From e6c1f7b12ac8545b1fd9dee62a26bf659eb1776b Mon Sep 17 00:00:00 2001 From: Roger Rutishauser Date: Thu, 2 Jan 2025 21:21:18 +0100 Subject: [PATCH] update network ports --- linux/linux-netzwerk.md | 161 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 158 insertions(+), 3 deletions(-) diff --git a/linux/linux-netzwerk.md b/linux/linux-netzwerk.md index 1b7b736..f4b2677 100755 --- a/linux/linux-netzwerk.md +++ b/linux/linux-netzwerk.md @@ -38,19 +38,174 @@ IPv6: dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com ``` +--- + +## Ports + +### List of reserved port numbers + +`less /etc/services` + +### All open/listening ports + +#### Solution 1 + +`sudo lsof -i -P -n | grep LISTEN` + +Shows the following columns: + +| Column | Description | +| --- | --- | +| COMMAND | The name of the command or executable associated with the process. | +| PID | The process ID of the listening process. | +| USER | The user who owns the process. | +| FD | The file descriptor associated with this process (4u indicates it's an open file/socket). | +| TYPE | The type of file, usually STREAM for TCP or DGRAM for UDP. | +| DEVICE | Internal device number (used by the operating system, not directly meaningful to users). | +| SIZE/OFF | The size or offset (not meaningful for listening sockets, so it's 0). | +| NODE | The protocol being used. | +| NAME | The address and port being listened to in the format : or *:. | + +``` +COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE +systemd-r 669 systemd-resolve 13u IPv4 22780 0t0 TCP 127.0.0.53:53 (LISTEN) +named 745 bind 56u IPv4 23775 0t0 TCP 127.0.0.1:953 (LISTEN) +named 745 bind 63u IPv4 24658 0t0 TCP 194.13.82.60:53 (LISTEN) +named 745 bind 64u IPv4 24659 0t0 TCP 194.13.82.60:53 (LISTEN) +named 745 bind 65u IPv4 24660 0t0 TCP 194.13.82.60:53 (LISTEN) +named 745 bind 68u IPv4 24661 0t0 TCP 194.13.82.60:53 (LISTEN) +[...] +sshd 857 root 3u IPv4 26786 0t0 TCP *:22 (LISTEN) +sshd 857 root 4u IPv6 26788 0t0 TCP *:22 (LISTEN) +docker-pr 1243 root 4u IPv4 25440 0t0 TCP *:3307 (LISTEN) +docker-pr 1250 root 4u IPv4 28091 0t0 TCP *:9823 (LISTEN) +docker-pr 1252 root 4u IPv4 24336 0t0 TCP *:80 (LISTEN) +docker-pr 1253 root 4u IPv4 28820 0t0 TCP *:9877 (LISTEN) +docker-pr 1292 root 4u IPv6 28094 0t0 TCP *:9823 (LISTEN) +docker-pr 1294 root 4u IPv6 28102 0t0 TCP *:9877 (LISTEN) +docker-pr 1299 root 4u IPv6 28827 0t0 TCP *:3307 (LISTEN) +docker-pr 1300 root 4u IPv6 24339 0t0 TCP *:80 (LISTEN) +docker-pr 1316 root 4u IPv4 29795 0t0 TCP *:81 (LISTEN) +docker-pr 1353 root 4u IPv6 29805 0t0 TCP *:81 (LISTEN) +docker-pr 1390 root 4u IPv4 25492 0t0 TCP *:443 (LISTEN) +docker-pr 1414 root 4u IPv6 29815 0t0 TCP *:443 (LISTEN) +docker-pr 619804 root 4u IPv4 69012855 0t0 TCP *:8888 (LISTEN) +docker-pr 619813 root 4u IPv6 69010893 0t0 TCP *:8888 (LISTEN) +sshd 1330510 rogrut 10u IPv6 82082832 0t0 TCP [::1]:6010 (LISTEN) +sshd 1330510 rogrut 11u IPv4 82082833 0t0 TCP 127.0.0.1:6010 (LISTEN) +docker-pr 1343733 root 4u IPv4 82190331 0t0 TCP *:2222 (LISTEN) +docker-pr 1343740 root 4u IPv6 82188025 0t0 TCP *:2222 (LISTEN) +docker-pr 1343747 root 4u IPv4 82188950 0t0 TCP *:3000 (LISTEN) +docker-pr 1343754 root 4u IPv6 82185088 0t0 TCP *:3000 (LISTEN) +docker-pr 2890708 root 4u IPv4 46563836 0t0 TCP *:8806 (LISTEN) +docker-pr 2890715 root 4u IPv6 46564648 0t0 TCP *:8806 (LISTEN) +``` + +#### Solution 2 + +`sudo netstat -tulpn | grep LISTEN` + +``` +-t select all TCP ports +-u select all UDP ports +-l show listening server sockets (open TCP and UDP ports in listing state) +-p Display PID/Program name for sockets. In other words, this option tells who opened the TCP or UDP port. For example, on my system, Nginx opened TCP port 80/443, so I will /usr/sbin/nginx or its PID. +-n Don’t resolve name (avoid dns lookup, this speed up the netstat on busy Linux/Unix servers) +``` + +Sortiert zuerst IPv4 danach IPv6 + +| Column | Example Value | Description | +| --- | --- | --- | +| Proto | tcp | The protocol in use, e.g., tcp (Transmission Control Protocol) or udp (User Datagram Protocol). | +| Recv-Q | 0 | The receive queue size: The number of bytes waiting to be read by the application. Usually 0. | +| Send-Q | 0 | The send queue size: The number of bytes waiting to be acknowledged by the remote host. Usually 0. | +| Local Address | 0.0.0.0:81 The local address and port the process is bound to:
- 0.0.0.0 means the process listens on all IPv4 interfaces.
