Check the port availability in linux

Check open ports in Linux | Test firewall rules

Table of Contents

Lately I was going through some articles from different search engine to check open ports in Linux. I was quiet surprised with the results as most of these articles in the search results talks about using ss, netstat etc to check if a port is open in Linux.

You have to understand the difference and your requirement.

Do you want to check if a port is open on the destination server or between source and destination server?

Do you want to check if a port is in LISTENING state on the destination server.

As it doesn’t necessarily mean that if a port is not listening then it is not open. A port will be in LISTEN state only when it is in use by some process or else a port can be open and free but since it is not in USE it will not be listed with netstat, lsof, ss commands etc.

So I hope you are clear with your requirement.

In this article I will share the different ways to check open ports or if a port is open on the destination server in Linux.

Method-1: Check open ports using nmap

nmap is an open source tool for network exploration and security auditing. Let’s verify if nmap can successfully give us list of open ports on a Linux server:

Currently I have not added any firewall rules on my destination server:

Now let us check open ports between 35520-35522 on this server using some different client machine with nmap:

We have used -PN to perform TCP SYN/ACK check on the provided list of ports but the output claims that all of these ports are closed. But this is not correct as there is no firewall on server-2 and this setup in in my local LAN so no other firewalls in between these servers.

Now here are the list of listening ports on server-2 :

So if we try to scan these listening ports using nmap:

All of these ports are marked as OPEN. So unless your ports are in use by some process, they will not be marked as OPEN.

Let’s perform some more tests. I will DROP all the incoming requests and only allow certain ports on server-2 using iptables:

List the applied rules

So I have explicitly allowed port 35520 , now let’s perform nmap scan for this port and some others:

Now port 35520 is marked as CLOSED as it is explicitly allowed in iptables but currently is not in use while others are marked as FILTERED as they are blocked in firewall.

Understanding different states in nmap

Though the current version of NMAP is capable of performing many tasks, it initially started out as a port scanner. NMAP has certain ways to detect whether the port on the target system is open or closed. NMAP detects the status of the target port using predefined states as follows:

• Open: The Open state indicates that an application on the target system is actively listening for connections/packets on that port.
• Closed: The Closed state indicates there isn’t any application listening on that port. However, the port state could change to Open in the future.
• Filtered: The Filtered state indicates that either a firewall, a filter, or some kind of network hurdle is blocking the port and hence NMAP isn’t able to determine whether it is open or closed.
• Unfiltered: The Unfiltered state indicates that ports are responding to NMAP probes; however, it isn’t possible to determine whether they are open or closed.
• Open/Filtered: The Open/Filtered state indicates that the port is either filtered or open; however, NMAP isn’t precisely able to determine the state.
• Closed/Filtered: The Closed/Filtered state indicates that the port is either filtered or closed; however, NMAP isn’t precisely able to determine the state.

Method-2: Check list of open ports in Linux using hping3

Another wonderful tool to perform network scan is hping3 in Linux. You may download hping3 using EPEL repo.

We will retain the iptables rule which we applied in the previous example where we had blocked all the ports except 22 and 35520 and perform network scan using hping3:

So based on the above hint, hping3 got a RESET request with ACK on port 35520 which means the port may be in OPEN state while the other ports in the provided range are not responding so they are closed.

If any of the port is in LISTENING state then hping3 will return SYN and ACK flag as shown below:

Method-3: Test firewall rules

Now you may using the tools which I explained above to check open ports but if you wish to test firewall rules then I would recommend using netcat or nc tool. nc can be used to open any port and mark it as listening and then on the client server you can again use nc to send some dummy data to test firewall rule.

Let us retain the above applied iptables rule, so on our server port 35520 is allowed in the firewall. To test this firewall rule, we will enable port 35520 using nc:

So our server is now listening on port 35520, now let’s try to connect to this port using any other client node:

As you can see, nc was able to connect to server-2 using port 35520. Now if you try to send any string from client to server:

Monitor the console on server-1 and you will receive this string:

Similarly let’s try to test firewall rule for any other port which is blocked (we have blocked all the ports except 35520 and 22):

Since port 35521 port is blocked in the firewall, the same will not be accessible from server-1 :

Summary

In this article I shared different methods to perform network scanning to check open ports and test firewall rules in Linux. There are many other tools available which can be used for this purpose. But again I don’t rely on telnet, ss or netstat commands for this purpose as they may not give you accurate data based on your requirement. nmap, hping3 are very vast tools with alot of different options and features which are not covered in this article. I would suggest to go through their man page and explore different options.

