How I can get ports assosiated to aplication that oppened them?

Question

Hello all

I need to get a list of all opened ports on my machine and what application opened them . I need to get this information programmatically.

Thanks.

Answer 1

exec('netstat');

Answer 2

The information about open files (including sockets) can be dug out of the /proc directory.

This article gives a lot of detail and gets you started.

Answer 3

You have to implement the following:

1. socket=ls -l /proc/<pid>/fd | grep socket | sed 's/.*socket:\[//' | sed 's/\]//'

2. grep $socket /proc/net/tcp

3. Parse the output from the previous command (second entry contains port information)

Answer 4

I was hoping a cleverer answer would appear. I did just this (programmatically in Python), in an attempt to rewrite a program called NetHogs. My version is here, specifically here is the module in Python used to parse the table from /proc. If you're not Python literate (go learn it), then take a look at the original NetHogs, which uses a blend of C/C++ (and is a bit painful to read hence the rewrite).

It's worth noting that extensive or quickly repeated attempts to parse socket information from /proc is very CPU intensive, as the operating system has to handle every syscall made, and parse internal structures dynamically. As such you'll find some caching, and timing assumptions made in the source of both projects I've linked you to.

The short of it is, you need to relate the socket inodes given for each process in /proc/<pid>/fd to the connections given in /proc/net/<proto>. Again, example parsing, and how to locate all of these are present in both projects.