I don't know how often you need to poll, or what you mean with "expensive", but with the right options both netstat and lsof run a lot faster than in the default configuration. Examples:
netstat -ltn
shows only listening tcp sockets, and omits the (slow) name resolution that is on by default.
lsof -b -n -i4tcp:80
omits all blocking operations, name resolution, and limits the selection to IPv4 tcp sockets on port 80.
I guess netstat basically uses this exact same information so i don't know if you will be able to speed it up a whole lot. Be sure to try the netstat '-an' flags to NOT resolve ip-adresses to hostnames realtime (as this can take a lot of time due to dns queries).
在 Linux 上(我不知道 Solaris 上的情况)。 这将为您提供所有系统调用的日志。 这是很多输出,其中一些是相关的。 查看它正在打开的 /proc 文件系统中的文件。 这应该会引导您了解 netstat 是如何做到这一点的。 不雅的是,ltrace 将允许您通过 c 库做同样的事情。 在这种情况下对您没有用,但在其他情况下可能很有用。
如果还不清楚,请查看来源。
The easiest thing to do is
strace -f netstat -na
On Linux (I don't know about Solaris). This will give you a log of all of the system calls made. It's a lot of output, some of which will be relevant. Take a look at the files in the /proc file system that it's opening. This should lead you to how netstat does it. Indecently, ltrace will allow you to do the same thing through the c library. Not useful for you in this instance, but it can be useful in other circumstances.
If it's not clear from that, then take a look at the source.
发布评论
评论(5)
我不知道你需要多久轮询一次,也不知道你所说的“昂贵”是什么意思,但是使用正确的选项,
netstat和lsof的运行速度比默认配置。示例:
仅显示监听tcp 套接字,并忽略默认启用的(慢速)名称名称分辨率。
省略所有b锁定操作、名称名称解析,并将选择限制为端口 80 上的 IPv4 tcp 套接字。
I don't know how often you need to poll, or what you mean with "expensive", but with the right options both
netstatandlsofrun a lot faster than in the default configuration.Examples:
shows only listening tcp sockets, and omits the (slow) name resolution that is on by default.
omits all blocking operations, name resolution, and limits the selection to IPv4 tcp sockets on port 80.
在 Solaris 上,您可以使用
pfiles(1)来执行此操作:对于 Linux,这更复杂(可怕):
00000000:0016是0.0.0.0:22。 以下是netstat -a的等效输出:On Solaris you can use
pfiles(1)to do this:For Linux, this is more complex (gruesome):
00000000:0016is0.0.0.0:22. Here's the equivalent output fromnetstat -a:对于 Linux,请查看
/proc/net目录(例如,
cat /proc/net/tcp列出您的 tcp 连接)。 不确定 Solaris 的情况。更多信息请参见此处。
我想 netstat 基本上使用完全相同的信息,所以我不知道你是否能够加快它的速度。 请务必尝试使用 netstat '-an' 标志来不将 ip 地址实时解析为主机名(因为由于 dns 查询,这可能会花费大量时间)。
For Linux, have a look at the
/proc/netdirectory(for example,
cat /proc/net/tcplists your tcp connections). Not sure about Solaris.Some more information here.
I guess netstat basically uses this exact same information so i don't know if you will be able to speed it up a whole lot. Be sure to try the netstat '-an' flags to NOT resolve ip-adresses to hostnames realtime (as this can take a lot of time due to dns queries).
最简单的事情是
在 Linux 上(我不知道 Solaris 上的情况)。 这将为您提供所有系统调用的日志。 这是很多输出,其中一些是相关的。 查看它正在打开的 /proc 文件系统中的文件。 这应该会引导您了解 netstat 是如何做到这一点的。 不雅的是,ltrace 将允许您通过 c 库做同样的事情。 在这种情况下对您没有用,但在其他情况下可能很有用。
如果还不清楚,请查看来源。
The easiest thing to do is
On Linux (I don't know about Solaris). This will give you a log of all of the system calls made. It's a lot of output, some of which will be relevant. Take a look at the files in the /proc file system that it's opening. This should lead you to how netstat does it. Indecently, ltrace will allow you to do the same thing through the c library. Not useful for you in this instance, but it can be useful in other circumstances.
If it's not clear from that, then take a look at the source.
netstat 或 lsof 的替代方案是 fusionr
$ fusionr 22/tcp
22/tcp: 547 825 842 896 898
或者如果您想知道它是如何工作的(对于 ipv4 tcp)并自行操作:
$ ls -l /proc//fd/ | grep $(PORT=22 grep
printf ":%04x" $PORT/proc/net/tcp | awk '{printf(" -e %s",$10); }') | awk -F/ '{打印 $3 }'alternative for netstat or lsof is fuser
$ fuser 22/tcp
22/tcp: 547 825 842 896 898
or if you like to know how it works (for ipv4 tcp) and do it on your own:
$ ls -l /proc//fd/ | grep $(PORT=22 grep
printf ":%04x" $PORT/proc/net/tcp | awk '{printf(" -e %s",$10); }') | awk -F/ '{print $3 }'