Further Readings

Related Posts

Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

For any other feedbacks or questions you can either use the comments section or contact me form.

Thank You for your support!!

1 thought on “Check open ports in Linux | Test firewall rules”

Hi I’m Very interesting to all your tutoes. And i think they can help many people to have a better understanting even me as a beginner in linux.

Источник

9 commands to check if connected to internet with shell script examples

Table of Contents

In this article I will share multiple commands and examples to check if connected to internet for your Linux machine. At the end of the article I will also share some example to test internet connection from the Linux to external network using shell script.

But before we do that there are certain things you must take care of, such as

• You have IP Address assigned to your network interface (static or dhcp)
• Your gateway is reachable from the Linux system
• If you are on virtual machine then make sure your VM is configured to be able to connect external network
• Your DNS is properly configured

Now there are multiple commands which are available in Linux which can be used to check if connected to internet, we will try to discuss some of them here in brief.

1. Ping Test

The very first tool I use to check if connected to internet is via ping utility . But do you know how to check ping or perform ping check to check if connected to internet? Ping is part of iputils rpm so make sure iputils is installed on your setup

To perform ping check, try to ping any page on internet such as google.com

Here we use -c 1 with ping tool to send only one packet . Now check the statistics section, we see 1 packet was transmitted and received and there was 0% packet loss so it means we are connected to internet.

If you plan to check if connected to internet via shell script then you can use below, anything in the output other than «0» means not connected to internet.

2. Check port availability using cat, echo..

There are various tools which can be used to check port availability which I will share in this article. But many of them are not installed by default so you may have to install them manually. Alternatively you can use below command to check if connected to internet without installing any additional rpm

If the output is 0 then it means you are connected to internet, but if the output is something like below

Then your linux node is not connected to internet.

Alternatively you can also use

3. DNS lookup using nslookup, host etc..

You can perform a DNS lookup any web page address to check if connected to internet. With a successful DNS lookup you should get a response something like below.

For a failed DNS lookup you should get something like

There are many more commands to perform DNS lookup such as host, dig etc

4. Curl

curl is a tool to transfer data from or to a server, using one of the many supported protocols such as HTTP, FTP etc. We can also use this tool to query a webpage and test internet connection in Linux.

Here if you receive anything other than 200 OK then it means the server failed to connect to the provided page. So unless you provide an invalid webpage, your node is connected to internet

5. Telnet

Telnet is another tool to check port connectivity so you can check port availability of any webpage from the Linux node to check if connected to internet. We can try connecting port 53 of Google DNS to check internet connection.

As you see the session was » connected «. If you get an output like below

then it means there is a problem with internet connectivity.

6. Nmap

nmap is normally a port scanner to check the list of open ports on a system. We will use this to connect to external network to scan the port. If it is able to connect to the external network for port scanning then we can check if connected to internet.

Here I am scanning google.com on port 443. As you see highlighted section, nmap was able to establish connection with google.com

7. netcat or nc

In some variant of Linux you will find netcat while in others nc , you can use either of these tools for port scanning. nc or ncat is part of nmap-ncat rpm. Here we use nc command to check connection to google.com on port 443

8. wget

GNU Wget is a free utility for non-interactive download of files from the Web. But we can also use this to check if connected to internet.

Here with —spider Wget will behave as a Web spider, which means that it will not download the pages, just check that they are there
With echo $? we check the exit status, anything other than 0 in the output means your system is not connected to internet

9. Traceroute

The traceroute command shows every step taken on the route from your machine to a specified host. Assuming you are having problems connecting to www.google.com so you can use traceroute to check all the hubs taken to reach the destination server. This will also test internet connection.

Here we were able to trace the route to google.com upto a certain point.

What do those * * * mean?

Each one indicates a five-second timeout at that hop. Sometimes that could indicate that the machine simply doesn’t understand how to cope with that traceroute packet due to a bug, but a consistent set of * indicates that there’s a problem somewhere with the router to which 216.239.43.239 hands off packets.

On a Linux system with no internet connection, you would face problem with DNS resolution itself

How To check if connected to internet using shell script?

You can easily use any or all the above commands/methods to check if connected to internet using bash/shell script.

