In Netstat output, sometimes an ESTABLISHED or LISTEN entry is missing

Solution Verified - Updated -

Issue

  • We have a small script calling netstat command to identify socket ESTABLISHED connection
  • From time to time that script would report a 'false positive' that an ESTABLISHED connection is missing
  • After some debugging and extra logging we have identified that this is not the case and to prove it replaced the script with ss command.
  • This proved that the issue was only in the output of netstat.
  • Can you please clarify what could be the reason for the files in /proc/net/tcp not being written or accessible by the netstat command at the time of its execution?
  • We found that when executing 'netstat -na', very rarely a LISTEN-state socket is missing from the output. The port is contained in the pure output of cat /proc/net/tcp.

Environment

  • Red Hat Enterprise Linux
  • netstat command used to read socket state

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content