{"id":2525,"date":"2017-07-30T20:58:39","date_gmt":"2017-07-30T12:58:39","guid":{"rendered":"http:\/\/cn.hostease.com\/xueyuan\/?p=2525"},"modified":"2017-07-30T20:58:39","modified_gmt":"2017-07-30T12:58:39","slug":"ss%ef%bc%9a%e6%9f%a5%e7%9c%8b%e7%bd%91%e7%bb%9c%e8%bf%9e%e6%8e%a5%e7%9a%84%e5%8f%a6%e4%b8%80%e7%a7%8d%e6%96%b9%e6%b3%95","status":"publish","type":"post","link":"https:\/\/cn.hostease.com\/xueyuan\/jishu\/linux\/ss%ef%bc%9a%e6%9f%a5%e7%9c%8b%e7%bd%91%e7%bb%9c%e8%bf%9e%e6%8e%a5%e7%9a%84%e5%8f%a6%e4%b8%80%e7%a7%8d%e6%96%b9%e6%b3%95\/","title":{"rendered":"ss\uff1a\u67e5\u770b\u7f51\u7edc\u8fde\u63a5\u7684\u53e6\u4e00\u79cd\u65b9\u6cd5"},"content":{"rendered":"

ss<\/code>\uff0c\u5b83\u662f iproute2 \u5305\u9644\u5e26\u7684\u53e6\u4e00\u4e2a\u5de5\u5177\uff0c\u5141\u8bb8\u4f60\u67e5\u8be2 socket \u7684\u6709\u5173\u7edf\u8ba1\u4fe1\u606f\u3002\u53ef\u4ee5\u5b8c\u6210 netstat<\/code> \u540c\u6837\u7684\u4efb\u52a1\uff0c\u4f46\u662f\uff0css<\/code> \u7a0d\u5fae\u5feb\u4e00\u70b9\u800c\u4e14\u547d\u4ee4\u66f4\u7b80\u77ed\u3002<\/p>\n

\u76f4\u63a5\u8f93\u5165 ss<\/code>\uff0c\u9ed8\u8ba4\u4f1a\u663e\u793a\u4e0e netstat<\/code> \u540c\u6837\u7684\u5185\u5bb9\uff0c\u5e76\u4e14\u8f93\u5165\u7c7b\u4f3c\u7684\u53c2\u6570\u53ef\u4ee5\u83b7\u53d6\u4f60\u60f3\u8981\u7684\u7c7b\u4f3c\u8f93\u51fa\u3002\u4f8b\u5982\uff1a<\/p>\n

    \n
  1. $ <\/span>ss<\/span> -<\/span>t<\/span><\/code><\/li>\n
  2. State<\/span> \u00a0 \u00a0 \u00a0 <\/span>Recv<\/span>-<\/span>Q <\/span>Send<\/span>-<\/span>Q \u00a0 \u00a0 \u00a0 <\/span>Local<\/span> Address<\/span>:<\/span>Port<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>Peer<\/span> Address<\/span>:<\/span>Port<\/span><\/code><\/li>\n
  3. ESTAB \u00a0 \u00a0 \u00a0 <\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>127.0<\/span>.<\/span>0.1<\/span>:<\/span>postgresql \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <\/span>127.0<\/span>.<\/span>0.1<\/span>:<\/span>48154<\/span><\/code><\/li>\n
  4. ESTAB \u00a0 \u00a0 \u00a0 <\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.136<\/span>:<\/span>35296<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.120<\/span>:<\/span>8009<\/span><\/code><\/li>\n
  5. ESTAB \u00a0 \u00a0 \u00a0 <\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.136<\/span>:<\/span>47574<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <\/span>173.194<\/span>.<\/span>74.189<\/span>:<\/span>https<\/span><\/code><\/li>\n
  6. [\u2026]<\/span><\/code><\/li>\n<\/ol>\n

    ss -t<\/code> \u53ea\u663e\u793a TCP \u8fde\u63a5\u3002ss -u<\/code> \u7528\u4e8e\u663e\u793a UDP \u8fde\u63a5\uff0c-l<\/code> \u53c2\u6570\u53ea\u4f1a\u663e\u793a\u76d1\u542c\u7684\u7aef\u53e3\uff0c\u800c\u4e14\u53ef\u4ee5\u8fdb\u4e00\u6b65\u8fc7\u6ee4\u5230\u4efb\u4f55\u60f3\u8981\u7684\u4fe1\u606f\u3002<\/p>\n

    \u6211\u5e76\u6ca1\u6709\u6d4b\u8bd5\u6240\u6709\u53ef\u7528\u53c2\u6570\uff0c\u4f46\u662f\u4f60\u751a\u81f3\u53ef\u4ee5\u4f7f\u7528 -K<\/code> \u5f3a\u5236\u5173\u95ed socket\u3002<\/p>\n

    ss<\/code> \u771f\u6b63\u8000\u773c\u7684\u5730\u65b9\u662f\u5176\u5185\u7f6e\u7684\u8fc7\u6ee4\u80fd\u529b\u3002\u8ba9\u6211\u4eec\u5217\u51fa\u6240\u6709\u7aef\u53e3\u4e3a 22\uff08ssh\uff09\u7684\u8fde\u63a5\uff1a<\/p>\n

