Como podemos descobrir qual processo está usando uma porta específica? [duplicado]

32

Dado um número de porta, como podemos descobrir qual processo está sendo usado?

    
por Hashken 09.12.2012 / 17:14

3 respostas

47

Temos várias opções:

  • netstat
  • fuser
  • lsof

netstat

sudo netstat -nlp

dará a você todas as conexões de rede abertas.

$ netstat -nlp
(No info could be read for "-p": geteuid()=901743 but you should be root.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:44886           0.0.0.0:*               LISTEN      -               
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:5666            0.0.0.0:*               LISTEN      -               
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:8139            0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      -               
tcp        0      0 127.0.0.1:81            0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:48562           0.0.0.0:*               LISTEN      -               
tcp6       0      0 :::22                   :::*                    LISTEN      -               
tcp6       0      0 :::46871                :::*                    LISTEN      -               
tcp6       0      0 ::1:6010                :::*                    LISTEN      -               
tcp6       0      0 :::57179                :::*                    LISTEN      -               
tcp6       0      0 :::5666                 :::*                    LISTEN      -               
tcp6       0      0 :::111                  :::*                    LISTEN      -               
tcp6       0      0 :::4949                 :::*                    LISTEN      -               
udp        0      0 127.0.0.1:896           0.0.0.0:*                           -               
udp        0      0 0.0.0.0:45467           0.0.0.0:*                           -               
udp        0      0 0.0.0.0:111             0.0.0.0:*                           -               
udp        0      0 10.105.2.3:123          0.0.0.0:*                           -               
udp        0      0 127.0.0.1:123           0.0.0.0:*                           -               
udp        0      0 0.0.0.0:123             0.0.0.0:*                           -               
udp        0      0 0.0.0.0:39554           0.0.0.0:*                           -               
udp        0      0 0.0.0.0:711             0.0.0.0:*                           -               
udp        0      0 0.0.0.0:10000           0.0.0.0:*                           -               
udp6       0      0 :::53766                :::*                                -               
udp6       0      0 :::49696                :::*                                -               
udp6       0      0 :::111                  :::*                                -               
udp6       0      0 fe80::5054:ff:fed0::123 :::*                                -               
udp6       0      0 ::1:123                 :::*                                -               
udp6       0      0 :::123                  :::*                                -               
udp6       0      0 :::711                  :::*                                -               
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     7943     -                   /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     8494     -                   /run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     729659   -                   /var/run/mysqld/mysqld.sock
unix  2      [ ACC ]     STREAM     LISTENING     11324    -                   /var/run/php5-fpm.sock
unix  2      [ ACC ]     STREAM     LISTENING     11082    -                   /var/run/nscd/socket
unix  2      [ ACC ]     STREAM     LISTENING     7607     -                   @/com/ubuntu/upstart
unix  2      [ ACC ]     STREAM     LISTENING     668784   -                   /var/run/nslcd/socket
unix  2      [ ACC ]     SEQPACKET  LISTENING     6768     -                   /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     8924     -                   /var/run/acpid.socket

lsof

lsof -i tcp:43796

lhe dará a lista de processos usando a porta tcp 43796.

$ lsof -i tcp:1723
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
pptpd   2870 root    6u  IPv4  17638      0t0  TCP *:1723 (LISTEN)

fuser

fuser 43796/tcp

lhe dará a lista de pids usando a porta tcp 43796.

$ fuser 1723/tcp
1723/tcp:             2870

Fonte

    
por Hashken 09.12.2012 / 17:25
11

Experimente lsof

sudo lsof -n -P -i +c 13

A saída será como

COMMAND       PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
avahi-daemon 1222    avahi   13u  IPv4  10835      0t0  UDP *:5353 
avahi-daemon 1222    avahi   14u  IPv6  10836      0t0  UDP *:5353 
avahi-daemon 1222    avahi   15u  IPv4  10837      0t0  UDP *:32913 
avahi-daemon 1222    avahi   16u  IPv6  10838      0t0  UDP *:41774 
cupsd        1242     root    8u  IPv6   1847      0t0  TCP [::1]:631 (LISTEN)
cupsd        1242     root    9u  IPv4   1848      0t0  TCP 127.0.0.1:631 (LISTEN)
dhclient     1859     root    6u  IPv4  11971      0t0  UDP *:68 
gdomap       1876   nobody    3u  IPv4  11083      0t0  UDP *:538 
gdomap       1876   nobody    4u  IPv4  11084      0t0  TCP *:538 (LISTEN)
master       1975     root   12u  IPv4  12024      0t0  TCP 127.0.0.1:25 (LISTEN)
master       1975     root   13u  IPv6  12025      0t0  TCP [::1]:25 (LISTEN)
dnsmasq      1987   nobody    4w  IPv4  12039      0t0  UDP 127.0.0.1:53 
dnsmasq      1987   nobody    5u  IPv4  12040      0t0  TCP 127.0.0.1:53 (LISTEN)
firefox      4370 shashank   50u  IPv4  18226      0t0  TCP 192.168.1.2:33467->69.171.248.16:443 (ESTABLISHED)

Ou tente o netstat

 sudo netstat --tcp --programs

a saída será como

Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp       29      0 192.168.1.2:44054       69.59.197.29:http       ESTABLISHED 4370/firefox    
tcp        0      0 192.168.1.2:44087       69.59.197.29:http       ESTABLISHED 4370/firefox    
tcp       58      0 192.168.1.2:43895       69.59.197.29:http       ESTABLISHED 4370/firefox    
tcp       58      0 192.168.1.2:43935       69.59.197.29:http       ESTABLISHED 4370/firefox  
    
por shsh 09.12.2012 / 18:06
4
lsof -t -itcp:PORT

por exemplo

$ lsof -t -itcp:8080
17396
    
por Eyal Levin 17.06.2015 / 16:56