Platform: Red-Hat 7
I hope you can help me with this. I've been told that one proxy server we are using is going to be decommissioned in the following days. I've tried to use netstat in order to identify which application/os process is actually using it. But I can get the information I need
[root@hcbae2p01ora005 ~]# netstat -nap | grep :8080
tcp 0 0 180.210.107.196:19990 98.158.252.164:8080 TIME_WAIT -
tcp 0 0 180.210.107.196:19994 98.158.252.164:8080 TIME_WAIT -
From the command above, I can see that some processes are trying to communicate with the old proxy ( 98.158.252.164 ). Now I need to know which application/process is trying to connect to that proxy ?
What option should I use in netstat to get that information ?
If I use netstat -nlp I am not able to get a relationship between the process and the destination IP of the proxy
[root@hcbae2p01ora005 ~]# netstat -nap | grep :8080
tcp 0 0 180.210.107.196:20352 98.158.252.164:8080 TIME_WAIT -
tcp 0 0 180.210.107.196:20354 98.158.252.164:8080 TIME_WAIT -
[root@hcbae2p01ora005 ~]# netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 12769/sshd
tcp 0 0 127.0.0.1:26583 0.0.0.0:* LISTEN 2586/mdsd
tcp 0 0 0.0.0.0:7066 0.0.0.0:* LISTEN 12679/p_ctmag
tcp 0 0 127.0.0.1:46301 0.0.0.0:* LISTEN 12789/p_ctmat
tcp 0 0 127.0.0.1:2016 0.0.0.0:* LISTEN 4984/oraagent.bin
tcp 0 0 127.0.0.1:29218 0.0.0.0:* LISTEN 12486/java
Can anyone help me ? Thanks
Update
The flag -l does not help me in this case
[root@hcbae2p01ora005 ~]# while true ; do
> var=$(netstat -nap | grep :8080 | wc -l);
> if [ $var -gt 0 ] ; then netstat -nap | grep :8080; netstat -l; fi;
> sleep 4;
done
tcp 0 0 180.210.107.196:24046 98.158.252.164:8080 TIME_WAIT -
tcp 0 0 180.210.107.196:24034 98.158.252.164:8080 TIME_WAIT -
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost:26583 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:7066 0.0.0.0:* LISTEN
tcp 0 0 localhost:46301 0.0.0.0:* LISTEN
tcp 0 0 localhost:bootserver 0.0.0.0:* LISTEN
tcp 0 0 localhost:29218 0.0.0.0:* LISTEN
tcp 0 0 localhost:37258 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25324 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN
tcp 0 0 hcbae2p01ora00:ncube-lm 0.0.0.0:* LISTEN
tcp 0 0 hcbae2p01ora005:livelan 0.0.0.0:* LISTEN
tcp6 0 0 localhost:bootserver [::]:* LISTEN
tcp6 0 0 [::]:oem-agent [::]:* LISTEN
tcp6 0 0 [::]:19206 [::]:* LISTEN
tcp6 0 0 [::]:sunrpc [::]:* LISTEN
udp 0 0 0.0.0.0:48561 0.0.0.0:*
udp 0 0 0.0.0.0:52760 0.0.0.0:*
udp 0 0 0.0.0.0:55610 0.0.0.0:*
udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
udp 0 0 0.0.0.0:sunrpc 0.0.0.0:*
udp 0 0 localhost:323 0.0.0.0:*
udp 0 0 0.0.0.0:rlzdbase 0.0.0.0:*
udp 0 0 0.0.0.0:10874 0.0.0.0:*
udp 0 0 0.0.0.0:12325 0.0.0.0:*
udp 0 0 0.0.0.0:13694 0.0.0.0:*
udp 0 0 0.0.0.0:15890 0.0.0.0:*
udp 0 0 0.0.0.0:16467 0.0.0.0:*
udp 0 0 0.0.0.0:17659 0.0.0.0:*
udp 0 0 0.0.0.0:22691 0.0.0.0:*
udp 0 0 0.0.0.0:23727 0.0.0.0:*
udp 0 0 localhost:25224 0.0.0.0:*
udp 262912 0 localhost:25229 0.0.0.0:*
udp 0 0 0.0.0.0:31064 0.0.0.0:*
udp6 0 0 localhost:32577 [::]:*
udp6 0 0 localhost:43769 [::]:*
udp6 0 0 localhost:51276 [::]:*
udp6 0 0 localhost:52160 [::]:*
udp6 0 0 localhost:53492 [::]:*
udp6 0 0 [::]:sunrpc [::]:*
udp6 0 0 localhost:323 [::]:*
udp6 0 0 [::]:rlzdbase [::]:*
udp6 0 0 [::]:oem-agent [::]:*
udp6 0 0 localhost:14971 [::]:*
udp6 0 0 localhost:30392 [::]:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 37072 /etc/opt/omi/conf/sockets/omi_UujxgW0gO
unix 2 [ ACC ] STREAM LISTENING 39101 /var/lib/sss/pipes/pam
unix 2 [ ACC ] STREAM LISTENING 36952 /var/lib/sss/pipes/nss
unix 2 [ ACC ] STREAM LISTENING 16056 /var/lib/sss/pipes/ssh
