Operating System - HP-UX
1748036 Members
4730 Online
108757 Solutions
New Discussion юеВ

Re: netstat output and range of free ports

 
SOLVED
Go to solution
DeafFrog
Valued Contributor

netstat output and range of free ports

Dear Gurus,
Here's a small programm that i intend to use to find a list of free port:
# more testport
#!/bin/sh
#set -x
no=$1
echo $1
fin=`expr ${no} + 1000`
echo $fin
while test $no -le $fin
do
#echo $no
netstat -an | grep $no
test=`echo $?`
#if [$test =! 1];then
#echo "PORT NUMBER $n PORT NOTFREE"
#fi
no=`expr $no + 1`
done
So , for a range of free ports (required by application) i should not get any o/p.For ports being used it will show o/p:

Active UNIX domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
e000000536710080 dgram 0 0 e0000004ac3bdc80 0 0 0 /var/spool/sockets/pwgr/client27200
e0000004e7060080 dgram 0 0 e0000004c420f880 0 0 0 ../wo

1)need help to understand the above netstat o/p better.How can i know what is the port number in above o/p.pardon my meager knowledge.
2)Out of 65000 + ports , i am not able to find a continous range of 1000 ports free , any better program.
lsof is ok but it takes time to scan 1000 ports(after putting that in loop)
FrogIsDeaf
10 REPLIES 10
James R. Ferguson
Acclaimed Contributor
Solution

Re: netstat output and range of free ports

Hi:

It's probably easier to use 'lsof' rather than 'netstat' to snapshot the ports currently in use at any time.

That said, what you see is indeed at that moment and might change in another sample interval.

As for 'netstat' you can see inuse ports in the following snippet:

tcp 0 52 10.xxx.xxx.xxx.22 10.xxx.xxx.xxx.1086 ESTABLISHED

Here, port #22 on the server and port #1086 on the client have formed a connection.

I don't quite understand why you think you need "a continous range of 1000 ports free". Your application (as the server side) should likely need only one.

As background:

http://www.iana.org/assignments/port-numbers

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

All of the above aside, you could also vastly improve the run time of scripts like you posted by _avoiding_ the use of 'expr' to simply increment a counter. You are spawning a separate process very time you do and this is quite expensive!

Instead of:

# no=`expr $no + 1`

do:

# ((no+=+1))

The later lets the shell do the arithmetic and therefore eliminates process creation merely to do so.

Regards!

...JRF...
Steven E. Protter
Exalted Contributor

Re: netstat output and range of free ports

Shalom,

Quality Assurance check.

From outside the system.

nmap hostname (best run from a Linux host)

nmap is a port scanner and you may wish to get permission prior to running it.

Show what ports externally are open, though this will only show ports with active listeners, which can be hidden with firewalls.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
DeafFrog
Valued Contributor

Re: netstat output and range of free ports

Thanks James and Steven ,
I want to understand this line in the output of netsta -an :
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
e000000536710080 dgram 0 0 e0000004ac3bdc80 0 0 0 /var/spool/sockets/pwgr/client27200........how can i find the port number, from this line, is it refering to any port , if yes whad is that port .

Regards ,
Rahul
FrogIsDeaf
James R. Ferguson
Acclaimed Contributor

Re: netstat output and range of free ports

Hi (again) Rahul:

> I want to understand this line in the output of netsta -an :
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr

See here:

http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/sockets.html

Regards!

...JRF...
DeafFrog
Valued Contributor

Re: netstat output and range of free ports

Many Thanks James ,
In the o/p above the domain socket address is "e000000536710080" which may be used as an IPC for a service in application(frm the URL that you helped me with ).To my understanding socket = ip + port number.can you please let me know how to break up "e000000536710080" in ip + port number fasion( not sure if my understanding is OK).

Regards ,
Rahul
FrogIsDeaf
Dennis Handly
Acclaimed Contributor

Re: netstat output and range of free ports

>can you please let me know how to break up "e000000536710080" in ip + port number fashion

These look like kernel virtual addresses. Unless you have a memory dump or use adb(1), you can only treat them as IDs/keys.
Steven Schweda
Honored Contributor

Re: netstat output and range of free ports

> Active UNIX domain sockets

UNIX domain sockets are not IP sockets, so
they do not involve IP ports, so they also
do not involve IP port numbers.

> [...] a range of free ports (required by
> application) [...]

Why do you think that this (nameless)
application requires "a range of free ports"?

