Question

ports in use and programs using them

Asked by: firepol

I need a command that I can type on a single line that will show me all the ports in use and the name of the programs (eventually also the path) using them.

I searched EE and found some similar questions but without the solution I need:
http://www.experts-exchange.com/Operating_Systems/Solaris/Q_21185151.html
http://www.experts-exchange.com/Operating_Systems/Unix/Q_20887412.html

I cannot install lsof, nor I can install other software. I'm looking for a solution that I can use on every solaris machine (mostly solaris 9 or 8, but if it works also on solaris 7 it would be great) I will access without installing anything.

To make you better understand what I neet: under ubuntu linux I can achieve my goal by issuing this command:

netstat -lpn

which gives me a list like this:

root@myserver:/etc/apt # netstat -lpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN     11883/mysqld
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN     6512/smbd
tcp        0      0 0.0.0.0:5901            0.0.0.0:*               LISTEN     6770/Xtightvnc
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN     6546/dovecot
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN     6732/apache
tcp        0      0 0.0.0.0:6001            0.0.0.0:*               LISTEN     6770/Xtightvnc
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     6375/inetd
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN     6512/smbd
tcp6       0      0 :::22                 :::*                    LISTEN     6531/sshd
...
the list goes on giving me also the active sockets...

This list is very nice as it showes the "local address" (=port) and the "program name" which is what I need to see.

under solaris:

netstat -an gives me a list which is quite unusable and no program name is showed.

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2006-02-23 at 01:29:33ID21748267
Tags

solaris

,

ports

,

use

Topic

Sun Solaris

Participating Experts
3
Points
500
Comments
20

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Solaris netstat
    Using netstat on Solaris I can see the connections but not the users that own the connections. Linux's netstat has an option -e to show which user owns which connection. How do i do that on Solaris ? Thanks
  2. netstat
    1. What is the meaning of each entry of the below? C:\WINDOWS\COMMAND>netstat Active Connections Proto Local Address Foreign Address State TCP a4p9s7:1028 localhost.ccs.yorku.ca:135 ESTABLISHED TCP a4p9s7:135 localhost.ccs.yorku.ca:1028 ESTABLISHED ...
  3. netstat
    hi All, I have winxp with SP2 and the firewall is on, I use some downloading programs like IMesh, but when I open this program and without making any downloading or searching, I can see some transactions. When I used netstat -an command, I found alot of established connect...
  4. Remote netstat
    Hi all, is there any way to run a netstat on a remote pc. So that you would get the same kind of feedback as you would from netstat -a, but for a provided IP. Thanks

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: NukfrorPosted on 2006-02-23 at 06:23:48ID: 16028926

Unfortunately there is nothing default application in Solaris that gives you quickly the one-liner you are looking for.  The closest thing there is is pfiles.  But with pfiles you have to run it against every application running on the system and parse the output looking for open ports.

Basically what you saw here http://www.experts-exchange.com/Operating_Systems/Solaris/Q_20887412.html posted by yuzh.

 

by: firepolPosted on 2006-02-23 at 06:32:21ID: 16029005

Well, even if it is more than one line it would be ok.

If I have to type 2-3 lines of code (I guess a shell script) it could be a solution.

It would be better to be able to learn the code by heart, but also print it, keep it in my wallet and type it in a shell everytime I need it could be ok.

It's not an operation I have to do very often, but when I need to do it (for work, when I go to a customer and I cannot install software for internal policies/security etc.) I need to quickly find out all the listening ports and which program uses them.

 

by: dpiniellaPosted on 2006-02-23 at 07:38:05ID: 16029756

could you install it on a usb drive you could then mount? that'd probably be more ideal anyway -- you'd want to use a known-trusted drive, something that you know hasn't been modified.

 

by: firepolPosted on 2006-02-23 at 07:48:20ID: 16029895

dpiniella: I don't have physical access to the machines. I usually connect via SSH.

I can also get root access but 'm not allowed to install third party applications, thus even if you suggested me to download a file via wget and run it I'm not sure would work (as wget is not installed) or be allowed (because of firewalls).

