当前位置: 文江博客话题详情

谁在 Mac OS X 上监听给定的 TCP 端口?

发布于 2024-10-07 02:17:39 字数 134 浏览 3 评论 0原文

在 Linux 上,我可以使用 netstat -pntl | grep $PORT 或 fuser -n tcp $PORT 找出哪个进程 (PID) 正在侦听指定的 TCP 端口。如何在 Mac OS X 上获得相同的信息?

原文

On Linux, I can use netstat -pntl | grep $PORT or fuser -n tcp $PORT to find out which process (PID) is listening on the specified TCP port. How do I get the same information on Mac OS X?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(19

羁〃客ぐ 2024-10-14 02:17:39

在 macOS Big Sur 及更高版本上,使用此命令:

sudo lsof -i -P | grep LISTEN | grep :$PORT

或者仅查看 IPv4:

sudo lsof -nP -i4TCP:$PORT | grep LISTEN

在旧版本上,使用以下形式之一:

sudo lsof -nP -iTCP:$PORT | grep LISTEN
sudo lsof -nP -i:$PORT | grep LISTEN

$PORT 替换为端口号或以逗号分隔的端口号列表。

如果您需要 1023 以上端口的信息,则可能不需要 sudo。

-n 标志用于显示 IP 地址而不是主机名。这使得命令执行速度更快,因为获取主机名的 DNS 查找可能很慢(对于许多主机来说需要几秒或一分钟)。

-P 标志用于显示原始端口号,而不是显示解析名称,例如 httpftp 或更深奥的服务名称,例如 dpserve< /code>,socalia

请参阅评论以获取更多选项。

为了完整起见,因为经常一起使用:

杀死 PID:

sudo kill -9 <PID>
# kill -9 60401

On macOS Big Sur and later, use this command:

sudo lsof -i -P | grep LISTEN | grep :$PORT

or to just see just IPv4:

sudo lsof -nP -i4TCP:$PORT | grep LISTEN

On older versions, use one of the following forms:

sudo lsof -nP -iTCP:$PORT | grep LISTEN
sudo lsof -nP -i:$PORT | grep LISTEN

Substitute $PORT with the port number or a comma-separated list of port numbers.

sudo may not be needed if you need information on ports above 1023.

The -n flag is for displaying IP addresses instead of host names. This makes the command execute much faster, because DNS lookups to get the host names can be slow (several seconds or a minute for many hosts).

The -P flag is for displaying raw port numbers instead of resolved names like http, ftp or more esoteric service names like dpserve, socalia.

See the comments for more options.

For completeness, because frequently used together:

To kill the PID:

sudo kill -9 <PID>
# kill -9 60401
回复 原文
内心激荡 2024-10-14 02:17:39

macOS 的每个版本都支持此功能:

sudo lsof -iTCP -sTCP:LISTEN -n -P

就个人而言,我最终在我的 ~/.bash_profile 中得到了这个简单的函数:

listening() {
    if [ $# -eq 0 ]; then
        sudo lsof -iTCP -sTCP:LISTEN -n -P
    elif [ $# -eq 1 ]; then
        sudo lsof -iTCP -sTCP:LISTEN -n -P | grep -i --color $1
    else
        echo "Usage: listening [pattern]"
    fi
}

然后listening命令会为您提供在某个端口上侦听的进程列表,并且listening smth将其greps为某种模式。

有了这个,就可以很容易地询问特定进程,例如listening dropbox,或端口,例如listening 22

lsof 命令有一些专门的选项用于询问端口、协议、进程等。但我个人发现上述功能更方便,因为我不需要记住所有这些低级选项。 lsof 是一个非常强大的工具,但不幸的是使用起来不太舒服。

Every version of macOS supports this:

sudo lsof -iTCP -sTCP:LISTEN -n -P

Personally I've end up with this simple function in my ~/.bash_profile:

listening() {
    if [ $# -eq 0 ]; then
        sudo lsof -iTCP -sTCP:LISTEN -n -P
    elif [ $# -eq 1 ]; then
        sudo lsof -iTCP -sTCP:LISTEN -n -P | grep -i --color $1
    else
        echo "Usage: listening [pattern]"
    fi
}

Then listening command gives you a listing of processes listening on some port and listening smth greps this for some pattern.

