mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-23 01:53:46 +01:00
1336da0dea
(RTF_BLACKHOLE was already documented as being shown, but the code ignored it) Sumbitted by: Greg Lehey <grog@lemis.de>
300 lines
9.4 KiB
Groff
300 lines
9.4 KiB
Groff
.\" Copyright (c) 1983, 1990, 1992, 1993
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by the University of
|
|
.\" California, Berkeley and its contributors.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" @(#)netstat.1 8.8 (Berkeley) 4/18/94
|
|
.\"
|
|
.Dd April 18, 1994
|
|
.Dt NETSTAT 1
|
|
.Os BSD 4.2
|
|
.Sh NAME
|
|
.Nm netstat
|
|
.Nd show network status
|
|
.Sh SYNOPSIS
|
|
.Nm netstat
|
|
.Op Fl Aan
|
|
.Op Fl f Ar address_family
|
|
.Op Fl M Ar core
|
|
.Op Fl N Ar system
|
|
.Nm netstat
|
|
.Op Fl bdghimnrs
|
|
.Op Fl f Ar address_family
|
|
.Op Fl M Ar core
|
|
.Op Fl N Ar system
|
|
.Nm netstat
|
|
.Op Fl bdn
|
|
.Op Fl I Ar interface
|
|
.Op Fl M Ar core
|
|
.Op Fl N Ar system
|
|
.Op Fl w Ar wait
|
|
.Nm netstat
|
|
.Op Fl p Ar protocol
|
|
.Op Fl M Ar core
|
|
.Op Fl N Ar system
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Nm netstat
|
|
command symbolically displays the contents of various network-related
|
|
data structures.
|
|
There are a number of output formats,
|
|
depending on the options for the information presented.
|
|
The first form of the command displays a list of active sockets for
|
|
each protocol.
|
|
The second form presents the contents of one of the other network
|
|
data structures according to the option selected.
|
|
Using the third form, with a
|
|
.Ar wait
|
|
interval specified,
|
|
.Nm netstat
|
|
will continuously display the information regarding packet
|
|
traffic on the configured network interfaces.
|
|
The fourth form displays statistics about the named protocol.
|
|
.Pp
|
|
The options have the following meaning:
|
|
.Bl -tag -width flag
|
|
.It Fl A
|
|
With the default display,
|
|
show the address of any protocol control blocks associated with sockets; used
|
|
for debugging.
|
|
.It Fl a
|
|
With the default display,
|
|
show the state of all sockets; normally sockets used by
|
|
server processes are not shown.
|
|
.It Fl b
|
|
With the interface display (option
|
|
.Fl i
|
|
, as described below),
|
|
show the number of bytes in and out.
|
|
.It Fl d
|
|
With either interface display (option
|
|
.Fl i
|
|
or an interval, as described below),
|
|
show the number of dropped packets.
|
|
.It Fl f Ar address_family
|
|
Limit statistics or address control block reports to those
|
|
of the specified
|
|
.Ar address family .
|
|
The following address families
|
|
are recognized:
|
|
.Ar inet ,
|
|
for
|
|
.Dv AF_INET ,
|
|
.Ar ipx ,
|
|
for
|
|
.Dv AF_IPX ,
|
|
.Ar atalk ,
|
|
for
|
|
.Dv AF_APPLETALK (ddp) ,
|
|
.\".Ar ns ,
|
|
.\"for
|
|
.\".Dv AF_NS ,
|
|
.\".Ar iso ,
|
|
.\"for
|
|
.\".Dv AF_ISO ,
|
|
and
|
|
.Ar unix ,
|
|
for
|
|
.Dv AF_UNIX .
|
|
.It Fl g
|
|
Show information related to multicast (group address) routing.
|
|
By default, show the IP Multicast virtual-interface and routing tables.
|
|
If the
|
|
.Fl s
|
|
option is also present, show multicast routing statistics.
|
|
.It Fl h
|
|
Show the state of the
|
|
.Tn IMP
|
|
host table (obsolete).
|
|
.It Fl I Ar interface
|
|
Show information about the specified interface;
|
|
used with a
|
|
.Ar wait
|
|
interval as described below.
|
|
.It Fl i
|
|
Show the state of interfaces which have been auto-configured
|
|
(interfaces statically configured into a system, but not
|
|
located at boot time are not shown).
|
|
If the
|
|
.Fl a
|
|
options is also present, multicast addresses currently in use are shown
|
|
for each Ethernet interface and for each IP interface address.
|
|
Multicast addresses are shown on separate lines following the interface
|
|
address with which they are associated.
|
|
.It Fl M
|
|
Extract values associated with the name list from the specified core
|
|
instead of the default
|
|
.Pa /dev/kmem .
|
|
.It Fl m
|
|
Show statistics recorded by the memory management routines
|
|
(the network manages a private pool of memory buffers).
|
|
.It Fl N
|
|
Extract the name list from the specified system instead of the default
|
|
.Pa /kernel .
|
|
.It Fl n
|
|
Show network addresses as numbers (normally
|
|
.Nm netstat
|
|
interprets addresses and attempts to display them
|
|
symbolically).
|
|
This option may be used with any of the display formats.
|
|
.It Fl p Ar protocol
|
|
Show statistics about
|
|
.Ar protocol ,
|
|
which is either a well-known name for a protocol or an alias for it. Some
|
|
protocol names and aliases are listed in the file
|
|
.Pa /etc/protocols .
