Thursday, February 3, 2011

How to find the number of open ports in linux?

How to find the number of open ports in linux? I want to see if I am running out of ports. Also, how do I see the limit of my OS?

From serverfault erotsppa

  • netstat will allow you to see what ports are open, do "netstat -" to see what fits your needs best.

    Paul Tomblin : `netstat --inet` will help the most.
    jer.salamon : I meant -? missing character.
    MarkM : or read the manpage
    Tobu : Also include --inet6 (short for both: -4 -6), to get IPv6 sockets and ip-agnostic sockets (the latter being the default on dual stack hosts, see rfc 3493 section 3.7).
    From jer.salamon

  • As others have mentioned, netstat is the tool to use to determine what ports are in use currently. As to the limits, the number of ports available are a 16bit unsigned integer which gives you the range 0-65535. The ports that are available for applications to bind to are the reserved privileged/root ports (0-1024) plus whatever is not covered by your ephemeral port range.

    You can view your ephemeral ports by running cat /proc/sys/net/ipv4/ip_local_port_range.

    To modify that persistently, you would have to add/modify "net.ipv4.ip_local_port_range" in the /etc/sysctl.conf file, or interactively with sysctl -n net.ipv4.ip_local_port_range="<start_port> <end_port>"

    Joel K : nit picking, but it's not exactly a ipv4 limit. It's a tcp/udp limit. and those run independently of ipv4. (ex. ipv6 doesn't do anything for transport layer)
    Alex : Aaah, you are right. I have removed the IPV4 reference in my answer.
    From Alex

  • Personally I prefer nmap. You can find the state of all ports by issuing nmap -P 1-65535 target. Most distributions should have this package available via their package manager.

    From ThaKidd

  • 'nmap localhost' will give you all your open ports and services running on them.

    From Vivek Varghese Cherian 
  • netstat -a46 | grep ESTABLISHED | wc -l

    compared to 

    cat /proc/sys/net/ipv4/ip_local_port_range
    erotsppa : the -a46 didn't work. Any help?
    Grizly : what distro you running? (that works on ubuntu server 10.04 LTS). Of course, if you don't have ipv6 installed, then just use netstat -a.
    Grizly : Tested on my CentOS box, seems it hangs if you don't use "-n" to stop name resolution. (netstat -an | grep ESTABLISHED | wc -l)
    From Grizly

  • netstat -tulnp

    The arguments to the netstat program are listed below:

    *

  t - Show TCP
*

  u - Show UDP
*

  l - Show only listening processes (netstat can show both listening and all established connections, i.e. as a client too)
*

  n - Do not resolve network IP address names or port numbers
*

  p - Show the process name that is listening on the port
    From Rajat
Posted by Ku XI at 8:43 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)