I'm looking at the output of my netstatcommand, and see this:

我正在查看我的netstat命令的输出，并看到：

tcp4       0      0  10.0.1.10.56941        64.34.119.101.80       ESTABLISHED
tcp4       0      0  10.0.1.10.56936        64.34.119.101.80       ESTABLISHED
tcp4       0      0  10.0.1.10.56932        64.34.119.101.80       ESTABLISHED
tcp4       0      0  10.0.1.10.56929        64.34.119.101.80       ESTABLISHED
tcp4       0      0  10.0.1.10.56922        64.34.119.101.80       ESTABLISHED
tcp4       0      0  10.0.1.10.56914        64.34.119.101.80       ESTABLISHED
tcp4       0      0  *.*                    *.*                    CLOSED     
tcp46      0      0  *.80                   *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49153        *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49152        *.*                    LISTEN     
tcp4       0      0  *.631                  *.*                    LISTEN     
tcp6       0      0  *.631                  *.*                    LISTEN     

I take it that the port is the last number in the five part dotted output. That means that

我认为端口是五部分虚线输出中的最后一个数字。这意味着

grep "\.80 " 

will pick up only port 80. The \.says to pick up the period. (Normally the period means any characterin regular expressions). And, by putting a space after the 80, you'll guarantee that you're not going to pick up port 8080. In fact, you're guaranteed that you're not going to pick up IP addresses that have .80in them.

将只拿起端口 80。\.说要拿起期间。（通常，句点表示正则表达式中的任何字符）。并且，通过在 之后放置一个空格80，您将保证您不会选择端口 8080。事实上，您可以保证您不会选择其中包含的 IP 地址.80。

In fact, I'd recommend to use awkinstead of grep. With awk, you can specify fields and do a bit more processing:

事实上，我建议使用awk而不是grep. 使用awk，您可以指定字段并进行更多处理：

$ netstat -ant | awk ' == "LISTEN" &&  ~ /\.80$/' | wc -l

With awkeach column automatically becomes a separate field. Field #6 ($6 in awk) is the one that says ESTABLISHED, CLOSED, LISTENin it. Field $4is the first column IP address one.

与awk每一列自动成为一个单独的字段。字段 #6（awk 中的 $6）是其中显示ESTABLISHED, CLOSED, 的字段LISTEN。字段$4是第一列 IP 地址之一。

In the above, I'm looking for lines that have the word LISTENin the sixth field, and where field #4 matches the regular expression \.80$. The $is an anchor to the end of the string, and the \.is picking up a decimal point and not representing any character. The awkcommand automatically prints out each line that matches, so I don't have to specify that.

在上面，我正在寻找在第六个字段中包含单词LISTEN并且字段 #4 与正则表达式匹配的行\.80$。The$是字符串末尾的锚点，the\.取小数点，不代表任何字符。该awk命令会自动打印出匹配的每一行，所以我不必指定。

Awk is really a programming language. It assumes a read loop for each line in the file. You can have a BEGINclause that gets executed before the file is read and an ENDclause that executes after the file has been read. The various fields are numbered and represented with a dollar sign. The special $0variable represents the whole line. Special variables like like NF gives you the number of fields in a line and NR gives you the number of lines read in. You also have a whole slew of functions to help parse text, etc. Here's a full blown version of the awkscript that basically lays out everything for you, and does its own line counting, so you don't have to pipe to wc -l.:

awk 确实是一种编程语言。它假设文件中的每一行都有一个读取循环。您可以有一个BEGIN在读取文件之前END执行的子句和一个在读取文件后执行的子句。各个字段都编号并用美元符号表示。特殊$0变量代表整条线。像 NF 这样的特殊变量为您提供一行中的字段数，而 NR 为您提供读入的行数。您还有一大堆函数来帮助解析文本等。这是awk脚本的完整版本，基本上为您布置所有内容，并进行自己的行计数，因此您不必通过管道传输到wc -l.：

$ netstat -ant | awk '
      BEGIN {total = 0}
      END {print "There are " total " lines I found"}
      {
          if ( == "LISTEN" &&  ~ /\.80$/) {
              total = total + 1
          }
      }'

Appendage

附属物

OP gets the following output:

OP 得到以下输出：

tcp       0      0  0.0.0.0:8080        0.0.0.0:*       LISTEN

In this case, try either:

在这种情况下，请尝试：

$ netstat -ant | awk ' == "LISTEN" &&  ~ /:80$/' | wc -l

Where the \.is replaced by a :or...

