New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ss (a substitute for netstat) does not work #2249

Open
tats-u opened this Issue Jun 23, 2017 · 11 comments

Comments

Projects
None yet
9 participants
@tats-u
Copy link

tats-u commented Jun 23, 2017

This bug-tracker is monitored by developers and other technical types. We like detail! So please use this form and tell us, concisely but precisely, what's up. Please fill out ALL THE FIELDS!

If you have a feature request, please post to the UserVoice. If you're reporting a BSOD, don't post here! Instead, e-mail "secure@microsoft.com", and if possible attach the minidump from "C:\Windows\minidump".

  • Your Windows build number: (Type ver at a Windows Command Prompt)
    10.0.15063

  • What you're doing and what's happening: (Copy&paste specific commands and their output, or include screen shots)

$ ss
Netid State      Recv-Q Send-Q                                             Local Address:Port                                                              Peer Address:Port
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported
Cannot open netlink socket: Protocol not supported

The administrator-privileged BoW also outputs same as above.

  • What's wrong / what should be happening instead:
    Linux example:
~$ netstat | head
稼働中のインターネット接続 (w/oサーバ)
Proto 受信-Q 送信-Q 内部アドレス            外部アドレス            状態      
稼働中のUNIXドメインソケット (w/oサーバ)
Proto RefCnt Flags       Type       State         I-Node   パス
unix  2      [ ]         DGRAM                    18640    /var/spool/postfix/dev/log
unix  3      [ ]         DGRAM                    1697     /run/systemd/notify
unix  2      [ ]         DGRAM                    1699     /run/systemd/cgroups-agent
unix  20     [ ]         DGRAM                    1709     /run/systemd/journal/dev-log
unix  2      [ ]         DGRAM                    1721     /run/systemd/journal/syslog
unix  7      [ ]         DGRAM                    1725     /run/systemd/journal/socket
  • Strace of the failing command, if applicable: (If <cmd> is failing, then run strace -o strace.txt -ff <cmd>, and post the strace.txt output here)
execve("/bin/ss", ["ss"], [/* 17 vars */]) = 0
brk(NULL)                               = 0xa24000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5da3a20000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=54339, ...}) = 0
mmap(NULL, 54339, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f5da3a12000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260Z\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=130224, ...}) = 0
mmap(NULL, 2234080, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5da33d0000
mprotect(0x7f5da33ef000, 2093056, PROT_NONE) = 0
mmap(0x7f5da35ee000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e000) = 0x7f5da35ee000
mmap(0x7f5da35f0000, 5856, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f5da35f0000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\t\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1864888, ...}) = 0
mmap(NULL, 3967392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5da3000000
mprotect(0x7f5da31bf000, 2097152, PROT_NONE) = 0
mmap(0x7f5da33bf000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bf000) = 0x7f5da33bf000
mmap(0x7f5da33c5000, 14752, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f5da33c5000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libpcre.so.3", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\25\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=456632, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5da3a10000
mmap(NULL, 2552072, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5da2d90000
mprotect(0x7f5da2dfe000, 2097152, PROT_NONE) = 0
mmap(0x7f5da2ffe000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6e000) = 0x7f5da2ffe000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\r\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=14608, ...}) = 0
mmap(NULL, 2109680, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5da2b80000
mprotect(0x7f5da2b83000, 2093056, PROT_NONE) = 0
mmap(0x7f5da2d82000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f5da2d82000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260`\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=138696, ...}) = 0
mmap(NULL, 2212904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5da2960000
mprotect(0x7f5da2978000, 2093056, PROT_NONE) = 0
mmap(0x7f5da2b77000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7f5da2b77000
mmap(0x7f5da2b79000, 13352, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f5da2b79000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5da3a00000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5da39f0000
arch_prctl(ARCH_SET_FS, 0x7f5da39f0800) = 0
mprotect(0x7f5da33bf000, 16384, PROT_READ) = 0
mprotect(0x7f5da2b77000, 4096, PROT_READ) = 0
mprotect(0x7f5da2d82000, 4096, PROT_READ) = 0
mprotect(0x7f5da2ffe000, 4096, PROT_READ) = 0
mprotect(0x7f5da35ee000, 4096, PROT_READ) = 0
mprotect(0x617000, 4096, PROT_READ)     = 0
mprotect(0x7f5da3825000, 4096, PROT_READ) = 0
munmap(0x7f5da3a12000, 54339)           = 0
set_tid_address(0x7f5da39f0ad0)         = 78
set_robust_list(0x7f5da39f0ae0, 24)     = 0
