ss command is a tool that is used for displaying network socket related information on a Linux system. The tool displays more detailed information that the netstat command which is used for displaying active socket connections.
The ss command in Linux is a powerful utility used to display information about network sockets. It stands for “socket statistics” and provides a comprehensive way to investigate sockets—both network and system-related. The ss command is often used for various network-related tasks such as querying socket statistics, displaying socket information, and examining network connections.
Here are some common options and functionalities of the ss command
Common Options:
-t,-u,-w: Display TCP, UDP, or RAW sockets, respectively.-a: Show all sockets.-l: Display listening sockets.-n: Show numerical addresses instead of resolving hostnames.-p: Show process information for each socket.-r: Display routing information.-s: Show socket summary statistics.-e: Show detailed information.-4,-6: Show IPv4 or IPv6 sockets.-o: Display timer information.
In this guide, we delve in and see how the ss command can be used to display varied socket connection information in Linux.
Table of Contents
1. Listing all Connections
The basic ss command without any options simply lists all the connections regardless of the state they are in.
ss
2. Listing Listening and Non-listening Ports
You can retrieve a list of both listening and non-listening ports using the -a option as shown below.
ss -a
3. Listing Listening Sockets
To display listening sockets only, use the -l flag as shown.
ss -l
4. List all TCP Connections
To display all TCP connection, use the -t option as shown.
ss -t
5. List all Listening TCP Connections
To have a view of all the listening TCP socket connection use the -lt combination as shown.
ss -lt
6. List all UDP Connections
To view all the UDP socket connections use the -ua option as shown.
ss -ua
7. List all Listening UDP Connections
To list listening UDP connections use the -lu option.
ss -lu
8. Display PID (Process IDs) of Sockets
To display the Process IDs related to socket connections, use the -p flag as shown
ss -p
9. Display Summary Statistics
To list the summary statistics, use the -s option.
ss -s
10. Display IPv4 and IPv6 Socket Connections
If you are curious about the IPv4 socket connections use the -4 option.
ss -4
To display IPv6 connections, use the -6 option.
ss -6
11. Filter Connections by Port Number
ss command also lets you filter socket port number or address number. For example, to display all socket connections with a destination or source port of ssh run the command.
ss -at '( dport = :22 or sport = :22 )'
Alternatively, you can run the command.
ss -at '( dport = :ssh or sport = :ssh )'
12. Check Man Pages for ss Command
To get more insights into the ss command usage, check the man pages using the command.
man ss
Those are some of the commonly used options that are used with ss command. The command is considered more superior to netstat command and provide detailed information about network connections.
ss is a versatile command and offers various options to retrieve specific socket-related information. It’s particularly useful for network diagnostics, troubleshooting, and monitoring tasks on a Linux system. Adjust the options based on your requirements to get detailed insights into network sockets and connections
