added to a separate file that I sourced whenever I wanted to used them.
alias IP='netstat -s | head -9' alias Icmp='netstat -s | head -18 | tail -9' alias IcmpMsg='netstat -s | head -21 | tail -3' alias Tcp='netstat -s | head -32 | tail -11' alias Udp='netstat -s | head -40 | tail -8' alias UdpLite="netstat -s | head -41 | tail -1" alias TcpExt="netstat -s | head -92 | tail -51" alias IpExt="netstat -s | head -103 | tail -11" alias MPTcpExt="netstat -s | head -104 | tail -1"
Using the aliases will allow me to look at any section of the netstat -s command very easily. Note that you should expect to see considerable changes every time you use these aliases, because the number of connections and packets grows very quickly. In addition, since the number of lines in the netstat -s will not necessarily remain the same, regenerating the aliases from time to time is a good idea.
Here are some examples of the output the aliases will provide:
$ Ip
Ip:
Forwarding: 2
511618 total packets received
159 with invalid addresses
0 forwarded
0 incoming packets discarded
502163 incoming packets delivered
247145 requests sent out
2 outgoing packets dropped
$ Tcp
Tcp:
5124 active connection openings
26 passive connection openings
0 failed connection attempts
6 connection resets received
1 connections established
333116 segments received
235631 segments sent out
519 segments retransmitted
6 bad segments received
3558 resets sent
$ Udp
Udp:
111008 packets received
6 packets to unknown port received
0 packet receive errors
12794 packets sent
0 receive buffer errors
0 send buffer errors
IgnoredMulti: 58026
Wrap-up
The netstat command provides a huge number of network stats. With the -s option, it displays network statistics in nine different categories. The aliases included in this post should make becoming familiar with these statistics easier.
Copyright © 2023 IDG Communications, Inc.
[ad_2]
Source link