For example by using wget you can test internet connection in the below shell script:

Here this script will print the status of the internet, similarly for other scripts you can check the exit status and perform tasks accordingly.

Lastly I hope the steps from the article to check if connected to internet (test internet connection) on Linux was helpful. So, let me know your suggestions and feedback using the comment section.

Related Posts

Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

For any other feedbacks or questions you can either use the comments section or contact me form.

Thank You for your support!!

Источник

How to check if port is in use on Linux or Unix

H ow do I determine if a port is in use under Linux or Unix-like system? How can I verify which ports are listening on Linux server? How do I check if port is in use on Linux operating system using the CLI?

It is important you verify which ports are listening on the server’s network interfaces. You need to pay attention to open ports to detect an intrusion. Apart from an intrusion, for troubleshooting purposes, it may be necessary to check if a port is already in use by a different application on your servers. For example, you may install Apache and Nginx server on the same system. So it is necessary to know if Apache or Nginx is using TCP port # 80/443. This quick tutorial provides steps to use the netstat, nmap and lsof command to check the ports in use and view the application that is utilizing the port.

Tutorial details
Difficulty level	Easy
Root privileges	Yes
Requirements	lsof, ss, and netstat on Linux
Est. reading time	3 minutes

How to check if port is in use in

To check the listening ports and applications on Linux:

1. Open a terminal application i.e. shell prompt.
2. Run any one of the following command on Linux to see open ports:
   sudo lsof -i -P -n | grep LISTEN
   sudo netstat -tulpn | grep LISTEN
   sudo ss -tulpn | grep LISTEN
   sudo lsof -i:22 ## see a specific port such as 22 ##
   sudo nmap -sTU -O IP-address-Here
3. For the latest version of Linux use the ss command. For example, ss -tulw

Let us see commands and its output in details.

Option #1: lsof command

The syntax is:
$ sudo lsof -i -P -n
$ sudo lsof -i -P -n | grep LISTEN
$ doas lsof -i -P -n | grep LISTEN ### [OpenBSD] ###
Sample outputs:

Fig.01: Check the listening ports and applications with lsof command

Option #2: netstat command

You can check the listening ports and applications with netstat as follows.

Linux netstat syntax

Run netstat command along with grep command to filter out port in LISTEN state:
$ netstat -tulpn | grep LISTEN
The netstat command deprecated for some time on Linux. Therefore, you need to use the ss command as follows:
sudo ss -tulw
sudo ss -tulwn
sudo ss -tulwn | grep LISTEN

Where, ss command options are as follows:

• No ads and tracking
• In-depth guides for developers and sysadmins at Opensourceflare✨
• Join my Patreon to support independent content creators and start reading latest guides:
  • How to set up Redis sentinel cluster on Ubuntu or Debian Linux
  • How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)
  • How to set up Mariadb Galera cluster on Ubuntu or Debian Linux
  • A podman tutorial for beginners – part I (run Linux containers without Docker and in daemonless mode)
  • How to protect Linux against rogue USB devices using USBGuard

Join Patreon ➔

• -t : Show only TCP sockets on Linux
• -u : Display only UDP sockets on Linux
• -l : Show listening sockets. For example, TCP port 22 is opened by SSHD server.
• -p : List process name that opened sockets
• -n : Don’t resolve service names i.e. don’t use DNS

FreeBSD/MacOS X netstat syntax

$ netstat -anp tcp | grep LISTEN
$ netstat -anp udp | grep LISTEN

OpenBSD netstat syntax

$ netstat -na -f inet | grep LISTEN
$ netstat -nat | grep LISTEN

Option #3: nmap command

The syntax is:
$ sudo nmap -sT -O localhost
$ sudo nmap -sU -O 192.168.2.13 ##[ list open UDP ports ]##
$ sudo nmap -sT -O 192.168.2.13 ##[ list open TCP ports ]##
Sample outputs:

Fig.02: Determines which ports are listening for TCP connections using nmap

A note about Windows users

You can check port usage from Windows operating system using following command:
netstat -bano | more
netstat -bano | grep LISTENING
netstat -bano | findstr /R /C:»[LISTEING]»

Conclusion

This page explained command to determining if a port is in use on Linux or Unix-like server. For more information see the nmap command and lsof command page online here

🐧 Get the latest tutorials on Linux, Open Source & DevOps via

Источник