Friday, August 26, 2016

netstat No -p option

Get inode and port relationship 
#cat /proc/net/tcp
  sl  local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode                                         
   0: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 2495 1 ce037b40 100 0 0 10 -1                 
   1: 0100007F:177A 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 2807 1 ce036940 100 0 0 10 -1                 
   2: 0100007F:177B 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 3244 1 ce036dc0 100 0 0 10 -1                 
   3: 652910AC:0016 A72810AC:CFF8 01 00000034:00000000 01:00000026 00000000     0        0 2793 3 ce036040 39 4 11 10 -1                 
   4: 652910AC:0016 A72810AC:CFF9 01 00000000:00000000 00:00000000 00000000     0        0 2801 1 ce0364c0 24 4 25 10 -1                 
   5: 652910AC:0016 A72810AC:D03A 01 00000000:00000000 00:00000000 00000000     0        0 3239 1 ce037240 24 4 25 10 -1                 
   6: 652910AC:0016 A72810AC:D039 01 00000000:00000000 00:00000000 00000000     0        0 3231 1 ce0376c0 25 4 1 10 -1

Find out inode and process relationship
#find /proc/*/fd | xargs ls -l | grep socket | grep proc
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1040/fd/4 -> socket:[2258]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1040/fd/7 -> socket:[2261]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1040/fd/8 -> socket:[2262]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1049/fd/3 -> socket:[2300]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1052/fd/3 -> socket:[2303]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1100/fd/10 -> socket:[2354]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1100/fd/9 -> socket:[2024]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1101/fd/10 -> socket:[2355]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1101/fd/9 -> socket:[2024]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1258/fd/3 -> socket:[2490]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1258/fd/4 -> socket:[2495]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1352/fd/5 -> socket:[2708]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1399/fd/3 -> socket:[2490]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1399/fd/5 -> socket:[2793]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1399/fd/7 -> socket:[2807]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1400/fd/3 -> socket:[2490]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/1400/fd/5 -> socket:[2801]
lrwx------    1 root     root            64 Aug 26 12:49 /proc/1575/fd/3 -> socket:[2490]
lrwx------    1 root     root            64 Aug 26 12:49 /proc/1575/fd/5 -> socket:[3231]
lrwx------    1 root     root            64 Aug 26 12:49 /proc/1575/fd/7 -> socket:[3244]
lrwx------    1 root     root            64 Aug 26 12:49 /proc/1576/fd/3 -> socket:[2490]
lrwx------    1 root     root            64 Aug 26 12:49 /proc/1576/fd/5 -> socket:[3239]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/931/fd/4 -> socket:[1994]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/931/fd/5 -> socket:[1995]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/931/fd/8 -> socket:[2023]
lrwx------    1 root     root            64 Aug 26 12:44 /proc/931/fd/9 -> socket:[2024]
Find out PID of a process
#ps -axl | grep 1400
Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html
1     0  1400  1258  20   0   2440  1208 poll_s Ss   ?          0:00 dropbear
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)