Having this, it's quite easy to ask about particular process, e.g. listening dropbox, or port, e.g. listening 22.

lsof command has some specialized options for asking about port, protocol, process etc. but personally I've found above function much more handy, since I don't need to remember all these low-level options. lsof is quite powerful tool, but unfortunately not so comfy to use.

回复 原文
阳光下慵懒的猫 2024-10-14 02:17:39

您还可以使用:

sudo lsof -i -n -P | grep TCP

这适用于 Mavericks。

You can also use:

sudo lsof -i -n -P | grep TCP

This works in Mavericks.

回复 原文
生生漫 2024-10-14 02:17:39

2016 年 1 月更新

真的很惊讶没有人建议:

lsof -i :PORT_NUMBER

获取所需的基本信息。例如,检查端口 1337:

lsof -i :1337

其他变化,具体取决于情况:

sudo lsof -i :1337
lsof -i tcp:1337

您可以轻松地在此基础上提取 PID 本身。例如:(

lsof -t -i :1337

结果)与此命令等效:

lsof -i :1337 | awk '{ print $2; }' | head -n 2 | grep -v PID

快速说明:

在此处输入图像描述

为了完整性,因为经常一起使用:

杀死 PID:

kill -9 <PID>
# kill -9 60401

或作为单行:

kill -9 $(lsof -t -i :1337)

Update January 2016

Really surprised no-one has suggested:

lsof -i :PORT_NUMBER

to get the basic information required. For instance, checking on port 1337:

lsof -i :1337

Other variations, depending on circumstances:

sudo lsof -i :1337
lsof -i tcp:1337

You can easily build on this to extract the PID itself. For example:

lsof -t -i :1337

which is also equivalent (in result) to this command:

lsof -i :1337 | awk '{ print $2; }' | head -n 2 | grep -v PID

Quick illustration:

enter image description here

For completeness, because frequently used together:

To kill the PID:

kill -9 <PID>
# kill -9 60401

or as a one liner:

kill -9 $(lsof -t -i :1337)
回复 原文
心凉怎暖 2024-10-14 02:17:39

对于 LISTEN、ESTABLISHED 和 CLOSED 端口:

sudo lsof -n -i -P | grep TCP

仅适用于 LISTEN 端口:

sudo lsof -n -i -P | grep LISTEN

对于特定 LISTEN 端口(例如端口 80):

sudo lsof -n -i -P | grep ':80 (LISTEN)'

或者,如果您只想要一个紧凑的摘要 [未描述服务/应用程序],请使用 netstat.这里好的一面是,不需要 sudo

netstat -a -n | grep 'LISTEN '

解释使用 lsof 选项的选项

(有关更多详细信息,请参阅 man lsof):

  • - 主机名
  • n 抑制IPv4 和 IPv6 协议的
  • -i -P 省略端口名称

netstat 选项(有关更多详细信息,请参阅< code>man netstat):

  • -a 对于所有套接字
  • -n 不解析名称,将网络地址显示为数字

在 High Sierra 10.13 上测试.3 和 Mojave 10.14.3

最后一个语法 netstat 也适用于 Linux [apt install net-tools]

lsof 在某些 Linux 上默认存在分布

For the LISTEN, ESTABLISHED and CLOSED ports:

sudo lsof -n -i -P | grep TCP

For the LISTEN ports only:

sudo lsof -n -i -P | grep LISTEN

For a specific LISTEN port (e.g. port 80):

sudo lsof -n -i -P | grep ':80 (LISTEN)'

Or if you just want a compact summary [no service/apps described], go by netstat. The good side here is, no sudo needed:

netstat -a -n | grep 'LISTEN '

Explaining the options used

lsof options (for more details see man lsof):

  • -n suppress the host name
  • -i for IPv4 and IPv6 protocols
  • -P omit port names

netstat options (for more details see man netstat):

  • -a for all sockets
  • -n don't resolve names, show network addresses as numbers

Tested on High Sierra 10.13.3 and Mojave 10.14.3

The last syntax netstat works on Linux too [apt install net-tools]

lsof comes by default on some Linux distribution

回复 原文
放低过去 2024-10-14 02:17:39

在 OS X 上,您可以使用 netstat 的 -v 选项来给出关联的 pid。

类型:

netstat -anv | grep [.]PORT

输出将如下所示:

tcp46      0      0  *.8080                 *.*                    LISTEN      131072 131072   3105      0