 

by: NukfrorPosted on 2006-02-23 at 08:53:48ID: 16030719

I posted the wrong URL to the page.  It should have been http://www.experts-exchange.com/Operating_Systems/Solaris/Q_21185151.html.  I modified the script a bit to make its output cleaner and so that it doesn't prompt you for a port:

#!/usr/bin/ksh

for pid in `ps -ef -o pid | tail +2`
do
  foundport=`pfiles $pid 2>&1 | grep "sockname: AF_INET" | grep -v "port: 0" | awk '{print $NF}'`
  if [ "$foundport" != "" ]; then
    foundproc=`pfiles $pid 2>&1 | grep "^$pid:"`
    echo "$foundproc\n$foundport"
  fi
done

exit

Obvious issues are some applications have multiple file descriptors points at an open port - perfectly normal depending on how the application is written.  This script doesn't tell you what type of port it is e.g. TCP vs UDP - working on that piece.

 

by: firepolPosted on 2006-02-23 at 10:47:25ID: 16031805

Nukfror: thank you, you are very close to achieve my goal: your script is evry useful, I just need to copy/paste it in a shell so I don't need to install anything.

Anyway for some of ports it doesn't give the program name... is it a limitation of solaris (i tried it as root user)?

If you can improve the script a bit, the 500 points are yours ;)

 

by: NukfrorPosted on 2006-02-23 at 10:53:58ID: 16031857

I'm working on it.  Adding logic to show TCP vs UDP socket type.

 

by: NukfrorPosted on 2006-02-23 at 11:35:02ID: 16032298

port_list.ksh:

#!/usr/bin/ksh

A='
/^[1-9]/{
   print $0
}

/SOCK_STREAM/{
   sock_type="TCP"
}

/SOCK_DGRAM/{
   sock_type="UDP"
}

/sockname: AF_INET/{
   # bind_ip=$3
   # port=$5
   printf("    %s%s%s %s\n", $5, "/", sock_type, $3)
}
'

for pid in $(ps -ef -o pid | tail +2)
do
  pfiles $pid 2>&1 | nawk "$A"
done


Sample output below.  Under each process is a list of the file descriptors that are attached to network sockets that are either TCP or UDP.  You'll see some cases of stuff like "0/UDP 0.0.0.0" or whatever.  Can't say why this is.  You'll also see cases of an app listing the same network socket on multiple file descriptors - perfectly normal.

bash-3.00# ksh sean.ksh
1:      /sbin/init
2:      pageout
3:      fsflush
212:    /usr/lib/saf/ttymon -g -d /dev/console -l console -T sun -m ldterm,ttc
7:      /lib/svc/bin/svc.startd
9:      /lib/svc/bin/svc.configd
183:    /usr/lib/efcode/sparcv9/efdaemon
246:    /usr/sbin/cron
525:    /usr/sfw/sbin/snmpd
    161/UDP 0.0.0.0
    32809/UDP 0.0.0.0
    32811/UDP 0.0.0.0
    0/UDP 0.0.0.0
    0/UDP 0.0.0.0
    0/UDP 0.0.0.0
194:    /usr/sbin/rpcbind
220:    /usr/sbin/keyserv
13658:  /usr/lib/inet/inetd start
    7100/TCP ::
    79/TCP ::
    21/TCP ::
    513/TCP ::
    514/TCP 0.0.0.0
    514/TCP ::
    23/TCP ::
    34210/UDP 0.0.0.0
110:    /usr/lib/picl/picld
226:    /usr/lib/saf/ttymon
<snip>

 

by: firepolPosted on 2006-02-23 at 16:08:47ID: 16034752

I will check it at work, but just as fast feedback it seems that it shows also processes that are not listening to any port, which could be confsing...

anyway I'll try at work on different solaris distributions and let you know the results. Thanks so far

 

by: yuzhPosted on 2006-02-23 at 17:51:43ID: 16035266

Here's my old script:

#!/bin/ksh

# Look at all process
for pid in `ps -ef -o pid | tail +2`
do
  foundport=`pfiles $pid 2>&1 | grep "sockname:" | grep "port:" | awk '{print $NF}'`
  if [ "$foundport" != "" ]; then
    foundproc=`pfiles $pid 2>&1 | grep "^$pid:"`
    echo "$foundproc, $foundport" | tr "\012" " "
    echo
  fi
done
exit
#-----------------------------------------------------------------------

 

by: NukfrorPosted on 2006-02-23 at 19:54:40ID: 16035855

Yuzh, yes the original script was based on your ksh script - due credit has been given but I've modified it a bit.

firepol, your comment is true but minor IMHO.  The logic of the nawk script could be modified to account for that but it would make the logic a bit heavier - nothing tragic but heavier.

