Linux系統查看端口常用命令:lsof和netstat。
-
lsof
lsof (list open files)是一個顯示系統當前打開文件的工具。Linux系統的應用程序都會有自己的文件描述符,通過文件描述符與操作系統進行交互。可用此命令進行系統監控、網絡信息查看等,本文主要介紹端口相關操作。
-
安裝(CentOS)
有些系統需要手動安裝:
[root@localhost ~]# yum install lsof -
本機網絡端口使用情況
1.1 lsof -i
列舉當前所有端口連接信息,輸出信息列表:COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME 進程名稱 進程標識符 用戶 文件描述符 類型 指定磁盤名稱 文件大小 文件在磁盤上的標識 打開文件確切名稱(誰在訪問) [root@localhost ~]# lsof -i COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dhclient 707 root 6u IPv4 12256 0t0 UDP *:bootpc dhclient 707 root 20u IPv4 12211 0t0 UDP *:52171 dhclient 707 root 21u IPv6 12212 0t0 UDP *:cgms ntpd 799 ntp 16u IPv4 13267 0t0 UDP *:ntp ntpd 799 ntp 17u IPv6 13268 0t0 UDP *:ntp ntpd 799 ntp 18u IPv4 13273 0t0 UDP localhost:ntp ntpd 799 ntp 19u IPv4 13274 0t0 UDP localhost:ntp AliYunDun 1053 root 21u IPv4 307323 0t0 TCP localhost:43876->100.100.30.25:http (ESTABLISHED) sshd 1162 root 3u IPv4 14660 0t0 TCP *:ssh (LISTEN) java 19680 nexus 82u IPv4 300159 0t0 TCP localhost:40129 (LISTEN) java 19680 nexus 733u IPv4 301293 0t0 TCP *:afs3-callback (LISTEN) sshd 31905 root 3u IPv4 508853 0t0 TCP localhost:ssh->172.10.116.232:15966 (ESTABLISHED) sshd 32138 root 3u IPv4 512855 0t0 TCP localhost:ssh->172.11.247.123:10033 (ESTABLISHED) sshd 32159 root 3u IPv4 513093 0t0 TCP localhost:ssh->172.11.247.123:10106 (ESTABLISHED)1.2 按tcp查
查看所有tcp端口情況
[root@localhost ~]# lsof -i tcp COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME AliYunDun 1053 root 21u IPv4 307323 0t0 TCP localhost:43876->100.100.30.25:http (ESTABLISHED) sshd 1162 root 3u IPv4 14660 0t0 TCP *:ssh (LISTEN) java 19680 nexus 82u IPv4 300159 0t0 TCP localhost:40129 (LISTEN) java 19680 nexus 733u IPv4 301293 0t0 TCP *:afs3-callback (LISTEN) sshd 31905 root 3u IPv4 508853 0t0 TCP localhost:ssh->172.10.116.232:15966 (ESTABLISHED) sshd 32138 root 3u IPv4 512855 0t0 TCP localhost:ssh->172.11.247.123:10033 (ESTABLISHED) sshd 32159 root 3u IPv4 513093 0t0 TCP localhost:ssh->172.11.247.123:10106 (ESTABLISHED) [root@localhost ~]# lsof -i tcp:7001 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME java 19680 nexus 733u IPv4 301293 0t0 TCP *:afs3-callback (LISTEN)只查看7001端口情況
[root@localhost ~]# lsof -i tcp:7001 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME java 19680 nexus 733u IPv4 301293 0t0 TCP *:afs3-callback (LISTEN)1.3 按udp查
與tcp一樣的用法
[root@localhost ~]# lsof -i udp COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dhclient 707 root 6u IPv4 12256 0t0 UDP *:bootpc dhclient 707 root 20u IPv4 12211 0t0 UDP *:52171 dhclient 707 root 21u IPv6 12212 0t0 UDP *:cgms ntpd 799 ntp 16u IPv4 13267 0t0 UDP *:ntp ntpd 799 ntp 17u IPv6 13268 0t0 UDP *:ntp ntpd 799 ntp 18u IPv4 13273 0t0 UDP localhost:ntp ntpd 799 ntp 19u IPv4 13274 0t0 UDP localhost:ntp [root@localhost ~]# lsof -i udp:123 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ntpd 799 ntp 16u IPv4 13267 0t0 UDP *:ntp ntpd 799 ntp 17u IPv6 13268 0t0 UDP *:ntp ntpd 799 ntp 18u IPv4 13273 0t0 UDP localhost:ntp ntpd 799 ntp 19u IPv4 13274 0t0 UDP localhost:ntp1.4 按協議類型查