- :81 is the port number being listened on. | +| Foreign Address | 0.0.0.0:* | The remote address and port the socket is connected to:
- 0.0.0.0:* indicates no remote connection yet (listening state). | +| State | LISTEN | The connection state. LISTEN means the process is waiting for incoming connections. | +| PID/Program name | 1316/docker-proxy | The process ID (PID) and program name of the process handling this connection:
- 1316 is the unique process ID.
- docker-proxy is the name of the program managing the socket. | + +``` +Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name +tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 1316/docker-proxy +tcp 0 0 0.0.0.0:9877 0.0.0.0:* LISTEN 1253/docker-proxy +tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named +tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named +tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named +tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named +tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named +tcp 0 0 194.13.82.60:53 0.0.0.0:* LISTEN 745/named +tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 669/systemd-resolve +tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 857/sshd: /usr/sbin +tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 1343747/docker-prox +tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 619804/docker-proxy +tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named +tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named +tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named +tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named +tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named +tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 745/named +tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 1330510/sshd: rogru +tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1390/docker-proxy +tcp 0 0 0.0.0.0:9823 0.0.0.0:* LISTEN 1250/docker-proxy +tcp 0 0 0.0.0.0:8806 0.0.0.0:* LISTEN 2890708/docker-prox +tcp 0 0 0.0.0.0:3307 0.0.0.0:* LISTEN 1243/docker-proxy +tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 1343733/docker-prox +tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1252/docker-proxy +tcp6 0 0 :::81 :::* LISTEN 1353/docker-proxy +tcp6 0 0 :::9877 :::* LISTEN 1294/docker-proxy +tcp6 0 0 ::1:53 :::* LISTEN 745/named +[...] +``` + +### Specific port + +`sudo lsof -i:8805` + +``` +docker-pr 3613260 root 4u IPv4 424274374 0t0 TCP *:8805 (LISTEN) +docker-pr 3613267 root 4u IPv6 424276198 0t0 TCP *:8805 (LISTEN) +``` + +### In a bash script + +Testing if a port is open from a bash script + +One can use the `/dev/tcp/{HostName}_OR_{IPAddrress}>/{port}` syntax to check if a TCP port is open on a Linux or Unix machine when using Bash. In other words, the following is Bash specific feature. Let us see if TCP port `20` is open on `localhost` and `192.168.2.20`: + +```shell +(echo >/dev/tcp/localhost/23) &>/dev/null && echo "open" || echo "close" +(echo >/dev/tcp/192.168.2.20/22) &>/dev/null && echo "open" || echo "close" +``` + +Now we can build some logic as follows: + +```shell +#!/bin/bash +dest_box="aws-prod-server-42" +echo "Testing the ssh connectivity ... " +if ! (echo >/dev/tcp/$dest_box/22) &>/dev/null +then + echo "$0 cannot connect to the $dest_box. Check your vpn connectivity." +else + echo "Running the ansible playboook ..." + ansible-playbook -i hosts --ask-vault-pass --extra-vars '@cluster.data.yml' main.yaml +fi +``` + ## Network configuration with nmcli ### Show available wifi -``` +```shell nmcli device wifi list ``` ### show network interfaces on computer -``` +```shell ip link show -or +# or nmcli device ```