 

by: yuzhPosted on 2006-02-23 at 21:34:16ID: 16036218

Nukfror,
     please feel free to modify the script. the scrpt you got from EE is for finding what processes are running for a particular port.

    Is not the same as http:#16035266

the sample output the the above script looks like:

470:    /bin/ksh /usr/dt/bin/Xsession, 32785
480:    /usr/openwin/bin/fbconsole, 32785
484:    /usr/openwin/bin/speckeysd, 32785
512:    /usr/dt/bin/dsdm, 32785
513:    /usr/dt/bin/sdt_shell -c       unset DT;      DISPLAY=:0;        /usr/, 32785
27850:  dtfile -noview, 35376
27847:  dtfile -noview, 35376

PS: the format is:
      PID     process  port-number


Have a nice weekend to all of you.

 

by: firepolPosted on 2006-02-24 at 00:52:01ID: 16036814

Nukfor: I tried your script at work. On solaris 7 pfiles cannot be found. But I tried it on solaris 8 and on solaris 9 and it works, but it doesn't show UDP or TCP...

I run it as follows: I enter via SSH,
su -
ksh
then i paste your script from A=' ... till done

here a sample of output that I get:

1:      /etc/init -
2:      pageout
3:      fsflush
262:    /usr/lib/saf/sac -t 300
265:    /usr/lib/saf/ttymon
166:    /usr/lib/autofs/automountd
51:     /usr/lib/sysevent/syseventd
59:     /usr/lib/picl/picld
121:    /usr/sbin/rpcbind
200:    /usr/lib/power/powerd
157:    /usr/lib/nfs/lockd
155:    /usr/lib/nfs/statd
    0/ 0.0.0.0
142:    /usr/sbin/inetd -s
    37/ ::
    37/ ::
    7/ ::
    7/ ::
    9/ ::
    9/ ::
    13/ ::
    13/ ::
    19/ ::
    19/ ::
    7100/ ::
    6112/ ::
    32773/ 0.0.0.0
    515/ ::
    514/ 0.0.0.0
    514/ ::
    513/ ::
    512/ 0.0.0.0
    512/ ::
    512/ 0.0.0.0
    517/ 0.0.0.0
    79/ ::
    42/ 0.0.0.0
    23/ ::
    21/ ::
256:    /usr/sbin/vold
241:    /usr/lib/snmp/snmpdx -y -c /etc/snmp/conf
    161/ 0.0.0.0
    32791/ 0.0.0.0
    32792/ 0.0.0.0
178:    /usr/sbin/syslogd
191:    /usr/sbin/cron
196:    /usr/sbin/nscd
213:    /usr/sadm/lib/wbem/cimomboot start
    5987/ 0.0.0.0
212:    /usr/lib/utmpd
269:    /usr/dt/bin/dtlogin -daemon
251:    /usr/lib/dmi/snmpXdmid -s sunu2-115
    32796/ 0.0.0.0
235:    /usr/lib/sendmail -Ac -q15m
236:    /usr/lib/sendmail -bd -q15m
    25/ 0.0.0.0
    25/ ::
    587/ 0.0.0.0
250:    /usr/dt/bin/dtlogin -daemon
    177/ ::
    32781/ 0.0.0.0
263:    /usr/lib/saf/ttymon -g -h -p sunu2-115 console login:  -T sun -d /dev/
249:    /usr/lib/dmi/dmispd
268:    /usr/lib/ssh/sshd
    22/ ::
266:    /usr/openwin/bin/Xsun :0 -nobanner -auth /var/dt/A:0-fIaqFa
    0/ ::
    6000/ ::
    0/ ::
15481:  ora_cjq0_pilsner
271:    mibiisa -r -p 32790
    32790/ 0.0.0.0
283:    dtgreet -display :0
17532:  oracledrake (LOCAL=NO)
    0/ 0.0.0.0
    1521/ 192.168.41.115
10946:  ora_ckpt_becks
26353:  /opt/mqm/bin/amqzdmaa -m IBST
28862:  oracledrake (LOCAL=NO)
    0/ 0.0.0.0
    1521/ 192.168.41.115
11752:  amqzllp0 -mIBSTPQ ?
22151:  /usr/local/samba/sbin/smbd -D -s/usr/local/samba/lib/smb.conf
