AIX: is it somehow possible to get a ForeignAddress/PID pair like we are able to get in Linux with netstat?

Question

In Linux (RHEL), we are able to get a ForeignAddress/PID pair with "netstat -ntp" command:

[root@rhel ~]# netstat -ntp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name

tcp        0      0 10.30.39.13:139             10.30.36.190:22239          ESTABLISHED 15255/smbd
tcp        0      0 ::ffff:10.30.39.13:22       ::ffff:10.30.34.64:2523     ESTABLISHED 27970/sshd: james [pri   
tcp        0    148 ::ffff:10.30.39.13:22       ::ffff:10.30.34.64:2518     ESTABLISHED 27937/3

For example, for the user james above, we have 10.30.34.64:2523 & 27970.

Is it somehow possible to get the same information (ForeignAddress/PID) in AIX 5.3?

score 3 · Answer 1 · answered Aug 03 '12 at 18:01

If you have the AIX toolboox for linux apps, you could use lsof it should help, something like:

host:/:$ lsof -i :22 

sshd     1953   root    3u  IPv4 300864051      0t0  TCP *:ssh (LISTEN)
sshd     1953   root    4u  IPv6 300864053      0t0  TCP *:ssh (LISTEN)
sshd    19753   root    3u  IPv4 366276287      0t0  TCP XXX.XXX.XXX.XXX:ssh->XXX.XXX.XXX.XXX:54371 (ESTABLISHED)
sshd    19755 user    3u  IPv4 366276287      0t0  TCP XXX.XXX.XXX.XXX:ssh->XXX.XXX.XXX.XXX:54371 (ESTABLISHED)

host:/:$

This way you'l see who's listening at port 22 and who's connected to it.

Using AIX's native tools I think it's bit trickier and imo less helpful than lsof:

# netstat -Aan |grep <port_to_match>
<hex_number> tcp        0      0  *.XXX            *.*                LISTEN

# rmsock <hex_number> tcpcb
The socket <hex_number> is being held by proccess XXX (process_name).


# ps -ef |grep XXX
    user  XXX  YYY   0   Aug 03      -   /your/process

Hope it's of any help.

AIX: is it somehow possible to get a ForeignAddress/PID pair like we are able to get in Linux with netstat?

1 Answers1