linux-connections
Queries TCP/IP network connection information on a Linux system. Parses protocol-specific files in the /proc/net/ directory and collects socket inode-to-process ID mappings from the /proc/ directory to return detailed information for each connection as structured fields.
Command properties
| Property | Value |
|---|---|
| Command type | Driver query |
| Required permission | Administrator |
| License usage | Counted |
| Parallel execution | Not supported |
| Distributed execution | Runs on Data Node (mapper) |
Syntax
Output fields
| Field | Type | Description |
|---|---|---|
pid | integer | Process ID. Returns null if no process corresponding to the socket inode is found. |
rx_queue | long | Receive queue length (bytes) |
tx_queue | long | Transmit queue length (bytes) |
protocol | string | Protocol. One of: tcp, tcp6, udp, udp6, raw, raw6, icmp, icmp6 |
local_ip | ipaddr | Local IP address |
local_port | integer | Local port number |
remote_ip | ipaddr | Remote IP address |
remote_port | integer | Remote port number |
state | string | Connection state. One of: UNKNOWN, ESTABLISHED, SYN_SENT, SYN_RECV, FIN_WAIT1, FIN_WAIT2, TIME_WAIT, CLOSED, CLOSE_WAIT, LAST_ACK, LISTEN, CLOSING |
Error codes
Parsing errors
| Error code | Message | Description |
|---|---|---|
95040 | no-read-permission | Executed without administrator privileges |
Runtime errors
N/A
Description
The linux-connections command collects TCP/IP network connection information from the following files:
/proc/net/tcp/proc/net/tcp6/proc/net/udp/proc/net/udp6/proc/net/raw/proc/net/raw6/proc/net/icmp/proc/net/icmp6(only if the file exists)
After parsing connection entries from each file, it queries file descriptor information for each process in the /proc/ directory to map socket inodes to process IDs. This allows the pid field to be assigned for each connection. If no process corresponding to the socket inode is found, the pid field is set to null.
This command requires administrator privileges. If privileges are insufficient, an error occurs at the parsing stage.
Examples
-
Query all network connection information
linux-connectionsQueries all TCP/IP network connection information on the current system.
-
Query TCP connections in LISTEN state
linux-connections | search state == "LISTEN" and protocol == "tcp"Filters only connections using the TCP protocol that are in LISTEN state.
-
Aggregate connection count by protocol
linux-connections | stats count by protocolAggregates the connection count by protocol.