在 Linux 上有效测试端口是否打开?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9609130/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Efficiently test if a port is open on Linux?
提问by Aman Jain
From a bash script how can I quickly find out whether a port 445is open/listening on a server.
从 bash 脚本如何快速找出端口是否445在服务器上打开/侦听。
I have tried a couple of options, but I want something quick:
1. lsof -i :445(Takes seconds)
2. netstat -an |grep 445 |grep LISTEN(Takes seconds)
3. telnet(it doesn't return)
4. nmap, netcatare not available on the server
我尝试了几个选项,但我想要一些快速的:
1. lsof -i :445(需要几秒钟)
2. netstat -an |grep 445 |grep LISTEN(需要几秒钟)
3. telnet(它不返回)
4. nmap,netcat在服务器上不可用
It will be nice to know of a way that doesn't enumerate first and greps after that.
很高兴知道一种不先枚举然后不枚举的方法。
采纳答案by Spencer Rathbun
A surprise I found out recently is that Bash natively supports tcp connections as file descriptors. To use:
我最近发现的一个惊喜是 Bash 本身支持tcp 连接作为文件描述符。使用:
exec 6<>/dev/tcp/ip.addr.of.server/445
echo -e "GET / HTTP/1.0\n" >&6
cat <&6
I'm using 6 as the file descriptor because 0,1,2 are stdin, stdout, and stderr. 5 is sometimes used by Bash for child processes, so 3,4,6,7,8, and 9 should be safe.
我使用 6 作为文件描述符,因为 0、1、2 是标准输入、标准输出和标准错误。5 有时被Bash 用于子进程,因此 3、4、6、7、8 和 9 应该是安全的。
As per the comment below, to test for listening on a local serverin a script:
根据下面的评论,在脚本中测试在本地服务器上的监听:
exec 6<>/dev/tcp/127.0.0.1/445 || echo "No one is listening!"
exec 6>&- # close output connection
exec 6<&- # close input connection
To determine if someone is listening, attempt to connect by loopback. If it fails, then the port is closed or we aren't allowed access. Afterwards, close the connection.
要确定是否有人在侦听,请尝试通过回送进行连接。如果失败,则端口已关闭或不允许我们访问。之后,关闭连接。
Modify this for your use case, such as sending an email, exiting the script on failure, or starting the required service.
针对您的用例修改此设置,例如发送电子邮件、失败时退出脚本或启动所需的服务。
回答by andrew cooke
they're listed in /proc/net/tcp.
它们列在 /proc/net/tcp 中。
it's the second column, after the ":", in hex:
它是第二列,在“:”之后,以十六进制表示:
> cat /proc/net/tcp
sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode
0: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 10863 1 ffff88020c785400 99 0 0 10 -1
1: 0100007F:0277 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 7983 1 ffff88020eb7b3c0 99 0 0 10 -1
2: 0500010A:948F 0900010A:2328 01 00000000:00000000 02:00000576 00000000 1000 0 10562454 2 ffff88010040f7c0 22 3 30 5 3
3: 0500010A:E077 5F2F7D4A:0050 01 00000000:00000000 02:00000176 00000000 1000 0 10701021 2 ffff880100474080 41 3 22 10 -1
4: 0500010A:8773 16EC97D1:0050 01 00000000:00000000 02:00000BDC 00000000 1000 0 10700849 2 ffff880104335440 57 3 18 10 -1
5: 0500010A:8772 16EC97D1:0050 01 00000000:00000000 02:00000BF5 00000000 1000 0 10698952 2 ffff88010040e440 46 3 0 10 -1
6: 0500010A:DD2C 0900010A:0016 01 00000000:00000000 02:0006E764 00000000 1000 0 9562907 2 ffff880104334740 22 3 30 5 4
7: 0500010A:AAA4 6A717D4A:0050 08 00000000:00000001 02:00000929 00000000 1000 0 10696677 2 ffff880106cc77c0 45 3 0 10 -1
so i guess one of those :50in the third column must be stackoverflow :o)
所以我猜:50第三列中的其中一个必须是 stackoverflow :o)
look in man 5 procfor more details. and picking that apart with sed etc is left as an exercise for the gentle reader...
查看man 5 proc更多详细信息。并用 sed 等将其分开作为温和读者的练习......
回答by anubhava
You can use netstat this way for much faster results:
您可以通过这种方式使用 netstat 以获得更快的结果:
On Linux:
在 Linux 上:
netstat -lnt | awk ' == "LISTEN" && ~ /\.445$/'
On Mac:
在 Mac 上:
netstat -anp tcp | awk ' == "LISTEN" && ~ /\.445$/'
This will output a list of processes listening on the port (445 in this example) or it will output nothing if the port is free.
这将输出侦听端口的进程列表(在本例中为 445),或者如果端口空闲则不输出任何内容。
回答by anubhava
There's a very short with "fast answer" here : How to test if remote TCP port is opened from Shell script?
这里有一个非常简短的“快速答案”:如何测试是否从 Shell 脚本打开了远程 TCP 端口?
nc -z <host> <port>; echo $?
I use it with 127.0.0.1 as "remote" address.
我将它与 127.0.0.1 一起用作“远程”地址。
this returns "0" if the port is open and "1" if the port is closed
如果端口打开则返回“0”,如果端口关闭则返回“1”
e.g.
例如
nc -z 127.0.0.1 80; echo $?
-zSpecifies that nc should just scan for listening daemons, without sending any data to them. It is an error to use this option in conjunc- tion with the -l option.
-z指定 nc 应该只扫描监听守护进程,而不向它们发送任何数据。将此选项与 -l 选项结合使用是错误的。
回答by leucos
ss -tl4 '( sport = :22 )'
2ms is quick enough ?
2ms够快吗?
Add the colon and this works on Linux
添加冒号,这适用于 Linux
回答by Artur Bodera
Here's one that works for both Mac and Linux:
这是一个适用于 Mac 和 Linux 的方法:
netstat -aln | awk ' == "LISTEN" && ~ "[\.\:]445$"'
回答by Tony
You can use netcat for this.
您可以为此使用 netcat。
nc ip port < /dev/null
connects to the server and directly closes the connection again. If netcat is not able to connect, it returns a non-zero exit code. The exit code is stored in the variable $?. As an example,
连接到服务器,直接再次关闭连接。如果 netcat 无法连接,它会返回一个非零退出代码。退出代码存储在变量 $? 中。举个例子,
nc ip port < /dev/null; echo $?
will return 0 if and only if netcat could successfully connect to the port.
当且仅当 netcat 可以成功连接到端口时,才会返回 0。
回答by Jose Enrique
nc -l 8000
Where 8000 is the port number. If the port is free, it will start a server that you can close easily. If it isn't it will throw an error:
其中 8000 是端口号。如果端口空闲,它将启动一个您可以轻松关闭的服务器。如果不是,它会抛出一个错误:
nc: Address already in use
回答by Noz
If you're using iptables try:
如果您使用的是 iptables,请尝试:
iptables -nL
or
或者
iptables -nL | grep 445
回答by zainengineer
nmapis the right tool.
Simply use nmap example.com -p 80
nmap是正确的工具。只需使用nmap example.com -p 80
You can use it from local or remote server. It also helps you identify if a firewall is blocking the access.
您可以从本地或远程服务器使用它。它还可以帮助您确定防火墙是否阻止访问。
