[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 475
  • Last Modified:

How to identify AIX unix domain connections

Hi !

I've several unix domain connections on an AIX 7.1 box, but I can't figure out where this connection come/go. Here is an example:

f1000e000baad808 dgram       0      0                0 f1000e0004b2a280                0 f1000e000db82300
f1000e000badd200
f1000e0005ab5408 dgram       0      0                0 f1000e0004b2a280                0 f1000e0001eb5580
f1000e0005df4280
f1000e0011120008 dgram       0      0                0 f1000e0004b2a280                0 f1000e0005a65400
f1000e0008fe9580
f1000e0000a3d808 dgram       0      0                0 f1000e0004b2a280                0 f1000e0000b18d80
f1000e0000acde80
f1000e000d4b5408 dgram       0      0                0 f1000e0004b2a280                0 f1000e0000b18880
f1000e000dbcc180
f1000e0000a36808 dgram       0      0                0 f1000e0004b2a280                0 f1000e0003817900
f1000e0000b18880
f1000e000dc29808 dgram       0      0                0 f1000e0004b2a280                0 f1000e00147c0980
f1000e000dc62680
f1000e0005e28c08 dgram       0      0                0 f1000e0004b2a280                0 f1000e0003247400
f1000e0005bb5480
f1000e000bf01c08 dgram       0      0                0 f1000e0004b2a280                0 f1000e000904ec00
f1000e000b081280
f1000e0001460c08 dgram       0      0                0 f1000e0004b2a280                0 f1000e0008fd5200
f1000e0001501e00
f1000e00001cc408 dgram       0      0                0 f1000e0004b2a280                0 f1000e0004790300
f1000e00001cd800
f1000e0014765408 dgram       0      0                0 f1000e0004b2a280                0 f1000e000a1d1500
f1000e00148ef000
f1000e0000a4a008 dgram       0      0                0 f1000e0004b2a280                0 f1000e0004196980
f1000e001482de00
f1000e0005ba6c08 dgram       0      0                0 f1000e0004b2a280                0 f1000e0004828b00
f1000e0005a73300
f1000e00005d7808 dgram       0      0                0 f1000e0004b2a280                0 f1000e0016ee6100
f1000e001496fd80
f1000e0000659808 dgram       0      0                0 f1000e0004b2a280                0 f1000e0004b96800
f1000e0000629800
f1000e0002436008 dgram       0      0                0 f1000e0004b2a280                0 f1000e0001e7aa00
f1000e0008fd5200
f1000e0016c66408 dgram       0      0                0 f1000e0004b2a280                0 f1000e000bf46200
f1000e0013717e00
f1000e000bc3bc08 dgram       0      0                0 f1000e0004b2a280                0 f1000e0003d26d00
f1000e000ba1de80
f1000e0008cc4008 dgram       0      0                0 f1000e0004b2a280                0 f1000e0000629800
f1000e0001e7aa00
f1000e000875c008 dgram       0      0                0 f1000e0004b2a280                0 f1000e000aefd180
f1000e0008739300
f1000e0002337c08 dgram       0      0                0 f1000e0004b2a280                0 f1000e0014446800
f1000e001113ee80
f1000e0001ee9c08 dgram       0      0                0 f1000e0004b2a280                0 f1000e0014530e80

How can I find out who is generating f1000e0004b2a280 ?
What is this f1000e0004b2a280 # ? Netstat says it should be an inode number...

Thanks in advance,

Ronald Sekkel
0
rsekkel
Asked:
rsekkel
1 Solution
 
sjm_eeCommented:
There are sometimes path names at the end of netstat -f unix output which indicate that path to the socket which you can investigate with lsof:

f1000e0000193808 dgram       0      0 f10001001fd6d020                0                0                0 /dev/.SRC-unix/SRCO-afMl
f1000e0000160500
f1000e0000152408 dgram       0      0 f10001001ffbe420                0                0                0 /dev/.SRC-unix/SRCRTafMo
f1000e0000521900
0
0
 
woolmilkporcCommented:
Try "rmsock"

As opposed to what its name might suggest it will only remove orphaned sockets but will tell you for the other ones which the owning process is.

"man rmsock" for more.

wmp
0
 
rsekkelAuthor Commented:
wmp, rmsock did the job !

f1000e000961e408 dgram       0      0                0 f1000e0004b2a280                0 f1000e000ae1f700
f1000e0002e07300
[root@p750 fotos]# rmsock f1000e000961e408 socket
The socket 0xf1000e000961e408 is being held by proccess 28049988 (telnetd).
[root@p750 fotos]# pstree -p 28049988
-+- 00001 root /etc/init
 \-+= 3997964 root /usr/sbin/srcmstr
   \-+= 4325438 root /usr/sbin/inetd
     \-+= 28049988 root telnetd -a
       \--= 10028080 cl267-9 /bin/ksh /uv6/bin/uv.login
Thank you very much for your help.

Ronald
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now