Understanding the netstat output
technet.microsoft.com says that:
Displays active TCP connections, ports on which the computer is
listening, Ethernet statistics, the IP routing table, IPv4 statistics
(for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for
the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). Used
without parameters, netstat displays active TCP connections.
So you can find which addresses and ports are used and listening. for example you want to run a Tomcat server on port 8080. but it used. so you can run:
netstat -ano | find "8080"
output will be something like:
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 1185
TCP [::]:8080 [::]:0 LISTENING 1185
It says that process number 1185 is using this port. If it is necessary to use this port you can shutdown the app that use this port and run your server on it by this command:
taskkill /F /PID 1185
How do I interpret 'netstat -a' output
0.0.0.0 usually refers to stuff listening on all interfaces.
127.0.0.1 = localhost (only your local interface)
I'm not sure about [::]
TIME_WAIT means both sides have agreed to close and TCP
must now wait a prescribed time before taking the connection
down.
CLOSE_WAIT means the remote system has finished sending
and your system has yet to say it's finished.
Understanding of netstat -na command in linux
Consider this:
[root@stg openssl]# netstat -na| more
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
You can see the description of the columns at the beginning of the netstat
output.
1st : Protocol name. In your case TCP
2nd : Recv-Q . Number of bytes of data that the application at Local Address
is yet to pull from TCP buffer. In your case it is zero
3rd: Send-Q. Number of bytes of data that the application has given to TCP and which aren't ACK'ed by the peer TCP. It is this in your case is 182
Netstat output with boost::Asio
Does this mean that client has connected to port 3333 but the port from which it itself connects is 46675?
Basically. It describes the client endpoint. This is BSD/Posix sockets jargon.
What I do not understand is what does the the port 46675 mean in the address shown above? This definitely represents the client side, but from where was this port number allocated to the client?
It gets automatically chosen (by the TCP stack, usually in the kernel) from the local port range. E.g. on linux you can manipulate that range (if you have permission):
sudo sysctl -w net.ipv4.ip_local_port_range="60000 61000"
(Warning: don't do this unless you know what you're doing). See also https://en.wikipedia.org/wiki/Ephemeral_port
Related Topics
Git - Crlf Issue in Windows + Linux Dual Boot
How to Change File Extension in Linux Shell Script
Are Debug Symbols Loaded into Memory on Linux
Sending Snmp2 Trap Message from Linux Command Lne
Matching Third Field in a CSV with Pattern File in Gnu Linux (Awk/Sed/Grep)
How to Tell Linux to Keep a Page and Not Evict It
Print Bash Script Result Behind Prompt in The Next Line
How to Play an Audio File from Haskell Code, Cross-Platform
Qt Does Not Create Output Files in Debug/Release Folders in Linux
Find' (Command) Finds Nothing with -Wholename
Access Podman Rest API from Testcontainer
How to Use/Learn Video4Linux2 (On Screen Display) Output APIs
How to Force a Range of Virtual Addresses
Dreaming of Making My Own Os- What Should I Use? (Suggestions)
Starting Multiple Firefox Profiles with Batch File in Linux
Javafx: Tested/Confirmed Hardware (Gpu) Acceleration on Linux
How to Get a Hex Color Code from a Solid-Color Image for a Script