Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Identify process owning TCP connection on Solaris 10
Operating Systems Solaris Identify process owning TCP connection on Solaris 10 Post 302269212 by cozzamara on Wednesday 17th of December 2008 05:30:29 AM
Old 12-17-2008
Identify process owning TCP connection on Solaris 10
I've been seeing outgoing TCP connections on a SPARC Solaris 10 box, that look like these in the output of netstat:

xxxx.46396 ipXXXXXX.speed.planet.nl.telnet 8192 0 49664 0 TIME_WAIT

They come and go and sometimes last for hours.

I am looking for owners of active, established TCP connections - not for listening TCP sockets.

Is there any way to tell :

1) which process owns (or owned) this connection ?
2) when was the connection created ?

Things I already tried that do not work:
a) lsof
b) 'pfiles' and utilities based on it

Can Solaris ipfilter be use to track this down ?

Thanks.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

TCP/IP Connection getting slower...

Hi, We have developed a server program using TCP/IP Communication to communicate with another client program. After running for some days we find the TCP/IP connection from the server program is getting slower. What i mean to say is since the send() function in the server program (it is... (2 Replies)
Discussion started by: rajesh_puru
2 Replies

2. UNIX for Advanced & Expert Users

about TCP connection

Hi Experts, need help about release or refresh TCP Connection: i have the sample like below : application log connection: 0500 ( 192.168.0.1:36053) 00919 2007/05/10 23:30:25 112 13 2007/05/10 23:30:25 1969/12/31 17:00:00 0500 ( 192.168.0.1:36054) 00920 2007/05/10 23:30:26 000 00... (3 Replies)
Discussion started by: bucci
3 Replies

3. Shell Programming and Scripting

Create a TCP/IP Connection

Hello, I am trying to write a script in Perl which will send some data from a UNIX Box to a windows box. I am planning to create a TCP/IP communication port for the same. How do I go about this? Kindly help. Regards, Garric (50 Replies)
Discussion started by: garric
50 Replies

4. Programming

close existing tcp connection in C

Hello. I would like to know how to close an existing tcp socket. I have read some stuff and learned how to create a socket and then close it but have not found anything about how to close an existing tcp socket created by another application. The situation is this: I have an ODBC server running and... (6 Replies)
Discussion started by: raidzero
6 Replies

5. IP Networking

false tcp connection

Why this happens? How to solve this? $netstat -na |grep 9325 tcp 0 0 127.0.0.1:9325 127.0.0.1:9325 ESTABLISHED When a client socket repeatedly tries to connect to an inactive(no server socket is listening on this port) local port,connect succeeds. ... (1 Reply)
Discussion started by: johnbach
1 Replies

6. Solaris

Solaris 10 ftp connection problem (connection refused, connection timed out)

Hi everyone, I am hoping anyone of you could help me in this weird problem we have in 1 of our Solaris 10 servers. Lately, we have been having some ftp problems in this server. Though it can ping any server within the network, it seems that it can only ftp to a select few. For most servers, the... (4 Replies)
Discussion started by: labdakos
4 Replies

7. Solaris

many tcp connection in close-wait

Hi, I use solaris Unix . I find there is some problem in application and it generate many "close-wait" tcp connect and stay in the server . it is generate by process id 7740 root@XX # netstat -an | grep CLOSE_WAIT | wc -l 285 root@XX # netstat -an | grep CLOSE_WAIT 10.158.35.4.34805 ... (2 Replies)
Discussion started by: abcdef
2 Replies

8. Programming

TCP connection check

Hi. I am writing client - server application using TCP sockets. I need some very basic functionality, namely: how to check if another "participant" of the connection is still present? I want to handle situations, when client is gone, or server breaks down, etc. (25 Replies)
Discussion started by: Shang
25 Replies

9. UNIX and Linux Applications

Identify server.database connection

Good afternoon i need your help, i am new at unix, in a ETL scenario like datastage is , there are a bunch of procesess (script shells) conecting to hetereogenius database source servers in order to extract information. Ive got 2 questions 1. Using unix how can i identify exactly the... (1 Reply)
Discussion started by: alexcol
1 Replies

