powershell
Get-NetTCPConnection -State Listen |
Select-Object -Property LocalAddress, LocalPort,
@{Name="ProcessId";Expression={$_.OwningProcess}},
@{Name="ProcessName";Expression={(Get-Process -Id $_.OwningProcess).Name}} |
Format-Table -AutoSizebash
{ echo "端口 进程 PID" && ss -tlpn | awk '/^LISTEN/ {print $4, $6}' | awk -F' ' '{print $1, $2, $NF}' | cut -d':' -f2,3 | awk -F',' '{print $1, $2}'| sed -E 's/:|"//g; s/users|pid=|1]|\]//g;; s/\(\(//g' | sed '/^$/d' |awk 'NF'; } | column -t
# ipv6显示优化
{
echo "端口 进程 PID"
ss -tlpn | awk '/^LISTEN/ {
# 处理地址部分
split($4, addr, ":")
port = addr[length(addr)]
# 处理进程信息部分
split($6, proc, /[",\[\]]/)
name = proc[2]
pid = proc[4]
print port, name, pid
}' | column -t
}
{ echo "端口 进程 PID"; ss -tlpn | awk '/^LISTEN/ {
split($4, addr, ":")
port = addr[length(addr)]
split($6, proc, /[",\[\]]/)
name = proc[2]
pid = proc[4]
# 去掉"pid="前缀
pid = substr(pid, 5)
print port, name, pid
}'; } | column -t
{ echo "端口 监听IP 进程 PID"; ss -tlpn | awk '/^LISTEN/ && $4 !~ /::/ {
# 提取IP和端口
addr = $4
split(addr, parts, ":")
ip = parts[1]
port = parts[2]
# 处理进程信息
split($6, proc, /[",\[\]]/)
name = proc[2]
pid = proc[4]
gsub(/pid=/, "", pid)
print port, ip, name, pid
}'; } | column -t
{
echo "协议 本地地址 ← 远程地址 状态"
ss -ntu 2>/dev/null | awk '
function process_addr(addr) {
# 去掉方括号
gsub(/[\[\]]/, "", addr)
# 转换IPv6映射的IPv4地址
if (addr ~ /::ffff:[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/) {
gsub(/::ffff:/, "", addr)
return addr
}
# 纯IPv6地址返回空(用于跳过)
else if (addr ~ /^::/ || addr ~ /^[0-9a-fA-F:]+$/) {
return ""
}
# 普通IPv4地址直接返回
else {
return addr
}
}
/^tcp.*ESTAB/ {
local = process_addr($5)
remote = process_addr($6)
if (local == "" || remote == "") next
printf "%-4s %-25s ← %-25s %-10s\n", $1, local, remote, $2
}'
} | column -t