Network
On Board:



In 2023 I flushed the old Swann video system (NVR) and replaced it with a 
Mini PC (AMD Ryzen 7 - 4 core) running Ubuntu 22.04 and Zoneminder with MariaDb,
apache2, php, and perl.
The swann required proprietary software (Windows .exe) and I wanted to be able
to look at any camera or the Zoneminder console or from any computer in the 
house (all Linux). I also wanted to add more cameras.

To accomplish this I needed to add POE switches to my home network. Due to 
existing cat5 and location of new cams, I put a 5 port 1Gb POE switch in Betty's
Office, and an 8 port 1Gb POE switch in my office. After looking at the amount
of traffic, I decided to move the camera traffic to a dedicated Video Network,
accessable from the main home net. I already had an unused cat5 from Betty's

office to mine so I put the 5 port POE switch on one end and a new 5 port, Gb 
switch, in my office, on the other end. I put an 8 port, Gb, POE switch in my 
office and tied it to the 5 port Gb switch. I also connected the 5 port Gb 
switch to the new Cams Mini PC and the main switch.

This allowed any host on the home net to access the CCTV net but the bulk of
camera traffic stayed on the Video Net.
How to check if port is in use on Linux or Unix Author: Vivek Gite Last updated: March 19, 2024 18 comments See all UNIX related articles/faq How do I determine if a port is in use under Linux or Unix-like system? How can I verify which ports are listening on Linux server? How do I check if port is in use on Linux operating system using the CLI? It is important you verify which ports are listening on the server’s network interfaces. You need to pay attention to open ports to detect an intrusion. Apart from an intrusion, for troubleshooting purposes, it may be necessary to check if a port is already in use by a different application on your servers. For example, you may install Apache and Nginx server on the same system. So it is necessary to know if Apache or Nginx is using TCP port # 80/443. This quick tutorial provides steps to use the netstat, nmap and lsof command to check the ports in use and view the application that is utilizing the port.
Tutorial details
Difficulty level Easy
Root privileges Yes
Requirements Linux or Unix terminal
Category Network Utilities
Prerequisites lsof/ss/netstat commands
OS compatibility *BSD • Linux • macOS • Unix • WSL
Est. reading time 6 minutes

How to check if port is in use To check the listening ports and applications on Linux:
  1. Open a terminal application i.e. shell prompt.
  2. Run any one of the following command on Linux to see open ports: sudo lsof -i -P -n | grep LISTEN sudo netstat -tulpn | grep LISTEN sudo ss -tulpn | grep LISTEN sudo lsof -i:22 ## see a specific port such as 22 ## sudo nmap -sTU -O IP-address-Here
  3. For the latest version of Linux use the ss command. For example, ss -tulw Let us see commands and its output in details.
    Option #1: lsof command The syntax is: sudo lsof -i -P -n sudo lsof -i -P -n | grep LISTEN doas lsof -i -P -n | grep LISTEN # OpenBSD # Sample outputs: Fig.01: Check the listening ports and applications with lsof command Consider the last line from above outputs: sshd 85379 root 3u IPv4 0xffff80000039e000 0t0 TCP 10.86.128.138:22 (LISTEN)
    • sshd is the name of the application.
    • 10.86.128.138 is the IP address to which sshd application bind to (LISTEN)
    • 22 is the TCP port that is being used (LISTEN)
    • 85379 is the process ID of the sshd process