    445/ 0.0.0.0
    139/ 0.0.0.0
15485:  ora_arc1_pilsner
26361:  runmqlsr -m IBST -t TCP -p 1415
    1415/ 0.0.0.0
15469:  ora_dbw0_pilsner
28972:  ora_arc1_drake
2025:   oracledrake (LOCAL=NO)
    0/ 0.0.0.0
    1521/ 192.168.41.115
11750:  /opt/mqm/bin/amqzfuma -m IBSTPQ
13512:  in.tnamed
    42/ 0.0.0.0
    42/ 0.0.0.0
    42/ 0.0.0.0
10972:  fs
    7100/ ::
    7100/ ::
28948:  ora_pmon_drake
    51227/ 127.0.0.1
    0/ 0.0.0.0
    56702/ 192.168.41.115
5576:   amqzlaa0 -mIBSTPQ -fip734
21827:  /usr/java1.4/bin/java -server -Xms32m -Xmx32m -Dlog.level=debug com.so
    6767/ 0.0.0.0
    41129/ 0.0.0.0
10960:  ora_arc0_becks
11796:  /opt/mqm/bin/amqrmppa -m IBSTPQ
    1414/ 192.168.41.115
24053:  oracledrake (LOCAL=NO)
    0/ 0.0.0.0
    1521/ 192.168.41.115
15471:  ora_lgwr_pilsner
26352:  /opt/mqm/bin/amqrrmfa -t2332800 -s2592000 -p2592000 -g5184000 -c3600 -
10962:  ora_arc1_becks
10942:  ora_dbw0_becks
28968:  ora_arc0_drake
15479:  ora_reco_pilsner
11753:  /opt/mqm/bin/amqrrmfa -t2332800 -s2592000 -p2592000 -g5184000 -c3600 -
28314:  in.telnetd
15467:  ora_pmon_pilsner
    42945/ 127.0.0.1
    0/ 0.0.0.0
    56700/ 192.168.41.115
10958:  ora_cjq0_becks
26355:  amqzlaa0 -mIBST -fip0
15477:  ora_smon_pilsner
8586:   /usr/java1.4/bin/java -server -Xms32m -Xmx32m com.so.ib.or
    45453/ 192.168.41.115
    45439/ 0.0.0.0
15483:  ora_arc0_pilsner
10944:  ora_lgwr_becks
28950:  ora_dbw0_drake
11756:  amqzlaa0 -mIBSTPQ -fip0
25023:  /usr/local/samba/sbin/nmbd -D -s/usr/local/samba/lib/smb.conf
    137/ 0.0.0.0
    138/ 0.0.0.0
    137/ 192.168.41.115
    138/ 192.168.41.115
11754:  /opt/mqm/bin/amqzdmaa -m IBSTPQ
11761:  runmqlsr -m IBSTPQ -t TCP -p 1414
    1414/ 0.0.0.0
26348:  amqzxma0 -m IBST
26360:  amqpcsea IBST
26354:  /opt/mqm/bin/runmqchi -m IBST
26351:  amqzllp0 -mIBST ?
11749:  amqzxma0 -m IBSTPQ
26349:  /opt/mqm/bin/amqzfuma -m IBST
28954:  ora_ckpt_drake
28964:  ora_reco_drake
28966:  ora_cjq0_drake
26765:  /ora01/app/oracle/product/9.2.0/bin/tnslsnr LISTENER -inherit
    0/ 0.0.0.0
    1521/ 192.168.41.115
    1521/ 192.168.41.115
    1521/ 192.168.41.115
    1521/ 192.168.41.115
26350:  amqhasmx IBST /var/mqm
26362:  /opt/mqm/bin/amqrmppa -m IBST
    1415/ 192.168.41.115
11758:  amqpcsea IBSTPQ
28316:  -bash
15475:  ora_ckpt_pilsner
28952:  ora_lgwr_drake
12470:  /usr/java/bin/../bin/sparc/native_threads/java -Xms32m -Xmx32m com.sob
    6763/ 0.0.0.0
    38082/ 0.0.0.0
8615:   oracledrake (LOCAL=NO)
    0/ 0.0.0.0
    1521/ 192.168.41.115
29897:  -bash
27013:  amqzlaa0 -mIBST -fip8
22152:  /usr/local/samba/sbin/smbd -D -s/usr/local/samba/lib/smb.conf
11755:  /opt/mqm/bin/runmqchi -m IBSTPQ
11751:  amqhasmx IBSTPQ /var/mqm
10952:  ora_reco_becks
28956:  ora_smon_drake
10948:  ora_smon_becks
141:    ksh
10936:  ora_pmon_becks
    49571/ 127.0.0.1
    0/ 0.0.0.0
    56701/ 192.168.41.115


yuzh: I tired your script and it gives me this output:

