常用基础 - 哪些端口被用了 ¶
作者:KK
发表日期:2018.10.12
查看所有端口 ¶
netstat -nlp列出包含所有协议的端口占用情况,示例内容:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 13882/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 911/sshd
tcp 0 0 0.0.0.0:8607 0.0.0.0:* LISTEN 12669/svnserve
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 14438/mysqld
tcp6 0 0 :::111 :::* LISTEN 25447/rpcbind
udp 0 0 0.0.0.0:606 0.0.0.0:* 25447/rpcbind
udp 0 0 0.0.0.0:111 0.0.0.0:* 25447/rpcbind
udp 0 0 172.17.0.1:123 0.0.0.0:* 19664/ntpd
udp 0 0 10.133.196.49:123 0.0.0.0:* 19664/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 19664/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 19664/ntpd
udp6 0 0 :::606 :::* 25447/rpcbind
udp6 0 0 :::111 :::* 25447/rpcbind
udp6 0 0 :::123 :::* 19664/ntpd
Active UNIX domain sockets (only servers) #下面这些不是你要关注的
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 84482 12102/dockerd /run/docker/libnetwork/62eaf749308c9d1cffc58dc30780a0ba25608bc4f2054fba9c68f8ddcc64a1c2.sock
unix 2 [ ACC ] STREAM LISTENING 84231 12106/docker-contai /var/run/docker/containerd/docker-containerd-debug.sock
unix 2 [ ACC ] STREAM LISTENING 84233 12106/docker-contai /var/run/docker/containerd/docker-containerd.sock
unix 2 [ ACC ] STREAM LISTENING 84240 12102/dockerd /var/run/docker/metrics.sock
unix 2 [ ACC ] STREAM LISTENING 481609 14438/mysqld /tmp/mysql.sock
unix 2 [ ACC ] STREAM LISTENING 921841 1420/php-fpm: pool /tmp/php-cgi.sock
unix 2 [ ACC ] STREAM LISTENING 12151 477/acpid /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 12168 473/lsmd /var/run/lsm/ipc/simc
unix 2 [ ACC ] STREAM LISTENING 12172 473/lsmd /var/run/lsm/ipc/sim
unix 2 [ ACC ] STREAM LISTENING 187798 1/systemd /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 9884 1/systemd /run/lvm/lvmetad.socket
unix 2 [ ACC ] STREAM LISTENING 9643 1/systemd /run/lvm/lvmpolld.socket
unix 2 [ ACC ] STREAM LISTENING 6870 1/systemd /run/systemd/journal/stdout
unix 2 [ ACC ] STREAM LISTENING 11756 1/systemd /var/run/rpcbind.sock
unix 2 [ ACC ] SEQPACKET LISTENING 9711 1/systemd /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 11759 1/systemd /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 84215 12102/dockerd /var/run/docker.sock
下面那一半内容你是不用关心的,主要看上面,第3列类似127.0.0.1:3306这样的内容主是监听了3306端口,并且只接受来自127.0.0.1的连接,最后那一列有显示是哪个程序的。
只看tcp协议的端口 ¶
一般情况下我都是用netstat -ntlp来看,内容示例:
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 13882/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 911/sshd
tcp 0 0 0.0.0.0:8607 0.0.0.0:* LISTEN 12669/svnserve
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 14438/mysqld
tcp6 0 0 :::111 :::* LISTEN 25447/rpcbind
这样就不会像上面那么多东西输出,而且我们常用的 http、数据库等服务都是基于 tcp 协议的,通常就是为了确认它们有没有在运行,不能运行时有没有谁在占用端口而已,所以基本关心不到 udp 协议那块的东西。
- 为什么不是http协议?
新人往往会疑惑,其实 http 协议本质上就是 tcp 协议,只是在 tcp 协议数据格式的基础上加了一些数据,然后写多了一些解析代码来实现了新的传输规则,然后命名为 http 协议而已,然而它底层的基本传输流程、校验流程等都是要遵循 tcp 的。
只能看到自己的 PID 和进程名哦 ¶
除非是 root 用户,否则其他用户执行netstat -ntlp只会输出类似这样(注意最后一列为“-”),以下输出内容中,107856/python3对应的行是我当前用户启动的程序所占用的端口,其它都是其他用户的:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:50905 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3514 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:50010 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:50075 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:50205 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:10014 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:51006 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:14751 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:16000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8480 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:50306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8388 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:50020 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:51301 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8485 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:13000 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:17000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:6700 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:9900 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:14000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:6802 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8887 0.0.0.0:* LISTEN 107856/python3
tcp 0 0 0.0.0.0:3511 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:7800 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:15000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3512 0.0.0.0:* LISTEN -
tcp6 0 0 ::1:25 :::* LISTEN -
tcp6 0 0 :::443 :::* LISTEN -
tcp6 0 0 :::25791 :::* LISTEN -
tcp6 0 0 :::2181 :::* LISTEN -
tcp6 0 0 :::31431 :::* LISTEN -
tcp6 0 0 :::8040 :::* LISTEN -
tcp6 0 0 :::2281 :::* LISTEN -
tcp6 0 0 :::8042 :::* LISTEN -
tcp6 0 0 :::80 :::* LISTEN -
tcp6 0 0 :::1491 :::* LISTEN -
tcp6 0 0 192.168.0.241:3988 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::8887 :::* LISTEN 107856/python3
tcp6 0 0 :::248 :::* LISTEN -