Linux 流量分析的指令 – 網絡技術日誌

Linux 流量分析的指令

Posted on January 10th, 2007 Sam Tang 3 comments

在高流量的 Linux server 下分析流量十分有用，以下是幾個有用的指令:

1. 列出每個連線 IP 的連線數量:

netstat -nta | fgrep "ESTABLISHED" | cut -b 49-75 | cut -d ':' -f1 | sort | uniq -c | sort -n -r –key=1,7 | head -25

2. 列出每個 IP 的 SYN_RECV 連線數量:

netstat -nta | fgrep "SYN_RECV" | cut -b 49-75 | cut -d ':' -f1 | sort | uniq -c | sort -n -r –key=1,7 | head -25

3. 列出 connection state 的連線數量:

netstat -nta | fgrep ":" | cut -b 77-90 | sort | uniq -c

Linux / BSD 筆記
3 responses to “Linux 流量分析的指令”
1. Wandervoge » Blog Archive » 使用Netstat做流量分析 January 11th, 2007 at 09:16
  
  [...] 參考來源：Real-Blog Linux流量分析的指令 [...]
2. Rex MIS Blog » Blog Archive » Linux 流量分析的指令 January 12th, 2007 at 02:04
  
  [...] http://www.real-blog.com/linux-bsd-notes/323 [...]
3. -TMA-1- » links for 2007-01-12 January 12th, 2007 at 08:15
  
  [...] Linux 流量分析的指令 – Real-Blog (tags: Tech Linux Network Tips) [...]
Leave a reply

Name (required)

Mail (will not be published) (required)

Website

Anti-spam word: (Required)*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

Categories

Random Posts

Recent Articles

Meta

Calendar

Links