📄 tyt07fi.htm
字号:
<FONT COLOR="#000080"># @(#)inetd.conf 5.2 Lachman System V STREAMS TCP source
#
# System V STREAMS TCP - Release 4.0
ftp stream tcp nowait NOLUID /etc/ftpd ftpd
telnet stream tcp nowait NOLUID /etc/telnetd telnetd
shell stream tcp nowait NOLUID /etc/rshd rshd
login stream tcp nowait NOLUID /etc/rlogind rlogind
exec stream tcp nowait NOLUID /etc/rexecd rexecd
finger stream tcp nowait nouser /etc/fingerd fingerd
comsat dgram udp wait root /etc/comsat comsat
ntalk dgram udp wait root /etc/talkd talkd
echo stream tcp nowait root internal
discard stream tcp nowait root internal
chargen stream tcp nowait root internal
daytime stream tcp nowait root internal
time stream tcp nowait root internal
echo dgram udp wait root internal
discard dgram udp wait root internal
chargen dgram udp wait root internal
daytime dgram udp wait root internal
time dgram udp wait root internal</FONT></PRE>
<P>The columns show the service name (which corresponds to an entry in the services file, such as /etc/services), the socket type (stream, raw, or datagram), the protocol name, whether inetd can accept further connections at the same port immediately (nowait) or must wait for the server to finish (wait), the login that owns the service, the server program name, and any optional parameters needed for the server program.
<BR>
<P>The configuration file is read when the server is booted and every time a hang-up signal is received from an application. This enables dynamic changes to the file, because any modifications would be read and register on the next file read.
<BR>
<BR>
<A ID="E68E74" NAME="E68E74"></A>
<H3 ALIGN=CENTER>
<CENTER>
<FONT SIZE=5 COLOR="#FF0000"><B>The </B><B><I>netstat</I></B><B> Command</B></FONT></CENTER></H3>
<BR>
<P>The netstat program or a similar utility provides comprehensive information about the local system and its TCP/IP implementation. This is the program most commonly used by administrators to quickly diagnose a problem with TCP/IP. The actual information and its format supplied by the netstat utility differs with the operating system implementation, but it usually supplies the following important summaries, each of which is covered in more detail later:
<BR>
<UL>
<UL>
<P>Communications end points
</UL></UL>
<UL>
<UL>
<P>Network interface statistics
</UL></UL>
<UL>
<UL>
<P>Information on the data buffers
</UL></UL>
<UL>
<UL>
<P>Routing table information
</UL></UL>
<BLOCKQUOTE>
<BLOCKQUOTE>
<P>Protocol statistics
<BR>
</BLOCKQUOTE></BLOCKQUOTE>
<P>On some systems, information about the interprocess communications and other protocol stacks might be appended. The information to be displayed can usually be toggled with a command-line option. The output from a typical UNIX installation that uses the netstat command is shown in the next few sections, which discuss netstat and its output in more detail. The output and meaning might be different with other operating systems, but the general purpose of the diagnostic tool remains the same.
<BR>
<BR>
<A ID="E69E104" NAME="E69E104"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Communications End Points</B></FONT></CENTER></H4>
<BR>
<P>The netstat command with no options provides information on all active communications end points. To display all end points (active and passive), netstat uses the -a option.
<BR>
<P>The output is formatted into columns showing the protocol (Proto), the amount of data in the receive and send queues (Recv-Q and Send-Q), the local and remote addresses, and the current state of the connection. A truncated sample output is shown here:
<BR>
<PRE>
<FONT COLOR="#000080">$ netstat -a
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
ip 0 0 *.* *.*
tcp 0 2124 tpci.login merlin.1034 ESTABL.
tcp 0 0 tpci.1034 prudie.login ESTABL.
tcp 11212 0 tpci.1035 treijs.1036 ESTABL.
