Why 'ss -l' command when run along with '-f' option and FILTER does not show "only" LISTEN socket state connections ?
Issue
- When specifying
-loption ofsscommand, it is expected to show onlyLISTENsocket state connections but when-foption is added to the command, it shows other socket state connections as well likeESTABLISHEDand not onlyLISTEN. - Without
-fit shows correct output as below;
[root@vm11 ~]# ss -n -l '( sport = :22 )'
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 128 :::22 :::*
[root@vm11 ~]#
- Without FILTER as well it shows correct output;
[root@vm11 ~]# ss -nl -f inet
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:68 *:*
udp UNCONN 0 0 *:5353 *:*
udp UNCONN 0 0 127.0.0.1:323 *:*
udp UNCONN 0 0 *:43345 *:*
udp UNCONN 0 0 *:6075 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 128 27.0.0.1:631 *:*
tcp LISTEN 0 100 27.0.0.1:25 *:*
[root@vm11 ~]#
- With
-fandFILTERwe can see in output there isESTABLISHEDstate connections as well even though there is-l.
[root@vm11 ~]# ss -f inet -ln '( sport = :22 )'
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 *:22 *:*
tcp ESTAB 0 0 192.168.122.247:22 192.168.122.1:43613
[root@vm11 ~]#
Environment
- Red Hat Enterprise Linux 7
- iproute-3.10.0-54.el7.x86_64
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
