Why 'ss -l' command when run along with '-f' option and FILTER does not show "only" LISTEN socket state connections ?

Solution In Progress - Updated -

Issue

  • When specifying -l option of ss command, it is expected to show only LISTEN socket state connections but when -f option is added to the command, it shows other socket state connections as well like ESTABLISHED and not only LISTEN.
  • Without -f it shows correct output as below;
[root@vm11 ~]# ss -n -l '( sport = :22 )'
Netid  State      Recv-Q Send-Q   Local Address:Port          Peer Address:Port              
tcp    LISTEN     0      128                  *:22                       *:*                  
tcp    LISTEN     0      128                 :::22                      :::*                  
[root@vm11 ~]# 
  • Without FILTER as well it shows correct output;
[root@vm11 ~]# ss -nl -f inet
Netid  State      Recv-Q Send-Q   Local Address:Port      Peer Address:Port              
udp    UNCONN     0      0                    *:68                   *:*                  
udp    UNCONN     0      0                    *:5353                 *:*                  
udp    UNCONN     0      0            127.0.0.1:323                  *:*                  
udp    UNCONN     0      0                    *:43345                *:*                  
udp    UNCONN     0      0                    *:6075                 *:*                  
tcp    LISTEN     0      128                  *:22                   *:*                  
tcp    LISTEN     0      128           27.0.0.1:631                  *:*                  
tcp    LISTEN     0      100           27.0.0.1:25                   *:*                  
[root@vm11 ~]#
  • With -f and FILTER we can see in output there is ESTABLISHED state connections as well even though there is -l.
[root@vm11 ~]# ss -f inet -ln  '( sport = :22 )'
Netid  State      Recv-Q Send-Q   Local Address:Port           Peer Address:Port              
tcp    LISTEN     0      128                  *:22                        *:*                  
tcp    ESTAB      0      0      192.168.122.247:22            192.168.122.1:43613              
[root@vm11 ~]# 

Environment

  • Red Hat Enterprise Linux 7
  • iproute-3.10.0-54.el7.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.