General :: Netstat Command - Active Internet Connections / Domain Sockets?
Oct 12, 2010
When I typed netstat -lna, the output:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:580 0.0.0.0:* LISTEN
...
...
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node
unix 2 [ ACC ] STREAM LISTENING 23581
...
...
Can anyone explain to me:
1. What is "Active Internet connections" & "Active UNIX domain sockets"?
2. What is unix Proto?
3. Difference between LISTEN and LISTENING state.
After my first installation/ version of Ubuntu 64, I performed a netstat and noticed I did NOT have any Active UNIX domain sockets as I do now. After doing some research, I found this is related to MYSQL and server services which I am in no need of running and nor do I want to run if not needed. So exactly what are these services used for, which app is creating this and why?
Is it possible to remove the app or processes if they are not needed? Killing these connections every time they attempt to establish would be rhetorical.
~$ uname -a Linux panda 2.6.32-24-generic #38-Ubuntu SMP Mon Jul 5 09:20:59 UTC 2010 x86_64 GNU/Linux :~$ netstat | more Active Internet connections (w/o servers)
I had a dream least night in which I was on my computer and I was typing the command Netstat -a in command prompt in Ms-Dos. And I was wondering why it looks so much like a Linux terminal command? This question persisted in my mind after I woke up. So what is the story about it?
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
I recently installed Fedora 15 now, and during installation I set the internet connection manually, then did update and after reboot, the internet connection settings have been removed. Now I can not set because the network connection to the Internet Connection is inactive. I mention that before the update was functional internet connection.
While issuing the command netstat -M it shows netstat: no support for `ip_masquerade' on this system. But this system is used as a gateway and iptable rules are set for ip forwarding. Also internet is getting another machine through this machine. What about the message?
I just found something "strange" by using netstat tcp 0 0 myhost.deprecated:53719 amaretti.chimfar.:54406 ESTABLISHED How can I check what is the program that is responsible for this line?
I am programming on Linux middleware so I need to get a list of all active TCP connections. Is there any API to get such information? I know I can find the connections in /proc/net/tcp, but how to find the PIDs? Apparently ps or netstat command is not an option since it is a middleware.
I've created VPN server(PoPToP version 1.3.3) using webmin and all clients are connected successfully. I want to check "current active connections" from CLI(command line interface). what is the command to list all active connections.
I am running Firestarter on Ubuntu 9.10 64 bit. I have noticed several times that after closing all web apps (Firefox, Thunderbird) that some entries remain under the heading "Active connections" on the Firestarter "Status" tab. Often these show no source program. Currently I have 2 showing which show Firefox as the source. These persist after Firefox is shut down. I have verified that no Firfox process is running. And both of the IPs point to google.I have Disconnected eht0 and they still show. I have logged out and back in and they still show. I must reboot the machine to make these entries go away. Which makes me think perhaps this is a bug in Firestarter(?) Is there another way I can identify truly active connections?
My Debian server is used by people to set up ssh-tunnels for use as a local proxy ( on their remote machines).Since only the tunnel is setup, and no shell is used, I can't use "who" to see which users have an active ssh-tunnel on my server, but I would like to have an idea about who is active etc. I think I should be able to determine this from the auth.log file, but then I would have to use some script to determine what connection is still active. Is there an easy way to see what users have active ssh-tunnels on my Debian server at any given moment?
On every machine that SSHes in, the connection gets dropped randomly between immediately, and 30 minutes into the session, while the user is actively using the remote system (typing, etc). Before, during and after the disconnection, the system responds to pings regularly (0% packet loss).It takes about 5-10 minutes before I can make an SSH connection again.I have tried restarting SSH on the server and rebooting the server. I even removed and reinstalled sshd and it is still happening.What might be causing these random disconnects and how might I solve this?
I have a small office network (about 30 machine) with linux gateway (6Mbps internet bandwidth). Every user get only 500Kbps bandwidth, and they use the internet very poor. The internet getting slow lately, and I noticed that there are huge amount of small packets (78 byte, 48 byte) coming to linux machines. My question is: How can I solve which machine(s) sending those small packets? Do you have any ideas with netstat command?