    Viewing the Internet network services list The /etc/services is a text file mapping between human-friendly textual names for internet services and their underlying assigned port numbers and protocol types. Use the cat command or more command/less command to view it: less /etc/services ## OR ## more /etc/services A sample file: tcpmux 1/tcp # TCP port service multiplexer echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null systat 11/tcp users daytime 13/tcp daytime 13/udp netstat 15/tcp qotd 17/tcp quote chargen 19/tcp ttytst source chargen 19/udp ttytst source ftp-data 20/tcp ftp 21/tcp fsp 21/udp fspd ssh 22/tcp # SSH Remote Login Protocol telnet 23/tcp smtp 25/tcp mail time 37/tcp timserver time 37/udp timserver whois 43/tcp nicname tacacs 49/tcp # Login Host Protocol (TACACS) tacacs 49/udp domain 53/tcp # Domain Name Server domain 53/udp Each line describes one service, and is of the form: #service-name port/protocol [aliases ...] ssh 22/tcp # SSH Remote Login Protocol time 37/tcp timserver
    Option #2: netstat or ss command You can check the listening ports and applications with netstat as follows.
    Linux netstat syntax Prerequisite By default, netstat command may not be installed on your system. Hence, use the apk command on Alpine Linux, dnf command/yum command on RHEL & co, apt command/apt-get command on Debian, Ubuntu & co, zypper command on SUSE/OpenSUSE, pacman command on Arch Linux to install the netstat. Run the netstat command along with grep command to filter out port in LISTEN state: netstat -tulpn | grep LISTEN netstat -tulpn | more OR filter out specific TCP port such as 443: netstat -tulpn | grep ':443'
    Where netstat command options are:
    • -t : Select all TCP ports
    • -u : Select all UDP ports
    • -l : Show listening server sockets (open TCP and UDP ports in listing state)
    • -p : Display PID/Program name for sockets. In other words, this option tells who opened the TCP or UDP port. For example, on my system, Nginx opened TCP port 80/443, so I will /usr/sbin/nginx or its PID.
    • -n : Don’t resolve name (avoid dns lookup, this speed up the netstat on busy Linux/Unix servers)
    The netstat command deprecated for some time on Linux. Therefore, you need to use the ss command as follows: sudo ss -tulw sudo ss -tulwn sudo ss -tulwn | grep LISTEN Linux check if port is in use using ss command Where, ss command options are as follows:
    • -t : Show only TCP sockets on Linux
    • -u : Display only UDP sockets on Linux
    • -l : Show listening sockets. For example, TCP port 22 is opened by SSHD server.
    • -p : List process name that opened sockets
    • -n : Don’t resolve service names i.e. don’t use DNS
    Related: Linux Find Out Which Process Is Listening Upon a Port
    FreeBSD/macOS (OS X) netstat syntax The syntax is as follows: netstat -anp tcp | grep LISTEN netstat -anp udp | grep LISTEN You can use the sockstat command on macOS or FreeBSD to display open TCP or UDP ports too. For example: sudo sockstat -4 -6 -l Outputs from my FreeBSD server version 13.xx:
    USERCOMMANDPIDFDPROTOLOCAL ADDRESS<75>FOREIGN ADDRESS
    rootmaster172313tcp4127.0.0.1:25*:*
    rootmaster172314tcp4192.168.2.20:25*:*
    rootsshd16273tcp6*:22*:*
    rootsshd16274tcp4*:22*:*
    ntpdntpd161520udp6*:123*:*
    ntpdntpd161521udp4*:123*:*
    ntpdntpd161522udp4192.168.2.20:123*:*
    ntpdntpd161523udp6::1:123*:*
    ntpdntpd161524udp6fe80::1%lo0:123*:*
    ntpdntpd161525udp4127.0.0.1:123*:*
    ntpdntpd161526udp4172.16.0.5:123*:*
    rootsyslogd10856udp6*:514*:*
    rootsyslogd10857udp4*:514*:*
    ????udp4*:17890*:*
    ????udp6*:17890*:*

    OpenBSD netstat syntax netstat -na -f inet | grep LISTEN netstat -nat | grep LISTEN
    Option #3: nmap command The syntax is: sudo nmap -sT -O localhost # search for open port IP address 192.168.2.13 sudo nmap -sU -O 192.168.2.13 ##[ list open UDP ports ] sudo nmap -sT -O 192.168.2.13 ##[ list open TCP ports ] Fig.02: Determines which ports are listening for TCP connections using nmap You can combine TCP/UDP scan in a single command: sudo nmap -sTU -O 192.168.2.13
    A note about Windows users You can check port usage from Windows operating system using following command: netstat -bano | more netstat -bano | grep LISTENING netstat -bano | findstr /R /C:"[LISTEING]"
    Testing if a port is open from a bash script One can use the “/dev/tcp/{HostName}_OR_{IPAddrress}>port}” syntax to check if a TCP port is open on a Linux or Unix machine when using Bash. In other words , the following is Bash specific feature. Let us see if TCP port 22 is open on localhost and 192.168.2.20: (echo >dev/tcp/localhost/23) &>dev/null && echo "open" || echo "close" (echo >dev/tcp/192.168.2.20/22) &>dev/null && echo "open" || echo "close" Now we can build some logic as follows:
    1. #!/bin/bash
    2. dest_box="aws-prod-server-42"
    3. echo "Testing the ssh connectivity ... "
    4. if ! (echo >/dev/tcp/$dest_box/22) &>/dev/null
    5. then
    6. echo "$0 cannot connect to the $dest_box. Check your vpn connectivity."
    7. else 8 | echo "Running the ansible playboook ..."
    8. ansible-playbook -i hosts --ask-vault-pass --extra-vars '@cluster.data.yml' main.yaml
    9. fi

