ss Flashcards
ss
ss is used to dump socket statistics. It allows showing information similar to netstat.
ss [OPTIONS]
- n, –numeric, Don’t resolve service names.
- r, –resolve
- a, –all, Display all sockets.
- l, –listening, Display all listening sockets.
- o, –options, Show timer info.
- e, –extended, Show detailed socket info.
- m, –memory, Show socket memory usage.
- p, –processes, Show process using socket.
- i, –info, Show internal TCP info.
–tipcinfo, Show internal tpic socket info.
- s, –summary, Show socket usage summary.
- b, –bpf, Show bpf filter socket info.
- E, –events, Continually display sockets as they are destroyed.
ss [OPTIONS]
- Z, –context display process SELinux security contexts
- z, –contexts display process and socket SELinux security contexts
- N, –net switch to the specified network namespace name
- 4, –ipv4 display only IP version 4 sockets
- 6, –ipv6 display only IP version 6 sockets
- 0, –packet display PACKET sockets
- t, –tcp display only TCP sockets
- S, –sctp display only SCTP sockets
- u, –udp display only UDP sockets
- d, –dccp display only DCCP sockets
- w, –raw display only RAW sockets
- x, –unix display only Unix domain sockets
- -tipc display only TIPC sockets
- -vsock display only vsock sockets
-f, –family=FAMILY display sockets of type FAMILY
FAMILY := {inet|inet6|link|unix|netlink|vsock|tipc|help}
ss [OPTIONS]
- K, –kill forcibly close sockets, display what was closed
- H, –no-header Suppress header line
-A, –query=QUERY, –socket=QUERY
QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream
|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram|tipc}[,QUERY]
-D, –diag=FILE Dump raw information about TCP sockets to FILE
-F, –filter=FILE read filter information from FILE
FILTER := [state STATE-FILTER] [EXPRESSION]
STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}
TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listening|closing}
connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
bucket := {syn-recv|time-wait}
big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listening|closing}