10. Solaris

Too much TCP retransmitted and TCP duplicate on server Oracle Solaris 10

I have problem with oracle solaris 10 running on oracle sparc T4-2 server. Os information: 5.10 Generic_150400-03 sun4v sparc sun4v Output from tcpstat.d script TCP bytes: out outRetrans in inDup inUnorder 6833763 7300 98884 0... (2 Replies)
Discussion started by: insatiable1610
2 Replies

LEARN ABOUT CENTOS

ss

SS(8)							      System Manager's Manual							     SS(8)

NAME

       ss - another utility to investigate sockets

SYNOPSIS

       ss [options] [ FILTER ]

DESCRIPTION

       ss  is  used  to  dump socket statistics. It allows showing information similar to netstat.  It can display more TCP and state informations
       than other tools.

OPTIONS

       When no option is used ss displays a list of open non-listening TCP sockets that have established connection.

       -h, --help
	      Show summary of options.

       -V, --version
	      Output version information.

       -n, --numeric
	      Do not try to resolve service names.

       -r, --resolve
	      Try to resolve numeric address/ports.

       -a, --all
	      Display both listening and non-listening (for TCP this means established connections) sockets.

       -l, --listening
	      Display only listening sockets (these are omitted by default).

       -o, --options
	      Show timer information.

       -e, --extended
	      Show detailed socket information

       -m, --memory
	      Show socket memory usage.

       -p, --processes
	      Show process using socket.

       -i, --info
	      Show internal TCP information.

       -s, --summary
	      Print summary statistics. This option does not parse socket lists obtaining summary from various sources. It is useful  when  amount
	      of sockets is so huge that parsing /proc/net/tcp is painful.

       -b, --bpf
	      Show socket BPF filters (only administrators are allowed to get these information).

       -4, --ipv4
	      Display only IP version 4 sockets (alias for -f inet).

       -6, --ipv6
	      Display only IP version 6 sockets (alias for -f inet6).

       -0, --packet
	      Display PACKET sockets (alias for -f link).

       -t, --tcp
	      Display TCP sockets.

       -u, --udp
	      Display UDP sockets.

       -d, --dccp
	      Display DCCP sockets.

       -w, --raw
	      Display RAW sockets.

       -x, --unix
	      Display Unix domain sockets (alias for -f unix).

       -f FAMILY, --family=FAMILY
	      Display sockets of type FAMILY.  Currently the following families are supported: unix, inet, inet6, link, netlink.

       -A QUERY, --query=QUERY, --socket=QUERY
	      List  of	socket	tables	to  dump,  separated  by commas. The following identifiers are understood: all, inet, tcp, udp, raw, unix,
	      packet, netlink, unix_dgram, unix_stream, packet_raw, packet_dgram.

       -D FILE, --diag=FILE
	      Do not display anything, just dump raw information about TCP sockets to FILE after applying filters. If FILE is - stdout is used.

       -F FILE, --filter=FILE
	      Read filter information from FILE.  Each line of FILE is interpreted like single command line option. If FILE is - stdin is used.

       FILTER := [ state TCP-STATE ] [ EXPRESSION ]
	      Please take a look at the official documentation (Debian package iproute-doc) for details regarding filters.

USAGE EXAMPLES

       ss -t -a
	      Display all TCP sockets.

       ss -u -a
	      Display all UDP sockets.

       ss -o state established '( dport = :ssh or sport = :ssh )'
	      Display all established ssh connections.

       ss -x src /tmp/.X11-unix/*
	      Find all local processes connected to X server.

       ss -o state fin-wait-1 '( sport = :http or sport = :https )' dst 193.233.7/24
	      List all the tcp sockets in state FIN-WAIT-1 for our apache to network 193.233.7/24 and look at their timers.

SEE ALSO

       ip(8), /usr/share/doc/iproute-doc-3.10.0/ss.ps (package iproute-doc)

AUTHOR

       ss was written by Alexey Kuznetosv, <kuznet@ms2.inr.ac.ru>.

       This manual page was written by Michael Prokop <mika@grml.org> for the Debian project (but may be used by others).

																	     SS(8)
All times are GMT -4. The time now is 11:34 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy