Unix - What ports are being used?

I have an application configuration file that I am moving from an AIX4.3 box to an AIX 5.2 box.  The original configuration file refers to several ports in the 10000, 20000, 30000, 40000 range.  

export NAME_SRVR_A_PORT_3=10011                                                
export NAME_SRVR_A_PORT_4=10012                                                  
export NAME_SRVR_A_PORT_5=10013                                                        
export NAME_SRVR_B_PORT_3=20011                                                        
export NAME_SRVR_B_PORT_4=20012                                                        
export NAME_SRVR_B_PORT_5=20013                                                        
export NAME_SRVR_C_PORT_3=30011                                                  
export NAME_SRVR_C_PORT_4=30012                                                  
export NAME_SRVR_C_PORT_5=30013                                                  
export NAME_SRVR_D_PORT_3=40011                                                        
export NAME_SRVR_D_PORT_4=40012                                                        

On the destination box, I want to check and see if these ports are being used and if so, what app is using them

My /etc/services only shows ports under 10000 and netstat doesn't really show me what I am looking for.

If there is a different way to do it in Solaris, please let me know how to do that also.

Thanks for your direct help!      
Who is Participating?
alfaromeConnect With a Mentor Commented:
try"lsof -i <:port>", it gives you a listing of all network resources used by the kernel, here is an example:

# lsof -ni :22
sshd      825 root    4u  IPv4 12000617       TCP> (ESTABLISHED)
sshd    23371 root    3u  IPv4      475       TCP *:ssh (LISTEN)

hope it's what you're looking for

ahoffmannConnect With a Mentor Commented:
netstat -an
fuser is in AIX, lsof is big&slow
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

.. and netstat -an works nearly everywhere (including M$:-)
fuser & lsof work in aix and solaris (and linux), but I dont see how netstat -an gives you the PID of the process that uses the port. it justs lists you open connections and unix-sockets as far as I know.

I would try "fuser 22/tcp" or "lsof -ni :22" ...and the speed of lsof depends on how many connections your system has open.
Yes, lsof is i^2 or so
outch, I missed
> .. what app is using them
so I agree with lsof (netstat -pan is linux only)
theoradicallyAuthor Commented:
This is an IBM Websphere LoadBalancer config file.  I want to use the old config file on a box that's been upgraded to AIX5.2.  Before just implementing the config file that makes reference to the ports above, I want to see if anything is using those ports on the new box.  I tried different options to the fuser, wasn't giving me any helpful info.  

Using the
$ fuser 22/tcp
22/tcp: A file or directory in the path name does not exist.
I realize that's just searching for the ssh port 22, but it should be in use, shouldn't it.
$ fuser 10013/tcp
10013/tcp: A file or directory in the path name does not exist.

Using the netstat -an, the top of the output is
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
tcp        0      0  *.22                   *.*                    LISTEN
tcp4       0      0  *.111                  *.*                    LISTEN
tcp        0      0  *.512                  *.*                    LISTEN
tcp        0      0  *.514                  *.*                    LISTEN
tcp4       0      0  *.543                  *.*                    LISTEN
tcp4       0      0  *.544                  *.*                    LISTEN
tcp4       0      0  *.657                  *.*                    LISTEN
tcp4       0      0        *.*                    LISTEN
tcp4       0      0  *.5070                 *.*                    LISTEN
tcp4       0      0  *.6767                 *.*                    LISTEN
tcp4       0      0  *.6768                 *.*                    LISTEN
tcp4       0      0  *.32768                *.*                    LISTEN
tcp4       0      0  *.32769                *.*                    LISTEN
tcp4       0      0  *.8891                 *.*                    LISTEN
tcp4       0      0  *.8892                 *.*                    LISTEN
tcp4       0      0  *.9090                 *.*                    LISTEN

this still isn't showing ports over 10000.  How do I find out if 10011, 10012, 10013, 20011, 20012 and so are being used and if so, by what application.  Thanks for your time, sorry for my ignorance.
TintinConnect With a Mentor Commented:
If your netstat output isn't showing ports >10000, then that means there is nothing listening or running on that port.  However, that doesn't mean they might not be started by inetd which means the port they run on will only show up in the netstat listing when there is an active connection.  But given that there are no entries in /etc/services, this is unlikely.

UDP listeners do not show up a "LISTEN"
rpcinfo -p prints some info about ports controlled by RPC portmap
theoradically, it seems your fuser has a different syntax. either find out how it works, or try "lsof -i <proto>:<port>" to find out about udp connections

something like this should give you all the info you want:

for port in 10011 10012 10013 20011 20012 20013 30011 30012 30013 40011 40012 ;do
         /path/to/lsof -i tcp:$port
         /path/to/lsof -i udp:$port

if this does not generate any meaningful output, then those ports are just not used. of course what tintin said about inetd still applies here.
To my knowledge "fuser" is the old'n'stupid unix one, not the new shine....:-). So no luck with that on AIX (please correct me here gheist, I'm @home.... away from my 5.2 boxes:-).
lsof might be it, but again, only for "active port consumers". As mentioned, both portmap and inetd might ... surpise... you there, but OTOH they're rather easily checked (reading config file and doing what gheist mentions above).

-- Glenn (who pines for the good old DG/UX netuser command... Simply glorious:-)
theoradicallyAuthor Commented:
Sorry this was so tough.  Even though I didn't know how to find it, I felt that finding used ports should have been an easy one.

fuser didn't give me what I needed
netstat didn't give me what I needed
lsof - not found
netuser - not found

The problem is not even an issue at this point.  I want to close this, but do appreciate the time that each of you have spent!
then you need to do it the traditional way:

   netstat -an
   awk '($1 !~ /^#/){print}' /etc/inetd.conf

netstat tells you which ports are open permanent
inetd.conf tells you which will be opened per request
To find out which program uses which port will be harder then (without lsof), try&error ...
Since lsof is available (although not perhaps installed on theoradicallys box), you might consider attributing points to those suggestions, as well as the netstat suggestions (and perhaps even the "search the config files" type suggestions)... Generally sprinkle points about:-). If it was less points I'd say "PAQ/no refund it and be done with it"... Perhaps not best though.

-- Glenn
theoradicallyAuthor Commented:

What's up?   "Abandoned""Assumed participant Is no longer interested?"  I did not know how to close this, so as seen above on 10/14, I said this was no longer an issue, I thanked everyone for their input and said that I would like to close it so no more time was spent on it!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.