155:    /usr/lib/nfs/statd, 0
142:    /usr/sbin/inetd -s, 37 37 7 7 9 9 13 13 19 19 7100 6112 32773 515 514 514 513 512 512 512 517 79 42 23 21
241:    /usr/lib/snmp/snmpdx -y -c /etc/snmp/conf, 161 32791 32792
213:    /usr/sadm/lib/wbem/cimomboot start, 5987
251:    /usr/lib/dmi/snmpXdmid -s sunu2-115, 32796
236:    /usr/lib/sendmail -bd -q15m, 25 25 587
250:    /usr/dt/bin/dtlogin -daemon, 177 32781
268:    /usr/lib/ssh/sshd, 22
266:    /usr/openwin/bin/Xsun :0 -nobanner -auth /var/dt/A:0-fIaqFa, 0 6000 0
271:    mibiisa -r -p 32790, 32790
17532:  oracledrake (LOCAL=NO), 0 1521
28862:  oracledrake (LOCAL=NO), 0 1521
22151:  /usr/local/samba/sbin/smbd -D -s/usr/local/samba/lib/smb.conf, 445 139
26361:  runmqlsr -m IBST -t TCP -p 1415, 1415
2025:   oracledrake (LOCAL=NO), 0 1521
13512:  in.tnamed, 42 42 42
10972:  fs, 7100 7100
28948:  ora_pmon_drake, 51227 0 56702
21827:  /usr/java1.4/bin/java -server -Xms32m -Xmx32m -Dlog.level=debug com.so, 6767 41129
11796:  /opt/mqm/bin/amqrmppa -m IBSTPQ                                       , 1414
24053:  oracledrake (LOCAL=NO), 0 1521
15467:  ora_pmon_pilsner, 42945 0 56700
8586:   /usr/java1.4/bin/java -server -Xms32m -Xmx32m com.so.ib.or, 45453 45439
25023:  /usr/local/samba/sbin/nmbd -D -s/usr/local/samba/lib/smb.conf, 137 138 137 138
11761:  runmqlsr -m IBSTPQ -t TCP -p 1414, 1414
26765:  /ora01/app/oracle/product/9.2.0/bin/tnslsnr LISTENER -inherit, 0 1521 1521 1521 1521
26362:  /opt/mqm/bin/amqrmppa -m IBST                                         , 1415
12470:  /usr/java/bin/../bin/sparc/native_threads/java -Xms32m -Xmx32m com.sob, 6763 38082
8615:   oracledrake (LOCAL=NO), 0 1521
10936:  ora_pmon_becks, 49571 0 56701


Both scripts work, but I personally prefear the yuzh' one (because the output is shorter and cleaner), so I guess I'll split the points.

Nukfor, anyway I'd like to figure out why I don't get the UDP/TCP details that you added.

 

by: NukfrorPosted on 2006-02-24 at 07:43:08ID: 16039154

Ahhh ! Sorry I developed the script on Solaris 10 :)  My apologies. pfiles output has been updated as time has gone on.  Can you post output from your Solaris 8 and Solaris 9 pfiles output ?

In Solaris 10, you can tell TCP from UDP by looking for AF_INET on a file descriptor.  If this AF_INET socket has SOCK_STREAM on it, then its a TCP socket.  If SOCK_DGRAM, then its a UDP socket.  It may not be possible to get UDP/TCP info from Solaris 8 / 9 :(

 

by: firepolPosted on 2006-02-24 at 09:09:10ID: 16040102

Nukfror: The output I posted above is from solaris 8 and 9.

Don't worry, UDP/TCP is not a feature that I required.

Actually I'm satisfied with both the solutions provided by yuzh and you. Well your solution gives a longer list, not so clean to see, but it works.

If you won't work on it anymore I'll close the question and split the points right now. If you are still working on it I'll wait.

I'm not in a rush, I'll check on monday at work if there is any progress. If not I'll close the question.

Thanks again and have a nice weekend.

