Since we aren’t doing “Monday this” and “Friday that” for a while, I thought I should leave off the usual title prefix. I’m also continuing the chapter by chapter review for today to ease back into the writing. This won’t be every Monday, but I need to mix these in every now and then to keep from letting it trail off before the reviews are finished.
This chapter focuses on viewing network connections. This is useful for troubleshooting, diagnostics, and performance data gathering. The chapter goes into details for displaying live ports, tcp/udp/both, filtering by state such as “established connections,” identifying the ports, and identifying the programs that own those ports. The netstat command is discussed heavily, but lsof and sockstat make an appearance, as well.
As mentioned by the author, there is no common command for displaying which programs own which ports. The lsof command is ported to many platforms, but is not always an option.
As an example of how to deal with this in AIX, (not specifically covered by the book,) you need to do this in two commands. First, run the netstat command with the -A flag to get the socket identifier, then pass the identifier for the specific port to the “rmsock” command using tcbcb as the last parameter. This will show you the program that owns that socket, even though you aren’t actually removing the socket at all.
Also, on openbsd you can use the fstat command, but this was not covered by the author.
Thanks for reading, and remember to check out the social media links from this site!