Being a Linux user, I am quite accustomed to the netstat flags that I use most often (plant, or sometimes tupac). I recently acquired a MacBook Pro, and found the netstat flags quite different.
clstearns@olly:~$ netstat -ntpl
netstat: l: unknown or uninstrumented protocol
clstearns@olly:~$ netstat -ntl | wc -l
221clstearns@eli:~$ netstat -ntl | wc -l
6
How annoying it is, having to change one’s habits.
Rather than learning the new flags, I pulled out my trusty lsof:
$ lsof -i tcp:22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ssh 8383 clstearns 3u IPv4 0×060b0334 0t0 TCP olly.ozymo.com:56829->mail.ozymo.com:ssh (ESTABLISHED)
Using lsof, I can see in the NAME field I can see what kind of connections I have open.
According to the lsof man page, the -i flag takes an option [i] specified as an Internet address. From the man page:
An Internet address is specified in the form (Items in square brackets are optional.):
[46][protocol][@hostname|hostaddr][:service|port]
where:
46 specifies the IP version, IPv4 or IPv6 that applies to the following address. ‘6′ may be be specified only if the UNIX dialect supports IPv6. If neither ‘4′ nor ‘6′ is specified, the following address applies to all IP versions.
protocol is a protocol name – TCP, UDP
hostname is an Internet host name. Unless a specific IP version is specified, open
network files associated with host names of all versions will be selected.hostaddr is a numeric Internet IPv4 address in dot form; or an IPv6 numeric address in
colon form, enclosed in brackets, if the UNIX dialect supports IPv6. When an IP version is selected, only its numeric addresses may be specified.service is an /etc/services name – e.g., smtp – or a list of them.
port is a port number, or a list of them.
At least one address component - 4, 6, protocol, ,IR hostname , hostaddr, or service – must be supplied. These addresses can get hairy, according to this example, which means TCP, ports 1 through 10, service name smtp, port 99, host name foo:
tcp@foo:1-10,smtp,99
lsof allows me to gain the information I need pertaining to my network connections, and when combined with some of the simpler options for MacOS’s netstat version (Mach-O universal binary with 3 architectures; it’s also the BSD4.2 version, whereas my Ubuntu box reports that the installed netstat command version 1.42 is from the net-tools package) it makes for a very handy tool.
Thanks to Greg and the man for the information on lsof.
/cs
Comments
Leave a comment Trackback