Kill UDP port that has no process?

My VPN client sometimes can't bind to the UDP port (500) it uses. It seems to leave behind a "bind" to port 500 on a previous run, even though it has quit.

The port is reported as "already in use" (Mac os X), but doesn't have an associated process:

$ sudo netstat -na | grep "udp.*\.500\>"

udp4       0      0  192.168.50.181.500     *.*                               
udp4       0      0  192.168.29.166.500     *.*

But sudo lsof doesn't show a process on port 500 (ie sudo lsof -i:500 -P reports nothing).

I can successfully use the VPN client after rebooting the machine, but am hoping for a less disruptive way to clear the state.

Chocohound

Posted 2012-11-12T16:45:19.867

Reputation: 131

Answers

Port 500 is isakmp, used by IPsec VPNs.

Look in /sbin/ifconfig for any virtual network interfaces that might be configured to use that.

Alnitak

Posted 2012-11-12T16:45:19.867

Reputation: 656

There is no virtual network interface in ifconfig or in the "System Pref / Networking" screen. I do use a VPN client called IPSecuritas, but it doesn't register itself as a virtual interface. I believe it's badly behaved in some circumstances, but I can't figure out how to clean up after it. – Chocohound – 2012-11-12T16:50:36.160

Also, if what you were saying is the issue, wouldn't there be a process listed by lsof? – Chocohound – 2012-11-12T16:52:45.937

@Chocohound if it's implemented in the kernel then there needn't be a process. – Alnitak – 2012-11-12T16:53:28.070

Alnitak, good point. But the issue still remains -- there is no virtual network interface listed... – Chocohound – 2012-11-12T17:39:30.700

Another useful command on OS X will help you make sure there is no process set for a particular UDP or TCP port:

lsof -Pan -i tcp -i udp

vladikoff

Posted 2012-11-12T16:45:19.867

Reputation: 135

Try using netstat -nap to determine which program has the port open. I don't have an OSX system to test on, but on Linux, kernel ports show - as the program.

EDIT: A quick search for OSX ipsec disable indicates that OSX may have IPSEC enabled by default. If so, you would need to disable it to free the port.

BillThor

Posted 2012-11-12T16:45:19.867

Reputation: 9 384

-p flag doesn't exist on Mac. In general netstat can't show PIDs on mac, so you can't tell whether the kernel or some other process has / had the port. The only difference between lines in "netstat -na" is that the "state" field is blank (but I think that's true of all the UDP ports). – Chocohound – 2012-11-12T22:39:36.653

@Chocohound UPD is stateles, so I would expect it to be blank for UDP. I've updated my answer. Is there a reason you are using an assigned port in your code? – BillThor – 2012-11-12T23:14:21.637

Sorry, disregard "my code" - it was just a test client to confirm the issue for me. My problem is that I have a VPN client (IPsecuritas) which usually works, but sometimes fails to clean itself up on quitting. I can't figure out how to deallocate it. And if I try to start the VPN client again it fails with an "address already in use". – Chocohound – 2012-11-13T00:04:23.833

@Chocohound I find a case like this is usually the program failing to finish exiting. However, it may be using kernel services and not shutting them down. Check the logs for the daemon to see if it reports any problems. – BillThor – 2012-11-13T01:30:13.947