20090225

port to pid / pid to port mapper

Finally, I've developed the mutual pid/port mapper.

Here it is. Feel free to use.

#!/bin/bash
#
# The mutual pid/port mapper
# - Marcin Wisnios [marcin AT wisnios.com]
#
case "$1" in
'')
echo "Usage: $0 PORT | -p PID | -n NAME | -a (ALL)"
exit 1
;;
'-p')
# pid search
P_ID=$2
;;
'-n')
# name search
P_ID=`pgrep $2`
;;
'-a')
# list all
P_ID=`ps -e -o pid,comm | sed '/PID/d; /ps/d; /sed/d; /bash/d; s/\([0-9]\{1,5\}\).*/\1/p;d'`
;;
*)
# port search
P_ID=`ps -e -o pid,comm | sed '/PID/d; /ps/d; /sed/d; /bash/d; s/\([0-9]\{1,5\}\).*/\1/p;d'`
PORT=$1
;;
esac

for P in $P_ID; do

N=`ps -o comm -p $P | sed '/COMMAND/d'`
N=`basename $N`

pfiles $P | sed 's/.*sockname:\ AF_INET[6]\{0,1\} \(.*\)\ \ port:\ \(.*\)/\1:\2/p;d' | while read L; do
if [ -z $PORT ]; then
echo "$L $P/$N"
else
echo "$L $P/$N" | sed "/:$PORT/p;d"
fi
done

done


Examples of use:

book [/home/wisnios]# ./ppm.sh 22
:::22 6963/sshd
::ffff:208.64.63.178:22 13491/sshd
::ffff:208.64.63.178:22 13507/sshd

book [/home/wisnios]# ./ppm.sh -n ns-slapd
:::389 7128/ns-slapd
:::636 7128/ns-slapd

book [/home/wisnios]# ./ppm.sh -p 20623
0.0.0.0:80 20623/cherokee-worker

3 comments:

wojcim said...

pfiles does not work with rpc processes ex. /usr/sbin/rpcbind (port 111)

witch makes connection through tcp driver directly (i thing)

in pfiles there are lines:

6: S_IFCHR mode:0000 dev:343,0 ino:920 uid:0 gid:0 rdev:42,24

7: S_IFCHR mode:0000 dev:343,0 ino:919 uid:0 gid:0 rdev:42,23

from name_to_major you can see:

tcp 42

Can anyone know a way to see ports binded by such process?

Website design nyc said...

u r blog Is very nice

Marcin Wiśnios said...

wojcim: it could be done with lsof, for ex.:
lsof -nP -p PID