202
102
I need a Linux command to list all free open ports for use in an application
lsof -i TCP| fgrep LISTEN
Does not seen to be helping as the Ports it lists are not necessarily free for use. How do I list free open ports not in use?
ErrorNotFoundException
Posted 2013-01-08T07:34:55.963
Reputation: 2 131
268
netstat -lntu
as replied by @askmish will give you list of services running on your system on tcp and udp ports where
-l = only services which are listening on some port-n = show port number, don't try to resolve the service name-t = tcp ports-u = udp ports-p = name of the programYou don't need the 'p' parameter as you're only interested in getting which ports are free and not which program is running on it.
This only shows which ports on your system are used up, though. This doesn't tell you the status of your network e.g. if you're behind NAT and you want some services to be accessible from outside. Or if the firewall is blocking the port for outside visitors. In that case, nmap comes to the rescue. WARNING: Use nmap only on networks which are under your control. Also, there are firewall rules which can block nmap pings, you'll have to fiddle around with options to get correct results.
mehulved
Posted 2013-01-08T07:34:55.963
Reputation: 2 827
93
Since net-tools is deprecated, you can use the ss command instead of netstat if netstat is not present on your machine:
ss -lntu
should work similarly to
netstat -lntu
according to the built-in help:
-n, --numeric don't resolve service names
-l, --listening display listening sockets
-t, --tcp display only TCP sockets
-u, --udp display only UDP sockets
Eric Finn
Posted 2013-01-08T07:34:55.963
Reputation: 1 063
3Another useful flag is -p which shows the process id of the socket. – Talespin_Kit – 2019-02-06T06:15:20.357
21
This command will list open network ports and the processes that own them:
netstat -lnptu
you can thereafter filter the results to your exact specs.
You could also use nmap for more granular results about ports.
askmish
Posted 2013-01-08T07:34:55.963
Reputation: 311
2The -p flag requires root privileges for some processes, so it would be sudo netstat -lnptu – klaus se – 2014-10-30T01:17:51.143
5
All opened ports including response traffic:
netstat -tuwanp 2>/dev/null | awk '{print $4}' | sort | uniq -c | wc -l
diyism
Posted 2013-01-08T07:34:55.963
Reputation: 151
3A list of just unique port numbers and only IPv4: netstat -tuwanp4 | awk '{print $4}' | grep ':' | cut -d ":" -f 2 | sort | uniq – Aaron C. de Bruyn – 2015-10-09T20:13:06.607
+1 for showing how to filter and extract the numbers from the result. Edited to remove stderr output from netstat (which adds a header to the result in Ubuntu). – datashaman – 2016-04-04T06:17:15.557
Hmm, on second thoughts. -1 for not answering the question. – datashaman – 2016-04-04T06:18:50.850
1
My take on the original question was that he was asking about the unused ports, not the ports currently connected to services. If this is the case, there's no specific way to list them, other than to listed the used ports and assume the others are unused.
One additional point to keep in mind: as a user, you'll not be able to open a port less than 1024 (you'll need root permissions for that).
joat
Posted 2013-01-08T07:34:55.963
Reputation: 466
0
The following command will work on any Unix which outputs in the same format as Ubuntu / Debian - where the local address is in the column 4 and the output includes a 2 line header at the top. If either of those numbers is different, tweak the awk command below.
If you want IPv4 only:
netstat -lnt | awk 'NR>2{print $4}' | grep -E '0.0.0.0:' | sed 's/.*://' | sort -n | uniq
If you want IPv6 only:
netstat -lnt | awk 'NR>2{print $4}' | grep -E ':::' | sed 's/.*://' | sort -n | uniq
If you want both together:
netstat -lnt | awk 'NR>2{print $4}' | grep -E '(0.0.0.0:|:::)' | sed 's/.*://' | sort -n | uniq
The command outputs a list of port numbers that are listening on all interfaces. If you want to list all ports that are listening on localhost interface, then use something like this:
netstat -lnt | awk 'NR>2{print $4}' | grep -E '(127.0.0.1:|::1:)' | sed 's/.*://' | sort -n | uniq
datashaman
Posted 2013-01-08T07:34:55.963
Reputation: 105
0
Try
sudo netstat -plnt | grep -E '(0.0.0.0:|:::|127.0.0.1:|::1:)' | awk 'NR>2{print $7}' | sort -n | uniq
and look at this.
Robokishan
Posted 2013-01-08T07:34:55.963
Reputation: 9
21Note that
netstatis deprecated on many systems andssshould be used instead. – Johu – 2017-04-19T21:44:25.4731but if you're on busybox
ssisn't included – jcollum – 2019-06-07T15:52:18.273