Network Monitoring  «Prev 

Output of Netstat Command

The following diagram contanis an example of using netstat to view active TCP connections.
Output of netstat command
Output of netstat command
  1. Number of bytes in the receive queues for connections listed. This number is usually small (zero, for example), unless the connection is blocked for some reason.
  2. Number of bytes in the send queues for connections listed. This number is usually small (zero, for example), unless the connection is blocked for some reason.
  3. Local address (in the form address:port)
  4. Foreign address (in the form address:port)
  5. This column shows the state of the TCP finite-state automaton for the connection listed. The most common outputs are ESTABLISHED, CLOSE_WAIT, FIN_WAIT, and FIN_WAIT2
  6. CLOSE_WAIT means that the TCP connection was recently closed and the port is in a mandatory “rest period.”
  7. This line describes a connection between the telnet port on mymachine and port 60786 on the machine acme.com.
  8. ESTABLISHED means this is an ongoing TCP connection.
  9. FIN_WAIT (and FIN_WAIT2) is an intermediate TCP state that indicates a connection in the process of shutting down.