man.bsd.lv manual page server

Manual Page Search Parameters

NETSTAT(1) General Commands Manual NETSTAT(1)

netstatshow network status

The netstat command symbolically displays the contents of various network-related data structures. There are a number of output formats, depending on the options for the information presented.
netstat [-AaLlnPSW] [-c cpu] [-f protocol_family | -p protocol] [-M core] [-N system]
Display a list of active sockets (protocol control blocks) for each network protocol, for a particular protocol_family, or for a single protocol. If -A is also present, show the address of a protocol control block (PCB) associated with a socket; used for debugging. If -a is also present, show the state of all sockets; normally sockets used by server processes are not shown. If -L is also present, show the size of the various listen queues. The first count shows the number of unaccepted connections, the second count shows the amount of unaccepted incomplete connections, and the third count is the maximum number of queued connections. If -S is also present, show network addresses as numbers (as with -n) but show ports symbolically.
netstat -i-I interface [-aBbdhnt] [-f address_family] [-M core] [-N system]
Show the state of all network interfaces or a single interface which have been auto-configured (interfaces statically configured into a system, but not located at boot time are not shown). An asterisk (“*”) after an interface name indicates that the interface is “down”. If -a is also present, multicast addresses currently in use are shown for each Ethernet interface and for each IP interface address. Multicast addresses are shown on separate lines following the interface address with which they are associated. If -b is also present, show the number of bytes in and out. If -d is also present, show the number of dropped packets. If -h is also present, print all counters in human readable form. If -t is also present, show the contents of watchdog timers. If -B is also present, the maximum buffer sizes are displayed instead of current buffer usage.
netstat -w wait [-I interface] [-dh] [-M core] [-N system]
At intervals of wait seconds, display the information regarding packet traffic on all configured network interfaces or a single interface. If -d is also present, show the number of dropped packets. If -h is also present, print counters in human readable form.
netstat -s [-s] [-z] [-f protocol_family | -p protocol] [-M core] [-N system]
Display system-wide statistics for each network protocol, for a particular protocol_family, or for a single protocol. If -s is repeated, counters with a value of zero are suppressed. If -z is also present, reset statistic counters after displaying them.
netstat -i-I interface -s [-f protocol_family | -p protocol] [-M core] [-N system]
Display per-interface statistics for each network protocol, for a particular protocol_family, or for a single protocol.
netstat -m [-M core] [-N system]
Show statistics recorded by the memory management routines (mbuf(9)). The network manages a private pool of memory buffers.
netstat -r [-AalnW] [-f address_family] [-M core] [-N system]
Display the contents of all routing tables, or a routing table for a particular address_family. If -A is also present, show the contents of the internal Patricia tree structures; used for debugging. If -a is also present, show protocol-cloned routes (routes generated by an RTF_PRCLONING parent route); normally these routes are not shown. When -W or -l is also present, show the path MTU, MSL, initial window size and MPLS label operations for each route.
netstat -rs [-s] [-M core] [-N system]
Display routing statistics. If -s is repeated, counters with a value of zero are suppressed.
netstat -g [-lW] [-f address_family] [-M core] [-N system]
Show information related to multicast (group address) routing. By default, show the IP Multicast virtual-interface and routing tables.
netstat -gs [-s] [-f address_family] [-M core] [-N system]
Show multicast routing statistics. If -s is repeated, counters with a value of zero are suppressed.

Some options have the general meaning:

cpu
On SMP systems the route table is replicated. This option allows the route table for a specific cpu to be accessed and exists primarily for debugging purposes.
address_family, -f protocol_family, -p protocol
Limit display to those records of the specified address_family, protocol_family or a single protocol. The following address families, protocol families and protocols are recognized:

(AF_INET PF_INET)
, divert, icmp, igmp, ip, pim, tcp, udp
(AF_INET6 PF_INET6)
, icmp6, ip6, rip6, tcp, udp
, ng (AF_NETGRAPH PF_NETGRAPH)
, data
(AF_UNIX PF_UNIX)
 
 
(AF_MPLS PF_MPLS)
 

The program will complain if protocol is unknown or if there is no statistics routine for it.

The -l option is equivalent to -W.
Extract values associated with the name list from the specified core instead of the default /dev/kmem.
Extract the name list from the specified system instead of the default, which is the kernel image the system has booted from.
Show network addresses and ports as numbers. Normally netstat attempts to resolve addresses and ports, and display them symbolically.
Display additional protocol-specific information. For TCP the current transmit window, unacked sequence space, and RTT is displayed.
Wide display. In certain displays, add columns and avoid truncating addresses even if this causes some fields to overflow.

The default display, for active sockets, shows the local and remote addresses, send and receive queue sizes (in bytes), protocol, and the internal state of the protocol. Address formats are of the form “host.port” or “network.port” if a socket's address specifies a network but no specific host address. When known, the host and network addresses are displayed symbolically according to the databases hosts(5) and networks(5), respectively. If a symbolic name for an address is unknown, or if the -n option is specified, the address is printed numerically, according to the address family. For more information regarding the Internet IPv4 “dot format”, refer to inet(3). Unspecified, or “wildcard”, addresses and ports appear as “*”.

The interface display provides a table of cumulative statistics regarding packets transferred, errors, and collisions. The network addresses of the interface and the maximum transmission unit (“mtu”) are also displayed.

The routing table display indicates the available routes and their status. Each route consists of a destination host or network, and a gateway to use in forwarding packets. The flags field shows a collection of information about the route stored as binary choices. The individual flags are discussed in more detail in the route(8) and route(4) manual pages. The mapping between letters and flags is:

Protocol specific routing flag #1
Protocol specific routing flag #2
Protocol specific routing flag #3
Just discard pkts (during updates)
The route represents a broadcast address
Generate new routes on use
Protocol-specified generate new routes on use
Created dynamically (by redirect)
Destination requires forwarding by intermediary
Host entry (net otherwise)
Valid protocol to link address translation
Modified dynamically (by redirect)
MPLS label operations
Host or net unreachable
Manually added
Route usable
Route was generated as a result of cloning
External daemon translates proto to link address

Direct routes are created for each interface attached to the local host; the gateway field for such entries shows the address of the outgoing interface. The refcnt field gives the current number of active uses of the route. Connection oriented protocols normally hold on to a single route for the duration of a connection while connectionless protocols obtain a route while sending to the same destination. The use field provides a count of the number of packets sent using that route. The interface entry indicates the network interface utilized for the route.

When netstat is invoked with the -w option and a wait interval argument, it displays a running count of statistics related to network interfaces. An obsolescent version of this option used a numeric parameter with no option, and is currently supported for backward compatibility. By default, this display summarizes information for all interfaces. Information for a specific interface may be displayed with the -I option.

fstat(1), nfsstat(1), ps(1), sockstat(1), carp(4), inet(4), inet6(4), route(4), unix(4), hosts(5), networks(5), protocols(5), services(5), iostat(8), route(8), trpt(8), vmstat(8), mbuf(9)

The netstat command appeared in 4.2BSD.

IPv6 support was added by WIDE/KAME project.

The notion of errors is ill-defined.

April 21, 2018 DragonFly-5.6.1