i have installed RHEL5 on my system.i want to join my system on my organisation s active directory domain.how can i do it?suppose domain name is "abc-xyz"
I cannot Browse Even Internet is Active. Connected using Mobile Broadband using Samsung Mobile USB MODEM. (Modem is recognized Successfully and Connection Shown as active!) I cant browse or even use apt-get update in terminal.. no use. (Even I can see the Gprs icon in the Mobile Phone). WiFi is Perfect in this ubuntu (everything is fine) and Mobile modem working Successfully in Windows too. I have attached the picture.please see it.so you will understand everything
=I==USED==WVDIAL==TOOL===TOOO= root@saad-laptop:/home/saad# wvdialconf /etc/wvdial.conf Editing `/etc/wvdial.conf'. Scanning your serial ports for a modem. Modem Port Scan<*1>: S0 S1 S2 S3 WvModem<*1>: Cannot get information for serial port. ttyACM0<*1>: ATQ0 V1 E1 -- OK ttyACM0<*1>: ATQ0 V1 E1 Z -- OK ttyACM0<*1>: ATQ0 V1 E1 S0=0 -- OK ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 -- OK ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 -- OK ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK ttyACM0<*1>: Modem Identifier: ATI -- SAMSUNG GT-C6112 ttyACM0<*1>: Speed 4800: AT -- OK ttyACM0<*1>: Speed 9600: AT -- OK ttyACM0<*1>: Speed 19200: AT -- OK ttyACM0<*1>: Speed 38400: AT -- OK ttyACM0<*1>: Speed 57600: AT -- OK ttyACM0<*1>: Speed 115200: AT -- OK ttyACM0<*1>: Speed 230400: AT -- OK ttyACM0<*1>: Speed 460800: AT -- OK ttyACM0<*1>: Max speed is 460800; that should be safe. ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK
Found an USB modem on /dev/ttyACM0. Modem configuration written to /etc/wvdial.conf. ttyACM0<Info>: Speed 460800; init "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0"
=EXECUTING==WVDIAL==AND==ITS=RESULT= root@saad-laptop:/home/saad# wvdial --> WvDial: Internet dialer version 1.60 --> Cannot get information for serial port. --> Initializing modem. --> Sending: ATZ OK --> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 OK --> Sending: AT+CGDCONT=1,"IP","imis" AT+CGDCONT=1,"IP","imis" OK --> Modem initialized. --> Sending: ATDT*99# --> Waiting for carrier. ATDT*99# CONNECT --> Carrier detected. Starting PPP immediately. --> Starting pppd at Mon Jul 18 11:26:54 2011 --> Pid of pppd: 3062 --> Using interface ppp0 ....
=CONFIGURATION==IN==WVDIAL.CONF= /etc/wvdial.conf [Dialer Defaults] Init1 = ATZ Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 Init3 = AT+CGDCONT=1,"IP","imis" Stupid Mode = 1 Modem Type = USB Modem ISDN = 0 New PPPD = yes Phone = *99# Modem = /dev/ttyACM0 Username = a Password = b Baud = 460800
I am using Red Hat Linux enterpriser 4 using two physical LAN cards.There are two different ISP internet lines coming into a single gateway computer. Is it possible that if in our one network we are using 2 MB bandwidth and from another network we are getting 2 MB bandwidth.(Two different Networks) and combine it into 4 MB. In bonding it combine the bandwidth or it do loadbalancing ?
The question is can we accumulate or add these two bandwidth in Linux machine and it sent total bandwidth 4 to the end users ?
Lan Card A IP Address: 192.168.1.250 2MB Bandwidth l l l
I need a script that would continuously monitor one port and when it is active (not listening or waiting) execute a series of commands to standard output.I am familiar with netstat but am not good with scripting so
Attach a Fedora/RHEL/CentOS system to an Active Directory DomainBelow is a step by step outline of how to configure a Linux Samba fileserver to use an Active Directory domain for authentication and authorization in place of flat files. Note that this configuration has been replicated using Fedora 10, RHEL 5.3 and CentOS 5 since they all more or less share the same code base.me of the example server in this document is erver1.domain.forest.org, substitute correctly where appropriate. At the very least following packages must also be installed:
sambasamba-commonsamba-clientkrb5-workstationopenldap-clientsIt would be prudent to understand the underlying concepts of how Kerberos and Samba work prior to deploying this type of server. I find that SE-Linux will interfere with Samba services, particularly with winbind. I usually set SE-Linux to be in a permissive mode. It is possible to update the SE-Linux policies but that is outside the scope of this document, i.e you're on your own. In some cases I turned SE-Linux off since it was causing winbind to stop responding.
1. Set NTP to use the correct server for your Active Directory domain:shell> system-config-timeSet the primary NTP server to be your domain/forest NTP server2. Make backups of and edit the following system configuration files:a. shell> cp /etc/resolv.conf /etc/resolv.conf.bakb. shell> vi /etc/resolv.conf
When i try to join my Ubuntu server to Microsoft Active Directory domain, i get the error message below.
Kinit failed: Clock skew too great Failed to join domain: Time difference at domain controller I know the reason is because of the time difference between my domain controller and the Ubuntu server. But what i want to know is that possible to join a domain without time synchronisation? Because my domain controller is working for another time zone, for another Country, so i can not synchronise it with my Ubuntu server.
I'm having a bit of Internet trouble with a fresh install of Ubuntu Natty and I haven't been able to track down the problem. I have my desktop running over a wireless network, which connects without fail. Somewhat frequently, however, connections to particular websites will start timing out (google, facebook, stackoverflow, us ubuntu archive, etc.). I'm also having a strange issue where my home page [URL] is redirecting to [URL].
Initially I thought it might be an issue with Comcast DNS, so I updated the router to use OpenDns servers. When that didn't work I started to try accessing some of the problematic sites through my laptop (which is using the same router) and they all connect without problem. The issue seems to be with my Ubuntu install, but I'm not sure where to look.
EDIT After doing some further digging, this is starting to look like a DNS issue. My home page appears the resolve to an incorrect ip address when the redirect issue occurs. Still not sure how to track down the problem, however.
while doing FTP through command prompt, connections times out after some time remaining idle, but doing ftp through browser, connection doesn't time out after some time remaining idle... why is it so?