PID 是最后一列之前的数字,本例为 3105

on OS X you can use the -v option for netstat to give the associated pid.

type:

netstat -anv | grep [.]PORT

the output will look like this:

tcp46      0      0  *.8080                 *.*                    LISTEN      131072 131072   3105      0

The PID is the number before the last column, 3105 for this case

回复 原文
醉城メ夜风 2024-10-14 02:17:39

在 macOS 上,以下是使用 netstat 获取正在侦听特定端口的进程 ID 的简单方法。此示例查找在端口 80 上提供内容的进程:

find server running on port 80

netstat -anv | egrep -w [.]80.*LISTEN

示例输出

tcp4  0 0  *.80       *.*    LISTEN      131072 131072    715      0

最后一列中的第二列是 PID。在上面,它是715

options

-a - 显示所有端口,包括服务器使用的端口

-n - 显示数字,不查找名称。这使得命令速度很多更快

-v - 详细输出,以获取进程 ID

-w - 搜索词。否则,该命令将返回端口 8000 和 8001 的信息,而不仅仅是“80”

LISTEN - 仅提供处于 LISTEN 模式的端口(即服务器)的信息

On macOS, here's an easy way to get the process ID that's listening on a specific port with netstat. This example looks for a process serving content on port 80:

find server running on port 80

netstat -anv | egrep -w [.]80.*LISTEN

sample output

tcp4  0 0  *.80       *.*    LISTEN      131072 131072    715      0

The 2nd from the last column is the PID. In above, it's 715.

options

-a - show all ports, including those used by servers

-n - show numbers, don't look up names. This makes the command a lot faster

-v - verbose output, to get the process IDs

-w - search words. Otherwise the command will return info for ports 8000 and 8001, not just "80"

LISTEN - give info only for ports in LISTEN mode, i.e. servers

回复 原文
瑕疵 2024-10-14 02:17:39

在最新的 macOS 版本上,您可以使用此命令:

lsof -nP -i4TCP:$PORT | grep LISTEN

如果您发现很难记住,那么也许您应该创建一个 bash 函数并使用更友好的名称将其导出,如下所示

vi ~/.bash_profile

,然后向其中添加以下行文件并保存。

function listening_on() {
    lsof -nP -i4TCP:"$1" | grep LISTEN
}

现在,您可以在终端中输入 listening_on 80 并查看哪个进程正在侦听端口 80

On the latest macOS version you can use this command:

lsof -nP -i4TCP:$PORT | grep LISTEN

If you find it hard to remember then maybe you should create a bash function and export it with a friendlier name like so

vi ~/.bash_profile

and then add the following lines to that file and save it.

function listening_on() {
    lsof -nP -i4TCP:"$1" | grep LISTEN
}

Now you can type listening_on 80 in your Terminal and see which process is listening on port 80.

回复 原文
风吹过旳痕迹 2024-10-14 02:17:39

我想分享这个命令,它运行良好并打印标题,以便您知道哪一列是哪一列:

lsof -iTCP:8080 -sTCP:LISTEN -P -n

示例输出:
输入图像描述这里

I wanted to share this command which works well and prints the headers so you know which column is which:

lsof -iTCP:8080 -sTCP:LISTEN -P -n

Example Output:
enter image description here

回复 原文
离笑几人歌 2024-10-14 02:17:39

在 Snow Leopard (OS X 10.6.8) 上,运行“man lsof”会产生:(

lsof -i 4 -a

实际手动输入是“lsof -i 4 -a -p 1234”)

前面的答案在 Snow Leopard 上不起作用,但我正在尝试使用“netstat -nlp”,直到我在 pts 的答案中看到“lsof”的使用。

On Snow Leopard (OS X 10.6.8), running 'man lsof' yields:

lsof -i 4 -a

(actual manual entry is 'lsof -i 4 -a -p 1234')

The previous answers didn't work on Snow Leopard, but I was trying to use 'netstat -nlp' until I saw the use of 'lsof' in the answer by pts.

回复 原文
单挑你×的.吻 2024-10-14 02:17:39

我是一个 Linux 人。在 Linux 中,使用 netstat -ltpn 或这些字母的任意组合非常容易。但在 Mac OS X 中 netstat -an | grep LISTEN 是最人性化的。其他的则非常丑陋,并且在故障排除时很难记住。

I am a Linux guy. In Linux it is extremely easy with netstat -ltpn or any combination of those letters. But in Mac OS X netstat -an | grep LISTEN is the most humane. Others are very ugly and very difficult to remember when troubleshooting.

