How to check port is in use | LinuxGist

• Introduction
  • Listing Ports Bound to Processes
    • Using netstat
    • Using ss
    • Using lsof
  • Listing Available Ports
    • Using nc (Netcat)
• Debuuging port issues
  • 1. Check Network Connectivity
  • 2. Check Listening Ports
    • Using netstat
    • Using ss
  • 3. Check Firewall Rules
    • Using iptables
    • Using ufw (Uncomplicated Firewall)
  • 4. Check SELinux or AppArmor
    • Checking SELinux Status
    • Checking AppArmor Status
  • 5. Use nc (Netcat) to Test Port Connectivity
  • 6. Check Logs
    • Systemd Journal
  • 7. Use telnet or nc (Netcat) from Client Side
    • Using telnet
    • Using nc (Netcat)
  • 8. Check for Process Listening on Port
    • Using lsof
  • 9. Check Network Configuration
• Summary

Introduction

In Linux, a port is an endpoint on a network that an application uses to communicate with other applications over the network. Ports are numbered, and they range from 0 to 65535. Ports below 1024 are considered well-known ports, while those between 1024 and 49151 are registered ports, and those above 49151 are dynamically allocated.

Listing Ports Bound to Processes

To list the ports that are currently in use by processes on a Linux system, you can use several tools. Here are some common methods:

Using netstat

netstat is a network statistics tool that displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

sudo netstat -tuln

• -t: Show TCP ports.
• -u: Show UDP ports.
• -l: Show listening sockets.
• -n: Show numerical addresses instead of resolving them.

Using ss

ss is a more modern and efficient tool than netstat.

sudo ss -tuln

• -t: Show TCP ports.
• -u: Show UDP ports.
• -l: Show listening sockets.
• -n: Show numerical addresses instead of resolving them.

Using lsof

lsof (List Open Files) can also be used to list network connections and the processes that are using them.

sudo lsof -i -P -n | grep LISTEN

• -i: Selects the listing of files any of whose Internet address matches the address specified in i.
• -P: Show port numbers instead of resolving service names.
• -n: Show IP addresses instead of resolving host names.

Listing Available Ports

To list available ports, you can use a script that checks each port to see if it’s in use. However, this is generally not practical for large ranges or production systems due to potential performance issues. Instead, you can check specific ports for availability.

Using nc (Netcat)

You can use nc to check if a port is available.

sudo nc -zv localhost 8080

• -z: Specifies zero-I/O mode (used for scanning).
• -v: Enables verbose output.
• localhost 8080: The host and port to check.

If the port is available, you’ll see something like:

Connection to localhost 8080 port [tcp/*] succeeded!

If the port is in use, you’ll see an error message.

Debuuging port issues

Debugging port issues on Linux involves identifying the cause of connectivity problems or misconfigurations. Here are some steps and tools that can help you diagnose and resolve port-related issues:

1. Check Network Connectivity

First, ensure that there is basic network connectivity between the machines involved.

ping <destination_ip>

Replace <destination_ip> with the IP address of the machine you want to connect to.

2. Check Listening Ports

Use netstat or ss to check if the expected port is listening on the server.

Using netstat

sudo netstat -tuln | grep <port>

Replace <port> with the port number you are interested in.

Using ss

sudo ss -tuln | grep <port>

3. Check Firewall Rules

Ensure that there are no firewall rules blocking traffic on the expected port.

Using iptables

sudo iptables -L -v -n

Using ufw (Uncomplicated Firewall)

sudo ufw status

4. Check SELinux or AppArmor

If SELinux or AppArmor is enabled, it might be blocking the port.

Checking SELinux Status

sestatus

Checking AppArmor Status

apparmor_status

5. Use nc (Netcat) to Test Port Connectivity

You can use nc to test if a port is open and listening.

nc -zv <destination_ip> <port>

Replace <destination_ip> with the IP address of the server, and <port> with the port number you are trying to connect to.

6. Check Logs

Check system logs for any error messages related to network or port issues.

Systemd Journal

sudo journalctl -xe | grep <keyword>

Replace <keyword> with a relevant keyword like “network” or “port”.

7. Use telnet or nc (Netcat) from Client Side

From the client machine, you can use telnet or nc to test if the port is reachable.

Using telnet

telnet <destination_ip> <port>

Replace <destination_ip> with the IP address of the server, and <port> with the port number you are trying to connect to.

Using nc (Netcat)

nc -vz <destination_ip> <port>

8. Check for Process Listening on Port

Use lsof or netstat to identify which process is listening on a specific port.

Using lsof

sudo lsof -i :<port>

Replace <port> with the port number you are interested in.

9. Check Network Configuration

Ensure that network configuration files like /etc/network/interfaces or /etc/netplan/*.yaml are correctly configured.

1. Check Network Connectivity: Use ping.
2. Check Listening Ports: Use netstat or ss.
3. Check Firewall Rules: Use iptables, ufw, etc.
4. Check SELinux/AppArmor: Check their status and logs.
5. Test Port Connectivity: Use nc (Netcat) or telnet.
6. Check Logs: Review system logs with journalctl.
7. Client-Side Testing: Use telnet or nc from the client side.
8. Identify Listening Process: Use lsof or netstat.
9. Network Configuration: Check network configuration files.

By following these steps, you should be able to identify and resolve most port-related issues on a Linux system.

Summary

To list ports that are bound to processes on a Linux system, you can use netstat, ss, or lsof. To check if a specific port is available, you can use tools like nc (Netcat).

These commands and tools provide a way to monitor and manage network ports efficiently.