为什么ss(8)与netstat(8)理解监听UDP端口不同?


8

如果执行ss -lu该命令以查看所有侦听的UDP套接字,则不会显示任何套接字。如果我执行ss -au,列出所有(侦听和非侦听)UDP套接字,则“侦听”套接字显示为UNCONN:

T60:~ # lsof -n | sed -n '1p;/UDP/p'
COMMAND     PID   TID       USER   FD      TYPE     DEVICE SIZE/OFF       NODE NAME
avahi-dae   963            avahi   11u     IPv4       9088      0t0        UDP *:mdns 
avahi-dae   963            avahi   12u     IPv4       9089      0t0        UDP *:44639 
cupsd      1238             root   10u     IPv4       8160      0t0        UDP *:ipp 
dhcpcd     2072             root    7u     IPv4     532052      0t0        UDP *:bootpc 
dhclient6 13131             root    5u     IPv6      38031      0t0        UDP *:dhcpv6-client 
dhclient6 13131             root   20u     IPv4      37954      0t0        UDP *:20152 
dhclient6 13131             root   21u     IPv6      37955      0t0        UDP *:36745 
atftpd    20639             tftp    0u     IPv4     344977      0t0        UDP *:tftp 
T60:~ # netstat -lu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
udp        0      0 *:bootpc                *:*                                 
udp        0      0 *:tftp                  *:*                                 
udp        0      0 *:44639                 *:*                                 
udp        0      0 *:ipp                   *:*                                 
udp        0      0 *:20152                 *:*                                 
udp        0      0 *:mdns                  *:*                                 
udp        0      0 *:36745                 *:*                                 
udp        0      0 *:dhcpv6-client         *:*                                 
T60:~ # ss -lu
Recv-Q Send-Q                                                                                                          Local Address:Port                                                                                                              Peer Address:Port   
T60:~ # ss -ua
State       Recv-Q Send-Q                                                                                                     Local Address:Port                                                                                                         Peer Address:Port   
UNCONN      0      0                                                                                                                      *:bootpc                                                                                                                  *:*       
UNCONN      0      0                                                                                                                      *:tftp                                                                                                                    *:*       
UNCONN      0      0                                                                                                                      *:44639                                                                                                                   *:*       
UNCONN      0      0                                                                                                                      *:ipp                                                                                                                     *:*       
UNCONN      0      0                                                                                                                      *:20152                                                                                                                   *:*       
UNCONN      0      0                                                                                                                      *:mdns                                                                                                                    *:*       
UNCONN      0      0                                                                                                                     :::36745                                                                                                                  :::*       
UNCONN      0      0                                                                                                                     :::dhcpv6-client                                                                                                                :::*       
T60:~ # ss -v
ss utility, iproute2-ss110629
T60:~ # 

这背后的逻辑是什么?例如,运行atftpd监听连接,状态应该为LISTEN而不是UNCONN,不是吗?


也许只是措辞?监听套接字显然未连接... ;-)
Hauke Laging

1
@HaukeLaging更不用说考虑UDP的两个声音了:)
TNW

我注意到-ulRHEL5和RHEL6之间的行为有所不同。这对RHEL5毫无意义,但是RHEL6可以实现您所期望的。(状态仍在UNCONN输出中列出,但只显示了侦听器)
Andrew B

Answers:


4

UDP是无连接协议。SS可能不会仅在UCONN或ESTAB中以LISTEN状态显示一个。

如果我这样做

$ nc -u -l 2333

然后ss将显示(在第二个shell中):

$ ss -au|grep 2333
UNCONN     0      0                       *:2333                     *:*       

如果我再连接到它(第三个外壳)

$ nc -u localhost 2333

然后SS显示:

$ ss -au|grep 2333
ESTAB      0      0               127.0.0.1:2333             127.0.0.1:58434   
ESTAB      0      0               127.0.0.1:58434            127.0.0.1:2333    
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.