cheat.sheets:ss
# ss
# Dump socket statistics for network connections.
#
# Options:
# -4/-6 list ipv4/ipv6 sockets
# -n numeric addresses instead of hostnames
# -l list listening sockets
# -u/-t/-x list udp/tcp/unix sockets
# -p Show process(es) that using socket
# Basic usage to display all sockets
ss
# List all TCP connections
ss -t
# List all UDP connections
ss -u
# Show listening sockets
ss -l
# Display summary statistics
ss -s
# Display all sockets, including those in established state
ss -a
# Show detailed information with numeric addresses
ss -n
# Filter sockets by state (e.g., LISTEN, ESTABLISHED)
ss state LISTEN
# Display sockets of a specific protocol (e.g., TCP)
ss -t -a
# Show sockets belonging to a specific user
ss -u -p USER
# Show sockets related to a specific process
ss -p
# Display IPv4 sockets
ss -4
# Display IPv6 sockets
ss -6
# Filter based on specific ports
ss 'sport = :80' # source port 80
ss 'dport = :22' # destination port 22
# Combine filters for more refined results
ss -t -a 'dport = :22' state ESTABLISHED
# Show all listening TCP ports, including the corresponding process.
ss -tlp
# Show a summary of all ports connecting to 192.168.2.1 via port 80.
ss -t dst 192.168.2.1:80
# Show all SSH-related connection.
#
# Documentation on the filter syntax can be installed via the following command
# if on a Debian- or Ubuntu-based distribution of Linux:
#
# sudo apt-get install iproute2-doc
#
ss -t state established '( dport = :ssh or sport = :ssh )'
# Display timer information.
ss -tno
# Filter connections by TCP state.
ss -t4 state established
cheat:ss
---
tags: [ networking ]
---
Args
-4/-6 list ipv4/ipv6 sockets
-n numeric addresses instead of hostnames
-l list listing sockets
-u/-t/-x list udp/tcp/unix sockets
-p Show process(es) that using socket
# show all listening tcp sockets including the corresponding process
ss -tlp
# show all sockets connecting to 192.168.2.1 on port 80
ss -t dst 192.168.2.1:80
# show all ssh related connection
ss -t state established '( dport = :ssh or sport = :ssh )'
tldr:ss
# ss
# Utility to investigate sockets.
# More information: <https://manned.org/ss.8>.
# Show all TCP/UDP/RAW/UNIX sockets:
ss -a -t|-u|-w|-x
# Filter TCP sockets by states, only/exclude:
ss state/exclude bucket/big/connected/synchronized/...
# Show all TCP sockets connected to the local HTTPS port (443):
ss -t src :443
# Show all TCP sockets listening on the local 8080 port:
ss -lt src :8080
# Show all TCP sockets along with processes connected to a remote ssh port:
ss -pt dst :ssh
# Show all UDP sockets connected on specific source and destination ports:
ss -u 'sport == :source_port and dport == :destination_port'
# Show all TCP IPv4 sockets locally connected on the subnet 192.168.0.0/16:
ss -4t src 192.168/16
# Kill IPv4 or IPv6 Socket Connection with destination IP 192.168.1.17 and destination port 8080:
ss --kill dst 192.168.1.17 dport = 8080
$
cheat.sh