{"id":1128,"date":"2022-09-11T16:33:07","date_gmt":"2022-09-11T14:33:07","guid":{"rendered":"https:\/\/techtocraft.xyz\/?p=1128"},"modified":"2022-09-11T16:51:07","modified_gmt":"2022-09-11T14:51:07","slug":"debian-utilisation-de-la-commande-netstat","status":"publish","type":"post","link":"https:\/\/hinakuu.xyz\/?p=1128","title":{"rendered":"Debian Utilisation de la commande netstat"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><code>netstat<\/code>&nbsp;(statistiques r\u00e9seau) est un outil de ligne de commande qui affiche les connexions r\u00e9seau (entrantes et sortantes), les tables de routage et un certain nombre de statistiques d&rsquo;interface r\u00e9seau.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Il est disponible sous Linux, de type Unix et&nbsp;Windows&nbsp;les syst\u00e8mes d&rsquo;exploitation.&nbsp;<code>netstat<\/code>&nbsp;est puissant et peut \u00eatre un outil pratique pour r\u00e9soudre les probl\u00e8mes li\u00e9s au r\u00e9seau et v\u00e9rifier les statistiques de connexion.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Si vous recherchez toutes les connexions \u00e9tablies \u00e0 partir du serveur.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -natu | grep 'ESTABLISHED'<\/mark>\ntcp        0     21 68.183.37.102:22        222.186.31.135:21714    ESTABLISHED\ntcp        0     36 68.183.37.102:22        52.148.155.182:49859    ESTABLISHED\ntcp        0      0 68.183.37.102:22        61.177.142.158:55481    ESTABLISHED\n[root@lab ~]#<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Si vous avez \u00e9tabli de nombreuses connexions et que vous souhaitez rechercher l&rsquo;une des adresses IP, vous pouvez utiliser un autre grep.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -natu | grep 'ESTABLISHED' | grep 61.177.142.158<\/mark>\ntcp        0   1280 68.183.37.102:22        61.177.142.158:33932    ESTABLISHED\n[root@lab ~]#<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Listening Connection<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Disons que vous avez d\u00e9marr\u00e9 un service, et qu&rsquo;il est cens\u00e9 \u00e9couter sur une adresse IP particuli\u00e8re: Port, ce serait pratique \u00e0 v\u00e9rifier.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -an | grep 'LISTEN'<\/mark>\ntcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     \ntcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN     \ntcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     \ntcp6       0      0 :::111                  :::*                    LISTEN     \ntcp6       0      0 :::80                   :::*                    LISTEN     \ntcp6       0      0 :::22                   :::*                    LISTEN     \n[root@lab ~]#<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Port Number used by PID<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Vous savez que votre application a d\u00e9marr\u00e9 et conna\u00eet le PID (Process Identifier), mais vous ne savez pas quel est le num\u00e9ro de port qu&rsquo;elle utilise. L&rsquo;exemple ci-dessous concerne le PID 3937<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -anlp |grep 3937<\/mark>\r\ntcp6       0      0 :::80                   :::*               LISTEN      3937\/httpd          \r\nunix  3      [ ]         STREAM     CONNECTED     2442387  3937\/httpd           \r\n[root@lab ~]#<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">All Protocols Statistics<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Vous avez des d\u00e9connexions fr\u00e9quentes en raison de la suppression de paquets?\u00a0<code>-s<\/code>\u00a0L&rsquo;argument vous montrera des statistiques globales o\u00f9 vous pouvez pr\u00eater attention aux messages rejet\u00e9s par paquets.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -s<\/mark>\r\nIp:\r\n    731422 total packets received\r\n    0 forwarded\r\n    0 incoming packets discarded\r\n    731399 incoming packets delivered\r\n    787732 requests sent out\r\n    16 dropped because of missing route\r\nIcmp:\r\n    5277 ICMP messages received\r\n    120 input ICMP message failed.\r\n    InCsumErrors: 6\r\n    ICMP input histogram:\r\n        destination unreachable: 193\r\n        timeout in transit: 16\r\n        echo requests: 5060\r\n        echo replies: 2\r\n    9355 ICMP messages sent\r\n    0 ICMP messages failed\r\n    ICMP output histogram:\r\n        destination unreachable: 4295\r\n        echo replies: 5060\r\nIcmpMsg:\r\n        InType0: 2\r\n        InType3: 193\r\n        InType8: 5060\r\n        InType11: 16\r\n        OutType0: 5060\r\n        OutType3: 4295\r\nTcp:\r\n    42 active connections openings\r\n    35226 passive connection openings\r\n    1693 failed connection attempts\r\n    645 connection resets received\r\n    2 connections established\r\n    646705 segments received\r\n    648037 segments send out\r\n    99463 segments retransmited\r\n    27377 bad segments received.\r\n    150893 resets sent\r\n    InCsumErrors: 27377\r\nUdp:\r\n    74547 packets received\r\n    4814 packets to unknown port received.\r\n    56 packet receive errors\r\n    74584 packets sent\r\n    0 receive buffer errors\r\n    0 send buffer errors\r\n    InCsumErrors: 56\r\nUdpLite:\r\nTcpExt:\r\n    177 invalid SYN cookies received\r\n    1693 resets received for embryonic SYN_RECV sockets\r\n    316 TCP sockets finished time wait in fast timer\r\n    3 packets rejects in established connections because of timestamp\r\n    70248 delayed acks sent\r\n    6 delayed acks further delayed because of locked socket\r\n    Quick ack mode was activated 3082 times\r\n    17 SYNs to LISTEN sockets dropped\r\n    28179 packets directly queued to recvmsg prequeue.