 

by: NukfrorPosted on 2006-02-24 at 09:26:53ID: 16040296

No, I meant the physical output from pfiles on Solaris 8 and Solaris 9.  Not the pfiles output run through either version of the script.

Granted, the output is a matter of need and personal preference.

 

by: firepolPosted on 2006-02-24 at 12:01:50ID: 16041729

On Solaris 8:

pfiles
usage:  pfiles [-F] pid ...
  (report open files of each process)
  -F: force grabbing of the target process

On Solaris 9 same thing...

If you want give me a more precise comamnd for pfiles and I'll try it.

 

by: NukfrorPosted on 2006-02-24 at 13:13:55ID: 16042404

ps -ef | grep inetd

Get the PID of inetd and run:

pfiles <PID of inetd>

 

by: firepolPosted on 2006-02-24 at 13:21:48ID: 16042492

On a Solaris 8 I get:

bash-2.03# pfiles 143
143:    /usr/sbin/inetd -s
  Current rlimit: 1024 file descriptors
   0: S_IFDIR mode:0755 dev:136,0 ino:2 uid:0 gid:0 size:1024
      O_RDONLY
   1: S_IFDIR mode:0755 dev:136,0 ino:2 uid:0 gid:0 size:1024
      O_RDONLY
   2: S_IFDIR mode:0755 dev:136,0 ino:2 uid:0 gid:0 size:1024
      O_RDONLY
  11: S_IFSOCK mode:0666 dev:220,0 ino:15982 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 21
  12: S_IFSOCK mode:0666 dev:220,0 ino:15982 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 23
  13: S_IFSOCK mode:0666 dev:220,0 ino:15981 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 42
  14: S_IFSOCK mode:0666 dev:220,0 ino:15980 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 514
  15: S_IFSOCK mode:0666 dev:220,0 ino:15979 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 514
  16: S_IFSOCK mode:0666 dev:220,0 ino:15978 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 513
  17: S_IFSOCK mode:0666 dev:220,0 ino:15977 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 512
  18: S_IFSOCK mode:0666 dev:220,0 ino:15977 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 512
  19: S_IFSOCK mode:0666 dev:220,0 ino:15976 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 512
  20: S_IFSOCK mode:0666 dev:220,0 ino:15975 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 517
  21: S_IFSOCK mode:0666 dev:220,0 ino:15974 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 540
  22: S_IFSOCK mode:0666 dev:220,0 ino:15973 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 79
  23: S_IFSOCK mode:0666 dev:220,0 ino:15972 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 37
  24: S_IFSOCK mode:0666 dev:220,0 ino:15972 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 37
  25: S_IFSOCK mode:0666 dev:220,0 ino:15971 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 7
  26: S_IFSOCK mode:0666 dev:220,0 ino:15970 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 7
  27: S_IFSOCK mode:0666 dev:220,0 ino:15969 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 9
