ss is a command used to show network statistics on a Linux, This tool is similar to the netstat command but with more details.
In this guide, we will see how this command can be used to display multiple network socket information in Linux with 10 examples.
Show all connections :
ss command without options displays all the connections regardless of their state :
[root@srv ~]# ss Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port u_str ESTAB 0 0 * 39987 * 39988 u_str ESTAB 0 0 * 39942 * 39943 u_str ESTAB 0 0 * 39984 * 39985 u_str ESTAB 0 0 * 39985 * 39984 u_str ESTAB 0 0 * 39958 * 39957 u_str ESTAB 0 0 * 39990 * 39991 u_str ESTAB 0 0 * 39991 * 39990 u_str ESTAB 0 0 * 39988 * 39987 u_str ESTAB 0 0 * 39957 * 39958 u_str ESTAB 0 0 * 36290 * 36293 u_str ESTAB 0 0 /run/systemd/journal/stdout 22240 * 22239 u_str ESTAB 0 0 * 39933 * 39932 u_str ESTAB 0 0 * 39978 * 39979 u_str ESTAB 0 0 * 39979 * 39978 u_str ESTAB 0 0 * 39960 * 39961 u_str ESTAB 0 0 * 39976 * 39975 u_str ESTAB 0 0 * 39949 * 39948 u_str ESTAB 0 0 * 39982 * 39981 u_str ESTAB 0 0 * 22239 * 22240 u_str ESTAB 0 0 * 39948 * 39949 u_str ESTAB 0 0 * 39981 * 39982
Display listening Sockets with ss command:
To display only listening sockets, use the -l option :
[root@srv ~]# ss -l Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port nl UNCONN 0 0 rtnl:kernel * nl UNCONN 0 0 rtnl:NetworkManager/6709 * nl UNCONN 0 0 rtnl:NetworkManager/6709 * nl UNCONN 4352 0 tcpdiag:ss/8647 * nl UNCONN 768 0 tcpdiag:kernel * nl UNCONN 0 0 xfrm:kernel * nl UNCONN 0 0 selinux:kernel * nl UNCONN 0 0 selinux:systemd/1 * nl UNCONN 0 0 selinux:dbus-daemon/6600 * nl UNCONN 0 0 selinux:dbus-daemon/6600 * nl UNCONN 0 0 selinux:systemd/1 * nl UNCONN 0 0 audit:kernel * nl UNCONN 0 0 audit:systemd/1 *
Show all TCP connections :
To display only TCP connections use the -t option :
[root@srv ~]# ss -t State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.162.140:ssh 192.168.162.1:50870 ESTAB 0 48 192.168.162.140:ssh 192.168.162.1:50853
Show all UDP connections :
To display only UDP connections use the -u option :
[root@srv ~]# ss -ua State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 *:bootpc *:*
View all listening UDP connections :
To display Listening UDP Connections use the -lu option :
[root@srv ~]# ss -lu State Recv-Q Send-Q Local Address:Port Peer Address:Port UNCONN 0 0 *:bootpc *:*
Display the PIDs of sockets :
To do this use the –p option :
[root@srv ~]# ss -p Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port u_str ESTAB 0 0 * 39987 * 39988 users:(("master",pid=7286,fd=81)) u_str ESTAB 0 0 * 39942 * 39943 users:(("master",pid=7286,fd=36)) u_str ESTAB 0 0 * 39984 * 39985 users:(("master",pid=7286,fd=78)) u_str ESTAB 0 0 * 39985 * 39984 users:(("master",pid=7286,fd=79)) u_str ESTAB 0 0 * 39958 * 39957 users:(("master",pid=7286,fd=52)) u_str ESTAB 0 0 * 39990 * 39991 users:(("master",pid=7286,fd=84)) u_str ESTAB 0 0 * 39991 * 39990 users:(("master",pid=7286,fd=85)) u_str ESTAB 0 0 * 39988 * 39987 users:(("master",pid=7286,fd=82)) u_str ESTAB 0 0 * 39957 * 39958
You can use the grep command to filter out matches :
[root@srv ~]# ss -p | grep 7286 u_str ESTAB 0 0 * 39987 * 39988 users:(("master",pid=7286,fd=81)) u_str ESTAB 0 0 * 39942 * 39943 users:(("master",pid=7286,fd=36)) u_str ESTAB 0 0 * 39984 * 39985 users:(("master",pid=7286,fd=78)) u_str ESTAB 0 0 * 39985 * 39984 users:(("master",pid=7286,fd=79)) u_str ESTAB 0 0 * 39958 * 39957 users:(("master",pid=7286,fd=52)) u_str ESTAB 0 0 * 39990 * 39991 users:(("master",pid=7286,fd=84)) u_str ESTAB 0 0 * 39991 * 39990 users:(("master",pid=7286,fd=85)) u_str ESTAB 0 0 * 39988 * 39987 users:(("master",pid=7286,fd=82)) u_str ESTAB 0 0 * 39957 * 39958 users:(("master",pid=7286,fd=51))
Statistics with ss command :
If you want to display a summary of the sockets statistics use the -s option :
[root@srv ~]# ss -s Total: 575 (kernel 969) TCP: 10 (estab 2, closed 1, orphaned 0, synrecv 0, timewait 0/0), ports 0 Transport Total IP IPv6 969 - - RAW 1 0 1 UDP 1 1 0 TCP 9 4 5 INET 11 5 6 FRAG 0 0 0
Show IPv4 sockets with ss:
[root@srv ~]# ss -4 Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port tcp ESTAB 0 0 192.168.162.140:ssh 192.168.162.1:50870 tcp ESTAB 0 48 192.168.162.140:ssh 192.168.162.1:50853
Show IPv6 sockets :
[root@srv ~]# ss -6
Filter Connections by Port Number :
[root@srv ~]# ss -at '( dport = :22 or sport = :22 )' State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:ssh *:* ESTAB 0 0 192.168.162.140:ssh 192.168.162.1:50870 ESTAB 0 48 192.168.162.140:ssh 192.168.162.1:64462 ESTAB 0 0 192.168.162.140:ssh 192.168.162.1:64465 ESTAB 0 0 192.168.162.140:ssh 192.168.162.1:50853 LISTEN 0 128 :::ssh :::* [root@srv ~]#
7zip: 9 Commandes utiles de les plus utilisés
Mis en place d’un cluster kubernetes avec kubeadm
Comment installer Minikube On Rocky Linux 9
Configurer le bonding réseau avec nmcli sous Linux
Fail2Ban : How to protect Linux services