tcp 0 0 tpci.1021 reboc.1024 TIME_WAIT
tcp 0 0 *.1028 *.* LISTEN
tcp 0 0 *.* *.* CLOSED
tcp 0 0 *.6000 *.* LISTEN
tcp 0 0 *.listen *.* LISTEN
tcp 0 0 *.1024 *.* LISTEN
tcp 0 0 *.sunrpc *.* LISTEN
tcp 0 0 *.smtp *.* LISTEN
tcp 0 0 *.time *.* LISTEN
tcp 0 0 *.echo *.* LISTEN
tcp 0 0 *.finger *.* LISTEN
tcp 0 0 *.exec *.* LISTEN
tcp 0 0 *.telnet *.* LISTEN
tcp 0 0 *.ftp *.* LISTEN
tcp 0 0 *.* *.* CLOSED
udp 0 0 *.60000 *.*
udp 0 0 *.177 *.*
udp 0 0 *.1039 *.*
udp 0 0 *.1038 *.*
udp 0 0 localhost.1036 localhost.syslog
udp 0 0 *.1034 *.*
udp 0 0 *.* *.*
udp 0 0 *.1027 *.*
udp 0 0 *.1026 *.*
udp 0 0 *.sunrpc *.*
udp 0 0 *.1025 *.*
udp 0 0 *.time *.*
udp 0 0 *.daytime *.*
udp 0 0 *.chargen *.*
udp 0 0 *.route *.*
udp 0 0 *.* *.*</FONT></PRE>
<BLOCKQUOTE>
<BLOCKQUOTE>
<HR ALIGN=CENTER>
<BR>
<NOTE>
<IMG SRC="note.gif" tppabs="http://www.mcp.com/817948800/0-672/0-672-30885-1/note.gif" WIDTH = 75 HEIGHT = 46>The output shown for the netstat commands in this section is from an SCO UNIX system. Each implementation of netstat is slightly different, so the output columns might change, and different options might be needed to obtain each type of report. Check with your system documentation for more details about your netstat implementation.</NOTE>
<BR>
<HR ALIGN=CENTER>
</BLOCKQUOTE></BLOCKQUOTE>
<P>In the preceding example, there are three active TCP connections, as identified by the state ESTABL. One has data being sent (as shown in the Send-Q column), and another has incoming data in the queue. The network names and port numbers of the connection ends are shown whenever possible. An asterisk (*) means there is no end point associated with that address yet.
<BR>
<P>One connection is waiting to be hung up, identified by TIME_WAIT in the state column. After 30 seconds, these sessions are terminated and the connection freed. Any row with LISTEN as the state has no connection at the moment, and is waiting. There is no state column for UDP sessions because they do not have an end-to-end connection (as discussed on Day 5, "Gateway and Routing Protocols"). A CLOSED entry in the output shows that the connection is closed but hasn’t switched over to LISTEN yet.
<BR>
<BR>
<A ID="E69E105" NAME="E69E105"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Network Interface Statistics</B></FONT></CENTER></H4>
<BR>
<P>The behavior of the network interface (such as the network interface card) can be determined with the -i option to the netstat command. This information quickly shows an administrator whether there are major problems with the network connection.
<BR>
<P>The netstat -i command displays the name of the interface, the maximum number of characters a packet can contain (Mtu), the network and host addresses or names, the number of input packets (Ipkts), input errors (Ierrs), output packets (Opkts), output errors (Oerrs), and number of collisions (Collis) experienced in the current sampling session. The collisions column has relevance only for a networking system that enables packet collisions, such as Ethernet. A sample output from a netstat -i command is shown here:
<BR>
<PRE>
<FONT COLOR="#000080">$ netstat -i
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Collis
ec0 1500 tpci merlin 34 0 125 0 0
lan0 1497 47.80 tpci_hpws4 11625 0 11625 0 0
lo0 8232 loopback localhost 206 0 206 0 0</FONT></PRE>
<P>An administrator can obtain more specific information about one interface by using the -I option with a device name and a time interval, specified in seconds, such as netstat -I ec0 30 to obtain specific information about the behavior of the ec0 (Ethernet) interface over the last 30 seconds.
