What more could you want?
Netstat + MacOS X – Linux = Nightmare
Being a Linux user, I am quite accustomed to the netstat flags that I use most often (plant, or sometimes tupac). I recently acquired a MacBook Pro, and found the netstat flags quite different.
clstearns@olly:~$ netstat -ntpl
netstat: l: unknown or uninstrumented protocol
clstearns@olly:~$ netstat -ntl | wc -l
221clstearns@eli:~$ netstat -ntl | wc -l
6
How annoying it is, having to change one’s habits.
Rather than learning the new flags, I pulled out my trusty lsof:
$ lsof -i tcp:22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ssh 8383 clstearns 3u IPv4 0x060b0334 0t0 TCP olly.ozymo.com:56829->mail.ozymo.com:ssh (ESTABLISHED)
Using lsof, I can see in the NAME field I can see what kind of connections I have open.
According to the lsof man page, the -i flag takes an option [i] specified as an Internet address. From the man page:
An Internet address is specified in the form (Items in square brackets are optional.):
[46][protocol][@hostname|hostaddr][:service|port]
where:
46 specifies the IP version, IPv4 or IPv6 that applies to the following address. ’6′ may be be specified only if the UNIX dialect supports IPv6. If neither ’4′ nor ’6′ is specified, the following address applies to all IP versions.
protocol is a protocol name – TCP, UDP
hostname is an Internet host name. Unless a specific IP version is specified, open
network files associated with host names of all versions will be selected.hostaddr is a numeric Internet IPv4 address in dot form; or an IPv6 numeric address in
colon form, enclosed in brackets, if the UNIX dialect supports IPv6. When an IP version is selected, only its numeric addresses may be specified.service is an /etc/services name – e.g., smtp – or a list of them.
port is a port number, or a list of them.
At least one address component - 4, 6, protocol, ,IR hostname , hostaddr, or service – must be supplied. These addresses can get hairy, according to this example, which means TCP, ports 1 through 10, service name smtp, port 99, host name foo:
tcp@foo:1-10,smtp,99
lsof allows me to gain the information I need pertaining to my network connections, and when combined with some of the simpler options for MacOS’s netstat version (Mach-O universal binary with 3 architectures; it’s also the BSD4.2 version, whereas my Ubuntu box reports that the installed netstat command version 1.42 is from the net-tools package) it makes for a very handy tool.
Thanks to Greg and the man for the information on lsof.
/cs
| Print article | This entry was posted by chuck on January 23, 2010 at 3:20 am, and is filed under Uncategorized. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
about 4 months ago
I hate OSX even more than I used to because of things like these.
“Just works”, my ass.
about 4 months ago
Thank you for your comment!
As far as “just works”, it certainly does. I get to retain my ability to dork around with things, troubleshoot, solve problems, and all that, but I never have to worry about whether my computer is *actually* sleeping, or whether it’s still running with the lid closed, I don’t have to worry about updates breaking my graphics configuration. I don’t have to eff around with hardware. I get to eff around with the system, which is what I want to do.
Again, Thanks.
/cs