ss utility to investigate sockets RHEL 7/Centos 7/Fedora 24

ss utility to investigate sockets statistics in RHEL 7 / Centos 7 / Fedora 24 Operating systems. ss utility / command is similar to netstat command.  ss can display more TCP and state information than other tools. Let’s see how we can utilise this ss utility.

ss utility to see all TCP connections

 [root@TechTutorials ~]# ss -at
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:mysql *:*
LISTEN 0 50 *:netbios-ssn *:*

State

ss -at command output

ss -at command output

 

  • LISTEN –  Socket is in listening state
  • UNCONN – Connection not established
  • ESTAB –  Connection established

Recv-Q – Received

Send-Q – Sent

Local Address:port – Local machine address and port number

Peer Address:port – Destination Address and Port number

Local Address:port → Peer Address:port

Do not resolve service names

[root@TechTutorials ~]# ss -n
ss -n command output

ss -n command

[root@TechTutorials ~]# ss -au

above command will list all UDP connections

List all listing processes 

Show process using socket

[root@TechTutorials ~]# ss -p
ss -p command output

ss -p command output

Print summary statistics 

[root@TechTutorials ~]# ss -s
Total: 950 (kernel 1020)
TCP: 21 (estab 2, closed 2, orphaned 0, synrecv 0, timewait 0/0), ports 0

Transport Total IP IPv6
* 1020 - -
RAW 1 0 1
UDP 10 6 4
TCP 19 10 9
INET 30 16 14
FRAG 0 0 0
ss -s ss utility summary

ss -s ss utility summary

in this we can see how many TCP connection, INET connections and RAW all the details we can get as a summary using above command

Query Socket

List of socket tables to dump, separated by commas. The following identifiers are understood: all, inet, tcp, udp, raw, unix, packet, netlink, unix_dgram, unix_stream, packet_raw, packet_dgram.

[root@TechTutorials ~]# ss -A tcp
[root@TechTutorials ~]# ss -A udp
[root@TechTutorials ~]# ss -A unix_dgram
ss -A ss query

ss -A ss query

Dump raw information to file

[root@TechTutorials ~]# ss --diag=test1

Above command will not display anything on stdout / output which just dump the information to specified file

Apply filter as you required

FILTER := [ state TCP-STATE ] [ EXPRESSION ]

To display all established ssh connection statistics 

[root@TechTutorials ~]# ss -o state established '( dport = :ssh or sport = :ssh )'
ss state filter

ss state filter

ss -x src /tmp/.X11-unix/*

Find all local processes connected to X server.

ss -o state fin-wait-1 '( sport = :http or sport = :https )' dst 193.233.7/24

List all the tcp sockets in state FIN-WAIT-1 for our apache to network 193.233.7/24 and look at their timers.

Socket extended details

[root@TechTutorials ~]# ss -e
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_str ESTAB 0 0 * 26788 * 26787 <->
u_str ESTAB 0 0 * 19039 * 19673 <->

Conclusion

ss (socket statistics) utility to investigate sockets. More extended details which not cover in netstat command

That’s it about ss utility / command

 

Related Articles

IP Calculator

ls command with 25 practical examples

25 Linux basic commands

Cal command Linux

Thanks for your wonderful Support and Encouragement

blank

Ravi Kumar Ankam

My Name is ARK. Expert in grasping any new technology, Interested in Sharing the knowledge. Learn more & Earn More

Leave a Reply

Your email address will not be published. Required fields are marked *