> [...] i am not able to find a continous
> range of 1000 ports free

Really? And even if that were true, then why
would you care?

> [...] lsof is ok but it takes time to scan
> 1000 ports(after putting that in loop)

Perhaps running lsof (or netstat) 1000 times
is not the best way to solve this problem.
(But I doubt that you really need to solve
it.)

Is there some actual problem which you are
trying to solve? If so, perhaps you should
ask about that problem, rather than asking
about how to implement some sub-ideal method
to solve the wrong problem.
DeafFrog
Valued Contributor

Re: netstat output and range of free ports

Dear Steven, I have attached a notepad here.It list all ports being used
with the above testport script(from 2000-65000).Also an Excerpt from application installtion
manual ...:"Enter the starting port number from which the tool will start configuring rest of the Finacle Application Services. Make sure that around 1000 port number from the above port are free and that no other application is listening on to this port.".


# ./testport 42000
42000
43000
e000000591297680 dgram 0 0 e0000004fc242700 0 0 0 /var/spool/sockets/pwgr/client5069
e00000046aa00680 dgram 0 0 e0000004ac342800 0 0 0 /var/spool/sockets/pwgr/client1939
e000000428eee380 stream 0 0 e000000428787580 0 0 0 /etc/useracct/utmpd_read
e000000429672980 dgram 0 0 e000000428799100 0 0 0 /dev/log.un
e000000471075680 dgram 0 0 e000000428799e80 0 0 0 /var/spool/sockets/pwgr/client16736
e00000055f1a7080 dgram 0 0 e000000428817b80 0 0 0 /var/spool/sockets/pwgr/client27140
e00000053b61d680 dgram 0 0 e000000429164680 0 0 0 /var/spool/sockets/pwgr/client6303
e000000506a4d380 dgram 0 0 e00000042941e800 0 0 0 /var/spool/sockets/pwgr/client17883
e000000429460080 stream 0 0 0 e00000042b8c7180 0 0
e000000429460380 stream 0 0 0 e00000042b8c7100 0 0
e000000429460680 dgram 0 0 e00000042b86b700 0 0 0 /var/spool/sockets/pwgr/client2198
e000000429460c80 dgram 0 0 e000000468b86880 0 0 0 /var/spool/sockets/pwgr/client2412
e000000429672380 stream 0 0 e00000042b718500 0 0 0 /var/evm/sockets/evmd
e000000429672680 dgram 0 0 e00000042b7b2980 0 0 0 /var/spool/sockets/pwgr/client1530
e000000429672980 dgram 0 0 e000000428799100 0 0 0 /dev/log.un
e000000468de3080 stream 0 0 0 e000000429675300 0 0
e000000468c65400 stream 0 0 0 e000000429675380 0 0
e000000468c65a00 stream 0 0 0 e000000429675280 0 0 /tmp/.s.PGSQL.10864
e000000468c65d00 stream 0 0 0 e000000429675200 0 0 /var/evm/sockets/evmd




since UNIX domain sockets are not IP sockets , so does the output above implies that port from 42000-43000 are free.
since in the output there are no IP socket .Also how will i free this range of scoket , kill the PID ?I cannot see any PIDs

# ps -ef | grep -i "/var/evm/sockets/evmd"
root 5533 8896 0 09:46:32 pts/3 0:00 grep -i /var/evm/sockets/evmd
# ps -ef | grep -i "/var/spool/sockets/pwgr/client2412"
root 5537 8896 0 09:48:43 pts/3 0:00 grep -i /var/spool/sockets/pwgr/client2412
# ps -ef | grep -i "/var/spool/sockets/pwgr/client1530"
root 5539 8896 1 09:48:58 pts/3 0:00 grep -i /var/spool/sockets/pwgr/client1530

Thanks and Regards ,
Rahul
FrogIsDeaf
Hakki Aydin Ucar
Honored Contributor

Re: netstat output and range of free ports

maybe better approach is to use a Perl port scanner program to find out which port is open or not: also you can add an wrapper to check any range of ports:

#!/bin/ksh
# Port Scanner with PERL
#

echo From Port
read prt1
echo To Port
read prt2
echo IP
read ip

# Init Log File step
>/tmp/port_check.$ip > /dev/null

while [ $prt1 -lt $prt2 ]
do
echo $ip:$prt1 >> /tmp/port_check.$ip
/aydin/chk_rem_port $ip $prt1 >> /tmp/port_check.$ip
wait
prt1=$(($prt1+1))
done