回复 原文
逆光下的微笑 2024-10-14 02:17:39
lsof -n -i | awk '{ print $1,$9; }' | sort -u

这显示谁在做什么。删除 -n 以查看主机名(有点慢)。

lsof -n -i | awk '{ print $1,$9; }' | sort -u

This displays who's doing what. Remove -n to see hostnames (a bit slower).

回复 原文
夜访吸血鬼 2024-10-14 02:17:39

签出此项目/工具: procs

在 MacO 上安装:brew install procs

这允许您可以使用 procs 控制显示内容。

要查看 TCP/UDP 端口,请在安装该工具后将以下内容添加到 ~/.procs.toml 中。

[[columns]]
kind = "TcpPort"
style = "BrightYellow|Yellow"
numeric_search = true
nonnumeric_search = false
align = "Left"

[[columns]]
kind = "UdpPort"
style = "BrightGreen|Green"
numeric_search = false
nonnumeric_search = true
align = "Left"

以下是示例输出:

在此处输入图像描述

checkout this project/tool: procs

install on MacOs: brew install procs

This allows you control what to display with procs.

To see TCP/UDP Ports, add below to ~/.procs.toml after installing the tool.

[[columns]]
kind = "TcpPort"
style = "BrightYellow|Yellow"
numeric_search = true
nonnumeric_search = false
align = "Left"

[[columns]]
kind = "UdpPort"
style = "BrightGreen|Green"
numeric_search = false
nonnumeric_search = true
align = "Left"

Here is a sample output:

enter image description here

回复 原文
清秋悲枫 2024-10-14 02:17:39

这做到了我所需要的。

ps -eaf | grep `lsof -t -i:$PORT`

This did what I needed.

ps -eaf | grep `lsof -t -i:$PORT`
回复 原文
一笔一画续写前缘 2024-10-14 02:17:39

我制作了一个小脚本,不仅可以查看谁在哪里收听,还可以显示已建立的联系以及与哪些国家/地区的联系。适用于 OSX Siera

#!/bin/bash
printf "\nchecking established connections\n\n"
for i in $(sudo lsof -i -n -P | grep TCP | grep ESTABLISHED | grep -v IPv6 | 
grep -v 127.0.0.1 | cut -d ">" -f2 | cut -d " " -f1 | cut -d ":" -f1); do
    printf "$i : " & curl freegeoip.net/xml/$i -s -S | grep CountryName | 
cut -d ">" -f2 | cut -d"<" -f1
done

printf "\ndisplaying listening ports\n\n"

sudo lsof -i -n -P | grep TCP | grep LISTEN | cut -d " " -f 1,32-35

#EOF

Sample output
checking established connections

107.178.244.155 : United States
17.188.136.186 : United States
17.252.76.19 : United States
17.252.76.19 : United States
17.188.136.186 : United States
5.45.62.118 : Netherlands
40.101.42.66 : Ireland
151.101.1.69 : United States
173.194.69.188 : United States
104.25.170.11 : United States
5.45.62.49 : Netherlands
198.252.206.25 : United States
151.101.1.69 : United States
34.198.53.220 : United States
198.252.206.25 : United States
151.101.129.69 : United States
91.225.248.133 : Ireland
216.58.212.234 : United States

displaying listening ports

mysqld TCP *:3306 (LISTEN)
com.avast TCP 127.0.0.1:12080 (LISTEN)
com.avast TCP [::1]:12080 (LISTEN)
com.avast TCP 127.0.0.1:12110 (LISTEN)
com.avast TCP [::1]:12110 (LISTEN)
com.avast TCP 127.0.0.1:12143 (LISTEN)
com.avast TCP [::1]:12143 (LISTEN)
com.avast TCP 127.0.0.1:12995 (LISTEN)
com.avast [::1]:12995 (LISTEN)
com.avast 127.0.0.1:12993 (LISTEN)
com.avast [::1]:12993 (LISTEN)
Google TCP 127.0.0.1:34013 (LISTEN)

这可能有助于检查您是否连接到朝鲜! ;-)

I made a small script to see not only who is listening where but also to display established connections and to which countries. Works on OSX Siera

