From d0f74b8605d72868c49fec7d27225398118f9409 Mon Sep 17 00:00:00 2001 From: johannst Date: Fri, 2 Oct 2020 11:28:11 +0200 Subject: updated lsof --- src/monitor/lsof.md | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'src/monitor') diff --git a/src/monitor/lsof.md b/src/monitor/lsof.md index 8253003..f621abe 100644 --- a/src/monitor/lsof.md +++ b/src/monitor/lsof.md @@ -2,12 +2,15 @@ ```markdown lsof + -r ..... repeatedly execute command ervery seconds -a ......... AND slection filters instead ORing (OR: default) -p ... filter by +fg ........ show file flags for file descripros -n ......... don't convert network addr to hostnames -P ......... don't convert network port to service names -i <@h[:p]>. show connections to h (hostname|ip addr) with optional port p + -s ... in conjunction with '-i' filter for protocol

in state + -U ......... show unix domain sockets ('@' indicates abstract sock name, see unix(7)) ``` ```markdown @@ -18,6 +21,18 @@ file flags: TR ......... truncate ``` +```markdown +-s protocols + TCP, UDP + +-s states (TCP) + CLOSED, IDLE, BOUND, LISTEN, ESTABLISHED, SYN_SENT, SYN_RCDV, ESTABLISHED, + CLOSE_WAIT, FIN_WAIT1, CLOSING, LAST_ACK, FIN_WAIT_2, TIME_WAIT + +-s states (UDP) + Unbound, Idle +``` + # Examples ## File flags @@ -25,10 +40,11 @@ Show open files with file flags for process: ```markdown lsof +fg -p ``` + ## Open TCP connections Show open tcp connections for `$USER`: ```markdown -lsof -a -u $USER -i tcp +lsof -a -u $USER -i TCP ``` **Note**: `-a` _ands_ the results. If `-a` is not given all open files matching `$USER` and all tcp connections are listed (_ored_). @@ -38,3 +54,8 @@ Show open connections to `localhost` for `$USER`: ```markdown lsof -a -u $USER -i @localhost ``` + +## IPv4 TCP connections in `ESTABLISHED` state +```markdown +lsof -i 4TCP -s TCP:ESTABLISHED +``` -- cgit v1.2.3