Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 19 Feb 2019 11:46:40 -0800
From:      Walter Parker <walterp@gmail.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: freebsd-questions Digest, Vol 767, Issue 2
Message-ID:  <CAMPTd_DTOv7OaBgrYHaX595i1LeLcfd_eon0bcgbu_qs95-QAQ@mail.gmail.com>
In-Reply-To: <mailman.85.1550577603.63610.freebsd-questions@freebsd.org>
References:  <mailman.85.1550577603.63610.freebsd-questions@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

>
>
> Message: 3
> Date: Mon, 18 Feb 2019 09:17:25 -0500
> From: "Kevin P. Neal" <kpn@neutralgood.org>
> To: BBlister <bblister@gmail.com>
> Cc: freebsd-questions@freebsd.org
> Subject: Re:  Cannot identify process of listening port 600/tcp6
> Message-ID: <20190218141725.GA67494@neutralgood.org>
> Content-Type: text/plain; charset=us-ascii
>
> On Mon, Feb 18, 2019 at 07:05:17AM -0700, BBlister wrote:
> >
> >
> > On the referenced URL, they are suggesting to use netstat -anp , which is
> > not applicable to FreeBSD (parameter -p is not valid). Also, they
> suggesting
> > to use ps.
>
> Have you tried lsof? You can lsof -n | grep TCP or lsof -n | grep UDP to
> find all processes that have any socket open. Use the "-n" option to lsof
> to so you can still grep for 600, otherwise you'll need to grep for
> "ipcserver" as shown in /etc/services.
>
>
> Have you tried sockstat? That command provides the output that a Linux
user would expect from netstat & -p. It works for IPv4, IPv6 and unix
sockets. Use sockstat -4 or sockstat -6 to see just IPv4 or IPv6 sockets.

>From the man page


     The information listed for each socket is:

     USER                The user who owns the socket.

     COMMAND       The command which holds the socket.

     PID                    The process ID of the command which holds the
socket.

     FD                     The file descriptor number of the socket.

     PROTO             The transport protocol associated with the socket for
                               Internet sockets, or the type of socket
(stream,
                               datagram, or seqpacket) for UNIX sockets.

     LOCAL ADDRESS    For Internet sockets, this is the address the local
end
                      of the socket is bound to (see getsockname(2)).  For
                      bound UNIX sockets, it is the socket's filename.  For
                      other UNIX sockets, it is a right arrow followed by
the
                      endpoint's filename, or "??" if the endpoint could not
                      be determined.


-- 
The greatest dangers to liberty lurk in insidious encroachment by men of
zeal, well-meaning but without understanding.   -- Justice Louis D. Brandeis

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAMPTd_DTOv7OaBgrYHaX595i1LeLcfd_eon0bcgbu_qs95-QAQ>