I use the following command to check on the number of connections from IP’s at port :80

netstat -ant | awk '$4 ~ /:80$/' | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c

Also, the following code is used to check the various state of tcp connections and the number of connections associated with each state:

netstat -ant | awk '{print $6}'| sort | uniq -c | sort -n

Some examples on egrep and awk

In case you want to know the service listening to any port#, say port 139

egrep '' /etc/services

You get the same output as above using awk as follows:

awk '$2 ~ /^139/tcp/ {print $1,$2}' /etc/services

Though egrep is easier one, I somehow love using awk for text manupulations..