Check Network Connections Using Netstat
The netstat
command in Mac Terminal is a powerful tool for monitoring network connections, routing tables, and interface statistics. It provides detailed information about all the active connections on your system, making it useful for troubleshooting network issues, monitoring traffic, or simply understanding how your Mac is connected to the network.
In this tutorial, we’ll show you how to use the netstat
command to check network connections on your Mac.
What Is Netstat?
The netstat
(network statistics) command displays information about the network connections on your Mac, including incoming and outgoing connections, ports being used, and network interface activity. It provides a snapshot of all the active and passive connections between your Mac and other devices on the network.
Basic Usage of Netstat
To see the basic network connections on your system, open your Terminal and enter the following command:
netstat
Running netstat
without any options will display a list of active connections, but the output can be extensive. To filter and get more specific information, you can use various options that netstat
provides, which we’ll cover below.
Checking All Active Connections
If you want to check all active TCP and UDP connections on your Mac, you can use the -a
option. This command will show all listening and active connections:
netstat -a
The output will show the local and foreign addresses (the other device in the connection), as well as the state of each connection. For example, you might see something like this:
Here’s a breakdown of the output:
- Proto: The protocol used for the connection (TCP or UDP).
- Recv-Q / Send-Q: The amount of data waiting to be read (received) or written (sent).
- Local Address: The IP address and port number on your Mac.
- Foreign Address: The IP address and port number of the remote device.
- State: The state of the connection (e.g.,
ESTABLISHED
for active connections).
Display Routing Table
The routing table contains information about how your Mac routes traffic to other devices and networks. To view the routing table, use the -r
option:
netstat -r
This will display a list of network routes, including the destination, gateway, and interface used. For example:
Here’s what the routing table shows:
- Destination: The destination network or host.
- Gateway: The next-hop router that forwards the packet.
- Flags: Indicates the status of the route, such as
U
for up orG
for gateway. - Netif: The network interface used for the route (e.g.,
en0
for Ethernet). - Expire: The time (in seconds) until the route expires.
Checking Open Ports
To see a list of all open ports on your system, you can use the -an
option. This will display active ports and their current state:
netstat -an
The -n
option tells netstat
to show numeric addresses instead of resolving domain names. This is useful when you want to see raw IP addresses and port numbers.
Displaying Interface Statistics
To view network interface statistics, such as the amount of data sent and received, use the -i
option:
netstat -i
This will show information about your network interfaces, including the number of packets sent and received, errors, and collisions. For example:
Here’s what the columns represent:
- Name: The name of the network interface (e.g.,
en0
for Ethernet). - Mtu: The maximum transmission unit, which defines the largest packet size that can be transmitted over the interface.
- Network: The network associated with the interface.
- Ipkts / Opkts: The number of input (received) and output (sent) packets.
- Ierrs / Oerrs: The number of input and output errors.
- Coll: The number of collisions (only applicable to some network types).