rt_sigaction(SIGRTMIN, {0x7f5da2965b50, [], SA_RESTORER|SA_SIGINFO, 0x7f5da2971390}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x7f5da2965be0, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x7f5da2971390}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=8192*1024}) = 0
statfs("/sys/fs/selinux", 0x7fffcd8125e0) = -1 ENOENT (No such file or directory)
statfs("/selinux", 0x7fffcd8125e0)      = -1 ENOENT (No such file or directory)
brk(NULL)                               = 0xa24000
brk(0xa45000)                           = 0xa45000
open("/proc/filesystems", O_RDONLY)     = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "nodev      sysfs\nnodev      root"..., 4096) = 367
read(3, "", 4096)                       = 0
close(3)                                = 0
ioctl(1, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, TIOCGWINSZ, {ws_row=25, ws_col=80, ws_xpixel=0, ws_ypixel=0}) = 0
fstat(1, {st_mode=S_IFCHR|0660, st_rdev=makedev(4, 1), ...}) = 0
ioctl(1, TCGETS, {B38400 opost isig icanon echo ...}) = 0
write(1, "Netid  State      Recv-Q Send-Q "..., 101) = 101
socket(PF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_SOCK_DIAG) = -1 EPROTONOSUPPORT (Protocol not supported)
dup(2)                                  = 3
fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)
fstat(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(4, 1), ...}) = 0
ioctl(3, TCGETS, {B38400 opost isig icanon echo ...}) = 0
write(3, "Cannot open netlink socket: Prot"..., 51) = 51
close(3)                                = 0
open("/proc/net/unix", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("/proc/net/raw", O_RDONLY)         = -1 ENOENT (No such file or directory)
socket(PF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_SOCK_DIAG) = -1 EPROTONOSUPPORT (Protocol not supported)
dup(2)                                  = 3
fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)
fstat(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(4, 1), ...}) = 0
ioctl(3, TCGETS, {B38400 opost isig icanon echo ...}) = 0
write(3, "Cannot open netlink socket: Prot"..., 51) = 51
close(3)                                = 0
open("/proc/net/udp", O_RDONLY)         = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "", 4096)                       = 0
close(3)                                = 0
open("/proc/net/udp6", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "", 4096)                       = 0
close(3)                                = 0
socket(PF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_SOCK_DIAG) = -1 EPROTONOSUPPORT (Protocol not supported)
dup(2)                                  = 3
fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)
fstat(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(4, 1), ...}) = 0
ioctl(3, TCGETS, {B38400 opost isig icanon echo ...}) = 0
write(3, "Cannot open netlink socket: Prot"..., 51) = 51
close(3)                                = 0
open("/proc/slabinfo", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("/proc/net/tcp", O_RDONLY)         = 3
read(3, "", 65536)                      = 0
close(3)                                = 0
open("/proc/net/tcp6", O_RDONLY)        = 3
read(3, "", 65536)                      = 0
close(3)                                = 0
socket(PF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_SOCK_DIAG) = -1 EPROTONOSUPPORT (Protocol not supported)
dup(2)                                  = 3
fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)
fstat(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(4, 1), ...}) = 0
ioctl(3, TCGETS, {B38400 opost isig icanon echo ...}) = 0
write(3, "Cannot open netlink socket: Prot"..., 51) = 51
close(3)                                = 0
open("/proc/slabinfo", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("/proc/net/tcp", O_RDONLY)         = 3
read(3, "", 65536)                      = 0
close(3)                                = 0
open("/proc/net/tcp6", O_RDONLY)        = 3
read(3, "", 65536)                      = 0
close(3)                                = 0
exit_group(0)                           = ?
+++ exited with 0 +++

See our contributing instructions for assistance.

@sunjoong

This comment has been minimized.

Copy link

sunjoong commented Jun 23, 2017

@tats-u - WSL looks like not to support netstat; It was included in not working list but is not included in recent working list of @sunilmut's, so ss could not be supported yet, I think.

Quote from #69 (comment) on Nov 19 2016;

Just an update that the following networking commands should be working in the latest insider build (14971):

  • ping
  • ifconfig
  • ip link
  • ip addr show
  • ifconfig
  • whois
  • nslookup (works but spews some errors about IP_RECVTOS)

Coming soon:

  • ip route
  • ip addr add

Not working:

  • nmap (#1349)
  • tracepath (#717)
  • traceroute
  • netstat
  • ip addr add\delete

Quote from #69 (comment) 10 days ago;

As of Creators Update, the following tools should work:

  • ping
  • dig
  • ifconfig
  • ip link
  • ip addr show
  • ifconfig
  • whois
  • nslookup
  • ip route
  • ip addr add/delete

Not working:

Maybe... @sunilmut forgot to include "netstat (#2084)" item or something to not working list, I guess :) But... as mentioned on #2084, nc (i,e., nc.openbsd) command works.

