Handy Linux network stat commands

Posted by Thomas on December 24th 2008 - Tags: ,

Netstat can be used to do a lot of things, I usually use it to keep track of how many connections there are to my server. These are my two most used commands

Show the number of connections on your http port

netstat -nta | grep :80 | wc -l

List the top10 ips using the highest number of connections to your server

netstat -atnp -A inet | awk -F " " '{print $5} ' | awk -F ":" '{print $1}' | sort | uniq -c | sort -nr | head -10

If there are some bad offenders in the list, you can ban their ip by using IP tables.

Ban:

sudo iptables -A INPUT -s <IPHERE> -j DROP

Unban:

sudo iptables -D INPUT -s <IPHERE> -j DROP

These are temporary bans, if you want to save them you will need to save the IP tables and restart the IP table service. This is for rhel, fedora and centOS.

sudo service iptables save
sudo service iptables restart

There are no comments yet, be the first to voice your opinion!

Leave a Reply