在高流量的 Linux server 下分析流量十分有用,以下是幾個有用的指令:
1. 列出每個連線 IP 的連線數量:
netstat -nta | fgrep "ESTABLISHED" | cut -b 49-75 | cut -d ':' -f1 | sort | uniq -c | sort -n -r –key=1,7 | head -25
2. 列出每個 IP 的 SYN_RECV 連線數量:
netstat -nta | fgrep "SYN_RECV" | cut -b 49-75 | cut -d ':' -f1 | sort | uniq -c | sort -n -r –key=1,7 | head -25
3. 列出 connection state 的連線數量:
netstat -nta | fgrep ":" | cut -b 77-90 | sort | uniq -c
[…] 參考來源:Real-Blog Linux流量分析的指令 […]
Pingback by Wandervoge » Blog Archive » 使用Netstat做流量分析 — January 11, 2007 @ 9:16 am
[…] http://www.real-blog.com/linux-bsd-notes/323 […]
Pingback by Rex MIS Blog » Blog Archive » Linux 流量分析的指令 — January 12, 2007 @ 2:04 am
[…] Linux 流量分析的指令 - Real-Blog (tags: Tech Linux Network Tips) […]
Pingback by -TMA-1- » links for 2007-01-12 — January 12, 2007 @ 8:15 am