#!/bin/bash
printf "\nchecking established connections\n\n"
for i in $(sudo lsof -i -n -P | grep TCP | grep ESTABLISHED | grep -v IPv6 | 
grep -v 127.0.0.1 | cut -d ">" -f2 | cut -d " " -f1 | cut -d ":" -f1); do
    printf "$i : " & curl freegeoip.net/xml/$i -s -S | grep CountryName | 
cut -d ">" -f2 | cut -d"<" -f1
done

printf "\ndisplaying listening ports\n\n"

sudo lsof -i -n -P | grep TCP | grep LISTEN | cut -d " " -f 1,32-35

#EOF

Sample output
checking established connections

107.178.244.155 : United States
17.188.136.186 : United States
17.252.76.19 : United States
17.252.76.19 : United States
17.188.136.186 : United States
5.45.62.118 : Netherlands
40.101.42.66 : Ireland
151.101.1.69 : United States
173.194.69.188 : United States
104.25.170.11 : United States
5.45.62.49 : Netherlands
198.252.206.25 : United States
151.101.1.69 : United States
34.198.53.220 : United States
198.252.206.25 : United States
151.101.129.69 : United States
91.225.248.133 : Ireland
216.58.212.234 : United States

displaying listening ports

mysqld TCP *:3306 (LISTEN)
com.avast TCP 127.0.0.1:12080 (LISTEN)
com.avast TCP [::1]:12080 (LISTEN)
com.avast TCP 127.0.0.1:12110 (LISTEN)
com.avast TCP [::1]:12110 (LISTEN)
com.avast TCP 127.0.0.1:12143 (LISTEN)
com.avast TCP [::1]:12143 (LISTEN)
com.avast TCP 127.0.0.1:12995 (LISTEN)
com.avast [::1]:12995 (LISTEN)
com.avast 127.0.0.1:12993 (LISTEN)
com.avast [::1]:12993 (LISTEN)
Google TCP 127.0.0.1:34013 (LISTEN)

This may be useful to check if you are connected to north-korea! ;-)

回复 原文
琉璃梦幻 2024-10-14 02:17:39

这是 macOS High Sierra 上的好方法:

netstat -an |grep -i listen

This is a good way on macOS High Sierra:

netstat -an |grep -i listen
回复 原文
守护在此方 2024-10-14 02:17:39

受到用户 Brent Self 的启发:

lsof -i 4 -a | grep 听

Inspired by user Brent Self:

lsof -i 4 -a | grep LISTEN

回复 原文
我们只是彼此的过ke 2024-10-14 02:17:39

对于 macOS,我同时使用两个命令来显示有关在计算机上侦听的进程和连接到远程服务器的进程的信息。换句话说,要检查主机上的侦听端口和当前(TCP)连接,您可以一起使用以下两个命令

1. netstat -p tcp -p udp 

2. lsof -n -i4TCP -i4UDP

我想添加我的输入,希望它最终可以帮助某人。

For macOS I use two commands together to show information about the processes listening on the machine and process connecting to remote servers. In other words, to check the listening ports and the current (TCP) connections on a host you could use the two following commands together

1. netstat -p tcp -p udp 

2. lsof -n -i4TCP -i4UDP

Thought I would add my input, hopefully it can end up helping someone.

回复 原文
独夜无伴 2024-10-14 02:17:39

只是对Michał Kalinowski的回答稍有改进(我没有足够的声誉在那里发表评论):如果你是尝试查找侦听编号为 255 及以下的端口的进程时,grep 命令可能会打印与 IP 地址相关的行,但这些行与所需的结果不符。对于任意编号的端口,grep 命令也可能错误地匹配设备的 MAC 地址或 PID。为了改进这一点,我建议将命令更改为 grep --color ":$1 "

Just a slight improvement on Michał Kalinowski's answer (I don't have enough reputation to leave a comment there): if you are trying to find the process listening on a port numbered 255 and below, the grep command might print lines related to the IP address, and which do not correspond to the desired result. For a port with any number, the grep command might also erroneously match the device's MAC address or PID. To improve on this, I suggest changing the command to grep --color ":$1 "

回复 原文
~没有更多了~

关于作者

羁绊已千年

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

1CH1MKgiKxn9p

文章 0 评论 0

ゞ记忆︶ㄣ

文章 0 评论 0

JackDx

文章 0 评论 0

信远

文章 0 评论 0

yaoduoduo1995

文章 0 评论 0

霞映澄塘

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文