Soalris10: how_to_determine_which_processes using ports

cat proc2port.sh
#!/bin/ksh
#Use At Your Own Risk
#aak
#Beta proc2port.sh v0.01

ps -ef | awk ‘{print $2,$9}’ | while read a b
do
port=`pfiles $a | grep -i port | wc -l`
if [ “$port” -gt 0  ]
then
echo “$a has opened ports:-($b)”
pfiles $a | grep -i port
else
echo  “$a —> $b:NONE”
fi
done

Sample OUTPUT:

./proc2port.sh
pfiles: cannot examine PID: no such process
PID —> :NONE
0 —> sched:NONE
1 —> /sbin/init:NONE
2 —> pageout:NONE
3 —> fsflush:NONE
20908 has opened ports:-(/usr/lib/sendmail)
sockname: AF_INET 127.0.0.1  port: 25
sockname: AF_INET 0.0.0.0  port: 587
7 has opened ports:-(/lib/svc/bin/svc.startd)
5: S_IFPORT mode:0000 dev:357,0 uid:0 gid:0 size:0
9 —> /lib/svc/bin/svc.configd:NONE
390 has opened ports:-(/usr/lib/nfs/statd)
sockname: AF_INET 0.0.0.0  port: 0
279 —> /usr/sbin/cron:NONE
115 —> /usr/sbin/ipmon:NONE
171 —> /usr/lib/crypto/kcfd:NONE
28904 —> /sbin/sh:NONE
384 —> /usr/sbin/rpcbind:NONE
413 —> /usr/lib/saf/sac:NONE
129 —> /usr/lib/sysevent/syseventd:NONE
391 —> /usr/lib/nfs/nfsmapid:NONE
389 —> /usr/lib/nfs/nfs4cbd:NONE
435 —> /usr/lib/utmpd:NONE
169 —> /usr/lib/picl/picld:NONE
141 —> /usr/sbin/nscd:NONE

Reference: https://blogs.oracle.com/kanmaz/entry/how_to_determine_which_processes

Advertisements

excellent tcpdump command to find network details for interface and their VLAN details

tcpdump -nn -v -i eth2 -s 1500 -c 1 ‘ether[20:2]==0x2000’ 2>/dev/null|egrep “port-ID|Address|Devices-ID|VLAN”

This command will be very useful when you trouble shoot network interface, especially when you requested new network patching for a particular vlan network