ss
(“socket statistics”) is a *nix tool for listing socket informaion, e.g., which TCP/UDP ports are in use.
Difference between
ss
andnetstat
ss
is a newer and superior version ofnetstat
, and they share many common options. Note that some options may have changed or been removed (see here). Some functionalities fromnetstat
are available in ip (see here).
Common oneliners (may require sudo to see process name and PID):
# View processes listening on TCP ports
ss -plnt # or -tlpn
ss --processes --listening --numeric --tcp
# View processes listening on UDP/TCP ports
ss -plnut # or -tulpn
ss -plnt --udp
# The same, but with extended socket info
ss -plenut # or -tulpen
ss -plnut --extended
# View all UDP/TCP ports in use
ss -naut
ss -ntu --all
Common options:
- Filter by listen
-l
,--listening
: list listening sockets (i.e., socket being listened on by a process)-a
,--all
: list all sockets
- Filter by protocol
-t
,--tcp
: list TCP sockets-u
,--udp
: list UDP sockets- Note that
ss -ltu
matches sockets on either a TCP or UDP port
- Display additional data
-p
,--processes
: list PID that is using (listening on) the port-e
,--extended
: show more information about the socket & process-n
,--numeric
: show port as number instead of service-r
,--resolve
: resolve IP address into hostname