  28: S_IFSOCK mode:0666 dev:220,0 ino:15968 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 9
  29: S_IFSOCK mode:0666 dev:220,0 ino:15968 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 13
  30: S_IFSOCK mode:0666 dev:220,0 ino:21310 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 13
  31: S_IFSOCK mode:0666 dev:220,0 ino:21310 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 19
  32: S_IFSOCK mode:0666 dev:220,0 ino:21309 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 19
  33: S_IFCHR mode:0000 dev:136,0 ino:20776 uid:0 gid:0 rdev:41,37
      O_RDWR
  34: S_IFCHR mode:0000 dev:136,0 ino:20772 uid:0 gid:0 rdev:41,36
      O_RDWR
  35: S_IFCHR mode:0000 dev:136,0 ino:20771 uid:0 gid:0 rdev:105,14
      O_RDWR
  36: S_IFCHR mode:0000 dev:136,0 ino:20770 uid:0 gid:0 rdev:41,35
      O_RDWR
  37: S_IFCHR mode:0000 dev:136,0 ino:20769 uid:0 gid:0 rdev:105,15
      O_RDWR
  38: S_IFCHR mode:0000 dev:136,0 ino:20768 uid:0 gid:0 rdev:42,34
      O_RDWR
  39: S_IFCHR mode:0000 dev:136,0 ino:22222 uid:0 gid:0 rdev:105,16
      O_RDWR
  40: S_IFCHR mode:0000 dev:136,0 ino:22221 uid:0 gid:0 rdev:105,17
      O_RDWR
  41: S_IFCHR mode:0000 dev:136,0 ino:22222 uid:0 gid:0 rdev:41,33
      O_RDWR
  42: S_IFCHR mode:0000 dev:136,0 ino:22220 uid:0 gid:0 rdev:105,18
      O_RDWR
  43: S_IFCHR mode:0000 dev:136,0 ino:22218 uid:0 gid:0 rdev:41,32
      O_RDWR
  44: S_IFCHR mode:0000 dev:136,0 ino:22218 uid:0 gid:0 rdev:105,19
      O_RDWR
  45: S_IFCHR mode:0000 dev:136,0 ino:22216 uid:0 gid:0 rdev:41,31
      O_RDWR
  46: S_IFCHR mode:0000 dev:136,0 ino:22216 uid:0 gid:0 rdev:105,20
      O_RDWR
  47: S_IFCHR mode:0000 dev:136,0 ino:22214 uid:0 gid:0 rdev:42,29
      O_RDWR
  48: S_IFCHR mode:0000 dev:136,0 ino:22212 uid:0 gid:0 rdev:42,28
      O_RDWR
  49: S_IFSOCK mode:0666 dev:220,0 ino:21308 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 7100
  50: S_IFCHR mode:0000 dev:136,0 ino:22211 uid:0 gid:0 rdev:42,26
      O_RDWR
  51: S_IFSOCK mode:0666 dev:220,0 ino:21307 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET6 ::  port: 515
  52: S_IFCHR mode:0000 dev:136,0 ino:22210 uid:0 gid:0 rdev:105,21
      O_RDWR
  53: S_IFSOCK mode:0666 dev:220,0 ino:21306 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 6112
  54: S_IFSOCK mode:0666 dev:220,0 ino:21305 uid:0 gid:0 size:0
      O_RDWR
        sockname: AF_INET 0.0.0.0  port: 32779
  55: S_IFCHR mode:0000 dev:136,0 ino:22209 uid:0 gid:0 rdev:105,22
      O_RDWR
  56: S_IFCHR mode:0000 dev:136,0 ino:22208 uid:0 gid:0 rdev:105,23
      O_RDWR
  57: S_IFCHR mode:0000 dev:136,0 ino:21983 uid:0 gid:0 rdev:105,24
      O_RDWR
  58: S_IFCHR mode:0000 dev:136,0 ino:21982 uid:0 gid:0 rdev:105,25
      O_RDWR




