How to check if a network port is open?
Verifying if a network port is open or not is an important task for system administrators and network engineers. It allows them to ensure that the network is functioning correctly and that services are running as expected.
In this article, we will discuss three command-line tools that can be used to check if a network port is open or not on a Linux or Unix operating system: netstat
, ss
e lsof
.
Each of these tools has different options and capabilities that allow you to get detailed information about the active network connections on the system. We will explain how to use these tools and provide examples of how to check if a specific port is open or not.
netstat
The netstat
command displays information about the active network connections on the system, including open ports. To check if a specific port is open, use the following options:
-t
to display only TCP connections
-u
to display only UDP connections
-l
to display only listening ports
-n
to display IP addresses and port numbers instead of their names
To check all the ports being used on the machine, we can use the command:
root@lostrouter:~# netstat -tuln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:7071 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:5600 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
udp 0 0 127.0.0.53:53 0.0.0.0:*
udp 0 0 0.0.0.0:49683 0.0.0.0:*
udp 0 0 0.0.0.0:631 0.0.0.0:*
udp6 0 0 :::53407 :::*
udp6 0 0 :::5353 :::*
To check if port 80 (used for the HTTP protocol) is open, use the following command:
root@lostrouter:~# netstat -tuln | grep ':80'
tcp 0 0 192.168.15.186:80 0.0.0.0:* LISTEN
As we can see, the port 80 is open, the command displays a line with information about the connection, including the IP address and the local port number. If the port were not open, the command would not display any output.
ss
The ss command is a more advanced tool for displaying information about network connections and system sockets. It has options similar to netstat
, such as:
-t
to display only TCP connections
-u
to display only UDP connections
-l
to display only listening ports
-n
to display IP addresses and port numbers instead of their names
To check all the ports being used on the machine, we can use the command:
root@lostrouter:~# ss -tuln
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:49683 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:631 0.0.0.0:*
tcp LISTEN 0 1 0.0.0.0:7071 0.0.0.0:*
tcp LISTEN 0 128 127.0.0.1:5600 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
tcp LISTEN 0 128 [::]:22 [::]:*
tcp LISTEN 0 5 [::1]:631 [::]:*
To check if port 80 (used for the HTTP protocol) is open, use the following command:
root@lostrouter:~# ss -tuln | grep ':80'
tcp LISTEN 0 50000 192.168.15.48:80 *:*
lsof
The lsof (short for “list open files”) command displays information about open files on the system, including network sockets. To check if a specific port is open, use the -i option followed by the port number and the protocol (TCP or UDP).
To check the files being used with port 80, use the following command:
root@lostrouter:~# lsof -i TCP:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
anydesk 1292 root 23u IPv4 587701 0t0 TCP lostrouter:43459->relay-c45hy14a.net.anydesk.com:http (ESTABLISHED)
firefox 3941 sampaio 260u IPv4 638922 0t0 TCP lostrouter:43476->zabbix.lostrouter.local:http (ESTABLISHED)
chrome-gn 5757 sampaio 225u IPv4 72411 0t0 TCP lostrouter:52458->b45-345-566-24.lce.vivocabo.pt:http (CLOSE_WAIT)
Conclusion
The netstat
, ss
, and lsof
commands are useful tools for checking if a network port is open or not on a Linux or Unix operating system. Each of these commands has different options that allow you to get detailed information about the active network connections on the system, including the process responsible for the socket and the IP address and local port number.
Photo by Nathan Dumlao on Unsplash