Linux ss Command

Posted on November 11th, 2016

ss – socket statistics

In this tutorial, we will be discussing on how to use the ss command and we will be covering some of the topics on how to check network connections and socket statistics. ss command is a new IP tool command which provides higher information than netstat command. The ss command fetches data from many /proc files in order to provide the information to the user. In case the system has more connections to display then it might take some more time to show the information. Although the options of the netstat command and the ss command are similar it won’t cause any difficulty in using it.

 

Filter out tcp, udp or Unix connections

Options t, u or x provide the details of tcp or udp or Unix connections.

$ ss -t

State                Recv-Q Send-Q             Local Address:Port                   Peer Address:Port

ESTAB                0      128                       66.45.225.231:ssh                    202.83.46.160:26376

ESTAB              0         848                      66.45.225.231:ssh                   221.229.172.66:13489

To list only the udp connections, then use the option -ua

$ ss -ua

State                Recv-Q Send-Q      Local Address:Port         Peer Address:Port

UNCONN          0           0                       *:34624                                   *:*

UNCONN          0           0                      *:bootpc                                   *:*

UNCONN          0           0                      *:49312                                     *:*

UNCONN          0           0                       *:mdns                                     *:*

UNCONN          0           0                       :::32083                                     :::*

 

Output without resolving

Option n will help not to resolve the IP address to hostnames, this will provide better speed in getting outputs.

$ ss -nt

State                Recv-Q Send-Q            Local Address:Port      Peer Address:Port

ESTAB              0           64                     66.45.225.231:22         202.83.46.160:26376

LAST-ACK         0           1641                66.45.225.231:22         221.229.172.66:46379

 

3) Display listening sockets

The following command will list out all the listening sockets in the systems. The option t indicates all the tcp connections in the system

$ ss -ltn

State                Recv-Q Send-Q      Local Address:Port              Peer Address:Port

LISTEN              0           128                   *:22                                             *:*

LISTEN              0           100                   127.0.0.1:25                              *:*

LISTEN              0           128                    :::80                                             :::*

 

To display the udp connections use the option u instead of t.

$ ss -lun

State                Recv-Q             Send-Q      Local Address:Port                          Peer Address:Port

UNCONN          0                       0                       *:34624                                     *:*

UNCONN          0                       0                        *:68                                              *:*

UNCONN          0                       0                       *:49312                                       *:*

UNCONN          0                       0                       *:5353                                         *:*

UNCONN          0                       0                       :::32083                                         :::*

 

 

Display summary statistics

Statistics can be printed with the option s

$ ss -s

Total: 187 (kernel 240)

TCP:   7 (estab 1, closed 1, orphaned 0, synrecv 0, timewait 0/0), ports 0

Transport        Total     IP        IPv6

*                       240       –           –

RAW                  1         0            1

UDP                   5         4            1

TCP                   12       7            5

FRAG                0          0            0

 

Timer information

The information regarding the time of each connection can be obtained using the option –o. The duration of the connections also can be displayed.

$ ss -tn –o

Local    Recv-Q            Send-Q   Address:Port           Peer Address:Port

ESTAB      0                   64          66.45.225.231:22    202.83.46.160:26376    timer:(on,521ms,0)

 

IPv4 and IPv6 socket connections

Options –f inet or -4 options help to view the IPv4 socket options.

$ ss -tl -f inet

State      Recv-Q Send-Q      Local Address:Port           Peer Address:Port

LISTEN     0        128              *:ssh                                                  *:*

LISTEN     0        100           127.0.0.1:smtp                                   *:*

 

Options  -f inet6′ or -6 options help to view the IPv6 socket options.

$ ss -tl6

State      Recv-Q Send-Q Local                         Address:Port             Peer Address:Port

LISTEN     0                   128                   :::http                             :::*

LISTEN     0                    128                    :::ssh                             :::*

LISTEN     0                   100                    ::1:smtp                        :::*

 

If you need any further assistance please contact our support department.

 

 

Leave a Reply