|
|
A null response typically means that there are no interesting numbers to
|
|
report.
|
|
The program will complain if
|
|
.Ar protocol
|
|
is unknown or if there is no statistics routine for it.
|
|
.It Fl s
|
|
Show per-protocol statistics.
|
|
If this option is repeated, counters with a value of zero are suppressed.
|
|
.It Fl r
|
|
Show the routing tables.
|
|
When
|
|
.Fl s
|
|
is also present, show routing statistics instead.
|
|
.It Fl w Ar wait
|
|
Show network interface statistics at intervals of
|
|
.Ar wait
|
|
seconds.
|
|
.El
|
|
.Pp
|
|
The default display, for active sockets, shows the local
|
|
and remote addresses, send and receive queue sizes (in bytes), protocol,
|
|
and the internal state of the protocol.
|
|
Address formats are of the form ``host.port'' or ``network.port''
|
|
if a socket's address specifies a network but no specific host address.
|
|
When known the host and network addresses are displayed symbolically
|
|
according to the data bases
|
|
.Pa /etc/hosts
|
|
and
|
|
.Pa /etc/networks ,
|
|
respectively. If a symbolic name for an address is unknown, or if
|
|
the
|
|
.Fl n
|
|
option is specified, the address is printed numerically, according
|
|
to the address family.
|
|
For more information regarding
|
|
the Internet ``dot format,''
|
|
refer to
|
|
.Xr inet 3 ) .
|
|
Unspecified,
|
|
or ``wildcard'', addresses and ports appear as ``*''.
|
|
.Pp
|
|
The interface display provides a table of cumulative
|
|
statistics regarding packets transferred, errors, and collisions.
|
|
The network addresses of the interface
|
|
and the maximum transmission unit (``mtu'') are also displayed.
|
|
.Pp
|
|
The routing table display indicates the available routes and
|
|
their status. Each route consists of a destination host or network
|
|
and a gateway to use in forwarding packets. The flags field shows
|
|
a collection of information about the route stored as
|
|
binary choices. The individual flags are discussed in more
|
|
detail in the
|
|
.Xr route 8
|
|
and
|
|
.Xr route 4
|
|
manual pages.
|
|
The mapping between letters and flags is:
|
|
.Bl -column XXXX RTF_BLACKHOLE
|
|
1 RTF_PROTO2 Protocol specific routing flag #1
|
|
2 RTF_PROTO1 Protocol specific routing flag #2
|
|
3 RTF_PROTO3 Protocol specific routing flag #3
|
|
B RTF_BLACKHOLE Just discard pkts (during updates)
|
|
b RTF_BROADCAST The route represents a broadcast address
|
|
C RTF_CLONING Generate new routes on use
|
|
c RTF_PRCLONING Protocol-specified generate new routes on use
|
|
D RTF_DYNAMIC Created dynamically (by redirect)
|
|
G RTF_GATEWAY Destination requires forwarding by intermediary
|
|
H RTF_HOST Host entry (net otherwise)
|
|
L RTF_LLINFO Valid protocol to link address translation
|
|
M RTF_MODIFIED Modified dynamically (by redirect)
|
|
R RTF_REJECT Host or net unreachable
|
|
S RTF_STATIC Manually added
|
|
U RTF_UP Route usable
|
|
W RTF_WASCLONED Route was generated as a result of cloning
|
|
X RTF_XRESOLVE External daemon translates proto to link address
|
|
.El
|
|
.Pp
|
|
Direct routes are created for each
|
|
interface attached to the local host;
|
|
the gateway field for such entries shows the address of the outgoing interface.
|
|
The refcnt field gives the
|
|
current number of active uses of the route. Connection oriented
|
|
protocols normally hold on to a single route for the duration of
|
|
a connection while connectionless protocols obtain a route while sending
|
|
to the same destination.
|
|
The use field provides a count of the number of packets
|
|
sent using that route. The interface entry indicates the network
|
|
interface utilized for the route.
|
|
.Pp
|
|
When
|
|
.Nm netstat
|
|
is invoked with the
|
|
.Fl w
|
|
option and a
|
|
.Ar wait
|
|
interval argument, it displays a running count of statistics related to
|
|
network interfaces.
|
|
An obsolescent version of this option used a numeric parameter
|
|
with no option, and is currently supported for backward compatibility.
|
|
By default, this display summarizes information for all interfaces.
|
|
Information for a specific interface may be displayed with the
|
|
.Fl I
|
|
option.
|
|
.Sh SEE ALSO
|
|
.Xr nfsstat 1 ,
|
|
.Xr ps 1 ,
|
|
.Xr hosts 5 ,
|
|
.Xr networks 5 ,
|
|
.Xr protocols 5 ,
|
|
.Xr services 5 ,
|
|
.Xr iostat 8 ,
|
|
.Xr trpt 8 ,
|
|
.Xr trsp 8 ,
|
|
.Xr vmstat 8
|
|
.Sh HISTORY
|
|
The
|
|
.Nm netstat
|
|
command appeared in
|
|
.Bx 4.2 .
|
|
.\" .Sh FILES
|
|
.\" .Bl -tag -width /dev/kmem -compact
|
|
.\" .It Pa /kernel
|
|
.\" default kernel namelist
|
|
.\" .It Pa /dev/kmem
|
|
.\" default memory file
|
|
.\" .El
|
|
.Sh BUGS
|
|
The notion of errors is ill-defined.
|