@mikebabcock @monospace as someone trying to learn `ss` command line syntax, couldn’t you just add `:8080` to the `ss` command line?

I thought one of `ss`’s claims to gain was I reheated filtering.

Maybe I’m wrong. I’m not at a terminal.

@drscriptt @monospace ss has a full query/filter language built-in but no as far as I know, you cannot just specify a port that easily. I always use grep.

That said ... this will do exactly what it looks like, and is a good example* of port specifications though:
# ss -o state established '( dport = :smtp or sport = :smtp )'

* Example stolen from https://www.cyberciti.biz/tips/linux-investigate-sockets-network-connections.html

#networking #linux

@mikebabcock @monospace okay, this motivated me to get up off my duff, walk to a terminal, unlock, and test things:

`ss -lnp src :8080 or dst :8080`

So it seems like `grep :8080` might be fewer keystrokes.

But you can do all sorts of logic with built in gamer in `ss`. Like when you want to look for specific sets of ports talking to each other -or- other sets of ports talking with each other. Nested conditionals that start to get quite tricky with things like grep.

@drscriptt @monospace its very handy when looking for specific connections, or frequently in my case, connections not coming from specific subnets:

```ss not src $LOCALNET/24 dport :587```

But those more 'interesting' commands I've just saved to mini ~/bin/ scripts so I don't have to type them and frequently forget the syntax.

#oldmanbrain #sysadmin #networking

@mikebabcock @monospace is “LOCALNET” a textual place holder? Or is it some sort of keyword that `ss` substitutes?

I’m inclined to guess place holder as I’d assume that `ss` would have an array of directly attached networks with proper netmask, thus alleviating the need for the `/24`.