On a Solaris 9 I get:

# pfiles 144
144:    /usr/sbin/inetd -s
  Current rlimit: 1024 file descriptors
   0: S_IFDIR mode:0755 dev:136,0 ino:2 uid:0 gid:0 size:512
      O_RDONLY
   1: S_IFDIR mode:0755 dev:136,0 ino:2 uid:0 gid:0 size:512
      O_RDONLY
   2: S_IFDIR mode:0755 dev:136,0 ino:2 uid:0 gid:0 size:512
      O_RDONLY
  11: S_IFSOCK mode:0666 dev:240,0 ino:28442 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 37
  12: S_IFSOCK mode:0666 dev:240,0 ino:28443 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 37
  13: S_IFSOCK mode:0666 dev:240,0 ino:28444 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 7
  14: S_IFSOCK mode:0666 dev:240,0 ino:28445 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 7
  15: S_IFSOCK mode:0666 dev:240,0 ino:28446 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 9
  16: S_IFSOCK mode:0666 dev:240,0 ino:28441 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 9
  17: S_IFSOCK mode:0666 dev:240,0 ino:28440 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 13
  18: S_IFSOCK mode:0666 dev:240,0 ino:28440 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 13
  19: S_IFSOCK mode:0666 dev:240,0 ino:28439 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 19
  20: S_IFSOCK mode:0666 dev:240,0 ino:28438 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 19
  21: S_IFCHR mode:0000 dev:136,0 ino:32707 uid:0 gid:0 rdev:41,49
      O_RDWR FD_CLOEXEC
  22: S_IFSOCK mode:0666 dev:240,0 ino:28437 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET 0.0.0.0  port: 32773
  23: S_IFCHR mode:0000 dev:136,0 ino:32711 uid:0 gid:0 rdev:42,47
      O_RDWR FD_CLOEXEC
  24: S_IFCHR mode:0000 dev:136,0 ino:32706 uid:0 gid:0 rdev:42,46
      O_RDWR FD_CLOEXEC
  25: S_IFSOCK mode:0666 dev:240,0 ino:28436 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 7100
  26: S_IFCHR mode:0000 dev:136,0 ino:32705 uid:0 gid:0 rdev:105,14
      O_RDWR FD_CLOEXEC
  27: S_IFCHR mode:0000 dev:136,0 ino:32704 uid:0 gid:0 rdev:105,15
      O_RDWR FD_CLOEXEC
  28: S_IFCHR mode:0000 dev:136,0 ino:33342 uid:0 gid:0 rdev:41,44
      O_RDWR FD_CLOEXEC
  29: S_IFCHR mode:0000 dev:136,0 ino:33342 uid:0 gid:0 rdev:105,16
      O_RDWR FD_CLOEXEC
  30: S_IFSOCK mode:0666 dev:240,0 ino:28435 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET 0.0.0.0  port: 514
  31: S_IFSOCK mode:0666 dev:240,0 ino:28434 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 514
  32: S_IFSOCK mode:0666 dev:240,0 ino:28433 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 513
  33: S_IFSOCK mode:0666 dev:240,0 ino:28432 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET 0.0.0.0  port: 512
  34: S_IFSOCK mode:0666 dev:240,0 ino:28432 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 512
  35: S_IFSOCK mode:0666 dev:240,0 ino:33278 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET 0.0.0.0  port: 512
  36: S_IFSOCK mode:0666 dev:240,0 ino:33277 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET 0.0.0.0  port: 517
  37: S_IFSOCK mode:0666 dev:240,0 ino:33276 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 79
  38: S_IFCHR mode:0000 dev:136,0 ino:33340 uid:0 gid:0 rdev:41,35
      O_RDWR FD_CLOEXEC
  39: S_IFCHR mode:0000 dev:136,0 ino:33340 uid:0 gid:0 rdev:105,17
      O_RDWR FD_CLOEXEC
  40: S_IFCHR mode:0000 dev:136,0 ino:33338 uid:0 gid:0 rdev:41,34
      O_RDWR FD_CLOEXEC
  41: S_IFCHR mode:0000 dev:136,0 ino:33337 uid:0 gid:0 rdev:105,18
      O_RDWR FD_CLOEXEC
  42: S_IFCHR mode:0000 dev:136,0 ino:33336 uid:0 gid:0 rdev:42,33
      O_RDWR FD_CLOEXEC
  43: S_IFCHR mode:0000 dev:136,0 ino:33335 uid:0 gid:0 rdev:105,19
      O_RDWR FD_CLOEXEC
  44: S_IFCHR mode:0000 dev:136,0 ino:33333 uid:0 gid:0 rdev:105,20
      O_RDWR FD_CLOEXEC
  45: S_IFCHR mode:0000 dev:136,0 ino:33334 uid:0 gid:0 rdev:41,32
      O_RDWR FD_CLOEXEC
  46: S_IFCHR mode:0000 dev:136,0 ino:33332 uid:0 gid:0 rdev:105,21
      O_RDWR FD_CLOEXEC
  47: S_IFCHR mode:0000 dev:136,0 ino:33330 uid:0 gid:0 rdev:41,31
      O_RDWR FD_CLOEXEC
  48: S_IFCHR mode:0000 dev:136,0 ino:33330 uid:0 gid:0 rdev:105,22
      O_RDWR FD_CLOEXEC
  49: S_IFSOCK mode:0666 dev:240,0 ino:33275 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET 0.0.0.0  port: 42
  50: S_IFSOCK mode:0666 dev:240,0 ino:33274 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 23
  51: S_IFSOCK mode:0666 dev:240,0 ino:33273 uid:0 gid:0 size:0
      O_RDWR FD_CLOEXEC
        sockname: AF_INET6 ::  port: 21
  52: S_IFCHR mode:0000 dev:136,0 ino:33328 uid:0 gid:0 rdev:105,23
      O_RDWR FD_CLOEXEC

 

by: NukfrorPosted on 2006-02-24 at 13:44:01ID: 16042684

Bummer, in Solaris 8/9 there isn't a way with pfiles to deteremin if the port is TCP or UDP.  A little mdb magic could cure that but that requires root.

Based on your indicated perference, I recommend you use Yuzh's script.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...