TCP port number and process

TCP port number and process

Post by ndrianin » Sat, 13 Feb 1999 04:00:00



  Hello,

  [ network dev. in C-UNIX ]

  I'm writing an app to monitor TCP/IP connections on my computer.
  ( Linux RH 5.2 kern 2.0.36 )

  Now I have the TCP port number of a connection. How can I get
(very quickly) the name of the program (executable file) using that
connection ?

  I think It'll be okay if I get the PID of the process using that
connection.

  I found some tables but none which gives the PID with the port number.
  Is there someone who can help me ?

bonus : - Is it possible for multiple process to use the same port number
          for multiple connections (what about setsockopt SO_REUSEADDR) ?
          If so, what else do I need to find the right process ? And how
          can I do that ?

  Thank you for any help,

  Ndrianina

--
Ndrianina Randrianasolo

 
 
 

TCP port number and process

Post by Barry Margoli » Sat, 13 Feb 1999 04:00:00




>  Hello,

>  [ network dev. in C-UNIX ]

>  I'm writing an app to monitor TCP/IP connections on my computer.
>  ( Linux RH 5.2 kern 2.0.36 )

>  Now I have the TCP port number of a connection. How can I get
>(very quickly) the name of the program (executable file) using that
>connection ?

>  I think It'll be okay if I get the PID of the process using that
>connection.

Use fuser.

Quote:>bonus : - Is it possible for multiple process to use the same port number
>      for multiple connections (what about setsockopt SO_REUSEADDR) ?
>      If so, what else do I need to find the right process ? And how
>      can I do that ?

Only one process can bind a listening socket to a port at a time.  However,
if that process forks, any of the child processes can call accept() on it.
If multiple processes are waiting for a connection to come in, it will be
given to just one of them.  This is essentially the same logic as multiple
processes calling read() on the same descriptor that they inherited from a
parent.

Without SO_REUSEADDR you can't bind to a port if there are *any* processes
using that local port.  With the option, only listening sockets prevent it.

--

GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Don't bother cc'ing followups to me.

 
 
 

1. ipchains/TCP/UDP, Why should I open UDP ports so that my TCP ports can work?

Hi,

I have set up firewall to accept some ports.
/sbin/ipchains -F input
/sbin/ipchains -P input ACCEPT
/sbin/ipchains -A input -p TCP -s 0/0 --dport ssh -j ACCEPT
/sbin/ipchains -A input -p UDP -s 0/0 --dport ssh -j ACCEPT
....

Then I want to lock down all other ports.
/sbin/ipchains -A input -p TCP -s ! 192.168.0.0/24 -j DENY

#??? what's wrong with this UDP ???
/sbin/ipchains -A input -p UDP -s ! 192.168.0.0/24 -j DENY

If I comment out the UDP line, I can ssh into firewall from outside.
If I don't comment out that line, I can no longer ssh into firewall from
outside.

Why should I open UDP ports so that my TCP ports can work?

Thanks for any help.

Ed Wu

2. samba

3. How to get tcp port numbers on Solaris 8/9

4. ACK filtering in TCP

5. How to change openwin's tcp port number

6. Embedded FreeBSD

7. lpd TCP port number

8. No sound when using "drvmidi" or "tkmidi"

9. Determining Flexlm Vendor TCP port numbers

10. Determine TCP Port Number for a Telnet Session

11. TCP daemon port number collisions

12. TCP/IP Port Number Information

13. Controlling tcp/ip port number?