<BR>
<BR>
<A ID="E69E106" NAME="E69E106"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Data Buffers</B></FONT></CENTER></H4>
<BR>
<P>Information about the data buffers can be obtained with the netstat command's -m option. Monitoring the behavior of the buffers is important, because they directly impact the performance of TCP/IP. The output of the netstat -m command differs depending on the version of UNIX in use, reflecting the different implementations of the TCP/IP code.
<BR>
<P>The netstat -m command output from a System V-based UNIX version is shown in the following code example. Entries are provided for the streamhead, queue, message descriptor table (mblks), data descriptor table (dblks), and the different classes of data descriptor tables. The columns show the number of blocks configured (config) and currently allocated (alloc), the number of columns free (free), the total number of blocks in use (total), the maximum number of blocks that were in use at one time (max), and the number of times a block was not available (fail).
<BR>
<PRE>
<FONT COLOR="#000080">$ netstat -m
streams allocation:
config alloc free total max fail
streams 292 79 213 233 80 0
queues 1424 362 1062 516 368 0
mblks 5067 196 4871 3957 206 0
dblks 4054 196 3858 3957 206 0
class 0, 4 bytes 652 50 602 489 53 0
class 1, 16 bytes 652 2 650 408 4 0
class 2, 64 bytes 768 6 762 2720 14 0
class 3, 128 bytes 872 105 767 226 107 0
class 4, 256 bytes 548 21 527 36 22 0
class 5, 512 bytes 324 12 312 32 13 0
class 6, 1024 bytes 107 0 107 1 1 0
class 7, 2048 bytes 90 0 90 7 1 0
class 8, 4096 bytes 41 0 41 38 1 0
total configured streams memory: 1166.73KB
streams memory in use: 44.78KB
maximum streams memory used: 58.57KB</FONT></PRE>
<P>For the administrator, the failure column is important. It should always show 0s. If a larger number appears, that resource has been overtaxed and the number of blocks assigned to that resource should be increased (followed by a kernel rebuild and a reboot of the system to effect the changes).
<BR>
<BR>
<A ID="E69E107" NAME="E69E107"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Routing Table Information</B></FONT></CENTER></H4>
<BR>
<P>Routing tables are continually updated to reflect connections to other machines. To obtain information about the routing tables, the netstat -r and -rs options are used. (The latter generates statistics about the routing tables.)
<BR>
<P>The output from netstat -r and netstat -rs commands are shown in the following code example. The columns show the destination machine, the address of the gateway to be used, a flag to show whether the route is active (U) and whether it leads to a gateway or a machine (H for host), a reference counter (Refs) that specifies how many active connections can use that route simultaneously, the number of packets that have been sent over the route (Use), and the interface name.
<BR>
<PRE>
<FONT COLOR="#000080">$ netstat -r
Routing tables
Destination Gateway Flags Refs Use Interface
localhost localhost UH 4 10 lo0
merlin localhost UH 2 2 ec0
treijs hoytgate UG 0 0 ec0
47.80 bcarh736 U 12 21029 lan0
tpci sco4-57> netstat -rs
routing:
0 bad routing redirects
0 dynamically created routes
0 new gateways found unreachable
2 destinations found unreachable
122 uses of a wildcard route
0 routes marked doutbful
0 routes cleared of being doubtful
0 routes deleted</FONT></PRE>
<BR>
<A ID="E69E108" NAME="E69E108"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Protocol Statistics</B></FONT></CENTER></H4>
<BR>
<P>Statistics about the overall behavior of network protocols can be obtained with the netstat -s command. This usually provides summaries for IP, ICMP, TCP, and UDP. The output from this command is useful for determining where an error in a received packet was located, which then leads the user to isolate whether that error was caused by a software or network problem.
<BR>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -