If you're looking for the Mac equivalent to the linux command netstat -Walntpc you have come to the right place. You are not alone, I get about 6,000 unique visitors per year here!
Realtime list of all open connections and listening sockets:
watch netstat -Walnt (No DNS much faster)
watch netstat -Walt (with DNS lookups)
The beauty of this command is that it gets you past that over long list of (non-internet surely?) unix sockets and kexts, why Apple put this into netstat I have no idea, perhaps the blame is with Darwin BSD kernel. But it should be more like Linux netstat in my opinion! That's because I can even see the process names and get continuous updates my adding pc with
Pipe netstat Into Grep To Remove Junk From The End
Listening socket / server processes ports macOS quickly:
netstat -Waltn | grep tcp
Every internet port fast with no DNS lookups:
netstat -Waltn | grep -E "(tcp|udp)(4|6)"
Like above but with DNS lookups but takes literally forever up to minutes:
netstat -Walt | grep -E "(tcp|udp)(4|6)"
Show only servers - that is ports that are listening waiting for an inbound connection:
netstat -Waltn | grep LISTEN
The Little Snitch Command - Who's phoning home?
How to use LSOF to discover which app or process is listening to which ports:
lsof -Pnl +M -i -cmd | grep -E "LISTEN|TCP|UDP"
I prefer to use -n to speed up the listing of netstat results by turning off DNS lookups ip to name resolution. The l is used to also show ipv6. To show all internet connections, whether ipv4 or ipv6, tcp or udp, listening, connected or closing - the lot:
netstat -Waltn | grep p
Show only TCP connections:
netstat -anp tcp
To see which apps have listening sockets open:
sudo lsof -n -P | grep LISTEN
Some other good linux ones here: http://www.commandlinefu.com/commands/matching/netstat/bmV0c3RhdA==/sort-by-votes
Show Process ID in Netstat Mac
Actually, you can't but you can use LSOF which lists open files and sockets:
lsof -Pnl +M -i
Use -i4 for ip4 and -i6 for ip6. -i seems to work for all internet traffic. Handy for tracking down what program is running a server on your machine.
This one is good for checking ssh tunnels:
sudo netstat -tulpnPosted by tomachi on January 12th, 2016 filed in Mac, Unix