unix 2 [ ACC ] STREAM LISTENING 44128 /var/lib/sss/pipes/autofs
unix 2 [ ACC ] STREAM LISTENING 10264 /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 21157 /var/uuidd/request
unix 2 [ ACC ] STREAM LISTENING 10832 @CAgentStream_CloudAgentInfo_config_default_fluent.socket
unix 2 [ ACC ] SEQPACKET LISTENING 16437 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 10833 @CAgentStream_CloudAgentInfo_MaExtensionDiagnostics_default_fluent.socket
unix 2 [ ACC ] STREAM LISTENING 49262 /var/tmp/.oracle/sprocr_local_conn_0_PROL
unix 2 [ ACC ] STREAM LISTENING 10820 /var/run/mdsd/default_bond.socket
unix 2 [ ACC ] STREAM LISTENING 36933 /var/run/lsm/ipc/simc
unix 2 [ ACC ] STREAM LISTENING 10822 /var/run/mdsd/default_djson.socket
unix 2 [ ACC ] STREAM LISTENING 36935 /var/run/lsm/ipc/sim
unix 2 [ ACC ] STREAM LISTENING 10824 /var/run/mdsd/default_json.socket
unix 2 [ ACC ] STREAM LISTENING 25164 /var/tmp/.oracle/ora_gipc_hcbae2p01ora005_INIT
unix 2 [ ACC ] STREAM LISTENING 26009 /var/tmp/.oracle/ora_gipc_scls_opct_hcbae2p01ora005
unix 2 [ ACC ] STREAM LISTENING 10828 /var/run/mdsd/default_fluent.socket
unix 2 [ ACC ] STREAM LISTENING 43924 /var/tmp/.oracle/sOHASD_IPC_SOCKET_11
unix 2 [ ACC ] STREAM LISTENING 10830 /var/run/mdsd/default_influx.socket
unix 2 [ ACC ] STREAM LISTENING 18290 /var/tmp/.oracle/sOHASD_UI_SOCKET
unix 2 [ ACC ] STREAM LISTENING 18292 /var/tmp/.oracle/sCRSD_UI_SOCKET
unix 2 [ ACC ] STREAM LISTENING 62638 /var/tmp/.oracle/s#5029.1
unix 2 [ ACC ] STREAM LISTENING 62641 /var/tmp/.oracle/s#5029.2
unix 2 [ ACC ] STREAM LISTENING 42088 /var/opt/omi/run/omiserver.sock
unix 2 [ ACC ] STREAM LISTENING 19805 /var/lib/sss/pipes/private/sbus-monitor
unix 2 [ ACC ] STREAM LISTENING 43508 /var/lib/sss/pipes/private/sbus-dp_HCB.HCBE.CORP.1387
unix 2 [ ACC ] STREAM LISTENING 20616 /run/lvm/lvmpolld.socket
unix 2 [ ACC ] STREAM LISTENING 16526 /run/lvm/lvmetad.socket
unix 2 [ ACC ] STREAM LISTENING 39102 /var/lib/sss/pipes/private/pam
unix 2 [ ACC ] STREAM LISTENING 39065 /run/gssproxy.sock
unix 2 [ ACC ] STREAM LISTENING 69597 /var/tmp/.oracle/ora_gipc_css_ctrllcl_CSSD_BCCM
unix 2 [ ACC ] STREAM LISTENING 21154 /run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 48846 /var/tmp/.oracle/ora_gipc_hcbae2p01ora005_EVMD
unix 2 [ ACC ] STREAM LISTENING 61616 /var/tmp/.oracle/sAevm
unix 2 [ ACC ] STREAM LISTENING 21158 /var/run/rpcbind.sock
unix 2 [ ACC ] STREAM LISTENING 61620 /var/tmp/.oracle/sSYSTEM.evm.acceptor.auth
unix 2 [ ACC ] STREAM LISTENING 39098 /var/run/NetworkManager/private-dhcp
unix 2 [ ACC ] STREAM LISTENING 33979 /var/run/abrt/abrt.socket
unix 2 [ ACC ] STREAM LISTENING 50333 /var/tmp/.oracle/ora_gipc_agent_ag_CSSDAG_z
unix 2 [ ACC ] STREAM LISTENING 50335 /var/tmp/.oracle/ora_gipc_monitor_ag_CSSDAG_z
unix 2 [ ACC ] STREAM LISTENING 39064 /var/lib/gssproxy/default.sock
unix 2 [ ACC ] STREAM LISTENING 54945 /var/tmp/.oracle/sOracle_CSS_LclLstnr_localhost_1
unix 2 [ ACC ] STREAM LISTENING 54947 /var/tmp/.oracle/sOCSSD_LL_hcbae2p01ora005_localhost
unix 2 [ ACC ] STREAM LISTENING 10834 @CAgentStream_CloudAgentInfo_HealthExtension_default_fluent.socket
unix 2 [ ACC ] STREAM LISTENING 72063 /var/tmp/.oracle/ora_gipc_hcbae2p01ora005_CSSD
unix 2 [ ACC ] STREAM LISTENING 72076 /var/tmp/.oracle/sOCSSD_LL_hcbae2p01ora005_
unix 2 [ ACC ] STREAM LISTENING 8413 /run/systemd/journal/stdout
Update with lsof
[root@hcbae2p01ora005 ~]# netstat -nap | grep :8080
tcp 0 0 180.210.107.196:11548 98.158.252.164:8080 TIME_WAIT -
tcp 0 0 180.210.107.196:11512 98.158.252.164:8080 TIME_WAIT -
[root@hcbae2p01ora005 ~]# lsof -i | grep :8080
[root@hcbae2p01ora005 ~]#
