Read this tutorial if you're interested in Mac:Īnd if you're on Windows use TaskManager to kill processes, and services UI to shutdown services. Unfortunately, Mac is different from Linux/Unix in this respect. If you use kill on a service it might not properly start back up because you didn't shut it down properly. Using the service command runs the shutdown script registered in the init.d directory. Kill literally kills just that process and any children it owns. If you are shutting down a service it's better to use: service sendmail stop Now we can shutdown that process by doing: kill 1879 Where -a prints all sockets, -n shows the port number, -p shows the PID, -l shows only what's listening (this is optional depending on what you're after). Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name That will print something like: Active Internet connections (servers and established) So to find out the process ID (PID) for Unix/Linux. Sockets are owned by the process that opened them. You can't close sockets without shutting down the process that owns those sockets. The wording of the question is a bit off because a port number for the undesired inbound client connection is given and it was referred to as "port" but it's pretty clear that it was a reference to that one socket and not the listening port. I believe the question is "how do I selectively close one active connection (socket) to the port my program is listening on?". Note that it is probably not easily possible to cause a program to not listen on a port (well, it is possible but that capability is referred to as a firewall.), but I don't think that was being asked here. To do this you must run it as administrator, of course. There is at least one program ( CurrPorts) that does exactly this and I used it today for the purpose of closing specific sockets on a process that was started before CurrPorts was started. So all you really need is either for Windows to provide an API that allows this directly, or for someone to have written a program that operates somewhat like a VPN or Fiddler and gives you a way to close sockets that pass through it. Consider for a moment that the remote machine, the network card, the network cable, and your OS can all cause the socket to close.Ĭonsider also that Fiddler and Desktop VPN software can insert themselves into the network stack and show you all your traffic or reroute all your traffic. You don't have to be the current process owning the socket to close it. Killing the process that owns the connection is really a bad idea here because this would take down the server (all users would lose functionality when we just want to selectively and temporally drop this one connection). Normally, I would add a firewall to do the job, but this would take some time, and I was in an emergency situation. this user is doing bad things, we asked them to stop but the connection didn't get dropped somewhere along the way). Then, I discover that this connection is undesired (e.g. A client makes a connection and port 56789 is allocated for it. I want to close/kill them.ĮDIT, for clarification: Let's say that my server listens TCP port 80. I don't want answers on how to monitor them (I already do this). But the answers looked like a manual page of netstat or netsh commands focusing on how to monitor the ports. Googling about this, I saw some people asking the same thing. For example, 80/tcp means that my web program is listening on the port 80.Does somebody knows how to close a TCP or UDP socket for a single connection via windows command line? Why do all of ports are opened for UDP? Is it safe? If it's not safe, why doesn't the firewall close them?įor me, "port is open" means that some program or the system is listening on it. To my surprise, it seems that all of ports are opened because I get the result as below:Ĭonnection to a.a.a.a port 1 succeeded!Ĭonnection to a.a.a.a port 2 succeeded!Ĭonnection to a.a.a.a port 3 succeeded!Ĭonnection to a.a.a.a port 4 succeeded!Ĭonnection to a.a.a.a port 5 succeeded! Then I use another Linux PC and use nc to scan ports of the server (saying that the ip of the server is a.a.a.a):Īfter that, I use nc to scan ports using UDP: Today I want to check the status of all ports of the server.įirst I execute the command: firewall-cmd -zone=public -list-ports and I get this:ġ10/tcp 443/tcp 80/tcp 995/tcp 143/tcp 3306/tcp 993/tcpĪll of ports above are opened by me so everything's fine. I'm a developer working on a CentOS7 server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |