Login or Register to Ask a Question and Join Our Community


Linux

How to easily identify socket given a PID on Linux?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux How to easily identify socket given a PID on Linux?
# 1  
Old 04-05-2017
Hammer & Screwdriver How to easily identify socket given a PID on Linux?
I have the PID of a process running on Linux mymac 2.6.18-417.el5 #1 SMP Sat Nov 19 14:54:59 EST 2016 x86_64 x86_64 x86_64 GNU/Linux

I need to get the ip & port i.e socket details of the given PID (32752).

Based on a suggestion on my other thread i tried

Code:
bash-3.2$ netstat -anpt | grep ESTABLISHED | grep 32752
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 ::ffff:10.2.228.77:52567    ::ffff:10.2.228.77:14000    ESTABLISHED 32752/java
tcp        0      0 ::ffff:10.2.228.31:38504    ::ffff:10.2.228.50:1528     ESTABLISHED 32752/java
tcp        0      0 ::ffff:10.2.228.31:36035    ::ffff:192.168.28.76:1521   ESTABLISHED 32752/java
tcp        0      0 ::ffff:10.2.228.31:35963    ::ffff:192.168.28.76:1521   ESTABLISHED 32752/java

Based on the output i m not able to figure out which output has the correct socket information as there are multiple entries in the output.

I will also appreciate other easier solutions but i do not wish to use lsof
# 2  
Old 04-05-2017
I don't get this post... You say "Solaris" but the uname output says "Linux". And the question is posted in "Shell Programming and Scripting". Something is a little off here...
# 3  
Old 04-05-2017
Quote:
Originally Posted by DukeNuke2
I don't get this post... You say "Solaris" but the uname output says "Linux". And the question is posted in "Shell Programming and Scripting". Something is a little off here...

Can you change the title to Linux ? Solaris is a typo
# 4  
Old 04-05-2017
Hi,

My take on this would be that all the socket information is correct. A process can have multiple network connections open simultaneously. It can also contain multiple threads within itself, which can themselves have multiple connections open, and so on. So in this case, the process with PID 32752 has all four of those connections open.
# 5  
Old 04-06-2017
Quote:
Originally Posted by drysdalk
Hi,

My take on this would be that all the socket information is correct. A process can have multiple network connections open simultaneously. It can also contain multiple threads within itself, which can themselves have multiple connections open, and so on. So in this case, the process with PID 32752 has all four of those connections open.
The process is configured to Listen to only one socket that we connect to using WLST scripts.

Just they way on Solaris gives only one socket for the same Java process using this command

Code:
/usr/bin/pfiles $pid 2>/dev/null | /usr/bin/grep AF_INET

I m looking for an equivalent command that gives me single socket information just as the above.

Please suggest.
Last edited by mohtashims; 04-06-2017 at 03:52 AM..
# 6  
Old 04-06-2017
Hi,

Ah, you want to check the listening sockets in that case. That's not what you're doing here. You're looking at all established sockets - in other words, connections between your system and another system.

For listening sockets, the netstat syntax you want is netstat -lnpt, and not netstat -anpt (and of course you don't want to be doing a grep ESTABLISHED either). That will show you just the sockets that are open and listening for incoming connections on your local system.

Hope this helps !
# 7  
Old 04-06-2017
Quote:
Originally Posted by drysdalk
Hi,

Ah, you want to check the listening sockets in that case. That's not what you're doing here. You're looking at all established sockets - in other words, connections between your system and another system.

For listening sockets, the netstat syntax you want is netstat -lnpt, and not netstat -anpt (and of course you don't want to be doing a grep ESTABLISHED either). That will show you just the sockets that are open and listening for incoming connections on your local system.

Hope this helps !
This is better but can you tell me how can i extract the ip and port as the output varies from Process to process.

For PID=32538 below is what i get as an ouput

Code:
bash-3.2$ netstat -lnpt | grep 32538
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:7666                0.0.0.0:*                   LISTEN      32538/java
tcp        0      0 ::ffff:10.2.228.79:13804    :::*                        LISTEN      32538/java
tcp        0      0 :::38970                    :::*                        LISTEN      32538/java

First Question: Out of the listings above how can i grep for just the ip and port i.e. in this case 10.2.228.79 & 13804 which is the correct ip port we specified in the configuration. I wish i could ignore the other listings in the output above.

Second question: will fd be a better alternative ? if yes, can you tell me how can i get the listen ip & port from fd command?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Need script for killing Pid in Linux

need script(shell or python) for killing pid in linux (2 Replies)
Discussion started by: roshan9995
2 Replies

2. Shell Programming and Scripting

Identify CPU usage on the Linux server

We are using linux server. We have below script running on the crontab and it send the alert if the cpu usage is above 90%. My question is, the below script tells the CPU usage for one CPU or all CPU in the server? sar 1 1 | sed '$!d' | awk '{printf("%d", $8)}' > $SAR_LOG Please let me... (4 Replies)
Discussion started by: govindts
4 Replies

3. IP Networking

Packets sent from Linux TCP socket

Hello, Our software is using a TCP socket (AF_INET, SOCK_STREAM) to communicate with an Ethernet device. When we send a message, the message object writes itself in full onto the socket's stream buffer before the software invokes send() from socket.h. I'm still researching, but have 2... (1 Reply)
Discussion started by: bix_20002000
1 Replies

4. UNIX for Advanced & Expert Users

Identify failed disk in Linux RAID

Good Evening, 2 years ago, I set up an Ubuntu file-server for a friend, who is a photograph amateur. Basically, the server offers a software RAID-5 that can be accessed remotely from a MAC. Unfortunately, I didn't labeled the hard drives (i.e. which physical drive corresponds to the /dev/sdX... (2 Replies)
Discussion started by: Loic Domaigne
2 Replies

5. What is on Your Mind?

STILL can't buy a Linux PC easily

A few years ago, Dell announced they were selling PCs with Linux (Ubuntu) preinstalled or with no OS installed. It was about time! So a couple years ago I bought the Inspiron 1525n laptop that I'm typing this on with Ubuntu preinstalled. Yea! (Though I immediately wiped Ubuntu and installed... (7 Replies)
Discussion started by: KenJackson
7 Replies

6. Linux

how to identify the raid type on Linux?

Hi any idea on why I am getting this? /sbin/mdadm --detail /dev/md0 mdadm: md device /dev/md0 does not appear to be active. thanks. (2 Replies)
Discussion started by: melanie_pfefer
2 Replies

7. Programming

Help needed linux socket programming in c

Good evening everyone! :) I'm doing a small client / server application for sharing files in C, and I am trying to implement the following: The client of my application sends to the address 255.255.255.255 a message requesting a particular file.In the network there is only one server,... (1 Reply)
Discussion started by: esmeco
1 Replies

8. UNIX for Dummies Questions & Answers

how to find the owner PID of open socket on Solaris9?

Hi all, I am trying to connect the open socket and its owner PID on my Solaris9 system. But it seems not very easy. As netstat is not as powerful as it is on Linux platform, without the "-program" option, and "lsof -i <UDP|TCP>@<hostIP>" won't show the one i want although it lists some... (1 Reply)
Discussion started by: sleepy_11
1 Replies

9. UNIX for Dummies Questions & Answers

How to identify who rebooted the linux server

Hi All, Since server is located at remote place so how to identify which user rebooted the server. Is there any way to identify the user. Thanks in advance, Reg, Bache Gowda (1 Reply)
Discussion started by: bache_gowda
1 Replies

10. UNIX for Dummies Questions & Answers

Session PID & socket connection pid

1. If I use an software application(which connects to the database in the server) in my local pc, how many PID should be registered? Would there be PID for the session and another PID for socket connection? 2. I noticed (through netstat) that when I logged in using the my software application,... (1 Reply)
Discussion started by: pcx26
1 Replies
Login or Register to Ask a Question