\r\n    9802 bytes directly received in process context from prequeue\r\n    72106 packet headers predicted\r\n    94182 acknowledgments not containing data payload received\r\n    40094 predicted acknowledgments\r\n    332 times recovered from packet loss by selective acknowledgements\r\n    8 congestion windows recovered without slow start by DSACK\r\n    1173 congestion windows recovered without slow start after partial ack\r\n    1029 timeouts after SACK recovery\r\n    8 timeouts in loss state\r\n    329 fast retransmits\r\n    3 forward retransmits\r\n    32 retransmits in slow start\r\n    44785 other TCP timeouts\r\n    TCPLossProbes: 9763\r\n    TCPLossProbeRecovery: 1732\r\n    54 SACK retransmits failed\r\n    3144 DSACKs sent for old packets\r\n    4 DSACKs sent for out of order packets\r\n    695 DSACKs received\r\n    1 DSACKs for out of order packets received\r\n    44 connections reset due to unexpected data\r\n    76 connections reset due to early user close\r\n    6079 connections aborted due to timeout\r\n    TCPDSACKIgnoredNoUndo: 448\r\n    TCPSpuriousRTOs: 5\r\n    TCPSackShiftFallback: 465\r\n    IPReversePathFilter: 11\r\n    TCPRcvCoalesce: 32369\r\n    TCPOFOQueue: 4313\r\n    TCPOFOMerge: 4\r\n    TCPChallengeACK: 2\r\n    TCPSynRetrans: 43670\r\n    TCPOrigDataSent: 208010\r\n    TCPACKSkippedSeq: 12\r\nIpExt:\r\n    InNoRoutes: 12\r\n    InOctets: 133789295\r\n    OutOctets: 151093769\r\n    InNoECTPkts: 731338\r\n    InECT1Pkts: 3\r\n    InECT0Pkts: 1568\r\n    InCEPkts: 108\r\n[root@lab ~]#<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Kernel routing information<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Vous avez un probl\u00e8me de routage? ou, la connectivit\u00e9 ne fonctionne pas comme pr\u00e9vu car la connexion emprunte un itin\u00e9raire diff\u00e9rent?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">V\u00e9rifiez rapidement la table de routage.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -r<\/mark>\r\nKernel IP routing table\r\nDestination     Gateway         Genmask         Flags   MSS Window  irtt Iface\r\ndefault         gateway         0.0.0.0         UG        0 0          0 eth0\r\n10.16.0.0       0.0.0.0         255.255.0.0     U         0 0          0 eth0\r\n68.183.32.0     0.0.0.0         255.255.240.0   U         0 0          0 eth0\r\nlink-local      0.0.0.0         255.255.0.0     U         0 0          0 eth0\r\n[root@lab ~]#<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">PID used by Port Number<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Tr\u00e8s pratique pour r\u00e9soudre les probl\u00e8mes de conflit de port. Disons que vous essayez de d\u00e9marrer le serveur Apache ou Nginx, qui \u00e9coute sur le port 80 mais ne peut pas car un autre processus utilise d\u00e9j\u00e0 le port 80.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -anlp |grep 80 | grep LISTEN<\/mark>\ntcp6       0      0 :::80                   :::*                    LISTEN      3937\/httpd          \n[root@lab ~]#<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Et vous pouvez voir que le PID 3937 utilise ce port.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">List of network interfaces<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Vous avez plusieurs interfaces Ethernet? ou pas s\u00fbr et que vous voulez savoir?<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -i<\/mark>\r\nKernel Interface table\r\nIface             MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg\r\neth0             1500   793026      0      0 0        849443      0      0      0 BMRU\r\nlo              65536        6      0      0 0             6      0      0      0 LRU\r\n[root@lab ~]#<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Continuous Listening<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Une excellente option pour r\u00e9soudre les probl\u00e8mes li\u00e9s aux plantages des services. Disons qu&rsquo;une application plante au hasard toutes les quelques minutes. Mais je ne sais pas quand exactement. Vous pouvez utiliser\u00a0<code>-c<\/code>\u00a0argument qui montrera continuellement les r\u00e9sultats.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@lab ~]# <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-green-cyan-color\">netstat -anlpc |grep 8080<\/mark>\ntcp6       0      0 :::8080                 :::*                    LISTEN      11766\/httpd         \ntcp6       0      0 :::8080                 :::*                    LISTEN      11766\/httpd         \ntcp6       0      0 :::8080                 :::*                    LISTEN      11766\/httpd         \ntcp6       0      0 :::8080                 :::*                    LISTEN      11766\/httpd<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Quand il arr\u00eate de se mettre \u00e0 jour, vous savez qu&rsquo;il s&rsquo;est \u00e9cras\u00e9.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>netstat&nbsp;(statistiques r\u00e9seau) est un outil de ligne de commande qui affiche les connexions r\u00e9seau (entrantes et sortantes), les<\/p>\n","protected":false},"author":1,"featured_media":1140,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1128","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1128"}],"version-history":[{"count":4,"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1128\/revisions"}],"predecessor-version":[{"id":1137,"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1128\/revisions\/1137"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=\/wp\/v2\/media\/1140"}],"wp:attachment":[{"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hinakuu.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}