Operation and maintenance | How to check port or program occupancy | linux
Preface
This issue mainly introduces how to check the usage of a certain port or program in LINUX. I hope it will be helpful to everyone.
Quick to use
netstat command (recommended)
The netstat command can display network connections, routing tables, network interface information, etc. You can use the netstat command to check which process a certain port is occupied by.
- Tool installation (on demand)
yum -y install net-tools
- Parameter Description
-a (all)显示所有选项,默认不显示 LISTEN 相关
-t (tcp)仅显示tcp相关选项
-u (udp)仅显示udp相关选项
-n 拒绝显示别名,能显示数字的全部转化成数字。(重要)
-l 仅列出有在 Listen (监听) 的服務状态
-p 显示进程号和进程名。显示与特定协议相关的状态,常见的协议有 TCP 和 UDP。
-r 显示路由信息,路由表
-e 显示扩展信息,例如uid等
-s 按各个协议进行统计
-c 每隔一个固定时间,执行该netstat命令。
# LISTEN 和 LISTENING 的状态只有用-a或者-l才能看到
- Specific orders
- Check the occupancy status of the specified port
netstat -tlnp | grep [端口号|程序]
# or
netstat -anp | grep [端口号|程序]
View 22 End
- View all port usage
netstat -utlnp
lsof command (recommended)
The lsof(list open files) command can list all open files in the current system, including network ports.
- Tool installation (on demand)
yum -y install lsof
- Specific orders
- Check the occupancy status of the specified port
lsof -i <条件>:[端口号]
View 22 End
Explanation of terms
COMMAND: name of the process
PID: process identifier
FD: file descriptor, The application identifies the file by its file descriptor. Such as: cwd, txt, etc.
TYPE: File type, such as: DIR, REG, etc.
DEVICE: Specify the name of the disk
SIZE: the size of the file
NODE: the index node (the identification of the file on disk)
NAME: the exact name of the open file
- List information about files opened by processes on the system
lsof -i -P | grep [程序]
ps command (recommended)
The ps command can list process information currently running on the system.
- Parameter Description
a 显示终端上的所有进程,包括其他用户的进程
u 显示进程的归属用户及内存的使用情况
x 显示没有控制终端的进程
-a 显示同一终端下的所有程序
-A 显示所有进程
-e 显示所有进程,等于 “-A”
-f 全格式
- Specific orders
- View process information of a program
ps -ef | grep [程序]
# or
ps -aux | grep [程序]
Check first sshd process
Then check the port occupancy based on PID
ps -u rootFilter processes by user
ps -aux --sort -pcpu | lessSort in ascending order by CPU usage
ps -aux --sort -pmem | lessFilter processes by user
ps -aux --sort -pcpu,+pmem | head -n 10Query the top 10 The application that uses the most CPU and memory
ss command
The ss command can list the socket information open in the current system, including network ports.
- Specific orders
- Check the usage of specified ports or programs
ss -tlnp | grep [端口号|程序]
View 22 End
View sshd Service Program
fuser command
The fuser command can check which process a certain file or directory is occupied by. For network ports, you can also use the fuser command to query.
- Specific orders
- Check the occupancy status of the specified port
fuser -v [端口号]/tcp
View 22 port occupancy
nmap command
nmap (Network exploration tool and security/port scanner) is a powerful network scanning tool that can scan single hosts and large networks. It is mainly used for security audits and penetration testing, and is the preferred tool for port scanning.
- Tool installation (on demand)
yum -y install nmap
- Specific orders
- Check port occupancy
nmap -p [端口号] [IP地址]
# 查看主机当前开放的端口
nmap localhost
# 查看主机端口(1024-65535)中开放的端口
nmap -p 1024-65535 localhost
View 22 port occupancy
- Check the open ports of the target host
nmap -PS [IP地址]
# 探测目标主机开放的端口
nmap -PS 192.168.1.1
systemctl command
systemctl is the control manager and service manager of the systemd system. It replaces the old SysV init system management now used by systemd in most modern Linux operating systems.
- Specific orders
systemctl status sshd
In most cases, the above output will not show the actual port number of the process. At this time, it is recommended to use the following journalctl command to check the detailed information in the log file
journalctl | grep -i [程序]
View sshd Service Program
