-
Notifications
You must be signed in to change notification settings - Fork 1
/
ss.cheat
43 lines (31 loc) · 1.24 KB
/
ss.cheat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
% network,ss,pushou
# ss -tunlp (tcp udp numeric listening process)
ss -tunlp
# ss stats
ss -s
# ss display timer (-o)
ss -tn -o
# ss tcp filter
ss -<IP_VERSION> --<PROTO> state <TCP_FILTER>
# continuous read
watch -n 1 "ss -t4 state syn-sent"
# filter by address and text port number ss -at '( dport = :ssh or sport = :ssh )'
ss -<IP_VERSION> --<PROTO> '( dport = <NNPORT> or sport = <NNPORT> )'
# filter by address and numerical port number ss -at '( dport = :22 or sport = :22 )'
ss -<IP_VERSION> --<PROTO> '( dport = <PORT> or sport = <PORT> )'
# source port is greater than 5000
ss -<IP_VERSION> --<PROTO> src <IP_ADDRESS> sport gt <PORT>
# ss full with cgroups
ss -neopa
# ss get ebpf
sudo ss -0bp
$ PROTO: echo 'tcp udp all' | tr ' ' '\n'
$ IP_VERSION: echo '4 6' | tr ' ' '\n'
$ AT_NT: echo 'at nt' | tr ' ' '\n'
$ TCP_FILTER: echo 'established syn-sent syn-recv fin-wait-1 fin-wait-2 time-wait closed close-wait last-ack closing synchronized'| tr ' ' '\n'
$ SD_PORT: echo 'sport dport'| tr ' ' '\n'
$ NNPORT : cat /etc/services | awk '{print ":"$1}' | egrep -v '^:#'| tr ' ' '\n'
$ START_PORT: echo {1..65535} | tr ' ' '\n'
$ END_PORT: echo {1..65535} | tr ' ' '\n'
$ PORT: echo {1..65535} | tr ' ' '\n'
$ TO_PORT: echo {1..65535} | tr ' ' '\n'