@tats-u

This comment has been minimized.

Copy link
Author

tats-u commented Jun 24, 2017

@sunjoong Oh my goodness, I thought it works because of the following output:

$ LANG=C netstat -ltun
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:46574           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp6       0      0 :::40720                :::*                    LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
udp        0      0 0.0.0.0:35537           0.0.0.0:*
udp        0      0 0.0.0.0:68              0.0.0.0:*
udp        0      0 0.0.0.0:5353            0.0.0.0:*
udp6       0      0 :::34788                :::*
udp6       0      0 :::5353                 :::*
@sunjoong

This comment has been minimized.

Copy link

sunjoong commented Jun 24, 2017

@tats-u - I'm not sure weither netstat is working or not working; I have just searched it :) and netstat of mine does not work :(. On https://wpdev.uservoice.com/forums/266908-command-prompt-console-bash-on-ubuntu-on-windo/suggestions/17532637-netstat-appears-to-report-nothing , someone had said netstat had worked on 14986.rs_prerelease.161202-1928, but... other said it did not work on 15063 on #2084.

Netstat is not included to working list nor not working list on the recent @sunilmut's list, you know. More confused.... #2084 was labeled as duplicate to #69 and closed becasue it was duplicated, but #69 was also closed becasue it contained too many issues, so both #2084 and #69 were closed for duplication like deadlock.

BTW, opener of #2084 had mentioned /proc/net/tcp but... it might be "socket(PF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_SOCK_DIAG) = -1 EPROTONOSUPPORT (Protocol not supported)" to point out on this issue, I think.

@therealkenc

This comment has been minimized.

Copy link
Collaborator

therealkenc commented Jun 24, 2017

Since #2084 is closed, this tracker is as good a place as any for NETLINK_SOCK_DIAG, which is not currently supported.

In the strace above there is also:

open("/proc/net/tcp", O_RDONLY)         = 3
read(3, "", 65536)                      = 0   <--- that's no bytes

Which is to say, if you cat /proc/net/tcp you'll get nothing. So I have no idea how you are getting output from netstat -ltun. [I was going to point the finger at interop for a moment, but that wouldn't make sense unless you have MSYS2 or Cygwin in your path or something.]

There is a User Voice here with a big 5 votes as of this writing, for what it is worth.

@sunilmut

This comment has been minimized.

Copy link
Member

sunilmut commented Jul 13, 2017

Thanks for the report. I can confirm that netstat does not work. And, yes @sunjoong, I forgot to include netstat in my working list. There are few blockers on the way for netstat and @therealkenc has listed some of them. We are working towards getting these tools to work.

@alabama

This comment has been minimized.

Copy link

alabama commented Apr 26, 2018

What's the status of this issue?
ss (netstat) still not working with the build 16299.*
It's a bit annoying not seeing which applications listen on which ports...

@gao4263

This comment has been minimized.

Copy link

gao4263 commented Aug 13, 2018

why not solve this issue?

@sousagaspar

This comment has been minimized.

Copy link

sousagaspar commented Oct 18, 2018

note solved with ubuntu bionic win build 17134.112

@bogdan-calapod

This comment has been minimized.

Copy link

bogdan-calapod commented Nov 1, 2018

@sousagaspar Could you provide a bit more detail ? What exactly is Ubuntu Bionic ?

@therealkenc

This comment has been minimized.

Copy link
Collaborator

therealkenc commented Nov 1, 2018

I think he meant 'not' instead of 'note', which is a most unfortunate type-o. 'Not' because (among other things) cat /proc/net/tcp is still stubbed (read: empty) as of 18267, which is unrelated to Ubuntu, Bionic or otherwise. If netstat/ss worked you'd know because this issue would be closed, plus all the noise from the rejoicing.

Stay patient. There are reasons to be cautiously optimistic there could (might, maybe, possibly) be some progress afoot in this area. Or, you know, maybe not. But if there is, you'll know.

@dzhwinter

This comment has been minimized.

Copy link

dzhwinter commented Feb 11, 2019

still not working. Any ideas?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment