[英]What are the differences between lsof and netstat on linux?
I encounted a problem today:今天遇到一个问题:
When I started HDP docker container, an error occured:启动HDP docker容器时,出现错误:
listen tcp 0.0.0.0:8086: bind: address already in use
监听 tcp 0.0.0.0:8086: bind: address already in use
According to error message, I know that port 8086 was already in use, so I tried some commands to determine which program was using port 8086. lsof -i:8086 lsof -i tcp:8086 lsof | grep 8086
根据错误信息,我知道8086端口已经被占用了,所以我尝试了一些命令来确定哪个程序在使用
lsof -i:8086 lsof -i tcp:8086 lsof | grep 8086
端口。 lsof -i:8086 lsof -i tcp:8086 lsof | grep 8086
lsof -i:8086 lsof -i tcp:8086 lsof | grep 8086
But all of commands above make no outputs!但是上面的所有命令都没有输出!
I felt really confused about that, after some searching on google, I tried another command: netstat -pna | grep 8086
我对此感到非常困惑,在谷歌上搜索之后,我尝试了另一个命令:
netstat -pna | grep 8086
netstat -pna | grep 8086
I got correct output from this command.我从这个命令得到了正确的输出。
I know some differences between lsof
and netstat
, but I really do not know why I cannot get any output from lsof -i:8086
?.我知道
lsof
和netstat
之间的一些区别,但我真的不知道为什么我无法从lsof -i:8086
获得任何输出?。
Here are some differences between two commands I searched from google:以下是我从谷歌搜索的两个命令之间的一些差异:
netstat(net statistic) is connection based,it shows NW connections (udp/tcp ports), routing tables, interface, multi-cast membership, etc. netstat(net statistic) 是基于连接的,它显示 NW 连接(udp/tcp 端口)、路由表、接口、多播成员等。
lsof(list of open files) is application based, this is kind of like netstat + ps, there you can see all accessed ports, NW connections, etc. but lsof includes stuff like my local emacs window terminal session (tty dev/pts/n) which is not part of netstat lsof(打开文件列表)是基于应用程序的,这有点像 netstat + ps,在那里你可以看到所有访问的端口、NW 连接等,但 lsof 包括我本地 emacs 窗口终端会话(tty dev/pts/ n) 不属于 netstat
I faced a similar issue today.我今天遇到了类似的问题。 The solution was to run the lsof command with sudo privileges.
解决方案是使用 sudo 权限运行 lsof 命令。
sudo lsof -i:8086
should print the desired output.应该打印所需的输出。
LSOF: List of Open Files.
LSOF:打开文件列表。 It lists all the open files belonging to all active processes.
它列出了属于所有活动进程的所有打开的文件。
Examples:例子:
sudo lsof -n -i
sudo lsof -n -i4
sudo lsof -n -i :80
NETSTAT: It is a tool to get the network statistics.
NETSTAT:它是一个获取网络统计信息的工具。 By default, netstat displays a list of open sockets.
默认情况下,netstat 显示打开的套接字列表。 If you don't specify any address families, then the active sockets of all configured address families will be printed.
如果不指定任何地址族,则将打印所有已配置地址族的活动套接字。
Displays the kernel routing tables:显示内核路由表:
netstat -r
Display all listening and established connection for both TCP and UDP with PID data:使用 PID 数据显示 TCP 和 UDP 的所有侦听和已建立连接:
netstat -plunt
Additionally, You have another command line tool to use which is SS.此外,您还有另一个命令行工具可以使用,它是 SS。
SS: It is used to dump socket statistics.
SS:用于转储套接字统计信息。 It allows showing information similar to netstat.
它允许显示类似于 netstat 的信息。 It can display more TCP and state information than other tools.
它可以显示比其他工具更多的 TCP 和状态信息。
-plunt
gives data for the TCP and UDP connections which are established and listening with process information: -plunt
为 TCP 和 UDP 连接提供数据,这些连接建立并监听进程信息:
sudo ss -plunt
You should be root to get proper answers to your lsof
questions.您应该是 root 才能获得
lsof
问题的正确答案。 Your command is fine, assuming something really is listening on that port.你的命令没问题,假设有什么东西真的在监听那个端口。
As you already mentioned, lsof
is a very useful command which is used to list files opened by a specific process, while netstat
is a tool for monitoring network connections.正如您已经提到的,
lsof
是一个非常有用的命令,用于列出特定进程打开的文件,而netstat
是一个用于监视网络连接的工具。
You should be able to find the PID of the process listening on port 8086 with netstat
:您应该能够使用
netstat
找到侦听端口 8086 的进程的 PID:
netstat -tunlp |grep :8086
and then use lsof
to list the files used by the process:然后使用
lsof
列出进程使用的文件:
lsof -p PID
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.