socket question - which process opened a socket?

socket question - which process opened a socket?

Post by Peter Maurice-Jone » Wed, 21 Jan 1998 04:00:00



i need to determine which process on a 5.5.1 SunOS machine has opened
a socket? can it be done ?? if so how???

--

Amoco Services Limited            Senior Unix Systems Administrator

 
 
 

socket question - which process opened a socket?

Post by Vic Abe » Wed, 21 Jan 1998 04:00:00



>i need to determine which process on a 5.5.1 SunOS machine has opened
>a socket? can it be done ?? if so how???

Lsof can do this -- e.g.,

aaaa: 1 = uname -a
SunOS aaaa.bb.dddddd.eee 5.5.1 Generic_103640-08 sun4d sparc SUNW,SPARCserver-1000
aaaa: 2 = netstat

TCP
   Local Address        Remote Address    Swind Send-Q Rwind Recv-Q  State
-------------------- -------------------- ----- ------ ----- ------ -------
...
aaaa.login           ff-gggg.1022          8760      0  8760      0 ESTABLISHED
...

COMMAND    PID USER   FD   TYPE     DEVICE SIZE/OFF INODE NAME
in.rlogin 2233 root    0u  inet 0xf109da48      0t2   TCP aaaa.bb.dddddd.eee:login->ff-gggg.bb.dddddd.eee:1022 (ESTABLISHED)
...

Lsof is available via anonymous ftp from:

        ftp://vic.cc.purdue.edu/pub/tools/unix/lsof

The current and recently-released lsof revision is 4.23.



 
 
 

socket question - which process opened a socket?

Post by Aleksandar Milivojevi » Wed, 21 Jan 1998 04:00:00



> i need to determine which process on a 5.5.1 SunOS machine has opened
> a socket? can it be done ?? if so how???

Yes, you can with lsof.

--
Aleksandar Milivojevi?                        http://jagor.srce.hr/~alex/

================================ooooO=Ooooo==============================

  Real Users never know what they want, but they always know when your
                       program doesn't deliver it.

 
 
 

socket question - which process opened a socket?

Post by Richard L. Hamilt » Thu, 22 Jan 1998 04:00:00


[Posted and mailed]




>>i need to determine which process on a 5.5.1 SunOS machine has opened
>>a socket? can it be done ?? if so how???

> Lsof can do this -- e.g.,
[...]

> COMMAND    PID USER   FD   TYPE     DEVICE SIZE/OFF INODE NAME
> in.rlogin 2233 root    0u  inet 0xf109da48      0t2   TCP aaaa.bb.dddddd.eee:login->ff-gggg.bb.dddddd.eee:1022 (ESTABLISHED)

[...]

At least at v3.66, that only works giving the port as a number, not as
a service name.  Would it be possible to have it accept either, or does
the current version already do that?

That aside, it's a fantastic program, a huge help in diagnosing all manner
of nonsense.

I did "fuser" from scratch once for an SVR2'ish system (w/o kernel source),
so I dimly appreciate the degree of digging involved...

--
ftp> get |fortune
377 I/O error: smart remark generator failed

Bogonics: the primary language inside the Beltway


 
 
 

socket question - which process opened a socket?

Post by Vic Abe » Fri, 23 Jan 1998 04:00:00



Quote:>[Posted and mailed]
>At least at v3.66, that only works giving the port as a number, not as
>a service name.  Would it be possible to have it accept either, or does
>the current version already do that?

Not quite; at lsof 3.66 one had to specify the protocol -- TCP or
UDP -- for the service name.  That restriction was eased at lsof
4.02 by having it look for names under both protocols, complaining
only when it finds names under both protocols with different port
numbers.

The current lsof revision is 4.23 -- a long way from 3.66.  It may
be found at:

        ftp://vic.cc.purdue.edu/pub/tools/unix/lsof