The ss (socket state) command is an information gathering utility similar to netstat but provides simpler output and syntax. The ss tool can provide information about established TCP connections or which ports the system may be listening on for inbound connections. This can help you diagnose problems related to clients and servers being unable to communicate with one another over the desired protocol; a missing socket could mean that the service isn’t running, and a closed socket could mean that either the client or the server is prematurely terminating the connection. Another way to use ss is to gather information about a particular client that may be connected.
Common options for the ss command include the following.
- -l: Show currently listening sockets.
- dst {host}: Show whether the specified host is connected and what the connection statistics are.
- -i: Show only what ports are being listened on.
Syntax
The syntax of the ss command is:
# ss [options]
If you encounter the below error while running the ss command:
ss: command not found
you may try installing the below package as per your choice of distribution:
OS Distribution | Command |
---|---|
Debian | apt-get install iproute2 |
Ubuntu | apt-get install iproute2 |
Alpine | apk add iproute2 |
Arch Linux | pacman -S iproute2 |
Kali Linux | apt-get install iproute2 |
CentOS | yum install iproute |
Fedora | dnf install iproute |
Raspbian | apt-get install iproute2 |
ss Command Examples
1. Show all TCP/UDP/RAW/UNIX sockets:
# ss -a -t|-u|-w|-x
2. Filter TCP sockets by states, only/exclude:
# ss state/exclude bucket/big/connected/synchronized/...
3. Show all TCP sockets connected to the local HTTPS port (443):
# ss -t src :443
4. Show all TCP sockets listening on the local 8080 port:
# ss -lt src :8080
5. Show all TCP sockets along with processes connected to a remote ssh port:
# ss -pt dst :ssh
6. Show all UDP sockets connected on specific source and destination ports:
# ss -u 'sport == :source_port and dport == :destination_port'
7. Show all TCP IPv4 sockets locally connected on the subnet 192.168.0.0/16:
# ss -4t src 192.168/16