Displaying traffic using a specific port on a server.
Hi EE,
Running the command:
ss -t | grep 22
Result:
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 0 0 127.0.0.1:59392 127.0.0.1:38537
ESTAB 0 52 10.2.112.119:ssh 10.98.4.13:64686
ESTAB 0 0 127.0.0.1:38537 127.0.0.1:59392
ESTAB 0 0 127.0.0.1:59392 127.0.0.1:38535
ESTAB 0 0 127.0.0.1:38535 127.0.0.1:59392
What is the correct syntax for only displaying connections that are using port 22 for comms?
Any assistance is welcome.
Thank you.
Running the command:
ss -t | grep 22
Result:
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 0 0 127.0.0.1:59392 127.0.0.1:38537
ESTAB 0 52 10.2.112.119:ssh 10.98.4.13:64686
ESTAB 0 0 127.0.0.1:38537 127.0.0.1:59392
ESTAB 0 0 127.0.0.1:59392 127.0.0.1:38535
ESTAB 0 0 127.0.0.1:38535 127.0.0.1:59392
What is the correct syntax for only displaying connections that are using port 22 for comms?
Any assistance is welcome.
Thank you.
ASKER
Hi Prabhin,
Fair enough is there a way to get a historical log of established connections over a period of time using the command line.
Thank you.
Fair enough is there a way to get a historical log of established connections over a period of time using the command line.
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Prabhin,
Thank you for your help, much appreciated.
Thank you for your help, much appreciated.
The ss command is a tool used to dump socket statistics and displays information in a similar fashion (although simpler and faster) to netstat.
-t means TCP
-u means UDP
ss -t | grep 22
shows that you are searching ssh established connections