1.執行環境 Linux Kernel > 2.4.x
2.顯示 netfilter/iptables 管理的 NAT 連線資訊。
3.主要讀取 /proc/net/ip_conntrack 內容。
參數說明
| -h | displays help |
| -n | don't resolve IPs/ports to host/portnames. |
| -p 'protocol' (tcp udp icmp raw) | display NAT connections with protocol selection. |
| -s 'source host' | display connections by source IP/hostname. |
| -d 'destination host' | display connections by destination IP/hostname. |
| -S | display SNAT connections |
| -D | display DNAT connections |
| -L | display only connections to NAT box self (disables display of SNAT & DNAT) |
| -R | display only connections routed through the NAT box (doesn't show SNAT & DNAT) |
| -x | extended view of hostnames |
| -r src dst src-port dst-port state | sort connections |
| -o | strip output-header |
| -N | display NAT box connection information (IP and port) for NATing iface (only valid with SNAT & DNAT) |
| -v | version |
狀態說明
| ASSURED | 連線已沒有流量 |
| CLOSE | 關閉連線 |
| ESTABLISHED | 已經建立連線且正在使用中 |
| FIN_WAIT | 已經關閉的連線 |
| SYN_RECV | 觀察連線等待 TCP SYN 封包 |
| SYN_SENT | 觀察連線發送 TCP SYN 封包 |
| TIME_WAIT | 類似 CLOSE_WAIT,但本質上比較像逾時(time out) |
| UNREPLIED | 連線還沒有收到任何回應 |
參考
http://tweegy.nl/projects/netstat-nat/
沒有留言:
張貼留言