Étant donné un numéro de port, comment pouvons-nous trouver quel processus l’utilise?
Nous avons une variété d'options:
netstat
Sudo netstat -nlp
vous donnera toutes les connexions réseau ouvertes.
$ netstat -nlp
(No info could be read for "-p": geteuid()=901743 but you should be root.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:44886 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8139 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:81 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:48562 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::46871 :::* LISTEN -
tcp6 0 0 ::1:6010 :::* LISTEN -
tcp6 0 0 :::57179 :::* LISTEN -
tcp6 0 0 :::5666 :::* LISTEN -
tcp6 0 0 :::111 :::* LISTEN -
tcp6 0 0 :::4949 :::* LISTEN -
udp 0 0 127.0.0.1:896 0.0.0.0:* -
udp 0 0 0.0.0.0:45467 0.0.0.0:* -
udp 0 0 0.0.0.0:111 0.0.0.0:* -
udp 0 0 10.105.2.3:123 0.0.0.0:* -
udp 0 0 127.0.0.1:123 0.0.0.0:* -
udp 0 0 0.0.0.0:123 0.0.0.0:* -
udp 0 0 0.0.0.0:39554 0.0.0.0:* -
udp 0 0 0.0.0.0:711 0.0.0.0:* -
udp 0 0 0.0.0.0:10000 0.0.0.0:* -
udp6 0 0 :::53766 :::* -
udp6 0 0 :::49696 :::* -
udp6 0 0 :::111 :::* -
udp6 0 0 fe80::5054:ff:fed0::123 :::* -
udp6 0 0 ::1:123 :::* -
udp6 0 0 :::123 :::* -
udp6 0 0 :::711 :::* -
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 7943 - /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 8494 - /run/rpcbind.sock
unix 2 [ ACC ] STREAM LISTENING 729659 - /var/run/mysqld/mysqld.sock
unix 2 [ ACC ] STREAM LISTENING 11324 - /var/run/php5-fpm.sock
unix 2 [ ACC ] STREAM LISTENING 11082 - /var/run/nscd/socket
unix 2 [ ACC ] STREAM LISTENING 7607 - @/com/ubuntu/upstart
unix 2 [ ACC ] STREAM LISTENING 668784 - /var/run/nslcd/socket
unix 2 [ ACC ] SEQPACKET LISTENING 6768 - /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 8924 - /var/run/acpid.socket
lsof
lsof -i tcp:43796
vous donnera la liste des processus utilisant le port tcp 43796.
$ lsof -i tcp:1723
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
pptpd 2870 root 6u IPv4 17638 0t0 TCP *:1723 (LISTEN)
fuser
fuser 43796/tcp
vous donnera la liste des pids utilisant le port tcp 43796.
$ fuser 1723/tcp
1723/tcp: 2870
Sudo lsof -n -P -i +c 13
La sortie sera comme
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
avahi-daemon 1222 avahi 13u IPv4 10835 0t0 UDP *:5353
avahi-daemon 1222 avahi 14u IPv6 10836 0t0 UDP *:5353
avahi-daemon 1222 avahi 15u IPv4 10837 0t0 UDP *:32913
avahi-daemon 1222 avahi 16u IPv6 10838 0t0 UDP *:41774
cupsd 1242 root 8u IPv6 1847 0t0 TCP [::1]:631 (LISTEN)
cupsd 1242 root 9u IPv4 1848 0t0 TCP 127.0.0.1:631 (LISTEN)
dhclient 1859 root 6u IPv4 11971 0t0 UDP *:68
gdomap 1876 nobody 3u IPv4 11083 0t0 UDP *:538
gdomap 1876 nobody 4u IPv4 11084 0t0 TCP *:538 (LISTEN)
master 1975 root 12u IPv4 12024 0t0 TCP 127.0.0.1:25 (LISTEN)
master 1975 root 13u IPv6 12025 0t0 TCP [::1]:25 (LISTEN)
dnsmasq 1987 nobody 4w IPv4 12039 0t0 UDP 127.0.0.1:53
dnsmasq 1987 nobody 5u IPv4 12040 0t0 TCP 127.0.0.1:53 (LISTEN)
firefox 4370 shashank 50u IPv4 18226 0t0 TCP 192.168.1.2:33467->69.171.248.16:443 (ESTABLISHED)
Ou essayez netstat
Sudo netstat --tcp --programs
la sortie sera comme
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 29 0 192.168.1.2:44054 69.59.197.29:http ESTABLISHED 4370/firefox
tcp 0 0 192.168.1.2:44087 69.59.197.29:http ESTABLISHED 4370/firefox
tcp 58 0 192.168.1.2:43895 69.59.197.29:http ESTABLISHED 4370/firefox
tcp 58 0 192.168.1.2:43935 69.59.197.29:http ESTABLISHED 4370/firefox
lsof -t -itcp:PORT
par exemple
$ lsof -t -itcp:8080
17396