      \n
    1. $ <\/span>ss<\/span> state all sport <\/span>=<\/span> :<\/span>ssh<\/span><\/code><\/li>\n
    2. Netid<\/span> State<\/span> \u00a0 \u00a0 \u00a0<\/span>Recv<\/span>-<\/span>Q <\/span>Send<\/span>-<\/span>Q \u00a0 \u00a0 <\/span>Local<\/span> Address<\/span>:<\/span>Port<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>Peer<\/span> Address<\/span>:<\/span>Port<\/span><\/code><\/li>\n
    3. tcp \u00a0 LISTEN \u00a0 \u00a0 <\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>128<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>*:<\/span>ssh<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>*:*<\/span><\/code><\/li>\n
    4. tcp \u00a0 ESTAB \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.136<\/span>:<\/span>ssh<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.102<\/span>:<\/span>46540<\/span><\/code><\/li>\n
    5. tcp \u00a0 LISTEN \u00a0 \u00a0 <\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>128<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <\/span>:::<\/span>ssh<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <\/span>:::*<\/span><\/code><\/li>\n<\/ol>\n

      \u5982\u679c\u53ea\u60f3\u770b\u5df2\u5efa\u7acb\u7684 socket\uff08\u6392\u9664\u4e86 listening<\/em> \u548c closed<\/em> \uff09\uff1a<\/p>\n

        \n
      1. $ <\/span>ss<\/span> state connected sport <\/span>=<\/span> :<\/span>ssh<\/span><\/code><\/li>\n
      2. Netid<\/span> State<\/span> \u00a0 \u00a0 \u00a0<\/span>Recv<\/span>-<\/span>Q <\/span>Send<\/span>-<\/span>Q \u00a0 \u00a0 <\/span>Local<\/span> Address<\/span>:<\/span>Port<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>Peer<\/span> Address<\/span>:<\/span>Port<\/span><\/code><\/li>\n
      3. tcp \u00a0 ESTAB \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.136<\/span>:<\/span>ssh<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.102<\/span>:<\/span>46540<\/span><\/code><\/li>\n<\/ol>\n

        \u7c7b\u4f3c\u7684\uff0c\u53ef\u4ee5\u5217\u51fa\u6307\u5b9a\u7684 host \u6216\u8005 ip \u6bb5\u3002\u4f8b\u5982\uff0c\u5217\u51fa\u5230\u8fbe 74.125.0.0\/16 \u5b50\u7f51\u7684\u8fde\u63a5\uff0c\u8fd9\u4e2a\u5b50\u7f51\u5c5e\u4e8e Google\uff1a<\/p>\n

          \n
        1. $ <\/span>ss<\/span> state all dst <\/span>74.125<\/span>.<\/span>0.0<\/span>\/<\/span>16<\/span><\/code><\/li>\n
        2. Netid<\/span> State<\/span> \u00a0 \u00a0 \u00a0<\/span>Recv<\/span>-<\/span>Q <\/span>Send<\/span>-<\/span>Q \u00a0 \u00a0 <\/span>Local<\/span> Address<\/span>:<\/span>Port<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>Peer<\/span> Address<\/span>:<\/span>Port<\/span><\/code><\/li>\n
        3. tcp \u00a0 ESTAB \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.136<\/span>:<\/span>33616<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <\/span>74.125<\/span>.<\/span>142.189<\/span>:<\/span>https<\/span><\/code><\/li>\n
        4. tcp \u00a0 ESTAB \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.136<\/span>:<\/span>42034<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>74.125<\/span>.<\/span>70.189<\/span>:<\/span>https<\/span><\/code><\/li>\n
        5. tcp \u00a0 ESTAB \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0<\/span>0<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/span>192.168<\/span>.<\/span>0.136<\/span>:<\/span>57408<\/span> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <\/span>74.125<\/span>.<\/span>202.189<\/span>:<\/span>https<\/span><\/code><\/li>\n<\/ol>\n

          ss<\/code>\u4e0e iptables \u7684\u8bed\u6cd5\u975e\u5e38\u76f8\u540c\uff0c\u5982\u679c\u5df2\u7ecf\u719f\u6089\u4e86\u5176\u8bed\u6cd5\uff0css<\/code> \u975e\u5e38\u5bb9\u6613\u4e0a\u624b\u3002\u4e5f\u53ef\u4ee5\u5b89\u88c5 iproute2-doc \u5305\uff0c \u901a\u8fc7 \/usr\/share\/doc\/iproute2-doc\/ss.html<\/code> \u83b7\u5f97\u5b8c\u6574\u6587\u6863\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

          ss\uff0c\u5b83\u662f iproute2 \u5305\u9644\u5e26\u7684\u53e6\u4e00\u4e2a\u5de5\u5177\uff0c\u5141\u8bb8\u4f60\u67e5\u8be2 socket \u7684\u6709\u5173\u7edf\u8ba1\u4fe1\u606f\u3002\u53ef\u4ee5\u5b8c\u6210 nets … \u9605\u8bfb\u66f4\u591a<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[49],"tags":[],"class_list":["post-2525","post","type-post","status-publish","format-standard","hentry","category-linux"],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/posts\/2525","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/comments?post=2525"}],"version-history":[{"count":1,"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/posts\/2525\/revisions"}],"predecessor-version":[{"id":2526,"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/posts\/2525\/revisions\/2526"}],"wp:attachment":[{"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/media?parent=2525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/categories?post=2525"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cn.hostease.com\/xueyuan\/wp-json\/wp\/v2\/tags?post=2525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}