9

I've written a program that is suppose to implement SLP (rfc2608) and I'm having trouble testing it. I'm not sure if the port is closed or there is something out there dropping my multicast datagrams. Is there a command I can run from a redhat terminal to tell me if a port is open on that box?

I've seen some posts on simply telneting to the port, etc..., but that only works for TCP ports, right? I've also read that there are sites that can test this sort of thing from the outside. But I really don't want to do that since I'm not interested in a full port scan, the box is on a private network, and even if it wasn't, I don't want it to look like a security incident is going on. I simply want to query and see if port 427 is open.

Jason Thompson
  • 413
  • 2
  • 6
  • 16

6 Answers6

7

Hmm. Multicast, so telnet isn't going to work.

You can run tcpdump, I think, to see if traffic is getting to your server. Run something like this on your server:

tcpdump -i eth0 port 427 and see if anything shows up.

If nothing does, there's some sort of block elsewhere.

Check your local firewall with something like iptables -L -n to make sure the INPUT chain permits your traffic.

To further diagnose, you may need to start running traceroutes from your laptop, specifying the protocol and port (otherwise, it'll default to ICMP).

cjc
  • 24,916
  • 3
  • 51
  • 70
  • I like the idea of using trace route. Unfortunately, trace route for windows isn't as functional as I need it to be. The iptables command helped quite a bit. If I'm reading it right, it looks like I'm not running a firewall on this box, so something is happening on one of the routers or the TTL is too short. – Jason Thompson Apr 10 '12 at 14:57
4

Hmm, netstat -anp | grep 427 would do the trick. Maybe lsof -i | grep 427 as well.

To check from an outside linux host, you can use nmap. Perhaps nmap -sT -p 427 or nmap -sU -p 427 (for UDP).

ewwhite
  • 197,159
  • 92
  • 443
  • 809
1

netstat locally and nmap on a remote host.

I often use

netstat -plunt

and

netstat -ant

to get a picture of what is going on.

ptman
  • 28,394
  • 2
  • 30
  • 45
  • 1
    netstat seems to show me what ports are listening and what connections are established, but how do I know if a port is actually open? When I run my application, I see that it's listening, I just can't communicate with it from my laptop to the server (about 4 hops). I'm interested in what the cause of this lack of communication is. Is the port blocked or are my datagrams being dropped? – Jason Thompson Apr 10 '12 at 14:27
1

I am guessing that by port open you mean it's not blocked by the firewall. In that case you can run the following command on the host machine (incase of redhat/centos 7):

firewall-cmd --list-ports | grep -w <Port No.>

In case of redhat6/centos6 , you can execute

iptables --list-rule | grep -w <Port No.>

I hope this helps..

Vatsal Prakash
  • 111
  • 4
1

The best way from my experienced is using nmap

nmap 10.0.0.1 -Pn -p 427

Obviously replace 10.0.0.1 with public IP if testing from another machine or with 127.0.0.1 if testing on that specific box.

will output something like this:

PORT    STATE    SERVICE
427/tcp filtered https

Nmap done: 1 IP address (1 host up) scanned in 2.14 seconds

Options above mean:

-Pn: Treat all hosts as online -- skip host discover

and 

-p <port ranges>: Only scan specified ports
               Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9

If you don't have already nmap:

yum install nmap

And since in this case is filtered, a way to see if it's filtered on the box where the service should be, is to try to check from 2 different computers.

or running nmap on that box

nmap 127.0.0.1 -Pn -p 427

you can add --reason to see reason why is filtered

nmap 10.0.0.1 -Pn -p 427 --reason
Eduard Florinescu
  • 851
  • 5
  • 24
  • 39
-3

When a port is in the listening state, it means that it is ready and waiting for a connection to be established.

Your application has to be making use of the port at that particular point in time before the port can then be in the connection 'ESTABLISHED' state

To sum it up, the port being in the listening state is a good\positive result.

I hope this helps you understand better..

slickfiz
  • 1