其中\.被替换为一个:或...

$ netstat -ant | awk ' == "LISTEN" &&  ~ /[\.:]80$/' | wc -l

Which uses [\.:]which will get it whether it's a colon or a period. Heck, might as well go all the way...

它使用[\.:]它会得到它是否是一个冒号或句点。哎呀，还不如一路走下去……

$ netstat -ant | awk ' == "LISTEN" &&  ~ /[^0-9]80$/' | wc -l

The [^0-9]means not a numeric character. You can't go wrong with that. This way, whether it's a period, a colon, a semi-colon, a comma, or whatever separator your version of netstatuses, it will work.

该[^0-9]方法，而不是一个数字字符。你不会错的。这样，无论是句号、冒号、分号、逗号还是您的版本netstat使用的任何分隔符，它都可以使用。

Use grep ":80 "instead of grep 80

使用grep ":80 "代替grep 80

You can take advantage of the fact that ports are preceded by a colon (like :80). The fasting thing then would be something like:

您可以利用端口前面有冒号（如:80）这一事实。禁食的事情将是这样的：

netstat -ant | grep ':80\b.*LISTEN'

That way you're not invoking greptwice. Also, grep has the ability to count matches with -c, so you can use that instead of wc:

这样你就不会调用grep两次。此外，grep 能够计算与 的匹配项-c，因此您可以使用它来代替wc：

netstat -ant | grep -c ':80\b.*LISTEN'

Instead of grepping the output of netstat-- asking for more information than you need and then discarding the bulk of it -- simply ask fuserwhich process has the port you care about open:

而不是 grep 输出netstat- 要求比您需要的更多信息然后丢弃大部分信息 - 只需询问fuser哪个进程打开了您关心的端口：

$ fuser -n tcp 4005
4005/tcp:            19339

If you only care to know if any process has the port in question open, you can do this even more quickly and efficiently, without needing to process output at all, by using the -qargument to fuser and operating on its exit status:

如果您只想知道是否有任何进程打开了有问题的端口，则可以通过使用-qfuser的参数并对其退出状态进行操作，从而更快、更有效地执行此操作，而根本不需要处理输出：

if fuser -q -n tcp 4005 ; then
    echo "port is in use"
else
    echo "port not in use"
fi

If you want to know how many connections there are to a remoteport, fuser can do that too:

如果您想知道远程端口有多少个连接，fuser 也可以这样做：

fuser -n tcp ,,80

...or connections to a remote port on a specific host:

...或连接到特定主机上的远程端口：

fuser -n tcp ,1.2.3.4,80

In short -- using the right tool for the job to query for the parameters you want directly prevents you from needing to do text-based filtering in the first place.

简而言之——使用适合作业的工具直接查询您想要的参数可以防止您首先需要进行基于文本的过滤。

If you want it to be more robust, you can do

如果你想让它更健壮，你可以这样做

netstat -ant |egrep  "^tcp +[[:digit:]]+ +[[:digit:]]+ +[[:digit:]\.]+\:80 +.*LISTEN *$"

The command you search for is: netstat -ntpl | grep ':PORT '

您搜索的命令是： netstat -ntpl | grep ':PORT '

Example:

例子：

$ netstat -ntpl | grep ':80 '
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      12960/nginx -g daem
tcp6       0      0 :::80                   :::*                    LISTEN      12960/nginx -g daem