RE: netstat ?

To: <debian-user@lists.debian.org>
Subject: RE: netstat ?
From: Hadi Motamedi <motamedi24@hotmail.com>
Date: Wed, 24 Feb 2010 06:43:36 +0000
Message-id: <[🔎] SNT125-W265DB18BD9BD0250D4116ADB410@phx.gbl>
In-reply-to: <[🔎] 201002232359.41393.bss@iguanasuicide.net>
References: <[🔎] SNT125-W503AD2F570F2C86CE7A4AFDB410@phx.gbl>,<[🔎] 201002232359.41393.bss@iguanasuicide.net>

> From: bss@iguanasuicide.net
> To: debian-user@lists.debian.org
> Subject: Re: netstat ?
> Date: Tue, 23 Feb 2010 23:59:41 -0600
>
> In <[🔎] SNT125-W503AD2F570F2C86CE7A4AFDB410@phx.gbl>, Hadi Motamedi wrote:
> >My Debian server is at @172.16.128.1 and the remote network element is at
> > @172.16.4.1 , but the 'netstat' does not show the ip address and the
> > assigned port from my Debian . It just shows many dedicated ports ,
> > assigned with '0.0.0.0:xx' format . Can you please let me know how can I
> > distinguish the dedicated port to that remote network element ?
>
> There's not one. That's not the way TCP/IP or UDP/IP servers work. All the
> client connections use the same server IP address and port. The TCP/IP or
> UDP/IP stack separates them into different connections based on the source
> address. Netstat shows sockets, not connections.
>
> In pictures (ASCII art, view in a fixed-width font):
>
> src = "" src = "">> +----------+ dst = x.x.x.x:dx +---------+ dst = x.x.x.x:dx +----------+
> | Client 1 |----------------->| Server |<-----------------| Client 2 |
> | y.y.y.y | | x.x.x.x | | z.z.z.z |
> | port ry |<-----------------| port dx |----------------->| port rz |
> +----------+ src = "" +---------+ src = "" +----------+
> dst = y.y.y.y:ry dst = z.z.z.z:rz
>
> There are a number of tools that can "look in" to the TCP/IP or UDP/IP stack
> and give you per-connection metrics. I think iptraf is one of them; tcpdump
> can also be used. Someone with more network monitoring experience will have
> to mention any others.
> --
> Boyd Stephen Smith Jr. ,= ,-_-. =.
> bss@iguanasuicide.net ((_/)o o(\_))
> ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
> http://iguanas uicide.net/ \_/

Thank you for your reply . Sorry , you mean the tcpdump can be used to monitor the exchanged packets toward an spesific ip address ? I thought that it can just monitor all of the packets on my eth0 and then I need to find the dedicated port to try to filter with . If it can do that , please provide me with an example on how to use it to monitor for an specific ip address ?

Hotmail: Powerful Free email with security by Microsoft. Get it now.

Reply to:

Follow-Ups:
- RE: netstat ?
  - From: "Tim Clewlow" <tim@clewlow.org>

References:
- netstat ?
  - From: Hadi Motamedi <motamedi24@hotmail.com>
- Re: netstat ?
  - From: "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>

Prev by Date: Successful running 3D apps w open driver. Solving Xserver modes switching.
Next by Date: Problem with php on debian
Previous by thread: Re: netstat ?
Next by thread: RE: netstat ?
Index(es):
- Date
- Thread