    What if I’m not using Bash… Try the nc command as follows: nc -w {timeout} -zv {server_IP_hostname} {tcp_port} &>/dev/null && echo "Open" || echo "Close" nc -w 5 -zv 192.168.2.20 23 &>/dev/null && echo "TCP/23 Open" || echo "TCP/23 Close" The updated Bash script:
    1. #!/bin/bash
    2. dest_box="aws-prod-server-42"
    3. timeout="5" # timeouts in seconds
    4. echo "Testing the ssh connectivity in $timeout seconds ... "
    5. # make sure 'nc' is installed, else die ..
    6. if ! type -a nc &>/dev/null
    7. then
    8. echo "$0 - nc command not found. Please install nc and run the script again."
    9. exit 1
    10. fi
    11. if ! nc -w "$timeout" -zv "${dest_box}" 22 &>/dev/null
    12. then
    13. echo "$0 cannot connect to the $dest_box. Check your vpn connectivity."
    14. exit 1
    15. else
    16. echo "Running the ansible playboook ..."
    17. ansible-playbook -i hosts --ask-vault-pass --extra-vars '@cluster.data.yml' main.yaml
    18. fi

    Using Perl to check if a TCP port is open in Linux or Unix Here is a Perl script to check if TCP port 22 for OpenSSH is open with a 5-second timeout using IO::Socket::INET:
    1. #!/usr/bin/perl -w
    2. use IO::Socket::INET;
    3. # Set server name and port here
    4. $my_server="192.168.2.20";
    5. $my_server_tcp_port="22";
    6. /*F*****************************************************
    7. * make a new object
    8. *******************************************************/
    9. my $server_test = IO::Socket::INET->new(
    10. PeerAddr => "$my_server",
    11. PeerPort => "$my_server_tcp_port",
    12. Proto => 'tcp',
    13. Timeout => 5
    14. );
    15. # test it and die or continue as per your needs
    16. if( $server_test )
    17. {
    18. print "TCP port $my_server_tcp_port is open for the $my_server.\n";
    19. print "Now doing something ...\n";
    20. close $server_test;
    21. }
    22. else
    23. {
    24. print "TCP port $my_server_tcp_port is closed or timed out for the $my_server.\n";
    25. }
    Python example to check if a TCP port is open in Linux or Unix Try thise simple code that uses low level socket networking feature. For example:
    1. #!/usr/bin/python3
    2. # Tested on Python 3.6.xx and 3.8.xx only (updated from Python 2.x)
    3. import socket
    4. # Create a new function
    5. def check_server_tcp_port(my_host_ip_name, my_tcp_port, timeout=5):
    6. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    7. s.settimeout(timeout)
    8. try:
    9. s.connect((my_host_ip_name, my_tcp_port))
    10. print(f"TCP port {my_tcp_port} is open for the {my_host_ip_name}.")
    11. s.close()
    12. return True
    13. except socket.timeout:
    14. print(f"TCP port {my_tcp_port} is closed or timed out for the {my_host_ip_name}.")
    15. return False
    16. # Test it
    17. check_server_tcp_port("localhost", 22)
    18. check_server_tcp_port("192.168.2.20", 22)

    Conclusion This page explained command to determining if a port is in use on Linux or Unix-like server. For more information see the nmap command and lsof command page online here or by typing the man command as follows: man lsof man ss man netstat man nmap man 5 services man nc
    See also