ipv4或ipv6
[root@localhost ~]# lsof -i 4 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dhclient 707 root 6u IPv4 12256 0t0 UDP *:bootpc dhclient 707 root 20u IPv4 12211 0t0 UDP *:52171 ntpd 799 ntp 16u IPv4 13267 0t0 UDP *:ntp ntpd 799 ntp 18u IPv4 13273 0t0 UDP localhost:ntp ntpd 799 ntp 19u IPv4 13274 0t0 UDP localhost:ntp AliYunDun 1053 root 21u IPv4 307323 0t0 TCP localhost:43876->100.100.30.25:http (ESTABLISHED) sshd 1162 root 3u IPv4 14660 0t0 TCP *:ssh (LISTEN) java 19680 nexus 82u IPv4 300159 0t0 TCP localhost:40129 (LISTEN) java 19680 nexus 733u IPv4 301293 0t0 TCP *:afs3-callback (LISTEN) sshd 31905 root 3u IPv4 508853 0t0 TCP localhost:ssh->172.10.116.232:15966 (ESTABLISHED) sshd 32138 root 3u IPv4 512855 0t0 TCP localhost:ssh->172.11.247.123:10033 (ESTABLISHED) sshd 32159 root 3u IPv4 513093 0t0 TCP localhost:ssh->172.11.247.123:10106 (ESTABLISHED) [root@localhost ~]# lsof -i 6 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dhclient 707 root 21u IPv6 12212 0t0 UDP *:cgms ntpd 799 ntp 17u IPv6 13268 0t0 UDP *:ntp1.5 按端口查
如22端口
[root@localhost ~]# lsof -i :22 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME sshd 1162 root 3u IPv4 14660 0t0 TCP *:ssh (LISTEN) sshd 31905 root 3u IPv4 508853 0t0 TCP localhost:ssh->172.10.116.232:15966 (ESTABLISHED) sshd 32138 root 3u IPv4 512855 0t0 TCP localhost:ssh->172.11.247.123:10033 (ESTABLISHED) sshd 32159 root 3u IPv4 513093 0t0 TCP localhost:ssh->172.11.247.123:10106 (ESTABLISHED)沒使用的端口沒有查詢信息
[root@localhost ~]# lsof -i :8090 [root@localhost ~]#1.6 按用戶查
如nexus用戶
[root@localhost ~]# lsof -a -u nexus -i COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME java 19680 nexus 82u IPv4 300159 0t0 TCP localhost:40129 (LISTEN) java 19680 nexus 733u IPv4 301293 0t0 TCP *:afs3-callback (LISTEN)
-
netstat
netstat 命令用於顯示網絡狀態,系統默認都裝有該命令,下文主要介紹端口常用操作。
- netstat -anp | grep ":22"
查看22端口
[root@localhost ~]# netstat -anp | grep ":22" tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1162/sshd tcp 0 0 172.9.204.26:22 172.10.116.232:15966 ESTABLISHED 31905/sshd: root@pt tcp 0 0 172.9.204.26:22 172.11.247.123:10106 ESTABLISHED 32159/sshd: root@pt tcp 0 52 172.9.204.26:22 172.11.247.123:10033 ESTABLISHED 32138/sshd: root@pt- netstat -tunplp
所有端口
[root@localhost ~]# netstat -tunplp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1162/sshd tcp 0 0 0.0.0.0:7001 0.0.0.0:* LISTEN 19680/java tcp 0 0 127.0.0.1:40129 0.0.0.0:* LISTEN 19680/java udp 0 0 0.0.0.0:52171 0.0.0.0:* 707/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 707/dhclient udp 0 0 172.9.204.26:123 0.0.0.0:* 799/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 799/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 799/ntpd udp6 0 0 :::3003 :::* 707/dhclient udp6 0 0 :::123 :::* 799/ntpd- netstat -tunplp | grep ":22"
22端口
[root@localhost ~]# netstat -tunplp | grep ":22" tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1162/sshd