Alongside the IP
command, we also have the ss
command (Socket Statistics). This command is the perfect replacement for the netstat
command and offers more functionality, it is also faster and gives results that are more accurate.
The following recipes offer some alternatives that should allow you to replace the venerable netstat
command.
No additional configuration should be required as the IP tools come preinstalled in major Linux distributions (RHEL and Debian based).
Let's monitor network details using the ss
command:
You can use the following command to show established TCP connections:
ss -t
This should produce an output similar to the following screenshot:
Alternatively, if you want to see UDP connections rather than TCP, then you can do so using the following command:
$ ss -u
You can use the following command to see which ports are listening for connections on a server:
$ ss -ltn
This displays the following listening ports in the output:
The column we are interested in is the one titled Local Address:Port. This essentially lists the listening IP address and the TCP port it is listening on. If you see a *, it means that the port is available on all interfaces configured on this server.
Alternatively, you can use the same command to list all the listening UDP connections:
$ ss -lun
You can even combine the
t
andu
flags to list out ALL listening ports, both UDP and TCP:$ ss -ltun