Command: NETSTAT (Show Network Statistics). Can be used in online, offline and secure.
Function: The HSM records details about network activity on both its Management and Host Ethernet ports for diagnostic and security purposes. As a diagnostic aid, it can provide useful information when configuring the unit. If reviewed periodically, it can also provide evidence of unexpected network activity, which may require further investigation.
The HSM collects information about each ‘endpoint’ that communicates with it. The information recorded will depend on the particular protocol that was used to send the packet.
For TCP packets, the HSM displays:
· Local TCP port
· Remote IP address and TCP port
· TCP state (ESTABLISHED or CLOSED)
· Timestamp (time when connection was initiated)
For UDP packets, the HSM displays:
· Local UDP port
· Remote IP address and UDP port
· Timestamp (time of most recent UDP packet received from this address)
[Note: The Host command “NI” provides the same information via the Host connection.]
Alternatively, the Ethernet statistics of the selected (Host or Management) port may be displayed, including:
· Number of bytes sent & received.
· Number of non-broadcast packets sent & received.
· Number of broadcast packets sent & received.
· Number of errors detected during send & receive operations.
· Number of unknown protocols detected during send & receive operations.
· Inputs: New sequence number value
Inputs: netstat [-m] [-e | -c]
-m Use Management Ethernet port instead of Host port.
-e Display Ethernet statistics.
-c Clear ‘old’ connection details
Outputs: Text messages as shown in examples.
Errors: Invalid parameter
Example 1 (monitor the Host IP network):
Online> netstat <Return>
Connections to Host port 193.240.101.65:
Protocol Local Port Remote Address TCP State Time(D:H:M:S)
TCP 1032 193.240.101.1:3434 ESTABLISHED 2:04:12:55
TCP 1034 193.240.101.1:3437 CLOSED 2:03:41:45
TCP 1035 193.240.101.241:2338 ESTABLISHED 0:00:32:41
TCP 1036 193.240.101.1:3439 CLOSED 2:04:01:27
UDP 2043 193.240.101.1:4045 1:43:10:19
Online>
Example 2 (monitor the Management network):
Online> netstat -m <Return>
Connections to Management port 193.240.101.11:
Protocol Local Port Remote Address TCP State Time(D:H:M:S)
TCP 1032 193.240.101.1:3434 ESTABLISHED 2:04:12:55
UDP 2043 193.240.100.163:4054 1:52:07:11
Online>
Example 3 (display the Host port’s Ethernet statistics):
Online> netstat -e <Return>
Received Sent
Bytes 23008635 76957853
Unicast packets 68493 77321
Non-unicast packets 8620 83
Discards 0 0
Errors 0 0
Unknown protocols 486
Online>
Example 4 (clear old connection details from the Host port):
Online> netstat -c <Return>
Connections to Host port 193.240.101.65:
Protocol Local Port Remote Address TCP State Time(D:H:M:S)
TCP 1032 193.240.101.1:3434 ESTABLISHED 2:04:12:55
TCP 1034 193.240.101.1:3437 CLOSED 2:03:41:45
TCP 1035 193.240.101.241:2338 ESTABLISHED 0:00:32:41
TCP 1036 193.240.101.1:3439 CLOSED 2:04:01:27
UDP 2043 193.240.101.1:4045 1:43:10:19
Press ‘C’ to confirm deletion of old connection details: <Return>
Online>
Example 5 (clear old connection details from the Host port and confirm):
Online> netstat-c <Return>
Connections to Host port 193.240.101.65:
Protocol Local Port Remote Address TCP State Time(D:H:M:S)
TCP 1032 193.240.101.1:3434 ESTABLISHED 2:04:12:55
TCP 1034 193.240.101.1:3437 CLOSED 2:03:41:45
TCP 1035 193.240.101.241:2338 ESTABLISHED 0:00:32:41
TCP 1036 193.240.101.1:3439 CLOSED 2:04:01:27
UDP 2043 193.240.101.1:4045 1:43:10:19
Press ‘C’ to confirm deletion of old connection details: c <Return>
Connections to Host port 193.240.101.65:
Protocol Local Port Remote Address TCP State Time(D:H:M:S)
TCP 1032 193.240.101.1:3434 ESTABLISHED 2:04:12:55
TCP 1035 193.240.101.241:2338 ESTABLISHED 0:00:32:41
TCP 1036 193.240.101.1:3439 CLOSED 2:04:01:27
Online>